summaryrefslogtreecommitdiff
path: root/program/steps
diff options
context:
space:
mode:
Diffstat (limited to 'program/steps')
-rw-r--r--program/steps/mail/copy.inc4
-rw-r--r--program/steps/mail/folders.inc14
-rw-r--r--program/steps/mail/func.inc2
-rw-r--r--program/steps/mail/move_del.inc6
-rw-r--r--program/steps/settings/manage_folders.inc31
5 files changed, 29 insertions, 28 deletions
diff --git a/program/steps/mail/copy.inc b/program/steps/mail/copy.inc
index 82a1ed4a7..4cd51d816 100644
--- a/program/steps/mail/copy.inc
+++ b/program/steps/mail/copy.inc
@@ -26,8 +26,8 @@ if (!$OUTPUT->ajax_call)
// move messages
if (!empty($_POST['_uid']) && !empty($_POST['_target_mbox'])) {
$uids = get_input_value('_uid', RCUBE_INPUT_POST);
- $target = get_input_value('_target_mbox', RCUBE_INPUT_POST);
- $mbox = get_input_value('_mbox', RCUBE_INPUT_POST);
+ $target = get_input_value('_target_mbox', RCUBE_INPUT_POST, true);
+ $mbox = get_input_value('_mbox', RCUBE_INPUT_POST, true);
$copied = $IMAP->copy_message($uids, $target, $mbox);
diff --git a/program/steps/mail/folders.inc b/program/steps/mail/folders.inc
index 95d138c97..26f464b0c 100644
--- a/program/steps/mail/folders.inc
+++ b/program/steps/mail/folders.inc
@@ -22,14 +22,14 @@
if (!$OUTPUT->ajax_call)
return;
-$mbox_name = $IMAP->get_mailbox_name();
+$mbox = get_input_value('_mbox', RCUBE_INPUT_POST, true);
// send EXPUNGE command
-if ($RCMAIL->action=='expunge' && ($mbox = get_input_value('_mbox', RCUBE_INPUT_POST)))
+if ($RCMAIL->action=='expunge')
{
$success = $IMAP->expunge($mbox);
- // reload message list if current mailbox
+ // reload message list if current mailbox
if ($success && !empty($_REQUEST['_reload']))
{
$OUTPUT->command('set_quota', rcmail_quota_content());
@@ -42,11 +42,11 @@ if ($RCMAIL->action=='expunge' && ($mbox = get_input_value('_mbox', RCUBE_INPUT_
}
// clear mailbox
-else if ($RCMAIL->action=='purge' && ($mbox = get_input_value('_mbox', RCUBE_INPUT_POST)))
+else if ($RCMAIL->action=='purge')
{
$delimiter = $IMAP->get_hierarchy_delimiter();
$trash_regexp = '/^' . preg_quote($CONFIG['trash_mbox'] . $delimiter, '/') . '/';
- $junk_regexp = '/^' . preg_quote($CONFIG['junk_mbox'] . $delimiter, '/') . '/';
+ $junk_regexp = '/^' . preg_quote($CONFIG['junk_mbox'] . $delimiter, '/') . '/';
// we should only be purging trash and junk (or their subfolders)
if ($mbox == $CONFIG['trash_mbox'] || $mbox == $CONFIG['junk_mbox']
@@ -60,9 +60,9 @@ else if ($RCMAIL->action=='purge' && ($mbox = get_input_value('_mbox', RCUBE_INP
$OUTPUT->set_env('pagecount', 0);
$OUTPUT->command('message_list.clear');
$OUTPUT->command('set_rowcount', rcmail_get_messagecount_text());
- $OUTPUT->command('set_unread_count', $mbox_name, 0);
+ $OUTPUT->command('set_unread_count', $mbox, 0);
$OUTPUT->command('set_quota', rcmail_quota_content());
- $_SESSION['unseen_count'][$mbox_name] = 0;
+ $_SESSION['unseen_count'][$mbox] = 0;
}
else
$commands = "// purged: $success";
diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc
index be5c26142..747dce529 100644
--- a/program/steps/mail/func.inc
+++ b/program/steps/mail/func.inc
@@ -46,7 +46,7 @@ if (!in_array($RCMAIL->action, $NOIMAP_ACTIONS) && !$RCMAIL->imap_connect()) {
}
// set imap properties and session vars
-if (strlen(trim($mbox = get_input_value('_mbox', RCUBE_INPUT_GPC))))
+if (strlen(trim($mbox = get_input_value('_mbox', RCUBE_INPUT_GPC, true))))
$IMAP->set_mailbox(($_SESSION['mbox'] = $mbox));
