diff options
42 files changed, 708 insertions, 449 deletions
@@ -1,10 +1,19 @@ CHANGELOG Roundcube Webmail =========================== +- Fix contact copy/add-to-group operations on search result (#1488862) +- Use matching identity in MDN response (#1488864) +- Fix unwanted horizontal scrollbar in message preview header (#1488866) +- Fix handling of signatures on draft edit (#1488798) +- Fix so compacting of non-empty folder is possible also when messages list is empty (#1488858) +- Allow forwarding of multiple emails (#1486854) +- Fix big memory consumption of DB layer (#1488856) +- Add workaround for IE<=8 bug where Content-Disposition:inline was ignored (#1488844) +- Fix XSS vulnerability in vbscript: and data:text links handling (#1488850) - Fix broken message/part bodies when FETCH response contains more untagged lines (#1488836) - Fix empty email on identities list after identity update (#1488834) - Add new identities_level: (4) one identity with possibility to edit only signature -- Use Delivered-To header as a last resort for identity selection (#1488840) +- Use Delivered-To and Envelope-To headers for identity selection (#1488840, #1488553) - Fix XSS vulnerability using Flash files (#1488828) - Fix absolute positioning in HTML messages (#1488819) - Fix cache (in)validation after setting \Deleted flag diff --git a/bin/moduserprefs.sh b/bin/moduserprefs.sh index a8fc3f655..b8ba98578 100755 --- a/bin/moduserprefs.sh +++ b/bin/moduserprefs.sh @@ -31,7 +31,7 @@ function print_usage() // get arguments -$args = rcube_utils:get_opt(array('u' => 'user', 'd' => 'delete')); +$args = rcube_utils::get_opt(array('u' => 'user', 'd' => 'delete')); if ($_SERVER['argv'][1] == 'help') { print_usage(); diff --git a/config/main.inc.php.dist b/config/main.inc.php.dist index 4805b95df..caa2ea881 100644 --- a/config/main.inc.php.dist +++ b/config/main.inc.php.dist @@ -368,9 +368,10 @@ $rcmail_config['client_mimetypes'] = null; # null == default // Set to null if the default path should be used. $rcmail_config['mime_magic'] = null; -// Path to local mime.types mapping table. +// Absolute path to a local mime.types mapping table file. // This is used to derive mime-types from the filename extension or vice versa. -// Such a file is usually part of the apache webserver. +// Such a file is usually part of the apache webserver. If you don't find a file named mime.types on your system, +// download it from http://svn.apache.org/repos/asf/httpd/httpd/trunk/docs/conf/mime.types $rcmail_config['mime_types'] = null; // path to imagemagick identify binary diff --git a/plugins/http_authentication/http_authentication.php b/plugins/http_authentication/http_authentication.php index 382613889..a94b6121a 100644 --- a/plugins/http_authentication/http_authentication.php +++ b/plugins/http_authentication/http_authentication.php @@ -38,7 +38,7 @@ class http_authentication extends rcube_plugin $args['action'] = 'login'; } // Set user password in session (see shutdown() method for more info) - else if (!empty($_SESSION['user_id']) && empty($_SESION['password'])) { + else if (!empty($_SESSION['user_id']) && empty($_SESSION['password'])) { $_SESSION['password'] = $rcmail->encrypt($_SERVER['PHP_AUTH_PW']); } } diff --git a/plugins/squirrelmail_usercopy/squirrelmail_usercopy.php b/plugins/squirrelmail_usercopy/squirrelmail_usercopy.php index bfa489ae5..7849f915e 100644 --- a/plugins/squirrelmail_usercopy/squirrelmail_usercopy.php +++ b/plugins/squirrelmail_usercopy/squirrelmail_usercopy.php @@ -179,7 +179,7 @@ class squirrelmail_usercopy extends rcube_plugin $rec['firstname'] = rcube_charset_convert(rtrim($sql_array['firstname']), $db_charset); $rec['surname'] = rcube_charset_convert(rtrim($sql_array['lastname']), $db_charset); $rec['email'] = rcube_charset_convert(rtrim($sql_array['email']), $db_charset); - $rec['note'] = rcube_charset_convert(rtrim($sql_array['label']), $db_charset); + $rec['notes'] = rcube_charset_convert(rtrim($sql_array['label']), $db_charset); if ($rec['name'] && $rec['email']) $this->abook[] = $rec; diff --git a/program/include/rcmail_output_html.php b/program/include/rcmail_output_html.php index 1290e173e..76342c245 100644 --- a/program/include/rcmail_output_html.php +++ b/program/include/rcmail_output_html.php @@ -670,7 +670,10 @@ class rcmail_output_html extends rcmail_output */ public function just_parse($input) { - return $this->parse_xml($input); + $input = $this->parse_conditions($input); + $input = $this->parse_xml($input); + + return $input; } diff --git a/program/js/app.js b/program/js/app.js index 955c77ff5..a0cf5f834 100644 --- a/program/js/app.js +++ b/program/js/app.js @@ -224,9 +224,10 @@ function rcube_webmail() this.set_button_titles(); - this.env.message_commands = ['show', 'reply', 'reply-all', 'reply-list', 'forward', - 'moveto', 'copy', 'delete', 'open', 'mark', 'edit', 'viewsource', 'download', - 'print', 'load-attachment', 'show-headers', 'hide-headers', 'forward-attachment']; + this.env.message_commands = ['show', 'reply', 'reply-all', 'reply-list', + 'moveto', 'copy', 'delete', 'open', 'mark', 'edit', 'viewsource', + 'print', 'load-attachment', 'show-headers', 'hide-headers', 'download', + 'forward', 'forward-inline', 'forward-attachment']; if (this.env.action == 'show' || this.env.action == 'preview') { this.enable_command(this.env.message_commands, this.env.uid); @@ -650,13 +651,13 @@ function rcube_webmail() break; case 'expunge': - if (this.env.messagecount) + if (this.env.exists) this.expunge_mailbox(this.env.mailbox); break; case 'purge': case 'empty-mailbox': - if (this.env.messagecount) + if (this.env.exists) this.purge_mailbox(this.env.mailbox); break; @@ -999,10 +1000,12 @@ function rcube_webmail() break; case 'forward-attachment': + case 'forward-inline': case 'forward': - if (uid = this.get_single_uid()) { - url = { _forward_uid: uid, _mbox: this.env.mailbox }; - if (command == 'forward-attachment' || (!props && this.env.forward_attachment)) + var uids = this.env.uid ? [this.env.uid] : (this.message_list ? this.message_list.get_selection() : []); + if (uids.length) { + url = { _forward_uid: this.uids_to_list(uids), _mbox: this.env.mailbox }; + if (command == 'forward-attachment' || (!props && this.env.forward_attachment) || uids.length > 1) url._attachment = 1; this.open_compose_step(url); } @@ -1383,8 +1386,8 @@ function rcube_webmail() // over the folders for (k in this.env.folder_coords) { pos = this.env.folder_coords[k]; - if (mouse.x >= pos.x1 && mouse.x < pos.x2 && mouse.y >= pos.y1 && mouse.y < pos.y2){ - if ((check = this.check_droptarget(k))) { + if (mouse.x >= pos.x1 && mouse.x < pos.x2 && mouse.y >= pos.y1 && mouse.y < pos.y2) { + if (check = this.check_droptarget(k)) { li = this.get_folder_li(k); div = $(li.getElementsByTagName('div')[0]); @@ -1398,7 +1401,8 @@ function rcube_webmail() rcmail.command('collapse-folder', rcmail.folder_auto_expand); rcmail.drag_start(null); }, 1000); - } else if (this.folder_auto_timer) { + } + else if (this.folder_auto_timer) { clearTimeout(this.folder_auto_timer); this.folder_auto_timer = null; this.folder_auto_expand = null; @@ -1408,9 +1412,10 @@ function rcube_webmail() this.env.folder_coords[k].on = 1; this.env.last_folder_target = k; layerclass = 'draglayer' + (check > 1 ? 'copy' : 'normal'); - } else { // Clear target, otherwise drag end will trigger move into last valid droptarget - this.env.last_folder_target = null; } + // Clear target, otherwise drag end will trigger move into last valid droptarget + else + this.env.last_folder_target = null; } else if (pos.on) { $(this.get_folder_li(k)).removeClass('droptarget'); @@ -1526,7 +1531,7 @@ function rcube_webmail() if (selected) { // Hide certain command buttons when Drafts folder is selected if (this.env.mailbox == this.env.drafts_mailbox) - this.enable_command('reply', 'reply-all', 'reply-list', 'forward', 'forward-attachment', false); + this.enable_command('reply', 'reply-all', 'reply-list', 'forward', 'forward-attachment', 'forward-inline', false); // Disable reply-list when List-Post header is not set else { var msg = this.env.messages[list.get_single_selection()]; @@ -1535,7 +1540,7 @@ function rcube_webmail() } } // Multi-message commands - this.enable_command('delete', 'moveto', 'copy', 'mark', (list.selection.length > 0 ? true : false)); + this.enable_command('delete', 'moveto', 'copy', 'mark', 'forward', 'forward-attachment', list.selection.length > 0); // reset all-pages-selection if (selected || (list.selection.length && list.selection.length != list.rowcount)) @@ -1637,27 +1642,31 @@ function rcube_webmail() this.check_droptarget = function(id) { - var allow = false, copy = false; - if (this.task == 'mail') - allow = (this.env.mailboxes[id] && this.env.mailboxes[id].id != this.env.mailbox && !this.env.mailboxes[id].virtual); - else if (this.task == 'settings') - allow = (id != this.env.mailbox); - else if (this.task == 'addressbook') { + return (this.env.mailboxes[id] && this.env.mailboxes[id].id != this.env.mailbox && !this.env.mailboxes[id].virtual) ? 1 : 0; + + if (this.task == 'settings') + return id != this.env.mailbox ? 1 : 0; + + if (this.task == 'addressbook') { if (id != this.env.source && this.env.contactfolders[id]) { + // droptarget is a group - contact add to group action if (this.env.contactfolders[id].type == 'group') { var target_abook = this.env.contactfolders[id].source; - allow = this.env.contactfolders[id].id != this.env.group && !this.env.contactfolders[target_abook].readonly; - copy = target_abook != this.env.source; + if (this.env.contactfolders[id].id != this.env.group && !this.env.contactfolders[target_abook].readonly) { + // search result may contain contacts from many sources + return (this.env.selection_sources.length > 1 || $.inArray(target_abook, this.env.selection_sources) == -1) ? 2 : 1; + } } - else { - allow = !this.env.contactfolders[id].readonly; - copy = true; + // droptarget is a (writable) addressbook - contact copy action + else if (!this.env.contactfolders[id].readonly) { + // search result may contain contacts from many sources + return (this.env.selection_sources.length > 1 || $.inArray(id, this.env.selection_sources) == -1) ? 2 : 0; } } } - return allow ? (copy ? 