summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--CHANGELOG430
-rw-r--r--README9
-rw-r--r--bin/dumpschema.php101
-rwxr-xr-xbin/makedoc.sh34
-rw-r--r--index.php2
-rw-r--r--plugins/autologon/autologon.php44
-rw-r--r--plugins/debug_logger/debug_logger.php146
-rw-r--r--plugins/debug_logger/runlog/runlog.php227
-rw-r--r--plugins/example_addressbook/example_addressbook.php42
-rw-r--r--plugins/example_addressbook/example_addressbook_backend.php72
-rw-r--r--plugins/userinfo/localization/de_CH.inc9
-rw-r--r--plugins/userinfo/localization/en_US.inc9
-rw-r--r--plugins/userinfo/localization/et_EE.inc9
-rw-r--r--plugins/userinfo/localization/pl_PL.inc9
-rw-r--r--plugins/userinfo/userinfo.js16
-rw-r--r--plugins/userinfo/userinfo.php53
-rwxr-xr-xprogram/include/iniset.php2
-rw-r--r--tests/mailfunc.php119
-rw-r--r--tests/modcss.php45
-rwxr-xr-xtests/runtests.sh53
-rw-r--r--tests/src/BID-26800.txt52
-rw-r--r--tests/src/htmlbody.txt51
-rw-r--r--tests/src/htmlxss.txt22
-rw-r--r--tests/src/plainbody.txt37
-rw-r--r--tests/src/valid.css30
25 files changed, 11 insertions, 1612 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 0ba685117..507098eb3 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,8 +1,9 @@
CHANGELOG RoundCube Webmail
===========================
-- Added possibility to encrypt received header, option 'http_received_header_encrypt',
- added some more logic in encrypt/decrypt functions for security
+- Using jQuery for client scripting
+- Implemented Plugin API (#1326399)
+- Moved some core functionality (temp file storage) into plugins
- Fix Answered/Forwarded flag setting for messages in subfolders
- Fix autocomplete problem with capital letters (#1485792)
- Support UUencode content encoding (#1485839)
@@ -19,8 +20,12 @@ CHANGELOG RoundCube Webmail
- Fix text wrapping in HTML editor after switching from plain text to HTML (#1485521)
- Fix auto-complete function hangs with plus sign (#1485815)
- Fix AJAX requests errors handler (#1485000)
-- Speed up message list displaying on IE
- Fix read/write database recognition (#1485811)
+- Added possibility to encrypt received header, option 'http_received_header_encrypt',
+ added some more logic in encrypt/decrypt functions for security
+
+RELEASE 0.2.2
+-------------
- Fix quicksearchbox look in Chrome and Konqueror (#1484841)
- Fix UTF-8 byte-order mark removing (#1485514)
- Fix folders subscribtions on Konqueror (#1484841)
@@ -45,7 +50,7 @@ CHANGELOG RoundCube Webmail
- Fix 'mode' parameter in sqlite DSN (#1485772)
RELEASE 0.2.1
-------------------
+-------------
- Use US-ASCII as failover when Unicode searching fails (#1485762)
- Fix errors handling in IMAP command continuations (#1485762)
- Fix FETCH result parsing for servers returning flags at the end of result (#1485763)
@@ -90,420 +95,3 @@ RELEASE 0.2.1
- Improve messages display performance
- Fix messages searching with 'to:' modifier
-RELEASE 0.2-STABLE
-------------------
-- Fix mark popup in IE 7 (#1485369)
-- Fix line-break issue when copy & paste in Firefox (#1485425)
-- Fix autocomplete "unknown server error" (#1485637)
-- Fix STARTTLS before AUTH in SMTP connection (#1484883)
-- Support multiple quota values in QUOTAROOT resonse (#1485626)
-- Only abbreviate file name for IE < 7 browsers (#1485063)
-- Performance: allow setting imap rootdir and delimiter before connect (#1485172)
-- Fix sorting of folders with more than 2 levels (#1485569)
-- Fix search results page jumps in LDAP addressbook (#1485253)
-- Fix empty line before the signature in IE (#1485351)
-- Fix horizontal scrollbar in preview pane on IE (#1484633)
-- Add Robots meta tag in login page and installer (#1484846)
-- Added 'show_images' option, removed 'addrbook_show_images' (#1485597)
-- Option to check for new mails in all folders (#1484374)
-- Don't set client busy when checking for new messages (#1485276)
-- Allow UTF-8 folder names in config (#1485579)
-- Add junk_mbox option configuration in installer (#1485579)
-- Do serverside addressbook queries for autocompletion (#1485531)
-- Allow setting attachment col position in 'list_cols' option
-- Allow override 'list_cols' via skin (#1485577)
-- Fix 'cache' table cleanup on session destroy (#1485516)
-- Increase speed of session destroy and garbage clean up
-- Fix session timeout when DB server got clock skew (#1485490)
-- Fix handling of some malformed messages (#1484438)
-- Speed up raw message body handling
-- Better HTML entities conversion in html2text (#1485519)
-- Fix big memory consumption and speed up searching on servers without SORT capability
-- Fix setting locale to tr_TR, ku and az_AZ (#1485470)
-- Use SORT for searching on servers with SORT capability
-- Added message status filter
-- Fix empty file sending (#1485389)
-- Improved searching with many criterias (calling one SEARCH command)
-- Fix HTML editor initialization on IE (#1485304)
-- Add warning when switching editor mode from html to plain (#1485488)
-- Make identities list scrollable (#1485538)
-- Fix problem with numeric folder names (#1485527)
-- Added BYE response simple support to prevent from endless loops in imap.inc (#1483956)
-- Fix unread message unintentionally marked as read if read_when_deleted=true (#1485409)
-- Remove port number from SERVER_NAME in smtp_helo_host (#1485518)
-- Don't send disposition notification receipts for messages marked as 'read' (#1485523)
-- Added 'keep_alive' and 'min_keep_alive' options (#1485360)
-- Added option 'identities_level', removed 'multiple_identities'
-- Allow deleting identities when multiple_identities=false (#1485435)
-- Added option focus_on_new_message (#1485374)
-- Fix html2text class autoloading on Windows (#1485505)
-- Fix html signature formatting when identity save error occured (#1485426)
-- Add feedback and set busy when moving folder (#1485497)
-- Fix 'Empty' link visibility for some languages e.g. Slovak (#1485489)
-- Fix messages count bar overlapping (#1485270)
-- Fix adding signature in drafts compose mode (#1485484)
-- Fix iil_C_Sort() to support very long and/or divided responses (#1485283)
-- Fix matching case sensitivity when setting identity on reply (#1485480)
-- Prefer default identity on reply
-- Fix imap searching on ISMail server (#1485466)
-- Add css class for flagged messages (#1485464)
-- Write username instead of id in sendmail log (#1485477)
-- Fix htmlspecialchars() use for PHP version < 5.2.3 (#1485475)
-- Fix js keywords escaping in json_serialize() for IE/Opera (#1485472)
-- Added bin/killcache.php script (#1485434)
-- Add support for SJIS, GB2312, BIG5 in rc_detect_encoding()
-- Fix vCard file encoding detection for non-UTF-8 strings (#1485410)
-- Add 'skip_deleted' option in User Preferences (#1485445)
-- Minimize "inline" javascript scripts use (#1485433)
-- Fix css class setting for folders with names matching defined classes names (#1485355)
-- Fix race conditions when changing mailbox
-- Fix spellchecking when switching to html editor (#1485362)
-- Fix compose window width/height (#1485396)
-- Allow calling msgimport.sh/msgexport.sh from any directory (#1485431)
-- Localized filesize units (#1485340)
-- Better handling of "no identity" and "no email in identity" situations (#1485117)
-- Added 'mime_param_folding' option with possibility to choose long/non-ascii attachment names encoding eg. to be readable in MS Outlook/OE (#1485320)
-- Added "advanced options" feature in User Preferences
-- Fix unread counter when displaying cached massage in preview panel (#1485290)
-- Fix htmleditor spellchecking on MS Windows (#1485397)
-- Fix problem with non-ascii attachment names in Mail_mime (#1485267, #1485096)
-- Fix language autodetection (#1485401)
-- Fix button label in folders management (#1485405)
-- Fix collapsed folder not indicating unread msgs count of all subfolders (#1485403)
-- Fix handling of apostrophes in filenames decoded according to rfc2231
-
-RELEASE 0.2-BETA
-----------------
-- Made config files location configurable (#1485215)
-- Reduced memory footprint when forwarding attachments (#1485345)
-- Allow and use spellcheck attribute for input/textarea fields (#1485060)
-- Added icons for forwarded/forwarded+replied messages (#1485257)
-- Added Reply-To to forwarded emails (#1485315)
-- Display progress message for folders create/delete/rename (#1485357)
-- Smart Tags and NOBR tag support in html messages (#1485363, #1485327)
-- Redesign of the identities settings (#1484042)
-- Add config option to disable creation/deletion of identities (#1484498)
-- Added 'sendmail_delay' option to restrict messages sending interval (#1484491)
-- Added vertical splitter for folders list resizing
-- Added possibility to view all headers in message view
-- Fixed splitter drag/resize on Opera (#1485170)
-- Fixed quota img height/width setting from template (#1484857)
-- Refactor drag & drop functionality. Don't rely on browser events anymore (#1484453)
-- Insert "virtual" folders in subscription list (#1484779)
-- Added link to open message in new window
-- Enable export of address book contacts as vCard
-- Add feature to import contacts from vcard files (#1326103)
