diff options
author | thomascube <thomas@roundcube.net> | 2009-05-18 07:44:20 +0000 |
---|---|---|
committer | thomascube <thomas@roundcube.net> | 2009-05-18 07:44:20 +0000 |
commit | cc49581e82387e12162a09150fe246fcd7635d6e (patch) | |
tree | c138df5bfa3e6602d1867e0430506687ac8e5ef7 | |
parent | 39a9b603cdf3599880588d742ecd6173641b6a50 (diff) |
Remove development stuff and experimental plugins + update versions
-rw-r--r-- | CHANGELOG | 430 | ||||
-rw-r--r-- | README | 9 | ||||
-rw-r--r-- | bin/dumpschema.php | 101 | ||||
-rwxr-xr-x | bin/makedoc.sh | 34 | ||||
-rw-r--r-- | index.php | 2 | ||||
-rw-r--r-- | plugins/autologon/autologon.php | 44 | ||||
-rw-r--r-- | plugins/debug_logger/debug_logger.php | 146 | ||||
-rw-r--r-- | plugins/debug_logger/runlog/runlog.php | 227 | ||||
-rw-r--r-- | plugins/example_addressbook/example_addressbook.php | 42 | ||||
-rw-r--r-- | plugins/example_addressbook/example_addressbook_backend.php | 72 | ||||
-rw-r--r-- | plugins/userinfo/localization/de_CH.inc | 9 | ||||
-rw-r--r-- | plugins/userinfo/localization/en_US.inc | 9 | ||||
-rw-r--r-- | plugins/userinfo/localization/et_EE.inc | 9 | ||||
-rw-r--r-- | plugins/userinfo/localization/pl_PL.inc | 9 | ||||
-rw-r--r-- | plugins/userinfo/userinfo.js | 16 | ||||
-rw-r--r-- | plugins/userinfo/userinfo.php | 53 | ||||
-rwxr-xr-x | program/include/iniset.php | 2 | ||||
-rw-r--r-- | tests/mailfunc.php | 119 | ||||
-rw-r--r-- | tests/modcss.php | 45 | ||||
-rwxr-xr-x | tests/runtests.sh | 53 | ||||
-rw-r--r-- | tests/src/BID-26800.txt | 52 | ||||
-rw-r--r-- | tests/src/htmlbody.txt | 51 | ||||
-rw-r--r-- | tests/src/htmlxss.txt | 22 | ||||
-rw-r--r-- | tests/src/plainbody.txt | 37 | ||||
-rw-r--r-- | tests/src/valid.css | 30 |
25 files changed, 11 insertions, 1612 deletions
@@ -1,8 +1,9 @@ CHANGELOG RoundCube Webmail =========================== -- Added possibility to encrypt received header, option 'http_received_header_encrypt', - added some more logic in encrypt/decrypt functions for security +- Using jQuery for client scripting +- Implemented Plugin API (#1326399) +- Moved some core functionality (temp file storage) into plugins - Fix Answered/Forwarded flag setting for messages in subfolders - Fix autocomplete problem with capital letters (#1485792) - Support UUencode content encoding (#1485839) @@ -19,8 +20,12 @@ CHANGELOG RoundCube Webmail - Fix text wrapping in HTML editor after switching from plain text to HTML (#1485521) - Fix auto-complete function hangs with plus sign (#1485815) - Fix AJAX requests errors handler (#1485000) -- Speed up message list displaying on IE - Fix read/write database recognition (#1485811) +- Added possibility to encrypt received header, option 'http_received_header_encrypt', + added some more logic in encrypt/decrypt functions for security + +RELEASE 0.2.2 +------------- - Fix quicksearchbox look in Chrome and Konqueror (#1484841) - Fix UTF-8 byte-order mark removing (#1485514) - Fix folders subscribtions on Konqueror (#1484841) @@ -45,7 +50,7 @@ CHANGELOG RoundCube Webmail - Fix 'mode' parameter in sqlite DSN (#1485772) RELEASE 0.2.1 ------------------- +------------- - Use US-ASCII as failover when Unicode searching fails (#1485762) - Fix errors handling in IMAP command continuations (#1485762) - Fix FETCH result parsing for servers returning flags at the end of result (#1485763) @@ -90,420 +95,3 @@ RELEASE 0.2.1 - Improve messages display performance - Fix messages searching with 'to:' modifier -RELEASE 0.2-STABLE ------------------- -- Fix mark popup in IE 7 (#1485369) -- Fix line-break issue when copy & paste in Firefox (#1485425) -- Fix autocomplete "unknown server error" (#1485637) -- Fix STARTTLS before AUTH in SMTP connection (#1484883) -- Support multiple quota values in QUOTAROOT resonse (#1485626) -- Only abbreviate file name for IE < 7 browsers (#1485063) -- Performance: allow setting imap rootdir and delimiter before connect (#1485172) -- Fix sorting of folders with more than 2 levels (#1485569) -- Fix search results page jumps in LDAP addressbook (#1485253) -- Fix empty line before the signature in IE (#1485351) -- Fix horizontal scrollbar in preview pane on IE (#1484633) -- Add Robots meta tag in login page and installer (#1484846) -- Added 'show_images' option, removed 'addrbook_show_images' (#1485597) -- Option to check for new mails in all folders (#1484374) -- Don't set client busy when checking for new messages (#1485276) -- Allow UTF-8 folder names in config (#1485579) -- Add junk_mbox option configuration in installer (#1485579) -- Do serverside addressbook queries for autocompletion (#1485531) -- Allow setting attachment col position in 'list_cols' option -- Allow override 'list_cols' via skin (#1485577) -- Fix 'cache' table cleanup on session destroy (#1485516) -- Increase speed of session destroy and garbage clean up -- Fix session timeout when DB server got clock skew (#1485490) -- Fix handling of some malformed messages (#1484438) -- Speed up raw message body handling -- Better HTML entities conversion in html2text (#1485519) -- Fix big memory consumption and speed up searching on servers without SORT capability -- Fix setting locale to tr_TR, ku and az_AZ (#1485470) -- Use SORT for searching on servers with SORT capability -- Added message status filter -- Fix empty file sending (#1485389) -- Improved searching with many criterias (calling one SEARCH command) -- Fix HTML editor initialization on IE (#1485304) -- Add warning when switching editor mode from html to plain (#1485488) -- Make identities list scrollable (#1485538) -- Fix problem with numeric folder names (#1485527) -- Added BYE response simple support to prevent from endless loops in imap.inc (#1483956) -- Fix unread message unintentionally marked as read if read_when_deleted=true (#1485409) -- Remove port number from SERVER_NAME in smtp_helo_host (#1485518) -- Don't send disposition notification receipts for messages marked as 'read' (#1485523) -- Added 'keep_alive' and 'min_keep_alive' options (#1485360) -- Added option 'identities_level', removed 'multiple_identities' -- Allow deleting identities when multiple_identities=false (#1485435) -- Added option focus_on_new_message (#1485374) -- Fix html2text class autoloading on Windows (#1485505) -- Fix html signature formatting when identity save error occured (#1485426) -- Add feedback and set busy when moving folder (#1485497) -- Fix 'Empty' link visibility for some languages e.g. Slovak (#1485489) -- Fix messages count bar overlapping (#1485270) -- Fix adding signature in drafts compose mode (#1485484) -- Fix iil_C_Sort() to support very long and/or divided responses (#1485283) -- Fix matching case sensitivity when setting identity on reply (#1485480) -- Prefer default identity on reply -- Fix imap searching on ISMail server (#1485466) -- Add css class for flagged messages (#1485464) -- Write username instead of id in sendmail log (#1485477) -- Fix htmlspecialchars() use for PHP version < 5.2.3 (#1485475) -- Fix js keywords escaping in json_serialize() for IE/Opera (#1485472) -- Added bin/killcache.php script (#1485434) -- Add support for SJIS, GB2312, BIG5 in rc_detect_encoding() -- Fix vCard file encoding detection for non-UTF-8 strings (#1485410) -- Add 'skip_deleted' option in User Preferences (#1485445) -- Minimize "inline" javascript scripts use (#1485433) -- Fix css class setting for folders with names matching defined classes names (#1485355) -- Fix race conditions when changing mailbox -- Fix spellchecking when switching to html editor (#1485362) -- Fix compose window width/height (#1485396) -- Allow calling msgimport.sh/msgexport.sh from any directory (#1485431) -- Localized filesize units (#1485340) -- Better handling of "no identity" and "no email in identity" situations (#1485117) -- Added 'mime_param_folding' option with possibility to choose long/non-ascii attachment names encoding eg. to be readable in MS Outlook/OE (#1485320) -- Added "advanced options" feature in User Preferences -- Fix unread counter when displaying cached massage in preview panel (#1485290) -- Fix htmleditor spellchecking on MS Windows (#1485397) -- Fix problem with non-ascii attachment names in Mail_mime (#1485267, #1485096) -- Fix