Do not use mixed get/post variables because this breaks some browers.

functions/mailbox_display.php

@@ -677,11 +677,9 @@ function mail_message_listing_beginning ($imapConnection,
      $source_url = $PHP_SELF;
   }
 
-  if (!isset($msg)) {
-     $msg = '';
-  }
-  $moveURL = "move_messages.php?msg=$msg&mailbox=$urlMailbox"
-    . "&startMessage=$start_msg";
+  $moveURL = 'move_messages.php';
+  $moveFields = '<input type="hidden" name="mailbox" value="'.$urlMailbox.'">'.
+                '<input type="hidden" name="startMessage" value="'.$start_msg.'">';
 
   /*
    * This is the beginning of the message list table.
@@ -689,6 +687,7 @@ function mail_message_listing_beginning ($imapConnection,
    */
 
     echo "<FORM name=\"messageList\" method=post action=\"$moveURL\">\n"
+        . $moveFields
         . html_tag( 'table' ,'' , '', '', 'border="0" width="100%" cellpadding="1"  cellspacing="0"' ) .
             html_tag( 'tr',
                 html_tag( 'td' ,

src/move_messages.php

@@ -119,11 +119,11 @@ $onetimepad = $_SESSION['onetimepad'];
 $base_uri = $_SESSION['base_uri'];
 $delimiter = $_SESSION['delimiter'];
 
-if (isset($_GET['mailbox'])) {
-    $mailbox = $_GET['mailbox'];
+if (isset($_POST['mailbox'])) {
+    $mailbox = $_POST['mailbox'];
 }
-if (isset($_GET['startMessage'])) {
-    $startMessage = $_GET['startMessage'];
+if (isset($_POST['startMessage'])) {
+    $startMessage = $_POST['startMessage'];
 }
 if (isset($_POST['moveButton'])) {
     $moveButton = $_POST['moveButton'];
@@ -131,9 +131,6 @@ if (isset($_POST['moveButton'])) {
 if (isset($_POST['msg'])) {
     $msg = $_POST['msg'];
 }
-elseif (isset($_GET['msg'])) {
-    $msg = $_GET['msg'];
-}
 if (isset($_POST['expungeButton'])) {
     $expungeButton = $_POST['expungeButton'];
 }