[SM-CVS] CVS: squirrelmail/src options_order.php,1.33,1.34 read_body.php,1.325,1.326 search.php,1.120,1.121 vcard.php,1.29,1.30

[Thijs K. <ki...@us...>]

Update of /cvsroot/squirrelmail/squirrelmail/src
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv7132

Modified Files:
	options_order.php read_body.php search.php vcard.php 
Log Message:
Some more use of forms.php functions which ensure correct encoding.


Index: options_order.php
===================================================================
RCS file: /cvsroot/squirrelmail/squirrelmail/src/options_order.php,v
retrieving revision 1.33
retrieving revision 1.34
diff -u -w -r1.33 -r1.34
--- options_order.php	12 Apr 2004 06:53:26 -0000	1.33
+++ options_order.php	19 Apr 2004 20:53:59 -0000	1.34
@@ -25,6 +25,7 @@
 require_once(SM_PATH . 'functions/imap.php');
 require_once(SM_PATH . 'functions/plugin.php');
 require_once(SM_PATH . 'functions/html.php');
+require_once(SM_PATH . 'functions/forms.php');
 
 /* get globals */
 sqgetGlobalVar('num',       $num,       SQ_GET);  
@@ -125,8 +126,8 @@
     }
     
     if (count($index_order) != count($available)) {
-        echo '<form name="f" method="post" action="options_order.php">';
-        echo '<select name="add">';
+
+	$opts = array();
         for ($i=1; $i <= count($available); $i++) {
             $found = false;
             for ($j=1; $j <= count($index_order); $j++) {
@@ -135,12 +136,14 @@
                 }
             }
             if (!$found) {
-                echo "<option value=\"$i\">$available[$i]</option>";
+	        $opts[$i] = $available[$i];
             }
         }
-        echo '</select>';
-        echo '<input type="hidden" value="add" name="method">';
-        echo '<input type="submit" value="'._("Add").'" name="submit">';
+	
+        echo addForm('options_order.php', 'post', 'f');
+	echo addSelect('add', $opts, '', TRUE);
+        echo addHidden('method', 'add');
+	echo addSubmit(_("Add"), 'submit');
         echo '</form>';
     }
  

Index: read_body.php
===================================================================
RCS file: /cvsroot/squirrelmail/squirrelmail/src/read_body.php,v
retrieving revision 1.325
retrieving revision 1.326
diff -u -w -r1.325 -r1.326
--- read_body.php	18 Apr 2004 19:25:59 -0000	1.325
+++ read_body.php	19 Apr 2004 20:53:59 -0000	1.326
@@ -664,14 +664,14 @@
     $menu_row .= '<form action="'.$delete_url.'" method="post" style="display: inline">';
 
     if (!(isset($passed_ent_id) && $passed_ent_id)) {
-        $menu_row .= '<input type="hidden" name="message" value="'.$passed_id.'" />';
+        $menu_row .= addHidden('message', $passed_id);
 
         if ($where && $what) {
-            $menu_row .= '<input type="hidden" name="where" value="'.$where.'" />';
-            $menu_row .= '<input type="hidden" name="what" value="'.$what.'" />';
+	    $menu_row .= addHidden('where', $where);
+	    $menu_row .= addHidden('what',  $what);
         } else {
-            $menu_row .= '<input type="hidden" name="sort" value="'.$sort.'" />';
-            $menu_row .= '<input type="hidden" name="startMessage" value="'.$startMessage.'" />';
+	    $menu_row .= addHidden('sort',  $sort);
+	    $menu_row .= addHidden('startMessage', $startMessage);
         }
         $menu_row .= getButton('SUBMIT', 'delete', _("Delete"));
         $menu_row .= '<input type="checkbox" name="bypass_trash">' . _("Bypass Trash");
@@ -698,10 +698,11 @@
         }
 
