require_once(SM_PATH . 'functions/imap.php');
require_once(SM_PATH . 'functions/imap_mailbox.php');
require_once(SM_PATH . 'include/load_prefs.php');
+require_once(SM_PATH . 'functions/forms.php');
require_once(SM_PATH . 'plugins/filters/filters.php');
global $AllowSpamFilters;
'</tr>'.
'</table>'.
'<input type="submit" name="filter_submit" value="' . _("Submit") . "\" />\n".
- '<input type="hidden" name="theid" value="' . $theid . "\" />\n".
+ addHidden('theid', $theid).
'</form>'.
'</div>';
) ,
'center', '', 'width="80%" border="0" cellpadding="2" cellspacing="0"' );
echo '</body></html>';
-?>
\ No newline at end of file
+?>
$fortune_location = '/usr/games/fortune';
$exist = file_exists($fortune_location);
- echo "<center><table cellpadding=0 cellspacing=0 border=0 bgcolor=$color[10]><tr><td><table width=100% cellpadding=2 cellspacing=1 border=0 bgcolor=\"$color[5]\"><tr><td align=center>";
- echo '<TABLE><TR><TD>';
+ echo "<center><table cellpadding=\"0\" cellspacing=\"0\" border=\"0\" bgcolor=\"$color[10]\">\n".
+ "<tr><td><table width=\"100%\" cellpadding=\"2\" cellspacing=\"1\" border=\"0\" bgcolor=\"$color[5]\">\n".
+ "<tr><td align=\"center\">\n";
+ echo '<table><tr><td>';
if (!$exist) {
echo "$fortune_location" . _(" not found.");
} else {
- echo "<
CENTER><FONT=3><EM>" . _("Today's Fortune") . "</EM><BR></FONT></CENTER><pre>";
- system($fortune_location);
+ echo "<
center><em>" . _("Today's Fortune") . "</em><br></font></center><pre>";
+ htmlspecialchars(system($fortune_location));
}
- echo '</pre></TD></TR></TABLE></td></tr></table></td></tr></table></center>';
+ echo '</pre></td></tr></table></td></tr></table></td></tr></table></center>';
}
/**
}
}
-?>
\ No newline at end of file
+?>
*/
function imap_test($imap_stream, $string) {
global $default_charset;
- print "<TR><TD>".$string."</TD></TR>";
+ print "<tr><td>".htmlspecialchars($string)."</td></tr>";
$response = sqimap_run_command_list($imap_stream, trim($string),false, $responses, $message,false);
array_push($response, $responses . ' ' .$message);
return $response;
print_response($value);
}
else {
- $value = preg_replace("/</", "<", $value);
- $value = preg_replace("/>/", ">", $value);
- print $value."<BR>\n";
+ print htmlspecialchars($value)."<br />\n";
}
}
}
require_once(SM_PATH . 'include/validate.php');
require_once(SM_PATH . 'functions/page_header.php');
require_once(SM_PATH . 'functions/imap.php');
+require_once(SM_PATH . 'functions/forms.php');
require_once(SM_PATH . 'plugins/info/functions.php');
global $username, $color, $folder_prefix, $default_charset;
print "<TR><TD BGCOLOR=".$color[4]."><B>Server Capability response:</B><BR>\n";
foreach($caps_array[0] as $value) {
- print $value;
+ print htmlspecialchars($value);
}
print "</TD></TR><TR><TD>\n";
if (!isset($submit) || $submit == 'default') {
- print "<BR><SMALL><FONT COLOR=".$color[6].">Select the IMAP commands you would like to run. Most commands require a selected mailbox so the select command is already setup. You can clear all the commands and test your own IMAP command strings. The commands are executed in order. The default values are simple IMAP commands using your default_charset and folder_prefix from Squirrelmail when needed.<BR><BR><B><CENTER>NOTE: These commands are live, any changes made will effect your current email account.</B></CENTER></FONT></SMALL><BR>\n";
+ print "<br><small><font color=".$color[6].">Select the IMAP commands you would like to run.
+ Most commands require a selected mailbox so the select command is already setup.
