From 037af6890fe6fdb84a08d3c86083e847c90ec0ad Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Tue, 22 Oct 2013 08:17:26 -0400
Subject: [PATCH] Fix vulnerability in handling _session argument of utils/save-prefs (#1489382)

---
 skins/larry/templates/contactedit.html |    7 ++++---
 1 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/skins/larry/templates/contactedit.html b/skins/larry/templates/contactedit.html
index 4bea55b..f849366 100644
--- a/skins/larry/templates/contactedit.html
+++ b/skins/larry/templates/contactedit.html
@@ -4,7 +4,7 @@
 <title><roundcube:object name="pagetitle" /></title>
 <roundcube:include file="/includes/links.html" />
 </head>
-<body class="iframe footerbuttons">
+<body class="iframe">
 
 <h1 class="boxtitle">
 	<roundcube:if condition="env:action=='add'" /><roundcube:label name="addcontact" />
@@ -19,6 +19,7 @@
 	<div id="contactphoto">
 		<roundcube:object name="contactphoto" id="contactpic" placeholder="/images/contactpic.png" />
 		<roundcube:if condition="env:photocol" />
+		<roundcube:object name="fileDropArea" id="contactpic" />
 		<div class="formlinks">
 			<roundcube:button command="upload-photo" id="uploadformlink" type="link" label="replacephoto" class="iconlink upload disabled" classAct="iconlink upload active" onclick="UI.show_uploadform();return false" condition="env:photocol" /><br/>
 			<roundcube:button command="delete-photo" type="link" label="delete" class="iconlink delete disabled" classAct="iconlink delete active" condition="env:photocol" />
@@ -35,13 +36,13 @@
 
 </form>
 
-<div class="footerbuttons formbuttons">
+<div class="footerleft formbuttons">
 	<roundcube:button command="save" type="input" class="button mainaction" label="save" />
 	<roundcube:button command="show" type="input" class="button" label="cancel" condition="env:action=='edit'" />
 	<roundcube:button name="cancel" type="input" class="button" label="cancel" onclick="history.back()" condition="env:action=='add'" />
 </div>
 
-<div id="upload-dialog" class="propform popupdialog">
+<div id="upload-dialog" class="propform popupdialog" title="<roundcube:label name='uploadphoto' />">
 	<roundcube:object name="photoUploadForm" id="upload-form" size="30" buttons="no" />
 	<div class="formbuttons">
 		<roundcube:button command="upload-photo" type="input" class="button mainaction" label="upload" />

--
Gitblit v1.9.1