2 : 1) : 0; + return 0; }; this.open_window = function(url, width, height) @@ -2550,27 +2559,18 @@ function rcube_webmail() if (mbox && typeof mbox === 'object') mbox = mbox.id; - // exit if current or no mailbox specified or if selection is empty - if (!mbox || mbox == this.env.mailbox || (!this.env.uid && (!this.message_list || !this.message_list.get_selection().length))) + // exit if current or no mailbox specified + if (!mbox || mbox == this.env.mailbox) return; - var a_uids = [], n, selection, - lock = this.display_message(this.get_label('copyingmessage'), 'loading'), - post_data = {_mbox: this.env.mailbox, _target_mbox: mbox, _from: (this.env.action ? this.env.action : '')}; + var post_data = this.selection_post_data({_target_mbox: mbox}); - if (this.env.uid) - a_uids[0] = this.env.uid; - else { - selection = this.message_list.get_selection(); - for (n in selection) { - a_uids.push(selection[n]); - } - } - - post_data._uid = this.uids_to_list(a_uids); + // exit if selection is empty + if (!post_data._uid) + return; // send request to server - this.http_post('copy', post_data, lock); + this.http_post('copy', post_data, this.display_message(this.get_label('copyingmessage'), 'loading')); }; // move selected messages to the specified mailbox @@ -2579,12 +2579,15 @@ function rcube_webmail() if (mbox && typeof mbox === 'object') mbox = mbox.id; - // exit if current or no mailbox specified or if selection is empty - if (!mbox || mbox == this.env.mailbox || (!this.env.uid && (!this.message_list || !this.message_list.get_selection().length))) + // exit if current or no mailbox specified + if (!mbox || mbox == this.env.mailbox) return; - var lock = false, - add_post = {_target_mbox: mbox, _from: (this.env.action ? this.env.action : '')}; + var lock = false, post_data = this.selection_post_data({_target_mbox: mbox}); + + // exit if selection is empty + if (!post_data._uid) + return; // show wait message if (this.env.action == 'show') @@ -2595,7 +2598,7 @@ function rcube_webmail() // Hide message command buttons until a message is selected this.enable_command(this.env.message_commands, false); - this._with_selected_messages('moveto', lock, add_post); + this._with_selected_messages('moveto', post_data, lock); }; // delete selected messages from the current mailbox @@ -2603,7 +2606,7 @@ function rcube_webmail() { var uid, i, len, trash = this.env.trash_mailbox, list = this.message_list, - selection = list ? $.merge([], list.get_selection()) : []; + selection = list ? list.get_selection() : []; // exit if no mailbox specified or if selection is empty if (!this.env.uid && !selection.length) @@ -2622,7 +2625,6 @@ function rcube_webmail() return false; } // if there isn't a defined trash mailbox or we are in it - // @TODO: we should check if defined trash mailbox exists else if (!trash || this.env.mailbox == trash) this.permanently_remove_messages(); // we're in Junk folder and delete_junk is enabled @@ -2645,32 +2647,29 @@ function rcube_webmail() // delete the selected messages permanently this.permanently_remove_messages = function() { - // exit if no mailbox specified or if selection is empty - if (!this.env.uid && (!this.message_list || !this.message_list.get_selection().length)) + var post_data = this.selection_post_data(); + + // exit if selection is empty + if (!post_data._uid) return; this.show_contentframe(false); - this._with_selected_messages('delete', false, {_from: this.env.action ? this.env.action : ''}); + this._with_selected_messages('delete', post_data); }; // Send a specifc moveto/delete request with UIDs of all selected messages // @private - this._with_selected_messages = function(action, lock, post_data) + this._with_selected_messages = function(action, post_data, lock) { - var a_uids = [], count = 0, msg, lock; + var count = 0, msg; - if (typeof(post_data) != 'object') - post_data = {}; - - if (this.env.uid) - a_uids[0] = this.env.uid; - else { + // update the list (remove rows, clear selection) + if (this.message_list) { var n, id, root, roots = [], selection = this.message_list.get_selection(); for (n=0, len=selection.length; n<len; n++) { id = selection[n]; - a_uids.push(id); if (this.env.threading) { count += this.update_thread(id); @@ -2690,10 +2689,6 @@ function rcube_webmail() } } - // also send search request to get the right messages - if (this.env.search_request) - post_data._search = this.env.search_request; - if (this.env.display_next && this.env.next_uid) post_data._next_uid = this.env.next_uid; @@ -2703,9 +2698,6 @@ function rcube_webmail() else if (count > 0) this.delete_excessive_thread_rows(); - post_data._uid = this.uids_to_list(a_uids); - post_data._mbox = this.env.mailbox; - if (!lock) { msg = action == 'moveto' ? 'movingmessage' : 'deletingmessage'; lock = this.display_message(this.get_label(msg), 'loading'); @@ -2715,22 +2707,41 @@ function rcube_webmail() this.http_post(action, post_data, lock); }; + // build post data for message delete/move/copy/flag requests + this.selection_post_data = function(data) + { + if (typeof(data) != 'object') + data = {}; + + data._mbox = this.env.mailbox; + + if (!data._uid) { + var uids = this.env.uid ? [this.env.uid] : this.message_list.get_selection(); + data._uid = this.uids_to_list(uids); + } + + if (this.env.action) + data._from = this.env.action; + + // also send search request to get the right messages + if (this.env.search_request) + data._search = this.env.search_request; + + return data; + }; + // set a specific flag to one or more messages this.mark_message = function(flag, uid) { - var a_uids = [], r_uids = [], len, n, id, selection, + var a_uids = [], r_uids = [], len, n, id, list = this.message_list; if (uid) a_uids[0] = uid; else if (this.env.uid) a_uids[0] = this.env.uid; - else if (list) { - selection = list.get_selection(); - for (n=0, len=selection.length; n<len; n++) { - a_uids.push(selection[n]); - } - } + else if (list) + a_uids = list.get_selection(); if (!list) r_uids = a_uids; @@ -2738,12 +2749,12 @@ function rcube_webmail() list.focus(); for (n=0, len=a_uids.length; n<len; n++) { id = a_uids[n]; - if ((flag=='read' && list.rows[id].unread) - || (flag=='unread' && !list.rows[id].unread) - || (flag=='delete' && !list.rows[id].deleted) - || (flag=='undelete' && list.rows[id].deleted) - || (flag=='flagged' && !list.rows[id].flagged) - || (flag=='unflagged' && list.rows[id].flagged)) + if ((flag == 'read' && list.rows[id].unread) + || (flag == 'unread' && !list.rows[id].unread) + || (flag == 'delete' && !list.rows[id].deleted) + || (flag == 'undelete' && list.rows[id].deleted) + || (flag == 'flagged' && !list.rows[id].flagged) + || (flag == 'unflagged' && list.rows[id].flagged)) { r_uids.push(id); } @@ -2774,16 +2785,12 @@ function rcube_webmail() this.toggle_read_status = function(flag, a_uids) { var i, len = a_uids.length, - post_data = {_uid: this.uids_to_list(a_uids), _flag: flag}, + post_data = this.selection_post_data({_uid: this.uids_to_list(a_uids), _flag: flag}), lock = this.display_message(this.get_label('markingmessage'), 'loading'); // mark all message rows as read/unread for (i=0; i<len; i++) - this.set_message(a_uids[i], 'unread', (flag=='unread' ? true : false)); - - // also send search request to get the right messages - if (this.env.search_request) - post_data._search = this.env.search_request; + this.set_message(a_uids[i], 'unread', (flag == 'unread' ? true : false)); this.http_post('mark', post_data, lock); @@ -2795,16 +2802,12 @@ function rcube_webmail() this.toggle_flagged_status = function(flag, a_uids) { var i, len = a_uids.length, - post_data = {_uid: this.uids_to_list(a_uids), _flag: flag}, + post_data = this.selection_post_data({_uid: this.uids_to_list(a_uids), _flag: flag}), lock = this.display_message(this.get_label('markingmessage'), 'loading'); // mark all message rows as flagged/unflagged for (i=0; i<len; i++) - this.set_message(a_uids[i], 'flagged', (flag=='flagged' ? true : false)); - - // also send search request to get the right messages - if (this.env.search_request) - post_data._search = this.env.search_request; + this.set_message(a_uids[i], 'flagged', (flag == 'flagged' ? true : false)); this.http_post('mark', post_data, lock); }; @@ -2843,25 +2846,20 @@ function rcube_webmail() this.flag_as_undeleted = function(a_uids) { - var i, len=a_uids.length, - post_data = {_uid: this.uids_to_list(a_uids), _flag: 'undelete'}, + var i, len = a_uids.length, + post_data = this.selection_post_data({_uid: this.uids_to_list(a_uids), _flag: 'undelete'}), lock = this.display_message(this.get_label('markingmessage'), 'loading'); for (i=0; i<len; i++) this.set_message(a_uids[i], 'deleted', false); - // also send search request to get the right messages - if (this.env.search_request) - post_data._search = this.env.search_request; - this.http_post('mark', post_data, lock); - return true; }; this.flag_as_deleted = function(a_uids) { var r_uids = [], - post_data = {_uid: this.uids_to_list(a_uids), _flag: 'delete'}, + post_data = this.selection_post_data({_uid: this.uids_to_list(a_uids), _flag: 'delete'}), lock = this.display_message(this.get_label('markingmessage'), 'loading'), rows = this.message_list ? this.message_list.rows : [], count = 0; @@ -2892,9 +2890,6 @@ function rcube_webmail() this.delete_excessive_thread_rows(); } - if (this.env.action) - post_data._from = this.env.action; - // ?? if (r_uids.length) post_data._ruid = this.uids_to_list(r_uids); @@ -2902,12 +2897,7 @@ function rcube_webmail() if (this.env.skip_deleted && this.env.display_next && this.env.next_uid) post_data._next_uid = this.env.next_uid; - // also send search request to get the right messages - if (this.env.search_request) - post_data._search = this.env.search_request; - this.http_post('mark', post_data, lock); - return true; }; // flag as read without mark request (called from backend) @@ -2987,7 +2977,7 @@ function rcube_webmail() // test if purge command is allowed this.purge_mailbox_test = function() { - return (this.env.messagecount && (this.env.mailbox == this.env.trash_mailbox || this.env.mailbox == this.env.junk_mailbox + return (this.env.exists && (this.env.mailbox == this.env.trash_mailbox || this.env.mailbox == this.env.junk_mailbox || this.env.mailbox.match('^' + RegExp.escape(this.env.trash_mailbox) + RegExp.escape(this.env.delimiter)) || this.env.mailbox.match('^' + RegExp.escape(this.env.junk_mailbox) + RegExp.escape(this.env.delimiter)))); }; @@ -4098,19 +4088,24 @@ function rcube_webmail() else if (this.env.contentframe) this.show_contentframe(false); - // no source = search result, we'll need to detect if any of - // selected contacts are in writable addressbook to enable edit/delete if (list.selection.length) { + // no source = search result, we'll need to detect if any of + // selected contacts are in writable addressbook to enable edit/delete + // we'll also need to know sources used in selection for copy + // and group-addmember operations (drag&drop) + this.env.selection_sources = []; if (!source) { for (n in list.selection) { sid = String(list.selection[n]).replace(/^[^-]+-/, ''); - if (sid && this.env.address_sources[sid] && !this.env.address_sources[sid].readonly) { - writable = true; - break; + if (sid && this.env.address_sources[sid]) { + writable = writable || !this.env.address_sources[sid].readonly; + this.env.selection_sources.push(sid); } } + this.env.selection_sources = $.unique(this.env.selection_sources); } else { + this.env.selection_sources.push(this.env.source); writable = !source.readonly; } } @@ -4261,22 +4256,35 @@ function rcube_webmail() // copy a contact to the specified target (group or directory) this.copy_contact = function(cid, to) { + var n, dest = to.type == 'group' ? to.source : to.id, + source = this.env.source, + group = this.env.group ? this.env.group : ''; + if (!cid) cid = this.contact_list.get_selection().join(','); - if (to.type == 'group' && to.source == this.env.source) - this.group_member_change('add', cid, to.source, to.id); - else if (to.type == 'group' && !this.env.address_sources[to.source].readonly) { - var lock = this.display_message(this.get_label('copyingcontact'), 'loading'), - post_data = {_cid: cid, _source: this.env.source, _to: to.source, _togid: to.id, - _gid: (this.env.group ? this.env.group : '')}; + if (!cid || !this.env.address_sources[dest] || this.env.address_sources[dest].readonly) + return; - this.http_post('copy', post_data, lock); + // search result may contain contacts from many sources, but if there is only one... + if (source == '' && this.env.selection_sources.length == 1) + source = this.env.selection_sources[0]; + + // tagret is a group + if (to.type == 'group') { + if (dest == source) + this.group_member_change('add', cid, dest, to.id); + else { + var lock = this.display_message(this.get_label('copyingcontact'), 'loading'), + post_data = {_cid: cid, _source: source, _to: dest, _togid: to.id, _gid: group}; + + this.http_post('copy', post_data, lock); + } } - else if (to.id != this.env.source && cid && this.env.address_sources[to.id] && !this.env.address_sources[to.id].readonly) { + // target is an addressbook + else if (to.id != source) { var lock = this.display_message(this.get_label('copyingcontact'), 'loading'), - post_data = {_cid: cid, _source: this.env.source, _to: to.id, - _gid: (this.env.group ? this.env.group : '')}; + post_data = {_cid: cid, _source: source, _to: to.id, _gid: group}; this.http_post('copy', post_data, lock); } @@ -6244,7 +6252,7 @@ function rcube_webmail() case 'purge': case 'expunge': if (this.task == 'mail') { - if (!this.env.messagecount) { + if (!this.env.exists) { // clear preview pane content if (this.env.contentframe) this.show_contentframe(false); @@ -6264,7 +6272,8 @@ function rcube_webmail() this.env.qsearch = null; case 'list': if (this.task == 'mail') { - this.enable_command('show', 'expunge', 'select-all', 'select-none', (this.env.messagecount > 0)); + this.enable_command('show', 'select-all', 'select-none', this.env.messagecount > 0); + this.enable_command('expunge', this.env.exists); this.enable_command('purge', this.purge_mailbox_test()); this.enable_command('expand-all', 'expand-unread', 'collapse-all', this.env.threading && this.env.messagecount); diff --git a/program/lib/Roundcube/README.md b/program/lib/Roundcube/README.md new file mode 100644 index 000000000..88f2d076e --- /dev/null +++ b/program/lib/Roundcube/README.md @@ -0,0 +1,102 @@ +Roundcube Framework +=================== + +INTRODUCTION +------------ +The Roundcube Framework is the basic library used for the Roundcube Webmail +application. It is an extract of classes providing the core functionality for +an email system. They can be used individually or as package for the following +tasks: + +- IMAP mailbox access with optional caching +- MIME message handling +- Email message creation and sending through SMTP +- General caching utilities using the local database +- Database abstraction using PDO +- VCard parsing and writing + + +INSTALLATION +------------ +Copy all files of this directory to your project or install it in the default +include_path directory of your webserver. Some classes of the framework require +one or multiple of the following [PEAR][pear] libraries: + +- Mail_Mime 1.8.1 or newer +- Mail_mimeDecode 1.5.5 or newer +- Net_SMTP (latest from https://github.com/pear/Net_SMTP/) +- Net_IDNA2 0.1.1 or newer +- Auth_SASL 1.0.6 or newer + + +USAGE +----- +The Roundcube Framework provides a bootstrapping file which registers an +autoloader and sets up the environment necessary for the Roundcube classes. +In order to make use of the framework, simply include the bootstrap.php file +from this directory in your application and start using the classes by simply +instantiating them. + +If you wanna use more complex functionality like IMAP access with database +caching or plugins, the rcube singleton helps you loading the necessary files: + +```php +<?php + +define('RCUBE_CONFIG_DIR', '<path-to-config-directory>'); +define('RCUBE_PLUGINS_DIR', '<path-to-roundcube-plugins-directory'); + +require_once '<path-to-roundcube-framework/bootstrap.php'; + +$rcube = rcube::get_instance(rcube::INIT_WITH_DB | rcube::INIT_WITH_PLUGINS); +$imap = $rcube->get_storage(); + +// do cool stuff here... + +?> +``` + +LICENSE +------- +This program is free software: you can redistribute it and/or modify +it under the terms of the GNU General Public License (**with exceptions +for plugins**) as published by the Free Software Foundation, either +version 3 of the License, or (at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program. If not, see [www.gnu.org/licenses/][gpl]. + +This file forms part of the Roundcube Webmail Framework for which the +following exception is added: Plugins which merely make function calls to the +Roundcube Webmail Framework, and for that purpose include it by reference +shall not be considered modifications of the software. + +If you wish to use this file in another project or create a modified +version that will not be part of the Roundcube Webmail Framework, you +may remove the exception above and use this source code under the +original version of the license. + +For more details about licensing and the exceptions for skins and plugins +see [roundcube.net/license][license] + + +CONTACT +------- +For any bug reports or feature requests please refer to the tracking system +at [trac.roundcube.net][tracreport] or subscribe to our mailing list. +See [roundcube.net/support][support] for details. + +You're always welcome to send a message to the project admins: +hello(at)roundcube(dot)net + + +[pear]: http://pear.php.net +[gpl]: http://www.gnu.org/licenses/ +[license]: http://roundcube.net/license +[support]: http://roundcube.net/support +[tracreport]: http://trac.roundcube.net/wiki/Howto_ReportIssues
\ No newline at end of file diff --git a/program/lib/Roundcube/rcube.php b/program/lib/Roundcube/rcube.php index c3aa8ffa5..cc4905a14 100644 --- a/program/lib/Roundcube/rcube.php +++ b/program/lib/Roundcube/rcube.php @@ -36,7 +36,7 @@ class rcube /** * Singleton instace of rcube * - * @var rcmail + * @var rcube */ static protected $instance; diff --git a/program/lib/Roundcube/rcube_addressbook.php b/program/lib/Roundcube/rcube_addressbook.php index d14fc587a..ea8df700c 100644 --- a/program/lib/Roundcube/rcube_addressbook.php +++ b/program/lib/Roundcube/rcube_addressbook.php @@ -209,13 +209,13 @@ abstract class rcube_addressbook */ public function validate(&$save_data, $autofix = false) { - $rcmail = rcube::get_instance(); + $rcube = rcube::get_instance(); // check validity of email addresses foreach ($this->get_col_values('email', $save_data, true) as $email) { if (strlen($email)) { if (!rcube_utils::check_email(rcube_utils::idn_to_ascii($email))) { - $error = $rcmail->gettext(array('name' => 'emailformaterror', 'vars' => array('email' => $email))); + $error = $rcube->gettext(array('name' => 'emailformaterror', 'vars' => array('email' => $email))); $this->set_error(self::ERROR_VALIDATE, $error); return false; } diff --git a/program/lib/Roundcube/rcube_db.php b/program/lib/Roundcube/rcube_db.php index 5d8c4a534..2c471e74d 100644 --- a/program/lib/Roundcube/rcube_db.php +++ b/program/lib/Roundcube/rcube_db.php @@ -37,12 +37,11 @@ class rcube_db protected $db_mode; // Connection mode protected $dbh; // Connection handle - protected $db_error = false; - protected $db_error_msg = ''; - protected $conn_failure = false; - protected $a_query_results = array('dummy'); - protected $last_res_id = 0; - protected $db_index = 0; + protected $db_error = false; + protected $db_error_msg = ''; + protected $conn_failure = false; + protected $db_index = 0; + protected $last_result; protected $tables; protected $variables; @@ -267,14 +266,14 @@ class rcube_db /** * Getter for error state * - * @param int $res_id Optional query result identifier + * @param mixed $result Optional query result * * @return string Error message */ - public function is_error($res_id = null) + public function is_error($result = null) { - if ($res_id !== null) { - return $this->_get_result($res_id) === false ? $this->db_error_msg : null; + if ($result !== null) { + return $result === false ? $this->db_error_msg : null; } return $this->db_error ? $this->db_error_msg : null; @@ -343,7 +342,7 @@ class rcube_db * @param int Number of rows for LIMIT statement * @param mixed Values to be inserted in query * - * @return int Query handle identifier + * @return PDOStatement|bool Query handle or False on error */ public function limitquery() { @@ -363,7 +362,7 @@ class rcube_db * @param int $numrows Number of rows for LIMIT statement * @param array $params Values to be inserted in query * - * @return int Query handle identifier + * @return PDOStatement|bool Query handle or False on error */ protected function _query($query, $offset, $numrows, $params) { @@ -374,7 +373,7 @@ class rcube_db // check connection before proceeding if (!