From b3ce7915610a6d272cc38ecd2a8b61e04ee4aeae Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Fri, 16 Feb 2007 14:35:03 -0500
Subject: [PATCH] Better input checking on GET and POST vars

---
 program/steps/mail/show.inc |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/program/steps/mail/show.inc b/program/steps/mail/show.inc
index b1fa7cf..841a41b 100644
--- a/program/steps/mail/show.inc
+++ b/program/steps/mail/show.inc
@@ -64,7 +64,7 @@
 
   // mark message as read
   if (!$MESSAGE['headers']->seen && $_action != 'preview')
-    $IMAP->set_flag($_GET['_uid'], 'SEEN');
+    $IMAP->set_flag($MESSAGE['UID'], 'SEEN');
 
   // give message uid to the client
   $javascript = sprintf("%s.set_env('uid', '%s');\n", $JS_OBJECT_NAME, $MESSAGE['UID']);

--
Gitblit v1.9.1