language autodetection (#1485401) -- Fix button label in folders management (#1485405) -- Fix collapsed folder not indicating unread msgs count of all subfolders (#1485403) -- Fix handling of apostrophes in filenames decoded according to rfc2231 - -RELEASE 0.2-BETA ----------------- -- Made config files location configurable (#1485215) -- Reduced memory footprint when forwarding attachments (#1485345) -- Allow and use spellcheck attribute for input/textarea fields (#1485060) -- Added icons for forwarded/forwarded+replied messages (#1485257) -- Added Reply-To to forwarded emails (#1485315) -- Display progress message for folders create/delete/rename (#1485357) -- Smart Tags and NOBR tag support in html messages (#1485363, #1485327) -- Redesign of the identities settings (#1484042) -- Add config option to disable creation/deletion of identities (#1484498) -- Added 'sendmail_delay' option to restrict messages sending interval (#1484491) -- Added vertical splitter for folders list resizing -- Added possibility to view all headers in message view -- Fixed splitter drag/resize on Opera (#1485170) -- Fixed quota img height/width setting from template (#1484857) -- Refactor drag & drop functionality. Don't rely on browser events anymore (#1484453) -- Insert "virtual" folders in subscription list (#1484779) -- Added link to open message in new window -- Enable export of address book contacts as vCard -- Add feature to import contacts from vcard files (#1326103) -- Respect Content-Location headers in multipart/related messages according to RFC2110 (#1484946) -- Allowed max. attachment size now indicated in compose screen (#1485030) -- Also capture backspace key in list mode (#1484566) -- Allow application/pgp parts to be displayed (#1484753) -- Correctly handle options in mailto-links (#1485228) -- Immediately save sort_col/sort_order in user prefs (#1485265) -- Truncate very long (above 50 characters) attachment filenames when displaying -- Allow to auto-detect client language if none set (#1484434) -- Auto-detect the client timezone (user configurable) -- Add RFC2231 header value continuations support for attachment filenames + hack for servers that not support that feature -- Fix Reply-To header displaying (#1485314) -- Mark form buttons that provide the most obvious operation (mainaction) -- Added option 'quota_zero_as_unlimited' (#1484604) -- Added PRE handling in html2text class (#1484740) -- Added folder hierarchy collapsing -- Added options to use syslog instead of log file (#1484850) -- Added Logging & Debugging section in Installer -- Fix In-Reply-To and References headers when composing saved draft message (#1485288) -- Fix html message charset conversion for charsets with underline (#1485287) -- Fix buttons status after contacts deletion (#1485233) -- Fix escaping of To: and From: fields when building message body for reply or forward in the HTML editor (#1484904) -- Use current mailbox name in template (#1485256) -- Better fix for skipping untagged responses (#1485261) -- Added pspell support patch by Kris Steinhoff (#1483960) -- Enable spellchecker for HTML editor (#1485114) -- Respect spellcheck_uri in tinyMCE spellchecker (#1484196) -- Case insensitive contacts searching using PostgreSQL (#1485259) -- Make default imap folders configurable for each user (#1485075) -- Save outgoing mail to selectable folder (#1324581) -- Fix hiding of mark menu when clicking th button again (#1484944) -- Use long date format in print mode (#1485191) -- Updated TinyMCE to version 3.1.0.1 -- Re-enable autocomplete attribute for login form (#1485211) -- Check PERMANENTFLAGS before saving $MDNSent flag (#1484963, #1485163) -- Added flag column on messages list (#1484623) -- Patched Mail/MimePart.php (http://pear.php.net/bugs/bug.php?id=14232) -- Allow trash/junk subfolders to be purged (#1485085) -- Store compose parameters in session and redirect to a unique URL -- Fixed CRAM-MD5 authentication (#1484819) -- Fixed forwarding messages with one HTML attachment (#1484442) -- Fixed encoding of message/rfc822 attachments and image/pjpeg handling (#1484914) -- Added option to select skin in user preferences -- Added option to configure displaying of attached images below the message body -- Added option to display images in messages from known senders (#1484601) -- User preferences grouped in more fieldsets -- Fix corrupted MIME headers of messages in Sent folder (#1485111) -- Fixed bug in MDB2 package: http://pear.php.net/bugs/bug.php?id=14124 -- Use keypress instead of keydown to select list's row (#1484816) -- Don't call expunge and don't remove message row after message move if flag_for_deletion is set to true (#1485002) - -RELEASE 0.2-ALPHA ------------------ -- Added option to disable autocompletion from selected LDAP address books (#1484922) -- TLS support in LDAP connections: 'use_tls' property (#1485104) -- Fixed removing messages from search set after deleting them (#1485106) -- imap.inc: Fixed iil_C_FetchStructureString() to handle many - literal strings in response (#1484969) -- Support for subfolders in default/protected folders (#1484665) -- Disallowed delimiter in folder name (#1484803) -- Support " and \ in folder names -- Escape \ in login (#1484614) -- Better HTML sanitization with the DOM-based washtml script (#1484701) -- Fixed sorting of folders with non-ascii characters -- Fixed Mysql DDL for default identities creation (#1485070) -- In Preferences added possibility to configure 'read_when_deleted', - 'mdn_requests', 'flag_for_deletion' options -- Made IMAP auth type configurable (#1483825) -- Fixed empty values with FROM_UNIXTIME() in rcube_mdb2 (#1485055) -- Fixed attachment list on IE 6/7 (#1484807) -- Fixed JavaScript in compose.html that shows cc/bcc fields if populated -- Make password input fields of type password in installer (#1484886) -- Don't attempt to delete cache entries if enable_caching is FALSE (#1485051) -- Optimized messages sorting on servers without sort capability (#1485049) -- Corrected message headers decoding when charset isn't specified and improved - support for native languages (#1485050, #1485048) -- Expanded LDAP configuration options to support LDAP server writes. -- Installer: encode special characters in DB username/password (#1485042) -- Fixed management of folders with national characters in names (#1485036, #1485001) -- Fixed identities saving when using MDB2 pgsql driver (#1485032) -- Fixed BCC header reset (#1484997) -- Improved messages list performance - patch from Justin Heesemann -- Append skin_path to images location only when it starts with '/' sign (#1484859) -- Fix IMAP response in message body when message has no body (#1484964) -- Fixed non-RFC dates formatting (#1484901) -- Fixed typo in set_charset() (#1484991) -- Decode entities when inserting HTML signature to plain text message (#1484990) -- HTML editing is now working with PHP5 updates and TinyMCE v3.0.6 -- Fixed signature loading on Windows (#1484545) -- Added language support to HTML editing (#1484862) -- Fixed remove signature when replying (#1333167) -- Fixed problem with line with a space at the end (#1484916) -- Fixed <!DOCTYPE> tag filtering (#1484391) -- Fixed <?xml> tag filtering (#1484403) -- Added sections (fieldset+label) in Settings interface -- Mark as read in one action with message preview (#1484972) -- Deleted redundant quota reads (#1484972) -- Added options for empty trash and expunge inbox on logout (#1483863) -- Removed lines wrapping when displaying message -- Fixed month localization -- Changed codebase to PHP5 with autoloader - -RELEASE 0.1.1 -------------- -- Clear selection when selecting single item (#1484942) -- Remove hard-coded image size in skin templates (#1484893) -- Database schema improvements (dropped unnecessary indexes) -- Fixed creating a new folder with a comma in its name (#1484681) -- Fixed sorting of messages when default mailbox is empty (#1484317) -- Improve message previewpane - less loading (#1484316) -- Fixed login form autoompletion (#1484839) -- Fixed virtuser_query option for mdb2 backend (#1484874) -- Fixed attachment resoting from Drafts when message body was empty (#1484506) -- Fixed usage