+ You can clear all the commands and test your own IMAP command strings. The commands are
+ executed in order. The default values are simple IMAP commands using your default_charset
+ and folder_prefix from SquirrelMail when needed.<br><br>
+ <b><center>NOTE: These commands are live, any changes made will effect your current
+ email account.</b></center></font></small><br>\n";
if (!isset($submit)) {
$submit = '';
}
}
else {
- print "folder_prefix = $folder_prefix<BR>\n";
- print "default_charset = $default_charset\n";
+ print 'folder_prefix = ' . htmlspecialchars($folder_prefix)."<br />\n" .
+ 'default_charset = '.htmlspecialchars($default_charset)."\n";
}
-print "<BR></TD></TR></TABLE></CENTER><BR>\n";
+print "<br /></td></tr></table></center><br />\n";
if ($submit == 'submit') {
print " CHECKED";
}
print "></TD><TD WIDTH=\"30%\">$index</TD><TD WIDTH=\"60%\">\n";
- print "<INPUT TYPE=TEXT NAME=$index VALUE='$value' SIZE=60>\n";
+ print addInput($index, $value, 60);
}
-print "</TD></TR></TABLE></CENTER><BR>\n";
-print "<CENTER><INPUT TYPE=SUBMIT NAME=submit value=submit>\n";
-print "<INPUT TYPE=SUBMIT NAME=submit value=clear>\n";
-print "<INPUT TYPE=SUBMIT NAME=submit value=default></CENTER><BR>\n";
+print "</td></tr></table></center><br>\n";
+print "<center>".
+ addSubmit('submit','submit').
+ addSubmit('clear','submit').
+ addSubmit('default','submit').
+ "</center><br>\n";
$tests = array();
Mail_Fetch_Status(_("Opening POP server"));
$Count = $pop3->login($mailfetch_user, $mailfetch_pass);
if (($Count == false || $Count == -1) && $pop3->ERROR != '') {
- Mail_Fetch_Status(_("Login Failed:") . ' ' . $pop3->ERROR );
+ Mail_Fetch_Status(_("Login Failed:") . ' ' . htmlspecialchars($pop3->ERROR) );
continue;
}
if( $pop3->delete($i) ) {
Mail_Fetch_Status(_("Message ") . $i . _(" deleted from Remote Server!"));
} else {
- Mail_Fetch_Status(_("Delete failed:") . $pop3->ERROR );
+ Mail_Fetch_Status(_("Delete failed:") . htmlspecialchars($pop3->ERROR) );
}
}
} else {
html_tag( 'td',
"<INPUT TYPE=\"hidden\" NAME=\"mf_sn\" VALUE=\"$mf_sn\">" .
'<INPUT TYPE="hidden" NAME="mf_action" VALUE="confirm_delete">' .
- '<br>' . _("Selected Server:") . " <b>" . htmlentities($mailfetch_server_[$mf_sn]) . "</b><br>" .
+ '<br>' . _("Selected Server:") . " <b>" . htmlspecialchars($mailfetch_server_[$mf_sn]) . "</b><br>" .
_("Confirm delete of selected server?") . '<br><br>' .
'<input type=submit name=submit_mailfetch value="' . _("Confirm Delete") . '">' .
'<br></form>' ,
html_tag( 'table' ) .
html_tag( 'tr',
html_tag( 'th', _("Server:"), 'right' ) .
- html_tag( 'td', '<input type="text" name="mf_server" value="' . htmlentities($mailfetch_server_[$mf_sn]) . '" size="40">', 'left' )
+ html_tag( 'td', '<input type="text" name="mf_server" value="' .
+ htmlspecialchars($mailfetch_server_[$mf_sn]) . '" size="40">', 'left' )
) .
html_tag( 'tr',
html_tag( 'th', _("Port:"), 'right' ) .
- html_tag( 'td', '<input type="text" name="mf_port" value="' . $mailfetch_port_[$mf_sn] . '" size="40">', 'left' )
+ html_tag( 'td', '<input type="text" name="mf_port" value="' .
+ htmlspecialchars($mailfetch_port_[$mf_sn]) . '" size="40">', 'left' )
) .
html_tag( 'tr',
html_tag( 'th', _("Alias:"), 'right' ) .
