Fix XSS holes in generic options inputs, XSS hole in the SquirrelSpell plugin, and...

[squirrelmail.git] / src / folders.php

diff --git a/src/folders.php b/src/folders.php
index 91e41d79e27887efc568ef1bdf328e68d67adca2..8ddd8d2c7d45bfb3cd6f02c9f591a744041c30a7 100644 (file)
--- a/src/folders.php
+++ b/src/folders.php
@@ -6,12 +6,15 @@
  * scripts which do most of the work. Also handles the Special
  * Folders.
  *
- * @copyright © 1999-2007 The SquirrelMail Project Team
+ * @copyright 1999-2011 The SquirrelMail Project Team
  * @license http://opensource.org/licenses/gpl-license.php GNU Public License
  * @version $Id$
  * @package squirrelmail
  */
 
+/** This is the folders page */
+define('PAGE_NAME', 'folders');
+
 /**
  * Include the SquirrelMail initialization file.
  */
@@ -22,11 +25,12 @@ require_once(SM_PATH . 'functions/imap_general.php');
 require_once(SM_PATH . 'functions/folder_manip.php');
 require_once(SM_PATH . 'functions/forms.php');
 
-displayPageHeader($color, 'None');
+displayPageHeader($color);
 
 /* get globals we may need */
 sqgetGlobalVar('delimiter', $delimiter, SQ_SESSION);
 sqgetGlobalVar('smaction', $action, SQ_POST);
+sqgetGlobalVar('smtoken', $submitted_token, SQ_POST, '');
 
 /* end of get globals */
 
@@ -37,6 +41,10 @@ if ( sqgetGlobalVar('smaction', $action, SQ_POST) ) {
     switch ($action)
     {
         case 'create':
+
+            // first, validate security token
+            sm_validate_security_token($submitted_token, 3600, TRUE);
+
             sqgetGlobalVar('folder_name',  $folder_name,  SQ_POST);
             sqgetGlobalVar('subfolder',    $subfolder,    SQ_POST);
             sqgetGlobalVar('contain_subs', $contain_subs, SQ_POST);
@@ -51,6 +59,10 @@ if ( sqgetGlobalVar('smaction', $action, SQ_POST) ) {
                 sqgetGlobalVar('old_name',    $old_name, SQ_POST);
                 folders_rename_getname($imapConnection, $delimiter, $old_name);
             } else {
+
+                // first, validate security token
+                sm_validate_security_token($submitted_token, 3600, TRUE);
+
                 sqgetGlobalVar('orig',        $orig,     SQ_POST);
                 sqgetGlobalVar('old_name',    $old_name, SQ_POST);
                 folders_rename_do($imapConnection, $delimiter, $orig, $old_name, $new_name);
@@ -63,6 +75,10 @@ if ( sqgetGlobalVar('smaction', $action, SQ_POST) ) {
             }
             sqgetGlobalVar('folder_name',  $folder_name,  SQ_POST);
             if ( sqgetGlobalVar('confirmed', $dummy, SQ_POST) ) {
+
+                // first, validate security token
+                sm_validate_security_token($submitted_token, 3600, TRUE);
+
                 folders_delete_do($imapConnection, $delimiter, $folder_name);
                 $td_str =  _("Deleted folder successfully.");
             } else {
@@ -70,11 +86,19 @@ if ( sqgetGlobalVar('smaction', $action, SQ_POST) ) {
             }
             break;
         case 'subscribe':
+
+            // first, validate security token
+            sm_validate_security_token($submitted_token, 3600, TRUE);
+
             sqgetGlobalVar('folder_names',  $folder_names,  SQ_POST);
             folders_subscribe($imapConnection, $folder_names);
             $td_str =  _("Subscribed successfully.");
             break;
         case 'unsubscribe':
+
+            // first, validate security token
+            sm_validate_security_token($submitted_token, 3600, TRUE);
+
             sqgetGlobalVar('folder_names',  $folder_names,  SQ_POST);
             folders_unsubscribe($imapConnection, $folder_names);
             $td_str =  _("Unsubscribed successfully.");
@@ -193,4 +217,3 @@ $oTemplate->assign('subbox_option_list', $subbox_option_list);
 $oTemplate->display('folder_manip.tpl');
 
 $oTemplate->display('footer.tpl');
-?>