diff options
Diffstat (limited to 'program/steps/addressbook')
-rw-r--r-- | program/steps/addressbook/copy.inc | 4 | ||||
-rw-r--r-- | program/steps/addressbook/delete.inc | 5 |
2 files changed, 7 insertions, 2 deletions
diff --git a/program/steps/addressbook/copy.inc b/program/steps/addressbook/copy.inc index 75190a611..a27b67b09 100644 --- a/program/steps/addressbook/copy.inc +++ b/program/steps/addressbook/copy.inc @@ -19,6 +19,10 @@ */ +// only process ajax requests +if (!$OUTPUT->ajax_call) + return; + $cid = get_input_value('_cid', RCUBE_INPUT_POST); $target = get_input_value('_to', RCUBE_INPUT_POST); if ($cid && preg_match('/^[a-z0-9\-_=]+(,[a-z0-9\-_=]+)*$/i', $cid) && strlen($target) && $target != $source) diff --git a/program/steps/addressbook/delete.inc b/program/steps/addressbook/delete.inc index 6ab9cc3df..1611ae1a1 100644 --- a/program/steps/addressbook/delete.inc +++ b/program/steps/addressbook/delete.inc @@ -5,7 +5,7 @@ | program/steps/addressbook/delete.inc | | | | This file is part of the RoundCube Webmail client | - | Copyright (C) 2005-2007, RoundCube Dev. - Switzerland | + | Copyright (C) 2005-2009, RoundCube Dev. - Switzerland | | Licensed under the GNU GPL | | | | PURPOSE: | @@ -19,7 +19,8 @@ */ -if (($cid = get_input_value('_cid', RCUBE_INPUT_POST)) && +if ($OUTPUT->ajax_call && + ($cid = get_input_value('_cid', RCUBE_INPUT_POST)) && (preg_match('/^[0-9]+(,[0-9]+)*$/', $cid) || preg_match('/^[a-zA-Z0-9=]+(,[a-zA-Z0-9=]+)*$/', $cid)) ) |