summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--CHANGELOG2
-rw-r--r--INSTALL1
-rwxr-xr-xprogram/include/iniset.php1
-rw-r--r--program/include/rcmail.php4
-rw-r--r--program/include/rcube_imap.php3
-rw-r--r--program/include/rcube_ldap.php92
-rw-r--r--program/include/rcube_session.php2
-rw-r--r--program/js/googiespell.js6
-rw-r--r--program/lib/MDB2/Driver/Datatype/Common.php6
-rw-r--r--program/lib/PEAR.php2
-rw-r--r--program/steps/mail/func.inc2
11 files changed, 81 insertions, 40 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 30479b352..78537ec0b 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,8 @@
CHANGELOG Roundcube Webmail
===========================
+- Fix locked folder rename option on servers supporting RFC2086 only (#1488089)
+- Fix encoding of LDAP contacts identifiers (#1488079)
- Fix session race conditions when composing new messages
- jQuery 1.6.4
- Fix handling of binary attachments encoded with quoted-printable (#1488065)
diff --git a/INSTALL b/INSTALL
index 14bf27b94..7fe3a76cc 100644
--- a/INSTALL
+++ b/INSTALL
@@ -29,6 +29,7 @@ REQUIREMENTS
- zend.ze1_compatibility_mode disabled
- suhosin.session.encrypt disabled
- mbstring.func_overload disabled
+ - magic_quotes_runtime disabled
* PHP compiled with OpenSSL to connect to IMAPS and to use the spell checker
* A MySQL (4.0.8 or newer), PostgreSQL, MSSQL database engine
or the SQLite extension for PHP
diff --git a/program/include/iniset.php b/program/include/iniset.php
index 63f04c850..5b1b7f7c0 100755
--- a/program/include/iniset.php
+++ b/program/include/iniset.php
@@ -28,6 +28,7 @@ $crit_opts = array(
'suhosin.session.encrypt' => 0,
'session.auto_start' => 0,
'file_uploads' => 1,
+ 'magic_quotes_runtime' => 0,
);
foreach ($crit_opts as $optname => $optval) {
if ($optval != ini_get($optname)) {
diff --git a/program/include/rcmail.php b/program/include/rcmail.php
index 03b536b3e..48c709e9f 100644
--- a/program/include/rcmail.php
+++ b/program/include/rcmail.php
@@ -855,6 +855,10 @@ class rcmail
else if ($config['auto_create_user']) {
if ($created = rcube_user::create($username, $host)) {
$user = $created;
+
+ // fix default settings according to namespace prefix
+ $this->fix_namespace_settings($user);
+
// create default folders on first login
if ($config['create_default_folders'])
$this->imap->create_default_folders();
diff --git a/program/include/rcube_imap.php b/program/include/rcube_imap.php
index 1d258f1e1..7147c14d5 100644
--- a/program/include/rcube_imap.php
+++ b/program/include/rcube_imap.php
@@ -3575,7 +3575,8 @@ class rcube_imap
}
if (!empty($options['rights'])) {
- $options['norename'] = !in_array('x', $options['rights']);
+ $options['norename'] = !in_array('x', $options['rights']) && !in_array('d', $options['rights']);
+
if (!$options['noselect']) {
$options['noselect'] = !in_array('r', $options['rights']);
}
diff --git a/program/include/rcube_ldap.php b/program/include/rcube_ldap.php
index 373670ab0..48920d9fa 100644
--- a/program/include/rcube_ldap.php
+++ b/program/include/rcube_ldap.php
@@ -5,6 +5,7 @@
| |
| This file is part of the Roundcube Webmail client |
| Copyright (C) 2006-2011, The Roundcube Dev Team |
+ | Copyright (C) 2011, Kolab Systems AG |
| Licensed under the GNU GPL |
| |
| PURPOSE: |
@@ -13,6 +14,7 @@
+-----------------------------------------------------------------------+
| Author: Thomas Bruederli <roundcube@gmail.com> |
| Andreas Dick <andudi (at) gmx (dot) ch> |
+ | Aleksander Machniak <machniak@kolabsys.com> |
