X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=src%2Faddrbook_search_html.php;h=91b9e04a4be4f536a978358ab39afab93a28deae;hb=895905c0f766ea03e85deab260b4bb1522dd0e3c;hp=7dcc067ca88b3f564a0774e87bea82173b2e3678;hpb=c9e9b23cbdad092a5d0dc36ed6f5d6db72e1f037;p=squirrelmail.git

diff --git a/src/addrbook_search_html.php b/src/addrbook_search_html.php
index 7dcc067c..91b9e04a 100644
--- a/src/addrbook_search_html.php
+++ b/src/addrbook_search_html.php
@@ -1,4 +1,5 @@
 <?php
+
    /**
     **  addrbook_search.php
     **
@@ -16,45 +17,34 @@
     **  $Id$
     **/
 
-   session_start();
-
-   if (!isset($config_php))
-      include('../config/config.php');
-   if (!isset($strings_php))
-      include('../functions/strings.php');
-   if (!isset($auth_php))
-      include('../functions/auth.php');
-   if (!isset($page_header_php))
-      include('../functions/page_header.php');
-   if (!isset($date_php))
-      include('../functions/date.php');
-   if (!isset($smtp_php))
-      include('../functions/smtp.php');
-   if (!isset($display_messages_php))
-      include('../functions/display_messages.php');
-   if (!isset($addressbook_php))
-      include('../functions/addressbook.php');
-   if (!isset($plugin_php))
-      include('../functions/plugin.php');
-
-   include('../src/load_prefs.php');
+   require_once('../src/validate.php');
+   require_once('../functions/date.php');
+   require_once('../functions/smtp.php');
+   require_once('../functions/display_messages.php');
+   require_once('../functions/addressbook.php');
+   require_once('../functions/plugin.php');
 
    // Insert hidden data
    function addr_insert_hidden() {
-      global $body, $subject, $send_to, $send_to_cc, $send_to_bcc;
+      global $body, $subject, $send_to, $send_to_cc, $send_to_bcc, $mailbox,
+         $identity;
       
       echo '<input type=hidden value="';
       if (substr($body, 0, 1) == "\r")
           echo "\n";
-      echo htmlspecialchars($body) . '" name=body>\n"';
+      echo htmlspecialchars($body) . '" name=body>' . "\n";
       echo '<input type=hidden value="' . htmlspecialchars($subject)
-          . '" name=subject>\n"';
+          . '" name=subject>' . "\n";
       echo '<input type=hidden value="' . htmlspecialchars($send_to)
-          . '" name=send_to>\n"';
+          . '" name=send_to>' . "\n";
       echo "<input type=hidden value=\"" . htmlspecialchars($send_to_cc)
-          . '" name=send_to_cc>\n"';
+          . '" name=send_to_cc>' . "\n";
       echo "<input type=hidden value=\"" . htmlspecialchars($send_to_bcc)
-          . '" name=send_to_bcc>\n"';
+          . '" name=send_to_bcc>' . "\n";
+      echo "<input type=hidden value=\"" . htmlspecialchars($identity)
+          . '" name=identity>' . "\n";
+      echo "<input type=hidden name=mailbox value=\"" .
+          htmlspecialchars($mailbox) . "\">\n";
       echo "<input type=hidden value=\"true\" name=from_htmladdr_search>\n";
    }
 
@@ -65,8 +55,9 @@
 
       if(sizeof($res) <= 0) return;
 
-      printf('<FORM METHOD=post ACTION="%s?html_addr_search_done=true">'."\n",
-             $PHP_SELF);
+      echo '<form method=post action="' . $PHP_SELF . "\">\n";
+      echo '<input type=hidden name="html_addr_search_done" value="true">';
+      echo "\n";
       addr_insert_hidden();
       $line = 0;
 
@@ -81,21 +72,23 @@
 
       print "</TR>\n";
       
