replytomessageidstr=(*queryvars.find("replytomessageid")).second;\r
}\r
\r
- if(queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="send")\r
+ if(queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="send" && ValidateFormPassword(queryvars))\r
{\r
if(queryvars.find("localidentityid")!=queryvars.end() && (*queryvars.find("localidentityid")).second!="")\r
{\r
{\r
if(replytomessageidstr!="")\r
{\r
- SQLite3DB::Statement replyst=m_db->Prepare("SELECT Subject, Body FROM tblMessage WHERE MessageID=?;");\r
+ std::string fromname="";\r
+ SQLite3DB::Statement replyst=m_db->Prepare("SELECT Subject, Body, FromName FROM tblMessage WHERE MessageID=?;");\r
replyst.Bind(0,replytomessageidstr);\r
replyst.Step();\r
if(replyst.RowReturned())\r
{\r
replyst.ResultText(0,subject);\r
replyst.ResultText(1,body);\r
+ replyst.ResultText(2,fromname);\r
\r
if(subject.size()<3 || (subject.substr(0,3)!="re:" && subject.substr(0,3)!="Re:"))\r
{\r
}\r
body+="\n";\r
}\r
+ body=fromname+" wrote:\n"+body;\r
\r
}\r
}\r
content+="<input type=\"hidden\" name=\"threadid\" value=\""+threadidstr+"\">";\r
content+="<input type=\"hidden\" name=\"replytomessageid\" value=\""+replytomessageidstr+"\">";\r
content+="<input type=\"hidden\" name=\"formaction\" value=\"send\">";\r
+ content+=CreateFormPassword();\r
content+="<table class=\"createpost\">";\r
content+="<tr><td class=\"identity\">From</td><td>"+LocalIdentityDropDown("localidentityid",localidentityidstr)+"</td></tr>";\r
content+="<tr><td class=\"subject\">Subject</td><td><input type=\"text\" name=\"subject\" maxlength=\"60\" size=\"60\" value=\""+SanitizeOutput(subject)+"\"></td></tr>";\r
projects / fms.git / blobdiff