diff options
| author | thomascube <thomas@roundcube.net> | 2007-02-16 19:35:03 +0000 |
|---|---|---|
| committer | thomascube <thomas@roundcube.net> | 2007-02-16 19:35:03 +0000 |
| commit | b3ce7915610a6d272cc38ecd2a8b61e04ee4aeae (patch) | |
| tree | 19456d201c65ccd4a305817a9ffbd0f477f11d49 /program/steps/mail/show.inc | |
| parent | 1012ea3946d7fb9c2b8d9598704d6ba64e8db218 (diff) | |
Better input checking on GET and POST vars
Diffstat (limited to 'program/steps/mail/show.inc')
| -rw-r--r-- | program/steps/mail/show.inc | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/program/steps/mail/show.inc b/program/steps/mail/show.inc index b1fa7cfb7..841a41b36 100644 --- a/program/steps/mail/show.inc +++ b/program/steps/mail/show.inc @@ -64,7 +64,7 @@ if ($_GET['_uid']) // mark message as read if (!$MESSAGE['headers']->seen && $_action != 'preview') - $IMAP->set_flag($_GET['_uid'], 'SEEN'); + $IMAP->set_flag($MESSAGE['UID'], 'SEEN'); // give message uid to the client $javascript = sprintf("%s.set_env('uid', '%s');\n", $JS_OBJECT_NAME, $MESSAGE['UID']); |