X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=src%2Fimage.php;h=574c9adc427cac5870da3bb3fef49721ae7c73c0;hb=f38b7cf06c3343a7fead417d90bd67d291f5dc29;hp=b695b5d33d3516d1ed7f19c1ec7a32784fb4c884;hpb=24fc49052db9408811aadf5b2e2740371553ace2;p=squirrelmail.git
diff --git a/src/image.php b/src/image.php
index b695b5d3..574c9adc 100644
--- a/src/image.php
+++ b/src/image.php
@@ -3,7 +3,7 @@
/**
* image.php
*
- * Copyright (c) 1999-2002 The SquirrelMail Project Team
+ * Copyright (c) 1999-2003 The SquirrelMail Project Team
* Licensed under the GNU GPL. For full terms see the file COPYING.
*
* This file shows an attached image
@@ -16,6 +16,7 @@ define('SM_PATH','../');
/* SquirrelMail required files. */
require_once(SM_PATH . 'include/validate.php');
+require_once(SM_PATH . 'functions/global.php');
require_once(SM_PATH . 'functions/date.php');
require_once(SM_PATH . 'functions/page_header.php');
require_once(SM_PATH . 'functions/html.php');
@@ -24,10 +25,12 @@ require_once(SM_PATH . 'include/load_prefs.php');
displayPageHeader($color, 'None');
/* globals */
-$mailbox = $_GET['mailbox'];
-$passed_id = $_GET['passed_id'];
-$ent_id = $_GET['ent_id'];
-$QUERY_STRING = $_SERVER['QUERY_STRING'];
+if ( sqgetGlobalVar('passed_id', $temp, SQ_GET) ) {
+ $passed_id = (int) $temp;
+}
+sqgetGlobalVar('mailbox', $mailbox, SQ_GET);
+sqgetGlobalVar('ent_id', $ent_id, SQ_GET);
+sqgetGlobalVar('QUERY_STRING', $QUERY_STRING, SQ_SERVER);
/* end globals */
echo '
' .
@@ -44,7 +47,7 @@ echo ''. _("View message") . '';
$DownloadLink = '../src/download.php?passed_id=' . $passed_id .
'&mailbox=' . urlencode($mailbox) .
- '&ent_id=' . $ent_id . '&absolute_dl=true';
+ '&ent_id=' . urlencode($ent_id) . '&absolute_dl=true';
echo '' . "\n" .
'