summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--CHANGELOG1
-rw-r--r--config/main.inc.php.dist3
-rw-r--r--program/localization/en_US/messages.inc1
-rw-r--r--program/localization/pl_PL/messages.inc1
-rw-r--r--program/steps/mail/sendmail.inc31
5 files changed, 28 insertions, 9 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 11ce596cf..673f65f5f 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
CHANGELOG RoundCube Webmail
===========================
+- Added optional (max_recipients) support to restrict total number of recipients per message (#1484542)
- Re-organize editor buttons, add blockquote and search buttons
- Make possible to write inside or after a quoted html message (#1485476)
- Fix bugs on unexpected IMAP connection close (#1486190, #1486270)
diff --git a/config/main.inc.php.dist b/config/main.inc.php.dist
index 75110e45a..6be1f1e5f 100644
--- a/config/main.inc.php.dist
+++ b/config/main.inc.php.dist
@@ -180,6 +180,9 @@ $rcmail_config['password_charset'] = 'ISO-8859-1';
// How many seconds must pass between emails sent by a user
$rcmail_config['sendmail_delay'] = 0;
+// Maximum number of recipients per message. Default: 0 (no limit)
+$rcmail_config['max_recipients'] = 0;
+
// add this user-agent to message headers when sending
$rcmail_config['useragent'] = 'RoundCube Webmail/'.RCMAIL_VERSION;
diff --git a/program/localization/en_US/messages.inc b/program/localization/en_US/messages.inc
index f87cfb579..1dfdb96ba 100644
--- a/program/localization/en_US/messages.inc
+++ b/program/localization/en_US/messages.inc
@@ -111,5 +111,6 @@ $messages['smtptoerror'] = 'SMTP Error ($code): Failed to add recipient "$to"';
$messages['smtprecipientserror'] = 'SMTP Error: Unable to parse recipients list';
$messages['smtperror'] = 'SMTP Error: $msg';
$messages['emailformaterror'] = 'Incorrect e-mail address: $email';
+$messages['toomanyrecipients'] = 'Too many recipients. Reduce the number of recipients to $max.';
?>
diff --git a/program/localization/pl_PL/messages.inc b/program/localization/pl_PL/messages.inc
index 250e3e699..796bad26b 100644
--- a/program/localization/pl_PL/messages.inc
+++ b/program/localization/pl_PL/messages.inc
@@ -114,5 +114,6 @@ $messages['smtperror'] = 'Błąd SMTP: $msg';
$messages['invalidrequest'] = 'Błędne żądanie! Nie zapisano danych.';
$messages['emailformaterror'] = 'Błędny adres e-mail: $email';
$messages['notuploadedwarning'] = 'Nie wszystkie załączniki zostały pobrane. Poczekaj lub anuluj pobieranie.';
+$messages['toomanyrecipients'] = 'Zbyt wielu odbiorców. Zmniejsz ich liczbę do $max.';
?>
diff --git a/program/steps/mail/sendmail.inc b/program/steps/mail/sendmail.inc
index b89edc473..e9d215003 100644
--- a/program/steps/mail/sendmail.inc
+++ b/program/steps/mail/sendmail.inc
@@ -149,10 +149,10 @@ function rcmail_attach_emoticons(&$mime_message)
return $body;
}
-// parse email address input
-function rcmail_email_input_format($mailto)
+// parse email address input (and count addresses)
+function rcmail_email_input_format($mailto, $count=false)
{
- global $EMAIL_FORMAT_ERROR;
+ global $EMAIL_FORMAT_ERROR, $RECIPIENT_COUNT;
$regexp = array('/[,;]\s*[\r\n]+/', '/[\r\n]+/', '/[,;]\s*$/m', '/;/', '/(\S{1})(<\S+@\S+>)/U');
$replace = array(', ', ', ', '', ',', '\\1 \\2');
@@ -197,6 +197,10 @@ function rcmail_email_input_format($mailto)
}
}
+ if ($count) {
+ $RECIPIENT_COUNT += count($result);
+ }
+
return implode(', ', $result);
}
@@ -212,10 +216,11 @@ $input_charset = $OUTPUT->get_charset();
$message_charset = isset($_POST['_charset']) ? $_POST['_charset'] : $input_charset;
$EMAIL_FORMAT_ERROR = NULL;
+$RECIPIENT_COUNT = 0;
-$mailto = rcmail_email_input_format(get_input_value('_to', RCUBE_INPUT_POST, TRUE, $message_charset));
-$mailcc = rcmail_email_input_format(get_input_value('_cc', RCUBE_INPUT_POST, TRUE, $message_charset));
-$mailbcc = rcmail_email_input_format(get_input_value('_bcc', RCUBE_INPUT_POST, TRUE, $message_charset));
+$mailto = rcmail_email_input_format(get_input_value('_to', RCUBE_INPUT_POST, TRUE, $message_charset), true);
+$mailcc = rcmail_email_input_format(get_input_value('_cc', RCUBE_INPUT_POST, TRUE, $message_charset), true);
+$mailbcc = rcmail_email_input_format(get_input_value('_bcc', RCUBE_INPUT_POST, TRUE, $message_charset), true);
if ($EMAIL_FORMAT_ERROR) {
$OUTPUT->show_message('emailformaterror', 'error', array('email' => $EMAIL_FORMAT_ERROR));
@@ -297,8 +302,17 @@ if (!empty($mailcc))
if (!empty($mailbcc))
$headers['Bcc'] = $mailbcc;
-if (!empty($identity_arr['bcc']))
+if (!empty($identity_arr['bcc'])) {
$headers['Bcc'] = ($headers['Bcc'] ? $headers['Bcc'].', ' : '') . $identity_arr['bcc'];
+ $RECIPIENT_COUNT ++;
+}
+
+if (($max_recipients = (int) $RCMAIL->config->get('max_recipients')) > 0) {
+ if ($RECIPIENT_COUNT > $max_recipients) {
+ $OUTPUT->show_message('toomanyrecipients', 'error', array('max' => $max_recipients));
+ $OUTPUT->send('iframe');
+ }
+}
// add subject
$headers['Subject'] = trim(get_input_value('_subject', RCUBE_INPUT_POST, TRUE, $message_charset));
@@ -359,8 +373,7 @@ else
$headers = $data['headers'];
-$isHtmlVal = strtolower(get_input_value('_is_html', RCUBE_INPUT_POST));
-$isHtml = ($isHtmlVal == "1");
+$isHtml = (bool) get_input_value('_is_html', RCUBE_INPUT_POST);
// fetch message body
$message_body = get_input_value('_message', RCUBE_INPUT_POST, TRUE, $message_charset);