$this->is_connected()) { - return null; + return $this->last_result = false; } if ($numrows || $offset) { @@ -417,20 +416,21 @@ class rcube_db 'message' => $this->db_error_msg), true, false); } - // add result, even if it's an error - return $this->_add_result($query); + $this->last_result = $query; + + return $query; } /** * Get number of affected rows for the last query * - * @param number $res_id Optional query handle identifier + * @param mixed $result Optional query handle * * @return int Number of rows or false on failure */ - public function affected_rows($res_id = null) + public function affected_rows($result = null) { - if ($result = $this->_get_result($res_id)) { + if ($result || ($result === null && ($result = $this->last_result))) { return $result->rowCount(); } @@ -464,13 +464,12 @@ class rcube_db * Get an associative array for one row * If no query handle is specified, the last query will be taken as reference * - * @param int $res_id Optional query handle identifier + * @param mixed $result Optional query handle * * @return mixed Array with col values or false on failure */ - public function fetch_assoc($res_id = null) + public function fetch_assoc($result = null) { - $result = $this->_get_result($res_id); return $this->_fetch_row($result, PDO::FETCH_ASSOC); } @@ -478,31 +477,30 @@ class rcube_db * Get an index array for one row * If no query handle is specified, the last query will be taken as reference * - * @param int $res_id Optional query handle identifier + * @param mixed $result Optional query handle * * @return mixed Array with col values or false on failure */ - public function fetch_array($res_id = null) + public function fetch_array($result = null) { - $result = $this->_get_result($res_id); return $this->_fetch_row($result, PDO::FETCH_NUM); } /** * Get col values for a result row * - * @param PDOStatement $result Result handle - * @param int $mode Fetch mode identifier + * @param mixed $result Optional query handle + * @param int $mode Fetch mode identifier * * @return mixed Array with col values or false on failure */ protected function _fetch_row($result, $mode) { - if (!is_object($result) || !$this->is_connected()) { - return false; + if ($result || ($result === null && ($result = $this->last_result))) { + return $result->fetch($mode); } - return $result->fetch($mode); + return false; } /** @@ -538,8 +536,8 @@ class rcube_db if ($this->tables === null) { $q = $this->query('SELECT TABLE_NAME FROM INFORMATION_SCHEMA.TABLES ORDER BY TABLE_NAME'); - if ($res = $this->_get_result($q)) { - $this->tables = $res->fetchAll(PDO::FETCH_COLUMN, 0); + if ($q) { + $this->tables = $q->fetchAll(PDO::FETCH_COLUMN, 0); } else { $this->tables = array(); @@ -561,8 +559,8 @@ class rcube_db $q = $this->query('SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME = ?', array($table)); - if ($res = $this->_get_result($q)) { - return $res->fetchAll(PDO::FETCH_COLUMN, 0); + if ($q) { + return $q->fetchAll(PDO::FETCH_COLUMN, 0); } return array(); @@ -777,42 +775,6 @@ class rcube_db } /** - * Adds a query result and returns a handle ID - * - * @param object $res Query handle - * - * @return int Handle ID - */ - protected function _add_result($res) - { - $this->last_res_id = sizeof($this->a_query_results); - $this->a_query_results[$this->last_res_id] = $res; - - return $this->last_res_id; - } - - /** - * Resolves a given handle ID and returns the according query handle - * If no ID is specified, the last resource handle will be returned - * - * @param int $res_id Handle ID - * - * @return mixed Resource handle or false on failure - */ - protected function _get_result($res_id = null) - { - if ($res_id == null) { - $res_id = $this->last_res_id; - } - - if (!empty($this->a_query_results[$res_id])) { - return $this->a_query_results[$res_id]; - } - - return false; - } - - /** * Return correct name for a specific database table * * @param string $table Table name diff --git a/program/lib/Roundcube/rcube_imap.php b/program/lib/Roundcube/rcube_imap.php index 8ca24dec7..ea3743d02 100644 --- a/program/lib/Roundcube/rcube_imap.php +++ b/program/lib/Roundcube/rcube_imap.php @@ -151,7 +151,7 @@ class rcube_imap extends rcube_storage $attempt = 0; do { - $data = rcube::get_instance()->plugins->exec_hook('imap_connect', + $data = rcube::get_instance()->plugins->exec_hook('storage_connect', array_merge($this->options, array('host' => $host, 'user' => $user, 'attempt' => ++$attempt))); @@ -571,7 +571,7 @@ class rcube_imap extends rcube_storage * Get message count for a specific folder * * @param string $folder Folder name - * @param string $mode Mode for count [ALL|THREADS|UNSEEN|RECENT] + * @param string $mode Mode for count [ALL|THREADS|UNSEEN|RECENT|EXISTS] * @param boolean $force Force reading from server and update cache * @param boolean $status Enables storing folder status info (max UID/count), * required for folder_status() @@ -592,7 +592,7 @@ class rcube_imap extends rcube_storage * protected method for getting nr of messages * * @param string $folder Folder name - * @param string $mode Mode for count [ALL|THREADS|UNSEEN|RECENT] + * @param string $mode Mode for count [ALL|THREADS|UNSEEN|RECENT|EXISTS] * @param boolean $force Force reading from server and update cache * @param boolean $status Enables storing folder status info (max UID/count), * required for folder_status() @@ -614,6 +614,10 @@ class rcube_imap extends rcube_storage } } + // EXISTS is a special alias for ALL, it allows to get the number + // of all messages in a folder also when search is active and with + // any skip_deleted setting + $a_folder_cache = $this->get_cache('messagecount'); // return cached value @@ -644,7 +648,7 @@ class rcube_imap extends rcube_storage $count = $this->conn->countRecent($folder); } // use SEARCH for message counting - else if (!empty($this->options['skip_deleted'])) { + else if ($mode != 'EXISTS' && !empty($this->options['skip_deleted'])) { $search_str = "ALL UNDELETED"; $keys = array('COUNT'); @@ -683,8 +687,8 @@ class rcube_imap extends rcube_storage } else { $count = $this->conn->countMessages($folder); - if ($status) { - $this->set_folder_stats($folder,'cnt', $count); + if ($status && $mode == 'ALL') { + $this->set_folder_stats($folder, 'cnt', $count); $this->set_folder_stats($folder, 'maxuid', $count ? $this->id2uid($count, $folder) : 0); } } @@ -2226,10 +2230,11 @@ class rcube_imap extends rcube_storage * @param boolean $is_file True if $message is a filename * @param array $flags Message flags * @param mixed $date Message internal date + * @param bool $binary Enables BINARY append * * @return int|bool Appended message UID or True on success, False on error */ - public function save_message($folder, &$message, $headers='', $is_file=false, $flags = array(), $date = null) + public function save_message($folder, &$message, $headers='', $is_file=false, $flags = array(), $date = null, $binary = false) { if (!strlen($folder)) { $folder = $this->folder; @@ -2247,10 +2252,10 @@ class rcube_imap extends rcube_storage $date = $this->date_format($date); if ($is_file) { - $saved = $this->conn->appendFromFile($folder, $message, $headers, $flags, $date); + $saved = $this->conn->appendFromFile($folder, $message, $headers, $flags, $date, $binary); } else { - $saved = $this->conn->append($folder, $message, $flags, $date); + $saved = $this->conn->append($folder, $message, $flags, $date, $binary); } if ($saved) { diff --git a/program/lib/Roundcube/rcube_imap_generic.php b/program/lib/Roundcube/rcube_imap_generic.php index 0f32d83d1..28d56c16f 100644 --- a/program/lib/Roundcube/rcube_imap_generic.php +++ b/program/lib/Roundcube/rcube_imap_generic.php @@ -2548,10 +2548,11 @@ class rcube_imap_generic * @param string $message Message content * @param array $flags Message flags * @param string $date Message internal date + * @param bool $binary Enable BINARY append (RFC3516) * * @return string|bool On success APPENDUID response (if available) or True, False on failure */ - function append($mailbox, &$message, $flags = array(), $date = null) + function append($mailbox, &$message, $flags = array(), $date = null, $binary = false) { unset($this->data['APPENDUID']); @@ -2559,8 +2560,13 @@ class rcube_imap_generic return false; } - $message = str_replace("\r", '', $message); - $message = str_replace("\n", "\r\n", $message); + $binary = $binary && $this->getCapability('BINARY'); + $literal_plus = !$binary && $this->prefs['literal+']; + + if (!$binary) { + $message = str_replace("\r", '', $message); + $message = str_replace("\n", "\r\n", $message); + } $len = strlen($message); if (!$len) { @@ -2573,12 +2579,12 @@ class rcube_imap_generic if (!empty($date)) { $request .= ' ' . $this->escape($date); } - $request .= ' {' . $len . ($this->prefs['literal+'] ? '+' : '') . '}'; + $request .= ' ' . ($binary ? '~' : '') . '{' . $len . ($literal_plus ? '+' : '') . '}'; // send APPEND command if ($this->putLine($request)) { // Do not wait when LITERAL+ is supported - if (!$this->prefs['literal+']) { + if (!$literal_plus) { $line = $this->readReply(); if ($line[0] != '+') { @@ -2620,10 +2626,11 @@ class rcube_imap_generic * @param string $headers Message headers * @param array $flags Message flags * @param string $date Message internal date + * @param bool $binary Enable BINARY append (RFC3516) * * @return string|bool On success APPENDUID response (if available) or True, False on failure */ - function appendFromFile($mailbox, $path, $headers=null, $flags = array(), $date = null) + function appendFromFile($mailbox, $path, $headers=null, $flags = array(), $date = null, $binary = false) { unset($this->data['APPENDUID']); @@ -2654,18 +2661,21 @@ class rcube_imap_generic $len += strlen($headers) + strlen($body_separator); } + $binary = $binary && $this->getCapability('BINARY'); + $literal_plus = !$binary && $this->prefs['literal+']; + // build APPEND command $key = $this->nextTag(); $request = "$key APPEND " . $this->escape($mailbox) . ' (' . $this->flagsToStr($flags) . ')'; if (!empty($date)) { $request .= ' ' . $this->escape($date); } - $request .= ' {' . $len . ($this->prefs['literal+'] ? '+' : '') . '}'; + $request .= ' ' . ($binary ? '~' : '') . '{' . $len . ($literal_plus ? '+' : '') . '}'; // send APPEND command if ($this->putLine($request)) { // Don't wait when LITERAL+ is supported - if (!$this->prefs['literal+']) { + if (!