27 lines
1.1 KiB
Text
27 lines
1.1 KiB
Text
$NetBSD: patch-az,v 1.3 2012/11/02 19:02:51 shattered Exp $
|
|
|
|
--- mailboxes/search_form.cgi.orig 2012-06-29 22:31:51.000000000 +0000
|
|
+++ mailboxes/search_form.cgi
|
|
@@ -13,9 +13,9 @@ require './mailboxes-lib.pl';
|
|
|
|
# Start of form
|
|
print &ui_form_start("mail_search.cgi");
|
|
-print &ui_hidden("user", $in{'user'});
|
|
-print &ui_hidden("dom", $in{'dom'});
|
|
-print &ui_hidden("ofolder", $in{'folder'});
|
|
+print &ui_hidden("user", &html_escape($in{'user'}));
|
|
+print &ui_hidden("dom", &html_escape($in{'user'}));
|
|
+print &ui_hidden("ofolder", &html_escape($in{'folder'}));
|
|
print &ui_table_start($text{'sform_header'}, "width=100%", 2);
|
|
|
|
# And/or mode
|
|
@@ -54,7 +54,7 @@ print &ui_table_row($text{'sform_folder2
|
|
print &ui_table_end();
|
|
print &ui_form_end([ [ undef, $text{'sform_ok'} ] ]);
|
|
|
|
-&ui_print_footer("list_mail.cgi?folder=$in{'folder'}&user=".
|
|
- &urlize($in{'user'})."&dom=$in{'dom'}", $text{'mail_return'},
|
|
+&ui_print_footer("list_mail.cgi?folder=" . &urlize($in{'folder'}) . "&user=".
|
|
+ &urlize($in{'user'})."&dom=".&urlize($in{'dom'}), $text{'mail_return'},
|
|
&user_list_link(), $text{'index_return'});
|
|
|