]> git.datanom.net - qtadmin.git/blobdiff - index.php
Enhance security
[qtadmin.git] / index.php
index 148289389f06e377efe5fd680b50c28314059c8c..84f678232eb4455f0f13286a72d27e005f3b1561 100644 (file)
--- a/index.php
+++ b/index.php
@@ -4,7 +4,7 @@
     require_once $CFG->root . 'lib/db_factory.php';
     require_once $CFG->root . 'lib/utils.inc.php';
 
     require_once $CFG->root . 'lib/db_factory.php';
     require_once $CFG->root . 'lib/utils.inc.php';
 
-    $util = Utils::getInstance();
+    $util = new Utils;
     unset($_SESSION['mailInfo']);
 
     if ($util->isLoggedIn()) {
     unset($_SESSION['mailInfo']);
 
     if ($util->isLoggedIn()) {
         echo $util->getHeader();
         echo $util->getHeading();
 
         echo $util->getHeader();
         echo $util->getHeading();
 
-        echo "<span class=\"user\">{$util->getUser()}
-            <a title=\"Logout\" href=\"auth.php?op=logout\">Logout</a></span>";
+        echo "Rows per page <input type=\"text\" value=\"$rowsPerPage\" id=\"rows\"
+              size=\"2\"/><input type=\"button\" onclick=\"javascript: updateRowsPerPage()\"
+              value=\"Change\"/><span class=\"user\">{$util->getUser()}
+              <a title=\"Logout\" href=\"auth.php?op=logout\">Logout</a></span>";
         $which = ($util->isAdmin() == true) ? 'all' : $util->getUser();
         $rows = $DB->getQMails($offset, $rowsPerPage, $which);
         $numrows = $DB->numRows();
         echo "<span class=\"total-rows\">$numrows quarantined mail(s)</span>";
         echo "<table><tr>";
         $which = ($util->isAdmin() == true) ? 'all' : $util->getUser();
         $rows = $DB->getQMails($offset, $rowsPerPage, $which);
         $numrows = $DB->numRows();
         echo "<span class=\"total-rows\">$numrows quarantined mail(s)</span>";
         echo "<table><tr>";
-        echo "<table><tr><th>Received</th><th>Cause</th>";
+        echo "<th>Received</th><th>Cause</th>";
         echo "<th>Sender</th><th>Recipient</th><th>Subject</th><th>Action</th>";
         echo "<th>Sender</th><th>Recipient</th><th>Subject</th><th>Action</th>";
-        echo "<th><input name=\"multiselect\" type=\"checkbox\"
-              onchange=\"javascript: updateAction(this)\" /></th>";
+        echo "<th><input name=\"multiselect\" type=\"checkbox\" ";
+        echo "onchange=\"javascript: updateAction(this)\" /></th>";
         echo "</tr>";
 
         $mailInfo = array();
         echo "</tr>";
 
         $mailInfo = array();
@@ -50,9 +52,9 @@
             $url = urlencode($id);
             $checkbox = "<input name=\"action\" type=\"checkbox\" value=\"$url\" />";
             $recipient = "<a title=\"Show Report\" href=\"mail_report.php?id=$url\">{$row->recipient}</a>";
             $url = urlencode($id);
             $checkbox = "<input name=\"action\" type=\"checkbox\" value=\"$url\" />";
             $recipient = "<a title=\"Show Report\" href=\"mail_report.php?id=$url\">{$row->recipient}</a>";
-            $action = "<a title=\"Release Mail\" href=\"quarantine.php?id=$url&op=release\">";
+            $action = "<a title=\"Release Mail\" href=\"quarantine.php?id=$url&amp;op=release\">";
             $action .= "<img class=\"nav-img\" src=\"pics/release.png\" alt=\"Release\" /></a>";
             $action .= "<img class=\"nav-img\" src=\"pics/release.png\" alt=\"Release\" /></a>";
-            $action .= "&nbsp;<a title=\"Delete Mail\" href=\"quarantine.php?id=$url&op=delete\">";
+            $action .= "&nbsp;<a title=\"Delete Mail\" href=\"quarantine.php?id=$url&amp;op=delete\">";
             $action .= "<img class=\"nav-img\" src=\"pics/delete.png\" alt=\"Delete\" /></a>";
             $sender = $row->sender;
             $received = strftime("%c", $row->time_iso);
             $action .= "<img class=\"nav-img\" src=\"pics/delete.png\" alt=\"Delete\" /></a>";
             $sender = $row->sender;
             $received = strftime("%c", $row->time_iso);
@@ -60,7 +62,7 @@
             $subject = $row->subject;
             echo "<td>$received</td><td class=\"nav-action\">".
                 "$quaratinefor</td><td>$sender</td><td>$recipient</td>".
             $subject = $row->subject;
             echo "<td>$received</td><td class=\"nav-action\">".
                 "$quaratinefor</td><td>$sender</td><td>$recipient</td>".
-                "<td>$subject</td><td class=\"nav-action\">$action</td><td>$checkbox</td></tr>";
+                "<td>$subject</td><td class=\"nav-action\">$action</td><td class=\"nav-action\">$checkbox</td></tr>";
             $i++;
         }
         $_SESSION['mailInfo'] = $mailInfo;
             $i++;
         }
         $_SESSION['mailInfo'] = $mailInfo;
 