$literal_plus) { $line = $this->readReply(); if ($line[0] != '+') { diff --git a/program/lib/Roundcube/rcube_ldap.php b/program/lib/Roundcube/rcube_ldap.php index c9a14d863..c32cea728 100644 --- a/program/lib/Roundcube/rcube_ldap.php +++ b/program/lib/Roundcube/rcube_ldap.php @@ -1455,6 +1455,7 @@ class rcube_ldap extends rcube_addressbook if ($this->vlv_active && function_exists('ldap_parse_virtuallist_control')) { if (ldap_parse_result($this->conn, $this->ldap_result, $errcode, $matcheddn, $errmsg, $referrals, $serverctrls) + && $serverctrls // can be null e.g. in case of adm. limit error ) { ldap_parse_virtuallist_control($this->conn, $serverctrls, $last_offset, $this->vlv_count, $vresult); diff --git a/program/lib/Roundcube/rcube_message.php b/program/lib/Roundcube/rcube_message.php index 4ef534a0a..c626af08a 100644 --- a/program/lib/Roundcube/rcube_message.php +++ b/program/lib/Roundcube/rcube_message.php @@ -320,8 +320,15 @@ class rcube_message private function parse_structure($structure, $recursive = false) { // real content-type of message/rfc822 part - if ($structure->mimetype == 'message/rfc822' && $structure->real_mimetype) + if ($structure->mimetype == 'message/rfc822' && $structure->real_mimetype) { $mimetype = $structure->real_mimetype; + + // parse headers from message/rfc822 part + if (!isset($structure->headers['subject'])) { + list($headers, $dump) = explode("\r\n\r\n", $this->get_part_content($structure->mime_id, null, true, 4096)); + $structure->headers = rcube_mime::parse_headers($headers); + } + } else $mimetype = $structure->mimetype; diff --git a/program/lib/Roundcube/rcube_message_header.php b/program/lib/Roundcube/rcube_message_header.php index 445d0bd39..7009a00af 100644 --- a/program/lib/Roundcube/rcube_message_header.php +++ b/program/lib/Roundcube/rcube_message_header.php @@ -235,6 +235,22 @@ class rcube_message_header $this->others[$name] = $value; } } + + + /** + * Factory method to instantiate headers from a data array + * + * @param array Hash array with header values + * @return object rcube_message_header instance filled with headers values + */ + public static function from_array($arr) + { + $obj = new rcube_message_header; + foreach ($arr as $k => $v) + $obj->set($k, $v); + + return $obj; + } } diff --git a/program/lib/Roundcube/rcube_mime.php b/program/lib/Roundcube/rcube_mime.php index 17cb3f015..4bb5b483f 100644 --- a/program/lib/Roundcube/rcube_mime.php +++ b/program/lib/Roundcube/rcube_mime.php @@ -717,6 +717,7 @@ class rcube_mime $file_paths[] = $mime_types; // try common locations + $file_paths[] = '/etc/mime.types'; $file_paths[] = '/etc/httpd/mime.types'; $file_paths[] = '/etc/httpd2/mime.types'; $file_paths[] = '/etc/apache/mime.types'; @@ -749,7 +750,7 @@ class rcube_mime // fallback to some well-known types most important for daily emails if (empty($mime_types)) { $mime_extensions = @include(RCUBE_CONFIG_DIR . '/mimetypes.php'); - $mime_extensions += array('gif' => 'image/gif', 'png' => 'image/png', 'jpg' => 'image/jpg', 'jpeg' => 'image/jpeg', 'tif' => 'image/tiff'); + $mime_extensions += array('gif' => 'image/gif', 'png' => 'image/png', 'jpg' => 'image/jpeg', 'jpeg' => 'image/jpeg', 'tif' => 'image/tiff'); foreach ($mime_extensions as $ext => $mime) $mime_types[$mime][] = $ext; diff --git a/program/lib/Roundcube/rcube_plugin.php b/program/lib/Roundcube/rcube_plugin.php index dbb15e8be..5db85025d 100644 --- a/program/lib/Roundcube/rcube_plugin.php +++ b/program/lib/Roundcube/rcube_plugin.php @@ -203,23 +203,23 @@ abstract class rcube_plugin foreach ($texts as $key => $value) $add[$domain.'.'.$key] = $value; - $rcmail = rcube::get_instance(); - $rcmail->load_language($lang, $add); + $rcube = rcube::get_instance(); + $rcube->load_language($lang, $add); // add labels to client if ($add2client) { $js_labels = is_array($add2client) ? array_map(array($this, 'label_map_callback'), $add2client) : array_keys($add); - $rcmail->output->add_label($js_labels); + $rcube->output->add_label($js_labels); } } } /** - * Wrapper for rcmail::gettext() adding the plugin ID as domain + * Wrapper for rcube::gettext() adding the plugin ID as domain * * @param string $p Message identifier * @return string Localized text - * @see rcmail::gettext() + * @see rcube::gettext() */ public function gettext($p) { @@ -336,8 +336,8 @@ abstract class rcube_plugin */ public function local_skin_path() { - $rcmail = rcube::get_instance(); - foreach (array($rcmail->config->get('skin'), 'larry') as $skin) { + $rcube = rcube::get_instance(); + foreach (array($rcube->config->get('skin'), 'larry') as $skin) { $skin_path = 'skins/' . $skin; if (is_dir(realpath(slashify($this->home) . $skin_path))) break; diff --git a/program/lib/Roundcube/rcube_plugin_api.php b/program/lib/Roundcube/rcube_plugin_api.php index 51cf5d246..47508a2ef 100644 --- a/program/lib/Roundcube/rcube_plugin_api.php +++ b/program/lib/Roundcube/rcube_plugin_api.php @@ -78,7 +78,8 @@ class rcube_plugin_api 'identity_save' => 'identity_update', // to be removed after 0.8 'imap_init' => 'storage_init', - 'mailboxes_list' => 'storage_folders', + 'mailboxes_list' => 'storage_folders', + 'imap_connect' => 'storage_connect', ); /** diff --git a/program/lib/Roundcube/rcube_storage.php b/program/lib/Roundcube/rcube_storage.php index 245d911c0..763b9155e 100644 --- a/program/lib/Roundcube/rcube_storage.php +++ b/program/lib/Roundcube/rcube_storage.php @@ -65,6 +65,7 @@ abstract class rcube_storage 'MAIL-REPLY-TO', 'RETURN-PATH', 'DELIVERED-TO', + 'ENVELOPE-TO', ); const UNKNOWN = 0; @@ -353,7 +354,7 @@ abstract class rcube_storage * Get messages count for a specific folder. * * @param string $folder Folder name - * @param string $mode Mode for count [ALL|THREADS|UNSEEN|RECENT] + * @param string $mode Mode for count [ALL|THREADS|UNSEEN|RECENT|EXISTS] * @param boolean $force Force reading from server and update cache * @param boolean $status Enables storing folder status info (max UID/count), * required for folder_status() diff --git a/program/lib/Roundcube/rcube_user.php b/program/lib/Roundcube/rcube_user.php index b027506ac..f6b77f5e1 100644 --- a/program/lib/Roundcube/rcube_user.php +++ b/program/lib/Roundcube/rcube_user.php @@ -263,7 +263,7 @@ class rcube_user $sql_arr['email_ascii'] = $ascii_email; $sql_arr['email'] = $utf8_email; - $sql_arr['ident'] = format_email_recipient($ascii_email, $ident['name']); + $sql_arr['ident'] = format_email_recipient($ascii_email, $sql_arr['name']); } $result[] = $sql_arr; diff --git a/program/lib/washtml.php b/program/lib/washtml.php index 0d4ffdb4b..d13d66404 100644 --- a/program/lib/washtml.php +++ b/program/lib/washtml.php @@ -214,7 +214,7 @@ class washtml $key = strtolower($key); $value = $node->getAttribute($key); if (isset($this->_html_attribs[$key]) || - ($key == 'href' && !preg_match('!^javascript!i', $value) + ($key == 'href' && !preg_match('!^(javascript|vbscript|data:text)!i', $value) && preg_match('!^([a-z][a-z0-9.+-]+:|//|#).+!i', $value)) ) { $t .= ' ' . $key . '="' . htmlspecialchars($value, ENT_QUOTES) . '"'; diff --git a/program/steps/addressbook/func.inc b/program/steps/addressbook/func.inc index fded9a819..2f47483de 100644 --- a/program/steps/addressbook/func.inc +++ b/program/steps/addressbook/func.inc @@ -756,7 +756,7 @@ function rcmail_contact_key($row, $sort_col) * * @return array List of contact IDs per-source */ -function rcmail_get_cids() +function rcmail_get_cids($filter = null) { // contact ID (or comma-separated list of IDs) is provided in two // forms. If _source is an empty string then the ID is a string @@ -765,24 +765,25 @@ function rcmail_get_cids() $cid = get_input_value('_cid', RCUBE_INPUT_GPC); $source = (string) get_input_value('_source', RCUBE_INPUT_GPC); + if (is_array($cid)) { + return $cid; + } + if (!preg_match('/^[a-zA-Z0-9\+\/=_-]+(,[a-zA-Z0-9\+\/=_-]+)*$/', $cid)) { return array(); } - $cid = explode(',', $cid); - $got_source = strlen($source); - $result = array(); + $cid = explode(',', $cid); + $result = array(); // create per-source contact IDs array foreach ($cid as $id) { - // if _source is not specified we'll find it from decoded ID - if (!$got_source) { - if ($sep = strrpos($id, '-')) { - $contact_id = substr($id, 0, $sep); - $source_id = substr($id, $sep+1); - if (strlen($source_id)) { - $result[(string)$source_id][] = $contact_id; - } + // get source from decoded ID + if ($sep = strrpos($id, '-')) { + $contact_id = substr($id, 0, $sep); + $source_id = substr($id, $sep+1); + if (strlen($source_id)) { + $result[(string)$source_id][] = $contact_id; } } else { @@ -790,9 +791,10 @@ function rcmail_get_cids() } } - return $result; + return $filter !== null ? $result[$filter] : $result; } + // register UI objects $OUTPUT->add_handlers(array( 'directorylist' => 'rcmail_directory_list', diff --git a/program/steps/addressbook/groups.inc b/program/steps/addressbook/groups.inc index b70453889..3b9288a2b 100644 --- a/program/steps/addressbook/groups.inc +++ b/program/steps/addressbook/groups.inc @@ -20,7 +20,7 @@ */ $source = get_input_value('_source', RCUBE_INPUT_GPC); -$CONTACTS = rcmail_contact_source($source, true); +$CONTACTS = rcmail_contact_source($source); if ($CONTACTS->readonly || !$CONTACTS->groups) { $OUTPUT->show_message('sourceisreadonly', 'warning'); @@ -28,11 +28,11 @@ if ($CONTACTS->readonly || !$CONTACTS->groups) { } if ($RCMAIL->action == 'group-addmembers') { - if (($gid = get_input_value('_gid', RCUBE_INPUT_POST)) && ($ids = get_input_value('_cid', RCUBE_INPUT_POST))) { + if (($gid = get_input_value('_gid', RCUBE_INPUT_POST)) && ($ids = rcmail_get_cids($source))) { $plugin = $RCMAIL->plugins->exec_hook('group_addmembers', array('group_id' => $gid, 'ids' => $ids, 'source' => $source)); $CONTACTS->set_group($gid); - $num2add = count(explode(',', $plugin['ids'])); + $num2add = count($plugin['ids']); if (!$plugin['abort']) { if (($maxnum = $RCMAIL->config->get('max_group_members', 0)) && ($CONTACTS->count()->count + $num2add > $maxnum)) { @@ -55,7 +55,7 @@ if ($RCMAIL->action == 'group-addmembers') { } else if ($RCMAIL->action == 'group-delmembers') { - if (($gid = get_input_value('_gid', RCUBE_INPUT_POST)) && ($ids = get_input_value('_cid', RCUBE_INPUT_POST))) { + if (($gid = get_input_value('_gid', RCUBE_INPUT_POST)) && ($ids = rcmail_get_cids($source))) { $plugin = $RCMAIL->plugins->exec_hook('group_delmembers', array('group_id' => $gid, 'ids' => $ids, 'source' => $source)); if (!$plugin['abort']) @@ -63,10 +63,11 @@ else if ($RCMAIL->action == 'group-delmembers') { else $result = $plugin['result']; - if ($result){ + if ($result) { $OUTPUT->show_message('contactremovedfromgroup'); $OUTPUT->command('remove_group_contacts',array('source' => $source, 'gid' => $gid)); - }else{ + } + else { $OUTPUT->show_message($plugin['message'] ? $plugin['message'] : 'errorsaving', 'error'); } } diff --git a/program/steps/mail/check_recent.inc b/program/steps/mail/check_recent.inc index 90d17c15b..4befbf275 100644 --- a/program/steps/mail/check_recent.inc +++ b/program/steps/mail/check_recent.inc @@ -25,7 +25,7 @@ if (empty($_REQUEST['_folderlist']) && empty($_REQUEST['_list'])) { return; } -$current = $RCMAIL->storage->get_folder(); +$current = $RCMAIL->storage->get_folder(); $check_all = $RCMAIL->action != 'refresh' || (bool)$RCMAIL->config->get('check_all_folders'); // list of folders to check @@ -34,10 +34,15 @@ if ($check_all) { } else { $a_mailboxes = (array) $current; - if ($a_mailboxes[0] != 'INBOX') + if ($current != 'INBOX') { $a_mailboxes[] = 'INBOX'; + } } +// Control folders list from a plugin +$plugin = $RCMAIL->plugins->exec_hook('check_recent', array('folders' => $a_mailboxes, 'all' => $check_all)); +$a_mailboxes = $plugin['folders']; + // check recent/unseen counts foreach ($a_mailboxes as $mbox_name) { $is_current = $mbox_name == $current; @@ -70,13 +75,15 @@ foreach ($a_mailboxes as $mbox_name) { if (!empty($_GET['_quota'])) $OUTPUT->command('set_quota', rcmail_quota_content()); + $OUTPUT->set_env('exists', $RCMAIL->storage->count($mbox_name, 'EXISTS')); + // "No-list" mode, don't get messages if (empty($_GET['_list'])) continue; // get overall message count; allow caching because rcube_storage::folder_status() did a refresh $list_mode = $RCMAIL->storage->get_threading() ? 