diff options
author | thomascube <thomas@roundcube.net> | 2007-05-18 11:29:25 +0000 |
---|---|---|
committer | thomascube <thomas@roundcube.net> | 2007-05-18 11:29:25 +0000 |
commit | 8d07583f3920f27186ccc16ea1ecb49104f1e32d (patch) | |
tree | d78dc7781c357e9323313585c1cb20104a3a61ee /program/steps | |
parent | 3c3b3517c1d806c1602d09b216348954f17a8750 (diff) |
Use HTTP-POST requests for actions that change application state
Diffstat (limited to 'program/steps')
-rw-r--r-- | program/steps/addressbook/delete.inc | 2 | ||||
-rw-r--r-- | program/steps/mail/compose.inc | 2 | ||||
-rw-r--r-- | program/steps/mail/folders.inc | 12 | ||||
-rw-r--r-- | program/steps/mail/func.inc | 4 | ||||
-rw-r--r-- | program/steps/mail/list.inc | 2 | ||||
-rw-r--r-- | program/steps/mail/mark.inc | 2 | ||||
-rw-r--r-- | program/steps/mail/move_del.inc | 16 | ||||
-rw-r--r-- | program/steps/settings/manage_folders.inc | 16 |
8 files changed, 28 insertions, 28 deletions
diff --git a/program/steps/addressbook/delete.inc b/program/steps/addressbook/delete.inc index e5c762844..f91b9ac42 100644 --- a/program/steps/addressbook/delete.inc +++ b/program/steps/addressbook/delete.inc @@ -19,7 +19,7 @@ */ -if (($cid = get_input_value('_cid', RCUBE_INPUT_GPC)) && preg_match('/^[0-9]+(,[0-9]+)*$/', $cid)) +if (($cid = get_input_value('_cid', RCUBE_INPUT_POST)) && preg_match('/^[0-9]+(,[0-9]+)*$/', $cid)) { $deleted = $CONTACTS->delete($cid); if (!$deleted) diff --git a/program/steps/mail/compose.inc b/program/steps/mail/compose.inc index 4e73b4ba1..a956ecffc 100644 --- a/program/steps/mail/compose.inc +++ b/program/steps/mail/compose.inc @@ -29,7 +29,7 @@ define('RCUBE_COMPOSE_DRAFT', 0x0108); // remove an attachment -if ($_action=='remove-attachment' && preg_match('/^rcmfile([0-9]+)$/', $_GET['_file'], $regs)) +if ($_action=='remove-attachment' && preg_match('/^rcmfile([0-9]+)$/', $_POST['_file'], $regs)) { $id = $regs[1]; if (is_array($_SESSION['compose']['attachments'][$id])) diff --git a/program/steps/mail/folders.inc b/program/steps/mail/folders.inc index a97057e2c..1df51cd02 100644 --- a/program/steps/mail/folders.inc +++ b/program/steps/mail/folders.inc @@ -21,12 +21,12 @@ $mbox_name = $IMAP->get_mailbox_name(); // send EXPUNGE command -if ($_action=='expunge') +if ($_action=='expunge' && ($mbox = get_input_value('_mbox', RCUBE_INPUT_POST))) { - $success = $IMAP->expunge(get_input_value('_mbox', RCUBE_INPUT_GET)); + $success = $IMAP->expunge($mbox); // reload message list if current mailbox - if ($success && !empty($_GET['_reload'])) + if ($success && !empty($_REQUEST['_reload'])) { $OUTPUT->command('message_list.clear'); $_action = 'list'; @@ -37,11 +37,11 @@ if ($_action=='expunge') } // clear mailbox -else if ($_action=='purge') +else if ($_action=='purge' && ($mbox = get_input_value('_mbox', RCUBE_INPUT_POST))) { - $success = $IMAP->clear_mailbox(get_input_value('_mbox', RCUBE_INPUT_GET)); + $success = $IMAP->clear_mailbox($mbox); - if ($success && !empty($_GET['_reload'])) + if ($success && !empty($_REQUEST['_reload'])) { $OUTPUT->set_env('messagecount', 0); $OUTPUT->set_env('pagecount', 0); diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc index 991c3c168..3fa089037 100644 --- a/program/steps/mail/func.inc +++ b/program/steps/mail/func.inc @@ -52,8 +52,8 @@ if (!isset($_SESSION['sort_order'])) $_SESSION['sort_order'] = $CONFIG['message_sort_order']; // set message set for search result -if (!empty($_GET['_search']) && isset($_SESSION['search'][$_GET['_search']])) - $IMAP->set_search_set($_SESSION['search'][$_GET['_search']]); +if (!empty($_REQUEST['_search']) && isset($_SESSION['search'][$_REQUEST['_search']])) + $IMAP->set_search_set($_SESSION['search'][$_REQUEST['_search']]); // define url for getting message parts diff --git a/program/steps/mail/list.inc b/program/steps/mail/list.inc index 162624c36..a246254d1 100644 --- a/program/steps/mail/list.inc +++ b/program/steps/mail/list.inc @@ -42,7 +42,7 @@ else if ($count = $IMAP->messagecount()) $a_headers = $IMAP->list_headers($mbox_name, NULL, $sort_col, $sort_order); -$unseen = $IMAP->messagecount($mbox_name, 'UNSEEN', !empty($_GET['_refresh']) ? TRUE : FALSE); +$unseen = $IMAP->messagecount($mbox_name, 'UNSEEN', !empty($_REQUEST['_refresh']) ? TRUE : FALSE); // update message count display $pages = ceil($count/$IMAP->page_size); diff --git a/program/steps/mail/mark.inc b/program/steps/mail/mark.inc index 0dd781e08..74510abe9 100644 --- a/program/steps/mail/mark.inc +++ b/program/steps/mail/mark.inc @@ -24,7 +24,7 @@ $a_flags_map = array( 'read' => 'SEEN', 'unread' => 'UNSEEN'); -if (($uids = get_input_value('_uid', RCUBE_INPUT_GET)) && ($flag = get_input_value('_flag', RCUBE_INPUT_GET))) +if (($uids = get_input_value('_uid', RCUBE_INPUT_POST)) && ($flag = get_input_value('_flag', RCUBE_INPUT_POST))) { $flag = $a_flags_map[$flag] ? $a_flags_map[$flag] : strtoupper($flag); $marked = $IMAP->set_flag($uids, $flag); diff --git a/program/steps/mail/move_del.inc b/program/steps/mail/move_del.inc index fb8a0af4c..acdbf6000 100644 --- a/program/steps/mail/move_del.inc +++ b/program/steps/mail/move_del.inc @@ -20,11 +20,11 @@ */ // move messages -if ($_action=='moveto' && !empty($_GET['_uid']) && !empty($_GET['_target_mbox'])) +if ($_action=='moveto' && !empty($_POST['_uid']) && !empty($_POST['_target_mbox'])) { - $count = sizeof(explode(',', ($uids = get_input_value('_uid', RCUBE_INPUT_GET)))); - $target = get_input_value('_target_mbox', RCUBE_INPUT_GET); - $moved = $IMAP->move_message($uids, $target, get_input_value('_mbox', RCUBE_INPUT_GET)); + $count = sizeof(explode(',', ($uids = get_input_value('_uid', RCUBE_INPUT_POST)))); + $target = get_input_value('_target_mbox', RCUBE_INPUT_POST); + $moved = $IMAP->move_message($uids, $target, get_input_value('_mbox', RCUBE_INPUT_POST)); if (!$moved) { @@ -37,10 +37,10 @@ if ($_action=='moveto' && !empty($_GET['_uid']) && !empty($_GET['_target_mbox']) } // delete messages -else if ($_action=='delete' && !empty($_GET['_uid'])) +else if ($_action=='delete' && !empty($_POST['_uid'])) { - $count = sizeof(explode(',', ($uids = get_input_value('_uid', RCUBE_INPUT_GET)))); - $del = $IMAP->delete_message($uids, get_input_value('_mbox', RCUBE_INPUT_GET)); + $count = sizeof(explode(',', ($uids = get_input_value('_uid', RCUBE_INPUT_POST)))); + $del = $IMAP->delete_message($uids, get_input_value('_mbox', RCUBE_INPUT_POST)); if (!