diff options
Diffstat (limited to 'program')
-rw-r--r-- | program/include/main.inc | 2 | ||||
-rw-r--r-- | program/steps/mail/copy.inc | 4 | ||||
-rw-r--r-- | program/steps/mail/folders.inc | 14 | ||||
-rw-r--r-- | program/steps/mail/func.inc | 2 | ||||
-rw-r--r-- | program/steps/mail/move_del.inc | 6 | ||||
-rw-r--r-- | program/steps/settings/manage_folders.inc | 31 |
6 files changed, 30 insertions, 29 deletions
diff --git a/program/include/main.inc b/program/include/main.inc index 5bbc421af..d2cac3227 100644 --- a/program/include/main.inc +++ b/program/include/main.inc @@ -539,7 +539,7 @@ function rep_specialchars_output($str, $enctype='', $mode='', $newlines=TRUE) { if (!$html_encode_arr) { - $html_encode_arr = get_html_translation_table(HTML_SPECIALCHARS); + $html_encode_arr = get_html_translation_table(HTML_SPECIALCHARS); unset($html_encode_arr['?']); } diff --git a/program/steps/mail/copy.inc b/program/steps/mail/copy.inc index 82a1ed4a7..4cd51d816 100644 --- a/program/steps/mail/copy.inc +++ b/program/steps/mail/copy.inc @@ -26,8 +26,8 @@ if (!$OUTPUT->ajax_call) // move messages if (!empty($_POST['_uid']) && !empty($_POST['_target_mbox'])) { $uids = get_input_value('_uid', RCUBE_INPUT_POST); - $target = get_input_value('_target_mbox', RCUBE_INPUT_POST); - $mbox = get_input_value('_mbox', RCUBE_INPUT_POST); + $target = get_input_value('_target_mbox', RCUBE_INPUT_POST, true); + $mbox = get_input_value('_mbox', RCUBE_INPUT_POST, true); $copied = $IMAP->copy_message($uids, $target, $mbox); diff --git a/program/steps/mail/folders.inc b/program/steps/mail/folders.inc index 95d138c97..26f464b0c 100644 --- a/program/steps/mail/folders.inc +++ b/program/steps/mail/folders.inc @@ -22,14 +22,14 @@ if (!$OUTPUT->ajax_call) return; -$mbox_name = $IMAP->get_mailbox_name(); +$mbox = get_input_value('_mbox', RCUBE_INPUT_POST, true); // send EXPUNGE command -if ($RCMAIL->action=='expunge' && ($mbox = get_input_value('_mbox', RCUBE_INPUT_POST))) +if ($RCMAIL->action=='expunge') { $success = $IMAP->expunge($mbox); - // reload message list if current mailbox + // reload message list if current mailbox if ($success && !empty($_REQUEST['_reload'])) { $OUTPUT->command('set_quota', rcmail_quota_content()); @@ -42,11 +42,11 @@ if ($RCMAIL->action=='expunge' && ($mbox = get_input_value('_mbox', RCUBE_INPUT_ } // clear mailbox -else if ($RCMAIL->action=='purge' && ($mbox = get_input_value('_mbox', RCUBE_INPUT_POST))) +else if ($RCMAIL->action=='purge') { $delimiter = $IMAP->get_hierarchy_delimiter(); $trash_regexp = '/^' . preg_quote($CONFIG['trash_mbox'] . $delimiter, '/') . '/'; - $junk_regexp = '/^' . preg_quote($CONFIG['junk_mbox'] . $delimiter, '/') . '/'; + $junk_regexp = '/^' . preg_quote($CONFIG['junk_mbox'] . $delimiter, '/') . '/'; // we should only be purging trash and junk (or their subfolders) if ($mbox == $CONFIG['trash_mbox'] || $mbox == $CONFIG['junk_mbox'] @@ -60,9 +60,9 @@ else if ($RCMAIL->action=='purge' && ($mbox = get_input_value('_mbox', RCUBE_INP $OUTPUT->set_env('pagecount', 0); $OUTPUT->command('message_list.clear'); $OUTPUT->command('set_rowcount', rcmail_get_messagecount_text()); - $OUTPUT->command('set_unread_count', $mbox_name, 0); + $OUTPUT->command('set_unread_count', $mbox, 0); $OUTPUT->command('set_quota', rcmail_quota_content()); - $_SESSION['unseen_count'][$mbox_name] = 0; + $_SESSION['unseen_count'][$mbox] = 0; } else $commands = "// purged: $success"; diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc index be5c26142..747dce529 100644 --- a/program/steps/mail/func.inc +++ b/program/steps/mail/func.inc @@ -46,7 +46,7 @@ if (!in_array($RCMAIL->action, $NOIMAP_ACTIONS) && !