'THREADS' : 'ALL'; - $all_count = $RCMAIL->storage->count(null, $list_mode, false, false); + $all_count = $RCMAIL->storage->count($mbox_name, $list_mode, false, false); $page = $RCMAIL->storage->get_page(); $page_size = $RCMAIL->storage->get_pagesize(); diff --git a/program/steps/mail/compose.inc b/program/steps/mail/compose.inc index 96391c88b..d07cf587f 100644 --- a/program/steps/mail/compose.inc +++ b/program/steps/mail/compose.inc @@ -20,10 +20,10 @@ */ // define constants for message compose mode -define('RCUBE_COMPOSE_REPLY', 0x0106); -define('RCUBE_COMPOSE_FORWARD', 0x0107); -define('RCUBE_COMPOSE_DRAFT', 0x0108); -define('RCUBE_COMPOSE_EDIT', 0x0109); +define('RCUBE_COMPOSE_REPLY', 'reply'); +define('RCUBE_COMPOSE_FORWARD', 'forward'); +define('RCUBE_COMPOSE_DRAFT', 'draft'); +define('RCUBE_COMPOSE_EDIT', 'edit'); $MESSAGE_FORM = null; $COMPOSE_ID = get_input_value('_id', RCUBE_INPUT_GET); @@ -151,30 +151,37 @@ if ($font && !is_array($font)) { // get reference message and set compose mode if ($msg_uid = $COMPOSE['param']['draft_uid']) { - $RCMAIL->storage->set_folder($CONFIG['drafts_mbox']); $compose_mode = RCUBE_COMPOSE_DRAFT; + $RCMAIL->storage->set_folder($CONFIG['drafts_mbox']); } -else if ($msg_uid = $COMPOSE['param']['reply_uid']) +else if ($msg_uid = $COMPOSE['param']['reply_uid']) { $compose_mode = RCUBE_COMPOSE_REPLY; -else if ($msg_uid = $COMPOSE['param']['forward_uid']) +} +else if ($msg_uid = $COMPOSE['param']['forward_uid']) { $compose_mode = RCUBE_COMPOSE_FORWARD; -else if ($msg_uid = $COMPOSE['param']['uid']) + $COMPOSE['forward_uid'] = $msg_uid; + $COMPOSE['as_attachment'] = !empty($COMPOSE['param']['attachment']); +} +else if ($msg_uid = $COMPOSE['param']['uid']) { $compose_mode = RCUBE_COMPOSE_EDIT; +} +$OUTPUT->set_env('compose_mode', $compose_mode); $config_show_sig = $RCMAIL->config->get('show_sig', 1); -if ($config_show_sig == 1) +if ($compose_mode == RCUBE_COMPOSE_EDIT || $compose_mode == RCUBE_COMPOSE_DRAFT) { + // don't add signature in draft/edit mode, we'll also not remove the old-one +} +else if ($config_show_sig == 1) $OUTPUT->set_env('show_sig', true); -else if ($config_show_sig == 2 && (empty($compose_mode) || $compose_mode == RCUBE_COMPOSE_EDIT || $compose_mode == RCUBE_COMPOSE_DRAFT)) +else if ($config_show_sig == 2 && empty($compose_mode)) $OUTPUT->set_env('show_sig', true); else if ($config_show_sig == 3 && ($compose_mode == RCUBE_COMPOSE_REPLY || $compose_mode == RCUBE_COMPOSE_FORWARD)) $OUTPUT->set_env('show_sig', true); -else - $OUTPUT->set_env('show_sig', false); // set line length for body wrapping $LINE_LENGTH = $RCMAIL->config->get('line_length', 72); -if (!empty($msg_uid)) +if (!empty($msg_uid) && empty($COMPOSE['as_attachment'])) { // similar as in program/steps/mail/show.inc // re-set 'prefer_html' to have possibility to use html part for compose @@ -188,8 +195,7 @@ if (!empty($msg_uid)) if (!empty($MESSAGE->headers->charset)) $RCMAIL->storage->set_charset($MESSAGE->headers->charset); - if ($compose_mode == RCUBE_COMPOSE_REPLY) - { + if ($compose_mode == RCUBE_COMPOSE_REPLY) { $COMPOSE['reply_uid'] = $msg_uid; $COMPOSE['reply_msgid'] = $MESSAGE->headers->messageID; $COMPOSE['references'] = trim($MESSAGE->headers->references . " " . $MESSAGE->headers->messageID); @@ -197,8 +203,6 @@ if (!empty($msg_uid)) if (!empty($COMPOSE['param']['all'])) $MESSAGE->reply_all = $COMPOSE['param']['all']; - $OUTPUT->set_env('compose_mode', 'reply'); - // Save the sent message in the same folder of the message being replied to if ($RCMAIL->config->get('reply_same_folder') && ($sent_folder = $COMPOSE['mailbox']) && rcmail_check_sent_folder($sent_folder, false) @@ -206,10 +210,8 @@ if (!empty($msg_uid)) $COMPOSE['param']['sent_mbox'] = $sent_folder; } } - else if ($compose_mode == RCUBE_COMPOSE_DRAFT) - { - if ($MESSAGE->headers->others['x-draft-info']) - { + else if ($compose_mode == RCUBE_COMPOSE_DRAFT) { + if ($MESSAGE->headers->others['x-draft-info']) { // get reply_uid/forward_uid to flag the original message when sending $info = rcmail_draftinfo_decode($MESSAGE->headers->others['x-draft-info']); @@ -233,14 +235,6 @@ if (!empty($msg_uid)) $COMPOSE['references'] = $MESSAGE->headers->references; } - else if ($compose_mode == RCUBE_COMPOSE_FORWARD) - { - $COMPOSE['forward_uid'] = $msg_uid; - $OUTPUT->set_env('compose_mode', 'forward'); - - if (!empty($COMPOSE['param']['attachment'])) - $MESSAGE->forward_attachment = true; - } } else { $MESSAGE = new stdClass(); @@ -379,92 +373,6 @@ $MESSAGE_BODY = rcmail_prepare_message_body(); /****** compose mode functions ********/ -function rcmail_identity_select($MESSAGE, $identities, $compose_mode) -{ - $a_recipients = array(); - $a_names = array(); - - // extract all recipients of the reply-message - if (is_object($MESSAGE->headers) && in_array($compose_mode, array(RCUBE_COMPOSE_REPLY, RCUBE_COMPOSE_FORWARD))) { - $a_to = rcube_mime::decode_address_list($MESSAGE->headers->to, null, true, $MESSAGE->headers->charset); - foreach ($a_to as $addr) { - if (!empty($addr['mailto'])) { - $a_recipients[] = format_email($addr['mailto']); - $a_names[] = $addr['name']; - } - } - - if (!empty($MESSAGE->headers->cc)) { - $a_cc = rcube_mime::decode_address_list($MESSAGE->headers->cc, null, true, $MESSAGE->headers->charset); - foreach ($a_cc as $addr) { - if (!empty($addr['mailto'])) { - $a_recipients[] = format_email($addr['mailto']); - $a_names[] = $addr['name']; - } - } - } - } - - $from_idx = null; - $found_idx = null; - $default_identity = 0; // default identity is always first on the list - - // Select identity - foreach ($identities as $idx => $ident) { - // use From header - if (in_array($compose_mode, array(RCUBE_COMPOSE_DRAFT, RCUBE_COMPOSE_EDIT))) { - if ($MESSAGE->headers->from == $ident['ident']) { - $from_idx = $idx; - break; - } - } - // reply to yourself - else if ($compose_mode == RCUBE_COMPOSE_REPLY && $MESSAGE->headers->from == $ident['ident']) { - $from_idx = $idx; - break; - } - // use replied message recipients - else if (($found = array_search($ident['email_ascii'], $a_recipients)) !== false) { - if ($found_idx === null) { - $found_idx = $idx; - } - // match identity name - if ($a_names[$found] && $ident['name'] && $a_names[$found] == $ident['name']) { - $from_idx = $idx; - break; - } - } - } - - // If matching by name+address doesn't found any amtches, get first found address (identity) - if ($from_idx === null) { - $from_idx = $found_idx; - } - - // Try Return-Path - if ($from_idx === null && ($return_path = $MESSAGE->headers->others['return-path'])) { - foreach ($identities as $idx => $ident) { - if (strpos($return_path, str_replace('@', '=', $ident['email_ascii']).'@') !== false) { - $from_idx = $idx; - break; - } - } - } - - // Fallback using Delivered-To - if ($from_idx === null && ($delivered_to = $MESSAGE->headers->others['delivered-to'])) { - foreach ($identities as $idx => $ident) { - if (in_array($ident['email_ascii'], $delivered_to)) { - $from_idx = $idx; - break; - } - } - } - - return $identities[$from_idx !== null ? $from_idx : $default_identity]; -} - - function rcmail_compose_headers($attrib) { global $MESSAGE; @@ -643,11 +551,11 @@ function rcmail_prepare_message_body() $isHtml = false; } // forward as attachment - else if ($compose_mode == RCUBE_COMPOSE_FORWARD && $MESSAGE->forward_attachment) { + else if ($compose_mode == RCUBE_COMPOSE_FORWARD && $COMPOSE['as_attachment']) { $isHtml = rcmail_compose_editor_mode(); $body = ''; if (empty($COMPOSE['attachments'])) - rcmail_write_forward_attachment($MESSAGE); + rcmail_write_forward_attachments(); } // reply/edit/draft/forward else if ($compose_mode && ($compose_mode != RCUBE_COMPOSE_REPLY || $RCMAIL->config->get('reply_mode') != -1)) { @@ -737,8 +645,10 @@ function rcmail_compose_part_body($part, $isHtml = false) } else { // try to remove the signature - if ($RCMAIL->config->get('strip_existing_sig', true)) { - $body = rcmail_remove_signature($body); + if ($compose_mode != RCUBE_COMPOSE_DRAFT && $compose_mode != RCUBE_COMPOSE_EDIT) { + if ($RCMAIL->config->get('strip_existing_sig', true)) { + $body = rcmail_remove_signature($body); + } } // add HTML formatting $body = rcmail_plain_body($body); @@ -769,8 +679,10 @@ function rcmail_compose_part_body($part, $isHtml = false) } // try to remove the signature - if ($RCMAIL->config->get('strip_existing_sig', true)) { - $body = rcmail_remove_signature($body); + if ($compose_mode != RCUBE_COMPOSE_DRAFT && $compose_mode != RCUBE_COMPOSE_EDIT) { + if ($RCMAIL->config->get('strip_existing_sig', true)) { + $body = rcmail_remove_signature($body); + } } } } @@ -1135,55 +1047,86 @@ function rcmail_write_inline_attachments(&$message) return $cid_map; } -// Creates an attachment from the forwarded message -function rcmail_write_forward_attachment(&$message) +// Creates attachment(s) from the forwarded message(s) +function rcmail_write_forward_attachments() { - global $RCMAIL, $COMPOSE; + global $RCMAIL, $COMPOSE, $MESSAGE; + + $storage = $RCMAIL->get_storage(); + $mem_limit = parse_bytes(ini_get('memory_limit')); + $curr_mem = function_exists('memory_get_usage') ? memory_get_usage() : 16*1024*1024; // safe value: 16MB + $names = array(); - if (strlen($message->subject)) { - $name = mb_substr($message->subject, 0, 64) . '.eml'; + if ($COMPOSE['forward_uid'] == '*') { + $index = $storage->index(null, rcmail_sort_column(), rcmail_sort_order()); + $COMPOSE['forward_uid'] = $index->get(); } else { - $name = 'message_rfc822.eml'; + $COMPOSE['forward_uid'] = explode(',', $COMPOSE['forward_uid']); } - $mem_limit = parse_bytes(ini_get('memory_limit')); - $curr_mem = function_exists('memory_get_usage') ? memory_get_usage() : 16*1024*1024; // safe value: 16MB - $data = $path = null; + foreach ((array)$COMPOSE['forward_uid'] as $uid) { + $message = new rcube_message($uid); - // don't load too big attachments into memory - if ($mem_limit > 0 && $message->size > $mem_limit - $curr_mem) { - $temp_dir = unslashify($RCMAIL->config->get('temp_dir')); - $path = tempnam($temp_dir, 'rcmAttmnt'); - if ($fp = fopen($path, 'w')) { - $RCMAIL->storage->get_raw_body($message->uid, $fp); - fclose($fp); - } else - return false; - } else { - $data = $RCMAIL->storage->get_raw_body($message->uid); - } + if (empty($message->headers)) { + continue; + } - $attachment = array( - 'group' => $COMPOSE['id'], - 'name' => $name, - 'mimetype' => 'message/rfc822', - 'data' => $data, - 'path' => $path, - 'size' => $path ? filesize($path) : strlen($data), - ); + if (!empty($message->headers->charset)) { + $storage->set_charset($message->headers->charset); + } - $attachment = $RCMAIL->plugins->exec_hook('attachment_save', $attachment); + if (empty($MESSAGE->subject)) { + $MESSAGE->subject = $message->subject; + } - if ($attachment['status']) { - unset($attachment['data'], $attachment['status'], $attachment['content_id'], $attachment['abort']); - $COMPOSE['attachments'][$attachment['id']] = $attachment; - return true; - } else if ($path) { - @unlink($path); - } + // generate (unique) attachment name + $name = strlen($message->subject) ? mb_substr($message->subject, 0, 64) : 'message_rfc822'; + if (!empty($names[$name])) { + $names[$name]++; + $name .