-      while(list($undef, $row) = each($res)) {
-         printf("<tr%s nowrap><td nowrap align=center width=\"5%%\">".
-                "<input type=checkbox name=\"send_to_search[]\" value=\"%s\">&nbsp;To".
-                "<input type=checkbox name=\"send_to_cc_search[]\" value=\"%s\">&nbsp;Cc&nbsp;".
-                "<td nowrap>&nbsp;%s&nbsp;<td nowrap>&nbsp;".
-                "%s".
-                "<td nowrap>&nbsp;%s&nbsp;",
-                ($line % 2) ? " bgcolor=\"$color[0]\"" : "", 
-                htmlspecialchars($row["email"]), htmlspecialchars($row["email"]), 
-                $row["name"], $row["email"], $row["label"]);
+      foreach ($res as $row) {
+         echo '<tr';
+	 if ($line % 2) echo ' bgcolor="' . $color[0] . '"';
+	 echo ' nowrap><td nowrap align=center width="5%">';
+	 echo '<input type=checkbox name="send_to_search[T' . $line . ']" value = "' .
+	    htmlspecialchars($row['email']) . '">&nbsp;To&nbsp;';
+	 echo '<input type=checkbox name="send_to_search[C' . $line . ']" value = "' .
+	    htmlspecialchars($row['email']) . '">&nbsp;Cc&nbsp;';
+	 echo '<input type=checkbox name="send_to_search[B' . $line . ']" value = "' .
+	    htmlspecialchars($row['email']) . '">&nbsp;Bcc&nbsp;';
+         echo '</td><td nowrap>&nbsp;' . $row['name'] . '&nbsp;</td>';
+	 echo '<td nowrap>&nbsp;' . $row['email'] . '&nbsp;</td>';
+	 echo '<td nowrap>&nbsp;' . $row['label'] . '&nbsp;</td>';
          if($includesource)
-            printf("<td nowrap>&nbsp;%s", $row["source"]);
-         
-         print "</TR>\n";
-         $line++;
+	    echo '<td nowrap>&nbsp;' . $row['source'] . '&nbsp;</td>';
+	 echo "</tr>\n";
+	 $line ++;
       }
       printf('<TR><TD ALIGN=center COLSPAN=%d><INPUT TYPE=submit '.
              'NAME="addr_search_done" VALUE="%s"></TD></TR>',
@@ -108,17 +101,12 @@
 
    // --- End functions ---
 
-   displayPageHeader($color, 'None');
-
+   global $mailbox;
+   displayPageHeader($color, $mailbox);
+   
    // Initialize addressbook
    $abook = addressbook_init();
 
-   $body = sqStripSlashes($body);
-   $send_to = sqStripSlashes($send_to);
-   $send_to_cc = sqStripSlashes($send_to_cc);
-   $send_to_bcc = sqStripSlashes($send_to_bcc);
-   $subject = sqStripSlashes($subject);
-
 ?>
 
 <br>
@@ -137,11 +125,12 @@
    printf("  <nobr><STRONG>%s</STRONG>\n", _("Search for"));
    addr_insert_hidden();
    if (! isset($addrquery))
-       $addrquery = "";
+       $addrquery = '';
    printf("  <INPUT TYPE=text NAME=addrquery VALUE=\"%s\" SIZE=26>\n",
           htmlspecialchars($addrquery));
 
    // List all backends to allow the user to choose where to search
+   if(!isset($backend)) $backend = "";
    if($abook->numbackends > 1) {
       printf("<STRONG>%s</STRONG>&nbsp;<SELECT NAME=backend>\n", 
              _("in"));
@@ -171,10 +160,10 @@
    // End search form
 
    // Show personal addressbook
-   if(!isset($addrquery) || !empty($listall)) {
+   if($addrquery == '' || !empty($listall)) {
 
-      if(! isset($backend) || $backend != -1 || !isset($addrquery)) {
-         if(!isset($addrquery)) 
+      if(! isset($backend) || $backend != -1 || $addrquery == '') {
+         if($addrquery == '')
             $backend = $abook->localbackend;
 
          //printf("<H3 ALIGN=center>%s</H3>\n", $abook->backends[$backend]->sname);
@@ -217,7 +206,7 @@
       }
    }
 
-   if (!$addrquery || sizeof($res) == 0) {  
+   if ($addrquery == '' || sizeof($res) == 0) {  
       printf('<center><FORM METHOD=post NAME=k ACTION="compose.php">'."\n", $PHP_SELF);
       addr_insert_hidden();
       printf("<INPUT TYPE=submit VALUE=\"%s\" NAME=return>\n", _("Return"));