-- Respect Content-Location headers in multipart/related messages according to RFC2110 (#1484946)
-- Allowed max. attachment size now indicated in compose screen (#1485030)
-- Also capture backspace key in list mode (#1484566)
-- Allow application/pgp parts to be displayed (#1484753)
-- Correctly handle options in mailto-links (#1485228)
-- Immediately save sort_col/sort_order in user prefs (#1485265)
-- Truncate very long (above 50 characters) attachment filenames when displaying
-- Allow to auto-detect client language if none set (#1484434)
-- Auto-detect the client timezone (user configurable)
-- Add RFC2231 header value continuations support for attachment filenames + hack for servers that not support that feature
-- Fix Reply-To header displaying (#1485314)
-- Mark form buttons that provide the most obvious operation (mainaction)
-- Added option 'quota_zero_as_unlimited' (#1484604)
-- Added PRE handling in html2text class (#1484740)
-- Added folder hierarchy collapsing
-- Added options to use syslog instead of log file (#1484850)
-- Added Logging & Debugging section in Installer
-- Fix In-Reply-To and References headers when composing saved draft message (#1485288)
-- Fix html message charset conversion for charsets with underline (#1485287)
-- Fix buttons status after contacts deletion (#1485233)
-- Fix escaping of To: and From: fields when building message body for reply or forward in the HTML editor (#1484904)
-- Use current mailbox name in template (#1485256)
-- Better fix for skipping untagged responses (#1485261)
-- Added pspell support patch by Kris Steinhoff (#1483960)
-- Enable spellchecker for HTML editor (#1485114)
-- Respect spellcheck_uri in tinyMCE spellchecker (#1484196)
-- Case insensitive contacts searching using PostgreSQL (#1485259)
-- Make default imap folders configurable for each user (#1485075)
-- Save outgoing mail to selectable folder (#1324581)
-- Fix hiding of mark menu when clicking th button again (#1484944)
-- Use long date format in print mode (#1485191)
-- Updated TinyMCE to version 3.1.0.1
-- Re-enable autocomplete attribute for login form (#1485211)
-- Check PERMANENTFLAGS before saving $MDNSent flag (#1484963, #1485163)
-- Added flag column on messages list (#1484623)
-- Patched Mail/MimePart.php (http://pear.php.net/bugs/bug.php?id=14232)
-- Allow trash/junk subfolders to be purged (#1485085)
-- Store compose parameters in session and redirect to a unique URL
-- Fixed CRAM-MD5 authentication (#1484819)
-- Fixed forwarding messages with one HTML attachment (#1484442)
-- Fixed encoding of message/rfc822 attachments and image/pjpeg handling (#1484914)
-- Added option to select skin in user preferences
-- Added option to configure displaying of attached images below the message body
-- Added option to display images in messages from known senders (#1484601)
-- User preferences grouped in more fieldsets
-- Fix corrupted MIME headers of messages in Sent folder (#1485111)
-- Fixed bug in MDB2 package: http://pear.php.net/bugs/bug.php?id=14124
-- Use keypress instead of keydown to select list's row (#1484816)
-- Don't call expunge and don't remove message row after message move if flag_for_deletion is set to true (#1485002)
-
-RELEASE 0.2-ALPHA
------------------
-- Added option to disable autocompletion from selected LDAP address books (#1484922)
-- TLS support in LDAP connections: 'use_tls' property (#1485104)
-- Fixed removing messages from search set after deleting them (#1485106)
-- imap.inc: Fixed iil_C_FetchStructureString() to handle many
- literal strings in response (#1484969)
-- Support for subfolders in default/protected folders (#1484665)
-- Disallowed delimiter in folder name (#1484803)
-- Support " and \ in folder names
-- Escape \ in login (#1484614)
-- Better HTML sanitization with the DOM-based washtml script (#1484701)
-- Fixed sorting of folders with non-ascii characters
-- Fixed Mysql DDL for default identities creation (#1485070)
-- In Preferences added possibility to configure 'read_when_deleted',
- 'mdn_requests', 'flag_for_deletion' options
-- Made IMAP auth type configurable (#1483825)
-- Fixed empty values with FROM_UNIXTIME() in rcube_mdb2 (#1485055)
-- Fixed attachment list on IE 6/7 (#1484807)
-- Fixed JavaScript in compose.html that shows cc/bcc fields if populated
-- Make password input fields of type password in installer (#1484886)
-- Don't attempt to delete cache entries if enable_caching is FALSE (#1485051)
-- Optimized messages sorting on servers without sort capability (#1485049)
-- Corrected message headers decoding when charset isn't specified and improved
- support for native languages (#1485050, #1485048)
-- Expanded LDAP configuration options to support LDAP server writes.
-- Installer: encode special characters in DB username/password (#1485042)
-- Fixed management of folders with national characters in names (#1485036, #1485001)
-- Fixed identities saving when using MDB2 pgsql driver (#1485032)
-- Fixed BCC header reset (#1484997)
-- Improved messages list performance - patch from Justin Heesemann
-- Append skin_path to images location only when it starts with '/' sign (#1484859)
-- Fix IMAP response in message body when message has no body (#1484964)
-- Fixed non-RFC dates formatting (#1484901)
-- Fixed typo in set_charset() (#1484991)
-- Decode entities when inserting HTML signature to plain text message (#1484990)
-- HTML editing is now working with PHP5 updates and TinyMCE v3.0.6
-- Fixed signature loading on Windows (#1484545)
-- Added language support to HTML editing (#1484862)
-- Fixed remove signature when replying (#1333167)
-- Fixed problem with line with a space at the end (#1484916)
-- Fixed <!DOCTYPE> tag filtering (#1484391)
-- Fixed <?xml> tag filtering (#1484403)
-- Added sections (fieldset+label) in Settings interface
-- Mark as read in one action with message preview (#1484972)
-- Deleted redundant quota reads (#1484972)
-- Added options for empty trash and expunge inbox on logout (#1483863)
-- Removed lines wrapping when displaying message
-- Fixed month localization
-- Changed codebase to PHP5 with autoloader
-
-RELEASE 0.1.1
--------------
-- Clear selection when selecting single item (#1484942)
-- Remove hard-coded image size in skin templates (#1484893)
-- Database schema improvements (dropped unnecessary indexes)
-- Fixed creating a new folder with a comma in its name (#1484681)
-- Fixed sorting of messages when default mailbox is empty (#1484317)
-- Improve message previewpane - less loading (#1484316)
-- Fixed login form autoompletion (#1484839)
-- Fixed virtuser_query option for mdb2 backend (#1484874)
-- Fixed attachment resoting from Drafts when message body was empty (#1484506)
-- Fixed usage of ob_gzhandler (#1484851)
-- Fixed message part window in IE6 (#1484610)
-- Fixed decoding of mime-encoded strings (#1484191)
-- Fixed some iconv/mb_string problems (#1484598)
-- Correctly quote mailbox name when using in URL (#1484313)
-- Fixed "headers already sent" errors (#1484860)
-
-RELEASE 0.1-STABLE
-------------------
-- Added interactive installer script
-- Fix folder adding/renaming inspired by #1484800
-- Localize folder name in page title (#1484785)
-- Fix code using wrong variable name (#1484018)
-- Allow to send mail with BCC recipients only
-- condense TinyMCE toolbar down to one line, removing table buttons (#1484747)
-- Add function to mark the selected messages as read/unread (#1457360)
-- Also do charset decoding as suggested in RFC 2231 (fix #1484321)
-- Show message count in folder list and hint when creating a subfolder
-- Distinguish ssl and tls for imap connections (#1484667)
-- Added some charset aliases to fix typical mis-labelling (#1484565)
-- Remember decision to display images for a certain message during session (#1484754)
-- Truncate attachment filenames to 55 characters due to an IE bug (#1484757)
-- Make sending of read receipts configurable
-- Respect config when localize folder names (#1484707)
-- Also respect receipt and priority settings when re-opening a draft message
-- Remember search results (closes #1483883), patch by the_glu
-- Add Received header on outgoing mail
-- Upgrade to TinyMCE 2.1.3
-- Allow inserting image attachments into HTML messages while composing (#1484557)
-- Implement Message-Disposition-Notification (Receipts)
-- Fix overriding of session vars when register_globals is on (#1484670)
-- Fix bug with case-sensitive folder names (#1484245)
-- Don't create default folders by default
-- Fixed some potential security risks (audited by Andris)
-- Only show new messages if they match the current search (#1484176)
-- Switch to/from when searcing in Sent folder (#1484555)
-- Correctly read the References header (#1484646)
-- Unset old cookie before sending a new value (#1484639)
-- Correctly decode attachments when downloading them (#1484645 and #1484642)
-- Suppress IE errors when clearing attachments form (#1484356)
-- Log error when login fails due to auto_create_user turned off
-- Filter linked/imported CSS files (closes #1484056)
-- Improve message compose screen (closes #1484383)
-- Select next row after removing one from list (#1484387)
-
-RELEASE 0.1-RC2
