From 546d6debcb2172f29718cf6c02a6f0fcce83a3c1 Mon Sep 17 00:00:00 2001 From: pdontthink Date: Fri, 18 May 2007 05:14:48 +0000 Subject: [PATCH] Add comments reminding someone to make a fix here git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@12405 7612ce4b-ef26-0410-bec9-ea0150e637f0 --- src/options_order.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/options_order.php b/src/options_order.php index 8f081acd..02cbf19e 100644 --- a/src/options_order.php +++ b/src/options_order.php @@ -142,6 +142,7 @@ if (count($index_order) != count($available)) { } } +// FIXME: why are we using this? $PHP_SELF is already a global var processed (and therefore trustworthy) by init.php sqgetGlobalVar('PHP_SELF', $PHP_SELF, SQ_SERVER); $x = isset($mailbox) && $mailbox ? '&mailbox='.urlencode($mailbox) : ''; @@ -150,6 +151,7 @@ $oTemplate->assign('current_order', $index_order); $oTemplate->assign('not_used', $opts); $oTemplate->assign('always_show', array(SQM_COL_SUBJ, SQM_COL_FLAGS)); +// FIXME: (related to the above) $PHP_SELF might already have a query string... don't assume otherwise here by adding the ? sign!! $oTemplate->assign('move_up', $PHP_SELF .'?method=move&positions=-1'. $x .'&num='); $oTemplate->assign('move_down', $PHP_SELF .'?method=move&positions=1'. $x .'&num='); $oTemplate->assign('remove', $PHP_SELF .'?method=remove'. $x .'&num='); -- 2.25.1