diff options
| author | thomascube <thomas@roundcube.net> | 2007-08-10 08:27:40 +0000 |
|---|---|---|
| committer | thomascube <thomas@roundcube.net> | 2007-08-10 08:27:40 +0000 |
| commit | 719a257f0c8fd750a4984ed56273dc653565729e (patch) | |
| tree | 2707636618edff63d691180a99a48cbdda350703 /program/include | |
| parent | 4b9efbb9f49911b17bde2d46b86df825e987101e (diff) | |
Some bugfixes, security issues + minor improvements
Diffstat (limited to 'program/include')
| -rw-r--r-- | program/include/main.inc | 3 | ||||
| -rw-r--r-- | program/include/rcmail_template.inc | 4 | ||||
| -rw-r--r-- | program/include/rcube_imap.inc | 23 |
3 files changed, 13 insertions, 17 deletions
diff --git a/program/include/main.inc b/program/include/main.inc index aa1de9754..4b8aa68d5 100644 --- a/program/include/main.inc +++ b/program/include/main.inc @@ -234,6 +234,9 @@ function rcmail_authenticate_session() // check session filetime if (!empty($CONFIG['session_lifetime']) && isset($SESS_CHANGED) && $SESS_CHANGED + $CONFIG['session_lifetime']*60 < time()) $valid = false; + + if (!$valid) + write_log('timeouts', $_SESSION + array('SESS_CLIENT_IP' => $SESS_CLIENT_IP, 'SESS_CHANGED' => $SESS_CHANGED, 'COOKIE' => $_COOKIE)); return $valid; } diff --git a/program/include/rcmail_template.inc b/program/include/rcmail_template.inc index d158a019c..6057f2af3 100644 --- a/program/include/rcmail_template.inc +++ b/program/include/rcmail_template.inc @@ -745,8 +745,8 @@ function rcmail_login_form($attrib) $labels['pass'] = rcube_label('password'); $labels['host'] = rcube_label('server'); - $input_user = new textfield(array('name' => '_user', 'id' => 'rcmloginuser', 'size' => 30, 'autocomplete' => 'off')); - $input_pass = new passwordfield(array('name' => '_pass', 'id' => 'rcmloginpwd', 'size' => 30)); + $input_user = new textfield(array('name' => '_user', 'id' => 'rcmloginuser', 'size' => 30) + $attrib); + $input_pass = new passwordfield(array('name' => '_pass', 'id' => 'rcmloginpwd', 'size' => 30) + $attrib); $input_action = new hiddenfield(array('name' => '_action', 'value' => 'login')); $fields = array(); diff --git a/program/include/rcube_imap.inc b/program/include/rcube_imap.inc index 0cfda1573..eddbad91b 100644 --- a/program/include/rcube_imap.inc +++ b/program/include/rcube_imap.inc @@ -1374,7 +1374,7 @@ class rcube_imap // make sure mailbox exists if (!in_array($to_mbox, $this->_list_mailboxes())) { - if (in_array(strtolower($to_mbox), $this->default_folders)) + if (in_array($to_mbox, $this->default_folders)) $this->create_mailbox($to_mbox, TRUE); else return FALSE; @@ -1658,11 +1658,11 @@ class rcube_imap $abs_name = $this->_mod_mailbox($name); $a_mailbox_cache = $this->get_cache('mailboxes'); - if (strlen($abs_name) && (!is_array($a_mailbox_cache) || !in_array_nocase($abs_name, $a_mailbox_cache))) + if (strlen($abs_name) && (!is_array($a_mailbox_cache) || !in_array($abs_name, $a_mailbox_cache))) $result = iil_C_CreateFolder($this->conn, $abs_name); // try to subscribe it - if ($subscribe) + if ($result && $subscribe) $this->subscribe($name); return $result ? $name : FALSE; @@ -1768,17 +1768,10 @@ class rcube_imap foreach ($this->default_folders as $folder) { $abs_name = $this->_mod_mailbox($folder); - if (!in_array_nocase($abs_name, $a_subscribed)) - { - if (!in_array_nocase($abs_name, $a_folders)) - $this->create_mailbox($folder, TRUE); - else - $this->subscribe($folder); - } - else if (!in_array_nocase($abs_name, $a_folders)) - { - $this->create_mailbox($folder, FALSE); - } + if (!in_array_nocase($abs_name, $a_folders)) + $this->create_mailbox($folder, TRUE); + else if (!in_array_nocase($abs_name, $a_subscribed)) + $this->subscribe($folder); } } @@ -2433,7 +2426,7 @@ class rcube_imap $a_out[] = $folder; } - sort($a_out); + natcasesort($a_out); ksort($a_defaults); return array_merge($a_defaults, $a_out); |