X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=src%2Foptions_identities.php;h=e8cc6aed8ccff679782f21646f107dc0b007cc4b;hb=8e7dcd9f64dc849e854c3ba96d7e138854bc134b;hp=e6f348d4706d3f8273534578f3fd962a0f75fc65;hpb=bf02c8834033349407d2b2235f64be28f2ace107;p=squirrelmail.git diff --git a/src/options_identities.php b/src/options_identities.php index e6f348d4..e8cc6aed 100644 --- a/src/options_identities.php +++ b/src/options_identities.php @@ -5,7 +5,7 @@ * * Display Identities Options * - * @copyright © 1999-2006 The SquirrelMail Project Team + * @copyright 1999-2020 The SquirrelMail Project Team * @license http://opensource.org/licenses/gpl-license.php GNU Public License * @version $Id$ * @package squirrelmail @@ -13,6 +13,9 @@ * @since 1.1.3 */ +/** This is the options_identities page */ +define('PAGE_NAME', 'options_identities'); + /** * Include the SquirrelMail initialization file. */ @@ -20,6 +23,7 @@ require('../include/init.php'); /* SquirrelMail required files. */ require_once(SM_PATH . 'functions/identity.php'); +require_once(SM_PATH . 'functions/forms.php'); /* make sure that page is not available when $edit_identity is false */ if (!$edit_identity) { @@ -34,10 +38,14 @@ if (!sqgetGlobalVar('identities', $identities, SQ_SESSION)) { sqgetGlobalVar('newidentities', $newidentities, SQ_POST); sqgetGlobalVar('smaction', $smaction, SQ_POST); sqgetGlobalVar('return', $return, SQ_POST); +sqgetGlobalVar('smtoken', $submitted_token, SQ_POST, ''); // First lets see if there are any actions to perform // if (!empty($smaction) && is_array($smaction)) { + // first do a security check + sm_validate_security_token($submitted_token, -1, TRUE); + $doaction = ''; $identid = 0; @@ -61,54 +69,55 @@ if (!empty($return)) { exit; } -displayPageHeader($color, 'None'); +displayPageHeader($color); /* since 1.1.3 */ -do_hook('options_identities_top'); +do_hook('options_identities_top', $null); + +$i = array(); +foreach ($identities as $key=>$ident) { + $a = array(); + $a['Title'] = $key==0 ? _("Default Identity") : sprintf(_("Alternate Identity %d"), $key); + $a['New'] = false; + $a['Default'] = $key==0; + $a['FullName'] = sm_encode_html_special_chars($ident['full_name']); + $a['Email'] = sm_encode_html_special_chars($ident['email_address']); + $a['ReplyTo'] = sm_encode_html_special_chars($ident['reply_to']); + $a['Signature'] = sm_encode_html_special_chars($ident['signature']); + $i[$key] = $a; +} -$td_str = ''; -$td_str .= '

' . "\n"; -$td_str .= '' . "\n"; -$cnt = count($identities); -foreach( $identities as $iKey=>$ident ) { +$a = array(); +$a['Title'] = _("Add New Identity"); +$a['New'] = true; +$a['Default'] = false; +$a['FullName'] = ''; +$a['Email'] = ''; +$a['ReplyTo'] = ''; +$a['Signature'] = ''; +$i[count($i)] = $a; - if ($iKey == 0) { - $hdr_str = _("Default Identity"); - } else { - $hdr_str = sprintf( _("Alternate Identity %d"), $iKey); - } +//FIXME: NO HTML IN THE CORE +echo '' . "\n" + . addHidden('smtoken', sm_generate_security_token()) . "\n"; - $td_str .= ShowIdentityInfo( $hdr_str, $ident, $iKey ); +$oTemplate->assign('identities', $i); +$oTemplate->display('options_advidentity_list.tpl'); -} +//FIXME: NO HTML IN THE CORE +echo "\n"; + +$oTemplate->display('footer.tpl'); -$td_str .= ShowIdentityInfo( _("Add a New Identity"), array('full_name'=>'','email_address'=>'','reply_to'=>'','signature'=>''), $cnt); -$td_str .= '
' . "\n"; -$td_str .= ''; - -echo '
' . "\n" . - html_tag('table', "\n" . - html_tag('tr', "\n" . - html_tag('td' , "\n" . - '' . _("Options") . ' - ' . _("Advanced Identities") . '
