X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=contrib%2Fdecrypt_headers.php;h=a0bf03559c0becf24287fd1bf87fa1b3730eab50;hp=a8d7ff1dc800b0b5f08dfc211a4146a251687d67;hb=6872a6750379b6c17cf6a6dfec6150ade78f52a0;hpb=d4e46166df04792c6b939356ea5dfda8e47bba7b

diff --git a/contrib/decrypt_headers.php b/contrib/decrypt_headers.php
index a8d7ff1d..a0bf0355 100644
--- a/contrib/decrypt_headers.php
+++ b/contrib/decrypt_headers.php
@@ -3,7 +3,7 @@
 /**
  * Script provides form to decode encrypted header information.
  *
- * @copyright © 2005-2009 The SquirrelMail Project Team
+ * @copyright 2005-2018 The SquirrelMail Project Team
  * @license http://opensource.org/licenses/gpl-license.php GNU Public License
  * @version $Id$
  * @package squirrelmail
@@ -60,23 +60,30 @@ echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"'."\n"
     ."</head><body>";
 
 if (sqgetGlobalVar('submit',$submit,SQ_POST)) {
+    $continue = TRUE;
     if (! sqgetGlobalVar('secret',$secret,SQ_POST) ||
-        empty($secret))
-        echo "<p>You must enter encryption key.</p>\n";
+        empty($secret)) {
+        $continue = FALSE;
+        echo "<p>You must enter an encryption key.</p>\n";
+    }
     if (! sqgetGlobalVar('enc_string',$enc_string,SQ_POST) ||
-        empty($enc_string))
-        echo "<p>You must enter encrypted string.</p>\n";
+        empty($enc_string)) {
+        $continue = FALSE;
+        echo "<p>You must enter an encrypted string.</p>\n";
+    }
 
-    if (isset($enc_string) && ! base64_decode($enc_string)) {
-        echo "<p>Encrypted string should be BASE64 encoded.<br />\n"
-            ."Please enter all characters that are listed after header name.</p>\n";
-    } elseif (isset($secret)) {
-        $string=OneTimePadDecrypt($enc_string,base64_encode($secret));
+    if ($continue) {
+        if (isset($enc_string) && ! base64_decode($enc_string)) {
+            echo "<p>Encrypted string should be BASE64 encoded.<br />\n"
+                ."Please enter all characters that are listed after header name.</p>\n";
+        } elseif (isset($secret)) {
+            $string=OneTimePadDecrypt($enc_string,base64_encode($secret));
 
-        if (sqgetGlobalVar('ip_addr',$is_addr,SQ_POST)) {
-            $string=hex2ip($string);
+            if (sqgetGlobalVar('ip_addr',$is_addr,SQ_POST)) {
+                $string=hex2ip($string);
+            }
+            echo "<p>Decoded string: ".htmlspecialchars($string)."</p>\n";
         }
-        echo "<p>Decoded string: ".$string."</p>\n";
     }
     echo "<hr />";
 }
@@ -85,7 +92,7 @@ if (sqgetGlobalVar('submit',$submit,SQ_POST)) {
 <p>
 Secret key: <input type="password" name="secret"><br />
 Encrypted string: <input type="text" name="enc_string"><br />
-Check, if it is an address string: <input type="checkbox" name="ip_addr" /><br />
+<label for="ip_addr">Check here if you are decoding an address string (FromHash/ProxyHash): </label><input type="checkbox" name="ip_addr" id="ip_addr" /><br />
 <button type="submit" name="submit" value="submit">Submit</button>
 </p>
 </form>