Happy 2014

[squirrelmail.git] / src / compose.php

diff --git a/src/compose.php b/src/compose.php
index 89dc5603c4f626d6d01683ef3f227ad68d0788d4..c3f0f426be5a419336988b79b30c6b6c20b75568 100644 (file)
--- a/src/compose.php
+++ b/src/compose.php
@@ -10,7 +10,7 @@
  *    - Send mail
  *    - Save As Draft
  *
- * @copyright 1999-2012 The SquirrelMail Project Team
+ * @copyright 1999-2014 The SquirrelMail Project Team
  * @license http://opensource.org/licenses/gpl-license.php GNU Public License
  * @version $Id$
  * @package squirrelmail
@@ -415,7 +415,7 @@ if ($draft) {
 
     // validate security token
     //
-    sm_validate_security_token($submitted_token, 3600, TRUE);
+    sm_validate_security_token($submitted_token, -1, TRUE);
 
     /*
      * Set $default_charset to correspond with the user's selection
@@ -474,7 +474,7 @@ if ($send) {
 
     // validate security token
     //
-    sm_validate_security_token($submitted_token, 3600, TRUE);
+    sm_validate_security_token($submitted_token, -1, TRUE);
 
     if (isset($_FILES['attachfile']) &&
             $_FILES['attachfile']['tmp_name'] &&
@@ -601,7 +601,7 @@ if ($send) {
 
     // validate security token
     //
-    sm_validate_security_token($submitted_token, 3600, TRUE);
+    sm_validate_security_token($submitted_token, -1, TRUE);
 
     if ($compose_new_win == '1') {
         compose_Header($color, $mailbox);
@@ -650,7 +650,7 @@ if ($send) {
 
     // validate security token
     //
-    sm_validate_security_token($submitted_token, 3600, TRUE);
+    sm_validate_security_token($submitted_token, -1, TRUE);
 
     if ($compose_new_win == '1') {
         compose_Header($color, $mailbox);
@@ -666,7 +666,7 @@ elseif (isset($sigappend)) {
 
     // validate security token
     //
-    sm_validate_security_token($submitted_token, 3600, TRUE);
+    sm_validate_security_token($submitted_token, -1, TRUE);
 
     $signature = $idents[$identity]['signature'];
 
@@ -681,7 +681,7 @@ elseif (isset($sigappend)) {
 
     // validate security token
     //
-    sm_validate_security_token($submitted_token, 3600, TRUE);
+    sm_validate_security_token($submitted_token, -1, TRUE);
 
     if ($compose_new_win == '1') {
         compose_Header($color, $mailbox);
@@ -1000,10 +1000,12 @@ function newMail ($mailbox='', $passed_id='', $passed_ent_id='', $action='', $se
                             // if this is a reply-all, the original recipient
                             // is already in the CC field, so we can just blank
                             // the recipient (TO field) (as long as the CC field
-                            // isn't empty that is) and we're done
+                            // isn't empty that is)... but then move the CC into
+                            // the TO, so TO isn't empty
                             //
-                            if ($action == 'reply_all') {
-                                if (!empty($send_to_cc)) $send_to = '';
+                            if ($action == 'reply_all' && !empty($send_to_cc)) {
+                                $orig_to = $send_to_cc;
+                                $send_to_cc = '';
                                 break;
                             }
 
@@ -1028,6 +1030,22 @@ function newMail ($mailbox='', $passed_id='', $passed_ent_id='', $action='', $se
                     if (!empty($orig_to)) {
 
                         $send_to = $orig_to;
+
+                        // in this case, we also want to reset the FROM
+                        // identity as well (it should match the original
+                        // *FROM* header instead of TO or CC)
+                        //
+                        if (count($idents) > 1) {
+                            $identity = '';
+                            foreach($idents as $i => $id) {
+                                if (!empty($id['email_address'])
+                                 && strpos($orig_from, $id['email_address']) !== FALSE) {
+                                    $identity = $i;
+                                    break;
+                                }
+                            }
+                        }
+
                     }
 
                 }