diff options
-rw-r--r-- | CHANGELOG | 1 | ||||
-rw-r--r-- | config/main.inc.php.dist | 3 | ||||
-rw-r--r-- | program/localization/en_US/messages.inc | 1 | ||||
-rw-r--r-- | program/localization/pl_PL/messages.inc | 1 | ||||
-rw-r--r-- | program/steps/mail/sendmail.inc | 31 |
5 files changed, 28 insertions, 9 deletions
@@ -1,6 +1,7 @@ CHANGELOG RoundCube Webmail =========================== +- Added optional (max_recipients) support to restrict total number of recipients per message (#1484542) - Re-organize editor buttons, add blockquote and search buttons - Make possible to write inside or after a quoted html message (#1485476) - Fix bugs on unexpected IMAP connection close (#1486190, #1486270) diff --git a/config/main.inc.php.dist b/config/main.inc.php.dist index 75110e45a..6be1f1e5f 100644 --- a/config/main.inc.php.dist +++ b/config/main.inc.php.dist @@ -180,6 +180,9 @@ $rcmail_config['password_charset'] = 'ISO-8859-1'; // How many seconds must pass between emails sent by a user $rcmail_config['sendmail_delay'] = 0; +// Maximum number of recipients per message. Default: 0 (no limit) +$rcmail_config['max_recipients'] = 0; + // add this user-agent to message headers when sending $rcmail_config['useragent'] = 'RoundCube Webmail/'.RCMAIL_VERSION; diff --git a/program/localization/en_US/messages.inc b/program/localization/en_US/messages.inc index f87cfb579..1dfdb96ba 100644 --- a/program/localization/en_US/messages.inc +++ b/program/localization/en_US/messages.inc @@ -111,5 +111,6 @@ $messages['smtptoerror'] = 'SMTP Error ($code): Failed to add recipient "$to"'; $messages['smtprecipientserror'] = 'SMTP Error: Unable to parse recipients list'; $messages['smtperror'] = 'SMTP Error: $msg'; $messages['emailformaterror'] = 'Incorrect e-mail address: $email'; +$messages['toomanyrecipients'] = 'Too many recipients. Reduce the number of recipients to $max.'; ?> diff --git a/program/localization/pl_PL/messages.inc b/program/localization/pl_PL/messages.inc index 250e3e699..796bad26b 100644 --- a/program/localization/pl_PL/messages.inc +++ b/program/localization/pl_PL/messages.inc @@ -114,5 +114,6 @@ $messages['smtperror'] = 'Błąd SMTP: $msg'; $messages['invalidrequest'] = 'Błędne żądanie! Nie zapisano danych.'; $messages['emailformaterror'] = 'Błędny adres e-mail: $email'; $messages['notuploadedwarning'] = 'Nie wszystkie załączniki zostały pobrane. Poczekaj lub anuluj pobieranie.'; +$messages['toomanyrecipients'] = 'Zbyt wielu odbiorców. Zmniejsz ich liczbę do $max.'; ?> diff --git a/program/steps/mail/sendmail.inc b/program/steps/mail/sendmail.inc index b89edc473..e9d215003 100644 --- a/program/steps/mail/sendmail.inc +++ b/program/steps/mail/sendmail.inc @@ -149,10 +149,10 @@ function rcmail_attach_emoticons(&$mime_message) return $body; } -// parse email address input -function rcmail_email_input_format($mailto) +// parse email address input (and count addresses) +function rcmail_email_input_format($mailto, $count=false) { - global $EMAIL_FORMAT_ERROR; + global $EMAIL_FORMAT_ERROR, $RECIPIENT_COUNT; $regexp = array('/[,;]\s*[\r\n]+/', '/[\r\n]+/', '/[,;]\s*$/m', '/;/', '/(\S{1})(<\S+@\S+>)/U'); $replace = array(', ', ', ', '', ',', '\\1 \\2'); @@ -197,6 +197,10 @@ function rcmail_email_input_format($mailto) } } + if ($count) { + $RECIPIENT_COUNT += count($result); + } + return implode(', ', $result); } @@ -212,10 +216,11 @@ $input_charset = $OUTPUT->get_charset(); $message_charset = isset($_POST['_charset']) ? $_POST['_charset'] : $input_charset; $EMAIL_FORMAT_ERROR = NULL; +$RECIPIENT_COUNT = 0; -$mailto = rcmail_email_input_format(get_input_value('_to', RCUBE_INPUT_POST, TRUE, $message_charset)); -$mailcc = rcmail_email_input_format(get_input_value('_cc', RCUBE_INPUT_POST, TRUE, $message_charset)); -$mailbcc = rcmail_email_input_format(get_input_value('_bcc', RCUBE_INPUT_POST, TRUE, $message_charset)); +$mailto = rcmail_email_input_format(get_input_value('_to', RCUBE_INPUT_POST, TRUE, $message_charset), true); +$mailcc = rcmail_email_input_format(get_input_value('_cc', RCUBE_INPUT_POST, TRUE, $message_charset), true); +$mailbcc = rcmail_email_input_format(get_input_value('_bcc', RCUBE_INPUT_POST, TRUE, $message_charset), true); if ($EMAIL_FORMAT_ERROR) { $OUTPUT->show_message('emailformaterror', 'error', array('email' => $EMAIL_FORMAT_ERROR)); @@ -297,8 +302,17 @@ if (!empty($mailcc)) if (!empty($mailbcc)) $headers['Bcc'] = $mailbcc; -if (!empty($identity_arr['bcc'])) +if (!empty($identity_arr['bcc'])) { $headers['Bcc'] = ($headers['Bcc'] ? $headers['Bcc'].', ' : '') . $identity_arr['bcc']; + $RECIPIENT_COUNT ++; +} + +if (($max_recipients = (int) $RCMAIL->config->get('max_recipients')) > 0) { + if ($RECIPIENT_COUNT > $max_recipients) { + $OUTPUT->show_message('toomanyrecipients', 'error', array('max' => $max_recipients)); + $OUTPUT->send('iframe'); + } +} // add subject $headers['Subject'] = trim(get_input_value('_subject', RCUBE_INPUT_POST, TRUE, $message_charset)); @@ -359,8 +373,7 @@ else $headers = $data['headers']; -$isHtmlVal = strtolower(get_input_value('_is_html', RCUBE_INPUT_POST)); -$isHtml = ($isHtmlVal == "1"); +$isHtml = (bool) get_input_value('_is_html', RCUBE_INPUT_POST); // fetch message body $message_body = get_input_value('_message', RCUBE_INPUT_POST, TRUE, $message_charset); |