Merge branch 'master' of github.com:webmin/usermin

index.cgi

@@ -62,10 +62,11 @@ elsif ($gconfig{"notabs_${base_remote_user}"} == 2 ||
 		if ($pos % $cols == 0) { print "<tr>\n"; }
 		print "<td valign=top align=center width=$per\%>\n";
 		local $idx = $m->{'index_link'};
-		print "<table border><tr><td><a href=$gconfig{'webprefix'}/$m->{'dir'}/$idx>",
+		my $alink = &urlize("$gconfig{'webprefix'}/$m->{'dir'}/$idx");
+		print "<table border><tr><td><a href='$alink'>",
 		      "<img src=$m->{'dir'}/images/icon.gif border=0 ",
 		      "width=48 height=48></a></td></tr></table>\n";
-		print "<a href=$gconfig{'webprefix'}/$m->{'dir'}/$idx>$m->{'desc'}</a></td>\n";
+		print "<a href='$alink'>@{[&html_escape($m->{'desc'})]}</a></td>\n";
 		if ($pos % $cols == $cols - 1) { print "</tr>\n"; }
 		$pos++;
 		}
@@ -128,7 +129,7 @@ else {
 			print "<td valign=top $tb>", $usercol ? "<br>" :
 			  "<img src=images/lc1.gif alt=\"\">","</td>\n";
 			print "<td $tb>&nbsp;",
-			      "<a href=$gconfig{'webprefix'}/?cat=$c><b>$t</b></a>&nbsp;</td>\n";
+			      "<a href=$gconfig{'webprefix'}/?cat=@{[&urlize($c)]}><b>@{[&html_escape($t)]}</b></a>&nbsp;</td>\n";
 			print "<td valign=top $tb>", $usercol ? "<br>" :
 			  "<img src=images/rc1.gif alt=\"\">","</td>\n";
 			}
@@ -147,10 +148,11 @@ else {
 
 		if ($pos % $cols == 0) { print "<tr>\n"; }
 		print "<td valign=top align=center width=$per\%>\n";
-		print "<table border bgcolor=#ffffff><tr><td><a href=$gconfig{'webprefix'}/$m->{'dir'}/>",
+		my $mlink = &urlize("$gconfig{'webprefix'}/$m->{'dir'}/");
+		print "<table border bgcolor=#ffffff><tr><td><a href='$mlink'>",
 		      "<img src=$m->{'dir'}/images/icon.gif alt=\"\" border=0></a>",
 		      "</td></tr></table>\n";
-		print "<a href=$gconfig{'webprefix'}/$m->{'dir'}/>$m->{'desc'}</a></td>\n";
+		print "<a href='$mlink'>@{[&html_escape($m->{'desc'})]}</a></td>\n";
 		if ($pos++ % $cols == $cols - 1) { print "</tr>\n"; }
 		}
 	while($pos++ % $cols) {

mailbox/list_folders.cgi

@@ -28,18 +28,23 @@ print &ui_hidden_end("instr");
 print &ui_form_start("delete_folders.cgi", "post");
 my @tds = ( "width=5" );
 my @folders = &list_folders_sorted();
+foreach my $folder (@folders) {
+	$folder->{'file'} = &html_escape($folder->{'file'})
+		if ($folder->{'file'});
+	}
 print &ui_columns_start([ "",
 			  $text{'folders_name'},
 			  $text{'folders_path'},
 			  $text{'folders_type'},
 			  $text{'folders_size'},
 			  $text{'folders_action'} ], undef, 0, \@tds);
+			#   var_dump(\@folders);
 foreach my $f (@folders) {
 	my @cols;
 	my $deletable = 0;
 	if ($f->{'inbox'} || $f->{'drafts'} || $f->{'spam'}) {
 		# Inbox, drafs or spam folder which cannot be edited
-		push(@cols, $f->{'name'});
+		push(@cols, &html_escape($f->{'name'}));
 		}
 	elsif ($f->{'type'} == 2) {
 		# Link for editing POP3 folder

mailbox/list_ifolders.cgi

@@ -12,6 +12,10 @@ require './mailbox-lib.pl';
 print &ui_form_start("delete_folders.cgi", "post");
 my @tds = ( "width=5" );
 my @folders = &list_folders_sorted();
+foreach my $folder (@folders) {
+	$folder->{'file'} = &html_escape($folder->{'file'})
+		if ($folder->{'file'});
+	}
 my @adders = ( "<a href='edit_ifolder.cgi?new=1'>$text{'folders_addimap'}</a>",
 	    "<a href='edit_comp.cgi?new=1'>$text{'folders_addcomp'}</a>",
 	    "<a href='edit_virt.cgi?new=1'>$text{'folders_addvirt'}</a>" );