= '_' . $names[$name]; + } + $names[$name] = 1; + $name .= '.eml'; + + $data = $path = null; + + // don't load too big attachments into memory + if ($mem_limit > 0 && $message->size > $mem_limit - $curr_mem) { + $temp_dir = unslashify($RCMAIL->config->get('temp_dir')); + $path = tempnam($temp_dir, 'rcmAttmnt'); + if ($fp = fopen($path, 'w')) { + $storage->get_raw_body($message->uid, $fp); + fclose($fp); + } + else { + return false; + } + } + else { + $data = $storage->get_raw_body($message->uid); + $curr_mem += $message->size; + } - return false; + $attachment = array( + 'group' => $COMPOSE['id'], + 'name' => $name, + 'mimetype' => 'message/rfc822', + 'data' => $data, + 'path' => $path, + 'size' => $path ? filesize($path) : strlen($data), + ); + + $attachment = $RCMAIL->plugins->exec_hook('attachment_save', $attachment); + + if ($attachment['status']) { + unset($attachment['data'], $attachment['status'], $attachment['content_id'], $attachment['abort']); + $COMPOSE['attachments'][$attachment['id']] = $attachment; + } + else if ($path) { + @unlink($path); + } + } } diff --git a/program/steps/mail/folders.inc b/program/steps/mail/folders.inc index c56c914cd..574d6e975 100644 --- a/program/steps/mail/folders.inc +++ b/program/steps/mail/folders.inc @@ -65,6 +65,7 @@ else if ($RCMAIL->action == 'purge') if (!empty($_REQUEST['_reload'])) { $OUTPUT->set_env('messagecount', 0); $OUTPUT->set_env('pagecount', 0); + $OUTPUT->set_env('exists', 0); $OUTPUT->command('message_list.clear'); $OUTPUT->command('set_rowcount', rcmail_get_messagecount_text(), $mbox); $OUTPUT->command('set_unread_count', $mbox, 0); diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc index 80dac716e..88391b102 100644 --- a/program/steps/mail/func.inc +++ b/program/steps/mail/func.inc @@ -5,7 +5,7 @@ | program/steps/mail/func.inc | | | | This file is part of the Roundcube Webmail client | - | Copyright (C) 2005-2010, The Roundcube Dev Team | + | Copyright (C) 2005-2012, The Roundcube Dev Team | | | | Licensed under the GNU General Public License version 3 or | | any later version with exceptions for skins & plugins. | @@ -939,13 +939,13 @@ function rcmail_html_tag_callback($matches) /** * return table with message headers */ -function rcmail_message_headers($attrib, $headers=NULL) +function rcmail_message_headers($attrib, $headers=null) { global $OUTPUT, $MESSAGE, $PRINT_MODE, $RCMAIL; static $sa_attrib; // keep header table attrib - if (is_array($attrib) && !$sa_attrib) + if (is_array($attrib) && !$sa_attrib && !$attrib['valueof']) $sa_attrib = $attrib; else if (!is_array($attrib) && is_array($sa_attrib)) $attrib = $sa_attrib; @@ -954,8 +954,17 @@ function rcmail_message_headers($attrib, $headers=NULL) return FALSE; // get associative array of headers object - if (!$headers) - $headers = is_object($MESSAGE->headers) ? get_object_vars($MESSAGE->headers) : $MESSAGE->headers; + if (!$headers) { + $headers_obj = $MESSAGE->headers; + $headers = get_object_vars($MESSAGE->headers); + } + else if (is_object($headers)) { + $headers_obj = $headers; + $headers = get_object_vars($headers_obj); + } + else { + $headers_obj = rcube_message_header::from_array($headers); + } // show these headers $standard_headers = array('subject', 'from', 'to', 'cc', 'bcc', 'replyto', @@ -1031,7 +1040,7 @@ function rcmail_message_headers($attrib, $headers=NULL) } $plugin = $RCMAIL->plugins->exec_hook('message_headers_output', - array('output' => $output_headers, 'headers' => $MESSAGE->headers, 'exclude' => $exclude_headers)); + array('output' => $output_headers, 'headers' => $headers_obj, 'exclude' => $exclude_headers)); // single header value is requested if (!empty($attrib['valueof'])) @@ -1110,8 +1119,9 @@ function rcmail_message_body($attrib) if (!empty($MESSAGE->parts)) { foreach ($MESSAGE->parts as $i => $part) { - if ($part->type == 'headers') - $out .= rcmail_message_headers(sizeof($header_attrib) ? $header_attrib : NULL, $part->headers); + if ($part->type == 'headers') { + $out .= html::div('message-partheaders', rcmail_message_headers(sizeof($header_attrib) ? $header_attrib : null, $part->headers)); + } else if ($part->type == 'content') { // unsapported if ($part->realtype) { @@ -1139,6 +1149,15 @@ function rcmail_message_body($attrib) if (!isset($part->body)) $part->body = $MESSAGE->get_part_content($part->mime_id); + // extract headers from message/rfc822 parts + if ($part->mimetype == 'message/rfc822') { + $msgpart = rcube_mime::parse_message($part->body); + if (!empty($msgpart->headers)) { + $part = $msgpart; + $out .= html::div('message-partheaders', rcmail_message_headers(sizeof($header_attrib) ? $header_attrib : null, $part->headers)); + } + } + // message is cached but not exists (#1485443), or other error if ($part->body === false) { rcmail_message_error($MESSAGE->uid); @@ -1509,7 +1528,7 @@ function rcmail_address_string($input, $max=null, $linked=false, $addicon=null, if ($addicon && $_SESSION['writeable_abook']) { $address .= html::a(array( 'href' => "#add", - 'onclick' => sprintf("return %s.command('add-contact','%s',this)", JS_OBJECT_NAME, $string), + 'onclick' => sprintf("return %s.command('add-contact','%s',this)", JS_OBJECT_NAME, JQ($string)), 'title' => rcube_label('addtoaddressbook'), 'class' => 'rcmaddcontact', ), @@ -1701,11 +1720,11 @@ function rcmail_send_mdn($message, &$smtp_error) if ($message->headers->mdn_to && empty($message->headers->flags['MDNSENT']) && ($RCMAIL->storage->check_permflag('MDNSENT') || $RCMAIL->storage->check_permflag('*'))) { - $identity = $RCMAIL->user->get_identity(); - $sender = format_email_recipient($identity['email'], $identity['name']); + $identity = rcmail_identity_select($message); + $sender = format_email_recipient($identity['email'], $identity['name']); $recipient = array_shift(rcube_mime::decode_address_list( $message->headers->mdn_to, 1, true, $message->headers->charset)); - $mailto = $recipient['mailto']; + $mailto = $recipient['mailto']; $compose = new Mail_mime("\r\n"); @@ -1763,6 +1782,107 @@ function rcmail_send_mdn($message, &$smtp_error) return false; } +/** + * Detect recipient identity from specified message + */ +function rcmail_identity_select($MESSAGE, $identities = null, $compose_mode = 'reply') +{ + $a_recipients = array(); + $a_names = array(); + + if ($identities === null) { + $identities = rcmail::get_instance()->user->list_identities(null, true); + } + + // extract all recipients of the reply-message + if (is_object($MESSAGE->headers) && in_array($compose_mode, array('reply', 'forward'))) { + $a_to = rcube_mime::decode_address_list($MESSAGE->headers->to, null, true, $MESSAGE->headers->charset); + foreach ($a_to as $addr) { + if (!empty($addr['mailto'])) { + $a_recipients[] = format_email($addr['mailto']); + $a_names[] = $addr['name']; + } + } + + if (!empty($MESSAGE->headers->cc)) { + $a_cc = rcube_mime::decode_address_list($MESSAGE->headers->cc, null, true, $MESSAGE->headers->charset); + foreach ($a_cc as $addr) { + if (!empty($addr['mailto'])) { + $a_recipients[] = format_email($addr['mailto']); + $a_names[] = $addr['name']; + } + } + } + } + + $from_idx = null; + $found_idx = null; + $default_identity = 0; // default identity is always first on the list + + // Select identity + foreach ($identities as $idx => $ident) { + // use From header + if (in_array($compose_mode, array('draft', 'edit'))) { + if ($MESSAGE->headers->from == $ident['ident']) { + $from_idx = $idx; + break; + } + } + // reply to yourself + else if ($compose_mode == 'reply' && $MESSAGE->headers->from == $ident['ident']) { + $from_idx = $idx; + break; + } + // use replied message recipients + else if (($found = array_search($ident['email_ascii'], $a_recipients)) !== false) { + if ($found_idx === null) { + $found_idx = $idx; + } + // match identity name + if ($a_names[$found] && $ident['name'] && $a_names[$found] == $ident['name']) { + $from_idx = $idx; + break; + } + } + } + + // If matching by name+address doesn't found any matches, get first found address (identity) + if ($from_idx === null) { + $from_idx = $found_idx; + } + + // Try Return-Path + if ($from_idx === null && ($return_path = $MESSAGE->headers->others['return-path'])) { + foreach ($identities as $idx => $ident) { + if (strpos($return_path, str_replace('@', '=', $ident['email_ascii']).'@') !== false) { + $from_idx = $idx; + break; + } + } + } + + // Fallback using Delivered-To + if ($from_idx === null && ($delivered_to = $MESSAGE->headers->others['delivered-to'])) { + foreach ($identities as $idx => $ident) { + if (in_array($ident['email_ascii'], (array)$delivered_to)) { + $from_idx = $idx; + break; + } + } + } + + // Fallback using Envelope-To + if ($from_idx === null && ($envelope_to = $MESSAGE->headers->others['envelope-to'])) { + foreach ($identities as $idx => $ident) { + if (in_array($ident['email_ascii'], (array)$envelope_to)) { + $from_idx = $idx; + break; + } + } + } + + return $identities[$from_idx !== null ? $from_idx : $default_identity]; +} // Fixes some content-type names function rcmail_fix_mimetype($name) diff --git a/program/steps/mail/get.inc b/program/steps/mail/get.inc index 7b2f719c6..314a437e7 100644 --- a/program/steps/mail/get.inc +++ b/program/steps/mail/get.inc @@ -259,6 +259,18 @@ else if (strlen($pid = get_input_value('_part', RCUBE_INPUT_GET))) { $disposition = !empty($plugin['download']) ? 'attachment' : 'inline'; + // Workaround for nasty IE bug (#1488844) + // If Content-Disposition header contains string "attachment" e.g. in filename + // IE handles data as attachment not inline + if ($disposition == 'inline' && $browser->ie && $browser->ver < 9) { + $filename = str_ireplace('attachment', 'attach', $filename); + } + + // add filename extension if missing + if (!pathinfo($filename, PATHINFO_EXTENSION) && ($extensions = rcube_mime::get_mime_extensions($mimetype))) { + $filename .