+-----------------------------------------------------------------------+
$Id$
@@ -185,7 +187,7 @@ class rcube_ldap extends rcube_addressbook
list($u, $d) = explode('@', $fu);
else
$d = $this->mail_domain;
-
+
$dc = 'dc='.strtr($d, array('.' => ',dc=')); // hierarchal domain string
$replaces = array('%dc' => $dc, '%d' => $d, '%fu' => $fu, '%u' => $u);
@@ -454,7 +456,7 @@ class rcube_ldap extends rcube_addressbook
$members = array();
foreach ($entries as $entry)
{
- if ($this->group_members[base64_encode($entry['dn'])])
+ if ($this->group_members[self::dn_encode($entry['dn'])])
{
$members[] = $entry;
$count++;
@@ -614,7 +616,7 @@ class rcube_ldap extends rcube_addressbook
$res = null;
if ($this->conn && $dn)
{
- $dn = base64_decode($dn);
+ $dn = self::dn_decode($dn);
$this->_debug("C: Read [dn: $dn] [(objectclass=*)]");
@@ -713,11 +715,13 @@ class rcube_ldap extends rcube_addressbook
$this->_debug("S: OK");
+ $dn = self::dn_encode($dn);
+
// add new contact to the selected group
if ($this->groups)
- $this->add_to_group($this->group_id, base64_encode($dn));
+ $this->add_to_group($this->group_id, $dn);
- return base64_encode($dn);
+ return $dn;
}
@@ -738,7 +742,7 @@ class rcube_ldap extends rcube_addressbook
$newdata = array();
$replacedata = array();
$deletedata = array();
-
+
// flatten composite fields in $record
if (is_array($record['address'])) {
foreach ($record['address'] as $i => $struct) {
@@ -776,7 +780,7 @@ class rcube_ldap extends rcube_addressbook
} // end if
} // end foreach
- $dn = base64_decode($id);
+ $dn = self::dn_decode($id);
// Update the entry as required.
if (!empty($deletedata)) {
@@ -833,17 +837,21 @@ class rcube_ldap extends rcube_addressbook
}
$this->_debug("S: OK");
+ $dn = self::dn_encode($dn);
+ $newdn = self::dn_encode($newdn);
+
// change the group membership of the contact
if ($this->groups)
{
- $group_ids = $this->get_record_groups(base64_encode($dn));
+ $group_ids = $this->get_record_groups($dn);
foreach ($group_ids as $group_id)
{
- $this->remove_from_group($group_id, base64_encode($dn));
- $this->add_to_group($group_id, base64_encode($newdn));
+ $this->remove_from_group($group_id, $dn);
+ $this->add_to_group($group_id, $newdn);
}
}
- return base64_encode($newdn);
+
+ return $newdn;
}
return true;
@@ -866,7 +874,7 @@ class rcube_ldap extends rcube_addressbook
} // end if
foreach ($ids as $id) {
- $dn = base64_decode($id);
+ $dn = self::dn_decode($id);
$this->_debug("C: Delete [dn: $dn]");
// Delete the record.
$res = ldap_delete($this->conn, $dn);
@@ -878,12 +886,11 @@ class rcube_ldap extends rcube_addressbook
$this->_debug("S: OK");
// remove contact from all groups where he was member
- if ($this->groups)
- {
- $group_ids = $this->get_record_groups(base64_encode($dn));
- foreach ($group_ids as $group_id)
- {
- $this->remove_from_group($group_id, base64_encode($dn));
+ if ($this->groups) {
+ $dn = self::dn_encode($dn);
+ $group_ids = $this->get_record_groups($dn);
+ foreach ($group_ids as $group_id) {
+ $this->remove_from_group($group_id, $dn);
}
}
} // end foreach
@@ -967,7 +974,7 @@ class rcube_ldap extends rcube_addressbook
$out = array();
if ($rec['dn'])
- $out[$this->primary_key] = base64_encode($rec['dn']);
+ $out[$this->primary_key] = self::dn_encode($rec['dn']);
foreach ($this->fieldmap as $rf => $lf)
{
@@ -1067,7 +1074,7 @@ class rcube_ldap extends rcube_addressbook
for ($i=0; $i<$cache_members["count"]; $i++)
{
if (!empty($cache_members[$i]))
- $members[base64_encode($cache_members[$i])] = 1;
