Add CVS Id tag

[squirrelmail.git] / src / image.php

diff --git a/src/image.php b/src/image.php
index b695b5d33d3516d1ed7f19c1ec7a32784fb4c884..a91f96a48da4ae8a321131533b09de0fb11d0efe 100644 (file)
--- a/src/image.php
+++ b/src/image.php
@@ -3,19 +3,21 @@
 /**
  * image.php
  *
- * Copyright (c) 1999-2002 The SquirrelMail Project Team
+ * Copyright (c) 1999-2003 The SquirrelMail Project Team
  * Licensed under the GNU GPL. For full terms see the file COPYING.
  *
  * This file shows an attached image
  *
  * $Id$
+ * @package squirrelmail
  */
 
-/* Path for SquirrelMail required files. */
+/** Path for SquirrelMail required files. */
 define('SM_PATH','../');
 
 /* SquirrelMail required files. */
 require_once(SM_PATH . 'include/validate.php');
+require_once(SM_PATH . 'functions/global.php');
 require_once(SM_PATH . 'functions/date.php');
 require_once(SM_PATH . 'functions/page_header.php');
 require_once(SM_PATH . 'functions/html.php');
@@ -24,10 +26,12 @@ require_once(SM_PATH . 'include/load_prefs.php');
 displayPageHeader($color, 'None');
 
 /* globals */
-$mailbox = $_GET['mailbox'];
-$passed_id = $_GET['passed_id'];
-$ent_id = $_GET['ent_id'];
-$QUERY_STRING = $_SERVER['QUERY_STRING'];
+if ( sqgetGlobalVar('passed_id', $temp, SQ_GET) ) {
+  $passed_id = (int) $temp;
+}
+sqgetGlobalVar('mailbox',       $mailbox,       SQ_GET);
+sqgetGlobalVar('ent_id',        $ent_id,        SQ_GET);
+sqgetGlobalVar('QUERY_STRING',  $QUERY_STRING,  SQ_SERVER);
 /* end globals */
 
 echo '<BR>' . 
@@ -44,7 +48,7 @@ echo '<a href="'.$msg_url.'">'. _("View message") . '</a>';
 
 $DownloadLink = '../src/download.php?passed_id=' . $passed_id .
                '&amp;mailbox=' . urlencode($mailbox) . 
-               '&amp;ent_id=' . $ent_id . '&amp;absolute_dl=true';
+               '&amp;ent_id=' . urlencode($ent_id) . '&amp;absolute_dl=true';
 
 echo '</b></td></tr>' . "\n" .
     '<tr><td align=center><A HREF="' . $DownloadLink . '">' .