summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAleksander Machniak <alec@alec.pl>2012-11-29 09:01:29 +0100
committerAleksander Machniak <alec@alec.pl>2012-11-29 09:01:29 +0100
commit876d31d5940f3c4c2f683891130db0201f4a3913 (patch)
tree44cf5d771bc489dca1103d934a7c7299fc89a758
parent5875548d9837d8872be81651733530d2ec6c31e6 (diff)
Fix empty email on identities list after identity update (#1488834)
-rw-r--r--CHANGELOG1
-rw-r--r--program/steps/settings/save_identity.inc48
2 files changed, 26 insertions, 23 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 69b5a030a..ae6d27398 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
CHANGELOG Roundcube Webmail
===========================
+- Fix empty email on identities list after identity update (#1488834)
- Add new identities_level: (4) one identity with possibility to edit only signature
- Use Delivered-To header as a last resort for identity selection (#1488840)
- Fix XSS vulnerability using Flash files (#1488828)
diff --git a/program/steps/settings/save_identity.inc b/program/steps/settings/save_identity.inc
index 88adc795e..34d8be268 100644
--- a/program/steps/settings/save_identity.inc
+++ b/program/steps/settings/save_identity.inc
@@ -26,17 +26,14 @@ $a_boolean_cols = array('standard', 'html_signature');
$updated = $default_id = false;
// check input
-if (IDENTITIES_LEVEL != 4 && (empty($_POST['_name']) || (empty($_POST['_email']) && IDENTITIES_LEVEL != 1 && IDENTITIES_LEVEL != 3)))
-{
+if (IDENTITIES_LEVEL != 4 && (empty($_POST['_name']) || (empty($_POST['_email']) && IDENTITIES_LEVEL != 1 && IDENTITIES_LEVEL != 3))) {
$OUTPUT->show_message('formincomplete', 'warning');
rcmail_overwrite_action('edit-identity');
return;
}
-
$save_data = array();
-foreach ($a_save_cols as $col)
-{
+foreach ($a_save_cols as $col) {
$fname = '_'.$col;
if (isset($_POST[$fname]))
$save_data[$col] = get_input_value($fname, RCUBE_INPUT_POST, true);
@@ -44,24 +41,23 @@ foreach ($a_save_cols as $col)
// set "off" values for checkboxes that were not checked, and therefore
// not included in the POST body.
-foreach ($a_boolean_cols as $col)
-{
+foreach ($a_boolean_cols as $col) {
$fname = '_' . $col;
if (!isset($_POST[$fname]))
$save_data[$col] = 0;
}
// unset email address if user has no rights to change it
-if (IDENTITIES_LEVEL == 1 || IDENTITIES_LEVEL == 3 )
- unset($save_data['email']);
-
-if (IDENTITIES_LEVEL == 4 ){
- unset($save_data['name']);
+if (IDENTITIES_LEVEL == 1 || IDENTITIES_LEVEL == 3) {
unset($save_data['email']);
- unset($save_data['organization']);
- unset($save_data['reply-to']);
- unset($save_data['bcc']);
- unset($save_data['standard']);
+}
+// unset all fields except signature
+else if (IDENTITIES_LEVEL == 4) {
+ foreach ($save_data as $idx => $value) {
+ if ($idx != 'signature' && $idx != 'html_signature') {
+ unset($save_data[$idx]);
+ }
+ }
}
// Validate e-mail addresses
@@ -81,9 +77,16 @@ foreach ($email_checks as $email) {
}
// update an existing contact
-if ($_POST['_iid'])
-{
+if ($_POST['_iid']) {
$iid = get_input_value('_iid', RCUBE_INPUT_POST);
+
+ if (in_array(IDENTITIES_LEVEL, array(1,3,4))) {
+ // merge with old identity data, fixes #1488834
+ $identity = $RCMAIL->user->get_identity($iid);
+ $save_data = array_merge($identity, $save_data);
+ unset($save_data['changed'], $save_data['del'], $save_data['user_id'], $save_data['identity_id']);
+ }
+
$plugin = $RCMAIL->plugins->exec_hook('identity_update', array('id' => $iid, 'record' => $save_data));
$save_data = $plugin['record'];
@@ -97,8 +100,8 @@ if ($_POST['_iid'])
if ($updated) {
$OUTPUT->show_message('successfullysaved', 'confirmation');
- if (!empty($_POST['_standard']))
- $default_id = get_input_value('_iid', RCUBE_INPUT_POST);
+ if (!empty($save_data['standard']))
+ $default_id = $iid;
if ($_POST['_framed']) {
// update the changed col in list
@@ -114,8 +117,7 @@ if ($_POST['_iid'])
}
// insert a new identity record
-else if (IDENTITIES_LEVEL < 2)
-{
+else if (IDENTITIES_LEVEL < 2) {
if (IDENTITIES_LEVEL == 1) {
$save_data['email'] = $RCMAIL->get_user_email();
}
@@ -136,7 +138,7 @@ else if (IDENTITIES_LEVEL < 2)
$_GET['_iid'] = $insert_id;
- if (!empty($_POST['_standard']))
+ if (!empty($save_data['standard']))
$default_id = $insert_id;
if ($_POST['_framed']) {