5 files changed, 35 insertions, 12 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 3ac39c3ee..e1dca5735 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,8 @@
 CHANGELOG Roundcube Webmail
 ===========================
 
+- Fix handling of unitless CSS size values in HTML message (#1488535)
+- Fix removing contact photo using LDAP addressbook (#1488420)
 - Fix storing X-ANNIVERSARY date in vCard format (#1488527)
 - Update to Mail_Mime-1.8.5 (#1488521)
 - Fix Shift + delete button does not permanently delete messages (#1488243)
diff --git a/program/include/rcube_config.php b/program/include/rcube_config.php
index 34c61c58d..1b621e0fc 100644
--- a/program/include/rcube_config.php
+++ b/program/include/rcube_config.php
@@ -71,10 +71,14 @@ class rcube_config
         $this->load_host_config();
 
         // set skin (with fallback to old 'skin_path' property)
-        if (empty($this->prop['skin']) && !empty($this->prop['skin_path']))
-            $this->prop['skin'] = str_replace('skins/', '', unslashify($this->prop['skin_path']));
-        else if (empty($this->prop['skin']))
-            $this->prop['skin'] = 'default';
+        if (empty($this->prop['skin'])) {
+            if (!empty($this->prop['skin_path'])) {
+                $this->prop['skin'] = str_replace('skins/', '', unslashify($this->prop['skin_path']));
+            }
+            else {
+                $this->prop['skin'] = 'default';
+            }
+        }
 
         // fix paths
         $this->prop['log_dir'] = $this->prop['log_dir'] ? realpath(unslashify($this->prop['log_dir'])) : INSTALL_PATH . 'logs';
diff --git a/program/include/rcube_ldap.php b/program/include/rcube_ldap.php
index f799df2bb..8f23a406b 100644
--- a/program/include/rcube_ldap.php
+++ b/program/include/rcube_ldap.php
@@ -1191,8 +1191,11 @@ class rcube_ldap extends rcube_addressbook
                     else if ($val == '') {
                         // Field supplied is empty, verify that it is not required.
                         if (!in_array($fld, $this->prop['required_fields'])) {
-                            // It is not, safe to clear.
-                            $deletedata[$fld] = $old_data[$fld];
+                            // ...It is not, safe to clear.
+                            // #1488420: Workaround "ldap_mod_del(): Modify: Inappropriate matching in..."
+                            // jpegPhoto attribute require an array() here. It looks to me that it works for other attribs too
+                            $deletedata[$fld] = array();
+                            //$deletedata[$fld] = $old_data[$fld];
                         }
                     }
                     else {
diff --git a/program/include/rcube_output_html.php b/program/include/rcube_output_html.php
index fce9615cf..7ceea1839 100644
--- a/program/include/rcube_output_html.php
+++ b/program/include/rcube_output_html.php
@@ -68,7 +68,9 @@ class rcube_output_html extends rcube_output
         $this->set_env('x_frame_options', $this->config->get('x_frame_options', 'sameorigin'));
 
         // load the correct skin (in case user-defined)
-        $this->set_skin($this->config->get('skin'));
+        $skin = $this->config->get('skin');
+        $this->set_skin($skin);
+        $this->set_env('skin', $skin);
 
         // add common javascripts
         $this->add_script('var '.rcmail::JS_OBJECT_NAME.' = new rcube_webmail();', 'head_top');
diff --git a/program/lib/washtml.php b/program/lib/washtml.php
index 6ea59f03f..c12315fec 100644
--- a/program/lib/washtml.php
+++ b/program/lib/washtml.php
@@ -76,6 +76,7 @@
  * - added RFC2397 support
  * - base URL support
  * - invalid HTML comments removal before parsing
+ * - "fixing" unitless CSS values for XHTML output
  */
 
 class washtml
@@ -157,14 +158,17 @@ class washtml
     foreach (explode(';', $style) as $declaration) {
       if (preg_match('/^\s*([a-z\-]+)\s*:\s*(.*)\s*$/i', $declaration, $match)) {
         $cssid = $match[1];
-        $str = $match[2];
+        $str   = $match[2];
         $value = '';
+
         while (sizeof($str) > 0 &&
           preg_match('/^(url\(\s*[\'"]?([^\'"\)]*)[\'"]?\s*\)'./*1,2*/
                  '|rgb\(\s*[0-9]+\s*,\s*[0-9]+\s*,\s*[0-9]+\s*\)'.
                  '|-?[0-9.]+\s*(em|ex|px|cm|mm|in|pt|pc|deg|rad|grad|ms|s|hz|khz|%)?'.
-                 '|#[0-9a-f]{3,6}|[a-z0-9", -]+'.
-                 ')\s*/i', $str, $match)) {
+                 '|#[0-9a-f]{3,6}'.
+                 '|[a-z0-9", -]+'.
+                 ')\s*/i', $str, $match)
+        ) {
           if ($match[2]) {
             if (($src = $this->config['cid_map'][$match[2]])
                 || ($src = $this->config['cid_map'][$this->config['base_url'].$match[2]])) {
@@ -180,13 +184,21 @@ class washtml
               $value .= ' url('.htmlspecialchars($match[2], ENT_QUOTES).')';
             }
           }
-          else if ($match[0] != 'url' && $match[0] != 'rgb') //whitelist ?
+          else { //whitelist ?
             $value .= ' ' . $match[0];
 
+            // #1488535: Fix size units, so width:800 would be changed to width:800px
+            if (preg_match('/(left|right|top|bottom|width|height)/i', $cssid) && preg_match('/^[0-9]+$/', $match[0])) {
+              $value .= 'px';
+            }
+          }
+
           $str = substr($str, strlen($match[0]));
         }
-        if ($value)
+
+        if (isset($value[0])) {
           $s .= ($s?' ':'') . $cssid . ':' . $value . ';';
+        }
       }
     }
     return $s;