~ubuntu-branches/ubuntu/hardy/squirrelmail/hardy-updates

Viewing changes to plugins/calendar/event_delete.php

Committer: Bazaar Package Importer
Author(s): Thijs Kinkhorst
Date: 2006-07-04 14:49:23 UTC
mfrom: (1.1.4 upstream)
Revision ID: james.westby@ubuntu.com-20060704144923-w5l1xdbivclpkmda

Tags: 2:1.4.7-1

http://bugs.debian.org/373731

http://bugs.debian.org/375782

http://bugs.debian.org/376605

* New upstream bugfix release.
  + Addresses some low-impact, theoretical or disputed security bugs,
    for which the code is tightened just-in-case:
    - Possible local file inclusion (Closes: #373731, CVE-2006-2842)
    - XSS in search.php (Closes: #375782, CVE-2006-3174)
  + Adds note to db-backend.txt about postgreSQL (Closes: #376605).

* Checked for standards version to 3.7.2, no changes necessary.
* Update maintainer address.

files added:
doc/ReleaseNotes/1.4/Notes-1.4.6.txt

themes/autumn.php

themes/autumn2.php

themes/blue_on_blue.php

themes/classic_blue.php

themes/classic_blue2.php

themes/powder_blue.php

themes/techno_blue.php

themes/turquoise.php

files modified:
AUTHORS

ChangeLog

INSTALL

ReleaseNotes

class/deliver/Deliver.class.php

class/deliver/Deliver_SMTP.class.php

config/conf.pl

config/config_default.php

config/config_local.php

contrib/decrypt_headers.php

debian/changelog

debian/control

debian/copyright

debian/squirrelmail.docs

doc/db-backend.txt

doc/security.txt

functions/abook_database.php

functions/abook_ldap_server.php

functions/abook_local_file.php

functions/addressbook.php

functions/attachment_common.php

functions/auth.php

functions/constants.php

functions/date.php

functions/db_prefs.php

functions/display_messages.php

functions/file_prefs.php

functions/forms.php

functions/gettext.php

functions/global.php

functions/html.php

functions/i18n.php

functions/identity.php

functions/imap.php

functions/imap_general.php

functions/imap_mailbox.php

functions/imap_messages.php

functions/imap_utf7_local.php

functions/mailbox_display.php

functions/mime.php

functions/options.php

functions/page_header.php

functions/plugin.php

functions/prefs.php

functions/strings.php

functions/tree.php

functions/url_parser.php

include/options/display.php

plugins/bug_report/bug_report.php

plugins/calendar/README

plugins/calendar/calendar.php

plugins/calendar/calendar_data.php

plugins/calendar/day.php

plugins/calendar/event_create.php

plugins/calendar/event_delete.php

plugins/calendar/event_edit.php

plugins/calendar/functions.php

plugins/calendar/index.php

plugins/calendar/setup.php

plugins/delete_move_next/setup.php

plugins/filters/options.php

plugins/info/options.php

plugins/listcommands/setup.php

plugins/translate/setup.php

po/squirrelmail.pot

src/addrbook_popup.php

src/addrbook_search.php

src/addrbook_search_html.php

src/addressbook.php

src/compose.php

src/configtest.php

src/delete_message.php

src/download.php

src/empty_trash.php

src/folders.php

src/help.php

src/image.php

src/left_main.php

src/login.php

src/mailto.php

src/move_messages.php

src/options.php

src/options_highlight.php

src/options_identities.php

src/options_order.php

src/printer_friendly_bottom.php

src/printer_friendly_main.php

src/printer_friendly_top.php

src/read_body.php

src/redirect.php

src/right_main.php

src/search.php

src/signout.php

src/vcard.php

src/view_header.php

src/view_text.php

src/webmail.php

Show diffs side-by-side

added added

removed removed

plugins/calendar/event_delete.php

<?php

/**

* event_delete.php

* Licensed under the GNU GPL. For full terms see the file COPYING.

* Originally contrubuted by Michal Szczotka <michal@tuxy.org>

* Functions to delete a event.

* $Id: event_delete.php,v 1.14.2.5 2006/02/03 22:27:52 jervfors Exp $

* Functions to delete a event.

* @license http://opensource.org/licenses/gpl-license.php GNU Public License

* @version $Id: event_delete.php,v 1.14.2.6 2006/05/06 07:52:18 tokul Exp $

* @package plugins

* @subpackage calendar

/** @ignore */

define('SM_PATH','../../');

/* Calender plugin required files. */

require_once(SM_PATH . 'plugins/calendar/calendar_data.php');

require_once(SM_PATH . 'plugins/calendar/functions.php');

/* SquirrelMail required files. */

require_once(SM_PATH . 'include/validate.php');

require_once(SM_PATH . 'functions/strings.php');

require_once(SM_PATH . 'functions/date.php');

require_once(SM_PATH . 'config/config.php');

require_once(SM_PATH . 'functions/page_header.php');

require_once(SM_PATH . 'include/load_prefs.php');

require_once(SM_PATH . 'functions/html.php');

include_once(SM_PATH . 'include/validate.php');