----------------
-- Enable drag-&-dropping of folders to a new parent and allow to create subfolders (#1457344)
-- Suppress IE errors when clearing attachments form (#1484356)
-- Set preferences field in user table to NULL (#1484386)
-- Log error when login fails due to auto_create_user turned off
-- Filter linked/imported CSS files (closes #1484056)
-- Improve message compose screen (closes #1484383)
-- Select next row after removing one from list (#1484387)
-- Make smtp HELO/EHLO hostname configurable (#1484067)
-- IPv6 Compatability (#1484322), Patch #1484373
-- Unlock interface when message sending fails (#1484570)
-- Eval PHP code in template includes (if configured)
-- Show message when folder is empty. Mo more static text in table (#1484395)
-- Only display unread count in page title when new messages arrived
-- Fixed wrong delete button tooltip (#1483965)
-- Fixed charset encoding bug (#1484429)
-- Applied patch for LDAP version (#1484552)
-- Improved XHTML validation
-- Fix message list selection (#1484550)
-- Better fix lowercased usernames (#1484473)
-- Update pngbehavior Script as suggested in #1484490
-- Fixed moving/deleting messages when more than 1 is selected
-- Applied patch for LDAP contacts listing by Glen Ogilvie
-- Applied patch for more address fields in LDAP contacts (#1484402)
-- Add alternative for getallheaders() (fix #1484508)
-- Identify mailboxes case-sensitive
-- Sort mailbox list case-insensitive (closes #1484338)
-- Fix display of multipart messages from Apple Mail (closes #1484027)
-- Protect AJAX request from being fetched by a foreign site (XSS)
-- Make autocomplete for loginform configurable by the skin template
-- Fix compose function from address book (closes #1484426)
-- Added //IGNORE to iconv call (patch #1484420, closes #1484023)
-- Check if mbstring supports charset (#1484290 and #1484292)
-- Prefer iconv over mbstring (as suggested in #1484292)
-- Check filesize of template includes (#1484409)
-- Fixed bug with buttons not dimming/enabling properly after switching folders
-- Fixed compose window becoming unresponsive after saving a draft (#1484487)
-- Re-enabled "Back" button in compose window now that bug #1484487 is fixed
-- Fixed unresponsive interface issue when downloading attachments (#1484496)
-- Lowered status message time from 5 to 3 seconds to improve responsiveness
-- Raised .htaccess upload_max_filesize from 2M to 5M to differ from default php.ini
-- Increased "mailboxcontrols" mail.css width from 160 to 170px to fix non-english languages (#1484499)
-- Fix status message bug #1484464 with regard to #1484353
-- Fix address adding bug reported by David Koblas
-- Applied socket error patch by Thomas Mangin
-- Pass-by-reference workarround for PHP5 in sendmail.inc
-- Fixed buggy imap_root settings (closes #1484379)
-- Prevent default events on subject links (#1484399)
-- Use HTTP-POST requests for actions that change state
-
-RELEASE 0.1-RC1
----------------
-- Use global filters and bind username/ for Ldap searches (#1484159)
-- Hide quota display if imap server does not support it
-- Hide address groups if no LDAP servers configured
-- Add link to message subjects (closes #1484257)
-- Better SQL query for contact listing/search (closes #1484369)
-- Fixed marking as read in preview pane (closes #1484364)
-- CSS hack to display attachments correctly in IE6
-- Wrap message body text (closes #1484148)
-- LDAP access is back in address book (closes #1484087)
-- Added search function for contacts
-- New Template parsing and output encoding
-- Fixed bugs #1484119 and #1483978
-- Fixed message moving procedure (closes #1484308)
-- Fixed display of multiple attachments (closes #1466563)
-- Fixed check for new messages (closes #1484310)
-- List attachments without filename
-- New session authentication: Change sessid cookie when login, authentication with sessauth cookie is now configurable.
- Should close bugs #1483951 and #1484299
-- Correctly translate mailbox names (closes #1484276)
-- Quote e-mail address links (closes #1484300)
-- Updated PEAR::Mail_mime package
-- Accept single quotes for HTML attributes when modifying message body (thanks Jason)
-- Sanitize input for new users/identities (thanks Colin Alston)
-- Don't download HTML message parts
-- Convert HTML parts to plaintext if 'prefer_html' is off
-- Correctly parse message/rfc822 parts (closes #1484045)
-- Also use user_id for unique key in messages table (closes #1484074)
-- Hide contacts drop down on blur (closes #1484203)
-- Make entries in contacts drop down clickable
-- Turn off browser autocompletion on login page
-- Quote <? in text/html message parts
-- Hide border around radio buttons
-- Applied patch for attachment download by crichardson (closes #1484198)
-- Fixed bug in Postgres DB handling (closes #1484068)
-- Fixed bug of invalid calls to fetchRow() in rcube_db.inc (closes #1484280)
-- Fixed array_merge bug (closes #1484281)
-- Fixed flag for deletion in list view (closes #1484264)
-- Finally support semicolons as recipient separator (closes ##1484251)
-- Fixed message headers (subject) encoding
-- check if safe mode is on or not (closes #1484269)
-- Show "no subject" in message list if subject is missing (closes #1484243)
-- Solved page caching of message preview (closes #1484153)
-- Only use gzip compression if configured (closes #1484236)
-- Fixed priority selector issue (#1484150)
-- Fixed some CSS issues in default skin (closes #1484210 and #1484161)
-- Prevent from double quoting of numeric HTML character references (closes #1484253)
-- Fixed display of HTML message attachments (closes #1484178)
-- Applied patch for preview caching (closes #1484186)
-- Added error handling for attachment uploads
-- Use multibyte safe string functions where necessary (closes #1483988)
-- Applied security patch to validate the submitted host value (by Kees Cook)
-- Applied security patch to validate input values when deleting contacts (by Kees Cook)
-- Applied security patch that sanitizes emoticon paths when attaching them (by Kees Cook)
-- Applied a patch to more aggressively sanitize a HTML message
-- Visualize blocked images in HTML messages
-- Fixed wrong message listing when showing search results (closes #1484131)
-- Show remote images when opening HTML message part as attachment
-- Improve memory usage when sending mail (closes #1484098)
-- Mark messages as read once the preview is loaded (closes #1484132)
-- Include smtp final response in log (closes #1484081)
-- Corrected date string in sent message header (closes #1484125)
-- Correclty choose "To" column in sent and draft mailboxes (closes #1483943)
-- Changed srong tooltips for message browse buttons (closes #1483930)
-- Fixed signature delimeter character to be standard (Bug #1484035)
-- Fixed XSS vulnerability (Bug #1484109)
-- Remove newlines from mail headers (Bug #1484031)
-- Selection issues when moving/deleting (Bug #1484044)
-- Applied patch of Clement Moulin for imap host auto-selection
-- ISO-encode IMAP password for plaintext login (Bugs #1483977 & #1483886)
-- Fixed folder name encoding in subscription list (Bug #1484113)
-- Fixed JS errors in identity list (Bug #1484120)
-- Translate foldernames in folder form (closes #1484113)
-- Added first and last buttons to message list, address book
- and message detail
-- Pressing Shift-Del bypasses Trash folder
-- Enable purge command for Junk folder
-- Fetch all aliases if virtuser_query is used instead
-- Re-enabled multi select of contacts (Bug #1484017)
-- Enable contact editing right after creation (Bug #1459641)
-- Correct UTF-7 to UTF-8 conversion if mbstring is not available
-- Fixed IMAP fetch of message body (Bug #1484019)
-- Fixed safe_mode problems (Bug #1418381)
-- Fixed wrong header encoding (Bug #1483976)
-- Made automatic draft saving configurable
-- Fixed JS bug when renaming folders (Bug #1483989)
-- Added quota display as image (by Brett Patterson)
-- Corrected creation of a message-id
-- New indentation for quoted message text
-- Improved HTML validity
-- Fixed URL character set (Ticket #1445501)
-- Fixed saving of contact into MySQL from LDAP query results (Ticket #1483820)
-- Fixed folder renaming: unsubscribe before rename (Bug #1483920)
-- Finalized new message parsing (+ chaching)
-- Fixed wrong usage of mbstring (Bug #1462439)
-- Set default spelling language (Ticket #1483938)
-- Added support for Nox Spell Server
-- Re-built message parsing (Bug #1327068)
- Now based on the message structure delivered by the IMAP server.
-- Fixed some XSS and SQL injection issues
-- Fixed charset problems with folder renaming
-
-
-
-
diff --git a/README b/README
index b40ab0fdd..7a0e2ede5 100644
--- a/README
+++ b/README
@@ -1,15 +1,6 @@
RoundCube Webmail (http://roundcube.net)
-ATTENTION
----------
-This is just a snapshot of the current SVN repository and is NOT A STABLE
-version of RoundCube. Unlike the latest release this version requires PHP 5
-and does not work on a webserver with PHP 4. It's not recommended to
-replace an existing installation of RoundCube with this version. Also using
-a separate database for this installation is highly recommended.