' . - html_tag('table', "\n" . - html_tag('tr', "\n" . - html_tag('td', "\n" . - html_tag('table' , "\n" . - html_tag('tr' , "\n" . - html_tag('td', "\n" . $td_str ,'','', 'style="text-align:center;"') - ), - '', '', 'width="80%" cellpadding="2" cellspacing="0" border="0"' ) , - 'center', $color[4]) - ), - '', '', 'width="100%" border="0" cellpadding="1" cellspacing="1"' )) , - 'center', $color[0]), - 'center', '', 'width="95%" border="0" cellpadding="2" cellspacing="0"' ) . ''; +/** + * The functions below should not be needed with the additions of templates, + * however they will remain in case plugins use them. + */ /** * Returns html formated identity form fields * - * Contains options_identities_buttons and option_identities_table hooks. + * Contains options_identities_buttons and options_identities_table hooks. * Before 1.4.5/1.5.1 hooks were placed in ShowTableInfo() function. * In 1.1.3-1.4.1 they were called in do_hook function with two or * three arguments. Since 1.4.1 hooks are called in concat_hook_function. @@ -145,6 +154,7 @@ function ShowIdentityInfo($title, $identity, $id ) { $return_str = ''; +//FIXME: NO HTML IN THE CORE $return_str .= '' . "\n"; $return_str .= ' ' . $title . ' '. "\n"; $return_str .= '' . "\n"; @@ -152,7 +162,8 @@ function ShowIdentityInfo($title, $identity, $id ) { $return_str .= sti_input( _("E-Mail Address") , sprintf($name, $id, 'email_address'), $identity['email_address'], $bg); $return_str .= sti_input( _("Reply To"), sprintf($name, $id, 'reply_to'), $identity['reply_to'], $bg); $return_str .= sti_textarea( _("Signature"), sprintf($name, $id, 'signature'), $identity['signature'], $bg); - $return_str .= concat_hook_function('options_identities_table', array($bg, $empty, $id)); + $temp = array(&$bg, &$empty, &$id); + $return_str .= concat_hook_function('options_identities_table', $temp); $return_str .= ' ' . "\n"; $return_str .= '   ' . "\n"; $return_str .= ' ' . "\n"; @@ -168,7 +179,8 @@ function ShowIdentityInfo($title, $identity, $id ) { } - $return_str .= concat_hook_function('options_identities_buttons', array($empty, $id)); + $temp = array(&$empty, &$id); + $return_str .= concat_hook_function('options_identities_buttons', $temp); $return_str .= ' ' . "\n"; $return_str .= '' . "\n"; $return_str .= '' . "\n"; @@ -183,7 +195,7 @@ function ShowIdentityInfo($title, $identity, $id ) { * Creates html formated table row with input field * @param string $title Name displayed next to input field * @param string $name Name of input field - * @param string $data Default value of input field (data is sanitized with htmlspecialchars) + * @param string $data Default value of input field (data is sanitized with sm_encode_html_special_chars) * @param string $bgcolor html attributes added to row element (tr) * @return string html formated table row with text input field * @since 1.2.0 (arguments differ since 1.4.5/1.5.1) @@ -191,10 +203,11 @@ function ShowIdentityInfo($title, $identity, $id ) { * @access private */ function sti_input( $title, $name, $data, $bgcolor ) { +//FIXME: NO HTML IN THE CORE $str = ''; $str .= '\n"; $str .= ' ' . $title . ' ' . "\n"; - $str .= ' ' . "\n"; + $str .= ' ' . "\n"; $str .= ''; return $str; @@ -205,7 +218,7 @@ function sti_input( $title, $name, $data, $bgcolor ) { * Creates html formated table row with textarea field * @param string $title Name displayed next to textarea field * @param string $name Name of textarea field - * @param string $data Default value of textarea field (data is sanitized with htmlspecialchars) + * @param string $data Default value of textarea field (data is sanitized with sm_encode_html_special_chars) * @param string $bgcolor html attributes added to row element (tr) * @return string html formated table row with textarea * @since 1.2.5 (arguments differ since 1.4.5/1.5.1) @@ -213,14 +226,14 @@ function sti_input( $title, $name, $data, $bgcolor ) { * @access private */ function sti_textarea( $title, $name, $data, $bgcolor ) { +//FIXME: NO HTML IN THE CORE $str = ''; $str .= '\n"; $str .= ' ' . $title . ' ' . "\n"; - $str .= ' ' . "\n"; + $str .= ' ' . "\n"; $str .= ''; return $str; } -?> \ No newline at end of file