X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=functions%2Ffolder_manip.php;h=314f5550f26b0fd15f9b2259015c0802a5fe13ac;hb=19b46101c859d0760c4fb3fac2e635033e319b2f;hp=775b0f4fd5d4a164503dacfddbb476556b7011d3;hpb=4b5049de2fa934c45599d6e4c74bf2bbee10d34d;p=squirrelmail.git diff --git a/functions/folder_manip.php b/functions/folder_manip.php index 775b0f4f..314f5550 100644 --- a/functions/folder_manip.php +++ b/functions/folder_manip.php @@ -7,7 +7,7 @@ * (un)subscribe, create, rename, delete. * * @author Thijs Kinkhorst - * @copyright © 1999-2007 The SquirrelMail Project Team + * @copyright 1999-2022 The SquirrelMail Project Team * @license http://opensource.org/licenses/gpl-license.php GNU Public License * @version $Id$ * @package squirrelmail @@ -106,7 +106,7 @@ function folders_rename_getname ($imapConnection, $delimiter, $old) { $old = imap_utf7_decode_local($old); if (strpos($old, $delimiter)) { - $old_name = substr($old, strrpos($old, $delimiter)+1, strlen($old)); + $old_name = substr($old, strrpos($old, $delimiter)+1); // hide default prefix (INBOX., mail/ or other) $quoted_prefix=preg_quote($default_folder_prefix,'/'); $prefix_length=(preg_match("/^$quoted_prefix/",$old) ? strlen($default_folder_prefix) : 0); @@ -124,9 +124,9 @@ function folders_rename_getname ($imapConnection, $delimiter, $old) { sqimap_logout($imapConnection); $oTemplate->assign('dialog_type', 'rename'); - $oTemplate->assign('parent_folder', htmlspecialchars($old_parent)); - $oTemplate->assign('current_full_name', htmlspecialchars($old)); - $oTemplate->assign('current_folder_name', htmlspecialchars($old_name)); + $oTemplate->assign('parent_folder', sm_encode_html_special_chars($old_parent)); + $oTemplate->assign('current_full_name', sm_encode_html_special_chars($old)); + $oTemplate->assign('current_folder_name', sm_encode_html_special_chars($old_name)); $oTemplate->assign('is_folder', $isfolder); $oTemplate->display('folder_manip_dialog.tpl'); @@ -198,8 +198,8 @@ function folders_delete_ask ($imapConnection, $folder_name) sqimap_logout($imapConnection); $oTemplate->assign('dialog_type', 'delete'); - $oTemplate->assign('folder_name', htmlspecialchars($folder_name)); - $oTemplate->assign('visible_folder_name', htmlspecialchars($visible_folder_name)); + $oTemplate->assign('folder_name', sm_encode_html_special_chars($folder_name)); + $oTemplate->assign('visible_folder_name', sm_encode_html_special_chars($visible_folder_name)); $oTemplate->display('folder_manip_dialog.tpl'); $oTemplate->display('footer.tpl'); @@ -226,7 +226,7 @@ function folders_delete_do ($imapConnection, $delimiter, $folder_name) /** lets see if we CAN move folders to the trash.. otherwise, ** just delete them **/ - if ($delete_folder || eregi('^'.$trash_folder.'.+', $folder_name) ) { + if ($delete_folder || preg_match('/^' . preg_quote($trash_folder, '/') . '.+/i', $folder_name) ) { $can_move_to_trash = FALSE; } else { /* Otherwise, check if trash folder exits and support sub-folders */