Lots of changes for variable initialization - clean up, really,

[squirrelmail.git] / src / delete_message.php

diff --git a/src/delete_message.php b/src/delete_message.php
index 8a5657c86f3fd7720ac4ee130f98952ef75d5a5a..6078920d093c7f7e26d1cdbe72d6245b21705f09 100644 (file)
--- a/src/delete_message.php
+++ b/src/delete_message.php
@@ -3,7 +3,7 @@
 /**
  * delete_message.php
  *
- * Copyright (c) 1999-2002 The SquirrelMail Project Team
+ * Copyright (c) 1999-2003 The SquirrelMail Project Team
  * Licensed under the GNU GPL. For full terms see the file COPYING.
  *
  * Deletes a meesage from the IMAP server
@@ -27,19 +27,24 @@ $message = $_GET['message'];
 $mailbox = $_GET['mailbox'];
 
 if (isset($_GET['saved_draft'])) {
-    $saved_draft = $_GET['saved_draft'];
+    $saved_draft = urlencode($_GET['saved_draft']);
 }
 if (isset($_GET['mail_sent'])) {
-    $mail_sent = $_GET['mail_sent'];
+    $mail_sent = urlencode($_GET['mail_sent']);
+}
+if (isset($_GET['sort'])) {
+       $sort = (int) $_GET['sort'];
+}
+
+if (isset($_GET['startMessage'])) {
+       $startMessage = (int) $_GET['startMessage'];
 }
-$sort = $_GET['sort'];
-$startMessage = $_GET['startMessage'];
 
 if(isset($_GET['where'])) {
-    $where = $_GET['where'];
+    $where = urlencode($_GET['where']);
 }
 if(isset($_GET['what'])) {
-    $what = $_GET['what'];
+    $what = urlencode($_GET['what']);
 }
 
 $imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
@@ -61,8 +66,8 @@ if (!isset($mail_sent)) {
 $location = get_location();
 
 if (isset($where) && isset($what)) {
-    header("Location: $location/search.php?where=" . urlencode($where) .
-           '&what=' . urlencode($what) . '&mailbox=' . urlencode($mailbox));
+    header("Location: $location/search.php?where=" . $where .
+           '&what=' . $what . '&mailbox=' . urlencode($mailbox));
 } else {
     if (!empty($saved_draft) || !empty($mail_sent)) {
           header("Location: $location/compose.php?mail_sent=$mail_sent&saved_draft=$saved_draft");