diff -up squirrelmail-1.4.20/functions/global.php.biguid squirrelmail-1.4.20/functions/global.php
--- squirrelmail-1.4.20/functions/global.php.biguid 2010-01-28 00:35:26.000000000 +0100
+++ squirrelmail-1.4.20/functions/global.php 2010-03-08 09:45:27.325832342 +0100
@@ -609,3 +609,16 @@ function file_has_long_lines($filename,
return FALSE;
}
+/**
+ * Restrict value to be numeric string
+ *
+ * @param string $value The value to be checked
+ *
+ * @return $value if it is numeric string, "0" otherwise
+ *
+ * @since 1.4.18
+ */
+function sqrestrict_to_num($value)
+{
+ return preg_match('/^[0-9]+$/', $value) ? $value : '0';
+}
diff -up squirrelmail-1.4.20/functions/imap_messages.php.biguid squirrelmail-1.4.20/functions/imap_messages.php
--- squirrelmail-1.4.20/functions/imap_messages.php.biguid 2010-01-25 03:47:41.000000000 +0100
+++ squirrelmail-1.4.20/functions/imap_messages.php 2010-03-08 09:45:27.326828209 +0100
@@ -1025,7 +1025,7 @@ function sqimap_get_message($imap_stream
global $uid_support;
// typecast to int to prohibit 1:* msgs sets
- $id = (int) $id;
+ $id = sqrestrict_to_num($id);
$flags = array();
$read = sqimap_run_command($imap_stream, "FETCH $id (FLAGS BODYSTRUCTURE)", true, $response, $message, $uid_support);
if ($read) {
diff -up squirrelmail-1.4.20/plugins/delete_move_next/setup.php.biguid squirrelmail-1.4.20/plugins/delete_move_next/setup.php
--- squirrelmail-1.4.20/plugins/delete_move_next/setup.php.biguid 2010-02-20 20:31:44.000000000 +0100
+++ squirrelmail-1.4.20/plugins/delete_move_next/setup.php 2010-03-08 15:51:22.927624535 +0100
@@ -170,11 +170,11 @@ function delete_move_next_read($currloc)
$prev_if_del = $prev;
$next_if_del = $next;
if (!$uid_support && ($auto_expunge || $move_to_trash)) {
- if ($prev_if_del > $passed_id) {
- $prev_if_del--;
+ if (((float)$prev_if_del) > ((float)$passed_id)) {
+ $prev_if_del = (string) (((float)$prev_if_del) -1);
}
- if ($next_if_del > $passed_id) {
- $next_if_del--;
+ if (((float)$next_if_del) > ((float)$passed_id)) {
+ $next_if_del = (string) (((float)$next_if_del) -1);
}
}
@@ -203,7 +203,7 @@
'<tr>'.
"<td bgcolor=\"$color[9]\" width=\"100%\" align=\"center\"><small>";
- if ($prev > 0){
+ if ((float)$prev > 0){
echo "<a href=\"" . $base_uri . "src/read_body.php?passed_id=$prev_if_del&mailbox=$urlMailbox&sort=$sort&startMessage=$startMessage&delete_id=$passed_id&smtoken=" . sm_generate_security_token() . "\">" . _("Delete & Prev") . "</a>" . " | ";
if ($delete_move_next_show_unread == SMPREF_ON) {
echo "<a href=\"" . $base_uri . "src/read_body.php?passed_id=$prev_if_del&mailbox=$urlMailbox&sort=$sort&startMessage=$startMessage&unread_id=$passed_id&smtoken=" . sm_generate_security_token() . "\">" . _("Unread & Prev") . "</a>" . " | ";
@@ -215,7 +215,7 @@
echo _("Unread & Prev") . " | ";
}
}
- if ($next > 0){
+ if ((float)$next > 0){
if ($delete_move_next_show_unread == SMPREF_ON) {
echo "<a href=\"" . $base_uri . "src/read_body.php?passed_id=$next_if_del&mailbox=$urlMailbox&sort=$sort&startMessage=$startMessage&unread_id=$passed_id&smtoken=" . sm_generate_security_token() . "\">" . _("Unread & Next") . "</a> | ";
}
@@ -228,12 +228,12 @@
}
echo '</small></td></tr>';
- if ($next_if_del < 0) {
+ if ((float)$next_if_del < 0) {
$next_if_del = $prev_if_del;
}
if (($delete_move_next_formATtop == SMPREF_ON) && ($currloc == 'top')) {
if (!$delete_move_next_return_to_message_list
- && $next_if_del > 0) {
+ && (float)$next_if_del > 0) {
delete_move_next_moveNextForm($next_if_del);
} else {
delete_move_next_moveRightMainForm();
@@ -241,7 +241,7 @@
}
if (($delete_move_next_formATbottom != SMPREF_NO) && ($currloc == 'bottom')) {
