summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--CHANGELOG7
-rw-r--r--plugins/acl/localization/de_DE.inc83
-rw-r--r--plugins/http_authentication/http_authentication.php5
-rw-r--r--plugins/http_authentication/logout.html29
-rw-r--r--plugins/newmail_notifier/newmail_notifier.js8
-rw-r--r--plugins/newmail_notifier/newmail_notifier.php2
-rw-r--r--program/include/rcube_imap_generic.php14
-rw-r--r--program/include/rcube_ldap.php33
-rwxr-xr-xprogram/include/rcube_template.php2
-rw-r--r--program/js/app.js24
-rw-r--r--program/steps/addressbook/save.inc6
-rw-r--r--program/steps/addressbook/upload_photo.inc10
-rw-r--r--program/steps/mail/compose.inc48
13 files changed, 217 insertions, 54 deletions
diff --git a/CHANGELOG b/CHANGELOG
index ca034c1c0..bffffd612 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,11 +1,16 @@
CHANGELOG Roundcube Webmail
===========================
+- Fixed selecting identity on reply/forward (#1487981)
+- Fix image type check for contact photo uploads
+
+RELEASE 0.6-beta
+----------------
+- Added unique connection identifier to IMAP debug messages
- Add option to hide selected LDAP addressbook on the list
- Add client-side checking of uploaded files size
- Add newlines between organization, department, jobtitle (#1488028)
- Recalculate date when replying to a message and localize the cite header (#1487675)
-- Fix XSS vulnerability in UI messages (#1488030)
- Fix handling of email addresses with quoted local part (#1487939)
- Fix EOL character in vCard exports (#1487873)
- Added optional "multithreading" autocomplete feature
diff --git a/plugins/acl/localization/de_DE.inc b/plugins/acl/localization/de_DE.inc
new file mode 100644
index 000000000..92c7e4290
--- /dev/null
+++ b/plugins/acl/localization/de_DE.inc
@@ -0,0 +1,83 @@
+<?php
+
+$labels['sharing'] = 'Freigabe';
+$labels['myrights'] = 'Zugriffsrechte';
+$labels['username'] = 'Benutzer:';
+$labels['advanced'] = 'erweiterter Modus';
+$labels['newuser'] = 'Eintrag hinzufügen';
+$labels['actions'] = 'Zugriffsrechte Aktionen...';
+$labels['anyone'] = 'Alle Benutzer (anyone)';
+$labels['anonymous'] = 'Gäste (anonymous)';
+$labels['identifier'] = 'Bezeichnung';
+
+$labels['acll'] = 'Ordner sichtbar';
+$labels['aclr'] = 'Nachrichten lesen';
+$labels['acls'] = 'Lesestatus ändern';
+$labels['aclw'] = 'Flags schreiben';
+$labels['acli'] = 'Nachrichten Hinzufügen';
+$labels['aclp'] = 'Nachrichten Senden an';
+$labels['aclc'] = 'Unterordner erstellen';
+$labels['aclk'] = 'Unterordner erstellen';
+$labels['acld'] = 'Nachrichten als gelöscht markieren';
+$labels['aclt'] = 'Nachrichten als gelöscht markieren';
+$labels['acle'] = 'Nachrichten endgültig Löschen';
+$labels['aclx'] = 'Ordner löschen';
+$labels['acla'] = 'Zugriffsrechte Verwalten';
+
+$labels['aclfull'] = 'Vollzugriff';
+$labels['aclother'] = 'Andere';
+$labels['aclread'] = 'Lesen';
+$labels['aclwrite'] = 'Schreiben';
+$labels['acldelete'] = 'Löschen';
+
+$labels['shortacll'] = 'Sichtbar';
+$labels['shortaclr'] = 'Lesen';
+$labels['shortacls'] = 'Lesestatus';
+$labels['shortaclw'] = 'Flags ändern';
+$labels['shortacli'] = 'Hinzufügen';
+$labels['shortaclp'] = 'Senden an';
+$labels['shortaclc'] = 'Erstellen';
+$labels['shortaclk'] = 'Erstellen';
+$labels['shortacld'] = 'Löschen';
+$labels['shortaclt'] = 'Löschen';
