Onclick handler should not be submitted as HTML but only as the onclick contents...

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@12241 7612ce4b-ef26-0410-bec9-ea0150e637f0

diff --git a/src/read_body.php b/src/read_body.php
index 2f653e681d78f82e0ef5fcb66faf4f19fba88ae7..514974119f31f7b8a35fcd721812a1ce9c4e113b 100644 (file)
--- a/src/read_body.php
+++ b/src/read_body.php
@@ -563,7 +563,7 @@ function formatMenubar($aMailbox, $passed_id, $passed_ent_id, $message, $removed
             $compose_height = '550';
         }
         if ( checkForJavascript() ) {
-          $on_click=' onclick="comp_in_new_form(\''.$comp_uri.'\', this, this.form,'. $compose_width .',' . $compose_height .')"';
+          $on_click='comp_in_new_form(\''.$comp_uri.'\', this, this.form,'. $compose_width .',' . $compose_height .')';
           $comp_uri = 'javascript:void(0)';
           $method='get';
           $onsubmit = 'return false';

diff --git a/templates/default/read_menubar_buttons.tpl b/templates/default/read_menubar_buttons.tpl
index e94b8052dd4e8094fccea08e9a4325d747661886..4f0e4a6f3829feb36612cc38a96f6c3a1d4ca4df 100644 (file)
--- a/templates/default/read_menubar_buttons.tpl
+++ b/templates/default/read_menubar_buttons.tpl
@@ -23,7 +23,7 @@
  *    $form_onsubmit - The value of the <form>'s onsubmit handler (optional, may be blank)
  *    $compose_href  - Base URL to forward, reply, etc.  Note that a specific action
  *                     must also be given by the form or in this URL.
- *    $on_click      - Onclick event string for all buttons
+ *    $button_onclick - Onclick event string for all buttons
  *    $forward_as_attachment_enabled - boolean TRUE if forwarding as attachments
  *                     has been enabled.
  *    $can_resume_draft - boolean TRUE if the "resume draft" is legitimate for
@@ -87,18 +87,18 @@ if ($nav_on_top) {
     <?php
         if ($can_resume_draft) {
             ?>
-    <input type="submit" name="smaction_draft" value="<?php echo _("Resume Draft"); ?>" <?php echo $button_onclick; ?> />&nbsp;
+    <input type="submit" name="smaction_draft" value="<?php echo _("Resume Draft"); ?>" onclick="<?php echo $button_onclick; ?>" />&nbsp;
             <?php
         } elseif ($can_edit_as_new) {
             ?>
-    <input type="submit" name="smaction_edit_new" value="<?php echo _("Edit Message as New"); ?>" <?php echo $button_onclick; ?> />&nbsp;
+    <input type="submit" name="smaction_edit_new" value="<?php echo _("Edit Message as New"); ?>" onclick="<?php echo $button_onclick; ?>" />&nbsp;
             <?php
         }
     ?>
-    <input type="submit" name="smaction_reply" value="<?php echo _("Reply"); ?>" <?php echo $button_onclick; ?> />&nbsp;
-    <input type="submit" name="smaction_reply_all" value="<?php echo _("Reply All"); ?>" <?php echo $button_onclick; ?> />
+    <input type="submit" name="smaction_reply" value="<?php echo _("Reply"); ?>" onclick="<?php echo $button_onclick; ?>" />&nbsp;
+    <input type="submit" name="smaction_reply_all" value="<?php echo _("Reply All"); ?>" onclick="<?php echo $button_onclick; ?>" />
     &nbsp;&nbsp;|&nbsp;&nbsp;
-    <input type="submit" name="smaction_forward" value="<?php echo _("Forward"); ?>" <?php echo $button_onclick; ?> />
+    <input type="submit" name="smaction_forward" value="<?php echo _("Forward"); ?>" onclick="<?php echo $button_onclick; ?>" />
     <?php
     if ($forward_as_attachment_enabled) {
         ?>

diff --git a/templates/default_advanced/read_menubar_buttons.tpl b/templates/default_advanced/read_menubar_buttons.tpl
index 718df70235036ed951369a62e5e18ae97bec4d5d..c2566460a40ae56c35d5798cce79eff963d92d4b 100644 (file)
--- a/templates/default_advanced/read_menubar_buttons.tpl
+++ b/templates/default_advanced/read_menubar_buttons.tpl
@@ -23,7 +23,7 @@
  *    $form_onsubmit - The value of the <form>'s onsubmit handler (optional, may be blank)
  *    $compose_href  - Base URL to forward, reply, etc.  Note that a specific action
  *                     must also be given by the form or in this URL.
- *    $on_click      - Onclick event string for all buttons
+ *    $button_onclick - Onclick event string for all buttons
  *    $forward_as_attachment_enabled - boolean TRUE if forwarding as attachments
  *                     has been enabled.
  *    $can_resume_draft - boolean TRUE if the "resume draft" is legitimate for
@@ -103,18 +103,18 @@ if ($nav_on_top) {
     <?php
         if ($can_resume_draft) {
             ?>
-    <input type="submit" name="smaction_draft" value="<?php echo _("Resume Draft"); ?>" <?php echo $button_onclick; ?> />&nbsp;
+    <input type="submit" name="smaction_draft" value="<?php echo _("Resume Draft"); ?>" onclick="<?php echo $button_onclick; ?>" />&nbsp;
             <?php
         } elseif ($can_edit_as_new) {
             ?>
-    <input type="submit" name="smaction_edit_new" value="<?php echo _("Edit Message as New"); ?>" <?php echo $button_onclick; ?> />&nbsp;
+    <input type="submit" name="smaction_edit_new" value="<?php echo _("Edit Message as New"); ?>" onclick="<?php echo $button_onclick; ?>" />&nbsp;
             <?php
         }
     ?>
-    <input type="submit" name="smaction_reply" value="<?php echo _("Reply"); ?>" <?php echo $button_onclick; ?> />&nbsp;
-    <input type="submit" name="smaction_reply_all" value="<?php echo _("Reply All"); ?>" <?php echo $button_onclick; ?> />
+    <input type="submit" name="smaction_reply" value="<?php echo _("Reply"); ?>" onclick="<?php echo $button_onclick; ?>" />&nbsp;
+    <input type="submit" name="smaction_reply_all" value="<?php echo _("Reply All"); ?>" onclick="<?php echo $button_onclick; ?>" />
     &nbsp;&nbsp;|&nbsp;&nbsp;
-    <input type="submit" name="smaction_forward" value="<?php echo _("Forward"); ?>" <?php echo $button_onclick; ?> />
+    <input type="submit" name="smaction_forward" value="<?php echo _("Forward"); ?>" onclick="<?php echo $button_onclick; ?>" />
     <?php
     if ($forward_as_attachment_enabled) {
         ?>