Changeset 86df152 in github for program/steps/mail/compose.inc

Timestamp:

Dec 29, 2006 4:06:39 PM (6 years ago)

Author:

thomascube <thomas@…>

Branches:

master, HEAD, courier-fix, dev-browser-capabilities, pdo, release-0.6, release-0.7, release-0.8

Children:

e93a2d7

Parents:

3b12aee

Message:

Error handling for attachment uploads; multibyte-safe string functions; XSS improvements

File:

• program/steps/mail/compose.inc (modified) (1 diff)

program/steps/mail/compose.inc

@@ -47 +47 @@
 $MESSAGE = NULL;
 
-// nothing below is called during message composition, only at "new/forward/reply/draft" initialization
-// since there are many ways to leave the compose page improperly, it seems necessary to clean-up an old
+// Nothing below is called during message composition, only at "new/forward/reply/draft" initialization or
+// if a compose-ID is given (i.e. when the compose step is opened in a new window/tab).
+// Since there are many ways to leave the compose page improperly, it seems necessary to clean-up an old
 // compose when a "new/forward/reply/draft" is called - otherwise the old session attachments will appear
 
-rcmail_compose_cleanup();
-$_SESSION['compose'] = array('id' => uniqid(rand()));
+if (!is_array($_SESSION['compose']) || $_SESSION['compose']['id'] != get_input_value('_id', RCUBE_INPUT_GET))
+  {
+  rcmail_compose_cleanup();
+  $_SESSION['compose'] = array('id' => uniqid(rand()));
+  }
 
 // add some labels to client