Use HTTP-POST requests for actions that change application state

release-0.6
thomascube 17 years ago
parent 3c3b3517c1
commit 8d07583f39

@ -1,6 +1,11 @@
CHANGELOG RoundCube Webmail
---------------------------
2007/05/18 (thomasb)
----------
- Use HTTP-POST requests for actions that change state
2007/05/17 (thomasb)
----------
- Updated Catalan, Russian, Portuguese, Slovak and Chinese translations

@ -2,7 +2,7 @@
/*
+-----------------------------------------------------------------------+
| RoundCube Webmail IMAP Client |
| Version 0.1-20070517 |
| Version 0.1-20070518 |
| |
| Copyright (C) 2005-2007, RoundCube Dev. - Switzerland |
| Licensed under the GNU GPL |
@ -285,7 +285,7 @@ if ($_task=='mail')
if ($_action=='getunread')
include('program/steps/mail/getunread.inc');
if ($_action=='list' && isset($_GET['_remote']))
if ($_action=='list' && isset($_REQUEST['_remote']))
include('program/steps/mail/list.inc');
if ($_action=='search')
@ -323,7 +323,7 @@ if ($_task=='addressbook')
if ($_action=='show')
include('program/steps/addressbook/show.inc');
if ($_action=='list' && $_GET['_remote'])
if ($_action=='list' && $_REQUEST['_remote'])
include('program/steps/addressbook/list.inc');
if ($_action=='search')

@ -1304,7 +1304,7 @@ function rcube_webmail()
// send request to server
var url = '_mbox='+urlencode(mbox);
this.http_request('expunge', url+add_url, lock);
this.http_post('expunge', url+add_url, lock);
};
@ -1326,7 +1326,7 @@ function rcube_webmail()
// send request to server
var url = '_mbox='+urlencode(mbox);
this.http_request('purge', url+add_url, lock);
this.http_post('purge', url+add_url, lock);
return true;
};
@ -1432,7 +1432,7 @@ function rcube_webmail()
add_url += '&_search='+this.env.search_request;
// send request to server
this.http_request(action, '_uid='+a_uids.join(',')+'&_mbox='+urlencode(this.env.mailbox)+add_url, lock);
this.http_post(action, '_uid='+a_uids.join(',')+'&_mbox='+urlencode(this.env.mailbox)+add_url, lock);
};
@ -1511,7 +1511,7 @@ function rcube_webmail()
}
}
this.http_request('mark', '_uid='+a_uids.join(',')+'&_flag='+flag);
this.http_post('mark', '_uid='+a_uids.join(',')+'&_flag='+flag);
};
// mark all message rows as deleted/undeleted
@ -1588,7 +1588,7 @@ function rcube_webmail()
}
}
this.http_request('mark', '_uid='+a_uids.join(',')+'&_flag=undelete');
this.http_post('mark', '_uid='+a_uids.join(',')+'&_flag=undelete');
return true;
};
@ -1615,7 +1615,7 @@ function rcube_webmail()
}
}
this.http_request('mark', '_uid='+a_uids.join(',')+'&_flag=delete');
this.http_post('mark', '_uid='+a_uids.join(',')+'&_flag=delete');
return true;
};
@ -1926,7 +1926,7 @@ function rcube_webmail()
this.remove_attachment = function(name)
