*
* Displays message highlighting options
*
- * @copyright 1999-2010 The SquirrelMail Project Team
+ * @copyright 1999-2017 The SquirrelMail Project Team
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
* @version $Id$
* @package squirrelmail
sqGetGlobalVar('color_type', $color_type);
sqGetGlobalVar('match_type', $match_type);
sqGetGlobalVar('value', $value);
-sqgetGlobalVar('smtoken', $submitted_token, SQ_POST, '');
+sqgetGlobalVar('smtoken', $submitted_token, SQ_FORM, '');
/* end of get globals */
($action == 'down')) {
// security check
- sm_validate_security_token($submitted_token, 3600, TRUE);
+ sm_validate_security_token($submitted_token, -1, TRUE);
$new_rules = array();
switch($action) {
} else if ($action == 'save') {
// security check
- sm_validate_security_token($submitted_token, 3600, TRUE);
+ sm_validate_security_token($submitted_token, -1, TRUE);
if ($color_type == 1) $newcolor = $newcolor_choose;
elseif ($color_type == 2) $newcolor = $newcolor_input;
foreach($message_highlight_list as $index=>$rule) {
$a = array();
- $a['Name'] = htmlspecialchars($rule['name']);
+ $a['Name'] = sm_encode_html_special_chars($rule['name']);
$a['Color'] = $rule['color'];
$a['MatchField'] = '';
- $a['MatchValue'] = htmlspecialchars($rule['value']);
+ $a['MatchValue'] = sm_encode_html_special_chars($rule['value']);
switch ($rule['match_type']) {
case 'from' :
$a['MatchField'] = _("From");
$oTemplate->assign('current_rules', $rules);
+$token = sm_generate_security_token();
+
$oTemplate->assign('add_rule', 'options_highlight.php?action=add');
$oTemplate->assign('edit_rule', 'options_highlight.php?action=edit&theid=');
-$oTemplate->assign('delete_rule', 'options_highlight.php?action=delete&theid=');
-$oTemplate->assign('move_up', 'options_highlight.php?action=up&theid=');
-$oTemplate->assign('move_down', 'options_highlight.php?action=down&theid=');
+$oTemplate->assign('delete_rule', 'options_highlight.php?action=delete&smtoken=' . $token . '&theid=');
+$oTemplate->assign('move_up', 'options_highlight.php?action=up&smtoken=' . $token . '&theid=');
+$oTemplate->assign('move_down', 'options_highlight.php?action=down&smtoken=' . $token . '&theid=');
$oTemplate->display('options_highlight_list.tpl');