else if ($IMAP)
$_SESSION['mbox'] = $IMAP->get_mailbox_name();
diff --git a/program/steps/mail/move_del.inc b/program/steps/mail/move_del.inc
index e64c32742..3940b6db9 100644
--- a/program/steps/mail/move_del.inc
+++ b/program/steps/mail/move_del.inc
@@ -30,8 +30,8 @@ $old_pages = ceil($old_count / $IMAP->page_size);
// move messages
if ($RCMAIL->action=='moveto' && !empty($_POST['_uid']) && strlen($_POST['_target_mbox'])) {
$count = sizeof(explode(',', ($uids = get_input_value('_uid', RCUBE_INPUT_POST))));
- $target = get_input_value('_target_mbox', RCUBE_INPUT_POST);
- $mbox = get_input_value('_mbox', RCUBE_INPUT_POST);
+ $target = get_input_value('_target_mbox', RCUBE_INPUT_POST, true);
+ $mbox = get_input_value('_mbox', RCUBE_INPUT_POST, true);
$moved = $IMAP->move_message($uids, $target, $mbox);
@@ -52,7 +52,7 @@ if ($RCMAIL->action=='moveto' && !empty($_POST['_uid']) && strlen($_POST['_targe
// delete messages
else if ($RCMAIL->action=='delete' && !empty($_POST['_uid'])) {
$count = sizeof(explode(',', ($uids = get_input_value('_uid', RCUBE_INPUT_POST))));
- $mbox = get_input_value('_mbox', RCUBE_INPUT_POST);
+ $mbox = get_input_value('_mbox', RCUBE_INPUT_POST, true);
$del = $IMAP->delete_message($uids, $mbox);
diff --git a/program/steps/settings/manage_folders.inc b/program/steps/settings/manage_folders.inc
index 299a7b219..3a5d909e4 100644
--- a/program/steps/settings/manage_folders.inc
+++ b/program/steps/settings/manage_folders.inc
@@ -27,7 +27,7 @@ $RCMAIL->imap_connect();
// subscribe to one or more mailboxes
if ($RCMAIL->action=='subscribe')
{
- $mbox = get_input_value('_mbox', RCUBE_INPUT_POST, false, 'UTF7-IMAP');
+ $mbox = get_input_value('_mbox', RCUBE_INPUT_POST, true, 'UTF7-IMAP');
if (strlen($mbox))
$IMAP->subscribe(array($mbox));
}
@@ -35,7 +35,7 @@ if ($RCMAIL->action=='subscribe')
// unsubscribe one or more mailboxes
else if ($RCMAIL->action=='unsubscribe')
{
- $mbox = get_input_value('_mbox', RCUBE_INPUT_POST, false, 'UTF7-IMAP');
+ $mbox = get_input_value('_mbox', RCUBE_INPUT_POST, true, 'UTF7-IMAP');
if (strlen($mbox))
$IMAP->unsubscribe(array($mbox));
}
@@ -43,7 +43,7 @@ else if ($RCMAIL->action=='unsubscribe')
// enable threading for one or more mailboxes
else if ($RCMAIL->action=='enable-threading')
{
- $mbox = get_input_value('_mbox', RCUBE_INPUT_POST, false, 'UTF7-IMAP');
+ $mbox = get_input_value('_mbox', RCUBE_INPUT_POST, true, 'UTF7-IMAP');
if (strlen($mbox))
rcube_set_threading($mbox, true);
}
@@ -51,7 +51,7 @@ else if ($RCMAIL->action=='enable-threading')
// enable threading for one or more mailboxes
else if ($RCMAIL->action=='disable-threading')
{
- $mbox = get_input_value('_mbox', RCUBE_INPUT_POST, false, 'UTF7-IMAP');
+ $mbox = get_input_value('_mbox', RCUBE_INPUT_POST, true, 'UTF7-IMAP');
if (strlen($mbox))
rcube_set_threading($mbox, false);
}
@@ -61,7 +61,7 @@ else if ($RCMAIL->action=='create-folder')
{
if (strlen(trim($_POST['_name'])))
{
- $name = trim(get_input_value('_name', RCUBE_INPUT_POST, FALSE, 'UTF7-IMAP'));
+ $name = trim(get_input_value('_name', RCUBE_INPUT_POST, true, 'UTF7-IMAP'));
$create = $IMAP->create_mailbox($name, TRUE);
}
@@ -71,10 +71,11 @@ else if ($RCMAIL->action=='create-folder')
$folderlist = $IMAP->list_unsubscribed();
$index = array_search($create, $folderlist);
$before = $index !== false && isset($folderlist[$index+1]) ? rcube_charset_convert($folderlist[$index+1], 'UTF7-IMAP') : false;