of ob_gzhandler (#1484851) -- Fixed message part window in IE6 (#1484610) -- Fixed decoding of mime-encoded strings (#1484191) -- Fixed some iconv/mb_string problems (#1484598) -- Correctly quote mailbox name when using in URL (#1484313) -- Fixed "headers already sent" errors (#1484860) - -RELEASE 0.1-STABLE ------------------- -- Added interactive installer script -- Fix folder adding/renaming inspired by #1484800 -- Localize folder name in page title (#1484785) -- Fix code using wrong variable name (#1484018) -- Allow to send mail with BCC recipients only -- condense TinyMCE toolbar down to one line, removing table buttons (#1484747) -- Add function to mark the selected messages as read/unread (#1457360) -- Also do charset decoding as suggested in RFC 2231 (fix #1484321) -- Show message count in folder list and hint when creating a subfolder -- Distinguish ssl and tls for imap connections (#1484667) -- Added some charset aliases to fix typical mis-labelling (#1484565) -- Remember decision to display images for a certain message during session (#1484754) -- Truncate attachment filenames to 55 characters due to an IE bug (#1484757) -- Make sending of read receipts configurable -- Respect config when localize folder names (#1484707) -- Also respect receipt and priority settings when re-opening a draft message -- Remember search results (closes #1483883), patch by the_glu -- Add Received header on outgoing mail -- Upgrade to TinyMCE 2.1.3 -- Allow inserting image attachments into HTML messages while composing (#1484557) -- Implement Message-Disposition-Notification (Receipts) -- Fix overriding of session vars when register_globals is on (#1484670) -- Fix bug with case-sensitive folder names (#1484245) -- Don't create default folders by default -- Fixed some potential security risks (audited by Andris) -- Only show new messages if they match the current search (#1484176) -- Switch to/from when searcing in Sent folder (#1484555) -- Correctly read the References header (#1484646) -- Unset old cookie before sending a new value (#1484639) -- Correctly decode attachments when downloading them (#1484645 and #1484642) -- Suppress IE errors when clearing attachments form (#1484356) -- Log error when login fails due to auto_create_user turned off -- Filter linked/imported CSS files (closes #1484056) -- Improve message compose screen (closes #1484383) -- Select next row after removing one from list (#1484387) - -RELEASE 0.1-RC2 ---------------- -- Enable drag-&-dropping of folders to a new parent and allow to create subfolders (#1457344) -- Suppress IE errors when clearing attachments form (#1484356) -- Set preferences field in user table to NULL (#1484386) -- Log error when login fails due to auto_create_user turned off -- Filter linked/imported CSS files (closes #1484056) -- Improve message compose screen (closes #1484383) -- Select next row after removing one from list (#1484387) -- Make smtp HELO/EHLO hostname configurable (#1484067) -- IPv6 Compatability (#1484322), Patch #1484373 -- Unlock interface when message sending fails (#1484570) -- Eval PHP code in template includes (if configured) -- Show message when folder is empty. Mo more static text in table (#1484395) -- Only display unread count in page title when new messages arrived -- Fixed wrong delete button tooltip (#1483965) -- Fixed charset encoding bug (#1484429) -- Applied patch for LDAP version (#1484552) -- Improved XHTML validation -- Fix message list selection (#1484550) -- Better fix lowercased usernames (#1484473) -- Update pngbehavior Script as suggested in #1484490 -- Fixed moving/deleting messages when more than 1 is selected -- Applied patch for LDAP contacts listing by Glen Ogilvie -- Applied patch for more address fields in LDAP contacts (#1484402) -- Add alternative for getallheaders() (fix #1484508) -- Identify mailboxes case-sensitive -- Sort mailbox list case-insensitive (closes #1484338) -- Fix display of multipart messages from Apple Mail (closes #1484027) -- Protect AJAX request from being fetched by a foreign site (XSS) -- Make autocomplete for loginform configurable by the skin template -- Fix compose function from address book (closes #1484426) -- Added //IGNORE to iconv call (patch #1484420, closes #1484023) -- Check if mbstring supports charset (#1484290 and #1484292) -- Prefer iconv over mbstring (as suggested in #1484292) -- Check filesize of template includes (#1484409) -- Fixed bug with buttons not dimming/enabling properly after switching folders -- Fixed compose window becoming unresponsive after saving a draft (#1484487) -- Re-enabled "Back" button in compose window now that bug #1484487 is fixed -- Fixed unresponsive interface issue when downloading attachments (#1484496) -- Lowered status message time from 5 to 3 seconds to improve responsiveness -- Raised .htaccess upload_max_filesize from 2M to 5M to differ from default php.ini -- Increased "mailboxcontrols" mail.css width from 160 to 170px to fix non-english languages (#1484499) -- Fix status message bug #1484464 with regard to #1484353 -- Fix address adding bug reported by David Koblas -- Applied socket error patch by Thomas Mangin -- Pass-by-reference workarround for PHP5 in sendmail.inc -- Fixed buggy imap_root settings (closes #1484379) -- Prevent default events on subject links (#1484399) -- Use HTTP-POST requests for actions that change state - -RELEASE 0.1-RC1 ---------------- -- Use global filters and bind username/ for Ldap searches (#1484159) -- Hide quota display if imap server does not support it -- Hide address groups if no LDAP servers configured -- Add link to message subjects (closes #1484257) -- Better SQL query for contact listing/search (closes #1484369) -- Fixed marking as read in preview pane (closes #1484364) -- CSS hack to display attachments correctly in IE6 -- Wrap message body text (closes #1484148) -- LDAP access is back in address book (closes #1484087) -- Added search function for contacts -- New Template parsing and output encoding -- Fixed bugs #1484119 and #1483978 -- Fixed message moving procedure (closes #1484308) -- Fixed display of multiple attachments (closes #1466563) -- Fixed check for new messages (closes #1484310) -- List attachments without filename -- New session authentication: Change sessid cookie when login, authentication with sessauth cookie is now configurable. - Should close bugs #1483951 and #1484299 -- Correctly translate mailbox names (closes #1484276) -- Quote e-mail address links (closes #1484300) -- Updated PEAR::Mail_mime package -- Accept single quotes for HTML attributes when modifying message body (thanks Jason) -- Sanitize input for new users/identities (thanks Colin Alston) -- Don't download HTML message parts -- Convert HTML parts to plaintext if 'prefer_html' is off -- Correctly parse message/rfc822 parts (closes #1484045) -- Also use user_id for unique key in messages table (closes #1484074) -- Hide contacts drop down on blur (closes #1484203) -- Make entries in contacts drop down clickable -- Turn off browser autocompletion on login page -- Quote <? in text/html message parts -- Hide border around radio buttons -- Applied patch for attachment download by crichardson (closes #1484198) -- Fixed bug in Postgres DB handling (closes #1484068) -- Fixed bug of invalid calls to fetchRow() in rcube_db.inc (closes #1484280) -- Fixed array_merge bug (closes #1484281) -- Fixed flag for deletion in list view (closes #1484264) -- Finally support semicolons as recipient separator (closes ##1484251) -- Fixed message headers (subject) encoding -- check if safe mode is on or not (closes #1484269) -- Show "no subject" in message list if subject is missing (closes #1484243) -- Solved page caching of message preview (closes #1484153) -- Only use gzip compression if configured (closes #1484236) -- Fixed priority selector issue (#1484150) -- Fixed some CSS issues in default skin (closes #1484210 and #1484161) -- Prevent from double quoting of numeric HTML character references (closes #1484253) -- Fixed display of HTML message attachments (closes #1484178) -- Applied patch for preview caching (closes #1484186) -- Added error handling for attachment uploads -- Use multibyte safe