summaryrefslogtreecommitdiff
path: root/program/steps/addressbook
diff options
context:
space:
mode:
Diffstat (limited to 'program/steps/addressbook')
-rw-r--r--program/steps/addressbook/copy.inc2
-rw-r--r--program/steps/addressbook/delete.inc8
-rw-r--r--program/steps/addressbook/mailto.inc2
3 files changed, 5 insertions, 7 deletions
diff --git a/program/steps/addressbook/copy.inc b/program/steps/addressbook/copy.inc
index 80dee49c3..525f9278a 100644
--- a/program/steps/addressbook/copy.inc
+++ b/program/steps/addressbook/copy.inc
@@ -27,7 +27,7 @@ $cid = get_input_value('_cid', RCUBE_INPUT_POST);
$target = get_input_value('_to', RCUBE_INPUT_POST);
$target_group = get_input_value('_togid', RCUBE_INPUT_POST);
-if ($cid && preg_match('/^[a-z0-9\-_=]+(,[a-z0-9\-_=]+)*$/i', $cid) && strlen($target) && $target !== $source)
+if ($cid && preg_match('/^[a-zA-Z0-9\+\/=_-]+(,[a-zA-Z0-9\+\/=_-]+)*$/', $cid) && strlen($target) && $target !== $source)
{
$success = 0;
$TARGET = $RCMAIL->get_address_book($target);
diff --git a/program/steps/addressbook/delete.inc b/program/steps/addressbook/delete.inc
index 1611ae1a1..da83757a8 100644
--- a/program/steps/addressbook/delete.inc
+++ b/program/steps/addressbook/delete.inc
@@ -21,12 +21,10 @@
if ($OUTPUT->ajax_call &&
($cid = get_input_value('_cid', RCUBE_INPUT_POST)) &&
- (preg_match('/^[0-9]+(,[0-9]+)*$/', $cid) ||
- preg_match('/^[a-zA-Z0-9=]+(,[a-zA-Z0-9=]+)*$/', $cid))
- )
- {
+ preg_match('/^[a-zA-Z0-9\+\/=_-]+(,[a-zA-Z0-9\+\/=_-]+)*$/', $cid)
+) {
$plugin = $RCMAIL->plugins->exec_hook('delete_contact', array('id' => $cid, 'source' => get_input_value('_source', RCUBE_INPUT_GPC)));
-
+
$deleted = !$plugin['abort'] ? $CONTACTS->delete($cid) : false;
if (!$deleted)
{
diff --git a/program/steps/addressbook/mailto.inc b/program/steps/addressbook/mailto.inc
index 6813958f2..002c4e801 100644
--- a/program/steps/addressbook/mailto.inc
+++ b/program/steps/addressbook/mailto.inc
@@ -23,7 +23,7 @@ $cid = get_input_value('_cid', RCUBE_INPUT_GET);
$recipients = null;
$mailto = array();
-if ($cid && preg_match('/^[a-z0-9\-\+\/_=]+(,[a-z0-9\-\+\/_=]+)*$/i', $cid) && $CONTACTS->ready)
+if ($cid && preg_match('/^[a-z0-9\+\/=_-]+(,[a-z0-9\+\/=_-]+)*$/i', $cid) && $CONTACTS->ready)
{
$CONTACTS->set_page(1);
$CONTACTS->set_pagesize(100);