         $menu_row .= '<form action="'.$base_uri.'src/move_messages.php?'.$current_box.'" method="post" style="display: inline">'.
-              '<small><input type="hidden" name="show_more" value="0" />'.
-              '<input type="hidden" name="dmn" value="1" />'.
-              '<input type="hidden" name="location" value="'.$location.$current_box.'" />'.
-              '<input type="hidden" name="msg[0]" value="'.$passed_id.'" />'._("Move to:") .
+              '<small>'.
+	      addHidden('show_more', '0' ).
+	      addHidden('dmn', '1').
+	      addHidden('location', $location.$current_box).
+	      addHidden('msg[0]', $passed_id) . _("Move to:") .
               '<select name="targetMailbox" style="padding: 0px; margin: 0px">';
 
         if (isset($lastTargetMailbox) && !empty($lastTargetMailbox)) {

Index: search.php
===================================================================
RCS file: /cvsroot/squirrelmail/squirrelmail/src/search.php,v
retrieving revision 1.120
retrieving revision 1.121
diff -u -w -r1.120 -r1.121
--- search.php	12 Apr 2004 06:53:27 -0000	1.120
+++ search.php	19 Apr 2004 20:54:00 -0000	1.121
@@ -588,7 +588,8 @@
 	echo '</select>' . "\n";
 
 /* Include Subfolders */
-	echo _("and&nbsp;subfolders:") . '<input type=checkbox name="sub[' . $row_num .']"' . ($sub ? ' CHECKED' : '') . '></td>' . "\n";
+	echo _("and&nbsp;subfolders:") . 
+	    addCheckBox('sub[' . $row_num .']', $sub) . '</td>' . "\n";
 
 /* Unary operator and Search location */
 	echo html_tag('td',
@@ -597,12 +598,12 @@
 		'center');
 
 /* Text input */
-	$what_disp = htmlspecialchars($what);
-	echo html_tag('td', '<input type="text" size="35" name="what[' . $row_num . ']" value="' . $what_disp . '">', 'center') . "\n";
+	echo html_tag('td', addInput('what['.$row_num.']', $what, '35'), 'center') . "\n";
 
 /* Exclude criteria */
 	echo html_tag('td',
-		_("Exclude Criteria:") . '<input type=checkbox name="exclude[' . $row_num .']"' . ($exclude ? ' CHECKED' : '') . '>', 'center', '') . "\n";
+		_("Exclude Criteria:") . 
+		addCheckBox('exclude['.$row_num.']', $checked), 'center', '') . "\n";
 
 	echo "</tr>\n";
 }

Index: vcard.php
===================================================================
RCS file: /cvsroot/squirrelmail/squirrelmail/src/vcard.php,v
retrieving revision 1.29
retrieving revision 1.30
diff -u -w -r1.29 -r1.30
--- vcard.php	12 Apr 2004 06:53:27 -0000	1.29
+++ vcard.php	19 Apr 2004 20:54:00 -0000	1.30
@@ -147,70 +147,56 @@
         _("Add to Addressbook") .
         '</td></tr>' .
         '<tr><td align=center>' .
-        '<FORM ACTION="../src/addressbook.php" METHOD="POST" NAME=f_add>' .
+	addForm('../src/addressbook.php', 'POST', 'f_add') .
         '<table border=0 cellpadding=2 cellspacing=0 align=center>' .
         '<tr><td align=right><b>Nickname:</b></td>' .
-        '<td><input type=text name="addaddr[nickname]" size=20 value="' .
-        $vcard_safe['firstname'] . '-' . $vcard_safe['lastname'] .
-        '"></td></tr>' .
-        '<tr><td align=right><b>Note Field Contains:</b></td><td>' .
-        '<select name="addaddr[label]">';
+        '<td>'.
+	addInput('addaddr[nickname]', $vcard_safe['firstname'] . '-' . $vcard_safe['lastname'], '20').
+        '</td></tr>' .
+        '<tr><td align=right><b>Note Field Contains:</b></td><td>' ;
 