/* date_intl() */

include_once(SM_PATH . 'functions/date.php');

/* Calendar plugin required files. */

include_once(SM_PATH . 'plugins/calendar/calendar_data.php');

include_once(SM_PATH . 'plugins/calendar/functions.php');

/* get globals */

if (isset($_GET['month']) && is_numeric($_GET['month'])) {

$month = $_GET['month'];

}

elseif (isset($_POST['month']) && is_numeric($_GET['month'])) {

$month = $_POST['month'];

}

if (isset($_GET['year']) && is_numeric($_GET['year'])) {

$year = $_GET['year'];

}

elseif (isset($_POST['year']) && is_numeric($_POST['year'])) {

$year = $_POST['year'];

}

if (isset($_GET['day']) && is_numeric($_GET['day'])) {

$day = $_GET['day'];

}

elseif (isset($_POST['day']) && is_numeric($_POST['day'])) {

$day = $_POST['day'];

}

if (isset($_GET['dyear']) && is_numeric($_GET['dyear'])) {

$dyear = $_GET['dyear'];

}

elseif (isset($_POST['dyear']) && is_numeric($_POST['dyear'])) {

$dyear = $_POST['dyear'];

}

if (isset($_GET['dmonth']) && is_numeric($_GET['dmonth'])) {

$dmonth = $_GET['dmonth'];

}

elseif (isset($_POST['dmonth']) && is_numeric($_POST['dmonth'])) {

$dmonth = $_POST['dmonth'];

}

if (isset($_GET['dday']) && is_numeric($_GET['dday'])) {

$dday = $_GET['dday'];

}

elseif (isset($_POST['dday']) && is_numeric($_POST['dday'])) {

$dday = $_POST['dday'];

}

if (isset($_GET['dhour']) && is_numeric($_GET['dhour'])) {

$dhour = $_GET['dhour'];

}

elseif (isset($_POST['dhour']) && is_numeric($_POST['dhour'])) {

$dhour = $_POST['dhour'];

}

if (isset($_GET['dminute']) && is_numeric($_GET['dminute'])) {

$dminute = $_GET['dminute'];

}

elseif (isset($_POST['dminute']) && is_numeric($_POST['dminute'])) {

$dminute = $_POST['dminute'];

}

if (isset($_POST['confirmed'])) {

$confirmed = $_POST['confirmed'];

}

if (! sqGetGlobalVar('month',$month,SQ_FORM) || ! is_numeric($month)) {

unset($month);

}

if (! sqGetGlobalVar('year',$year,SQ_FORM) || ! is_numeric($year)) {

unset($year);

}

if (! sqGetGlobalVar('day',$day,SQ_FORM) || ! is_numeric($day)) {

unset($day);

}

if (! sqGetGlobalVar('dyear',$dyear,SQ_FORM) || ! is_numeric($dyear)) {

unset($dyear);

}

if (! sqGetGlobalVar('dmonth',$dmonth,SQ_FORM) || ! is_numeric($dmonth)) {

unset($dmonth);

}

if (! sqGetGlobalVar('dday',$dday,SQ_FORM) || ! is_numeric($dday)) {

unset($dday);

}

if (! sqGetGlobalVar('dhour',$dhour,SQ_FORM) || ! is_numeric($dhour)) {

unset($dhour);

}

if (! sqGetGlobalVar('dminute',$dminute,SQ_FORM) || ! is_numeric($dminute)) {

unset($dminute);

}

sqGetGlobalVar('confirmed',$confirmed,SQ_POST);

/* got 'em */

function confirm_deletion()

{

/**

* Displays confirmation form when event is deleted

* @return void

function confirm_deletion() {

global $calself, $dyear, $dmonth, $dday, $dhour, $dminute, $calendardata, $color, $year, $month, $day;

$tmparray = $calendardata["$dmonth$dday$dyear"]["$dhour$dminute"];

echo html_tag( 'table',

html_tag( 'tr',

html_tag( 'th', _("Do you really want to delete this event?") . '<br>', '', $color[4], 'colspan="2"' )

html_tag( 'th', _("Do you really want to delete this event?") . '<br />', '', $color[4], 'colspan="2"' )

) .

html_tag( 'tr',

html_tag( 'td', _("Date:"), 'right', $color[4] ) .

html_tag( 'td', $dmonth.'/'.$dday.'/'.$dyear, 'left', $color[4] )

html_tag( 'td', date_intl(_("m/d/Y"),mktime(0,0,0,$dmonth,$dday,$dyear)), 'left', $color[4] )

) .

html_tag( 'tr',

html_tag( 'td', _("Time:"), 'right', $color[4] ) .

html_tag( 'td', $dhour.':'.$dminute, 'left', $color[4] )

html_tag( 'td', date_intl(_("H:i"),mktime($dhour,$dminute,0,$dmonth,$dday,$dyear)), 'left', $color[4] )

100

) .

