/**
* spamcop.php -- SpamCop plugin -- main page
*
- * @copyright © 1999-2006 The SquirrelMail Project Team
+ * @copyright 1999-2014 The SquirrelMail Project Team
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
* @version $Id$
* @package plugins
* Include the SquirrelMail initialization file.
*/
require('../../include/init.php');
-
+/* IMAP functions depend on date and mime */
+include_once(SM_PATH . 'functions/date.php');
+include_once(SM_PATH . 'functions/mime.php');
+/* IMAP functions */
include_once(SM_PATH . 'functions/imap_general.php');
include_once(SM_PATH . 'functions/imap_messages.php');
/* plugin functions */
include_once(SM_PATH . 'plugins/spamcop/functions.php');
-/* GLOBALS */
+include_once(SM_PATH . 'functions/compose.php');
-sqgetGlobalVar('username', $username, SQ_SESSION);
+/* GLOBALS */
sqgetGlobalVar('mailbox', $mailbox, SQ_GET);
-sqgetGlobalVar('passed_id', $passed_id, SQ_GET);
+sqgetGlobalVar('passed_id', $passed_id, SQ_GET, NULL, SQ_TYPE_BIGINT);
sqgetGlobalVar('js_web', $js_web, SQ_GET);
if (! sqgetGlobalVar('startMessage', $startMessage, SQ_GET) ) {
echo '<form method="post" action="javascript:return false">';
echo '<input type="button" value="' . _("Close Window") . "\" onclick=\"window.close(); return true;\" />\n";
} else {
- ?><form method="post" action="../../src/right_main.php">
- <input type="hidden" name="mailbox" value="<?php echo htmlspecialchars($mailbox) ?>" />
- <input type="hidden" name="startMessage" value="<?php echo htmlspecialchars($startMessage) ?>" />
+ ?><form method="post" action="<?php echo sqm_baseuri(); ?>src/right_main.php">
+ <input type="hidden" name="mailbox" value="<?php echo sm_encode_html_special_chars($mailbox) ?>" />
+ <input type="hidden" name="startMessage" value="<?php echo sm_encode_html_special_chars($startMessage) ?>" />
<?php
echo '<input type="submit" value="' . _("Cancel / Done") . "\" />";
}
$report_email = 'submit.' . $spamcop_id . '@spam.spamcop.net';
else
$report_email = 'quick.' . $spamcop_id . '@spam.spamcop.net';
- $form_action = SM_PATH . 'src/compose.php';
+ $form_action = sqm_baseuri() . 'src/compose.php';
?> <form method="post" action="<?php echo $form_action?>">
- <input type="hidden" name="mailbox" value="<?php echo htmlspecialchars($mailbox) ?>" />
- <input type="hidden" name="spamcop_is_composing" value="<?php echo htmlspecialchars($passed_id) ?>" />
- <input type="hidden" name="send_to" value="<?php echo htmlspecialchars($report_email)?>" />
+ <input type="hidden" name="smtoken" value="<?php echo sm_generate_security_token() ?>" />
+ <input type="hidden" name="mailbox" value="<?php echo sm_encode_html_special_chars($mailbox) ?>" />
+ <input type="hidden" name="spamcop_is_composing" value="<?php echo sm_encode_html_special_chars($passed_id) ?>" />
+ <input type="hidden" name="send_to" value="<?php echo sm_encode_html_special_chars($report_email)?>" />
<input type="hidden" name="subject" value="reply anyway" />
<input type="hidden" name="identity" value="0" />
<input type="hidden" name="session" value="<?php echo $session?>" />
<?php
- echo '<input type="submit" name="send" value="' . _("Send Spam Report") . "\" />\n";
+ echo '<input type="submit" name="send1" value="' . _("Send Spam Report") . "\" />\n";
} else {
$spam_message = mime_fetch_body ($imap_stream, $passed_id, $passed_ent_id, 50000);
$Warning = "\n[truncated by SpamCop]\n";
$spam_message = substr($spam_message, 0, 50000 - strlen($Warning)) . $Warning;
}
- if ($spamcop_type=='member') {
- $action_url="http://members.spamcop.net/sc";
- } else {
- $action_url="http://www.spamcop.net/sc";
- }
+ $action_url="http://members.spamcop.net/sc";
+
if (isset($js_web) && $js_web) {
echo "<form method=\"post\" action=\"$action_url\" name=\"submitspam\"".
" enctype=\"multipart/form-data\">\n";
} ?>
<input type="hidden" name="action" value="submit" />
<input type="hidden" name="oldverbose" value="1" />
- <input type="hidden" name="code" value="<?php echo htmlspecialchars($spamcop_id) ?>" />
- <input type="hidden" name="spam" value="<?php echo htmlspecialchars($spam_message); ?>" />
+ <input type="hidden" name="spam" value="<?php echo sm_encode_html_special_chars($spam_message); ?>" />
<?php
echo '<input type="submit" name="x1" value="' . _("Send Spam Report") . "\" />\n";
}
</tr>
</table>
</body>
-</html>
\ No newline at end of file
+</html>