X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=src%2Fwebmail.php;h=dd0f536f62b5cc104d326d036cb97182f96a3f59;hb=c4faef335b2362c81b8ebf026d4066c12d70536c;hp=442a0d82c9d353c50e481806f7f4b1ded721a586;hpb=ebd2391cb0c5e3049870f90fa8a8b28707e9571a;p=squirrelmail.git diff --git a/src/webmail.php b/src/webmail.php index 442a0d82..dd0f536f 100644 --- a/src/webmail.php +++ b/src/webmail.php @@ -6,7 +6,7 @@ * shown can be given as parameters. If the user is not logged in * this file will verify username and password. * - * @copyright © 1999-2007 The SquirrelMail Project Team + * @copyright 1999-2020 The SquirrelMail Project Team * @license http://opensource.org/licenses/gpl-license.php GNU Public License * @version $Id$ * @package squirrelmail @@ -34,7 +34,7 @@ if (!sqgetGlobalVar('mailbox', $mailbox)) { sqgetGlobalVar('right_frame', $right_frame, SQ_GET); -if(!sqgetGlobalVar('mailtodata', $mailtodata)) { +if (sqgetGlobalVar('mailtodata', $mailtodata)) { $mailtourl = 'mailtodata='.urlencode($mailtodata); } else { $mailtourl = ''; @@ -63,6 +63,12 @@ if ($location_of_bar == '') { $location_of_bar = $temp_location_of_bar; } +// this value may be changed by a plugin, but initialize +// it first to avoid register_globals headaches +// +$right_frame_url = ''; +do_hook('webmail_top', $null); + // Determine the main frame URL /* * There are three ways to call webmail.php @@ -78,6 +84,11 @@ if ($location_of_bar == '') { * * The test for // should catch any attempt to include off-site webpages into * our frameset. + * + * Note that plugins are allowed to completely and freely override the URI + * used for the "right" (content) frame, and they do so by modifying the + * global variable $right_frame_url. + * */ if (empty($right_frame) || (strpos(urldecode($right_frame), '//') !== false)) { $right_frame = ''; @@ -87,27 +98,29 @@ if ( strpos($right_frame,'?') ) { } else { $right_frame_file = $right_frame; } -switch($right_frame) { - case 'right_main.php': - $right_frame_url = "right_main.php?mailbox=".urlencode($mailbox) - . (!empty($sort)?"&sort=$sort":'') - . (!empty($startMessage)?"&startMessage=$startMessage":''); - break; - case 'options.php': - $right_frame_url = 'options.php'; - break; - case 'folders.php': - $right_frame_url = 'folders.php'; - break; - case 'compose.php': - $right_frame_url = 'compose.php?' . $mailtourl; - break; - case '': - $right_frame_url = 'right_main.php'; - break; - default: - $right_frame_url = urlencode($right_frame); - break; +if (empty($right_frame_url)) { + switch($right_frame) { + case 'right_main.php': + $right_frame_url = "right_main.php?mailbox=".urlencode($mailbox) + . (!empty($sort)?"&sort=$sort":'') + . (!empty($startMessage)?"&startMessage=$startMessage":''); + break; + case 'options.php': + $right_frame_url = 'options.php'; + break; + case 'folders.php': + $right_frame_url = 'folders.php'; + break; + case 'compose.php': + $right_frame_url = 'compose.php?' . $mailtourl; + break; + case '': + $right_frame_url = 'right_main.php'; + break; + default: + $right_frame_url = urlencode($right_frame); + break; + } } $oErrorHandler->setDelayedErrors(true); @@ -116,8 +129,6 @@ $oTemplate->assign('nav_size', $left_size); $oTemplate->assign('nav_on_left', $location_of_bar=='left'); $oTemplate->assign('right_frame_url', $right_frame_url); -do_hook('webmail_top', $null); - displayHtmlHeader($org_title, '', false, true); $oTemplate->display('webmail.tpl');