+ $members[self::dn_encode($cache_members[$i])] = 1;
}
$this->group_members = $members;
$this->group_id = $group_id;
@@ -1126,7 +1133,7 @@ class rcube_ldap extends rcube_addressbook
$group_name = $ldap_data[$i]['cn'][0];
if (!$search || strstr(strtolower($group_name), strtolower($search)))
{
- $group_id = base64_encode($group_name);
+ $group_id = self::dn_encode($group_name);
$groups[$group_id]['ID'] = $group_id;
$groups[$group_id]['name'] = $group_name;
$groups[$group_id]['members'] = $ldap_data[$i]['member'];
@@ -1152,7 +1159,7 @@ class rcube_ldap extends rcube_addressbook
$base_dn = $this->groups_base_dn;
$new_dn = "cn=$group_name,$base_dn";
- $new_gid = base64_encode($group_name);
+ $new_gid = self::dn_encode($group_name);
$new_entry = array(
'objectClass' => $this->prop['groups']['object_classes'],
@@ -1222,7 +1229,7 @@ class rcube_ldap extends rcube_addressbook
$group_name = $this->group_cache[$group_id]['name'];
$old_dn = "cn=$group_name,$base_dn";
$new_rdn = "cn=$new_name";
- $new_gid = base64_encode($new_name);
+ $new_gid = self::dn_encode($new_name);
$this->_debug("C: Rename [dn: $old_dn] [dn: $new_rdn]");
@@ -1257,7 +1264,7 @@ class rcube_ldap extends rcube_addressbook
$new_attrs = array();
foreach (explode(",", $contact_ids) as $id)
- $new_attrs['member'][] = base64_decode($id);
+ $new_attrs['member'][] = self::dn_decode($id);
$this->_debug("C: Add [dn: $group_dn]: ".print_r($new_attrs, true));
@@ -1292,7 +1299,7 @@ class rcube_ldap extends rcube_addressbook
$del_attrs = array();
foreach (explode(",", $contact_ids) as $id)
- $del_attrs['member'][] = base64_decode($id);
+ $del_attrs['member'][] = self::dn_decode($id);
$this->_debug("C: Delete [dn: $group_dn]: ".print_r($del_attrs, true));
@@ -1323,7 +1330,7 @@ class rcube_ldap extends rcube_addressbook
return array();
$base_dn = $this->groups_base_dn;
- $contact_dn = base64_decode($contact_id);
+ $contact_dn = self::dn_decode($contact_id);
$filter = strtr("(member=$contact_dn)", array('\\' => '\\\\'));
$this->_debug("C: Search [$filter][dn: $base_dn]");
@@ -1342,7 +1349,7 @@ class rcube_ldap extends rcube_addressbook
for ($i=0; $i<$ldap_data["count"]; $i++)
{
$group_name = $ldap_data[$i]['cn'][0];
- $group_id = base64_encode($group_name);
+ $group_id = self::dn_encode($group_name);
$groups[$group_id] = $group_id;
}
return $groups;
@@ -1401,7 +1408,7 @@ class rcube_ldap extends rcube_addressbook
/**
* create ber encoding for sort control
*
- * @pararm array List of cols to sort by
+ * @param array List of cols to sort by
* @return string BER encoded option value
*/
private function _sort_ber_encode($sortcols)
@@ -1455,11 +1462,38 @@ class rcube_ldap extends rcube_addressbook
/**
* Returns ascii string encoded in hex
*/
- private static function _string2hex($str) {
+ private static function _string2hex($str)
+ {
$hex = '';
for ($i=0; $i < strlen($str); $i++)
$hex .= dechex(ord($str[$i]));
return $hex;
}
+ /**
+ * HTML-safe DN string encoding
+ *
+ * @param string $str DN string
+ *
+ * @return string Encoded HTML identifier string
+ */
+ static function dn_encode($str)
+ {
+ // @TODO: to make output string shorter we could probably
+ // remove dc=* items from it
+ return rtrim(strtr(base64_encode($str), '+/', '-_'), '=');
+ }
+
+ /**
+ * Decodes DN string encoded with _dn_encode()
+ *
+ * @param string $str Encoded HTML identifier string
+ *
+ * @return string DN string
+ */
+ static function dn_decode($str)
+ {
+ $str = str_pad(strtr($str, '-_', '+/'), strlen($str) % 4, '=', STR_PAD_RIGHT);
