*
* Display Identities Options
*
- * @copyright © 1999-2006 The SquirrelMail Project Team
+ * @copyright 1999-2014 The SquirrelMail Project Team
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
* @version $Id$
* @package squirrelmail
* @since 1.1.3
*/
+/** This is the options_identities page */
+define('PAGE_NAME', 'options_identities');
+
/**
* Include the SquirrelMail initialization file.
*/
/* SquirrelMail required files. */
require_once(SM_PATH . 'functions/identity.php');
+require_once(SM_PATH . 'functions/forms.php');
+
+/* make sure that page is not available when $edit_identity is false */
+if (!$edit_identity) {
+ error_box(_("Editing identities is disabled."));
+ $oTemplate->display('footer.tpl');
+ die();
+}
if (!sqgetGlobalVar('identities', $identities, SQ_SESSION)) {
$identities = get_identities();
sqgetGlobalVar('newidentities', $newidentities, SQ_POST);
sqgetGlobalVar('smaction', $smaction, SQ_POST);
sqgetGlobalVar('return', $return, SQ_POST);
+sqgetGlobalVar('smtoken', $submitted_token, SQ_POST, '');
// First lets see if there are any actions to perform //
if (!empty($smaction) && is_array($smaction)) {
+ // first do a security check
+ sm_validate_security_token($submitted_token, -1, TRUE);
+
$doaction = '';
$identid = 0;
exit;
}
-displayPageHeader($color, 'None');
+displayPageHeader($color);
/* since 1.1.3 */
-do_hook('options_identities_top');
+do_hook('options_identities_top', $null);
+
+$i = array();
+foreach ($identities as $key=>$ident) {
+ $a = array();
+ $a['Title'] = $key==0 ? _("Default Identity") : sprintf(_("Alternate Identity %d"), $key);
+ $a['New'] = false;
+ $a['Default'] = $key==0;
+ $a['FullName'] = sm_encode_html_special_chars($ident['full_name']);
+ $a['Email'] = sm_encode_html_special_chars($ident['email_address']);
+ $a['ReplyTo'] = sm_encode_html_special_chars($ident['reply_to']);
+ $a['Signature'] = sm_encode_html_special_chars($ident['signature']);
+ $i[$key] = $a;
+}
-$td_str = '';
-$td_str .= '<form name="f" action="options_identities.php" method="post"><br />' . "\n";
-$td_str .= '<table border="0" cellspacing="0" cellpadding="0" width="100%">' . "\n";
-$cnt = count($identities);
-foreach( $identities as $iKey=>$ident ) {
+$a = array();
+$a['Title'] = _("Add New Identity");
+$a['New'] = true;
+$a['Default'] = false;
+$a['FullName'] = '';
+$a['Email'] = '';
+$a['ReplyTo'] = '';
+$a['Signature'] = '';
+$i[count($i)] = $a;
- if ($iKey == 0) {
- $hdr_str = _("Default Identity");
- } else {
- $hdr_str = sprintf( _("Alternate Identity %d"), $iKey);
- }
+//FIXME: NO HTML IN THE CORE
+echo '<form name="f" action="options_identities.php" method="post">' . "\n"
+ . addHidden('smtoken', sm_generate_security_token()) . "\n";
- $td_str .= ShowIdentityInfo( $hdr_str, $ident, $iKey );
+$oTemplate->assign('identities', $i);
+$oTemplate->display('options_advidentity_list.tpl');
-}
+//FIXME: NO HTML IN THE CORE
+echo "</form>\n";
+
+$oTemplate->display('footer.tpl');
-$td_str .= ShowIdentityInfo( _("Add a New Identity"), array('full_name'=>'','email_address'=>'','reply_to'=>'','signature'=>''), $cnt);
-$td_str .= '</table>' . "\n";
-$td_str .= '</form>';
-
-echo '<br /> ' . "\n" .
- html_tag('table', "\n" .
- html_tag('tr', "\n" .
- html_tag('td' , "\n" .
- '<b>' . _("Options") . ' - ' . _("Advanced Identities") . '</b><br />' .
- html_tag('table', "\n" .
- html_tag('tr', "\n" .
- html_tag('td', "\n" .
- html_tag('table' , "\n" .
- html_tag('tr' , "\n" .
