X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=src%2Faddrbook_search.php;h=5f3a3e07384d240d27acfdba21abc403a9a216c6;hp=0f9b4bacb13698968250e807545f04223f9d3eec;hb=de00443c7d9770fbae65402e6beabde8a3db302a;hpb=ac987a56a67a53a01b7db77a02fdd9c9241b4549;ds=sidebyside diff --git a/src/addrbook_search.php b/src/addrbook_search.php index 0f9b4bac..5f3a3e07 100644 --- a/src/addrbook_search.php +++ b/src/addrbook_search.php @@ -3,7 +3,7 @@ /** * addrbook_search.php * - * Copyright (c) 1999-2002 The SquirrelMail Project Team + * Copyright (c) 1999-2004 The SquirrelMail Project Team * Licensed under the GNU GPL. For full terms see the file COPYING. * * Handle addressbook searching in the popup window. @@ -12,17 +12,42 @@ * addrbook_search_html.html -- If you change one, * change the other one too! * - * $Id$ + * @version $Id$ + * @package squirrelmail + * @subpackage addressbook */ -require_once('../src/validate.php'); -require_once('../functions/strings.php'); -require_once('../functions/html.php'); +/** + * Path for SquirrelMail required files. + * @ignore + */ +define('SM_PATH','../'); + +/** SquirrelMail required files. */ +require_once(SM_PATH . 'include/validate.php'); +require_once(SM_PATH . 'functions/strings.php'); +require_once(SM_PATH . 'functions/global.php'); +require_once(SM_PATH . 'functions/html.php'); +require_once(SM_PATH . 'functions/forms.php'); -/* Function to include JavaScript code */ +/** lets get the global vars we may need */ +sqgetGlobalVar('key', $key, SQ_COOKIE); +sqgetGlobalVar('username', $username, SQ_SESSION); +sqgetGlobalVar('onetimepad',$onetimepad, SQ_SESSION); +sqgetGlobalVar('base_uri', $base_uri, SQ_SESSION); + +sqgetGlobalVar('show' , $show); +sqgetGlobalVar('query', $query, SQ_POST); +sqgetGlobalVar('listall', $listall, SQ_POST); +sqgetGlobalVar('backend', $backend, SQ_POST); + +/** + * Function to include JavaScript code + * @return void + */ function insert_javascript() { ?> - +// --> \n"; while (list($undef, $row) = each($res)) { - $tr_bgcolor = ''; - if ($line % 2) { $tr_bgcolor = $color[0]; } + $email = htmlspecialchars(addcslashes(AddressBook::full_address($row), "'"), ENT_QUOTES); + if ($line % 2) { + $tr_bgcolor = $color[12]; + } else { + $tr_bgcolor = $color[4]; + } echo html_tag( 'tr', '', '', $tr_bgcolor, 'nowrap' ) . html_tag( 'td', 'To | " . + "'" . $email . "');\">"._("To")." | " . 'Cc | " . + "'" . $email . "');\">"._("Cc")." | " . 'Bcc", + "'" . $email . "');\">"._("Bcc")."", 'center', '', 'valign="top" width="5%" nowrap' ) . - html_tag( 'td', ' ' . $row['name'], 'left', '', 'valign="top" nowrap' ) . + html_tag( 'td', ' ' . htmlspecialchars($row['name']), 'left', '', 'valign="top" nowrap' ) . html_tag( 'td', ' ' . '" . $row['email'] . '' + "'" . $email . "');\">" . htmlspecialchars($row['email']) . '' , 'left', '', 'valign="top"' ) . - html_tag( 'td', $row['label'], 'left', '', 'valign="top" nowrap' ); + html_tag( 'td', htmlspecialchars($row['label']), 'left', '', 'valign="top" nowrap' ); if ($includesource) { echo html_tag( 'td', ' ' . $row['source'], 'left', '', 'valign="top" nowrap' ); } @@ -136,7 +170,6 @@ function display_result($res, $includesource = true) { /* ================= End of functions ================= */ -require_once('../functions/array.php'); require_once('../functions/strings.php'); require_once('../functions/addressbook.php'); @@ -149,22 +182,22 @@ if (!isset($backend)) { $backend = ''; } /* Choose correct colors for top and bottom frame */ if ($show == 'form' && !isset($listall)) { - echo '
'; } else { - echo '\n"; + echo '\n"; } /* Empty search */ if (empty($query) && empty($show) && empty($listall)) { - echo html_tag( 'p', '