*
* Displays message highlighting options
*
- * @copyright © 1999-2007 The SquirrelMail Project Team
+ * @copyright © 1999-2009 The SquirrelMail Project Team
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
* @version $Id$
* @package squirrelmail
sqGetGlobalVar('color_type', $color_type);
sqGetGlobalVar('match_type', $match_type);
sqGetGlobalVar('value', $value);
+sqgetGlobalVar('smtoken', $submitted_token, SQ_POST, '');
/* end of get globals */
if (isset($theid) && ($action == 'delete') ||
($action == 'up') ||
($action == 'down')) {
+
+ // security check
+ sm_validate_security_token($submitted_token, 3600, TRUE);
+
$new_rules = array();
switch($action) {
case('delete'):
exit;
} else if ($action == 'save') {
+ // security check
+ sm_validate_security_token($submitted_token, 3600, TRUE);
+
if ($color_type == 1) $newcolor = $newcolor_choose;
elseif ($color_type == 2) $newcolor = $newcolor_input;
else $newcolor = $color_type;
$oTemplate->assign('color_radio', ($selected_choose ? 1 : ($selected_input ? 2 : 0)));
$oTemplate->assign('color_input', ($selected_input ? $color : ''));
- echo addForm('options_highlight.php', 'post', 'f').
+ echo addForm('options_highlight.php', 'post', 'f', '', '', array(), TRUE).
addHidden('action', 'save');
if($action == 'edit') {
echo addHidden('theid', (isset($theid)?$theid:''));
projects / squirrelmail.git / blobdiff