{
if (name)
this.http_request('remove-attachment', '_file='+urlencode(name));
this.http_post('remove-attachment', '_file='+urlencode(name));
return true;
};
@ -2356,7 +2356,7 @@ function rcube_webmail()
}
// send request to server
this.http_request('delete', '_cid='+urlencode(a_cids.join(','))+'&_from='+(this.env.action ? this.env.action : ''));
this.http_post('delete', '_cid='+urlencode(a_cids.join(','))+'&_from='+(this.env.action ? this.env.action : ''));
return true;
};
@ -2440,7 +2440,7 @@ function rcube_webmail()
name = form.elements['_folder_name'].value;
if (name)
this.http_request('create-folder', '_name='+urlencode(name), true);
this.http_post('create-folder', '_name='+urlencode(name), true);
else if (form.elements['_folder_name'])
form.elements['_folder_name'].focus();
};
@ -2463,7 +2463,7 @@ function rcube_webmail()
}
if (oldname && newname)
this.http_request('rename-folder', '_folder_oldname='+urlencode(oldname)+'&_folder_newname='+urlencode(newname));
this.http_post('rename-folder', '_folder_oldname='+urlencode(oldname)+'&_folder_newname='+urlencode(newname));
};
@ -2520,7 +2520,7 @@ function rcube_webmail()
{
var newname = this.name_input ? this.name_input.value : null;
if (this.edit_folder && newname)
this.http_request('rename-folder', '_folder_oldname='+urlencode(this.env.subscriptionrows[this.edit_folder][0])+'&_folder_newname='+urlencode(newname));
this.http_post('rename-folder', '_folder_oldname='+urlencode(this.env.subscriptionrows[this.edit_folder][0])+'&_folder_newname='+urlencode(newname));
}
// escape
else if (key==27)
@ -2535,7 +2535,7 @@ function rcube_webmail()
this.reset_folder_rename();
if (folder)
this.http_request('delete-folder', '_mboxes='+urlencode(folder));
this.http_post('delete-folder', '_mboxes='+urlencode(folder));
};
@ -2662,7 +2662,7 @@ function rcube_webmail()
if ((form = this.gui_objects.editform) && form.elements['_unsubscribed'])
this.change_subscription('_unsubscribed', '_subscribed', 'subscribe');
else if (folder)
this.http_request('subscribe', '_mboxes='+urlencode(folder));
this.http_post('subscribe', '_mboxes='+urlencode(folder));
};
@ -2672,7 +2672,7 @@ function rcube_webmail()
if ((form = this.gui_objects.editform) && form.elements['_subscribed'])
this.change_subscription('_subscribed', '_unsubscribed', 'unsubscribe');
else if (folder)
this.http_request('unsubscribe', '_mboxes='+urlencode(folder));
this.http_post('unsubscribe', '_mboxes='+urlencode(folder));
};
@ -2706,7 +2706,7 @@ function rcube_webmail()
list_to[index] = new Option(a_folders[n]);
}
this.http_request(action, '_mboxes='+urlencode(a_folders.join(',')));
this.http_post(action, '_mboxes='+urlencode(a_folders.join(',')));
}
}

