onokazu
onoka****@users*****
2005年 6月 11日 (土) 11:32:52 JST
Index: xoops2jp/html/modules/system/admin/mailusers/mailform.php
diff -u xoops2jp/html/modules/system/admin/mailusers/mailform.php:1.2 xoops2jp/html/modules/system/admin/mailusers/mailform.php:1.3
--- xoops2jp/html/modules/system/admin/mailusers/mailform.php:1.2 Fri Mar 18 21:52:38 2005
+++ xoops2jp/html/modules/system/admin/mailusers/mailform.php Sat Jun 11 11:32:52 2005
@@ -1,5 +1,5 @@
<?php
-// $Id: mailform.php,v 1.2 2005/03/18 12:52:38 onokazu Exp $
+// $Id: mailform.php,v 1.3 2005/06/11 02:32:52 onokazu Exp $
// ------------------------------------------------------------------------ //
// XOOPS - PHP Content Management System //
// Copyright (c) 2000 XOOPS.org //
@@ -30,49 +30,50 @@
// ------------------------------------------------------------------------- //
$form = new XoopsThemeForm(_AM_SENDMTOUSERS, "mailusers", "admin.php?fct=mailusers");
+$form->addElement(new XoopsFormToken(XoopsSingleTokenHandler::quickCreate('mailusers_send')));
// from finduser section
if (!empty($_POST['memberslist_id'])) {
- $user_count = count($_POST['memberslist_id']);
- $display_names = "";
- for ( $i = 0; $i < $user_count; $i++ ) {
- $uid_hidden = new XoopsFormHidden("mail_to_user[]", $_POST['memberslist_id'][$i]);
- $form->addElement($uid_hidden);
- $display_names .= "<a href='".XOOPS_URL."/userinfo.php?uid=".$_POST['memberslist_id'][$i]."' target='_blank'>".$_POST['memberslist_uname'][$_POST['memberslist_id'][$i]]."</a>, ";
- unset($uid_hidden);
- }
- $users_label = new XoopsFormLabel(_AM_SENDTOUSERS2, substr($display_names, 0, -2));
- $form->addElement($users_label);
- $display_criteria = 0;
+ $user_count = count($_POST['memberslist_id']);
+ $display_names = "";
+ for ( $i = 0; $i < $user_count; $i++ ) {
+ $uid_hidden = new XoopsFormHidden("mail_to_user[]", $_POST['memberslist_id'][$i]);
+ $form->addElement($uid_hidden);
+ $display_names .= "<a href='".XOOPS_URL."/userinfo.php?uid=".$_POST['memberslist_id'][$i]."' target='_blank'>".$_POST['memberslist_uname'][$_POST['memberslist_id'][$i]]."</a>, ";
+ unset($uid_hidden);
+ }
+ $users_label = new XoopsFormLabel(_AM_SENDTOUSERS2, substr($display_names, 0, -2));
+ $form->addElement($users_label);
+ $display_criteria = 0;
}
if ( !empty($display_criteria) ) {
- $selected_groups = array();
- $group_select = new XoopsFormSelectGroup(_AM_GROUPIS."<br />", "mail_to_group", false, $selected_groups, 5, true);
- $lastlog_min = new XoopsFormText(_AM_LASTLOGMIN."<br />"._AM_TIMEFORMAT."<br />", "mail_lastlog_min", 20, 10);
- $lastlog_max = new XoopsFormText(_AM_LASTLOGMAX."<br />"._AM_TIMEFORMAT."<br />", "mail_lastlog_max", 20, 10);
- $regd_min = new XoopsFormText(_AM_REGDMIN."<br />"._AM_TIMEFORMAT."<br />", "mail_regd_min", 20, 10);
- $regd_max = new XoopsFormText(_AM_REGDMAX."<br />"._AM_TIMEFORMAT."<br />", "mail_regd_max", 20, 10);
- $idle_more = new XoopsFormText(_AM_IDLEMORE."<br />", "mail_idle_more", 10, 5);
- $idle_less = new XoopsFormText(_AM_IDLELESS."<br />", "mail_idle_less", 10, 5);
- $mailok_cbox = new XoopsFormCheckBox('', 'mail_mailok');
- $mailok_cbox->addOption(1, _AM_MAILOK);
- $inactive_cbox = new XoopsFormCheckBox(_AM_INACTIVE."<br />", "mail_inactive");
- $inactive_cbox->addOption(1, _AMIFCHECKD);
- $inactive_cbox->setExtra("onclick='javascript:disableElement(\"mail_lastlog_min\");disableElement(\"mail_lastlog_max\");disableElement(\"mail_idle_more\");disableElement(\"mail_idle_less\");disableElement(\"mail_to_group[]\");'");
- $criteria_tray = new XoopsFormElementTray(_AM_SENDTOUSERS, "<br /><br />");
- $criteria_tray->addElement($group_select);
- $criteria_tray->addElement($lastlog_min);
- $criteria_tray->addElement($lastlog_max);
- $criteria_tray->addElement($idle_more);
- $criteria_tray->addElement($idle_less);
- $criteria_tray->addElement($mailok_cbox);
- $criteria_tray->addElement($inactive_cbox);