string functions where necessary (closes #1483988) -- Applied security patch to validate the submitted host value (by Kees Cook) -- Applied security patch to validate input values when deleting contacts (by Kees Cook) -- Applied security patch that sanitizes emoticon paths when attaching them (by Kees Cook) -- Applied a patch to more aggressively sanitize a HTML message -- Visualize blocked images in HTML messages -- Fixed wrong message listing when showing search results (closes #1484131) -- Show remote images when opening HTML message part as attachment -- Improve memory usage when sending mail (closes #1484098) -- Mark messages as read once the preview is loaded (closes #1484132) -- Include smtp final response in log (closes #1484081) -- Corrected date string in sent message header (closes #1484125) -- Correclty choose "To" column in sent and draft mailboxes (closes #1483943) -- Changed srong tooltips for message browse buttons (closes #1483930) -- Fixed signature delimeter character to be standard (Bug #1484035) -- Fixed XSS vulnerability (Bug #1484109) -- Remove newlines from mail headers (Bug #1484031) -- Selection issues when moving/deleting (Bug #1484044) -- Applied patch of Clement Moulin for imap host auto-selection -- ISO-encode IMAP password for plaintext login (Bugs #1483977 & #1483886) -- Fixed folder name encoding in subscription list (Bug #1484113) -- Fixed JS errors in identity list (Bug #1484120) -- Translate foldernames in folder form (closes #1484113) -- Added first and last buttons to message list, address book - and message detail -- Pressing Shift-Del bypasses Trash folder -- Enable purge command for Junk folder -- Fetch all aliases if virtuser_query is used instead -- Re-enabled multi select of contacts (Bug #1484017) -- Enable contact editing right after creation (Bug #1459641) -- Correct UTF-7 to UTF-8 conversion if mbstring is not available -- Fixed IMAP fetch of message body (Bug #1484019) -- Fixed safe_mode problems (Bug #1418381) -- Fixed wrong header encoding (Bug #1483976) -- Made automatic draft saving configurable -- Fixed JS bug when renaming folders (Bug #1483989) -- Added quota display as image (by Brett Patterson) -- Corrected creation of a message-id -- New indentation for quoted message text -- Improved HTML validity -- Fixed URL character set (Ticket #1445501) -- Fixed saving of contact into MySQL from LDAP query results (Ticket #1483820) -- Fixed folder renaming: unsubscribe before rename (Bug #1483920) -- Finalized new message parsing (+ chaching) -- Fixed wrong usage of mbstring (Bug #1462439) -- Set default spelling language (Ticket #1483938) -- Added support for Nox Spell Server -- Re-built message parsing (Bug #1327068) - Now based on the message structure delivered by the IMAP server. -- Fixed some XSS and SQL injection issues -- Fixed charset problems with folder renaming - - - - @@ -1,15 +1,6 @@ RoundCube Webmail (http://roundcube.net) -ATTENTION ---------- -This is just a snapshot of the current SVN repository and is NOT A STABLE -version of RoundCube. Unlike the latest release this version requires PHP 5 -and does not work on a webserver with PHP 4. It's not recommended to -replace an existing installation of RoundCube with this version. Also using -a separate database for this installation is highly recommended. - - Introduction: ------------- RoundCube Webmail is a browser-based multilingual IMAP client with an diff --git a/bin/dumpschema.php b/bin/dumpschema.php deleted file mode 100644 index b9a76e419..000000000 --- a/bin/dumpschema.php +++ /dev/null @@ -1,101 +0,0 @@ -#!/usr/bin/env php -<?php -/* - - +-----------------------------------------------------------------------+ - | bin/dumpschema.php | - | | - | This file is part of the RoundCube Webmail client | - | Copyright (C) 2005-2009, RoundCube Dev. - Switzerland | - | Licensed under the GNU GPL | - | | - | PURPOSE: | - | Dumps database schema in XML format using MDB2_Schema | - | | - +-----------------------------------------------------------------------+ - | Author: Thomas Bruederli <roundcube@gmail.com> | - +-----------------------------------------------------------------------+ - - $Id$ - -*/ - -if (php_sapi_name() != 'cli') { - die('Not on the "shell" (php-cli).'); -} - -define('INSTALL_PATH', realpath(dirname(__FILE__) . '/..') . '/' ); -require INSTALL_PATH.'program/include/iniset.php'; - -/** callback function for schema dump **/ -function print_schema($dump) -{ - foreach ((array)$dump as $part) - echo $dump . "\n"; -} - -$config = new rcube_config(); - -// don't allow public access if not in devel_mode -if (!$config->get('devel_mode') && $_SERVER['REMOTE_ADDR']) { - header("HTTP/1.0 401 Access denied"); - die("Access denied!"); -} - -$options = array( - 'use_transactions' => false, - 'log_line_break' => "\n", - 'idxname_format' => '%s', - 'debug' => false, - 'quote_identifier' => true, - 'force_defaults' => false, - 'portability' => false, -); - -$dsnw = $config->get('db_dsnw'); -$dsn_array = MDB2::parseDSN($dsnw); - -// set options for postgres databases -if ($dsn_array['phptype'] == 'pgsql') { - $options['disable_smart_seqname'] = true; - $options['seqname_format'] = '%s'; -} - -$schema =& MDB2_Schema::factory($dsnw, $options); -$schema->db->supported['transactions'] = false; - - -// send as text/xml when opened in browser -if ($_SERVER['REMOTE_ADDR']) - header('Content-Type: text/xml'); - - -if (PEAR::isError($schema)) { - $error = $schema->getMessage() . ' ' . $schema->getUserInfo(); -} -else { - $dump_config = array( - // 'output_mode' => 'file', - 'output' => 'print_schema', - ); - - $definition = $schema->getDefinitionFromDatabase(); - $definition['charset'] = 'utf8'; - - if (PEAR::isError($definition)) { - $error = $definition->getMessage() . ' ' . $definition->getUserInfo(); - } - else { - $operation = $schema->dumpDatabase($definition, $dump_config, MDB2_SCHEMA_DUMP_STRUCTURE); - if (PEAR::isError($operation)) { - $error = $operation->getMessage() . ' ' . $operation->getUserInfo(); - } - } -} - -$schema->disconnect(); - -if ($error && !$_SERVER['REMOTE_ADDR']) - fputs(STDERR, $error); - -?> diff --git a/bin/makedoc.sh b/bin/makedoc.sh deleted file mode 100755 index 26757c0a7..000000000 --- a/bin/makedoc.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/usr/bin/env bash - -if [ -z "$SSH_TTY" ] -then - if [ -z "$DEV_TTY" ] - then - echo "Not on the shell." - exit 1 - fi -fi - -TITLE="RoundCube Classes" -PACKAGES="Core" - -INSTALL_PATH="`dirname $0`/.." -PATH_PROJECT=$INSTALL_PATH/program/include -PATH_DOCS=$INSTALL_PATH/doc/phpdoc -BIN_PHPDOC="`/usr/bin/which phpdoc`" - -if [ ! -x "$BIN_PHPDOC" ] -then - echo "phpdoc not found: $BIN_PHPDOC" - exit 1 -fi - -OUTPUTFORMAT=HTML -CONVERTER=frames -TEMPLATE=earthli -PRIVATE=off - -# make documentation -$BIN_PHPDOC -d $PATH_PROJECT -t $PATH_DOCS -ti "$TITLE" -dn $PACKAGES \ --o $OUTPUTFORMAT:$CONVERTER:$TEMPLATE -pp $PRIVATE - @@ -2,7 +2,7 @@ /* +-------------------------------------------------------------------------+ | RoundCube Webmail IMAP Client | - | Version 0.3-20090419 | + | Version 0.3-beta | | | | Copyright (C) 2005-2009, RoundCube Dev. - Switzerland | | | diff --git a/plugins/autologon/autologon.php b/plugins/autologon/autologon.php deleted file mode 100644 index c40f2d4eb..000000000 --- a/plugins/autologon/autologon.php +++ /dev/null @@ -1,44 +0,0 @@ -<?php - -/** - * Sample plugin to try out some hooks. - * This performs an automatic login if accessed from localhost - */ -class autologon extends rcube_plugin -{ - - function init() - { - $this->add_hook('startup', array($this, 'startup')); - $this->add_hook('authenticate', array($this, 'authenticate')); - } - - function startup($args) - { - $rcmail = rcmail::get_instance(); - - // change action to login - if ($args['task'] == 'mail' && empty($args['action']) && empty($_SESSION['user_id']) && !empty($_GET['_autologin']) && $this->is_localhost()) - $args['action'] = 'login'; - - return $args; - } - - function authenticate($args) - { - if (!empty($_GET['_autologin']) && $this->is_localhost()) { - $args['user'] = 'me'; - $args['pass'] = '******'; - $args['host'] = 'localhost'; - } - - return $args; - } - - function