/**
* delete_message.php
*
- * Copyright (c) 1999-2002 The SquirrelMail Project Team
+ * Copyright (c) 1999-2003 The SquirrelMail Project Team
* Licensed under the GNU GPL. For full terms see the file COPYING.
*
* Deletes a meesage from the IMAP server
require_once(SM_PATH . 'functions/display_messages.php');
require_once(SM_PATH . 'functions/imap.php');
-$key = $_COOKIE['key'];
-$username = $_SESSION['username'];
-$onetimepad = $_SESSION['onetimepad'];
+/* get globals */
+sqgetGlobalVar('username', $username, SQ_SESSION);
+sqgetGlobalVar('key', $key, SQ_COOKIE);
+sqgetGlobalVar('onetimepad', $onetimepad, SQ_SESSION);
-$message = $_GET['message'];
-$mailbox = $_GET['mailbox'];
+sqgetGlobalVar('message', $message, SQ_GET);
+sqgetGlobalVar('mailbox', $mailbox, SQ_GET);
+/* end globals */
if (isset($_GET['saved_draft'])) {
- $saved_draft = $_GET['saved_draft'];
+ $saved_draft = urlencode($_GET['saved_draft']);
}
if (isset($_GET['mail_sent'])) {
- $mail_sent = $_GET['mail_sent'];
+ $mail_sent = urlencode($_GET['mail_sent']);
+}
+if (isset($_GET['sort'])) {
+ $sort = (int) $_GET['sort'];
+}
+
+if (isset($_GET['startMessage'])) {
+ $startMessage = (int) $_GET['startMessage'];
}
-$sort = $_GET['sort'];
-$startMessage = $_GET['startMessage'];
if(isset($_GET['where'])) {
- $where = $_GET['where'];
+ $where = urlencode($_GET['where']);
}
if(isset($_GET['what'])) {
- $what = $_GET['what'];
+ $what = urlencode($_GET['what']);
}
$imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
$location = get_location();
if (isset($where) && isset($what)) {
- header("Location: $location/search.php?where=" . urlencode($where) .
- '&what=' . urlencode($what) . '&mailbox=' . urlencode($mailbox));
+ header("Location: $location/search.php?where=" . $where .
+ '&what=' . $what . '&mailbox=' . urlencode($mailbox));
} else {
if (!empty($saved_draft) || !empty($mail_sent)) {
header("Location: $location/compose.php?mail_sent=$mail_sent&saved_draft=$saved_draft");