-
-
Introduction:
-------------
RoundCube Webmail is a browser-based multilingual IMAP client with an
diff --git a/bin/dumpschema.php b/bin/dumpschema.php
deleted file mode 100644
index b9a76e419..000000000
--- a/bin/dumpschema.php
+++ /dev/null
@@ -1,101 +0,0 @@
-#!/usr/bin/env php
-<?php
-/*
-
- +-----------------------------------------------------------------------+
- | bin/dumpschema.php |
- | |
- | This file is part of the RoundCube Webmail client |
- | Copyright (C) 2005-2009, RoundCube Dev. - Switzerland |
- | Licensed under the GNU GPL |
- | |
- | PURPOSE: |
- | Dumps database schema in XML format using MDB2_Schema |
- | |
- +-----------------------------------------------------------------------+
- | Author: Thomas Bruederli <roundcube@gmail.com> |
- +-----------------------------------------------------------------------+
-
- $Id$
-
-*/
-
-if (php_sapi_name() != 'cli') {
- die('Not on the "shell" (php-cli).');
-}
-
-define('INSTALL_PATH', realpath(dirname(__FILE__) . '/..') . '/' );
-require INSTALL_PATH.'program/include/iniset.php';
-
-/** callback function for schema dump **/
-function print_schema($dump)
-{
- foreach ((array)$dump as $part)
- echo $dump . "\n";
-}
-
-$config = new rcube_config();
-
-// don't allow public access if not in devel_mode
-if (!$config->get('devel_mode') && $_SERVER['REMOTE_ADDR']) {
- header("HTTP/1.0 401 Access denied");
- die("Access denied!");
-}
-
-$options = array(
- 'use_transactions' => false,
- 'log_line_break' => "\n",
- 'idxname_format' => '%s',
- 'debug' => false,
- 'quote_identifier' => true,
- 'force_defaults' => false,
- 'portability' => false,
-);
-
-$dsnw = $config->get('db_dsnw');
-$dsn_array = MDB2::parseDSN($dsnw);
-
-// set options for postgres databases
-if ($dsn_array['phptype'] == 'pgsql') {
- $options['disable_smart_seqname'] = true;
- $options['seqname_format'] = '%s';
-}
-
-$schema =& MDB2_Schema::factory($dsnw, $options);
-$schema->db->supported['transactions'] = false;
-
-
-// send as text/xml when opened in browser
-if ($_SERVER['REMOTE_ADDR'])
- header('Content-Type: text/xml');
-
-
-if (PEAR::isError($schema)) {
- $error = $schema->getMessage() . ' ' . $schema->getUserInfo();
-}
-else {
- $dump_config = array(
- // 'output_mode' => 'file',
- 'output' => 'print_schema',
- );
-
- $definition = $schema->getDefinitionFromDatabase();
- $definition['charset'] = 'utf8';
-
- if (PEAR::isError($definition)) {
- $error = $definition->getMessage() . ' ' . $definition->getUserInfo();
- }
- else {
- $operation = $schema->dumpDatabase($definition, $dump_config, MDB2_SCHEMA_DUMP_STRUCTURE);
- if (PEAR::isError($operation)) {
- $error = $operation->getMessage() . ' ' . $operation->getUserInfo();
- }
- }
-}
-
-$schema->disconnect();
-
-if ($error && !$_SERVER['REMOTE_ADDR'])
- fputs(STDERR, $error);
-
-?>
diff --git a/bin/makedoc.sh b/bin/makedoc.sh
deleted file mode 100755
index 26757c0a7..000000000
--- a/bin/makedoc.sh
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/usr/bin/env bash
-
-if [ -z "$SSH_TTY" ]
-then
- if [ -z "$DEV_TTY" ]
- then
- echo "Not on the shell."
- exit 1
- fi
-fi
-
-TITLE="RoundCube Classes"
-PACKAGES="Core"
-
-INSTALL_PATH="`dirname $0`/.."
-PATH_PROJECT=$INSTALL_PATH/program/include
-PATH_DOCS=$INSTALL_PATH/doc/phpdoc
-BIN_PHPDOC="`/usr/bin/which phpdoc`"
-
-if [ ! -x "$BIN_PHPDOC" ]
-then
- echo "phpdoc not found: $BIN_PHPDOC"
- exit 1
-fi
-
-OUTPUTFORMAT=HTML
-CONVERTER=frames
-TEMPLATE=earthli
-PRIVATE=off
-
-# make documentation
-$BIN_PHPDOC -d $PATH_PROJECT -t $PATH_DOCS -ti "$TITLE" -dn $PACKAGES \
--o $OUTPUTFORMAT:$CONVERTER:$TEMPLATE -pp $PRIVATE
-
diff --git a/index.php b/index.php
index 721aefc7c..088346074 100644
--- a/index.php
+++ b/index.php
@@ -2,7 +2,7 @@
/*
+-------------------------------------------------------------------------+
| RoundCube Webmail IMAP Client |
- | Version 0.3-20090419 |
+ | Version 0.3-beta |
| |
| Copyright (C) 2005-2009, RoundCube Dev. - Switzerland |
| |
diff --git a/plugins/autologon/autologon.php b/plugins/autologon/autologon.php
deleted file mode 100644
index c40f2d4eb..000000000
--- a/plugins/autologon/autologon.php
+++ /dev/null
@@ -1,44 +0,0 @@
-<?php
-
-/**
- * Sample plugin to try out some hooks.
- * This performs an automatic login if accessed from localhost
- */
-class autologon extends rcube_plugin
-{
-
- function init()
- {
- $this->add_hook('startup', array($this, 'startup'));
- $this->add_hook('authenticate', array($this, 'authenticate'));
- }
-
- function startup($args)
- {
- $rcmail = rcmail::get_instance();
-
- // change action to login
- if ($args['task'] == 'mail' && empty($args['action']) && empty($_SESSION['user_id']) && !empty($_GET['_autologin']) && $this->is_localhost())
- $args['action'] = 'login';
-
- return $args;
- }
-
- function authenticate($args)
- {
- if (!empty($_GET['_autologin']) && $this->is_localhost()) {
- $args['user'] = 'me';
- $args['pass'] = '******';
- $args['host'] = 'localhost';
- }
-
- return $args;
- }
-
- function is_localhost()
- {
- return $_SERVER['REMOTE_ADDR'] == '::1' || $_SERVER['REMOTE_ADDR'] == '127.0.0.1';
- }
-
-}
-
diff --git a/plugins/debug_logger/debug_logger.php b/plugins/debug_logger/debug_logger.php
deleted file mode 100644
index 8cd335187..000000000
--- a/plugins/debug_logger/debug_logger.php
+++ /dev/null
@@ -1,146 +0,0 @@
-<?php
-
-/**
- * Debug Logger
- *
- * Enhanced logging for debugging purposes. It is not recommened
- * to be enabled on production systems without testing because of
- * the somewhat increased memory, cpu and disk i/o overhead.
- *
- * Debug Logger listens for existing console("message") calls and
- * introduces start and end tags as well as free form tagging
- * which can redirect messages to files. The resulting log files
- * provide timing and tag quantity results.
- *
- * Enable the plugin in config/main.inc.php and add your desired
- * log types and files.
- *
- * @version 1.0
- * @author Ziba Scott
- * @website http://roundcube.net
- *
- * Example:
- *
- * config/main.inc.php:
- *
- * // $rcmail_config['debug_logger'][type of logging] = name of file in log_dir
- * // The 'master' log includes timing information
- * $rcmail_config['debug_logger']['master'] = 'master';
- * // If you want sql messages to also go into a separate file
- * $rcmail_config['debug_logger']['sql'] = 'sql';
- *
- * index.php (just after $RCMAIL->plugins->init()):
- *
- * console("my test","start");
- * console("my message");
- * console("my sql calls","start");
- * console("cp -r * /dev/null","shell exec");
- * console("select * from example","sql");
- * console("select * from example","sql");
- * console("select * from example","sql");
- * console("end");
- * console("end");
- *
- *
- * logs/master (after reloading the main page):
- *
- * [17-Feb-2009 16:51:37 -0500] start: Task: mail.
