From ca01e25772730cab0117bca0e514140e6c5f67d1 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Sat, 5 Jul 2014 12:33:03 +0200
Subject: Fix security issue in delete-response action - allow only ajax
 request. Unify code for identities and responses deletion.

---
 program/steps/settings/delete_identity.inc | 55 ------------------------------
 1 file changed, 55 deletions(-)
 delete mode 100644 program/steps/settings/delete_identity.inc

(limited to 'program/steps/settings/delete_identity.inc')

diff --git a/program/steps/settings/delete_identity.inc b/program/steps/settings/delete_identity.inc
deleted file mode 100644
index f77620438..000000000
--- a/program/steps/settings/delete_identity.inc
+++ /dev/null
@@ -1,55 +0,0 @@
-<?php
-
-/*
- +-----------------------------------------------------------------------+
- | program/steps/settings/delete_identity.inc                            |
- |                                                                       |
- | This file is part of the Roundcube Webmail client                     |
- | Copyright (C) 2005-2013, The Roundcube Dev Team                       |
- |                                                                       |
- | Licensed under the GNU General Public License version 3 or            |
- | any later version with exceptions for skins & plugins.                |
- | See the README file for a full license statement.                     |
- |                                                                       |
- | PURPOSE:                                                              |
- |   Delete the submitted identities (IIDs) from the database            |
- |                                                                       |
- +-----------------------------------------------------------------------+
- | Author: Thomas Bruederli <roundcube@gmail.com>                        |
- +-----------------------------------------------------------------------+
-*/
-
-$iid = rcube_utils::get_input_value('_iid', rcube_utils::INPUT_GPC);
-
-// check request token
-if (!$OUTPUT->ajax_call && !$RCMAIL->check_request(rcube_utils::INPUT_GPC)) {
-    $OUTPUT->show_message('invalidrequest', 'error');
-    $RCMAIL->overwrite_action('identities');
-    return;
-}
-
-if ($iid && preg_match('/^[0-9]+(,[0-9]+)*$/', $iid)) {
-    $plugin = $RCMAIL->plugins->exec_hook('identity_delete', array('id' => $iid));
-
-    $deleted = !$plugin['abort'] ? $RCMAIL->user->delete_identity($iid) : $plugin['result'];
-
-    if ($deleted > 0 && $deleted !== false) {
-        $OUTPUT->show_message('deletedsuccessfully', 'confirmation', null, false);
-    }
-    else {
-        $msg = $plugin['message'] ? $plugin['message'] : ($deleted < 0 ? 'nodeletelastidentity' : 'errorsaving');
-        $OUTPUT->show_message($msg, 'error', null, false);
-    }
-
-    // send response
-    if ($OUTPUT->ajax_call) {
-        $OUTPUT->send();
-    }
-}
-
-if ($OUTPUT->ajax_call) {
-    exit;
-}
-
-// go to identities page
-$RCMAIL->overwrite_action('identities');
-- 
cgit v1.2.3