projects
/
squirrelmail.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Attachments were being lost when going to address book page due to lack of proper...
[squirrelmail.git]
/
src
/
options_highlight.php
diff --git
a/src/options_highlight.php
b/src/options_highlight.php
index 872a5cdc9524453689e2f5fc20d76dd4ade344ae..3de59008fe1d6b972364e68be5b7e7bb4dea9fc6 100644
(file)
--- a/
src/options_highlight.php
+++ b/
src/options_highlight.php
@@
-5,7
+5,7
@@
*
* Displays message highlighting options
*
*
* Displays message highlighting options
*
- * @copyright © 1999-200
7
The SquirrelMail Project Team
+ * @copyright © 1999-200
9
The SquirrelMail Project Team
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
* @version $Id$
* @package squirrelmail
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
* @version $Id$
* @package squirrelmail
@@
-32,6
+32,7
@@
sqGetGlobalVar('newcolor_input', $newcolor_input);
sqGetGlobalVar('color_type', $color_type);
sqGetGlobalVar('match_type', $match_type);
sqGetGlobalVar('value', $value);
sqGetGlobalVar('color_type', $color_type);
sqGetGlobalVar('match_type', $match_type);
sqGetGlobalVar('value', $value);
+sqgetGlobalVar('smtoken', $submitted_token, SQ_POST, '');
/* end of get globals */
/* end of get globals */
@@
-52,6
+53,10
@@
if (! isset($message_highlight_list)) {
if (isset($theid) && ($action == 'delete') ||
($action == 'up') ||
($action == 'down')) {
if (isset($theid) && ($action == 'delete') ||
($action == 'up') ||
($action == 'down')) {
+
+ // security check
+ sm_validate_security_token($submitted_token, 3600, TRUE);
+
$new_rules = array();
switch($action) {
case('delete'):
$new_rules = array();
switch($action) {
case('delete'):
@@
-86,6
+91,9
@@
if (isset($theid) && ($action == 'delete') ||
exit;
} else if ($action == 'save') {
exit;
} else if ($action == 'save') {
+ // security check
+ sm_validate_security_token($submitted_token, 3600, TRUE);
+
if ($color_type == 1) $newcolor = $newcolor_choose;
elseif ($color_type == 2) $newcolor = $newcolor_input;
else $newcolor = $color_type;
if ($color_type == 1) $newcolor = $newcolor_choose;
elseif ($color_type == 2) $newcolor = $newcolor_input;
else $newcolor = $color_type;
@@
-336,7
+344,7
@@
if ($action == 'edit' || $action == 'add') {
$oTemplate->assign('color_radio', ($selected_choose ? 1 : ($selected_input ? 2 : 0)));
$oTemplate->assign('color_input', ($selected_input ? $color : ''));
$oTemplate->assign('color_radio', ($selected_choose ? 1 : ($selected_input ? 2 : 0)));
$oTemplate->assign('color_input', ($selected_input ? $color : ''));
- echo addForm('options_highlight.php', 'post', 'f').
+ echo addForm('options_highlight.php', 'post', 'f'
, '', '', array(), TRUE
).
addHidden('action', 'save');
if($action == 'edit') {
echo addHidden('theid', (isset($theid)?$theid:''));
addHidden('action', 'save');
if($action == 'edit') {
echo addHidden('theid', (isset($theid)?$theid:''));