@ -19,7 +19,7 @@
*/
if (($cid = get_input_value('_cid', RCUBE_INPUT_GPC)) && preg_match('/^[0-9]+(,[0-9]+)*$/', $cid))
if (($cid = get_input_value('_cid', RCUBE_INPUT_POST)) && preg_match('/^[0-9]+(,[0-9]+)*$/', $cid))
{
$deleted = $CONTACTS->delete($cid);
if (!$deleted)

@ -29,7 +29,7 @@ define('RCUBE_COMPOSE_DRAFT', 0x0108);
// remove an attachment
if ($_action=='remove-attachment' && preg_match('/^rcmfile([0-9]+)$/', $_GET['_file'], $regs))
if ($_action=='remove-attachment' && preg_match('/^rcmfile([0-9]+)$/', $_POST['_file'], $regs))
{
$id = $regs[1];
if (is_array($_SESSION['compose']['attachments'][$id]))

@ -21,12 +21,12 @@
$mbox_name = $IMAP->get_mailbox_name();
// send EXPUNGE command
if ($_action=='expunge')
if ($_action=='expunge' && ($mbox = get_input_value('_mbox', RCUBE_INPUT_POST)))
{
$success = $IMAP->expunge(get_input_value('_mbox', RCUBE_INPUT_GET));
$success = $IMAP->expunge($mbox);
// reload message list if current mailbox
if ($success && !empty($_GET['_reload']))
if ($success && !empty($_REQUEST['_reload']))
{
$OUTPUT->command('message_list.clear');
$_action = 'list';
@ -37,11 +37,11 @@ if ($_action=='expunge')
}
// clear mailbox
else if ($_action=='purge')
else if ($_action=='purge' && ($mbox = get_input_value('_mbox', RCUBE_INPUT_POST)))
{
$success = $IMAP->clear_mailbox(get_input_value('_mbox', RCUBE_INPUT_GET));
$success = $IMAP->clear_mailbox($mbox);
if ($success && !empty($_GET['_reload']))
if ($success && !empty($_REQUEST['_reload']))
{
$OUTPUT->set_env('messagecount', 0);
$OUTPUT->set_env('pagecount', 0);

@ -52,8 +52,8 @@ if (!isset($_SESSION['sort_order']))
$_SESSION['sort_order'] = $CONFIG['message_sort_order'];
// set message set for search result
if (!empty($_GET['_search']) && isset($_SESSION['search'][$_GET['_search']]))
$IMAP->set_search_set($_SESSION['search'][$_GET['_search']]);
if (!empty($_REQUEST['_search']) && isset($_SESSION['search'][$_REQUEST['_search']]))
$IMAP->set_search_set($_SESSION['search'][$_REQUEST['_search']]);
// define url for getting message parts

@ -42,7 +42,7 @@ else
if ($count = $IMAP->messagecount())
$a_headers = $IMAP->list_headers($mbox_name, NULL, $sort_col, $sort_order);
$unseen = $IMAP->messagecount($mbox_name, 'UNSEEN', !empty($_GET['_refresh']) ? TRUE : FALSE);
$unseen = $IMAP->messagecount($mbox_name, 'UNSEEN', !empty($_REQUEST['_refresh']) ? TRUE : FALSE);
// update message count display
$pages = ceil($count/$IMAP->page_size);

@ -24,7 +24,7 @@ $a_flags_map = array(
'read' => 'SEEN',
'unread' => 'UNSEEN');
if (($uids = get_input_value('_uid', RCUBE_INPUT_GET)) && ($flag = get_input_value('_flag', RCUBE_INPUT_GET)))
if (($uids = get_input_value('_uid', RCUBE_INPUT_POST)) && ($flag = get_input_value('_flag', RCUBE_INPUT_POST)))
{
$flag = $a_flags_map[$flag] ? $a_flags_map[$flag] : strtoupper($flag);
$marked = $IMAP->set_flag($uids, $flag);

@ -20,11 +20,11 @@
*/
// move messages
if ($_action=='moveto' && !empty($_GET['_uid']) && !empty($_GET['_target_mbox']))
if ($_action=='moveto' && !empty($_POST['_uid']) && !empty($_POST['_target_mbox']))
{
$count = sizeof(explode(',', ($uids = get_input_value('_uid', RCUBE_INPUT_GET))));
$target = get_input_value('_target_mbox', RCUBE_INPUT_GET);
$moved = $IMAP->move_message($uids, $target, get_input_value('_mbox', RCUBE_INPUT_GET));
$count = sizeof(explode(',', ($uids = get_input_value('_uid', RCUBE_INPUT_POST))));
$target = get_input_value('_target_mbox', RCUBE_INPUT_POST);
$moved = $IMAP->move_message($uids, $target, get_input_value('_mbox', RCUBE_INPUT_POST));
if (!$moved)
{
@ -37,10 +37,10 @@ if ($_action=='moveto' && !empty($_GET['_uid']) && !empty($_GET['_target_mbox'])
}
// delete messages
else if ($_action=='delete' && !empty($_GET['_uid']))
else if ($_action=='delete' && !empty($_POST['_uid']))
{
$count = sizeof(explode(',', ($uids = get_input_value('_uid', RCUBE_INPUT_GET))));
$del = $IMAP->delete_message($uids, get_input_value('_mbox', RCUBE_INPUT_GET));
$count = sizeof(explode(',', ($uids = get_input_value('_uid', RCUBE_INPUT_POST))));
$del = $IMAP->delete_message($uids, get_input_value('_mbox', RCUBE_INPUT_POST));
if (!$del)
{
@ -78,7 +78,7 @@ if ($_action=='moveto' && $target)
$OUTPUT->command('set_quota', $IMAP->get_quota());
// add new rows from next page (if any)
if ($_GET['_from']!='show' && $pages>1 && $IMAP->list_page < $pages)
if ($_POST['_from']!='show' && $pages>1 && $IMAP->list_page < $pages)
{
$sort_col = isset($_SESSION['sort_col']) ? $_SESSION['sort_col'] : $CONFIG['message_sort_col'];
$sort_order = isset($_SESSION['sort_order']) ? $_SESSION['sort_order'] : $CONFIG['message_sort_order'];