= '.' . $extensions[0]; + } + header("Content-Disposition: $disposition; filename=\"$filename\""); // handle tiff to jpeg conversion diff --git a/program/steps/mail/list.inc b/program/steps/mail/list.inc index b433f81fc..b8c3ee021 100644 --- a/program/steps/mail/list.inc +++ b/program/steps/mail/list.inc @@ -95,6 +95,7 @@ $OUTPUT->set_env('messagecount', $count); $OUTPUT->set_env('pagecount', $pages); $OUTPUT->set_env('threading', $threading); $OUTPUT->set_env('current_page', $count ? $RCMAIL->storage->get_page() : 1); +$OUTPUT->set_env('exists', $RCMAIL->storage->count($mbox_name, 'EXISTS')); $OUTPUT->command('set_rowcount', rcmail_get_messagecount_text($count), $mbox_name); $OUTPUT->command('set_mailboxname', rcmail_get_mailbox_name_text()); diff --git a/program/steps/mail/move_del.inc b/program/steps/mail/move_del.inc index da43b4000..3e2252683 100644 --- a/program/steps/mail/move_del.inc +++ b/program/steps/mail/move_del.inc @@ -38,7 +38,7 @@ if ($RCMAIL->action=='moveto' && !empty($_POST['_uid']) && strlen($_POST['_targe if (!$moved) { // send error message - if ($_POST['_from'] != 'show') + if ($_POST['_from'] != 'show') $OUTPUT->command('list_mailbox'); rcmail_display_server_error('errormoving'); $OUTPUT->send(); @@ -59,7 +59,7 @@ else if ($RCMAIL->action=='delete' && !empty($_POST['_uid'])) { if (!$del) { // send error message - if ($_POST['_from'] != 'show') + if ($_POST['_from'] != 'show') $OUTPUT->command('list_mailbox'); rcmail_display_server_error('errordeleting'); $OUTPUT->send(); @@ -111,6 +111,7 @@ else $OUTPUT->set_env('messagecount', $msg_count); $OUTPUT->set_env('current_page', $page); $OUTPUT->set_env('pagecount', $pages); + $OUTPUT->set_env('exists', $RCMAIL->storage->count($mbox, 'EXISTS', true)); // update mailboxlist $mbox = $RCMAIL->storage->get_folder(); @@ -144,5 +145,3 @@ else // send response $OUTPUT->send(); - - diff --git a/program/steps/mail/search.inc b/program/steps/mail/search.inc index db5424b3b..f9b8f9e67 100644 --- a/program/steps/mail/search.inc +++ b/program/steps/mail/search.inc @@ -143,5 +143,6 @@ else { $OUTPUT->set_env('search_request', $search_str ? $search_request : ''); $OUTPUT->set_env('messagecount', $count); $OUTPUT->set_env('pagecount', ceil($count/$RCMAIL->storage->get_pagesize())); +$OUTPUT->set_env('exists', $RCMAIL->storage->count($mbox_name, 'EXISTS')); $OUTPUT->command('set_rowcount', rcmail_get_messagecount_text($count, 1), $mbox); $OUTPUT->send(); diff --git a/program/steps/mail/sendmail.inc b/program/steps/mail/sendmail.inc index c26d774a2..36d850f8f 100644 --- a/program/steps/mail/sendmail.inc +++ b/program/steps/mail/sendmail.inc @@ -219,11 +219,11 @@ function rcmail_email_input_format($mailto, $count=false, $check=true) // address in brackets without name (do nothing) if (preg_match('/^<'.$email_regexp.'>$/', $item)) { $item = rcube_idn_to_ascii(trim($item, '<>')); - $result[] = '<' . $item . '>'; + $result[] = $item; // address without brackets and without name (add brackets) } else if (preg_match('/^'.$email_regexp.'$/', $item)) { $item = rcube_idn_to_ascii($item); - $result[] = '<' . $item . '>'; + $result[] = $item; // address with name (handle name) } else if (preg_match('/<*'.$email_regexp.'>*$/', $item, $matches)) { $address = $matches[0]; @@ -617,13 +617,12 @@ if (is_array($COMPOSE['attachments'])) $ctype = str_replace('image/pjpeg', 'image/jpeg', $attachment['mimetype']); // #1484914 $file = $attachment['data'] ? $attachment['data'] : $attachment['path']; - // .eml attachments send inline $MAIL_MIME->addAttachment($file, $ctype, $attachment['name'], ($attachment['data'] ? false : true), ($ctype == 'message/rfc822' ? '8bit' : 'base64'), - ($ctype == 'message/rfc822' ? 'inline' : 'attachment'), + 'attachment', '', '', '', $CONFIG['mime_param_folding'] ? 'quoted-printable' : NULL, $CONFIG['mime_param_folding'] == 2 ? 'quoted-printable' : NULL, diff --git a/skins/classic/includes/messagetoolbar.html b/skins/classic/includes/messagetoolbar.html index eebb55708..371c83fd9 100644 --- a/skins/classic/includes/messagetoolbar.html +++ b/skins/classic/includes/messagetoolbar.html @@ -27,7 +27,7 @@ <div id="forwardmenu" class="popupmenu"> <ul> - <li><roundcube:button command="forward" label="forwardinline" prop="sub" classAct="forwardlink active" class="forwardlink" /></li> + <li><roundcube:button command="forward-inline" label="forwardinline" prop="sub" classAct="forwardlink active" class="forwardlink" /></li> <li><roundcube:button command="forward-attachment" label="forwardattachment" prop="sub" classAct="forwardattachmentlink active" class="forwardattachmentlink" /></li> <roundcube:container name="forwardmenu" id="forwardmenu" /> </ul> diff --git a/skins/classic/mail.css b/skins/classic/mail.css index 85c53d569..98325d9d2 100644 --- a/skins/classic/mail.css +++ b/skins/classic/mail.css @@ -1070,6 +1070,17 @@ table.headers-table background-color: #F4F4F4; } +#messagebody table.headers-table +{ + margin: 16px 6px 6px 6px; +} + +div.message-partheaders + div.message-part +{ + border-top: 0; + padding-top: 4px; +} + table.headers-table tr td { font-size: 11px; diff --git a/skins/larry/includes/header.html b/skins/larry/includes/header.html index 4be475bac..2620fafe5 100644 --- a/skins/larry/includes/header.html +++ b/skins/larry/includes/header.html @@ -1,13 +1,15 @@ <div id="header"> <div id="topline"> <div class="topleft"> + <roundcube:container name="topline-left" id="topline-left" /> <roundcube:button name="about" type="link" label="about" class="about-link" onclick="UI.show_about(this);return false" /> <roundcube:if condition="config:support_url" /> <a href="<roundcube:var name='config:support_url' />" target="_blank" class="support-link" id="supportlink"><roundcube:label name="support" /></a> <roundcube:endif /> </div> - + <roundcube:container name="topline-center" id="topline-center" /> <div class="topright"> + <roundcube:container name="topline-right" id="topline-right" /> <roundcube:if condition="!env:extwin" /> <span class="username"><roundcube:object name="username" /></span> <roundcube:button command="logout" label="logout" class="button-logout" /> @@ -15,8 +17,6 @@ <roundcube:button command="close" label="close" class="closelink" /> <roundcube:endif /> </div> - - <roundcube:container name="topline" id="topline" /> </div> <roundcube:if condition="!env:extwin" /> diff --git a/skins/larry/includes/mailtoolbar.html b/skins/larry/includes/mailtoolbar.html index 31472cbb3..8efcc762c 100644 --- a/skins/larry/includes/mailtoolbar.html +++ b/skins/larry/includes/mailtoolbar.html @@ -17,7 +17,7 @@ <div id="forwardmenu" class="popupmenu"> <ul class="toolbarmenu"> - <li><roundcube:button command="forward" label="forwardinline" prop="sub" classAct="forwardlink active" class="forwardlink" /></li> + <li><roundcube:button command="forward-inline" label="forwardinline" prop="sub" classAct="forwardlink active" class="forwardlink" /></li> <li><roundcube:button command="forward-attachment" label="forwardattachment" prop="sub" classAct="forwardattachmentlink active" class="forwardattachmentlink" /></li> <roundcube:container name="forwardmenu" id="forwardmenu" /> </ul> diff --git a/skins/larry/mail.css b/skins/larry/mail.css index 6512e52a3..57d968fb4 100644 --- a/skins/larry/mail.css +++ b/skins/larry/mail.css @@ -729,7 +729,7 @@ h2.subject { h3.subject { font-size: 14px; - margin: 0 8em 0 0; + margin: 0 12em 0 0; padding: 8px 8px 4px 8px; white-space: nowrap; overflow: hidden; @@ -938,7 +938,6 @@ div.hide-headers { position: absolute; top: 8px; right: 8px; - width: 20em; text-align: right; white-space: nowrap; } @@ -999,12 +998,14 @@ div.hide-headers { } div.message-part, -div.message-htmlpart { - padding: 0 2px 10px 2px; +div.message-htmlpart, +div.message-partheaders { + padding: 10px 2px; border-top: 1px solid #ccc; } #messagebody div:first-child { + padding-top: 0; border-top: 0; } @@ -1045,6 +1046,24 @@ div.message-part blockquote blockquote blockquote { border-right: 2px solid #bb0000; } +div.message-partheaders { + margin-top: 8px; + padding: 8px 0; +} + +div.message-partheaders .headers-table { + width: 100%; +} + +div.message-partheaders .headers-table td.header-title { + width: auto; + padding-left: 0; +} + +div.message-partheaders .headers-table td.header { + width: 88%; +} + #messagebody > hr { color: #fff; background: #fff; diff --git a/skins/larry/styles.css b/skins/larry/styles.css index b4a4d81e1..f3b02779e 100644 --- a/skins/larry/styles.css +++ b/skins/larry/styles.css @@ -510,6 +510,7 @@ a.iconlink.upload { border-bottom: 1px solid #4f4f4f; padding: 2px 0 2px 10px; color: #aaa; + text-align: center; } #topnav { diff --git a/skins/larry/templates/message.html b/skins/larry/templates/message.html index f7e188f5f..04381f5e9 100644 --- a/skins/larry/templates/message.html +++ b/skins/larry/templates/message.html @@ -64,7 +64,7 @@ </div> <div class="leftcol"> <roundcube:object name="messageObjects" id="message-objects" /> -<roundcube:object name="messageBody" id="messagebody" /> +<roundcube:object name="messageBody" id="messagebody" headertableclass="message-partheaders headers-table" /> </div> </div> diff --git a/skins/larry/templates/messagepreview.html b/skins/larry/templates/messagepreview.html index 9eb4d1e00..aef282ac9 100644 --- a/skins/larry/templates/messagepreview.html +++ b/skins/larry/templates/messagepreview.html @@ -47,7 +47,7 @@ </div> <div class="leftcol"> <roundcube:object name="messageObjects" id="message-objects" /> -<roundcube:object name="messageBody" id="messagebody" /> +<roundcube:object name="messageBody" id="messagebody" headertableclass="message-partheaders headers-table" /> </div> </div> diff --git a/tests/MailFunc.php b/tests/MailFunc.php index 967277c2a..4d4250c22 100644 --- a/tests/MailFunc.php +++ b/tests/MailFunc.php @@ -97,6 +97,20 @@ class MailFunc extends PHPUnit_Framework_TestCase } /** + * Test the elimination of some XSS vulnerabilities + */ + function test_html_xss3() + { + // #1488850 + $html = '<p><a href="data:text/html,<script>alert(document.cookie)</script>">Firefox</a>' + .'<a href="vbscript:alert(document.cookie)">Internet Explorer</a></p>'; + $washed = rcmail_wash_html($html, array('safe' => true), array()); + + $this->assertNotRegExp('/data:text/', $washed, "Remove data:text/html links"); + $this->assertNotRegExp('/vbscript:/', $washed, "Remove vbscript: links"); + } + + /** * Test washtml class on non-unicode characters (#1487813) */ function test_washtml_utf8() |