- html_tag('td', "\n" . $td_str ,'','', 'style="text-align:center;"')
- ),
- '', '', 'width="80%" cellpadding="2" cellspacing="0" border="0"' ) ,
- 'center', $color[4])
- ),
- '', '', 'width="100%" border="0" cellpadding="1" cellspacing="1"' )) ,
- 'center', $color[0]),
- 'center', '', 'width="95%" border="0" cellpadding="2" cellspacing="0"' ) . '</body></html>';
+/**
+ * The functions below should not be needed with the additions of templates,
+ * however they will remain in case plugins use them.
+ */
/**
* Returns html formated identity form fields
*
- * Contains options_identities_buttons and option_identities_table hooks.
+ * Contains options_identities_buttons and options_identities_table hooks.
* Before 1.4.5/1.5.1 hooks were placed in ShowTableInfo() function.
* In 1.1.3-1.4.1 they were called in do_hook function with two or
* three arguments. Since 1.4.1 hooks are called in concat_hook_function.
$return_str = '';
+//FIXME: NO HTML IN THE CORE
$return_str .= '<tr>' . "\n";
$return_str .= ' <th style="text-align:center;background-color:' . $color[9] . ';" colspan="2">' . $title . '</th> '. "\n";
$return_str .= '</tr>' . "\n";
$return_str .= sti_input( _("E-Mail Address") , sprintf($name, $id, 'email_address'), $identity['email_address'], $bg);
$return_str .= sti_input( _("Reply To"), sprintf($name, $id, 'reply_to'), $identity['reply_to'], $bg);
$return_str .= sti_textarea( _("Signature"), sprintf($name, $id, 'signature'), $identity['signature'], $bg);
- $return_str .= concat_hook_function('options_identities_table', array($bg, $empty, $id));
+ $temp = array(&$bg, &$empty, &$id);
+ $return_str .= concat_hook_function('options_identities_table', $temp);
$return_str .= '<tr' . $bg . '> ' . "\n";
$return_str .= ' <td> </td>' . "\n";
$return_str .= ' <td>' . "\n";
}
- $return_str .= concat_hook_function('options_identities_buttons', array($empty, $id));
+ $temp = array(&$empty, &$id);
+ $return_str .= concat_hook_function('options_identities_buttons', $temp);
$return_str .= ' </td>' . "\n";
$return_str .= '</tr>' . "\n";
$return_str .= '<tr>' . "\n";
* Creates html formated table row with input field
* @param string $title Name displayed next to input field
* @param string $name Name of input field
- * @param string $data Default value of input field (data is sanitized with htmlspecialchars)
+ * @param string $data Default value of input field (data is sanitized with sm_encode_html_special_chars)
* @param string $bgcolor html attributes added to row element (tr)
* @return string html formated table row with text input field
* @since 1.2.0 (arguments differ since 1.4.5/1.5.1)
* @access private
*/
function sti_input( $title, $name, $data, $bgcolor ) {
+//FIXME: NO HTML IN THE CORE
$str = '';
$str .= '<tr' . $bgcolor . ">\n";
$str .= ' <td style="white-space: nowrap;text-align:right;">' . $title . ' </td>' . "\n";
- $str .= ' <td> <input type="text" name="' . $name . '" size="50" value="'. htmlspecialchars($data) . '"> </td>' . "\n";
+ $str .= ' <td> <input type="text" name="' . $name . '" size="50" value="'. sm_encode_html_special_chars($data) . '" /> </td>' . "\n";
$str .= '</tr>';
return $str;
* Creates html formated table row with textarea field
* @param string $title Name displayed next to textarea field
* @param string $name Name of textarea field
- * @param string $data Default value of textarea field (data is sanitized with htmlspecialchars)
+ * @param string $data Default value of textarea field (data is sanitized with sm_encode_html_special_chars)
* @param string $bgcolor html attributes added to row element (tr)
* @return string html formated table row with textarea
* @since 1.2.5 (arguments differ since 1.4.5/1.5.1)
* @access private
*/
function sti_textarea( $title, $name, $data, $bgcolor ) {
+//FIXME: NO HTML IN THE CORE
$str = '';
$str .= '<tr' . $bgcolor . ">\n";
$str .= ' <td style="white-space: nowrap;text-align:right;">' . $title . ' </td>' . "\n";
- $str .= ' <td> <textarea name="' . $name . '" cols="50" rows="5">'. htmlspecialchars($data) . '</textarea> </td>' . "\n";
+ $str .= ' <td> <textarea name="' . $name . '" cols="50" rows="5">'. sm_encode_html_special_chars($data) . '</textarea> </td>' . "\n";
$str .= '</tr>';
return $str;
}
-?>
\ No newline at end of file