/* get globals we may need */
-$key = $_COOKIE['key'];
-$username = $_SESSION['username'];
-$onetimepad = $_SESSION['onetimepad'];
-$delimiter = $_SESSION['delimiter'];
+sqgetGlobalVar('username', $username, SQ_SESSION);
+sqgetGlobalVar('key', $key, SQ_COOKIE);
+sqgetGlobalVar('delimiter', $delimiter, SQ_SESSION);
+sqgetGlobalVar('onetimepad', $onetimepad, SQ_SESSION);
if (isset($_GET['mailbox'])) {
$mailbox = strip_tags($_GET['mailbox']);
$perbox_count = array ();
$recent_count = getPref($data_dir, $username, 'search_memory', 0);
-/* get globals we may need */
-
-$key = $_COOKIE['key'];
-$username = $_SESSION['username'];
-$onetimepad = $_SESSION['onetimepad'];
-$delimiter = $_SESSION['delimiter'];
-
-if (isset($_GET['mailbox'])) {
- $mailbox = strip_tags($_GET['mailbox']);
-}
-if (isset($_GET['submit'])) {
- $submit = strip_tags($_GET['submit']);
-}
-if (isset($_GET['what'])) {
- $what = $_GET['what'];
-}
-if (isset($_GET['where'])) {
- $where = strip_tags($_GET['where']);
-}
-if (isset($_GET['checkall'])) {
- $checkall = strip_tags($_GET['checkall']);
-}
-if (isset($_GET['count'])) {
- $count = strip_tags($_GET['count']);
-}
-
/* get mailbox names */
$imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
$boxes = sqimap_mailbox_list($imapConnection);
if (isset($composenew) && $composenew) {
$comp_uri = "../src/compose.php?mailbox=". urlencode($mailbox).
"&session=$composesession&attachedmessages=true&";
- displayPageHeader($color, $mailbox, "comp_in_new(false,'$comp_uri');", false);
+ displayPageHeader($color, $mailbox, "comp_in_new('$comp_uri');", false);
} else {
displayPageHeader($color, $mailbox);
}
} else {
echo html_tag( 'tr', '', '', $color[4] );
}
- echo html_tag( 'td', $saved_attributes['saved_folder'][$i], 'left', '', 'width="35%"' )
+ echo html_tag( 'td', imap_utf7_decode_local($saved_attributes['saved_folder'][$i]), 'left', '', 'width="35%"' )
. html_tag( 'td', $saved_attributes['saved_what'][$i], 'left' )
. html_tag( 'td', $saved_attributes['saved_where'][$i], 'center' )
. html_tag( 'td', '', 'right' )
. '<a href=search.php'
- . '?mailbox=' . htmlentities($saved_attributes['saved_folder'][$i])
- . '&what=' . htmlentities($saved_attributes['saved_what'][$i])
- . '&where=' . htmlentities($saved_attributes['saved_where'][$i])
+ . '?mailbox=' . htmlspecialchars($saved_attributes['saved_folder'][$i])
+ . '&what=' . htmlspecialchars($saved_attributes['saved_what'][$i])
+ . '&where=' . htmlspecialchars($saved_attributes['saved_where'][$i])
. '>' . _("edit") . '</a>'
. ' | '
. '<a href=search.php'
}
if (isset($attributes['search_what'][$i]) &&
!empty($attributes['search_what'][$i])) {
- echo html_tag( 'td', $attributes['search_folder'][$i], 'left', '', 'width="35%"' )
- . html_tag( 'td', $attributes['search_what'][$i], 'left' )
+ echo html_tag( 'td', imap_utf7_decode_local($attributes['search_folder'][$i]), 'left', '', 'width="35%"' )
+ . html_tag( 'td', htmlspecialchars($attributes['search_what'][$i]), 'left' )
. html_tag( 'td', $attributes['search_where'][$i], 'center' )
. html_tag( 'td', '', 'right' )
. "<a href=search.php?count=$i&submit=save>"