Fix issues caused by use of PostgreSQL keyword 'user' in SquirrelMail's default prefe...

[squirrelmail.git] / src / search.php

diff --git a/src/search.php b/src/search.php
index 1cb868c575fa4562bc9787e00edabcf0eb20888f..43db16e0d5b26c756e916b0df47db71bf249d4f3 100644 (file)
--- a/src/search.php
+++ b/src/search.php
@@ -8,7 +8,7 @@
  * Subfolder search idea from Patch #806075 by Thomas Pohl xraven at users.sourceforge.net. Thanks Thomas!
  *
  * @author Alex Lemaresquier - Brainstorm <alex at brainstorm.fr>
- * @copyright &copy; 1999-2009 The SquirrelMail Project Team
+ * @copyright 1999-2010 The SquirrelMail Project Team
  * @license http://opensource.org/licenses/gpl-license.php GNU Public License
  * @version $Id$
  * @package squirrelmail
@@ -674,13 +674,13 @@ function asearch_print_query_array(&$boxes, &$query_array, &$query_keys, &$actio
     $oTemplate->assign('expand_collapse_toggle', '../src/search.php?'.$show_pref.'='.($show_flag==1 ? 0 : 1));
     $oTemplate->assign('query_list', $a);
     
-    $oTemplate->assign('save_recent', '../src/search.php?submit=save_recent&rownum=');
-    $oTemplate->assign('do_recent', '../src/search.php?submit=search_recent&rownum=');
-    $oTemplate->assign('forget_recent', '../src/search.php?submit=forget_recent&rownum=');
+    $oTemplate->assign('save_recent', '../src/search.php?submit=save_recent&smtoken=' . sm_generate_security_token() . '&rownum=');
+    $oTemplate->assign('do_recent', '../src/search.php?submit=search_recent&smtoken=' . sm_generate_security_token() . '&rownum=');
+    $oTemplate->assign('forget_recent', '../src/search.php?submit=forget_recent&smtoken=' . sm_generate_security_token() . '&rownum=');
     
-    $oTemplate->assign('edit_saved', '../src/search.php?submit=edit_saved&rownum=');
-    $oTemplate->assign('do_saved', '../src/search.php?submit=search_saved&rownum=');
-    $oTemplate->assign('delete_saved', '../src/search.php?submit=delete_saved&rownum=');
+    $oTemplate->assign('edit_saved', '../src/search.php?submit=edit_saved&smtoken=' . sm_generate_security_token() . '&rownum=');
+    $oTemplate->assign('do_saved', '../src/search.php?submit=search_saved&smtoken=' . sm_generate_security_token() . '&rownum=');
+    $oTemplate->assign('delete_saved', '../src/search.php?submit=delete_saved&smtoken=' . sm_generate_security_token() . '&rownum=');
     
     $oTemplate->display('search_list.tpl');
 }
@@ -893,7 +893,7 @@ function sqimap_asearch_get_selectable_unformatted_mailboxes(&$boxes)
 
 /* ------------------------ main ------------------------ */
 /* get globals we will need */
-sqgetGlobalVar('smtoken', $submitted_token, SQ_GET, '');
+sqgetGlobalVar('smtoken', $submitted_token, SQ_FORM, '');
 sqgetGlobalVar('delimiter', $delimiter, SQ_SESSION);
 
 if (!sqgetGlobalVar('checkall',$checkall,SQ_GET)) {
@@ -1604,7 +1604,7 @@ if ($submit == $search_button_text) {
                  */
                 if ($aMailbox['EXISTS'] > 0) {
                     if ($iError) {
-                       // TODO
+                       // TODO: Implement an error handler in the search page.
                        echo "ERROR occured, errorhandler will be implemented very soon";
                     } else {
                         foreach ($aTemplate as $k => $v) {