is_localhost() - { - return $_SERVER['REMOTE_ADDR'] == '::1' || $_SERVER['REMOTE_ADDR'] == '127.0.0.1'; - } - -} - diff --git a/plugins/debug_logger/debug_logger.php b/plugins/debug_logger/debug_logger.php deleted file mode 100644 index 8cd335187..000000000 --- a/plugins/debug_logger/debug_logger.php +++ /dev/null @@ -1,146 +0,0 @@ -<?php - -/** - * Debug Logger - * - * Enhanced logging for debugging purposes. It is not recommened - * to be enabled on production systems without testing because of - * the somewhat increased memory, cpu and disk i/o overhead. - * - * Debug Logger listens for existing console("message") calls and - * introduces start and end tags as well as free form tagging - * which can redirect messages to files. The resulting log files - * provide timing and tag quantity results. - * - * Enable the plugin in config/main.inc.php and add your desired - * log types and files. - * - * @version 1.0 - * @author Ziba Scott - * @website http://roundcube.net - * - * Example: - * - * config/main.inc.php: - * - * // $rcmail_config['debug_logger'][type of logging] = name of file in log_dir - * // The 'master' log includes timing information - * $rcmail_config['debug_logger']['master'] = 'master'; - * // If you want sql messages to also go into a separate file - * $rcmail_config['debug_logger']['sql'] = 'sql'; - * - * index.php (just after $RCMAIL->plugins->init()): - * - * console("my test","start"); - * console("my message"); - * console("my sql calls","start"); - * console("cp -r * /dev/null","shell exec"); - * console("select * from example","sql"); - * console("select * from example","sql"); - * console("select * from example","sql"); - * console("end"); - * console("end"); - * - * - * logs/master (after reloading the main page): - * - * [17-Feb-2009 16:51:37 -0500] start: Task: mail. - * [17-Feb-2009 16:51:37 -0500] start: my test - * [17-Feb-2009 16:51:37 -0500] my message - * [17-Feb-2009 16:51:37 -0500] shell exec: cp -r * /dev/null - * [17-Feb-2009 16:51:37 -0500] start: my sql calls - * [17-Feb-2009 16:51:37 -0500] sql: select * from example - * [17-Feb-2009 16:51:37 -0500] sql: select * from example - * [17-Feb-2009 16:51:37 -0500] sql: select * from example - * [17-Feb-2009 16:51:37 -0500] end: my sql calls - 0.0018 seconds shell exec: 1, sql: 3, - * [17-Feb-2009 16:51:37 -0500] end: my test - 0.0055 seconds shell exec: 1, sql: 3, - * [17-Feb-2009 16:51:38 -0500] end: Task: mail. - 0.8854 seconds shell exec: 1, sql: 3, - * - * logs/sql (after reloading the main page): - * - * [17-Feb-2009 16:51:37 -0500] sql: select * from example - * [17-Feb-2009 16:51:37 -0500] sql: select * from example - * [17-Feb-2009 16:51:37 -0500] sql: select * from example - */ -class debug_logger extends rcube_plugin -{ - function init() - { - require_once(dirname(__FILE__).'/runlog/runlog.php'); - $this->runlog = new runlog(); - - if(!rcmail::get_instance()->config->get('log_dir')){ - rcmail::get_instance()->config->set('log_dir',INSTALL_PATH.'logs'); - } - - $log_config = rcmail::get_instance()->config->get('debug_logger',array()); - - foreach($log_config as $type=>$file){ - $this->runlog->set_file(rcmail::get_instance()->config->get('log_dir').'/'.$file, $type); - } - - $start_string = ""; - $action = rcmail::get_instance()->action; - $task = rcmail::get_instance()->task; - if($action){ - $start_string .= "Action: ".$action.". "; - } - if($task){ - $start_string .= "Task: ".$task.". "; - } - $this->runlog->start($start_string); - - $this->add_hook('console', array($this, 'console')); - $this->add_hook('authenticate', array($this, 'authenticate')); - } - - function authenticate($args){ - $this->runlog->note('Authenticating '.$args['user'].'@'.$args['host']); - return $args; - } - - function console($args){ - $note = $args[0]; - $type = $args[1]; - - - if(!isset($args[1])){ - // This could be extended to detect types based on the - // file which called console. For now only rcube_imap.inc is supported - $bt = debug_backtrace(true); - $file = $bt[3]['file']; - switch(basename($file)){ - case 'rcube_imap.php': - $type = 'imap'; - break; - default: - $type = FALSE; - break; - } - } - switch($note){ - case 'end': - $type = 'end'; - break; - } - - - switch($type){ - case 'start': - $this->runlog->start($note); - break; - case 'end': - $this->runlog->end(); - break; - default: - $this->runlog->note($note, $type); - break; - } - return $args; - } - - function __destruct(){ - $this->runlog->end(); - } -} -?> diff --git a/plugins/debug_logger/runlog/runlog.php b/plugins/debug_logger/runlog/runlog.php deleted file mode 100644 index c9f672615..000000000 --- a/plugins/debug_logger/runlog/runlog.php +++ /dev/null @@ -1,227 +0,0 @@ -<?php - -/** - * runlog - * - * @author Ziba Scott <ziba@umich.edu> - */ -class runlog { - - private $start_time = FALSE; - - private $parent_stack = array(); - - public $print_to_console = FALSE; - - private $file_handles = array(); - - private $indent = 0; - - public $threshold = 0; - - public $tag_count = array(); - - public $timestamp = "d-M-Y H:i:s O"; - - public $max_line_size = 150; - - private $run_log = array(); - - function runlog() - { - $this->start_time = microtime( TRUE ); - } - - public function start( $name, $tag = FALSE ) - { - $this->run_log[] = array( 'type' => 'start', - 'tag' => $tag, - 'index' => count($this->run_log), - 'value' => $name, - 'time' => microtime( TRUE ), - 'parents' => $this->parent_stack, - 'ended' => false, - ); - $this->parent_stack[] = $name; - - $this->print_to_console("start: ".$name, $tag, 'start'); - $this->print_to_file("start: ".$name, $tag, 'start'); - $this->indent++; - } - - public function end() - { - $name = array_pop( $this->parent_stack ); - foreach ( $this->run_log as $k => $entry ) { - if ( $entry['value'] == $name && $entry['type'] == 'start' && $entry['ended'] == false) { - $lastk = $k; - } - } - $start = $this->run_log[$lastk]['time']; - $this->run_log[$lastk]['duration'] = microtime( TRUE ) - $start; - $this->run_log[$lastk]['ended'] = true; - - $this->run_log[] = array( 'type' => 'end', - 'tag' => $this->run_log[$lastk]['tag'], - 'index' => $lastk, - 'value' => $name, - 'time' => microtime( TRUE ), - 'duration' => microtime( TRUE ) - $start, - 'parents' => $this->parent_stack, - ); - $this->indent--; - if($this->run_log[$lastk]['duration'] >= $this->threshold){ - $tag_report = ""; - foreach($this->tag_count as $tag=>$count){ - $tag_report .= "$tag: $count, "; - } - if(!empty($tag_report)){ -// $tag_report = "\n$tag_report\n"; - } - $end_txt = sprintf("end: $name - %0.4f seconds $tag_report", $this->run_log[$lastk]['duration'] ); - $this->print_to_console($end_txt, $this->run_log[$lastk]['tag'] , 'end'); - $this->print_to_file($end_txt, $this->run_log[$lastk]['tag'], 'end'); - } - } - - public function increase_tag_count($tag){ - if(!isset($this->tag_count[$tag])){ - $this->tag_count[$tag] = 0; - } - $this->tag_count[$tag]++; - } - - public function get_text(){ - $text = ""; - foreach($this->run_log as $entry){ - $text .= str_repeat(" ",count($entry['parents'])); - if($entry['tag'] != 'text'){ - $text .= $entry['tag'].': '; - } - $text .= $entry['value']; - - if($entry['tag'] == 'end'){ - $text .= sprintf(" - %0.4f seconds", $entry['duration'] ); - } - - $text .= "\n"; - } - return $text; - } - - public function set_file($filename, $tag = 'master'){ - if(!isset($this->file_handle[$tag])){ - $this->file_handles[$tag] = fopen($filename, 'a'); - if(!$this->file_handles[$tag]){ - trigger_error('Could not open file for writing: '.$filename); - } - } - } - - public function note( $msg, $tag = FALSE ) - { - if($tag){ - $this->increase_tag_count($tag); - } - if ( is_array( $msg )) { - $msg = '<pre>' . print_r( $msg, TRUE ) . '</pre>'; - } - $this->debug_messages[] = $msg; - $this->run_log[] = array( 'type' => 'note', - 'tag' => $tag ? $tag:"text", - 'value' => htmlentities($msg), - 'time' => microtime( TRUE ), - 'parents' => $this->parent_stack, - ); - - $this->print_to_file($msg, $tag); - $this->print_to_console($msg, $tag); - - } - - public function print_to_file($msg, $tag = FALSE, $type = FALSE){ - if(!