if ( sqgetGlobalVar('smaction_edit_new',$tmp) ) $action = 'edit_as_new';
}
+sqgetGlobalVar('smtoken', $submitted_token, $SQ_GLOBAL, '');
+
/**
* Here we decode the data passed in from mailto.php.
*/
}
if ($draft) {
+
+ // validate security token
+ //
+ sm_validate_security_token($submitted_token, 3600, TRUE);
+
/*
* Set $default_charset to correspond with the user's selection
* of language interface.
}
if ($send) {
+
+ // validate security token
+ //
+ sm_validate_security_token($submitted_token, 3600, TRUE);
+
if (isset($_FILES['attachfile']) &&
$_FILES['attachfile']['tmp_name'] &&
$_FILES['attachfile']['tmp_name'] != 'none') {
/* sqimap_logout($imapConnection); */
}
} elseif (isset($html_addr_search_done)) {
+
+ // validate security token
+ //
+ sm_validate_security_token($submitted_token, 3600, TRUE);
+
if ($compose_new_win == '1') {
compose_Header($color, $mailbox);
}
*/
include_once('./addrbook_search_html.php');
} elseif (isset($attach)) {
+
+ // validate security token
+ //
+ sm_validate_security_token($submitted_token, 3600, TRUE);
+
if ($compose_new_win == '1') {
compose_Header($color, $mailbox);
} else {
showInputForm($session);
}
elseif (isset($sigappend)) {
+
+ // validate security token
+ //
+ sm_validate_security_token($submitted_token, 3600, TRUE);
+
$signature = $idents[$identity]['signature'];
$body .= "\n\n".($prefix_sig==true? "-- \n":'').$signature;
}
showInputForm($session);
} elseif (isset($do_delete)) {
+
+ // validate security token
+ //
+ sm_validate_security_token($submitted_token, 3600, TRUE);
+
if ($compose_new_win == '1') {
compose_Header($color, $mailbox);
} else {
//FIXME: NO HTML IN CORE!
echo ">\n";
+//FIXME: DON'T ECHO HTML FROM CORE!
+ echo addHidden('smtoken', sm_generate_security_token());
+
//FIXME: DON'T ECHO HTML FROM CORE!
echo addHidden('startMessage', $startMessage);
projects / squirrelmail.git / blobdiff