* Subfolder search idea from Patch #806075 by Thomas Pohl xraven at users.sourceforge.net. Thanks Thomas!
*
* @author Alex Lemaresquier - Brainstorm <alex at brainstorm.fr>
- * @copyright © 1999-2007 The SquirrelMail Project Team
+ * @copyright 1999-2012 The SquirrelMail Project Team
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
* @version $Id$
* @package squirrelmail
* @todo explain why references are used in function calls
*/
+/** This is the search page */
+define('PAGE_NAME', 'search');
+
/**
* Include the SquirrelMail initialization file.
*/
require_once(SM_PATH . 'functions/imap_messages.php');
require_once(SM_PATH . 'functions/imap_general.php');
require_once(SM_PATH . 'functions/mime.php');
-require_once(SM_PATH . 'functions/mailbox_display.php'); //getButton()
+require_once(SM_PATH . 'functions/mailbox_display.php'); //sqm_api_mailbox_select
require_once(SM_PATH . 'functions/forms.php');
require_once(SM_PATH . 'functions/date.php');
require_once(SM_PATH . 'functions/compose.php');
return $query_display;
}
-/**
- * Creates button
- *
- * @deprecated see form functions available in 1.5.1 and 1.4.3.
- * @param string $type
- * @param string $name
- * @param string $value
- * @param string $js
- * @param bool $enabled
- */
-function getButton($type, $name, $value, $js = '', $enabled = TRUE) {
- $disabled = ( $enabled ? '' : 'disabled ' );
- $js = ( $js ? $js.' ' : '' );
- return '<input '.$disabled.$js.
- 'type="'.$type.
- '" name="'.$name.
- '" value="'.$value .
- '" style="padding: 0px; margin: 0px" />';
-}
-
/**
* Print a whole query array, recent or saved
*
$oTemplate->assign('expand_collapse_toggle', '../src/search.php?'.$show_pref.'='.($show_flag==1 ? 0 : 1));
$oTemplate->assign('query_list', $a);
- $oTemplate->assign('save_recent', '../src/search.php?submit=save_recent&rownum=');
- $oTemplate->assign('do_recent', '../src/search.php?submit=search_recent&rownum=');
- $oTemplate->assign('forget_recent', '../src/search.php?submit=forget_recent&rownum=');
+ $oTemplate->assign('save_recent', '../src/search.php?submit=save_recent&smtoken=' . sm_generate_security_token() . '&rownum=');
+ $oTemplate->assign('do_recent', '../src/search.php?submit=search_recent&smtoken=' . sm_generate_security_token() . '&rownum=');
+ $oTemplate->assign('forget_recent', '../src/search.php?submit=forget_recent&smtoken=' . sm_generate_security_token() . '&rownum=');
- $oTemplate->assign('edit_saved', '../src/search.php?submit=edit_saved&rownum=');
- $oTemplate->assign('do_saved', '../src/search.php?submit=search_saved&rownum=');
- $oTemplate->assign('delete_saved', '../src/search.php?submit=delete_saved&rownum=');
+ $oTemplate->assign('edit_saved', '../src/search.php?submit=edit_saved&smtoken=' . sm_generate_security_token() . '&rownum=');
+ $oTemplate->assign('do_saved', '../src/search.php?submit=search_saved&smtoken=' . sm_generate_security_token() . '&rownum=');
+ $oTemplate->assign('delete_saved', '../src/search.php?submit=delete_saved&smtoken=' . sm_generate_security_token() . '&rownum=');
$oTemplate->display('search_list.tpl');
}
$oTemplate->assign('criteria', $c);
- echo '<form action="../src/search.php" name="form_asearch">' . "\n";
+ echo '<form action="../src/search.php" name="form_asearch">' . "\n"
+ . addHidden('smtoken', sm_generate_security_token()) . "\n";
$oTemplate->display('search_advanced.tpl');
echo "</form>\n";
}
$oTemplate->assign('where_sel', $where);
$oTemplate->assign('what_val', $what);