+$opts = array();
 if (isset($vcard_nice['url'])) {
-    echo '<option value="' . htmlspecialchars($vcard_nice['url']) .
-        '">' . _("Web Page") . "</option>\n";
+    $opts[$vcard_nice['url']] = _("Web Page");
 }
 if (isset($vcard_nice['adr'])) {
-    echo '<option value="' . $vcard_nice['adr'] .
-        '">' . _("Address") . "</option>\n";
+    $opts[$vcard_nice['adr']] = _("Address");
 }
 if (isset($vcard_nice['title'])) {
-    echo '<option value="' . $vcard_nice['title'] .
-        '">' . _("Title") . "</option>\n";
+    $opts[$vcard_nice['title']] = _("Title");
 }
 if (isset($vcard_nice['org'])) {
-    echo '<option value="' . $vcard_nice['org'] .
-        '">' . _("Organization / Department") . "</option>\n";
+    $opts[$vcard_nice['org']] = _("Organization / Department");
 }
 if (isset($vcard_nice['title'])) {
-    echo '<option value="' . $vcard_nice['title'] .
-        '; ' . $vcard_nice['org'] .
-        '">' . _("Title & Org. / Dept.") . "</option>\n";
+    $opts[$vcard_nice['title'].'; '.$vcard_nice['org']] = _("Title & Org. / Dept.");
 }
 if (isset($vcard_nice['tel;work'])) {
-    echo '<option value="' . $vcard_nice['tel;work'] .
-        '">' . _("Work Phone") . "</option>\n";
+    $opts[$vcard_nice['tel;work']] = _("Work Phone");
 }
 if (isset($vcard_nice['tel;home'])) {
-    echo '<option value="' . $vcard_nice['tel;home'] .
-        '">' . _("Home Phone") . "</option>\n";
+    $opts[$vcard_nice['tel;home']] = _("Home Phone");
 }
 if (isset($vcard_nice['tel;cell'])) {
-    echo '<option value="' . $vcard_nice['tel;cell'] .
-        '">' . _("Cellular Phone") . "</option>\n";
+    $opts[$vcard_nice['tel;cell']] = _("Cellular Phone");
 }
 if (isset($vcard_nice['tel;fax'])) {
-    echo '<option value="' . $vcard_nice['tel;fax'] .
-        '">' . _("Fax") . "</option>\n";
+    $opts[$vcard_nice['tel;fax']] = _("Fax");
 }
 if (isset($vcard_nice['note'])) {
-    echo '<option value="' . $vcard_nice['note'] .
-        '">' . _("Note") . "</option>\n";
+    $opts[$vcard_nice['note']] = _("Note");
 }
-echo '</select>' .
-        '</td></tr>' .
+
+echo    addSelect('addaddr[label]', $opts, '', TRUE);
+echo    '</td></tr>' .
         '<tr><td colspan=2 align=center>' .
-        '<INPUT NAME="addaddr[email]" type=hidden value="' .
-        htmlspecialchars($vcard_nice['email;internet']) . '">' .
-        '<INPUT NAME="addaddr[firstname]" type=hidden value="' .
-        $vcard_safe['firstname'] . '">' .
-        '<INPUT NAME="addaddr[lastname]" type=hidden value="' .
-        $vcard_safe['lastname'] . '">' .
-        '<INPUT TYPE=submit NAME="addaddr[SUBMIT]" ' .
-        'VALUE="Add to Address Book">' .
+	addHidden('addaddr[email]', $vcard_nice['email;internet']).
+	addHidden('addaddr[firstname]', $vcard_safe['firstname']).
+	addHidden('addaddr[lastname]', $vcard_safe['lastname']).
+	addSubmit(_("Add to Address Book"), 'addaddr[SUBMIT]').
         '</td></tr>' .
         '</table>' .
-        '</FORM>' .
+        '</form>' .
         '</td></tr>' .
         '<tr><td align=center>' .
         '<a href="../src/download.php?absolute_dl=true&amp;passed_id=' .