-
+
$create = rcube_charset_convert($create, 'UTF7-IMAP');
$foldersplit = explode($delimiter, $create);
- $display_create = str_repeat('    ', substr_count($create, $delimiter)) . $foldersplit[count($foldersplit)-1];
+ $display_create = str_repeat('    ', substr_count($create, $delimiter))
+ . Q($foldersplit[count($foldersplit)-1]);
$OUTPUT->command('add_folder_row', $create, $display_create, false, $before);
}
@@ -89,8 +90,8 @@ else if ($RCMAIL->action=='rename-folder')
{
if (strlen(trim($_POST['_folder_oldname'])) && strlen(trim($_POST['_folder_newname'])))
{
- $name_utf8 = trim(get_input_value('_folder_newname', RCUBE_INPUT_POST));
- $oldname_utf8 = get_input_value('_folder_oldname', RCUBE_INPUT_POST);
+ $name_utf8 = trim(get_input_value('_folder_newname', RCUBE_INPUT_POST, true));
+ $oldname_utf8 = get_input_value('_folder_oldname', RCUBE_INPUT_POST, true);
$name = rcube_charset_convert($name_utf8, RCMAIL_CHARSET, 'UTF7-IMAP');
$oldname = rcube_charset_convert($oldname_utf8, RCMAIL_CHARSET, 'UTF7-IMAP');
@@ -130,8 +131,8 @@ else if ($RCMAIL->action=='rename-folder')
$oldfolder = $oldname . $delimiter . preg_replace($regexp, '', $folderlist[$x]);
$foldersplit = explode($delimiter, $folderlist[$x]);
$level = count($foldersplit) - 1;
- $display_rename = str_repeat('    ', $level)
- . rcube_charset_convert($foldersplit[$level], 'UTF7-IMAP');
+ $display_rename = str_repeat('    ', $level)
+ . Q(rcube_charset_convert($foldersplit[$level], 'UTF7-IMAP'));
$before = isset($folderlist[$x+1]) ? rcube_charset_convert($folderlist[$x+1], 'UTF7-IMAP') : false;
@@ -142,7 +143,7 @@ else if ($RCMAIL->action=='rename-folder')
$foldersplit = explode($delimiter, $rename);
$level = count($foldersplit) - 1;
- $display_rename = str_repeat('    ', $level) . rcube_charset_convert($foldersplit[$level], 'UTF7-IMAP');
+ $display_rename = str_repeat('    ', $level) . Q(rcube_charset_convert($foldersplit[$level], 'UTF7-IMAP'));
$index = array_search($rename, $folderlist);
$before = $index !== false && isset($folderlist[$index+1]) ? rcube_charset_convert($folderlist[$index+1], 'UTF7-IMAP') : false;
@@ -164,7 +165,7 @@ else if ($RCMAIL->action=='delete-folder')
$a_mboxes = $IMAP->list_unsubscribed();
$delimiter = $IMAP->get_hierarchy_delimiter();
- $mboxes_utf8 = get_input_value('_mboxes', RCUBE_INPUT_POST);
+ $mboxes_utf8 = get_input_value('_mboxes', RCUBE_INPUT_POST, true);
$mboxes = rcube_charset_convert($mboxes_utf8, RCMAIL_CHARSET, 'UTF7-IMAP');
if (strlen($mboxes))
@@ -287,7 +288,7 @@ function rcube_subscription_form($attrib)
$threaded = $a_threaded[$folder['id']];
$protected = ($CONFIG['protect_default_folders'] == true && in_array($folder['id'], $CONFIG['default_imap_folders']));
$classes = array($i%2 ? 'even' : 'odd');
- $folder_js = JQ($folder['id']);
+ $folder_js = Q($folder['id']);
$display_folder = str_repeat('    ', $folder['level']) . Q($protected ? rcmail_localize_foldername($folder['id']) : $folder['name']);
$folder_utf8 = rcube_charset_convert($folder['id'], 'UTF7-IMAP');
@@ -321,7 +322,7 @@ function rcube_subscription_form($attrib)
$table->add('delete', ' ');
}
- $a_js_folders['rcmrow'.$idx] = array($folder_utf8, $display_folder, $protected || $folder['virtual']);
+ $a_js_folders['rcmrow'.$idx] = array($folder_utf8, Q($display_folder), $protected || $folder['virtual']);
}
rcmail::get_instance()->plugins->exec_hook('folders_list', array('table' => $table));