- echo '<form action="../src/search.php" name="form_asearch">' . "\n";
+ echo '<form action="../src/search.php" name="form_asearch">' . "\n"
+ . addHidden('smtoken', sm_generate_security_token()) . "\n";
$oTemplate->display('search.tpl');
echo "</form>\n";
}
/* ------------------------ main ------------------------ */
/* get globals we will need */
+sqgetGlobalVar('smtoken', $submitted_token, SQ_FORM, '');
sqgetGlobalVar('delimiter', $delimiter, SQ_SESSION);
-if ( sqgetGlobalVar('checkall', $temp, SQ_GET) ) {
- $checkall = (int) $temp;
+if (!sqgetGlobalVar('checkall',$checkall,SQ_GET)) {
+ $checkall = false;
+}
+
+if (!sqgetGlobalVar('preselected', $preselected, SQ_GET) || !is_array($preselected)) {
+ $preselected = array();
+} else {
+ $preselected = array_keys($preselected);
}
/**
if (!isset($submit)) {
$submit = '';
} else {
+
+ // first validate security token
+ sm_validate_security_token($submitted_token, 3600, TRUE);
+
switch ($submit) {
case $search_button_text:
if (asearch_check_query($where_array, $what_array, $exclude_array) == '') {
$boxes = sqimap_mailbox_list($imapConnection);
/* ensure we have a valid default mailbox name */
$mailbox = asearch_nz($mailbox_array[0]);
-if (($mailbox == '') || ($mailbox == 'None')) //Workaround for sm quirk IMHO (what if I really have a mailbox called None?)
+if ($mailbox == '')
$mailbox = $boxes[0]['unformatted']; //Usually INBOX ;)
$compose_height = '550';
}
// do not use &, it will break the query string and $session will not be detected!!!
- $comp_uri = SM_PATH . 'src/compose.php?mailbox='. urlencode($mailbox).
- '&session='.$aMailbox['FORWARD_SESSION'];
+ $comp_uri = $base_uri . 'src/compose.php?mailbox='. urlencode($mailbox)
+ . '&session='.$aMailbox['FORWARD_SESSION']['SESSION_NUMBER']
+ . '&smaction=forward_as_attachment'
+ . '&fwduid=' . implode('_', $aMailbox['FORWARD_SESSION']['UIDS']);
displayPageHeader($color, $mailbox, "comp_in_new('$comp_uri', $compose_width, $compose_height);", false);
} else {
// save mailboxstate
sqsession_register($aMailbox,'aLastSelectedMailbox');
session_write_close();
// we have to redirect to the compose page
- $location = SM_PATH . 'src/compose.php?mailbox='. urlencode($mailbox).
- '&session='.$aMailbox['FORWARD_SESSION'];
+ $location = $base_uri . 'src/compose.php?mailbox='. urlencode($mailbox)
+ . '&session='.$aMailbox['FORWARD_SESSION']['SESSION_NUMBER']
+ . '&smaction=forward_as_attachment'
+ . '&fwduid=' . implode('_', $aMailbox['FORWARD_SESSION']['UIDS']);
header("Location: $location");
exit;
}
*/
if ($aMailbox['EXISTS'] > 0) {
if ($iError) {
- // TODO
+ // TODO: Implement an error handler in the search page.
echo "ERROR occured, errorhandler will be implemented very soon";
} else {
foreach ($aTemplate as $k => $v) {
$oTemplate->assign('alt_index_colors', isset($alt_index_colors) ? $alt_index_colors: false);
$oTemplate->assign('color', $color);
$oTemplate->assign('align', $align);
+ $oTemplate->assign('checkall', $checkall);
+ $oTemplate->assign('preselected', $preselected);
+
+ global $show_personal_names;
+ $oTemplate->assign('show_personal_names', $show_personal_names);
+
+ global $accesskey_mailbox_toggle_selected, $accesskey_mailbox_thread;
+ $oTemplate->assign('accesskey_mailbox_toggle_selected', $accesskey_mailbox_toggle_selected);
+ $oTemplate->assign('accesskey_mailbox_thread', $accesskey_mailbox_thread);
$oTemplate->display('message_list.tpl');
}
$oTemplate->display('footer.tpl');
sqsession_register($mailbox_cache,'mailbox_cache');
-?>