- * [17-Feb-2009 16:51:37 -0500] start: my test
- * [17-Feb-2009 16:51:37 -0500] my message
- * [17-Feb-2009 16:51:37 -0500] shell exec: cp -r * /dev/null
- * [17-Feb-2009 16:51:37 -0500] start: my sql calls
- * [17-Feb-2009 16:51:37 -0500] sql: select * from example
- * [17-Feb-2009 16:51:37 -0500] sql: select * from example
- * [17-Feb-2009 16:51:37 -0500] sql: select * from example
- * [17-Feb-2009 16:51:37 -0500] end: my sql calls - 0.0018 seconds shell exec: 1, sql: 3,
- * [17-Feb-2009 16:51:37 -0500] end: my test - 0.0055 seconds shell exec: 1, sql: 3,
- * [17-Feb-2009 16:51:38 -0500] end: Task: mail. - 0.8854 seconds shell exec: 1, sql: 3,
- *
- * logs/sql (after reloading the main page):
- *
- * [17-Feb-2009 16:51:37 -0500] sql: select * from example
- * [17-Feb-2009 16:51:37 -0500] sql: select * from example
- * [17-Feb-2009 16:51:37 -0500] sql: select * from example
- */
-class debug_logger extends rcube_plugin
-{
- function init()
- {
- require_once(dirname(__FILE__).'/runlog/runlog.php');
- $this->runlog = new runlog();
-
- if(!rcmail::get_instance()->config->get('log_dir')){
- rcmail::get_instance()->config->set('log_dir',INSTALL_PATH.'logs');
- }
-
- $log_config = rcmail::get_instance()->config->get('debug_logger',array());
-
- foreach($log_config as $type=>$file){
- $this->runlog->set_file(rcmail::get_instance()->config->get('log_dir').'/'.$file, $type);
- }
-
- $start_string = "";
- $action = rcmail::get_instance()->action;
- $task = rcmail::get_instance()->task;
- if($action){
- $start_string .= "Action: ".$action.". ";
- }
- if($task){
- $start_string .= "Task: ".$task.". ";
- }
- $this->runlog->start($start_string);
-
- $this->add_hook('console', array($this, 'console'));
- $this->add_hook('authenticate', array($this, 'authenticate'));
- }
-
- function authenticate($args){
- $this->runlog->note('Authenticating '.$args['user'].'@'.$args['host']);
- return $args;
- }
-
- function console($args){
- $note = $args[0];
- $type = $args[1];
-
-
- if(!isset($args[1])){
- // This could be extended to detect types based on the
- // file which called console. For now only rcube_imap.inc is supported
- $bt = debug_backtrace(true);
- $file = $bt[3]['file'];
- switch(basename($file)){
- case 'rcube_imap.php':
- $type = 'imap';
- break;
- default:
- $type = FALSE;
- break;
- }
- }
- switch($note){
- case 'end':
- $type = 'end';
- break;
- }
-
-
- switch($type){
- case 'start':
- $this->runlog->start($note);
- break;
- case 'end':
- $this->runlog->end();
- break;
- default:
- $this->runlog->note($note, $type);
- break;
- }
- return $args;
- }
-
- function __destruct(){
- $this->runlog->end();
- }
-}
-?>
diff --git a/plugins/debug_logger/runlog/runlog.php b/plugins/debug_logger/runlog/runlog.php
deleted file mode 100644
index c9f672615..000000000
--- a/plugins/debug_logger/runlog/runlog.php
+++ /dev/null
@@ -1,227 +0,0 @@
-<?php
-
-/**
- * runlog
- *
- * @author Ziba Scott <ziba@umich.edu>
- */
-class runlog {
-
- private $start_time = FALSE;
-
- private $parent_stack = array();
-
- public $print_to_console = FALSE;
-
- private $file_handles = array();
-
- private $indent = 0;
-
- public $threshold = 0;
-
- public $tag_count = array();
-
- public $timestamp = "d-M-Y H:i:s O";
-
- public $max_line_size = 150;
-
- private $run_log = array();
-
- function runlog()
- {
- $this->start_time = microtime( TRUE );
- }
-
- public function start( $name, $tag = FALSE )
- {
- $this->run_log[] = array( 'type' => 'start',
- 'tag' => $tag,
- 'index' => count($this->run_log),
- 'value' => $name,
- 'time' => microtime( TRUE ),
- 'parents' => $this->parent_stack,
- 'ended' => false,
- );
- $this->parent_stack[] = $name;
-
- $this->print_to_console("start: ".$name, $tag, 'start');
- $this->print_to_file("start: ".$name, $tag, 'start');
- $this->indent++;
- }
-
- public function end()
- {
- $name = array_pop( $this->parent_stack );
- foreach ( $this->run_log as $k => $entry ) {
- if ( $entry['value'] == $name && $entry['type'] == 'start' && $entry['ended'] == false) {
- $lastk = $k;
- }
- }
- $start = $this->run_log[$lastk]['time'];
- $this->run_log[$lastk]['duration'] = microtime( TRUE ) - $start;
- $this->run_log[$lastk]['ended'] = true;
-
- $this->run_log[] = array( 'type' => 'end',
- 'tag' => $this->run_log[$lastk]['tag'],
- 'index' => $lastk,
- 'value' => $name,
- 'time' => microtime( TRUE ),
- 'duration' => microtime( TRUE ) - $start,
- 'parents' => $this->parent_stack,
- );
- $this->indent--;
- if($this->run_log[$lastk]['duration'] >= $this->threshold){
- $tag_report = "";
- foreach($this->tag_count as $tag=>$count){
- $tag_report .= "$tag: $count, ";
- }
- if(!empty($tag_report)){
-// $tag_report = "\n$tag_report\n";
- }
- $end_txt = sprintf("end: $name - %0.4f seconds $tag_report", $this->run_log[$lastk]['duration'] );
- $this->print_to_console($end_txt, $this->run_log[$lastk]['tag'] , 'end');
- $this->print_to_file($end_txt, $this->run_log[$lastk]['tag'], 'end');
- }
- }
-
- public function increase_tag_count($tag){
- if(!isset($this->tag_count[$tag])){
- $this->tag_count[$tag] = 0;
- }
- $this->tag_count[$tag]++;
- }
-
- public function get_text(){
- $text = "";
- foreach($this->run_log as $entry){
- $text .= str_repeat(" ",count($entry['parents']));
- if($entry['tag'] != 'text'){
- $text .= $entry['tag'].': ';
- }
- $text .= $entry['value'];
-
- if($entry['tag'] == 'end'){
- $text .= sprintf(" - %0.4f seconds", $entry['duration'] );
- }
-
- $text .= "\n";
- }
- return $text;
- }
-
- public function set_file($filename, $tag = 'master'){
- if(!isset($this->file_handle[$tag])){
- $this->file_handles[$tag] = fopen($filename, 'a');
- if(!$this->file_handles[$tag]){
- trigger_error('Could not open file for writing: '.$filename);
- }
- }
- }
-
- public function note( $msg, $tag = FALSE )
- {
- if($tag){
- $this->increase_tag_count($tag);
- }
- if ( is_array( $msg )) {
- $msg = '<pre>' . print_r( $msg, TRUE ) . '</pre>';
- }
- $this->debug_messages[] = $msg;
- $this->run_log[] = array( 'type' => 'note',
- 'tag' => $tag ? $tag:"text",
- 'value' => htmlentities($msg),
- 'time' => microtime( TRUE ),
- 'parents' => $this->parent_stack,
- );
-
- $this->print_to_file($msg, $tag);
- $this->print_to_console($msg, $tag);
-
- }
-
- public function print_to_file($msg, $tag = FALSE, $type = FALSE){
- if(!$tag){
- $file_handle_tag = 'master';
- }
- else{
- $file_handle_tag = $tag;
- }
- if($file_handle_tag != 'master' && isset($this->file_handles[$file_handle_tag])){
- $buffer = $this->get_indent();
- $buffer .= "$msg\n";
- if(!empty($this->timestamp)){
- $buffer = sprintf("[%s] %s",date($this->timestamp, mktime()), $buffer);
- }
- fwrite($this->file_handles[$file_handle_tag], wordwrap($buffer, $this->max_line_size, "\n "));
- }
- if(isset($this->file_handles['master']) && $this->file_handles['master']){
- $buffer = $this->get_indent();
- if($tag){
- $buffer .= "$tag: ";
- }
- $msg = str_replace("\n","",$msg);
- $buffer .= "$msg";
- if(!empty($this->timestamp)){
- $buffer = sprintf("[%s] %s",date($this->timestamp, mktime()), $buffer);
- }
- if(strlen($buffer) > $this->max_line_size){
- $buffer = substr($buffer,0,$this->max_line_size - 3)."...";
- }
- fwrite($this->file_handles['master'], $buffer."\n");
- }
- }
-
- public function print_to_console($msg, $tag=FALSE){
- if($this->print_to_console){
- if(is_array($this->print_to_console)){
- if(in_array($tag, $this->print_to_console)){
- echo $this->get_indent();
- if($tag){
- echo "$tag: ";
- }
- echo "$msg\n";
- }
- }
- else{
- echo $this->get_indent();
- if($tag){
- echo "$tag: ";
- }
- echo "$msg\n";
- }
- }
- }
-
- public function print_totals(){
- $totals = array();
- foreach ( $this->run_log as $k => $entry ) {
- if ( $entry['type'] == 'start' && $entry['ended'] == true) {
- $totals[$entry['value']]['duration'] += $entry['duration'];
- $totals[$entry['value']]['count'] += 1;
- }
- }
- if($this->file_handle){
- foreach($totals as $name=>$details){
- fwrite($this->file_handle,$name.": ".number_format($details['duration'],4)."sec, ".$details['count']." calls \n");
- }
- }
- }
-
- private function get_indent(){
- $buf = "";
- for($i = 0; $i < $this->indent; $i++){
- $buf .= " ";
- }
- return $buf;
- }
-
-
- function __destruct(){
- foreach($this->file_handles as $handle){
- fclose($handle);
- }
- }
-
-}
-
-?>
diff --git a/plugins/example_addressbook/example_addressbook.php b/plugins/example_addressbook/example_addressbook.php
deleted file mode 100644
index 081efcb13..000000000
--- a/plugins/example_addressbook/example_addressbook.php
+++ /dev/null
@@ -1,42 +0,0 @@
-<?php
-
-/**
- * Sample plugin to add a new address book
- * with just a static list of contacts
- */
-class example_addressbook extends rcube_plugin
-{
- private $abook_id = 'static';
-
- public function init()
- {
- $this->add_hook('address_sources', array($this, 'address_sources'));
- $this->add_hook('get_address_book', array($this, 'get_address_book'));
-
- // use this address book for autocompletion queries
- // (maybe this should be configurable by the user?)
