From 7a5c48e7f70b8bc938fcae3ffd2be0fdbeaab145 Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Wed, 13 Dec 2006 02:17:24 -0500
Subject: [PATCH] Changed 'junk' label in French localization

---
 program/steps/settings/save_identity.inc |   41 ++++++++++++++++++++++++++++-------------
 1 files changed, 28 insertions(+), 13 deletions(-)

diff --git a/program/steps/settings/save_identity.inc b/program/steps/settings/save_identity.inc
index dc61b78..60a6855 100644
--- a/program/steps/settings/save_identity.inc
+++ b/program/steps/settings/save_identity.inc
@@ -19,8 +19,9 @@
 
 */
 
-$a_save_cols = array('name', 'email', 'organization', 'reply-to', 'bcc', 'standard', 'signature');
-
+$a_save_cols = array('name', 'email', 'organization', 'reply-to', 'bcc', 'standard', 'signature', 'html_signature');
+$a_html_cols = array('signature');
+$a_boolean_cols = array('standard', 'html_signature');
 
 // check input
 if (empty($_POST['_name']) || empty($_POST['_email']))
@@ -42,7 +43,20 @@
     if (!isset($_POST[$fname]))
       continue;
 
-    $a_write_sql[] = sprintf("%s=%s", $DB->quoteIdentifier($col), $DB->quote(strip_tags($_POST[$fname])));
+    $a_write_sql[] = sprintf("%s=%s",
+                             $DB->quoteIdentifier($col),
+                             $DB->quote(get_input_value($fname, RCUBE_INPUT_POST, in_array($col, $a_html_cols))));
+    }
+
+  // set "off" values for checkboxes that were not checked, and therefore
+  // not included in the POST body.
+  foreach ($a_boolean_cols as $col)
+    {
+    $fname = '_' . $col;
+    if (!isset($_POST[$fname]))
+      {
+      $a_write_sql[] = sprintf("%s=0", $DB->quoteIdentifier($col));
+      }
     }
 
   if (sizeof($a_write_sql))
@@ -52,7 +66,7 @@
                 WHERE  identity_id=?
                 AND    user_id=?
                 AND    del<>1",
-                $_POST['_iid'],
+                get_input_value('_iid', RCUBE_INPUT_POST),
                 $_SESSION['user_id']);
                        
     $updated = $DB->affected_rows();
@@ -63,13 +77,14 @@
     show_message('successfullysaved', 'confirmation');
 
     // mark all other identities as 'not-default'
-    $DB->query("UPDATE ".get_table_name('identities')."
-                SET ".$DB->quoteIdentifier('standard')."='0'
-                WHERE  user_id=?
-                AND    identity_id<>?
-                AND    del<>1",
-                $_SESSION['user_id'],
-                $_POST['_iid']);
+    if (!empty($_POST['_standard']))
+      $DB->query("UPDATE ".get_table_name('identities')."
+                  SET ".$DB->quoteIdentifier('standard')."='0'
+                  WHERE  user_id=?
+                  AND    identity_id<>?
+                  AND    del<>1",
+                  $_SESSION['user_id'],
+                  get_input_value('_iid', RCUBE_INPUT_POST));
     
     if ($_POST['_framed'])
       {
@@ -77,7 +92,7 @@
       // ...      
       }
     }
-  else
+  else if ($DB->is_error())
     {
     // show error message
     show_message('errorsaving', 'error');
@@ -97,7 +112,7 @@
       continue;
     
     $a_insert_cols[] = $DB->quoteIdentifier($col);
-    $a_insert_values[] = $DB->quote(strip_tags($_POST[$fname]));
+    $a_insert_values[] = $DB->quote(get_input_value($fname, RCUBE_INPUT_POST, in_array($col, $a_html_cols)));
     }
     
   if (sizeof($a_insert_cols))

--
Gitblit v1.9.1