functions.inc.php

- encode_header(): made charset parameter optional, defaults to utf-8
- db_delete(): escape_string() $where and $delete

create-mailbox.php:
- always encode mail header and insert Content-Type etc. headers
  (previous code never did this, $PALANG['charset'] is not set in any
  language. so this code part was never used)

sendmail.php:
- always encode mail header and insert Content-Type etc. headers
  (had the same bug as create-mailbox.php)
- merge GET and POST

These changes fix
http://sourceforge.net/tracker/index.php?func=detail&aid=1811214&group_id=191583&atid=937964



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@199 a1433add-5e2c-0410-b055-b7f2511e0802
postfixadmin-2.3
Christian Boltz 17 years ago
parent c47222ac14
commit a00d456084

@ -210,7 +210,6 @@ if ($_SERVER['REQUEST_METHOD'] == "POST")
Lines starting with /* were inserted to keep this section in commented mode.
$result = db_query ("INSERT INTO $table_mailbox (username,password,name,maildir,quota,domain,created,modified,active) VALUES ('$fUsername','$password','$fName','$maildir',$quota,'$fDomain',NOW(),NOW(),'$sqlActive')");
if ($result['rows'] != 1)
{
$tDomain = $fDomain;
@ -311,17 +310,10 @@ TODO: this is the end of /create-mailbox.php code segment
$fHeaders = "To: " . $fTo . "\n";
$fHeaders .= "From: " . $fFrom . "\n";
if (!empty ($PALANG['charset']))
{
$fHeaders .= "Subject: " . encode_header ($PALANG['pSendmail_subject_text'], $PALANG['charset']) . "\n";
$fHeaders .= "MIME-Version: 1.0\n";
$fHeaders .= "Content-Type: text/plain; charset=" . $PALANG['charset'] . "\n";
$fHeaders .= "Content-Transfer-Encoding: 8bit\n";
}
else
{
$fHeaders .= "Subject: " . $PALANG['pSendmail_subject_text'] . "\n\n";
}
$fHeaders .= "Subject: " . encode_header ($PALANG['pSendmail_subject_text']) . "\n";
$fHeaders .= "MIME-Version: 1.0\n";
$fHeaders .= "Content-Type: text/plain; charset=utf-8\n";
$fHeaders .= "Content-Transfer-Encoding: 8bit\n";
$fHeaders .= $CONF['welcome_text'];

@ -900,7 +900,7 @@ function get_admin_properties ($username)
// Action: Encode a string according to RFC 1522 for use in headers if it contains 8-bit characters.
// Call: encode_header (string header, string charset)
//
function encode_header ($string, $default_charset)
function encode_header ($string, $default_charset = "utf-8")
{
if (strtolower ($default_charset) == 'iso-8859-1')
{
@ -1514,7 +1514,7 @@ function db_assoc ($result)
//
function db_delete ($table,$where,$delete)
{
$result = db_query ("DELETE FROM $table WHERE $where='$delete'");
$result = db_query ("DELETE FROM $table WHERE " . escape_string($where) . "='" . escape_string($delete) . "'");
if ($result['rows'] >= 1)
{
return $result['rows'];

@ -37,43 +37,29 @@ authentication_require_role('admin');
(($CONF['sendmail'] == 'NO') ? header("Location: " . $CONF['postfix_admin_url'] . "/main.php") && exit : '1');
$SESSID_USERNAME = authentication_get_username();
if ($_SERVER['REQUEST_METHOD'] == "GET")
{
include ("./templates/header.tpl");
include ("./templates/menu.tpl");
include ("./templates/sendmail.tpl");
include ("./templates/footer.tpl");
}
if ($_SERVER['REQUEST_METHOD'] == "POST")
{
if (isset ($_POST['fTo'])) $fTo = escape_string ($_POST['fTo']);
$fTo = safepost('fTo');
$fFrom = $SESSID_USERNAME;
if (isset ($_POST['fTo'])) $fHeaders = "To: " . $fTo . "\n";
if (isset ($_POST['fTo'])) $fHeaders .= "From: " . $fFrom . "\n";
$fHeaders = "To: " . $fTo . "\n";
$fHeaders .= "From: " . $fFrom . "\n";
if (!empty ($PALANG['charset']))
{
$fHeaders .= "Subject: " . encode_header (escape_string ($_POST['fSubject']), $PALANG['charset']) . "\n";
$fHeaders .= "MIME-Version: 1.0\n";
$fHeaders .= "Content-Type: text/plain; charset=" . $PALANG['charset'] . "\n";
$fHeaders .= "Content-Transfer-Encoding: 8bit\n";
}
else
{
$fHeaders .= "Subject: " . escape_string ($_POST['fSubject']) . "\n\n";
}
$fHeaders .= "Subject: " . encode_header(safepost('fSubject')) . "\n";
$fHeaders .= "MIME-Version: 1.0\n";
$fHeaders .= "Content-Type: text/plain; charset=utf-8\n";
$fHeaders .= "Content-Transfer-Encoding: 8bit\n";
$fHeaders .= escape_string ($_POST['fBody']);
if (empty ($fTo) or !check_email ($fTo))
{
{
$error = 1;
$tTo = escape_string ($_POST['fTo']);
$tSubject = escape_string ($_POST['fSubject']);
$tBody = escape_string ($_POST['fBody']);
$tMessage = $PALANG['pSendmail_to_text_error'];
}
}
if ($error != 1)
{
@ -86,10 +72,12 @@ if ($_SERVER['REQUEST_METHOD'] == "POST")
$tMessage .= $PALANG['pSendmail_result_success'];
}
}
include ("./templates/header.tpl");
include ("./templates/menu.tpl");
include ("./templates/sendmail.tpl");
include ("./templates/footer.tpl");
}
include ("./templates/header.tpl");
include ("./templates/menu.tpl");
include ("./templates/sendmail.tpl");
include ("./templates/footer.tpl");
/* vim: set expandtab softtabstop=3 tabstop=3 shiftwidth=3: */
?>

Loading…
Cancel
Save