- $config = rcmail::get_instance()->config;
- $sources = $config->get('autocomplete_addressbooks', array('sql'));
- if (!in_array($this->abook_id, $sources)) {
- $sources[] = $this->abook_id;
- $config->set('autocomplete_addressbooks', $sources);
- }
- }
-
- public function address_sources($p)
- {
- $p['sources'][$this->abook_id] = array('id' => $this->abook_id, 'name' => 'Static List', 'readonly' => true);
- return $p;
- }
-
- public function get_address_book($p)
- {
- if ($p['id'] == $this->abook_id) {
- require_once(dirname(__FILE__) . '/example_addressbook_backend.php');
- $p['instance'] = new example_addressbook_backend;
- }
-
- return $p;
- }
-
-}
diff --git a/plugins/example_addressbook/example_addressbook_backend.php b/plugins/example_addressbook/example_addressbook_backend.php
deleted file mode 100644
index ad6b89d67..000000000
--- a/plugins/example_addressbook/example_addressbook_backend.php
+++ /dev/null
@@ -1,72 +0,0 @@
-<?php
-
-/**
- * Example backend class for a custom address book
- *
- * This one just holds a static list of address records
- *
- * @author Thomas Bruederli
- */
-class example_addressbook_backend extends rcube_addressbook
-{
- public $primary_key = 'ID';
- public $readonly = true;
-
- private $filter;
- private $result;
-
- public function __construct()
- {
- $this->ready = true;
- }
-
- public function set_search_set($filter)
- {
- $this->filter = $filter;
- }
-
- public function get_search_set()
- {
- return $this->filter;
- }
-
- public function reset()
- {
- $this->result = null;
- $this->filter = null;
- }
-
- public function list_records($cols=null, $subset=0)
- {
- $this->result = $this->count();
- $this->result->add(array('ID' => '111', 'name' => "Example Contact", 'firstname' => "Example", 'surname' => "Contact", 'email' => "example@roundcube.net"));
-
- return $this->result;
- }
-
- public function search($fields, $value, $strict=false, $select=true)
- {
- // no search implemented, just list all records
- return $this->list_records();
- }
-
- public function count()
- {
- return new rcube_result_set(1, ($this->list_page-1) * $this->page_size);
- }
-
- public function get_result()
- {
- return $this->result;
- }
-
- public function get_record($id, $assoc=false)
- {
- $this->list_records();
- $first = $this->result->first();
- $sql_arr = $first['ID'] == $id ? $first : null;
-
- return $assoc && $sql_arr ? $sql_arr : $this->result;
- }
-
-}
diff --git a/plugins/userinfo/localization/de_CH.inc b/plugins/userinfo/localization/de_CH.inc
deleted file mode 100644
index 5f236b66c..000000000
--- a/plugins/userinfo/localization/de_CH.inc
+++ /dev/null
@@ -1,9 +0,0 @@
-<?php
-
-$labels = array();
-$labels['userinfo'] = 'Benutzerinfo';
-$labels['created'] = 'Erstellt';
-$labels['lastlogin'] = 'Letztes Login';
-$labels['defaultidentity'] = 'Standard-Absender';
-
-?> \ No newline at end of file
diff --git a/plugins/userinfo/localization/en_US.inc b/plugins/userinfo/localization/en_US.inc
deleted file mode 100644
index 1a2fd9016..000000000
--- a/plugins/userinfo/localization/en_US.inc
+++ /dev/null
@@ -1,9 +0,0 @@
-<?php
-
-$labels = array();
-$labels['userinfo'] = 'User info';
-$labels['created'] = 'Created';
-$labels['lastlogin'] = 'Last Login';
-$labels['defaultidentity'] = 'Default Identity';
-
-?> \ No newline at end of file
diff --git a/plugins/userinfo/localization/et_EE.inc b/plugins/userinfo/localization/et_EE.inc
deleted file mode 100644
index 97830b45c..000000000
--- a/plugins/userinfo/localization/et_EE.inc
+++ /dev/null
@@ -1,9 +0,0 @@
-<?php
-
-$labels = array();
-$labels['userinfo'] = 'Kasutaja info';
-$labels['created'] = 'Loodud';
-$labels['lastlogin'] = 'Viimane logimine';
-$labels['defaultidentity'] = 'Vaikeidentiteet';
-
-?>
diff --git a/plugins/userinfo/localization/pl_PL.inc b/plugins/userinfo/localization/pl_PL.inc
deleted file mode 100644
index 6b03c32e7..000000000
--- a/plugins/userinfo/localization/pl_PL.inc
+++ /dev/null
@@ -1,9 +0,0 @@
-<?php
-
-$labels = array();
-$labels['userinfo'] = 'Informacje';
-$labels['created'] = 'Utworzony';
-$labels['lastlogin'] = 'Ostatnie logowanie';
-$labels['defaultidentity'] = 'Domyślna tożsamość';
-
-?>
diff --git a/plugins/userinfo/userinfo.js b/plugins/userinfo/userinfo.js
deleted file mode 100644
index 70a5085b3..000000000
--- a/plugins/userinfo/userinfo.js
+++ /dev/null
@@ -1,16 +0,0 @@
-/* Show user-info plugin script */
-
-if (window.rcmail) {
- rcmail.addEventListener('init', function(evt) {
- // <span id="settingstabdefault" class="tablink"><roundcube:button command="preferences" type="link" label="preferences" title="editpreferences" /></span>
- var tab = $('<span>').attr('id', 'settingstabpluginuserinfo').addClass('tablink');
-
- var button = $('<a>').attr('href', rcmail.env.comm_path+'&_action=plugin.userinfo').html(rcmail.gettext('userinfo', 'userinfo')).appendTo(tab);
- button.bind('click', function(e){ return rcmail.command('plugin.userinfo', this) });
-
- // add button and register command
- rcmail.add_element(tab, 'tabs');
- rcmail.register_command('plugin.userinfo', function(){ rcmail.goto_url('plugin.userinfo') }, true);
- })
-}
-
diff --git a/plugins/userinfo/userinfo.php b/plugins/userinfo/userinfo.php
deleted file mode 100644
index 0f1b18cd9..000000000
--- a/plugins/userinfo/userinfo.php
+++ /dev/null
@@ -1,53 +0,0 @@
-<?php
-
-/**
- * Sample plugin that adds a new tab to the settings section
- * to display some information about the current user
- */
-class userinfo extends rcube_plugin
-{
- public $task = 'settings';
-
- function init()
- {
- $this->add_texts('localization/', array('userinfo'));
- $this->register_action('plugin.userinfo', array($this, 'infostep'));
- $this->include_script('userinfo.js');
- }
-
- function infostep()
- {
- $this->register_handler('plugin.body', array($this, 'infohtml'));
- rcmail::get_instance()->output->send('plugin');
- }
-
- function infohtml()
- {
- $rcmail = rcmail::get_instance();
- $user = $rcmail->user;
-
- $table = new html_table(array('cols' => 2, 'cellpadding' => 3));
-
- $table->add('title', 'ID');
- $table->add('', Q($user->ID));
-
- $table->add('title', Q($this->gettext('username')));
- $table->add('', Q($user->data['username']));
-
- $table->add('title', Q($this->gettext('server')));
- $table->add('', Q($user->data['mail_host']));
-
- $table->add('title', Q($this->gettext('created')));
- $table->add('', Q($user->data['created']));
-
- $table->add('title', Q($this->gettext('lastlogin')));
- $table->add('', Q($user->data['last_login']));
-
- $identity = $user->get_identity();
- $table->add('title', Q($this->gettext('defaultidentity')));
- $table->add('', Q($identity['name'] . ' <' . $identity['email'] . '>'));
-
- return html::tag('h4', null, Q('Infos for ' . $user->get_username())) . $table->show();
- }
-
-} \ No newline at end of file
diff --git a/program/include/iniset.php b/program/include/iniset.php
index eef1ec537..512e03bf5 100755
--- a/program/include/iniset.php
+++ b/program/include/iniset.php
@@ -22,7 +22,7 @@
// application constants
-define('RCMAIL_VERSION', '0.3-trunk');
+define('RCMAIL_VERSION', '0.3-beta');
define('RCMAIL_CHARSET', 'UTF-8');
define('JS_OBJECT_NAME', 'rcmail');
diff --git a/tests/mailfunc.php b/tests/mailfunc.php
deleted file mode 100644
index ae35c5d77..000000000
--- a/tests/mailfunc.php
+++ /dev/null
@@ -1,119 +0,0 @@
-<?php
-
-/**
- * Test class to test steps/mail/func.inc functions
- *
- * @package Tests
- */