- html_tag( 'td', '<input type="text" name="mf_alias" value="' . htmlentities($mailfetch_alias_[$mf_sn]) . '" size="40">', 'left' )
+ html_tag( 'td', '<input type="text" name="mf_alias" value="' .
+ htmlspecialchars($mailfetch_alias_[$mf_sn]) . '" size="40">', 'left' )
) .
html_tag( 'tr',
html_tag( 'th', _("Username:"), 'right' ) .
- html_tag( 'td', '<input type="text" name="mf_user" value="' . $mailfetch_user_[$mf_sn] . '" size="20">', 'left' )
+ html_tag( 'td', '<input type="text" name="mf_user" value="' .
+ htmlspecialchars($mailfetch_user_[$mf_sn]) . '" size="20">', 'left' )
) .
html_tag( 'tr',
html_tag( 'th', _("Password:"), 'right' ) .
- html_tag( 'td', '<input type="password" name="mf_pass" value="' . $mailfetch_pass_[$mf_sn] . '" size="20">', 'left' )
+ html_tag( 'td', '<input type="password" name="mf_pass" value="' .
+ htmlspecialchars($mailfetch_pass_[$mf_sn]) . '" size="20">', 'left' )
) .
html_tag( 'tr' ) .
html_tag( 'th', _("Store in Folder:"), 'right' ) .
if ($fname == $media) {
echo 'selected ';
}
- echo 'value="' . $fname . '">' . $entry . "</option>\n";
+ echo 'value="' . htmlspecialchars($fname) . '">' .
+ htmlspecialchars($entry) . "</option>\n";
}
}
$d->close();
'</tr>'.
html_tag( 'tr', "\n" .
html_tag( 'td', _("Current File:"), 'right', '', 'nowrap' ) .
- html_tag( 'td', '<input type="hidden" value="' . $media . '" name="media_default">' . $media . '', 'left' )
+ html_tag( 'td', '<input type="hidden" value="' .
+ htmlspecialchars($media) . '" name="media_default">' .
+ htmlspecialchars($media) . '', 'left' )
) . "\n";
}
echo html_tag( 'tr', "\n" .
}
if ($totalNew > 0 && $newmail_enable == 'on' && $newmail_media != '' ) {
- echo "<EMBED SRC=\"$newmail_media\" HIDDEN=TRUE AUTOSTART=TRUE>\n";
+ echo '<EMBED SRC="'.htmlspecialchars($newmail_media) .
+ "\" HIDDEN=\"TRUE\" AUTOSTART=\"TRUE\">\n";
}
if ($totalNew > 0 && $newmail_popup == 'on') {
echo "<SCRIPT LANGUAGE=\"JavaScript\">\n".
echo html_tag( 'table',
html_tag( 'tr',
html_tag( 'td',
- "<embed src=\"$sound\" hidden=true autostart=true>".
+ '<embed src="'.htmlspecialchars($sound)."\" hidden=\"true\" autostart=\"true\">\n".
'<br>'.
'<b>' . _("Loading the sound...") . '</b><br>'.
'<form>'.
?> <form method="post" action="<?PHP echo $form_action?>">
<input type="hidden" name="mailbox" value="<?PHP echo htmlspecialchars($mailbox) ?>" />
<input type="hidden" name="spamcop_is_composing" value="<?PHP echo htmlspecialchars($passed_id) ?>" />
- <input type="hidden" name="send_to" value="<?PHP echo $report_email?>" />
+ <input type="hidden" name="send_to" value="<?PHP echo htmlspecialchars($report_email)?>" />
<input type="hidden" name="subject" value="reply anyway" />
<input type="hidden" name="identity" value="0" />
<input type="hidden" name="session" value="<?PHP echo $session?>" />
} ?>
<input type="hidden" name="action" value="submit" />
<input type="hidden" name="oldverbose" value="1" />
- <input type="hidden" name="code" value="<?PHP echo $spamcop_id ?>" />
+ <input type="hidden" name="code" value="<?PHP echo htmlspecialchars($spamcop_id) ?>" />
<input type="hidden" name="spam" value="<?PHP echo htmlspecialchars($spam_message); ?>" />
<?php
echo '<input type="submit" name="x1" value="' . _("Send Spam Report") . "\" />\n";
projects / squirrelmail.git / commitdiff