phpdocumentor preparation and a few corrections to earlier phpdocumentor work

[squirrelmail.git] / src / addrbook_search.php

diff --git a/src/addrbook_search.php b/src/addrbook_search.php
index 8ee86b0c8a5c8f19825f31be44313507dcbc920f..b1bc299e16534a3efc54d4149f59bd36f0fdaafd 100644 (file)
--- a/src/addrbook_search.php
+++ b/src/addrbook_search.php
@@ -3,7 +3,7 @@
 /**
  * addrbook_search.php
  *
- * Copyright (c) 1999-2002 The SquirrelMail Project Team
+ * Copyright (c) 1999-2003 The SquirrelMail Project Team
  * Licensed under the GNU GPL. For full terms see the file COPYING.
  *
  * Handle addressbook searching in the popup window.
@@ -12,14 +12,36 @@
  *       addrbook_search_html.html -- If you change one,
  *       change the other one too!
  *
- * $Id$
+ * $Id$ 
+ * @package squirrelmail
  */
 
-require_once('../src/validate.php');
-require_once('../functions/strings.php');
-require_once('../functions/html.php');
+/**
+ * Path for SquirrelMail required files.
+ */
+define('SM_PATH','../');
+
+/** SquirrelMail required files. */
+require_once(SM_PATH . 'include/validate.php');
+require_once(SM_PATH . 'functions/strings.php');
+require_once(SM_PATH . 'functions/global.php');
+require_once(SM_PATH . 'functions/html.php');
+
+/** lets get the global vars we may need */
+sqgetGlobalVar('key',       $key,           SQ_COOKIE);
+sqgetGlobalVar('username',  $username,      SQ_SESSION);
+sqgetGlobalVar('onetimepad',$onetimepad,    SQ_SESSION);
+sqgetGlobalVar('base_uri',  $base_uri,      SQ_SESSION);
 
-/* Function to include JavaScript code */
+sqgetGlobalVar('show' ,   $show);
+sqgetGlobalVar('query',   $query,   SQ_POST);
+sqgetGlobalVar('listall', $listall, SQ_POST);
+sqgetGlobalVar('backend', $backend, SQ_POST);
+
+/**
+ * Function to include JavaScript code
+ * @return void
+ */
 function insert_javascript() {
     ?>
     <SCRIPT LANGUAGE="Javascript"><!--
@@ -85,7 +107,12 @@ function insert_javascript() {
 } /* End of included JavaScript */
 
 
-/* List search results */
+/**
+ * List search results
+ * @param array $res Array of search results
+ * @param bool $includesource [Default=true]
+ * @return void
+ */
 function display_result($res, $includesource = true) {
     global $color;
         
@@ -108,7 +135,7 @@ function display_result($res, $includesource = true) {
     
     while (list($undef, $row) = each($res)) {
         $tr_bgcolor = '';
-        $email = AddressBook::full_address($row);
+        $email = htmlspecialchars(addcslashes(AddressBook::full_address($row), "'"), ENT_QUOTES);
         if ($line % 2) { $tr_bgcolor = $color[0]; }
         echo html_tag( 'tr', '', '', $tr_bgcolor, 'nowrap' ) .
         html_tag( 'td',
@@ -119,12 +146,12 @@ function display_result($res, $includesource = true) {
              '<a href="javascript:bcc_address(' . 
                                  "'" . $email . "');\">Bcc</A></small>",
         'center', '', 'valign="top" width="5%" nowrap' ) .
-        html_tag( 'td', '&nbsp;' . $row['name'], 'left', '', 'valign="top" nowrap' ) .
+        html_tag( 'td', '&nbsp;' . htmlspecialchars($row['name']), 'left', '', 'valign="top" nowrap' ) .
         html_tag( 'td', '&nbsp;' .
              '<a href="javascript:to_and_close(' .
-                 "'" . $email . "');\">" . $row['email'] . '</A>'
+                 "'" . $email . "');\">" . htmlspecialchars($row['email']) . '</A>'
         , 'left', '', 'valign="top"' ) .
-        html_tag( 'td', $row['label'], 'left', '', 'valign="top" nowrap' );
+        html_tag( 'td', htmlspecialchars($row['label']), 'left', '', 'valign="top" nowrap' );
         if ($includesource) {
             echo html_tag( 'td', '&nbsp;' . $row['source'], 'left', '', 'valign="top" nowrap' );
         }
@@ -137,7 +164,6 @@ function display_result($res, $includesource = true) {
 
 /* ================= End of functions ================= */
     
-require_once('../functions/array.php');
 require_once('../functions/strings.php');
 require_once('../functions/addressbook.php');