-class rcube_test_mailfunc extends UnitTestCase
-{
-
- function __construct()
- {
- $this->UnitTestCase('Mail body rendering tests');
-
- // simulate environment to successfully include func.inc
- $GLOBALS['RCMAIL'] = $RCMAIL = rcmail::get_instance();
- $GLOBALS['OUTPUT'] = $OUTPUT = $RCMAIL->load_gui();
- $RCMAIL->action = 'spell';
- $IMAP = $RCMAIL->imap;
-
- require_once 'steps/mail/func.inc';
-
- $GLOBALS['EMAIL_ADDRESS_PATTERN'] = $EMAIL_ADDRESS_PATTERN;
- }
-
- /**
- * Helper method to create a HTML message part object
- */
- function get_html_part($body)
- {
- $part = new rcube_message_part;
- $part->ctype_primary = 'text';
- $part->ctype_secondary = 'html';
- $part->body = file_get_contents(TESTS_DIR . $body);
- $part->replaces = array();
- return $part;
- }
-
- /**
- * Test sanitization of a "normal" html message
- */
- function test_html()
- {
- $part = $this->get_html_part('src/htmlbody.txt');
- $part->replaces = array('ex1.jpg' => 'part_1.2.jpg', 'ex2.jpg' => 'part_1.2.jpg');
-
- // render HTML in normal mode
- $html = rcmail_html4inline(rcmail_print_body($part, array('safe' => false)), 'foo');
-
- $this->assertPattern('/src="'.$part->replaces['ex1.jpg'].'"/', $html, "Replace reference to inline image");
- $this->assertPattern('#background="./program/blocked.gif"#', $html, "Replace external background image");
- $this->assertNoPattern('/ex3.jpg/', $html, "No references to external images");
- $this->assertNoPattern('/<meta [^>]+>/', $html, "No meta tags allowed");
- $this->assertNoPattern('/<style [^>]+>/', $html, "No style tags allowed");
- $this->assertNoPattern('/<form [^>]+>/', $html, "No form tags allowed");
- $this->assertPattern('/Subscription form/', $html, "Include <form> contents");
- $this->assertPattern('/<!-- input not allowed -->/', $html, "No input elements allowed");
- $this->assertPattern('/<!-- link not allowed -->/', $html, "No external links allowed");
- $this->assertPattern('/<a[^>]+ target="_blank">/', $html, "Set target to _blank");
- $this->assertTrue($GLOBALS['REMOTE_OBJECTS'], "Remote object detected");
-
- // render HTML in safe mode
- $html2 = rcmail_html4inline(rcmail_print_body($part, array('safe' => true)), 'foo');
-
- $this->assertPattern('/<style [^>]+>/', $html2, "Allow styles in safe mode");
- $this->assertPattern('#src="http://evilsite.net/mailings/ex3.jpg"#', $html2, "Allow external images in HTML (safe mode)");
- $this->assertPattern("#url\('http://evilsite.net/newsletter/image/bg/bg-64.jpg'\)#", $html2, "Allow external images in CSS (safe mode)");
-
- $css = '<link rel="stylesheet" type="text/css" href="./bin/modcss.php?u='.urlencode('http://anysite.net/styles/mail.css').'&amp;c=foo"';
- $this->assertPattern('#'.preg_quote($css).'#', $html2, "Filter external styleseehts with bin/modcss.php");
- }
-
- /**
- * Test the elimination of some trivial XSS vulnerabilities
- */
- function test_html_xss()
- {
- $part = $this->get_html_part('src/htmlxss.txt');
- $washed = rcmail_print_body($part, array('safe' => true));
-
- $this->assertNoPattern('/src="skins/', $washed, "Remove local references");
- $this->assertNoPattern('/\son[a-z]+/', $washed, "Remove on* attributes");
-
- $html = rcmail_html4inline($washed, 'foo');
- $this->assertNoPattern('/onclick="return rcmail.command(\'compose\',\'xss@somehost.net\',this)"/', $html, "Clean mailto links");
- $this->assertNoPattern('/alert/', $html, "Remove alerts");
- }
-
- /**
- * Test HTML sanitization to fix the CSS Expression Input Validation Vulnerability
- * reported at http://www.securityfocus.com/bid/26800/
- */
- function test_html_xss2()
- {
- $part = $this->get_html_part('src/BID-26800.txt');
- $washed = rcmail_print_body($part, array('safe' => true));
-
- $this->assertNoPattern('/alert|expression|javascript|xss/', $washed, "Remove evil style blocks");
- $this->assertNoPattern('/font-style:italic/', $washed, "Allow valid styles");
- }
-
- /**
- * Test links pattern replacements in plaintext messages
- */
- function test_plaintext()
- {
- $part = new rcube_message_part;
- $part->ctype_primary = 'text';
- $part->ctype_secondary = 'plain';
- $part->body = quoted_printable_decode(file_get_contents(TESTS_DIR . 'src/plainbody.txt'));
- $html = rcmail_print_body($part, array('safe' => true));
-
- $this->assertPattern('/<a href="mailto:nobody@roundcube.net" onclick="return rcmail.command\(\'compose\',\'nobody@roundcube.net\',this\)">nobody@roundcube.net<\/a>/', $html, "Mailto links with onclick");
- $this->assertPattern('#<a href="http://www.apple.com/legal/privacy/" target="_blank">http://www.apple.com/legal/privacy/</a>#', $html, "Links with target=_blank");
- }
-
-}
-
-?> \ No newline at end of file
diff --git a/tests/modcss.php b/tests/modcss.php
deleted file mode 100644
index f9271ff65..000000000
--- a/tests/modcss.php
+++ /dev/null
@@ -1,45 +0,0 @@
-<?php
-
-/**
- * Test class to test rcmail_mod_css_styles and XSS vulnerabilites
- *
- * @package Tests
- */
-class rcube_test_modcss extends UnitTestCase
-{
-
- function __construct()
- {
- $this->UnitTestCase('CSS modification and vulnerability tests');
- }
-
- function test_modcss()
- {
- $css = file_get_contents(TESTS_DIR . 'src/valid.css');
- $mod = rcmail_mod_css_styles($css, 'rcmbody');
-
- $this->assertPattern('/#rcmbody div.rcmBody\s+\{/', $mod, "Replace body style definition");
- $this->assertPattern('/#rcmbody h1\s\{/', $mod, "Prefix tag styles (single)");
- $this->assertPattern('/#rcmbody h1, #rcmbody h2, #rcmbody h3, #rcmbody textarea\s+\{/', $mod, "Prefix tag styles (multiple)");
- $this->assertPattern('/#rcmbody \.noscript\s+\{/', $mod, "Prefix class styles");
- }
-
- function test_xss()
- {
- $mod = rcmail_mod_css_styles("body.main2cols { background-image: url('../images/leftcol.png'); }", 'rcmbody');
- $this->assertEqual("/* evil! */", $mod, "No url() values allowed");
-
- $mod = rcmail_mod_css_styles("@import url('http://localhost/somestuff/css/master.css');", 'rcmbody');
- $this->assertEqual("/* evil! */", $mod, "No import statements");
-
- $mod = rcmail_mod_css_styles("left:expression(document.body.offsetWidth-20)", 'rcmbody');
- $this->assertEqual("/* evil! */", $mod, "No expression properties");
-
- $mod = rcmail_mod_css_styles("left:exp/* */ression( alert(&#039;xss3&#039;) )", 'rcmbody');
- $this->assertEqual("/* evil! */", $mod, "Don't allow encoding quirks");
-
- $mod = rcmail_mod_css_styles("background:\\0075\\0072\\006c( javascript:alert(&#039;xss&#039;) )", 'rcmbody');
- $this->assertEqual("/* evil! */", $mod, "Don't allow encoding quirks (2)");
- }
-
-} \ No newline at end of file
diff --git a/tests/runtests.sh b/tests/runtests.sh
deleted file mode 100755
index 04a9a3745..000000000
--- a/tests/runtests.sh
+++ /dev/null
@@ -1,53 +0,0 @@
-#!/usr/bin/env php
-<?php
-
-/*
- +-----------------------------------------------------------------------+
- | tests/runtests.sh |
- | |
- | This file is part of the RoundCube Webmail client |
- | Copyright (C) 2009, RoundCube Dev. - Switzerland |
- | Licensed under the GNU GPL |
- | |
- | PURPOSE: |
- | Run-script for unit tests based on http://simpletest.org |
- | All .php files in this folder will be treated as tests |
- +-----------------------------------------------------------------------+
- | Author: Thomas Bruederli <roundcube@gmail.com> |
- +-----------------------------------------------------------------------+
-
- $Id: $
-
-*/
-
-if (php_sapi_name() != 'cli')
- die("Not in shell mode (php-cli)");
-