$tag){ - $file_handle_tag = 'master'; - } - else{ - $file_handle_tag = $tag; - } - if($file_handle_tag != 'master' && isset($this->file_handles[$file_handle_tag])){ - $buffer = $this->get_indent(); - $buffer .= "$msg\n"; - if(!empty($this->timestamp)){ - $buffer = sprintf("[%s] %s",date($this->timestamp, mktime()), $buffer); - } - fwrite($this->file_handles[$file_handle_tag], wordwrap($buffer, $this->max_line_size, "\n ")); - } - if(isset($this->file_handles['master']) && $this->file_handles['master']){ - $buffer = $this->get_indent(); - if($tag){ - $buffer .= "$tag: "; - } - $msg = str_replace("\n","",$msg); - $buffer .= "$msg"; - if(!empty($this->timestamp)){ - $buffer = sprintf("[%s] %s",date($this->timestamp, mktime()), $buffer); - } - if(strlen($buffer) > $this->max_line_size){ - $buffer = substr($buffer,0,$this->max_line_size - 3)."..."; - } - fwrite($this->file_handles['master'], $buffer."\n"); - } - } - - public function print_to_console($msg, $tag=FALSE){ - if($this->print_to_console){ - if(is_array($this->print_to_console)){ - if(in_array($tag, $this->print_to_console)){ - echo $this->get_indent(); - if($tag){ - echo "$tag: "; - } - echo "$msg\n"; - } - } - else{ - echo $this->get_indent(); - if($tag){ - echo "$tag: "; - } - echo "$msg\n"; - } - } - } - - public function print_totals(){ - $totals = array(); - foreach ( $this->run_log as $k => $entry ) { - if ( $entry['type'] == 'start' && $entry['ended'] == true) { - $totals[$entry['value']]['duration'] += $entry['duration']; - $totals[$entry['value']]['count'] += 1; - } - } - if($this->file_handle){ - foreach($totals as $name=>$details){ - fwrite($this->file_handle,$name.": ".number_format($details['duration'],4)."sec, ".$details['count']." calls \n"); - } - } - } - - private function get_indent(){ - $buf = ""; - for($i = 0; $i < $this->indent; $i++){ - $buf .= " "; - } - return $buf; - } - - - function __destruct(){ - foreach($this->file_handles as $handle){ - fclose($handle); - } - } - -} - -?> diff --git a/plugins/example_addressbook/example_addressbook.php b/plugins/example_addressbook/example_addressbook.php deleted file mode 100644 index 081efcb13..000000000 --- a/plugins/example_addressbook/example_addressbook.php +++ /dev/null @@ -1,42 +0,0 @@ -<?php - -/** - * Sample plugin to add a new address book - * with just a static list of contacts - */ -class example_addressbook extends rcube_plugin -{ - private $abook_id = 'static'; - - public function init() - { - $this->add_hook('address_sources', array($this, 'address_sources')); - $this->add_hook('get_address_book', array($this, 'get_address_book')); - - // use this address book for autocompletion queries - // (maybe this should be configurable by the user?) - $config = rcmail::get_instance()->config; - $sources = $config->get('autocomplete_addressbooks', array('sql')); - if (!in_array($this->abook_id, $sources)) { - $sources[] = $this->abook_id; - $config->set('autocomplete_addressbooks', $sources); - } - } - - public function address_sources($p) - { - $p['sources'][$this->abook_id] = array('id' => $this->abook_id, 'name' => 'Static List', 'readonly' => true); - return $p; - } - - public function get_address_book($p) - { - if ($p['id'] == $this->abook_id) { - require_once(dirname(__FILE__) . '/example_addressbook_backend.php'); - $p['instance'] = new example_addressbook_backend; - } - - return $p; - } - -} diff --git a/plugins/example_addressbook/example_addressbook_backend.php b/plugins/example_addressbook/example_addressbook_backend.php deleted file mode 100644 index ad6b89d67..000000000 --- a/plugins/example_addressbook/example_addressbook_backend.php +++ /dev/null @@ -1,72 +0,0 @@ -<?php - -/** - * Example backend class for a custom address book - * - * This one just holds a static list of address records - * - * @author Thomas Bruederli - */ -class example_addressbook_backend extends rcube_addressbook -{ - public $primary_key = 'ID'; - public $readonly = true; - - private $filter; - private $result; - - public function __construct() - { - $this->ready = true; - } - - public function set_search_set($filter) - { - $this->filter = $filter; - } - - public function get_search_set() - { - return $this->filter; - } - - public function reset() - { - $this->result = null; - $this->filter = null; - } - - public function list_records($cols=null, $subset=0) - { - $this->result = $this->count(); - $this->result->add(array('ID' => '111', 'name' => "Example Contact", 'firstname' => "Example", 'surname' => "Contact", 'email' => "example@roundcube.net")); - - return $this->result; - } - - public function search($fields, $value, $strict=false, $select=true) - { - // no search implemented, just list all records - return $this->list_records(); - } - - public function count() - { - return new rcube_result_set(1, ($this->list_page-1) * $this->page_size); - } - - public function get_result() - { - return $this->result; - } - - public function get_record($id, $assoc=false) - { - $this->list_records(); - $first = $this->result->first(); - $sql_arr = $first['ID'] == $id ? $first : null; - - return $assoc && $sql_arr ? $sql_arr : $this->result; - } - -} diff --git a/plugins/userinfo/localization/de_CH.inc b/plugins/userinfo/localization/de_CH.inc deleted file mode 100644 index 5f236b66c..000000000 --- a/plugins/userinfo/localization/de_CH.inc +++ /dev/null @@ -1,9 +0,0 @@ -<?php - -$labels = array(); -$labels['userinfo'] = 'Benutzerinfo'; -$labels['created'] = 'Erstellt'; -$labels['lastlogin'] = 'Letztes Login'; -$labels['defaultidentity'] = 'Standard-Absender'; - -?>
\ No newline at end of file diff --git a/plugins/userinfo/localization/en_US.inc b/plugins/userinfo/localization/en_US.inc deleted file mode 100644 index 1a2fd9016..000000000 --- a/plugins/userinfo/localization/en_US.inc +++ /dev/null @@ -1,9 +0,0 @@ -<?php - -$labels = array(); -$labels['userinfo'] = 'User info'; -$labels['created'] = 'Created'; -$labels['lastlogin'] = 'Last Login'; -$labels['defaultidentity'] = 'Default Identity'; - -?>
\ No newline at end of file diff --git a/plugins/userinfo/localization/et_EE.inc b/plugins/userinfo/localization/et_EE.inc deleted file mode 100644 index 97830b45c..000000000 --- a/plugins/userinfo/localization/et_EE.inc +++ /dev/null @@ -1,9 +0,0 @@ -<?php - -$labels = array(); -$labels['userinfo'] = 'Kasutaja info'; -$labels['created'] = 'Loodud'; -$labels['lastlogin'] = 'Viimane logimine'; -$labels['defaultidentity'] = 'Vaikeidentiteet'; - -?> diff --git a/plugins/userinfo/localization/pl_PL.inc b/plugins/userinfo/localization/pl_PL.inc deleted file mode 100644 index 6b03c32e7..000000000 --- a/plugins/userinfo/localization/pl_PL.inc +++ /dev/null @@ -1,9 +0,0 @@ -<?php - -$labels = array(); -$labels['userinfo'] = 'Informacje'; -$labels['created'] = 'Utworzony'; -$labels['lastlogin'] = 'Ostatnie logowanie'; -$labels['defaultidentity'] = 'Domyślna tożsamość'; - -?> diff --git a/plugins/userinfo/userinfo.js b/plugins/userinfo/userinfo.js deleted file mode 100644 index 70a5085b3..000000000 --- a/plugins/userinfo/userinfo.js +++ /dev/null @@ -1,16 +0,0 @@ -/* Show user-info plugin script */ - -if (window.rcmail) { - rcmail.addEventListener('init', function(evt) { - // <span id="settingstabdefault" class="tablink"><roundcube:button command="preferences" type="link" label="preferences" title="editpreferences" /></span> - var tab = $('<span>').attr('id', 'settingstabpluginuserinfo').addClass('tablink'); - - var button = $('<a>').attr('href', rcmail.env.comm_path+'&_action=plugin.userinfo').html(rcmail.gettext('userinfo', 'userinfo')).appendTo(tab); - button.bind('click', function(e){ return rcmail.command('plugin.userinfo', this) }); - - // add button and register command - rcmail.add_element(tab, 'tabs'); - rcmail.register_command('plugin.userinfo', function(){ rcmail.goto_url('plugin.userinfo') }, true); - }) -} - diff --git a/plugins/userinfo/userinfo.php b/plugins/userinfo/userinfo.php deleted file mode 100644 index 0f1b18cd9..000000000 --- a/plugins/userinfo/userinfo.php +++ /dev/null @@ -1,53 +0,0 @@ -<?php - -/** - * Sample plugin that adds a new tab to the settings section - * to display some information about the current user - */ -class userinfo extends rcube_plugin -{ - public $task = 'settings'; - - function init() - { - $this->add_texts('localization/', array('userinfo')); - $this->register_action('plugin.userinfo', array($this, 'infostep')); - $this->include_script('userinfo.js'); - } - - function infostep() - { - $this->register_handler('plugin.body', array($this, 'infohtml')); - rcmail::get_instance()->output->send('plugin'); - } - - function infohtml() - { - $rcmail = rcmail::get_instance(); - $user = $rcmail->user; - - $table = new html_table(array('cols' => 2, 'cellpadding' => 3)); - - $table->add('title', 'ID'); - $table->add('', Q($user->ID)); - - $table->add('title', Q($this->gettext('username'))); - $table->add('', Q($user->data['username'])); - - $table->add('title', Q($this->gettext('server'))); - $table->add('', Q($user->data['mail_host'])); - - $table->add('title', Q($this->gettext('created'))); - $table->add('', Q($user->data['created'])); - - $table->add('title', Q($this->gettext('lastlogin'))); - $table->add('', Q($user->data['last_login'])); - - $identity = $user->get_identity(); - $table->add('title', Q($this->gettext('defaultidentity'))); - $table->add('', Q($identity['name'] . ' <' . $identity['email'] . '>')); - - return html::tag('h4', null, Q('Infos for ' . $user->get_username())) . $table->show(); - } - -}
