diff options
author | Aleksander Machniak <alec@alec.pl> | 2012-11-29 09:01:29 +0100 |
---|---|---|
committer | Aleksander Machniak <alec@alec.pl> | 2012-11-29 09:01:29 +0100 |
commit | 876d31d5940f3c4c2f683891130db0201f4a3913 (patch) | |
tree | 44cf5d771bc489dca1103d934a7c7299fc89a758 | |
parent | 5875548d9837d8872be81651733530d2ec6c31e6 (diff) |
Fix empty email on identities list after identity update (#1488834)
-rw-r--r-- | CHANGELOG | 1 | ||||
-rw-r--r-- | program/steps/settings/save_identity.inc | 48 |
2 files changed, 26 insertions, 23 deletions
@@ -1,6 +1,7 @@ CHANGELOG Roundcube Webmail =========================== +- Fix empty email on identities list after identity update (#1488834) - Add new identities_level: (4) one identity with possibility to edit only signature - Use Delivered-To header as a last resort for identity selection (#1488840) - Fix XSS vulnerability using Flash files (#1488828) diff --git a/program/steps/settings/save_identity.inc b/program/steps/settings/save_identity.inc index 88adc795e..34d8be268 100644 --- a/program/steps/settings/save_identity.inc +++ b/program/steps/settings/save_identity.inc @@ -26,17 +26,14 @@ $a_boolean_cols = array('standard', 'html_signature'); $updated = $default_id = false; // check input -if (IDENTITIES_LEVEL != 4 && (empty($_POST['_name']) || (empty($_POST['_email']) && IDENTITIES_LEVEL != 1 && IDENTITIES_LEVEL != 3))) -{ +if (IDENTITIES_LEVEL != 4 && (empty($_POST['_name']) || (empty($_POST['_email']) && IDENTITIES_LEVEL != 1 && IDENTITIES_LEVEL != 3))) { $OUTPUT->show_message('formincomplete', 'warning'); rcmail_overwrite_action('edit-identity'); return; } - $save_data = array(); -foreach ($a_save_cols as $col) -{ +foreach ($a_save_cols as $col) { $fname = '_'.$col; if (isset($_POST[$fname])) $save_data[$col] = get_input_value($fname, RCUBE_INPUT_POST, true); @@ -44,24 +41,23 @@ foreach ($a_save_cols as $col) // set "off" values for checkboxes that were not checked, and therefore // not included in the POST body. -foreach ($a_boolean_cols as $col) -{ +foreach ($a_boolean_cols as $col) { $fname = '_' . $col; if (!isset($_POST[$fname])) $save_data[$col] = 0; } // unset email address if user has no rights to change it -if (IDENTITIES_LEVEL == 1 || IDENTITIES_LEVEL == 3 ) - unset($save_data['email']); - -if (IDENTITIES_LEVEL == 4 ){ - unset($save_data['name']); +if (IDENTITIES_LEVEL == 1 || IDENTITIES_LEVEL == 3) { unset($save_data['email']); - unset($save_data['organization']); - unset($save_data['reply-to']); - unset($save_data['bcc']); - unset($save_data['standard']); +} +// unset all fields except signature +else if (IDENTITIES_LEVEL == 4) { + foreach ($save_data as $idx => $value) { + if ($idx != 'signature' && $idx != 'html_signature') { + unset($save_data[$idx]); + } + } } // Validate e-mail addresses @@ -81,9 +77,16 @@ foreach ($email_checks as $email) { } // update an existing contact -if ($_POST['_iid']) -{ +if ($_POST['_iid']) { $iid = get_input_value('_iid', RCUBE_INPUT_POST); + + if (in_array(IDENTITIES_LEVEL, array(1,3,4))) { + // merge with old identity data, fixes #1488834 + $identity = $RCMAIL->user->get_identity($iid); + $save_data = array_merge($identity, $save_data); + unset($save_data['changed'], $save_data['del'], $save_data['user_id'], $save_data['identity_id']); + } + $plugin = $RCMAIL->plugins->exec_hook('identity_update', array('id' => $iid, 'record' => $save_data)); $save_data = $plugin['record']; @@ -97,8 +100,8 @@ if ($_POST['_iid']) if ($updated) { $OUTPUT->show_message('successfullysaved', 'confirmation'); - if (!empty($_POST['_standard'])) - $default_id = get_input_value('_iid', RCUBE_INPUT_POST); + if (!empty($save_data['standard'])) + $default_id = $iid; if ($_POST['_framed']) { // update the changed col in list @@ -114,8 +117,7 @@ if ($_POST['_iid']) } // insert a new identity record -else if (IDENTITIES_LEVEL < 2) -{ +else if (IDENTITIES_LEVEL < 2) { if (IDENTITIES_LEVEL == 1) { $save_data['email'] = $RCMAIL->get_user_email(); } @@ -136,7 +138,7 @@ else if (IDENTITIES_LEVEL < 2) $_GET['_iid'] = $insert_id; - if (!empty($_POST['_standard'])) + if (!empty($save_data['standard'])) $default_id = $insert_id; if ($_POST['_framed']) { |