101

html_tag( 'tr',

102

html_tag( 'td', _("Title:"), 'right', $color[4] ) .

103

html_tag( 'td', $tmparray['title'], 'left', $color[4] )

html_tag( 'td', htmlspecialchars($tmparray['title']), 'left', $color[4] )

104

) .

105

html_tag( 'tr',

106

html_tag( 'td', _("Message:"), 'right', $color[4] ) .

107

html_tag( 'td', $tmparray['message'], 'left', $color[4] )

html_tag( 'td', nl2br(htmlspecialchars($tmparray['message'])), 'left', $color[4] )

108

) .

109

html_tag( 'tr',

110

html_tag( 'td',

111

" <FORM NAME=\"delevent\" METHOD=POST ACTION=\"$calself\">\n".

112

" <INPUT TYPE=HIDDEN NAME=\"dyear\" VALUE=\"$dyear\">\n".

113

" <INPUT TYPE=HIDDEN NAME=\"dmonth\" VALUE=\"$dmonth\">\n".

114

" <INPUT TYPE=HIDDEN NAME=\"dday\" VALUE=\"$dday\">\n".

115

" <INPUT TYPE=HIDDEN NAME=\"year\" VALUE=\"$year\">\n".

116

" <INPUT TYPE=HIDDEN NAME=\"month\" VALUE=\"$month\">\n".

117

" <INPUT TYPE=HIDDEN NAME=\"day\" VALUE=\"$day\">\n".

118

" <INPUT TYPE=HIDDEN NAME=\"dhour\" VALUE=\"$dhour\">\n".

119

" <INPUT TYPE=HIDDEN NAME=\"dminute\" VALUE=\"$dminute\">\n".

120

" <INPUT TYPE=HIDDEN NAME=\"confirmed\" VALUE=\"yes\">\n".

121

' <INPUT TYPE=SUBMIT VALUE="' . _("Yes") . "\">\n".

122

" </FORM>\n" ,

" <form name=\"delevent\" method=\"post\" action=\"$calself\">\n".

" <input type=\"hidden\" name=\"dyear\" value=\"$dyear\" />\n".

" <input type=\"hidden\" name=\"dmonth\" value=\"$dmonth\" />\n".

" <input type=\"hidden\" name=\"dday\" value=\"$dday\" />\n".

" <input type=\"hidden\" name=\"year\" value=\"$year\" />\n".

" <input type=\"hidden\" name=\"month\" value=\"$month\" />\n".

" <input type=\"hidden\" name=\"day\" value=\"$day\" />\n".

" <input type=\"hidden\" name=\"dhour\" value=\"$dhour\" />\n".

" <input type=\"hidden\" name=\"dminute\" value=\"$dminute\" />\n".

" <input type=\"hidden\" name=\"confirmed\" value=\"yes\" />\n".

' <input type="submit" value="' . _("Yes") . "\" />\n".

" </form>\n" ,

123

'right', $color[4] ) .

124

html_tag( 'td',

125

" <FORM NAME=\"nodelevent\" METHOD=POST ACTION=\"day.php\">\n".

126

" <INPUT TYPE=HIDDEN NAME=\"year\" VALUE=\"$year\">\n".

127

" <INPUT TYPE=HIDDEN NAME=\"month\" VALUE=\"$month\">\n".

128

" <INPUT TYPE=HIDDEN NAME=\"day\" VALUE=\"$day\">\n".

129

' <INPUT TYPE=SUBMIT VALUE="' . _("No") . "\">\n".

130

" </FORM>\n" ,

" <form name=\"nodelevent\" method=\"post\" action=\"day.php\">\n".

100

" <input type=\"hidden\" name=\"year\" value=\"$year\" />\n".

101

" <input type=\"hidden\" name=\"month\" value=\"$month\" />\n".

102

" <input type=\"hidden\" name=\"day\" value=\"$day\" />\n".

103

' <input type="submit" value="' . _("No") . "\" />\n".

104

" </form>\n" ,

131

105

'left', $color[4] )

132

106

) ,

133

107

'', $color[0], 'border="0" cellpadding="2" cellspacing="1"' );

158

132

if (isset($dyear) && isset($dmonth) && isset($dday) && isset($dhour) && isset($dminute)){

159

133

if (isset($confirmed)){

160

134

delete_event("$dmonth$dday$dyear", "$dhour$dminute");

161

echo '<br><br>' . _("Event deleted!") . "<br>\n";

135

echo '<br /><br />' . _("Event deleted!") . "<br />\n";

162

136

echo "<a href=\"day.php?year=$year&month=$month&day=$day\">" .

163

137

_("Day View") . "</a>\n";

164

138

} else {

166

140

confirm_deletion();

167

141

}

168

142

} else {

169

echo '<br>' . _("Nothing to delete!");

143

echo '<br />' . _("Nothing to delete!");

170

144

}

171

145

172

146

Older »