X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=src%2Fsearch.php;h=89823839297db7c2308988e93116fed0089c153d;hb=ce20ea9260adccbf62ca895c7e372947c3007f21;hp=fcdbf000442cc43b71f1e009f9405aee5498937a;hpb=cf6cb8b1a952371f88b84f6bf556efb8408a628e;p=squirrelmail.git
diff --git a/src/search.php b/src/search.php
index fcdbf000..89823839 100644
--- a/src/search.php
+++ b/src/search.php
@@ -3,7 +3,7 @@
/**
* search.php
*
- * Copyright (c) 1999-2002 The SquirrelMail Project Team
+ * Copyright (c) 1999-2003 The SquirrelMail Project Team
* Licensed under the GNU GPL. For full terms see the file COPYING.
*
* $Id$
@@ -23,10 +23,10 @@ global $allow_thread_sort;
/* get globals we may need */
-$key = $_COOKIE['key'];
-$username = $_SESSION['username'];
-$onetimepad = $_SESSION['onetimepad'];
-$delimiter = $_SESSION['delimiter'];
+sqgetGlobalVar('username', $username, SQ_SESSION);
+sqgetGlobalVar('key', $key, SQ_COOKIE);
+sqgetGlobalVar('delimiter', $delimiter, SQ_SESSION);
+sqgetGlobalVar('onetimepad', $onetimepad, SQ_SESSION);
if (isset($_GET['mailbox'])) {
$mailbox = strip_tags($_GET['mailbox']);
@@ -238,32 +238,6 @@ $search_all = 'none';
$perbox_count = array ();
$recent_count = getPref($data_dir, $username, 'search_memory', 0);
-/* get globals we may need */
-
-$key = $_COOKIE['key'];
-$username = $_SESSION['username'];
-$onetimepad = $_SESSION['onetimepad'];
-$delimiter = $_SESSION['delimiter'];
-
-if (isset($_GET['mailbox'])) {
- $mailbox = strip_tags($_GET['mailbox']);
-}
-if (isset($_GET['submit'])) {
- $submit = strip_tags($_GET['submit']);
-}
-if (isset($_GET['what'])) {
- $what = $_GET['what'];
-}
-if (isset($_GET['where'])) {
- $where = strip_tags($_GET['where']);
-}
-if (isset($_GET['checkall'])) {
- $checkall = strip_tags($_GET['checkall']);
-}
-if (isset($_GET['count'])) {
- $count = strip_tags($_GET['count']);
-}
-
/* get mailbox names */
$imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
$boxes = sqimap_mailbox_list($imapConnection);
@@ -335,14 +309,14 @@ if ($saved_count > 0) {
} else {
echo html_tag( 'tr', '', '', $color[4] );
}
- echo html_tag( 'td', $saved_attributes['saved_folder'][$i], 'left', '', 'width="35%"' )
+ echo html_tag( 'td', imap_utf7_decode_local($saved_attributes['saved_folder'][$i]), 'left', '', 'width="35%"' )
. html_tag( 'td', $saved_attributes['saved_what'][$i], 'left' )
. html_tag( 'td', $saved_attributes['saved_where'][$i], 'center' )
. html_tag( 'td', '', 'right' )
. '' . _("edit") . ''
. ' | '
. ' 0) {
}
if (isset($attributes['search_what'][$i]) &&
!empty($attributes['search_what'][$i])) {
- echo html_tag( 'td', $attributes['search_folder'][$i], 'left', '', 'width="35%"' )
- . html_tag( 'td', $attributes['search_what'][$i], 'left' )
+ echo html_tag( 'td', imap_utf7_decode_local($attributes['search_folder'][$i]), 'left', '', 'width="35%"' )
+ . html_tag( 'td', htmlspecialchars($attributes['search_what'][$i]), 'left' )
. html_tag( 'td', $attributes['search_where'][$i], 'center' )
. html_tag( 'td', '', 'right' )
. ""
@@ -495,7 +469,7 @@ if ($search_all == 'all') {
$boxcount = count($boxes);
echo '
' .
_("Search Results") .
- "
\n";
+ "
\n";
for ($x=0;$x<$boxcount;$x++) {
if (!in_array('noselect', $boxes[$x]['flags'])) {
$mailbox = $boxes[$x]['unformatted'];