Rmoeve register_long_arrays from php.ini and from php code the use of HTTP_*_VARS as its deprecated and luckily low use in pfSense to win memory and compativility

4 files changed, 12 insertions, 6 deletions

diff --git a/usr/local/www/exec.php b/usr/local/www/exec.php
index eda1321..2b84d74 100755
--- a/usr/local/www/exec.php
+++ b/usr/local/www/exec.php
@@ -83,7 +83,7 @@ function puts( $arg ) { echo "$arg\n"; }
 // "Constants".
 
 $Version    = '';
-$ScriptName = $HTTP_SERVER_VARS['SCRIPT_NAME'];
+$ScriptName = $REQUEST['SCRIPT_NAME'];
 
 // Get year.
 
diff --git a/usr/local/www/guiconfig.inc b/usr/local/www/guiconfig.inc
index 3579767..d5a9cf7 100755
--- a/usr/local/www/guiconfig.inc
+++ b/usr/local/www/guiconfig.inc
@@ -911,7 +911,6 @@ function echo_array($array,$return_me=false){
  *   null
  ******/
 function display_top_tabs(& $tab_array, $no_drop_down = false) {
-	global $HTTP_SERVER_VARS;
 	global $config;
 	global $g;
 	global $tab_array_indent;
diff --git a/usr/local/www/headjs.php b/usr/local/www/headjs.php
index bfea6e9..0ee1cb4 100644
--- a/usr/local/www/headjs.php
+++ b/usr/local/www/headjs.php
@@ -37,7 +37,7 @@
 require_once("guiconfig.inc");
 
 function getHeadJS() {
-  global $_SERVER, $HTTP_SERVER_VARS, $g, $use_loader_tab_gif;
+  global $g, $use_loader_tab_gif;
 
   if(!$use_loader_tab_gif)
     $loader_gif = "/themes/{$g['theme']}/images/misc/loader.gif";
diff --git a/usr/local/www/system_usermanager_passwordmg.php b/usr/local/www/system_usermanager_passwordmg.php
index 10ff645..a35a8a47 100644
--- a/usr/local/www/system_usermanager_passwordmg.php
+++ b/usr/local/www/system_usermanager_passwordmg.php
@@ -54,9 +54,12 @@ if (isset($_POST['save'])) {
 		$input_errors[] = gettext("The passwords do not match.");
 
 	if (!$input_errors) {
+		if (!session_id())
+			session_start();
 		// all values are okay --> saving changes
-		$config['system']['user'][$userindex[$HTTP_SERVER_VARS['AUTH_USER']]]['password'] = crypt(trim($_POST['passwordfld1']));
-		local_user_set($config['system']['user'][$userindex[$HTTP_SERVER_VARS['AUTH_USER']]]);
+		$config['system']['user'][$userindex[$_SESSION['Username']]]['password'] = crypt(trim($_POST['passwordfld1']));
+		local_user_set($config['system']['user'][$userindex[$_SESSION['Username']]]);
+		session_commit();
 
 		write_config();
 
@@ -101,7 +104,11 @@ if ($islocal == false) {
                 <form action="system_usermanager_passwordmg.php" method="post" name="iform" id="iform">
                         <table width="100%" border="0" cellpadding="6" cellspacing="0" summary="main area">
                                 <tr>
-                                        <td colspan="2" valign="top" class="listtopic"><?=$HTTP_SERVER_VARS['AUTH_USER']?>'s <?=gettext("Password"); ?></td>
+<?php if (!session_id())
+		session_start();
+?>
+                                        <td colspan="2" valign="top" class="listtopic"><?=$_SESSION['Username']?>'s <?=gettext("Password"); ?></td>
+<?php session_commit(); ?>
                                 </tr>
                                 <tr>
                                         <td width="22%" valign="top" class="vncell" rowspan="2"><?=gettext("Password"); ?></td>