\ No newline at end of file diff --git a/program/include/iniset.php b/program/include/iniset.php index eef1ec537..512e03bf5 100755 --- a/program/include/iniset.php +++ b/program/include/iniset.php @@ -22,7 +22,7 @@ // application constants -define('RCMAIL_VERSION', '0.3-trunk'); +define('RCMAIL_VERSION', '0.3-beta'); define('RCMAIL_CHARSET', 'UTF-8'); define('JS_OBJECT_NAME', 'rcmail'); diff --git a/tests/mailfunc.php b/tests/mailfunc.php deleted file mode 100644 index ae35c5d77..000000000 --- a/tests/mailfunc.php +++ /dev/null @@ -1,119 +0,0 @@ -<?php - -/** - * Test class to test steps/mail/func.inc functions - * - * @package Tests - */ -class rcube_test_mailfunc extends UnitTestCase -{ - - function __construct() - { - $this->UnitTestCase('Mail body rendering tests'); - - // simulate environment to successfully include func.inc - $GLOBALS['RCMAIL'] = $RCMAIL = rcmail::get_instance(); - $GLOBALS['OUTPUT'] = $OUTPUT = $RCMAIL->load_gui(); - $RCMAIL->action = 'spell'; - $IMAP = $RCMAIL->imap; - - require_once 'steps/mail/func.inc'; - - $GLOBALS['EMAIL_ADDRESS_PATTERN'] = $EMAIL_ADDRESS_PATTERN; - } - - /** - * Helper method to create a HTML message part object - */ - function get_html_part($body) - { - $part = new rcube_message_part; - $part->ctype_primary = 'text'; - $part->ctype_secondary = 'html'; - $part->body = file_get_contents(TESTS_DIR . $body); - $part->replaces = array(); - return $part; - } - - /** - * Test sanitization of a "normal" html message - */ - function test_html() - { - $part = $this->get_html_part('src/htmlbody.txt'); - $part->replaces = array('ex1.jpg' => 'part_1.2.jpg', 'ex2.jpg' => 'part_1.2.jpg'); - - // render HTML in normal mode - $html = rcmail_html4inline(rcmail_print_body($part, array('safe' => false)), 'foo'); - - $this->assertPattern('/src="'.$part->replaces['ex1.jpg'].'"/', $html, "Replace reference to inline image"); - $this->assertPattern('#background="./program/blocked.gif"#', $html, "Replace external background image"); - $this->assertNoPattern('/ex3.jpg/', $html, "No references to external images"); - $this->assertNoPattern('/<meta [^>]+>/', $html, "No meta tags allowed"); - $this->assertNoPattern('/<style [^>]+>/', $html, "No style tags allowed"); - $this->assertNoPattern('/<form [^>]+>/', $html, "No form tags allowed"); - $this->assertPattern('/Subscription form/', $html, "Include <form> contents"); - $this->assertPattern('/<!-- input not allowed -->/', $html, "No input elements allowed"); - $this->assertPattern('/<!-- link not allowed -->/', $html, "No external links allowed"); - $this->assertPattern('/<a[^>]+ target="_blank">/', $html, "Set target to _blank"); - $this->assertTrue($GLOBALS['REMOTE_OBJECTS'], "Remote object detected"); - - // render HTML in safe mode - $html2 = rcmail_html4inline(rcmail_print_body($part, array('safe' => true)), 'foo'); - - $this->assertPattern('/<style [^>]+>/', $html2, "Allow styles in safe mode"); - $this->assertPattern('#src="http://evilsite.net/mailings/ex3.jpg"#', $html2, "Allow external images in HTML (safe mode)"); - $this->assertPattern("#url\('http://evilsite.net/newsletter/image/bg/bg-64.jpg'\)#", $html2, "Allow external images in CSS (safe mode)"); - - $css = '<link rel="stylesheet" type="text/css" href="./bin/modcss.php?u='.urlencode('http://anysite.net/styles/mail.css').'&c=foo"'; - $this->assertPattern('#'.preg_quote($css).'#', $html2, "Filter external styleseehts with bin/modcss.php"); - } - - /** - * Test the elimination of some trivial XSS vulnerabilities - */ - function test_html_xss() - { - $part = $this->get_html_part('src/htmlxss.txt'); - $washed = rcmail_print_body($part, array('safe' => true)); - - $this->assertNoPattern('/src="skins/', $washed, "Remove local references"); - $this->assertNoPattern('/\son[a-z]+/', $washed, "Remove on* attributes"); - - $html = rcmail_html4inline($washed, 'foo'); - $this->assertNoPattern('/onclick="return rcmail.command(\'compose\',\'xss@somehost.net\',this)"/', $html, "Clean mailto links"); - $this->assertNoPattern('/alert/', $html, "Remove alerts"); - } - - /** - * Test HTML sanitization to fix the CSS Expression Input Validation Vulnerability - * reported at http://www.securityfocus.com/bid/26800/ - */ - function test_html_xss2() - { - $part = $this->get_html_part('src/BID-26800.txt'); - $washed = rcmail_print_body($part, array('safe' => true)); - - $this->assertNoPattern('/alert|expression|javascript|xss/', $washed, "Remove evil style blocks"); - $this->assertNoPattern('/font-style:italic/', $washed, "Allow valid styles"); - } - - /** - * Test links pattern replacements in plaintext messages - */ - function test_plaintext() - { - $part = new rcube_message_part; - $part->ctype_primary = 'text'; - $part->ctype_secondary = 'plain'; - $part->body = quoted_printable_decode(file_get_contents(TESTS_DIR . 'src/plainbody.txt')); - $html = rcmail_print_body($part, array('safe' => true)); - - $this->assertPattern('/<a href="mailto:nobody@roundcube.net" onclick="return rcmail.command\(\'compose\',\'nobody@roundcube.net\',this\)">nobody@roundcube.net<\/a>/', $html, "Mailto links with onclick"); - $this->assertPattern('#<a href="http://www.apple.com/legal/privacy/" target="_blank">http://www.apple.com/legal/privacy/</a>#', $html, "Links with target=_blank"); - } - -} - -?>
\ No newline at end of file diff --git a/tests/modcss.php b/tests/modcss.php deleted file mode 100644 index f9271ff65..000000000 --- a/tests/modcss.php +++ /dev/null @@ -1,45 +0,0 @@ -<?php - -/** - * Test class to test rcmail_mod_css_styles and XSS vulnerabilites - * - * @package Tests - */ -class rcube_test_modcss extends UnitTestCase -{ - - function __construct() - { - $this->UnitTestCase('CSS modification and vulnerability tests'); - } - - function test_modcss() - { - $css = file_get_contents(TESTS_DIR . 'src/valid.css'); - $mod = rcmail_mod_css_styles($css, 'rcmbody'); - - $this->assertPattern('/#rcmbody div.rcmBody\s+\{/', $mod, "Replace body style definition"); - $this->assertPattern('/#rcmbody h1\s\{/', $mod, "Prefix tag styles (single)"); - $this->assertPattern('/#rcmbody h1, #rcmbody h2, #rcmbody h3, #rcmbody textarea\s+\{/', $mod, "Prefix tag styles (multiple)"); - $this->assertPattern('/#rcmbody \.noscript\s+\{/', $mod, "Prefix class styles"); - } - - function test_xss() - { - $mod = rcmail_mod_css_styles("body.main2cols { background-image: url('../images/leftcol.png'); }", 'rcmbody'); - $this->assertEqual("/* evil! */", $mod, "No url() values allowed"); - - $mod = rcmail_mod_css_styles("@import url('http://localhost/somestuff/css/master.css');", 'rcmbody'); - $this->assertEqual("/* evil! */", $mod, "No import statements"); - - $mod = rcmail_mod_css_styles("left:expression(document.body.offsetWidth-20)", 'rcmbody'); - $this->assertEqual("/* evil! */", $mod, "No expression properties"); - - $mod = rcmail_mod_css_styles("left:exp/* */ression( alert('xss3') )", 'rcmbody'); - $this->assertEqual("/* evil! */", $mod, "Don't allow encoding quirks"); - - $mod = rcmail_mod_css_styles("background:\\0075\\0072\\006c( javascript:alert('xss') )", 'rcmbody'); - $this->assertEqual("/* evil! */", $mod, "Don't allow encoding quirks (2)"); - } - -}