mailbox/reply_mail.cgi

@@ -809,8 +809,9 @@ print &ui_table_start($text{'reply_body'}, "width=100%", 2, undef,
 # Process email quote
 my $iframe_quote;
 $iframe_quote = &iframe_quote($quote)
-	if (!$in{'new'});
-
+	if (!$in{'new'} && !$in{'enew'});
+my $draft;
+$draft = $quote if ($in{'enew'});
 
 if ($html_edit) {
 	# Get HTML editor and replies
@@ -832,7 +833,7 @@ if ($html_edit) {
 	$sig = "<br><br>$sig<br><br>"
 		if ($sig);
 	print &ui_table_row(undef,
-		&ui_textarea("body", $sig, 16, 80, undef, 0,
+		&ui_textarea("body", $draft || $sig, 16, 80, undef, 0,
 		             "style='display: none' id=body data-html-mode='$userconfig{'html_edit_mode'}'").
 		$html_editor, 2);
 	}
@@ -842,7 +843,7 @@ else {
 	$wm =~ s/^wrap=//g;
 	my $wcols = $userconfig{'wrap_compose'};
 	print &ui_table_row(undef,
-		&ui_textarea("body", "\n\n$sig\n\n$quote", 16,
+		&ui_textarea("body", "\n".$draft || "\n\n$sig\n\n$quote", 16,
 			     $wcols || 80,
 			     $wcols ? "hard" : "",
 			     0,

mailbox/view_mail.cgi

@@ -521,15 +521,15 @@ if (!@sub) {
 	if ($mail->{'sortidx'} != 0) {
 		my $mailprv = $beside[$prv];
 		$left = "view_mail.cgi?id=".&urlize($mailprv->{'id'}).
-			"&folder=$in{'folder'}&start=$in{'start'}";
+			"&folder=@{[&urlize($in{'folder'})]}&start=$in{'start'}";
 		}
 	if ($mail->{'sortidx'} < $c-1) {
 		my $mailnxt = $beside[$nxt];
 		$right = "view_mail.cgi?id=".&urlize($mailnxt->{'id'}).
-		      	 "&folder=$in{'folder'}&start=$in{'start'}";
+		      	 "&folder=@{[&urlize($in{'folder'})]}&start=$in{'start'}";
 		}
 	print &ui_page_flipper(&text('view_desc', $mail->{'sortidx'}+1,
-				     $folder->{'name'}),
+				     &html_escape($folder->{'name'})),
 			       undef, undef, $left, $right);
 	}
 else {

mailbox/webmin_menu.pl

@@ -51,7 +51,7 @@ sub list_webmin_menu
 		my $item = { 'type' => 'item',
 			     'id' => 'folder_'.$fid,
 			     'folder' => 1,
-			     'desc' => $f->{'name'},
+			     'desc' => &html_escape($f->{'name'}),
 			     'link' => '/'.$module_name.
 				       '/index.cgi?id='.&urlize($fid) };
 		if ($f->{'type'} == 6 &&

ssh/list_auths.cgi

@@ -17,7 +17,7 @@ if (@auths) {
 	foreach $a (@auths) {
 		print &ui_columns_row([ 
 			"<a href='edit_auth.cgi?idx=$a->{'index'}'>".
-			  "$a->{'name'}</a>",
+			  "@{[&html_escape($a->{'name'})]}</a>",
 			"<tt>".substr($a->{'key'}, 0, 40)." ... ".
 			      substr($a->{'key'}, -40)."</tt>",
 			]);

ssh/list_hosts.cgi

@@ -11,7 +11,7 @@ foreach $h (@$hconf) {
 	if (lc($h->{'name'}) eq 'host') {
 		push(@links, "edit_host.cgi?idx=$i");
 		push(@icons, "images/host.gif");
-		push(@titles, $h->{'values'}->[0] eq '*' ? "<i>$text{'hosts_all'}</i>" : $h->{'values'}->[0]);
+		push(@titles, $h->{'values'}->[0] eq '*' ? "<i>$text{'hosts_all'}</i>" : &html_escape($h->{'values'}->[0]));
 		}
 	$i++;
 	}