projects
/
squirrelmail.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
XSS fixes
[squirrelmail.git]
/
functions
/
page_header.php
diff --git
a/functions/page_header.php
b/functions/page_header.php
index 6ece0a393a05f0658628c5368bdaea847ad0daa9..46f45e43140dc44ea5bd90c6673bb143ebc9a3f0 100644
(file)
--- a/
functions/page_header.php
+++ b/
functions/page_header.php
@@
-152,15
+152,13
@@
function displayPageHeader($color, $mailbox, $sHeaderJs='', $sBodyTagJs = 'onloa
$frame_top = '_top';
}
$frame_top = '_top';
}
- if( $javascript_on || strpos($xtra, 'new_js_autodetect_results.value') ) {
+ if( $javascript_on || strpos($sHeaderJs, 'new_js_autodetect_results.value') ) {
+ $sJsBlock = '<script src="'. SM_PATH .'templates/default/js/default.js" type="text/javascript" language="JavaScript"></script>' ."\n";
if ($sHeaderJs) {
if ($sHeaderJs) {
- $sJsBlock = "\n<script language=\"JavaScript\" type=\"text/javascript\">" .
+ $sJsBlock
.
= "\n<script language=\"JavaScript\" type=\"text/javascript\">" .
"\n<!--\n" .
"\n<!--\n" .
- $sJsHeader . "\n\n// -->\n</script>\n";
- } else {
- $sJsBlock = '';
+ $sHeaderJs . "\n\n// -->\n</script>\n";
}
}
- $sJsBlock .= "\n" . '<script src="'. SM_PATH .'templates/default/js/default.js" type="text/javascript" language="JavaScript"></script>' ."\n";
displayHtmlHeader ('SquirrelMail', $sJsBlock);
} else {
/* do not use JavaScript */
displayHtmlHeader ('SquirrelMail', $sJsBlock);
} else {
/* do not use JavaScript */
@@
-195,6
+193,8
@@
function displayPageHeader($color, $mailbox, $sHeaderJs='', $sBodyTagJs = 'onloa
: html_tag( 'td', '', 'left' ) )
. "\n";
$urlMailbox = urlencode($mailbox);
: html_tag( 'td', '', 'left' ) )
. "\n";
$urlMailbox = urlencode($mailbox);
+ $startMessage = (int)$startMessage;
+
echo makeComposeLink('src/compose.php?mailbox='.$urlMailbox.'&startMessage='.$startMessage);
echo " \n";
displayInternalLink ('src/addressbook.php', _("Addresses"));
echo makeComposeLink('src/compose.php?mailbox='.$urlMailbox.'&startMessage='.$startMessage);
echo " \n";
displayInternalLink ('src/addressbook.php', _("Addresses"));
@@
-246,7
+246,7
@@
function compose_Header($color, $mailbox, $sHeaderJs='', $sBodyTagJs = 'onload="
if ($sHeaderJs) {
$sJsBlock = "\n<script language=\"JavaScript\" type=\"text/javascript\">" .
"\n<!--\n" .
if ($sHeaderJs) {
$sJsBlock = "\n<script language=\"JavaScript\" type=\"text/javascript\">" .
"\n<!--\n" .
- $s
JsHeader
. "\n\n// -->\n</script>\n";
+ $s
HeaderJs
. "\n\n// -->\n</script>\n";
} else {
$sJsBlock = '';
}
} else {
$sJsBlock = '';
}
@@
-259,4
+259,4
@@
function compose_Header($color, $mailbox, $sHeaderJs='', $sBodyTagJs = 'onload="
}
echo "<body text=\"$color[8]\" bgcolor=\"$color[4]\" link=\"$color[7]\" vlink=\"$color[7]\" alink=\"$color[7]\" $sBodyTagJs>\n\n";
}
}
echo "<body text=\"$color[8]\" bgcolor=\"$color[4]\" link=\"$color[7]\" vlink=\"$color[7]\" alink=\"$color[7]\" $sBodyTagJs>\n\n";
}
-?>
+?>
\ No newline at end of file