Fix XXS "hole" (you can only target yourself...) in calendar: make sure

[squirrelmail.git] / plugins / calendar / event_delete.php

diff --git a/plugins/calendar/event_delete.php b/plugins/calendar/event_delete.php
index 09fe78fba27848d66dbb70f2d3427029a73c4a8a..b7908ec1012e650bb586a2bcf688048035c5d3b9 100644 (file)
--- a/plugins/calendar/event_delete.php
+++ b/plugins/calendar/event_delete.php
@@ -3,7 +3,7 @@
 /**
  * event_delete.php
  *
- * Copyright (c) 2002 The SquirrelMail Project Team
+ * Copyright (c) 2002-2003 The SquirrelMail Project Team
  * Licensed under the GNU GPL. For full terms see the file COPYING.
  *
  * Originally contrubuted by Michal Szczotka <michal@tuxy.org>
@@ -26,6 +26,59 @@ require_once(SM_PATH . 'config/config.php');
 require_once(SM_PATH . 'functions/page_header.php');
 require_once(SM_PATH . 'include/load_prefs.php');
 require_once(SM_PATH . 'functions/html.php');
+/* get globals */
+if (isset($_GET['month']) && is_numeric($_GET['month'])) {
+    $month = $_GET['month'];
+}
+elseif (isset($_POST['month']) && is_numeric($_GET['month'])) {
+    $month = $_POST['month'];
+}
+if (isset($_GET['year']) && is_numeric($_GET['year'])) {
+    $year = $_GET['year'];
+}
+elseif (isset($_POST['year']) && is_numeric($_POST['year'])) {
+    $year = $_POST['year'];
+}
+if (isset($_GET['day']) && is_numeric($_GET['day'])) {
+    $day = $_GET['day'];
+}
+elseif (isset($_POST['day']) && is_numeric($_POST['day'])) {
+    $day = $_POST['day'];
+}
+if (isset($_GET['dyear']) && is_numeric($_GET['dyear'])) {
+    $dyear = $_GET['dyear'];
+}
+elseif (isset($_POST['dyear']) && is_numeric($_POST['dyear'])) {
+    $dyear = $_POST['dyear'];
+}
+if (isset($_GET['dmonth']) && is_numeric($_GET['dmonth'])) {
+    $dmonth = $_GET['dmonth'];
+}
+elseif (isset($_POST['dmonth']) && is_numeric($_POST['dmonth'])) {
+    $dmonth = $_POST['dmonth'];
+}
+if (isset($_GET['dday']) && is_numeric($_GET['dday'])) {
+    $dday = $_GET['dday'];
+}
+elseif (isset($_POST['dday']) && is_numeric($_POST['dday'])) {
+    $dday = $_POST['dday'];
+}
+if (isset($_GET['dhour']) && is_numeric($_GET['dhour'])) {
+    $dhour = $_GET['dhour'];
+}
+elseif (isset($_POST['dhour']) && is_numeric($_POST['dhour'])) {
+    $dhour = $_POST['dhour'];
+}
+if (isset($_GET['dminute']) && is_numeric($_GET['dminute'])) {
+    $dminute = $_GET['dminute'];
+}
+elseif (isset($_POST['dminute']) && is_numeric($_POST['dminute'])) {
+    $dminute = $_POST['dminute'];
+}
+if (isset($_POST['confirmed'])) {
+    $confirmed = $_POST['confirmed'];
+}
+/* got 'em */
 
 function confirm_deletion()
 {
@@ -47,11 +100,11 @@ function confirm_deletion()
                ) .
                html_tag( 'tr',
                    html_tag( 'td', _("Title:"), 'right', $color[4] ) .
-                   html_tag( 'td', $tmparray[title], 'left', $color[4] )
+                   html_tag( 'td', $tmparray['title'], 'left', $color[4] )
                ) .
                html_tag( 'tr',
                    html_tag( 'td', _("Message:"), 'right', $color[4] ) .
-                   html_tag( 'td', $tmparray[message], 'left', $color[4] )
+                   html_tag( 'td', $tmparray['message'], 'left', $color[4] )
                ) .
                html_tag( 'tr',
                    html_tag( 'td',
@@ -106,7 +159,7 @@ if (isset($dyear) && isset($dmonth) && isset($dday) && isset($dhour) && isset($d
     if (isset($confirmed)){
         delete_event("$dmonth$dday$dyear", "$dhour$dminute");
         echo '<br><br>' . _("Event deleted!") . "<br>\n";
-        echo "<a href=\"day.php?year=$year&month=$month&day=$day\">" .
+        echo "<a href=\"day.php?year=$year&amp;month=$month&amp;day=$day\">" .
           _("Day View") . "</a>\n";
     } else {
         readcalendardata();