$del) { @@ -78,7 +78,7 @@ if ($_action=='moveto' && $target) $OUTPUT->command('set_quota', $IMAP->get_quota()); // add new rows from next page (if any) -if ($_GET['_from']!='show' && $pages>1 && $IMAP->list_page < $pages) +if ($_POST['_from']!='show' && $pages>1 && $IMAP->list_page < $pages) { $sort_col = isset($_SESSION['sort_col']) ? $_SESSION['sort_col'] : $CONFIG['message_sort_col']; $sort_order = isset($_SESSION['sort_order']) ? $_SESSION['sort_order'] : $CONFIG['message_sort_order']; diff --git a/program/steps/settings/manage_folders.inc b/program/steps/settings/manage_folders.inc index 7499fe3d4..150b7cd72 100644 --- a/program/steps/settings/manage_folders.inc +++ b/program/steps/settings/manage_folders.inc @@ -26,7 +26,7 @@ rcmail_imap_init(TRUE); // subscribe to one or more mailboxes if ($_action=='subscribe') { - if ($mboxes = get_input_value('_mboxes', RCUBE_INPUT_GET)) + if ($mboxes = get_input_value('_mboxes', RCUBE_INPUT_POST)) $IMAP->subscribe(array($mboxes)); if ($OUTPUT->ajax_call) @@ -36,7 +36,7 @@ if ($_action=='subscribe') // unsubscribe one or more mailboxes else if ($_action=='unsubscribe') { - if ($mboxes = get_input_value('_mboxes', RCUBE_INPUT_GET)) + if ($mboxes = get_input_value('_mboxes', RCUBE_INPUT_POST)) $IMAP->unsubscribe(array($mboxes)); if ($OUTPUT->ajax_call) @@ -46,8 +46,8 @@ else if ($_action=='unsubscribe') // create a new mailbox else if ($_action=='create-folder') { - if (!empty($_GET['_name'])) - $create = $IMAP->create_mailbox(trim(get_input_value('_name', RCUBE_INPUT_GET, FALSE, 'UTF-7')), TRUE); + if (!empty($_POST['_name'])) + $create = $IMAP->create_mailbox(trim(get_input_value('_name', RCUBE_INPUT_POST, FALSE, 'UTF-7')), TRUE); if ($create && $OUTPUT->ajax_call) { @@ -66,8 +66,8 @@ else if ($_action=='create-folder') // rename a mailbox else if ($_action=='rename-folder') { - if (!empty($_GET['_folder_oldname']) && !empty($_GET['_folder_newname'])) - $rename = $IMAP->rename_mailbox(($oldname = get_input_value('_folder_oldname', RCUBE_INPUT_GET)), trim(get_input_value('_folder_newname', RCUBE_INPUT_GET, FALSE, 'UTF-7'))); + if (!empty($_POST['_folder_oldname']) && !empty($_POST['_folder_newname'])) + $rename = $IMAP->rename_mailbox(($oldname = get_input_value('_folder_oldname', RCUBE_INPUT_POST)), trim(get_input_value('_folder_newname', RCUBE_INPUT_POST, FALSE, 'UTF-7'))); if ($rename && $OUTPUT->ajax_call) { @@ -88,12 +88,12 @@ else if ($_action=='rename-folder') // delete an existing IMAP mailbox else if ($_action=='delete-folder') { - if ($mboxes = get_input_value('_mboxes', RCUBE_INPUT_GET)) + if ($mboxes = get_input_value('_mboxes', RCUBE_INPUT_POST)) $deleted = $IMAP->delete_mailbox(array($mboxes)); if ($OUTPUT->ajax_call && $deleted) { - $OUTPUT->command('remove_folder_row', get_input_value('_mboxes', RCUBE_INPUT_GET)); + $OUTPUT->command('remove_folder_row', get_input_value('_mboxes', RCUBE_INPUT_POST)); $OUTPUT->show_message('folderdeleted', 'confirmation'); $OUTPUT->send(); } |