\ No newline at end of file diff --git a/tests/runtests.sh b/tests/runtests.sh deleted file mode 100755 index 04a9a3745..000000000 --- a/tests/runtests.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/usr/bin/env php -<?php - -/* - +-----------------------------------------------------------------------+ - | tests/runtests.sh | - | | - | This file is part of the RoundCube Webmail client | - | Copyright (C) 2009, RoundCube Dev. - Switzerland | - | Licensed under the GNU GPL | - | | - | PURPOSE: | - | Run-script for unit tests based on http://simpletest.org | - | All .php files in this folder will be treated as tests | - +-----------------------------------------------------------------------+ - | Author: Thomas Bruederli <roundcube@gmail.com> | - +-----------------------------------------------------------------------+ - - $Id: $ - -*/ - -if (php_sapi_name() != 'cli') - die("Not in shell mode (php-cli)"); - -if (!defined('SIMPLETEST')) define('SIMPLETEST', '/www/simpletest/'); -if (!defined('INSTALL_PATH')) define('INSTALL_PATH', realpath(dirname(__FILE__) . '/..') . '/' ); - -define('TESTS_DIR', dirname(__FILE__) . '/'); - -require_once(SIMPLETEST . 'unit_tester.php'); -require_once(SIMPLETEST . 'reporter.php'); -require_once(INSTALL_PATH . 'program/include/iniset.php'); - -if (count($_SERVER['argv']) > 1) { - $testfiles = array(); - for ($i=1; $i < count($_SERVER['argv']); $i++) - $testfiles[] = realpath('./' . $_SERVER['argv'][$i]); -} -else { - $testfiles = glob(TESTS_DIR . '*.php'); -} - -$test = new TestSuite('RoundCube unit tests'); -$reporter = new TextReporter(); - -foreach ($testfiles as $fn) { - $test->addTestFile($fn); -} - -$test->run($reporter); - -?>
\ No newline at end of file diff --git a/tests/src/BID-26800.txt b/tests/src/BID-26800.txt deleted file mode 100644 index 513516c09..000000000 --- a/tests/src/BID-26800.txt +++ /dev/null @@ -1,52 +0,0 @@ -<html> -<head> -</head> -<body> -<h1>1 test</h1> -<p><style> block</p> -<style>input { left:expression( alert('expression!') ) }</style> -<style>div { background:url(alert('URL!') ) }</style> - -<h1>2 test</h1> -<p><div> block</p> -<div style="font-style:italic">valid css</div> -<div style="{ left:expression( alert('expression!') ) }"> -<div style="{ background:url( alert('URL!') ) }"> - -<h1>3 test</h1> -<p>Inject comment text</p> -<div style="{ left:exp/* */ression( alert('xss3') ) }"> -<div style="{ background:u/* */rl( alert('xssurl3') ) }"> - -<h1>4 test</h1> -<p>Using reverse solid to directe the codepoint</p> -<div style="{ left:\0065\0078pression( alert('xss4') ) }"> -<div style="{ background:\0075rl( alert('xssurl4') ) }"> - -<h1>5 test</h1> -<p>Character entity references</p> -<p>Character entity references is acceptable in "inline styles"</p> -<div style="{ left:expression( alert('xss') ) }"> -<div style="{ left:expression( alert('xss') ) }"> -<div style="{ background:url( alert('URL!') ) }"> -<div style="{ background:url( alert('URL!') ) }"> -<div style="{ left:expression( alert('xss') ) }"> - -<div style="{ left:..p.....o.( alert('xss') ) }"> -<div style="{ left:../**/pression( alert('xss') ) }"> -<div style="{ left:expʀessioɴ( alert('xss') ) }"> -<div style="{ left:\0065\0078pression( alert('xss') ) }"> -<div style="{ left:ex p ression( alert('xss') ) }"> - -<div style="{ background:...( javascript:alert('xss') ) }"> -<div style="{ background:u/**/rl( javascript:alert('xss') ) }"> -<div style="{ background:\0075\0072\006c( javascript:alert('xss') ) }"> -<div style="{ background:uʀʟ( javascript:alert('xss') ) -}"> -<div style="{ background:\0075\0280l( javascript:alert('xss') -) }"> -<div style="{ background:u r l( javascript:alert('xss') ) }"> - -</body> -</html> - diff --git a/tests/src/htmlbody.txt b/tests/src/htmlbody.txt deleted file mode 100644 index a10bfe10e..000000000 --- a/tests/src/htmlbody.txt +++ /dev/null @@ -1,51 +0,0 @@ -<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> -<html> -<head> -<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1"> -<title>RoundCube Test Message</title> -<link rel="stylesheet" type="text/css" href="http://anysite.net/styles/mail.css"> -<style type="text/css"> - -p, a { - font-family: Arial, 'Bitstream Vera Sans', Helvetica; - margin-top: 0px; - margin-bottom: 0px; - padding-top: 0px; - padding-bottom: 0px; -} - -</style> -</head> -<body style="margin: 0 0 0 0;"> - -<table width="100%" cellpadding="0" cellspacing="20" style="background-image:url(http://evilsite.net/newsletter/image/bg/bg-64.jpg);background-attachment:fixed;" background="http://evilsite.net/newsletter/image/bg/bg-64.jpg" border="0"> -<tr> -<td> - -<h1>This is a HTML message</h1> - -<p>See nice pictures like the following:</p> - -<div> - <img src="ex1.jpg" width="320" height="320" alt="Example 1"> - <img src="ex2.jpg" width="320" height="320" alt="Example 2"> - <img src="http://evilsite.net/mailings/ex3.jpg" width="320" height="320" alt="Example 3"> -</div> - -<form action="http://evilsite.net/subscribe.php"> - <p>Subscription form</p> - - E-Mail: <input type="text" name="mail" value=""><br/> - <input type="submit" value="Subscribe"> - -</form> - -<p>To unsubscribe click here <a href="http://evilsite.net/unsubscribe.php?mail=foo@bar.com"> or - send a mail to <a href="mailto:unsubscribe@evilsite.net">unsubscribe@evilsite.net</a></p> - -</td> -</tr> -</table> - -</body> -</html>
\ No newline at end of file diff --git a/tests/src/htmlxss.txt b/tests/src/htmlxss.txt deleted file mode 100644 index f6c43e353..000000000 --- a/tests/src/htmlxss.txt +++ /dev/null @@ -1,22 +0,0 @@ -<html> -<body> - -<p><img onLoad.="alert(document.cookie)" src="skins/default/images/roundcube_logo.png" /></p> - -<p><a href="mailto:xss@somehost.net') && alert(document.cookie) || ignore('">mail me!</a> -<a href="http://roundcube.net" target="_self">roundcube.net</a> -<a href="http://roundcube.net" \onmouseover="alert('XSS')">roundcube.net (2)</a> - -</p> - -<div>Brilliant!</div> - -<table><tbody><tr><td background="javascript:alert('XSS')">BBBBBB</td></tr></tbody></table> - -<p> -Have a nice Christmas time.<br /> -Thomas -</p> - -</body> -</html> diff --git a/tests/src/plainbody.txt b/tests/src/plainbody.txt deleted file mode 100644 index 7ebfe429b..000000000 --- a/tests/src/plainbody.txt +++ /dev/null @@ -1,37 +0,0 @@ -From: iPhone Developer Program <noreply-iphonedev@apple.com> -To: nobody@roundcube.net - -*iPhone Developer Program* - ------------------------------------ -iPhone SDK 2.2.1 is now available -https://daw.apple.com/cgi-bin/WebObjects/DSAuthWeb.woa/wa/login?appIdKey=3D= -D635F5C417E087A3B9864DAC5D25920C4E9442C9339FA9277951628F0291F620&path=3D//i= -phone/login.action - -Log in to the iPhone Dev Center to download iPhone SDK for iPhone OS 2.2.1.= - Installation of iPhone SDK 2.2.1 is required for development with devices = -updated to iPhone OS 2.2.1. Please view the Read Me before installing the n= -ew version of the iPhone SDK. - -Log in now -https://daw.apple.com/cgi-bin/WebObjects/DSAuthWeb.woa/wa/login?appIdKey=3D= -D635F5C417E087A3B9864DAC5D25920C4E9442C9339FA9277951628F0291F620&path=3D//i= -phone/login.action - ------------------------------------ -Copyright (c) 2009 Apple Inc. 1 Infinite Loop, MS 303-3DM, Cupertino, CA 95= -014. - -All Rights Reserved -http://www.apple.com/legal/default.html - -Keep Informed -http://www.apple.com/enews/subscribe/ - -Privacy Policy -http://www.apple.com/legal/privacy/ - -My Info -https://myinfo.apple.com/cgi-bin/WebObjects/MyInfo - diff --git a/tests/src/valid.css b/tests/src/valid.css deleted file mode 100644 index 340fa9a87..000000000 --- a/tests/src/valid.css +++ /dev/null @@ -1,30 +0,0 @@ -/** Master style definitions **/ - -body, p, div, h1, h2, h3, textarea { - font-family: "Lucida Grande", Helvetica, sans-serif; - font-size: 8.8pt; - color: #333; -} - -body { - background-color: white; - margin: 0; -} - -h1 { - color: #1F519A; - font-size: 1.7em; - font-weight: normal; - margin-top: 0; - margin-bottom: 1em; -} - -.noscript { - display: none; -} - -.hint, .username { - color: #999; -} - - |