if (!isset($msg)) {
$msg = '';
}
- $moveURL = "move_messages.php?msg=$msg&mailbox=$urlMailbox"
- . "&startMessage=$start_msg";
+ $moveFields = '<input type="hidden" name="msg" value="'.htmlspecialchars($msg).'">' .
+ '<input type="hidden" name="mailbox" value="'.htmlspecialchars($mailbox).'">' .
+ '<input type="hidden" name="startMessage" value="'.htmlspecialchars($start_msg).'">';
+
+// $moveURL = "move_messages.php?msg=$msg&mailbox=$urlMailbox"
+// . "&startMessage=$start_msg";
/*
* This is the beginning of the message list table.
* It wraps around all messages
*/
- echo "<FORM name=\"messageList\" method=post action=\"$moveURL\">\n"
+ echo '<form name="messageList" method="post" action="move_messages.php">' ."\n"
+ . $moveFields
. html_tag( 'table' ,
html_tag( 'tr',
html_tag( 'td' ,
$onetimepad = $_SESSION['onetimepad'];
$base_uri = $_SESSION['base_uri'];
$delimiter = $_SESSION['delimiter'];
-if (isset($_GET['mailbox'])) {
- $mailbox = $_GET['mailbox'];
-}
-if (isset($_GET['startMessage'])) {
- $startMessage = $_GET['startMessage'];
-}
+
+sqGetGlobalVar('mailbox', $mailbox);
+sqGetGlobalVar('startMessage', $startMessage);
+sqGetGlobalVar('msg', $msg);
+
if (isset($_POST['moveButton'])) {
$moveButton = $_POST['moveButton'];
}
-if (isset($_POST['msg'])) {
- $msg = $_POST['msg'];
-}
-elseif (isset($_GET['msg'])) {
- $msg = $_GET['msg'];
-}
if (isset($_SESSION['msgs'])) {
$msgs = $_SESSION['msgs'];
projects / squirrelmail.git / commitdiff