From 2f2f15b7aabe19e45dad9bddb7eb7f4394aa1e21 Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Mon, 04 Sep 2006 08:26:30 -0400
Subject: [PATCH] Little improvements for message parsing and encoding
---
program/steps/settings/save_identity.inc | 34 +++++++++++++++++++---------------
1 files changed, 19 insertions(+), 15 deletions(-)
diff --git a/program/steps/settings/save_identity.inc b/program/steps/settings/save_identity.inc
index 2e42987..ffbcfe3 100644
--- a/program/steps/settings/save_identity.inc
+++ b/program/steps/settings/save_identity.inc
@@ -19,7 +19,8 @@
*/
-$a_save_cols = array('name', 'email', 'organization', 'reply-to', 'bcc', 'default');
+$a_save_cols = array('name', 'email', 'organization', 'reply-to', 'bcc', 'standard', 'signature');
+$a_html_cols = array('signature');
// check input
@@ -42,7 +43,9 @@
if (!isset($_POST[$fname]))
continue;
- $a_write_sql[] = sprintf("%s=%s", $DB->quoteIdentifier($col), $DB->quote(strip_tags($_POST[$fname])));
+ $a_write_sql[] = sprintf("%s=%s",
+ $DB->quoteIdentifier($col),
+ $DB->quote(get_input_value($fname, RCUBE_INPUT_POST, in_array($col, $a_html_cols))));
}
if (sizeof($a_write_sql))
@@ -51,8 +54,8 @@
SET ".join(', ', $a_write_sql)."
WHERE identity_id=?
AND user_id=?
- AND del<>'1'",
- $_POST['_iid'],
+ AND del<>1",
+ get_input_value('_iid', RCUBE_INPUT_POST),
$_SESSION['user_id']);
$updated = $DB->affected_rows();
@@ -63,13 +66,14 @@
show_message('successfullysaved', 'confirmation');
// mark all other identities as 'not-default'
- $DB->query("UPDATE ".get_table_name('identities')."
- SET ".$DB->quoteIdentifier('default')."='0'
- WHERE user_id=?
- AND identity_id<>?
- AND del<>'1'",
- $_SESSION['user_id'],
- $_POST['_iid']);
+ if (!empty($_POST['_standard']))
+ $DB->query("UPDATE ".get_table_name('identities')."
+ SET ".$DB->quoteIdentifier('standard')."='0'
+ WHERE user_id=?
+ AND identity_id<>?
+ AND del<>1",
+ $_SESSION['user_id'],
+ get_input_value('_iid', RCUBE_INPUT_POST));
if ($_POST['_framed'])
{
@@ -77,7 +81,7 @@
// ...
}
}
- else
+ else if ($DB->is_error())
{
// show error message
show_message('errorsaving', 'error');
@@ -97,7 +101,7 @@
continue;
$a_insert_cols[] = $DB->quoteIdentifier($col);
- $a_insert_values[] = $DB->quote(strip_tags($_POST[$fname]));
+ $a_insert_values[] = $DB->quote(get_input_value($fname, RCUBE_INPUT_POST, in_array($col, $a_html_cols)));
}
if (sizeof($a_insert_cols))
@@ -106,8 +110,8 @@
(user_id, ".join(', ', $a_insert_cols).")
VALUES (?, ".join(', ', $a_insert_values).")",
$_SESSION['user_id']);
-
- $insert_id = $DB->insert_id();
+
+ $insert_id = $DB->insert_id(get_sequence_name('identities'));
}
if ($insert_id)
--
Gitblit v1.9.1