$RCMAIL->imap_connect()) { } // set imap properties and session vars -if (strlen(trim($mbox = get_input_value('_mbox', RCUBE_INPUT_GPC)))) +if (strlen(trim($mbox = get_input_value('_mbox', RCUBE_INPUT_GPC, true)))) $IMAP->set_mailbox(($_SESSION['mbox'] = $mbox)); else if ($IMAP) $_SESSION['mbox'] = $IMAP->get_mailbox_name(); diff --git a/program/steps/mail/move_del.inc b/program/steps/mail/move_del.inc index e64c32742..3940b6db9 100644 --- a/program/steps/mail/move_del.inc +++ b/program/steps/mail/move_del.inc @@ -30,8 +30,8 @@ $old_pages = ceil($old_count / $IMAP->page_size); // move messages if ($RCMAIL->action=='moveto' && !empty($_POST['_uid']) && strlen($_POST['_target_mbox'])) { $count = sizeof(explode(',', ($uids = get_input_value('_uid', RCUBE_INPUT_POST)))); - $target = get_input_value('_target_mbox', RCUBE_INPUT_POST); - $mbox = get_input_value('_mbox', RCUBE_INPUT_POST); + $target = get_input_value('_target_mbox', RCUBE_INPUT_POST, true); + $mbox = get_input_value('_mbox', RCUBE_INPUT_POST, true); $moved = $IMAP->move_message($uids, $target, $mbox); @@ -52,7 +52,7 @@ if ($RCMAIL->action=='moveto' && !empty($_POST['_uid']) && strlen($_POST['_targe // delete messages else if ($RCMAIL->action=='delete' && !empty($_POST['_uid'])) { $count = sizeof(explode(',', ($uids = get_input_value('_uid', RCUBE_INPUT_POST)))); - $mbox = get_input_value('_mbox', RCUBE_INPUT_POST); + $mbox = get_input_value('_mbox', RCUBE_INPUT_POST, true); $del = $IMAP->delete_message($uids, $mbox); diff --git a/program/steps/settings/manage_folders.inc b/program/steps/settings/manage_folders.inc index 299a7b219..3a5d909e4 100644 --- a/program/steps/settings/manage_folders.inc +++ b/program/steps/settings/manage_folders.inc @@ -27,7 +27,7 @@ $RCMAIL->imap_connect(); // subscribe to one or more mailboxes if ($RCMAIL->action=='subscribe') { - $mbox = get_input_value('_mbox', RCUBE_INPUT_POST, false, 'UTF7-IMAP'); + $mbox = get_input_value('_mbox', RCUBE_INPUT_POST, true, 'UTF7-IMAP'); if (strlen($mbox)) $IMAP->subscribe(array($mbox)); } @@ -35,7 +35,7 @@ if ($RCMAIL->action=='subscribe') // unsubscribe one or more mailboxes else if ($RCMAIL->action=='unsubscribe') { - $mbox = get_input_value('_mbox', RCUBE_INPUT_POST, false, 'UTF7-IMAP'); + $mbox = get_input_value('_mbox', RCUBE_INPUT_POST, true, 'UTF7-IMAP'); if (strlen($mbox)) $IMAP->unsubscribe(array($mbox)); } @@ -43,7 +43,7 @@ else if ($RCMAIL->action=='unsubscribe') // enable threading for one or more mailboxes else if ($RCMAIL->action=='enable-threading') { - $mbox = get_input_value('_mbox', RCUBE_INPUT_POST, false, 'UTF7-IMAP'); + $mbox = get_input_value('_mbox', RCUBE_INPUT_POST, true, 'UTF7-IMAP'); if (strlen($mbox)) rcube_set_threading($mbox, true); } @@ -51,7 +51,7 @@ else if ($RCMAIL->action=='enable-threading') // enable threading for one or more mailboxes else if ($RCMAIL->action=='disable-threading') { - $mbox = get_input_value('_mbox', RCUBE_INPUT_POST, false, 'UTF7-IMAP'); + $mbox = get_input_value('_mbox', RCUBE_INPUT_POST, true, 'UTF7-IMAP'); if (strlen($mbox)) rcube_set_threading($mbox, false); } @@ -61,7 +61,7 @@ else if ($RCMAIL->action=='create-folder') { if (strlen(trim($_POST['_name']))) { - $name = trim(get_input_value('_name', RCUBE_INPUT_POST, FALSE, 'UTF7-IMAP')); + $name = trim(get_input_value('_name', RCUBE_INPUT_POST, true, 'UTF7-IMAP')); $create = $IMAP->create_mailbox($name, TRUE); } @@ -71,10 +71,11 @@ else if ($RCMAIL->action=='create-folder') $folderlist = $IMAP->list_unsubscribed(); $index = array_search($create, $folderlist); $before = $index !