From 078adf9da77f7ca6a3c02f9ef71be687aedb8856 Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Wed, 19 Jul 2006 15:36:35 -0400
Subject: [PATCH] Improved usability (Ticket #1483807) and HTML validity; applied patch #1328032; fixed bug #1443200

---
 program/include/main.inc |    9 +++++++--
 1 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/program/include/main.inc b/program/include/main.inc
index ef2ecbf..e77df19 100644
--- a/program/include/main.inc
+++ b/program/include/main.inc
@@ -1274,6 +1274,9 @@
   static $sa_buttons = array();
   static $s_button_count = 100;
   
+  // these commands can be called directly via url
+  $a_static_commands = array('compose', 'list');
+  
   $skin_path = $CONFIG['skin_path'];
   
   if (!($attrib['command'] || $attrib['name']))
@@ -1352,9 +1355,11 @@
                                 $attrib['imagesel'] ? $skin_path.$attrib['imagesel'] : $attrib['classsel'],
                                 $attrib['imageover'] ? $skin_path.$attrib['imageover'] : ''));
 
-    // make valid href to task buttons
+    // make valid href to specific buttons
     if (in_array($attrib['command'], $MAIN_TASKS))
-      $attrib['href'] = ereg_replace('_task=[a-z]+', '_task='.$attrib['command'], $COMM_PATH);
+      $attrib['href'] = htmlentities(ereg_replace('_task=[a-z]+', '_task='.$attrib['command'], $COMM_PATH));
+    else if (in_array($attrib['command'], $a_static_commands))
+      $attrib['href'] = htmlentities($COMM_PATH.'&_action='.$attrib['command']);
     }
 
   // overwrite attributes

--
Gitblit v1.9.1