X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=functions%2Fpage_header.php;h=d6c3ad3958ec42f2f039b82a27001b30d8f21dda;hb=bb50b50818e1eb3b2ff8f8c49883c1a7f19707e5;hp=180968da57f6f085da35b9da29d559b8deac383d;hpb=82d304a0501324b276cabab1870755d5352bd21c;p=squirrelmail.git diff --git a/functions/page_header.php b/functions/page_header.php index 180968da..d6c3ad39 100644 --- a/functions/page_header.php +++ b/functions/page_header.php @@ -134,10 +134,10 @@ function displayPageHeader($color, $mailbox, $xtra='', $session=false) { } if ($session) { - $compose_uri = $base_uri.'src/compose.php?mailbox='.urlencode($mailbox).'&attachedmessages=true&session='."$session"; + $compose_uri = $base_uri.'src/compose.php?mailbox='.urlencode($mailbox).'&attachedmessages=true&session='."$session"; } else { $compose_uri = $base_uri.'src/compose.php?newmessage=1'; - $session = 0; + $session = 0; } if($javascript_on) { @@ -154,15 +154,29 @@ function displayPageHeader($color, $mailbox, $xtra='', $session=false) { if (!preg_match("/^[0-9]{3,4}$/", $compose_height)) { $compose_height = '550'; } + $js .= "function comp_in_new_form(comp_uri, button, myform) {\n". + ' if (!comp_uri) {'."\n". + ' comp_uri = "'.$compose_uri."\";\n". + ' }'. "\n". + ' comp_uri += "&" + button.name + "=1";'."\n". + ' for ( var i=0; i < myform.elements.length; i++ ) {'."\n". + ' if ( myform.elements[i].type == "checkbox" && myform.elements[i].checked )'."\n". + ' comp_uri += "&" + myform.elements[i].name + "=1";'."\n". + ' }'."\n". + ' var newwin = window.open(comp_uri' . + ', "_blank",'. + '"width='.$compose_width. ',height='.$compose_height. + ',scrollbars=yes,resizable=yes");'."\n". + "}\n\n"; $js .= "function comp_in_new(comp_uri) {\n". - " if (!comp_uri) {\n". - ' comp_uri = "'.$compose_uri."\";\n". - ' }'. "\n". - ' var newwin = window.open(comp_uri' . - ', "_blank",'. - '"width='.$compose_width. ',height='.$compose_height. - ',scrollbars=yes,resizable=yes");'."\n". - "}\n\n"; + " if (!comp_uri) {\n". + ' comp_uri = "'.$compose_uri."\";\n". + ' }'. "\n". + ' var newwin = window.open(comp_uri' . + ', "_blank",'. + '"width='.$compose_width. ',height='.$compose_height. + ',scrollbars=yes,resizable=yes");'."\n". + "}\n\n"; } // javascript for sending read receipts @@ -170,7 +184,7 @@ function displayPageHeader($color, $mailbox, $xtra='', $session=false) { $js .= 'function sendMDN() {'."\n". " mdnuri=window.location+'&sendreceipt=1'; ". "var newwin = window.open(mdnuri,'right');". - "\n}\n\n"; + "\n}\n\n"; } // if any of the above passes, add the JS tags too. @@ -212,9 +226,9 @@ function displayPageHeader($color, $mailbox, $xtra='', $session=false) { "document.forms[i-1].elements[pos].focus();\n". "}\n". "}\n"; - + $js .= "// -->\n". - "\n"; + "\n"; $onload = 'onload="checkForm();"'; displayHtmlHeader ('SquirrelMail', $js); break; @@ -241,9 +255,9 @@ function displayPageHeader($color, $mailbox, $xtra='', $session=false) { "if( pos >= 0 ) {\n". "document.forms[i-1].elements[pos].focus();\n". "}\n". - "$xtra\n". + "$xtra\n". "}\n"; - + if ($compose_new_win == '1') { if (!preg_match("/^[0-9]{3,4}$/", $compose_width)) { $compose_width = '640'; @@ -252,9 +266,9 @@ function displayPageHeader($color, $mailbox, $xtra='', $session=false) { $compose_height = '550'; } $js .= "function comp_in_new(comp_uri) {\n". - " if (!comp_uri) {\n". - ' comp_uri = "'.$compose_uri."\";\n". - ' }'. "\n". + " if (!comp_uri) {\n". + ' comp_uri = "'.$compose_uri."\";\n". + ' }'. "\n". ' var newwin = window.open(comp_uri' . ', "_blank",'. '"width='.$compose_width. ',height='.$compose_height. @@ -263,7 +277,7 @@ function displayPageHeader($color, $mailbox, $xtra='', $session=false) { } $js .= "// -->\n". "\n"; - + $onload = 'onload="checkForm();"'; displayHtmlHeader ('SquirrelMail', $js); break; @@ -277,8 +291,8 @@ function displayPageHeader($color, $mailbox, $xtra='', $session=false) { echo "\n\n"; /** Here is the header and wrapping table **/ - $shortBoxName = imap_utf7_decode_local( - readShortMailboxName($mailbox, $delimiter)); + $shortBoxName = htmlspecialchars(imap_utf7_decode_local( + readShortMailboxName($mailbox, $delimiter))); if ( $shortBoxName == 'INBOX' ) { $shortBoxName = _("INBOX"); } @@ -387,7 +401,7 @@ function compose_Header($color, $mailbox) { "}\n". "}\n"; $js .= "// -->\n". - "\n"; + "\n"; $onload = 'onload="checkForm();"'; displayHtmlHeader (_("Compose"), $js); break;