         if ($pageNum > 1) {
             $page  = $pageNum - 1;
 
         if ($pageNum > 1) {
             $page  = $pageNum - 1;
-            $prev = "[<a title=\"Prev Page\" href=\"$self?page=$page&rowsperpage=$rowsPerPage\"
-                class='whitefooter'>[<img class=\"nav-img\" src=\"pics/go-previous-symbolic.svg\" alt=\"Previous\" /></a>]";
-            $first = "[<a title=\"First Page\" href=\"$self?page=1&rowsperpage=$rowsPerPage\"
-                class='whitefooter'><img class=\"nav-img\" src=\"pics/go-first-symbolic.svg\" alt=\"First\" /></a>]";
+            $prev = " <a title=\"Prev Page\" href=\"$self?page=$page&amp;rowsperpage=$rowsPerPage\"
+                class='whitefooter'><img class=\"nav-img\" src=\"pics/go-previous-symbolic.svg\" alt=\"Previous\" /></a> ";
+            $first = " <a title=\"First Page\" href=\"$self?page=1&amp;rowsperpage=$rowsPerPage\"
+                class='whitefooter'><img class=\"nav-img\" src=\"pics/go-first-symbolic.svg\" alt=\"First\" /></a> ";
         } else {
             $prev  = '&nbsp;'; // we're on page one, don't print previous link
             $first = '&nbsp;'; // nor the first page link
         } else {
             $prev  = '&nbsp;'; // we're on page one, don't print previous link
             $first = '&nbsp;'; // nor the first page link
 
         if ($pageNum < $maxPage) {
             $page = $pageNum + 1;
 
         if ($pageNum < $maxPage) {
             $page = $pageNum + 1;
-            $next = "[<a title=\"Next Page\" href=\"$self?page=$page&rowsperpage=$rowsPerPage\"
-                class='whitefooter'>[<img class=\"nav-img\" src=\"pics/go-next-symbolic.svg\" alt=\"Next\" /></a>]";
-            $last = "[<a title=\"Last Page\" href=\"$self?page=$maxPage&rowsperpage=$rowsPerPage\"
-                class='whitefooter'><img class=\"nav-img\" src=\"pics/go-last-symbolic.svg\" alt=\"Last\" /></a>]";
+            $next = " <a title=\"Next Page\" href=\"$self?page=$page&amp;rowsperpage=$rowsPerPage\"
+                class='whitefooter'><img class=\"nav-img\" src=\"pics/go-next-symbolic.svg\" alt=\"Next\" /></a> ";
+            $last = " <a title=\"Last Page\" href=\"$self?page=$maxPage&amp;rowsperpage=$rowsPerPage\"
+                class='whitefooter'><img class=\"nav-img\" src=\"pics/go-last-symbolic.svg\" alt=\"Last\" /></a> ";
         } else {
             $next = '&nbsp;'; // we're on the last page, don't print next link
             $last = '&nbsp;'; // nor the last page link
         } else {
             $next = '&nbsp;'; // we're on the last page, don't print next link
             $last = '&nbsp;'; // nor the last page link
This page took 0.044709 seconds and 5 git commands to generate.