diff options
Diffstat (limited to 'program/steps')
-rw-r--r-- | program/steps/mail/compose.inc | 22 | ||||
-rw-r--r-- | program/steps/mail/func.inc | 6 | ||||
-rw-r--r-- | program/steps/mail/getunread.inc | 4 | ||||
-rw-r--r-- | program/steps/mail/move_del.inc | 2 | ||||
-rw-r--r-- | program/steps/mail/upload.inc | 6 | ||||
-rw-r--r-- | program/steps/settings/manage_folders.inc | 4 |
6 files changed, 32 insertions, 12 deletions
diff --git a/program/steps/mail/compose.inc b/program/steps/mail/compose.inc index ba80a54f1..6d4cf9a61 100644 --- a/program/steps/mail/compose.inc +++ b/program/steps/mail/compose.inc @@ -32,6 +32,20 @@ $DRAFT_MESSAGE = NULL; if (!is_array($_SESSION['compose'])) $_SESSION['compose'] = array('id' => uniqid(rand())); +// remove an attachment +if ($_action=='remove-attachment' && !empty($_GET['_filename'])) + { + if (is_array($_SESSION['compose']['attachments'])) + foreach ($_SESSION['compose']['attachments'] as $i => $attachment) + if ($attachment['name'] == $_GET['_filename']) + { + @unlink($attachment['path']); + unset($_SESSION['compose']['attachments'][$i]); + $commands = sprintf("parent.%s.remove_from_attachment_list('%s');\n", $JS_OBJECT_NAME, $_GET['_filename']); + rcube_remote_response($commands); + exit; + } + } // add some labels to client rcube_add_label('nosubject', 'norecipientwarning', 'nosubjectwarning', 'nobodywarning', 'notsentwarning', 'savingmessage', 'savingmessage', 'messagesaved'); @@ -611,8 +625,13 @@ function rcmail_compose_attachment_list($attrib) if (is_array($_SESSION['compose']['attachments'])) { + if ($attrib['deleteicon']) + $button = sprintf('<img src="%s%s" alt="%s" border="0" / style="padding-right:2px;vertical-align:middle">', $CONFIG['skin_path'], $attrib['deleteicon'], rcube_label('delete')); + else + $button = rcube_label('delete'); + foreach ($_SESSION['compose']['attachments'] as $i => $a_prop) - $out .= sprintf("<li>%s</li>\n", $a_prop['name']); + $out .= sprintf('<li id="%s"><a href="#" onclick="%s.command(\'remove-attachment\',\'%s\')" title="%s">%s</a>%s</li>', $a_prop['name'], $JS_OBJECT_NAME, $a_prop['name'], rcube_label('deletefolder'), $button, $a_prop['name']); } $OUTPUT->add_script(sprintf("%s.gui_object('attachmentlist', '%s');", $JS_OBJECT_NAME, $attrib['id'])); @@ -663,7 +682,6 @@ function rcmail_compose_attachment_field($attrib) return $out; } - function rcmail_priority_selector($attrib) { list($form_start, $form_end) = get_form_tags($attrib); diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc index eac4e3747..7e2b3b28d 100644 --- a/program/steps/mail/func.inc +++ b/program/steps/mail/func.inc @@ -220,13 +220,13 @@ function rcmail_render_folder_tree_html(&$arrFolders, &$special, &$mbox_name, $m $class_name, $zebra_class, $unread_count ? ' unread' : '', - $folder['id']==$mbox_name ? ' selected' : '', + addslashes($folder['id'])==addslashes($mbox_name) ? ' selected' : '', $COMM_PATH, urlencode($folder['id']), $JS_OBJECT_NAME, - $folder['id'], + addslashes($folder['id']), $JS_OBJECT_NAME, - $folder['id'], + addslashes($folder['id']), $title, rep_specialchars_output($foldername, 'html', 'all')); diff --git a/program/steps/mail/getunread.inc b/program/steps/mail/getunread.inc index 437e3aa00..ed4a5fb77 100644 --- a/program/steps/mail/getunread.inc +++ b/program/steps/mail/getunread.inc @@ -27,10 +27,10 @@ if (!empty($a_folders)) { foreach ($a_folders as $mbox_row) { - $commands = sprintf("this.set_unread_count('%s', %d);\n", $mbox_row, $IMAP->messagecount($mbox_row, 'UNSEEN')); + $commands = sprintf("this.set_unread_count('%s', %d);\n", addslashes($mbox_row), $IMAP->messagecount($mbox_row, 'UNSEEN')); rcube_remote_response($commands, TRUE); } } exit; -?>
\ No newline at end of file +?> diff --git a/program/steps/mail/move_del.inc b/program/steps/mail/move_del.inc index e4da207f4..116332a64 100644 --- a/program/steps/mail/move_del.inc +++ b/program/steps/mail/move_del.inc @@ -88,4 +88,4 @@ if ($_GET['_from']!='show' && $pages>1 && $IMAP->list_page < $pages) rcube_remote_response($commands); exit; -?>
\ No newline at end of file +?> diff --git a/program/steps/mail/upload.inc b/program/steps/mail/upload.inc index 4cd929d0d..7fe7d3dcc 100644 --- a/program/steps/mail/upload.inc +++ b/program/steps/mail/upload.inc @@ -45,7 +45,9 @@ foreach ($_FILES['_attachments']['tmp_name'] as $i => $filepath) 'mimetype' => $_FILES['_attachments']['type'][$i], 'path' => $tmpfname); - $response .= sprintf("parent.%s.add2attachment_list('%s');\n", $JS_OBJECT_NAME, $_FILES['_attachments']['name'][$i]); + $button = sprintf('<img src="%s/images/icons/remove-attachment.png" alt="%s" border="0" style="padding-right:2px;vertical-align:middle">', $CONFIG['skin_path'], rcube_label('delete')); + $content = sprintf('<a href="#" onclick="%s.command(\\\'remove-attachment\\\',\\\'%s\\\')" title="%s">%s</a>%s',$JS_OBJECT_NAME, $_FILES['_attachments']['name'][$i], rcube_label('deletefolder'), $button, $_FILES['_attachments']['name'][$i]); + $response .= sprintf('parent.%s.add2attachment_list(\'%s\',\'%s\');',$JS_OBJECT_NAME, $_FILES['_attachments']['name'][$i], $content); } } @@ -64,4 +66,4 @@ parent.$JS_OBJECT_NAME.show_attachment_form(false); EOF; exit; -?>
\ No newline at end of file +?> diff --git a/program/steps/settings/manage_folders.inc b/program/steps/settings/manage_folders.inc index dd321f0d8..7274bdc50 100644 --- a/program/steps/settings/manage_folders.inc +++ b/program/steps/settings/manage_folders.inc @@ -71,8 +71,8 @@ else if ($_action=='rename-folder') if ($rename && $REMOTE_REQUEST) { - $commands = sprintf("this.add_folder_row('%s');", rep_specialchars_output($rename, 'js')); - $commands .= sprintf("this.remove_folder_row('%s')", rep_specialchars_output($_GET['_folder_oldname'], 'js')); + $commands = sprintf("this.add_folder_row('%s');\n", addslashes(rep_specialchars_output($rename, 'js'))); + $commands .= sprintf("this.remove_folder_row('%s');", rep_specialchars_output($_GET['_folder_oldname'], 'js')); rcube_remote_response($commands); } else if (!$rename && $REMOTE_REQUEST) |