- $criteria_tray->addElement($regd_min);
- $criteria_tray->addElement($regd_max);
- $form->addElement($criteria_tray);
+ $selected_groups = array();
+ $group_select = new XoopsFormSelectGroup(_AM_GROUPIS."<br />", "mail_to_group", false, $selected_groups, 5, true);
+ $lastlog_min = new XoopsFormText(_AM_LASTLOGMIN."<br />"._AM_TIMEFORMAT."<br />", "mail_lastlog_min", 20, 10);
+ $lastlog_max = new XoopsFormText(_AM_LASTLOGMAX."<br />"._AM_TIMEFORMAT."<br />", "mail_lastlog_max", 20, 10);
+ $regd_min = new XoopsFormText(_AM_REGDMIN."<br />"._AM_TIMEFORMAT."<br />", "mail_regd_min", 20, 10);
+ $regd_max = new XoopsFormText(_AM_REGDMAX."<br />"._AM_TIMEFORMAT."<br />", "mail_regd_max", 20, 10);
+ $idle_more = new XoopsFormText(_AM_IDLEMORE."<br />", "mail_idle_more", 10, 5);
+ $idle_less = new XoopsFormText(_AM_IDLELESS."<br />", "mail_idle_less", 10, 5);
+ $mailok_cbox = new XoopsFormCheckBox('', 'mail_mailok');
+ $mailok_cbox->addOption(1, _AM_MAILOK);
+ $inactive_cbox = new XoopsFormCheckBox(_AM_INACTIVE."<br />", "mail_inactive");
+ $inactive_cbox->addOption(1, _AMIFCHECKD);
+ $inactive_cbox->setExtra("onclick='javascript:disableElement(\"mail_lastlog_min\");disableElement(\"mail_lastlog_max\");disableElement(\"mail_idle_more\");disableElement(\"mail_idle_less\");disableElement(\"mail_to_group[]\");'");
+ $criteria_tray = new XoopsFormElementTray(_AM_SENDTOUSERS, "<br /><br />");
+ $criteria_tray->addElement($group_select);
+ $criteria_tray->addElement($lastlog_min);
+ $criteria_tray->addElement($lastlog_max);
+ $criteria_tray->addElement($idle_more);
+ $criteria_tray->addElement($idle_less);
+ $criteria_tray->addElement($mailok_cbox);
+ $criteria_tray->addElement($inactive_cbox);
+ $criteria_tray->addElement($regd_min);
+ $criteria_tray->addElement($regd_max);
+ $form->addElement($criteria_tray);
}
-$fname_text = new XoopsFormText(_AM_MAILFNAME, "mail_fromname", 30, 255, $xoopsConfig['sitename']);
+$fname_text = new XoopsFormText(_AM_MAILFNAME, "mail_fromname", 30, 255, htmlspecialchars($xoopsConfig['sitename'], ENT_QUOTES));
$fromemail = !empty($xoopsConfig['adminmail']) ? $xoopsConfig['adminmail'] : $xoopsUser->getVar("email", "E");
$femail_text = new XoopsFormText(_AM_MAILFMAIL, "mail_fromemail", 30, 255, $fromemail);
//$subject_caption = _AM_MAILSUBJECT."<br /><br /><span style='font-size:x-small;font-weight:bold;'>"._AM_MAILTAGS."</span><br /><span style='font-size:x-small;font-weight:normal;'>"._AM_MAILTAGS1."<br />"._AM_MAILTAGS2."<br />"._AM_MAILTAGS3."</span>";
Index: xoops2jp/html/modules/system/admin/mailusers/mailusers.php
diff -u xoops2jp/html/modules/system/admin/mailusers/mailusers.php:1.2 xoops2jp/html/modules/system/admin/mailusers/mailusers.php:1.3
--- xoops2jp/html/modules/system/admin/mailusers/mailusers.php:1.2 Fri Mar 18 21:52:38 2005
+++ xoops2jp/html/modules/system/admin/mailusers/mailusers.php Sat Jun 11 11:32:52 2005
@@ -1,5 +1,5 @@
<?php
-// $Id: mailusers.php,v 1.2 2005/03/18 12:52:38 onokazu Exp $
+// $Id: mailusers.php,v 1.3 2005/06/11 02:32:52 onokazu Exp $
// ------------------------------------------------------------------------ //
// XOOPS - PHP Content Management System //
// Copyright (c) 2000 XOOPS.org //
@@ -50,6 +50,13 @@
}
if ( $op == "send" && !empty($_POST['mail_send_to']) ) {
+ if(!XoopsSingleTokenHandler::quickValidate('mailusers_send')) {
+ xoops_cp_header();
+ xoops_error("Ticket Error");
+ xoops_cp_footer();
+ exit();
+ }
+
$added = array();
$added_id = array();
$criteria = array();
@@ -188,6 +195,7 @@
if ( $added_count > $mail_end ) {
$form = new XoopsThemeForm(_AM_SENDMTOUSERS, "mailusers", "admin.php?fct=mailusers");
+ $form->addElement(new XoopsFormToken(XoopsSingleTokenHandler::quickCreate('mailusers_send')));
if ( !empty($_POST['mail_to_group']) ) {
foreach ( $_POST['mail_to_group'] as $mailgroup) {
$group_hidden = new XoopsFormHidden("mail_to_group[]", $mailgroup);