X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=src%2Foptions_order.php;h=c3995c0f5fc2cc58efd12defd1e3e49222cbd8f9;hp=77f2b4ad13ff4d7327c4897e2d4b3cb127eb237c;hb=1c5dd6f2c4703243a932974cf22e78abf34defe5;hpb=176dafe188b2c2486db9889d1c8b56c7f4ebe18a diff --git a/src/options_order.php b/src/options_order.php index 77f2b4ad..c3995c0f 100644 --- a/src/options_order.php +++ b/src/options_order.php @@ -4,13 +4,16 @@ * * Displays messagelist column order options * - * @copyright © 1999-2006 The SquirrelMail Project Team + * @copyright 1999-2014 The SquirrelMail Project Team * @license http://opensource.org/licenses/gpl-license.php GNU Public License * @version $Id$ * @package squirrelmail * @subpackage prefs */ +/** This is the options_order page */ +define('PAGE_NAME', 'options_order'); + /** * Include the SquirrelMail initialization file. */ @@ -18,7 +21,6 @@ require('../include/init.php'); /* SquirrelMail required files. */ require_once(SM_PATH . 'functions/forms.php'); -require_once(SM_PATH . 'functions/arrays.php'); /* get globals */ if (sqgetGlobalVar('num', $num, SQ_GET)) { @@ -29,7 +31,7 @@ if (sqgetGlobalVar('num', $num, SQ_GET)) { if (!sqgetGlobalVar('method', $method)) { $method = ''; } else { - $method = htmlspecialchars($method); + $method = sm_encode_html_special_chars($method); } if (!sqgetGlobalVar('positions', $pos, SQ_GET)) { $pos = 0; @@ -44,7 +46,7 @@ if (!sqgetGlobalVar('account', $account, SQ_GET)) { } if (sqgetGlobalVar('mailbox', $mailbox, SQ_GET)) { - $aMailboxPrefs = unserialize(getPref($data_dir, $username, "pref_".$iAccount.'_'.urldecode($mailbox))); + $aMailboxPrefs = unserialize(getPref($data_dir, $username, "pref_".$iAccount.'_'.$mailbox)); if (isset($aMailboxPrefs[MBX_PREF_COLUMNS])) { $index_order = $aMailboxPrefs[MBX_PREF_COLUMNS]; } @@ -74,7 +76,7 @@ if (!sqgetGlobalVar('account', $account, SQ_GET)) { /* Finally, display whatever page we are supposed to show now. */ /***************************************************************/ -displayPageHeader($color, 'None', (isset($optpage_data['xtra']) ? $optpage_data['xtra'] : '')); +displayPageHeader($color, null, (isset($optpage_data['xtra']) ? $optpage_data['xtra'] : '')); /** @@ -143,6 +145,7 @@ if (count($index_order) != count($available)) { } } +// FIXME: why are we using this? $PHP_SELF is already a global var processed (and therefore trustworthy) by init.php sqgetGlobalVar('PHP_SELF', $PHP_SELF, SQ_SERVER); $x = isset($mailbox) && $mailbox ? '&mailbox='.urlencode($mailbox) : ''; @@ -151,12 +154,13 @@ $oTemplate->assign('current_order', $index_order); $oTemplate->assign('not_used', $opts); $oTemplate->assign('always_show', array(SQM_COL_SUBJ, SQM_COL_FLAGS)); +// FIXME: (related to the above) $PHP_SELF might already have a query string... don't assume otherwise here by adding the ? sign!! $oTemplate->assign('move_up', $PHP_SELF .'?method=move&positions=-1'. $x .'&num='); $oTemplate->assign('move_down', $PHP_SELF .'?method=move&positions=1'. $x .'&num='); $oTemplate->assign('remove', $PHP_SELF .'?method=remove'. $x .'&num='); +$oTemplate->assign('add', $PHP_SELF.'?method=add'.$x.'&num='); $oTemplate->assign('addField_action', $PHP_SELF); $oTemplate->display('options_order.tpl'); $oTemplate->display('footer.tpl'); -?> \ No newline at end of file