/**
* day.php
*
- * Copyright (c) 2002-2004 The SquirrelMail Project Team
- * Licensed under the GNU GPL. For full terms see the file COPYING.
- *
* Originally contrubuted by Michal Szczotka <michal@tuxy.org>
*
* Displays the day page (day view).
*
- * $Id$
+ * @copyright © 2002-2005 The SquirrelMail Project Team
+ * @license http://opensource.org/licenses/gpl-license.php GNU Public License
+ * @version $Id$
* @package plugins
* @subpackage calendar
*/
require_once(SM_PATH . 'functions/html.php');
/* get globals */
-if (isset($_GET['year'])) {
+
+// undo rg = on effects
+if (isset($month)) unset($month);
+if (isset($year)) unset($year);
+if (isset($day)) unset($day);
+
+if (isset($_GET['year']) && is_numeric($_GET['year'])) {
$year = $_GET['year'];
}
-elseif (isset($_POST['year'])) {
+elseif (isset($_POST['year']) && is_numeric($_POST['year'])) {
$year = $_POST['year'];
}
-if (isset($_GET['month'])) {
+if (isset($_GET['month']) && is_numeric($_GET['month'])) {
$month = $_GET['month'];
}
-elseif (isset($_POST['month'])) {
+elseif (isset($_POST['month']) && is_numeric($_POST['month'])) {
$month = $_POST['month'];
}
-if (isset($_GET['day'])) {
+if (isset($_GET['day']) && is_numeric($_GET['day'])) {
$day = $_GET['day'];
}
-elseif (isset($_POST['day'])) {
+elseif (isset($_POST['day']) && is_numeric($_POST['day'])) {
$day = $_POST['day'];
}
html_tag( 'td', $ehour . ':' . $eminute . $elength, 'left' ) .
html_tag( 'td', '', 'left' ) . '[';
echo ($calbar['priority']==1) ? "<font color=\"$color[1]\">$calbar[title]</font>" : "$calbar[title]";
- echo"] $calbar[message] " .
+ echo'] <div style="margin-left:10px">'.nl2br($calbar['message']).'</div>' .
html_tag( 'td',
"<font size=\"-1\"><nobr>\n" .
"<a href=\"event_edit.php?year=$year&month=$month&day=$day&hour=".substr($calfoo['key'],0,2)."&minute=".substr($calfoo['key'],2,2)."\">".