== false && isset($folderlist[$index+1]) ? rcube_charset_convert($folderlist[$index+1], 'UTF7-IMAP') : false; - + $create = rcube_charset_convert($create, 'UTF7-IMAP'); $foldersplit = explode($delimiter, $create); - $display_create = str_repeat(' ', substr_count($create, $delimiter)) . $foldersplit[count($foldersplit)-1]; + $display_create = str_repeat(' ', substr_count($create, $delimiter)) + . Q($foldersplit[count($foldersplit)-1]); $OUTPUT->command('add_folder_row', $create, $display_create, false, $before); } @@ -89,8 +90,8 @@ else if ($RCMAIL->action=='rename-folder') { if (strlen(trim($_POST['_folder_oldname'])) && strlen(trim($_POST['_folder_newname']))) { - $name_utf8 = trim(get_input_value('_folder_newname', RCUBE_INPUT_POST)); - $oldname_utf8 = get_input_value('_folder_oldname', RCUBE_INPUT_POST); + $name_utf8 = trim(get_input_value('_folder_newname', RCUBE_INPUT_POST, true)); + $oldname_utf8 = get_input_value('_folder_oldname', RCUBE_INPUT_POST, true); $name = rcube_charset_convert($name_utf8, RCMAIL_CHARSET, 'UTF7-IMAP'); $oldname = rcube_charset_convert($oldname_utf8, RCMAIL_CHARSET, 'UTF7-IMAP'); @@ -130,8 +131,8 @@ else if ($RCMAIL->action=='rename-folder') $oldfolder = $oldname . $delimiter . preg_replace($regexp, '', $folderlist[$x]); $foldersplit = explode($delimiter, $folderlist[$x]); $level = count($foldersplit) - 1; - $display_rename = str_repeat(' ', $level) - . rcube_charset_convert($foldersplit[$level], 'UTF7-IMAP'); + $display_rename = str_repeat(' ', $level) + . Q(rcube_charset_convert($foldersplit[$level], 'UTF7-IMAP')); $before = isset($folderlist[$x+1]) ? rcube_charset_convert($folderlist[$x+1], 'UTF7-IMAP') : false; @@ -142,7 +143,7 @@ else if ($RCMAIL->action=='rename-folder') $foldersplit = explode($delimiter, $rename); $level = count($foldersplit) - 1; - $display_rename = str_repeat(' ', $level) . rcube_charset_convert($foldersplit[$level], 'UTF7-IMAP'); + $display_rename = str_repeat(' ', $level) . Q(rcube_charset_convert($foldersplit[$level], 'UTF7-IMAP')); $index = array_search($rename, $folderlist); $before = $index !== false && isset($folderlist[$index+1]) ? rcube_charset_convert($folderlist[$index+1], 'UTF7-IMAP') : false; @@ -164,7 +165,7 @@ else if ($RCMAIL->action=='delete-folder') $a_mboxes = $IMAP->list_unsubscribed(); $delimiter = $IMAP->get_hierarchy_delimiter(); - $mboxes_utf8 = get_input_value('_mboxes', RCUBE_INPUT_POST); + $mboxes_utf8 = get_input_value('_mboxes', RCUBE_INPUT_POST, true); $mboxes = rcube_charset_convert($mboxes_utf8, RCMAIL_CHARSET, 'UTF7-IMAP'); if (strlen($mboxes)) @@ -287,7 +288,7 @@ function rcube_subscription_form($attrib) $threaded = $a_threaded[$folder['id']]; $protected = ($CONFIG['protect_default_folders'] == true && in_array($folder['id'], $CONFIG['default_imap_folders'])); $classes = array($i%2 ? 'even' : 'odd'); - $folder_js = JQ($folder['id']); + $folder_js = Q($folder['id']); $display_folder = str_repeat(' ', $folder['level']) . Q($protected ? rcmail_localize_foldername($folder['id']) : $folder['name']); $folder_utf8 = rcube_charset_convert($folder['id'], 'UTF7-IMAP'); @@ -321,7 +322,7 @@ function rcube_subscription_form($attrib) $table->add('delete', ' '); } - $a_js_folders['rcmrow'.$idx] = array($folder_utf8, $display_folder, $protected || $folder['virtual']); + $a_js_folders['rcmrow'.$idx] = array($folder_utf8, Q($display_folder), $protected || $folder['virtual']); } rcmail::get_instance()->plugins->exec_hook('folders_list', array('table' => $table)); |