From cb2bc809ef29f349d38c89e202d821e67bb4c947 Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Tue, 21 Sep 2010 14:47:55 -0400
Subject: [PATCH] Fix db_mode check in insert_id()
---
program/steps/settings/delete_identity.inc | 23 +++++++++++++++++------
1 files changed, 17 insertions(+), 6 deletions(-)
diff --git a/program/steps/settings/delete_identity.inc b/program/steps/settings/delete_identity.inc
index a72a8a7..06bcab9 100644
--- a/program/steps/settings/delete_identity.inc
+++ b/program/steps/settings/delete_identity.inc
@@ -5,7 +5,7 @@
| program/steps/settings/delete_identity.inc |
| |
| This file is part of the RoundCube Webmail client |
- | Copyright (C) 2005-2007, RoundCube Dev. - Switzerland |
+ | Copyright (C) 2005-2009, RoundCube Dev. - Switzerland |
| Licensed under the GNU GPL |
| |
| PURPOSE: |
@@ -19,13 +19,24 @@
*/
-if (($ids = get_input_value('_iid', RCUBE_INPUT_GET)) && preg_match('/^[0-9]+(,[0-9]+)*$/', $ids))
+$iid = get_input_value('_iid', RCUBE_INPUT_GPC);
+
+// check request token
+if (!$OUTPUT->ajax_call && !$RCMAIL->check_request(RCUBE_INPUT_GPC)) {
+ $OUTPUT->show_message('invalidrequest', 'error');
+ rcmail_overwrite_action('identities');
+ return;
+}
+
+if ($iid && preg_match('/^[0-9]+(,[0-9]+)*$/', $iid))
{
- if ($USER->delete_identity($ids)) {
- $OUTPUT->show_message('deletedsuccessfully', 'confirmation');
+ $plugin = $RCMAIL->plugins->exec_hook('identity_delete', array('id' => $iid));
+
+ if (!$plugin['abort'] && $USER->delete_identity($iid)) {
+ $OUTPUT->show_message('deletedsuccessfully', 'confirmation', null, false);
}
else {
- $OUTPUT->show_message('nodeletelastidentity', 'error');
+ $OUTPUT->show_message('nodeletelastidentity', 'error', null, false);
}
// send response
if ($OUTPUT->ajax_call)
@@ -38,4 +49,4 @@
// go to identities page
rcmail_overwrite_action('identities');
-?>
+
--
Gitblit v1.9.1