diff options
-rw-r--r-- | CHANGELOG | 1 | ||||
-rw-r--r-- | program/js/app.js | 15 | ||||
-rw-r--r-- | program/steps/addressbook/mailto.inc | 4 |
3 files changed, 9 insertions, 11 deletions
@@ -1,6 +1,7 @@ CHANGELOG Roundcube Webmail =========================== +- Fix a bug where selecting too many contacts would produce too large URI request (#1487892) - Fix relative URLs handling according to a <base> in HTML (#1487889) - Fix handling of top-level domains with more than 5 chars or unicode chars (#1487883) - Fix usage of non-standard HTTP error codes (#1487797) diff --git a/program/js/app.js b/program/js/app.js index 263355643..e83f33715 100644 --- a/program/js/app.js +++ b/program/js/app.js @@ -808,10 +808,10 @@ function rcube_webmail() case 'compose': var url = this.env.comm_path+'&_action=compose'; - if (this.task=='mail') { + if (this.task == 'mail') { url += '&_mbox='+urlencode(this.env.mailbox); - if (this.env.mailbox==this.env.drafts_mailbox) { + if (this.env.mailbox == this.env.drafts_mailbox) { var uid; if (uid = this.get_single_uid()) url += '&_draft_uid='+uid; @@ -820,7 +820,7 @@ function rcube_webmail() url += '&_to='+urlencode(props); } // modify url if we're in addressbook - else if (this.task=='addressbook') { + else if (this.task == 'addressbook') { // switch to mail compose step directly if (props && props.indexOf('@') > 0) { url = this.get_task_url('mail', url); @@ -829,25 +829,22 @@ function rcube_webmail() } // use contact_id passed as command parameter - var a_cids = []; + var n, len, a_cids = []; if (props) a_cids.push(props); // get selected contacts else if (this.contact_list) { var selection = this.contact_list.get_selection(); - for (var n=0; n<selection.length; n++) + for (n=0, len=selection.length; n<len; n++) a_cids.push(selection[n]); } if (a_cids.length) - this.http_request('mailto', '_cid='+urlencode(a_cids.join(','))+'&_source='+urlencode(this.env.source), true); + this.http_post('mailto', {_cid: a_cids.join(','), _source: this.env.source}, true); break; } - // don't know if this is necessary... - url = url.replace(/&_framed=1/, ''); - this.redirect(url); break; diff --git a/program/steps/addressbook/mailto.inc b/program/steps/addressbook/mailto.inc index 702e1a61b..e4f2801f7 100644 --- a/program/steps/addressbook/mailto.inc +++ b/program/steps/addressbook/mailto.inc @@ -19,14 +19,14 @@ */ -$cid = get_input_value('_cid', RCUBE_INPUT_GET); +$cid = get_input_value('_cid', RCUBE_INPUT_POST); $recipients = null; $mailto = array(); if ($cid && preg_match('/^[a-z0-9\+\/=_-]+(,[a-z0-9\+\/=_-]+)*$/i', $cid) && $CONTACTS->ready) { $CONTACTS->set_page(1); - $CONTACTS->set_pagesize(100); + $CONTACTS->set_pagesize(substr_count($cid, ',')+2); // +2 to skip counting query $recipients = $CONTACTS->search($CONTACTS->primary_key, $cid); while (is_object($recipients) && ($rec = $recipients->iterate())) { |