@ -26,7 +26,7 @@ rcmail_imap_init(TRUE);
// subscribe to one or more mailboxes
if ($_action=='subscribe')
{
if ($mboxes = get_input_value('_mboxes', RCUBE_INPUT_GET))
if ($mboxes = get_input_value('_mboxes', RCUBE_INPUT_POST))
$IMAP->subscribe(array($mboxes));
if ($OUTPUT->ajax_call)
@ -36,7 +36,7 @@ if ($_action=='subscribe')
// unsubscribe one or more mailboxes
else if ($_action=='unsubscribe')
{
if ($mboxes = get_input_value('_mboxes', RCUBE_INPUT_GET))
if ($mboxes = get_input_value('_mboxes', RCUBE_INPUT_POST))
$IMAP->unsubscribe(array($mboxes));
if ($OUTPUT->ajax_call)
@ -46,8 +46,8 @@ else if ($_action=='unsubscribe')
// create a new mailbox
else if ($_action=='create-folder')
{
if (!empty($_GET['_name']))
$create = $IMAP->create_mailbox(trim(get_input_value('_name', RCUBE_INPUT_GET, FALSE, 'UTF-7')), TRUE);
if (!empty($_POST['_name']))
$create = $IMAP->create_mailbox(trim(get_input_value('_name', RCUBE_INPUT_POST, FALSE, 'UTF-7')), TRUE);
if ($create && $OUTPUT->ajax_call)
{
@ -66,8 +66,8 @@ else if ($_action=='create-folder')
// rename a mailbox
else if ($_action=='rename-folder')
{
if (!empty($_GET['_folder_oldname']) && !empty($_GET['_folder_newname']))
$rename = $IMAP->rename_mailbox(($oldname = get_input_value('_folder_oldname', RCUBE_INPUT_GET)), trim(get_input_value('_folder_newname', RCUBE_INPUT_GET, FALSE, 'UTF-7')));
if (!empty($_POST['_folder_oldname']) && !empty($_POST['_folder_newname']))
$rename = $IMAP->rename_mailbox(($oldname = get_input_value('_folder_oldname', RCUBE_INPUT_POST)), trim(get_input_value('_folder_newname', RCUBE_INPUT_POST, FALSE, 'UTF-7')));
if ($rename && $OUTPUT->ajax_call)
{
@ -88,12 +88,12 @@ else if ($_action=='rename-folder')
// delete an existing IMAP mailbox
else if ($_action=='delete-folder')
{
if ($mboxes = get_input_value('_mboxes', RCUBE_INPUT_GET))
if ($mboxes = get_input_value('_mboxes', RCUBE_INPUT_POST))
$deleted = $IMAP->delete_mailbox(array($mboxes));
if ($OUTPUT->ajax_call && $deleted)
{
$OUTPUT->command('remove_folder_row', get_input_value('_mboxes', RCUBE_INPUT_GET));
$OUTPUT->command('remove_folder_row', get_input_value('_mboxes', RCUBE_INPUT_POST));
$OUTPUT->show_message('folderdeleted', 'confirmation');
$OUTPUT->send();
}

Loading…
Cancel
Save