-if (!defined('SIMPLETEST')) define('SIMPLETEST', '/www/simpletest/');
-if (!defined('INSTALL_PATH')) define('INSTALL_PATH', realpath(dirname(__FILE__) . '/..') . '/' );
-
-define('TESTS_DIR', dirname(__FILE__) . '/');
-
-require_once(SIMPLETEST . 'unit_tester.php');
-require_once(SIMPLETEST . 'reporter.php');
-require_once(INSTALL_PATH . 'program/include/iniset.php');
-
-if (count($_SERVER['argv']) > 1) {
- $testfiles = array();
- for ($i=1; $i < count($_SERVER['argv']); $i++)
- $testfiles[] = realpath('./' . $_SERVER['argv'][$i]);
-}
-else {
- $testfiles = glob(TESTS_DIR . '*.php');
-}
-
-$test = new TestSuite('RoundCube unit tests');
-$reporter = new TextReporter();
-
-foreach ($testfiles as $fn) {
- $test->addTestFile($fn);
-}
-
-$test->run($reporter);
-
-?> \ No newline at end of file
diff --git a/tests/src/BID-26800.txt b/tests/src/BID-26800.txt
deleted file mode 100644
index 513516c09..000000000
--- a/tests/src/BID-26800.txt
+++ /dev/null
@@ -1,52 +0,0 @@
-<html>
-<head>
-</head>
-<body>
-<h1>1 test</h1>
-<p>&lt;style&gt; block</p>
-<style>input { left:expression( alert(&#039;expression!&#039;) ) }</style>
-<style>div { background:url(alert(&#039;URL!&#039;) ) }</style>
-
-<h1>2 test</h1>
-<p>&lt;div&gt; block</p>
-<div style="font-style:italic">valid css</div>
-<div style="{ left:expression( alert(&#039;expression!&#039;) ) }">
-<div style="{ background:url( alert(&#039;URL!&#039;) ) }">
-
-<h1>3 test</h1>
-<p>Inject comment text</p>
-<div style="{ left:exp/* */ression( alert(&#039;xss3&#039;) ) }">
-<div style="{ background:u/* */rl( alert(&#039;xssurl3&#039;) ) }">
-
-<h1>4 test</h1>
-<p>Using reverse solid to directe the codepoint</p>
-<div style="{ left:\0065\0078pression( alert(&#039;xss4&#039;) ) }">
-<div style="{ background:\0075rl( alert(&#039;xssurl4&#039;) ) }">
-
-<h1>5 test</h1>
-<p>Character entity references</p>
-<p>Character entity references is acceptable in "inline styles"</p>
-<div style="{ left:&#x0065;xpression( alert(&#039;xss&#039;) ) }">
-<div style="{ left:&#101;xpression( alert(&#039;xss&#039;) ) }">
-<div style="{ background:&#x0075;rl( alert(&#039;URL!&#039;) ) }">
-<div style="{ background:&#117;rl( alert(&#039;URL!&#039;) ) }">
-<div style="{ left:&#x0065xpression( alert(&#039;xss&#039;) ) }">
-
-<div style="{ left:..p.....o.( alert(&#039;xss&#039;) ) }">
-<div style="{ left:..&#x2f;**/pression( alert(&#039;xss&#039;) ) }">
-<div style="{ left:exp&#x0280;essio&#x0274;( alert(&#039;xss&#039;) ) }">
-<div style="{ left:&#x5c;0065&#x5c;0078pression( alert(&#039;xss&#039;) ) }">
-<div style="{ left:ex p ression( alert(&#039;xss&#039;) ) }">
-
-<div style="{ background:...( javascript:alert(&#039;xss&#039;) ) }">
-<div style="{ background:&#x0075;/**/rl( javascript:alert(&#039;xss&#039;) ) }">
-<div style="{ background:\0075\0072\006c( javascript:alert(&#039;xss&#039;) ) }">
-<div style="{ background:u&#x0280;&#x029F;( javascript:alert(&#039;xss&#039;) )
-}">
-<div style="{ background:&#x5c;0075&#x5c;0280l( javascript:alert(&#039;xss&#039;)
-) }">
-<div style="{ background:u r l( javascript:alert(&#039;xss&#039;) ) }">
-
-</body>
-</html>
-
diff --git a/tests/src/htmlbody.txt b/tests/src/htmlbody.txt
deleted file mode 100644
index a10bfe10e..000000000
--- a/tests/src/htmlbody.txt
+++ /dev/null
@@ -1,51 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<html>
-<head>
-<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
-<title>RoundCube Test Message</title>
-<link rel="stylesheet" type="text/css" href="http://anysite.net/styles/mail.css">
-<style type="text/css">
-
-p, a {
- font-family: Arial, 'Bitstream Vera Sans', Helvetica;
- margin-top: 0px;
- margin-bottom: 0px;
- padding-top: 0px;
- padding-bottom: 0px;
-}
-
-</style>
-</head>
-<body style="margin: 0 0 0 0;">
-
-<table width="100%" cellpadding="0" cellspacing="20" style="background-image:url(http://evilsite.net/newsletter/image/bg/bg-64.jpg);background-attachment:fixed;" background="http://evilsite.net/newsletter/image/bg/bg-64.jpg" border="0">
-<tr>
-<td>
-
-<h1>This is a HTML message</h1>
-
-<p>See nice pictures like the following:</p>
-
-<div>
- <img src="ex1.jpg" width="320" height="320" alt="Example 1">
- <img src="ex2.jpg" width="320" height="320" alt="Example 2">
- <img src="http://evilsite.net/mailings/ex3.jpg" width="320" height="320" alt="Example 3">
-</div>
-
-<form action="http://evilsite.net/subscribe.php">
- <p>Subscription form</p>
-
- E-Mail: <input type="text" name="mail" value=""><br/>
- <input type="submit" value="Subscribe">
-
-</form>
-
-<p>To unsubscribe click here <a href="http://evilsite.net/unsubscribe.php?mail=foo@bar.com"> or
- send a mail to <a href="mailto:unsubscribe@evilsite.net">unsubscribe@evilsite.net</a></p>
-
-</td>
-</tr>
-</table>
-
-</body>
-</html> \ No newline at end of file
diff --git a/tests/src/htmlxss.txt b/tests/src/htmlxss.txt
deleted file mode 100644
index f6c43e353..000000000
--- a/tests/src/htmlxss.txt
+++ /dev/null
@@ -1,22 +0,0 @@
-<html>
-<body>
-
-<p><img onLoad.="alert(document.cookie)" src="skins/default/images/roundcube_logo.png" /></p>
-
-<p><a href="mailto:xss@somehost.net') && alert(document.cookie) || ignore('">mail me!</a>
-<a href="http://roundcube.net" target="_self">roundcube.net</a>
-<a href="http://roundcube.net" \onmouseover="alert('XSS')">roundcube.net (2)</a>
-
-</p>
-
-<div>Brilliant!</div>
-
-<table><tbody><tr><td background="javascript:alert('XSS')">BBBBBB</td></tr></tbody></table>
-
-<p>
-Have a nice Christmas time.<br />
-Thomas
-</p>
-
-</body>
-</html>
diff --git a/tests/src/plainbody.txt b/tests/src/plainbody.txt
deleted file mode 100644
index 7ebfe429b..000000000
--- a/tests/src/plainbody.txt
+++ /dev/null
@@ -1,37 +0,0 @@
-From: iPhone Developer Program <noreply-iphonedev@apple.com>
-To: nobody@roundcube.net
-
-*iPhone Developer Program*
-
------------------------------------
-iPhone SDK 2.2.1 is now available
-https://daw.apple.com/cgi-bin/WebObjects/DSAuthWeb.woa/wa/login?appIdKey=3D=
-D635F5C417E087A3B9864DAC5D25920C4E9442C9339FA9277951628F0291F620&path=3D//i=
-phone/login.action
-
-Log in to the iPhone Dev Center to download iPhone SDK for iPhone OS 2.2.1.=
- Installation of iPhone SDK 2.2.1 is required for development with devices =
-updated to iPhone OS 2.2.1. Please view the Read Me before installing the n=
-ew version of the iPhone SDK.
-
-Log in now
-https://daw.apple.com/cgi-bin/WebObjects/DSAuthWeb.woa/wa/login?appIdKey=3D=
-D635F5C417E087A3B9864DAC5D25920C4E9442C9339FA9277951628F0291F620&path=3D//i=
-phone/login.action
-
------------------------------------
-Copyright (c) 2009 Apple Inc. 1 Infinite Loop, MS 303-3DM, Cupertino, CA 95=
-014.
-
-All Rights Reserved
-http://www.apple.com/legal/default.html
-
-Keep Informed
-http://www.apple.com/enews/subscribe/
-
-Privacy Policy
-http://www.apple.com/legal/privacy/
-
-My Info
-https://myinfo.apple.com/cgi-bin/WebObjects/MyInfo
-
diff --git a/tests/src/valid.css b/tests/src/valid.css
deleted file mode 100644
index 340fa9a87..000000000
--- a/tests/src/valid.css
+++ /dev/null
@@ -1,30 +0,0 @@
-/** Master style definitions **/
-
-body, p, div, h1, h2, h3, textarea {
- font-family: "Lucida Grande", Helvetica, sans-serif;
- font-size: 8.8pt;
- color: #333;
-}
-
-body {
- background-color: white;
- margin: 0;
-}
-
-h1 {
- color: #1F519A;
- font-size: 1.7em;
- font-weight: normal;
- margin-top: 0;
- margin-bottom: 1em;
-}
-
-.noscript {
- display: none;
-}
-
-.hint, .username {
- color: #999;
-}
-
-