if (!$delete_move_next_return_to_message_list
- && $next_if_del > 0) {
+ && (float)$next_if_del > 0) {
delete_move_next_moveNextForm($next_if_del);
} else {
delete_move_next_moveRightMainForm();
diff -up squirrelmail-1.4.20/src/compose.php.biguid squirrelmail-1.4.20/src/compose.php
--- squirrelmail-1.4.20/src/compose.php.biguid 2010-02-16 21:17:13.000000000 +0100
+++ squirrelmail-1.4.20/src/compose.php 2010-03-08 09:45:27.368576639 +0100
@@ -95,7 +95,7 @@ sqgetGlobalVar('ent_num',$ent_num, $SQ_G
sqgetGlobalVar('saved_draft',$saved_draft, SQ_FORM);
if ( sqgetGlobalVar('delete_draft',$delete_draft) ) {
- $delete_draft = (int)$delete_draft;
+ $delete_draft = sqrestrict_to_num($delete_draft);
}
if ( sqgetGlobalVar('startMessage',$startMessage) ) {
diff -up squirrelmail-1.4.20/src/download.php.biguid squirrelmail-1.4.20/src/download.php
--- squirrelmail-1.4.20/src/download.php.biguid 2010-01-25 03:47:41.000000000 +0100
+++ squirrelmail-1.4.20/src/download.php 2010-03-08 09:45:27.368576639 +0100
@@ -38,7 +38,7 @@ sqgetGlobalVar('mailbox', $mailbox,
sqgetGlobalVar('ent_id', $ent_id, SQ_GET);
sqgetGlobalVar('absolute_dl',$absolute_dl, SQ_GET);
if ( sqgetGlobalVar('passed_id', $temp, SQ_GET) ) {
- $passed_id = (int) $temp;
+ $passed_id = sqrestrict_to_num($temp);
}
global $default_charset;
diff -up squirrelmail-1.4.20/src/image.php.biguid squirrelmail-1.4.20/src/image.php
--- squirrelmail-1.4.20/src/image.php.biguid 2010-01-25 03:47:41.000000000 +0100
+++ squirrelmail-1.4.20/src/image.php 2010-03-08 09:45:27.369702769 +0100
@@ -32,7 +32,7 @@ displayPageHeader($color, 'None');
/* globals */
if ( sqgetGlobalVar('passed_id', $temp, SQ_GET) ) {
- $passed_id = (int) $temp;
+ $passed_id = sqrestrict_to_num($temp);
}
sqgetGlobalVar('mailbox', $mailbox, SQ_GET);
sqgetGlobalVar('ent_id', $ent_id, SQ_GET);
diff -up squirrelmail-1.4.20/src/printer_friendly_main.php.biguid squirrelmail-1.4.20/src/printer_friendly_main.php
--- squirrelmail-1.4.20/src/printer_friendly_main.php.biguid 2010-01-25 03:47:41.000000000 +0100
+++ squirrelmail-1.4.20/src/printer_friendly_main.php 2010-03-08 09:45:27.370701998 +0100
@@ -29,7 +29,7 @@
! sqgetGlobalVar('passed_id',$passed_id,SQ_GET)) {
error_box(_("Invalid URL"),$color);
} else {
- $passed_id= (int) $passed_id;
+ $passed_id= sqrestrict_to_num($passed_id);
$view_unsafe_images = (bool) $_GET['view_unsafe_images'];
/* end globals */
displayHtmlHeader( _("Printer Friendly"), '', false );
diff -up squirrelmail-1.4.20/src/read_body.php.biguid squirrelmail-1.4.20/src/read_body.php
--- squirrelmail-1.4.20/src/read_body.php.biguid 2010-02-14 00:06:30.000000000 +0100
+++ squirrelmail-1.4.20/src/read_body.php 2010-03-08 09:45:27.370701998 +0100
@@ -759,7 +759,7 @@ sqgetGlobalVar('passed_ent_id', $passed_
sqgetGlobalVar('mailbox', $mailbox);
if ( sqgetGlobalVar('passed_id', $temp) ) {
- $passed_id = (int) $temp;
+ $passed_id = sqrestrict_to_num($temp);
}
if ( sqgetGlobalVar('sort', $temp) ) {
$sort = (int) $temp;
diff -up squirrelmail-1.4.20/src/view_header.php.biguid squirrelmail-1.4.20/src/view_header.php
--- squirrelmail-1.4.20/src/view_header.php.biguid 2010-01-25 03:47:41.000000000 +0100
+++ squirrelmail-1.4.20/src/view_header.php 2010-03-08 09:45:27.417576628 +0100
@@ -120,7 +120,7 @@ function view_header($header, $mailbox,
/* get global vars */
if ( sqgetGlobalVar('passed_id', $temp, SQ_GET) ) {
- $passed_id = (int) $temp;
+ $passed_id = sqrestrict_to_num($temp);
}
if ( sqgetGlobalVar('mailbox', $temp, SQ_GET) ) {
$mailbox = $temp;
distrib
>
Mageia
>
7
>
i586
>
media
>
core-updates-src
>
by-pkgid
>
fc6f60ad5dc13a448a13eb625263b62c
>
files
>
29