+ return base64_decode($str);
+ }
}
diff --git a/program/include/rcube_session.php b/program/include/rcube_session.php
index dbb9a9e7d..1a83a7db1 100644
--- a/program/include/rcube_session.php
+++ b/program/include/rcube_session.php
@@ -193,8 +193,6 @@ class rcube_session
*/
private function _fixvars($vars, $oldvars)
{
- $ts = microtime(true);
-
if ($oldvars !== false) {
$a_oldvars = $this->unserialize($oldvars);
if (is_array($a_oldvars)) {
diff --git a/program/js/googiespell.js b/program/js/googiespell.js
index 18ed6a2b2..de8890f5f 100644
--- a/program/js/googiespell.js
+++ b/program/js/googiespell.js
@@ -155,8 +155,8 @@ this.appendNewMenuItem = function(name, call_back_fn, checker) {
this.extra_menu_items.push([name, call_back_fn, checker]);
};
-this.appendCustomMenuBuilder = function(eval, builder) {
- this.custom_menu_builder.push([eval, builder]);
+this.appendCustomMenuBuilder = function(eval_fn, builder) {
+ this.custom_menu_builder.push([eval_fn, builder]);
};
this.setFocus = function() {
@@ -409,7 +409,7 @@ this.showErrorWindow = function(elm, id) {
var changed = false;
for (var k=0; k<this.custom_menu_builder.length; k++) {
var eb = this.custom_menu_builder[k];
- if(eb[0]((this.results[id]))){
+ if (eb[0](this.results[id])) {
changed = eb[1](this, list, elm);
break;
}
diff --git a/program/lib/MDB2/Driver/Datatype/Common.php b/program/lib/MDB2/Driver/Datatype/Common.php
index 2a815cbef..2083d7577 100644
--- a/program/lib/MDB2/Driver/Datatype/Common.php
+++ b/program/lib/MDB2/Driver/Datatype/Common.php
@@ -1379,7 +1379,7 @@ class MDB2_Driver_Datatype_Common extends MDB2_Module_Common
if (PEAR::isError($db)) {
return $db;
}
- if (isset($db->function) && is_a($db->function, 'MDB2_Driver_Function_Common')) {
+ if (isset($db->function) && is_object($db->function) && is_a($db->function, 'MDB2_Driver_Function_Common')) {
return $db->function->now('date');
}
return 'CURRENT_DATE';
@@ -1408,7 +1408,7 @@ class MDB2_Driver_Datatype_Common extends MDB2_Module_Common
if (PEAR::isError($db)) {
return $db;
}
- if (isset($db->function) && is_a($db->function, 'MDB2_Driver_Function_Common')) {
+ if (isset($db->function) && is_object($db->function) && is_a($db->function, 'MDB2_Driver_Function_Common')) {
return $db->function->now('timestamp');
}
return 'CURRENT_TIMESTAMP';
@@ -1437,7 +1437,7 @@ class MDB2_Driver_Datatype_Common extends MDB2_Module_Common
if (PEAR::isError($db)) {
return $db;
}
- if (isset($db->function) && is_a($db->function, 'MDB2_Driver_Function_Common')) {
+ if (isset($db->function) && is_object($db->function) && is_a($db->function, 'MDB2_Driver_Function_Common')) {
return $db->function->now('time');
}
return 'CURRENT_TIME';
diff --git a/program/lib/PEAR.php b/program/lib/PEAR.php
index a792d9f57..8cc715204 100644
--- a/program/lib/PEAR.php
+++ b/program/lib/PEAR.php
@@ -265,7 +265,7 @@ class PEAR
*/
function isError($data, $code = null)
{
- if (!is_a($data, 'PEAR_Error')) {
+ if (!is_object($data) || !is_a($data, 'PEAR_Error')) {
return false;
}
diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc
index 8b57c9e11..53c04780d 100644
--- a/program/steps/mail/func.inc
+++ b/program/steps/mail/func.inc
@@ -1448,7 +1448,7 @@ function rcmail_send_mdn($message, &$smtp_error)
{
global $RCMAIL, $IMAP;
- if (!is_object($message) || !is_a($message, rcube_message))
+ if (!is_object($message) || !is_a($message, 'rcube_message'))
$message = new rcube_message($message);
if ($message->headers->mdn_to && !$message->headers->mdn_sent &&