+$labels['shortacle'] = 'endgültig löschen';
+$labels['shortaclx'] = 'Ordner löschen';
+$labels['shortacla'] = 'Verwalten';
+
+$labels['shortaclother'] = 'Andere';
+$labels['shortaclread'] = 'Lesen';
+$labels['shortaclwrite'] = 'Schreiben';
+$labels['shortacldelete'] = 'Löschen';
+
+$labels['longacll'] = 'Der Ordner ist sichtbar und kann abonniert werden';
+$labels['longaclr'] = 'Nachrichten im Ordner können gelesen werden';
+$labels['longacls'] = 'Der Lesestatus von Nachrichten kann geändert werden';
+$labels['longaclw'] = 'Alle Nachrichten-Flags und Schlüsselwörter außer "Gelesen" und "Gelöscht" können geändert werden';
+$labels['longacli'] = 'Nachrichten können in diesen Ordner kopiert oder verschoben werden';
+$labels['longaclp'] = 'Nachrichten können an diesen Ordner gesendet werden';
+$labels['longaclc'] = 'Unterordner können in diesem Ordner erstellt oder umbenannt werden';
+$labels['longaclk'] = 'Unterordner können in diesem Ordner erstellt oder umbenannt werden';
+$labels['longacld'] = 'Der "gelöscht" Status von Nachrichten kann geändert werden';
+$labels['longaclt'] = 'Der "gelöscht" Status von Nachrichten kann geändert werden';
+$labels['longacle'] = 'Als "gelöscht" markiert Nachrichten können gelöscht werden.';
+$labels['longaclx'] = 'Der Ordner kann gelöscht oder umbenannt werden';
+$labels['longacla'] = 'Die Zugriffsrechte des Ordners können geändert werden';
+
+$labels['longaclfull'] = 'Vollzugriff inklusive Ordner-Verwaltung';
+$labels['longaclread'] = 'Der Ordnerinhalt kann gelesen werden';
+$labels['longaclwrite'] = 'Nachrichten können markiert, an den Ordner gesendet und in den Ordner kopiert oder verschoben werden';
+$labels['longacldelete'] = 'Nachrichten können gelöscht werden';
+
+$messages['deleting'] = 'Zugriffsrechte werden entzogen...';
+$messages['saving'] = 'Zugriffsrechte werden gewährt...';
+$messages['updatesuccess'] = 'Zugriffsrechte erfolgreich geändert';
+$messages['deletesuccess'] = 'Zugriffsrechte erfolgreich entzogen';
+$messages['createsuccess'] = 'Zugriffsrechte erfolgreich gewährt';
+$messages['updateerror'] = 'Zugriffsrechte konnten nicht geändert werden';
+$messages['deleteerror'] = 'Zugriffsrechte konnten nicht entzogen werden';
+$messages['createerror'] = 'Zugriffsrechte konnten nicht gewährt werden';
+$messages['deleteconfirm'] = 'Sind Sie sicher, daß Sie die Zugriffsrechte den ausgewählten Benutzern entziehen möchten?';
+$messages['norights'] = 'Es wurden keine Zugriffsrechte ausgewählt!';
+$messages['nouser'] = 'Es wurde kein Benutzer ausgewählt!';
+
+?>
diff --git a/plugins/http_authentication/http_authentication.php b/plugins/http_authentication/http_authentication.php
index 296ee7cc2..fa074f09a 100644
--- a/plugins/http_authentication/http_authentication.php
+++ b/plugins/http_authentication/http_authentication.php
@@ -9,8 +9,7 @@
* // redirect the client to this URL after logout. This page is then responsible to clear HTTP auth
* $rcmail_config['logout_url'] = 'http://server.tld/logout.html';
*
- * see http://stackoverflow.com/questions/31326/is-there-a-browser-equivalent-to-ies-clearauthenticationcache
- * about how HTTP auth can be cleared
+ * See logout.html (in this directory) for an example how HTTP auth can be cleared.
*
* @version 1.4
* @author Thomas Bruederli
@@ -54,7 +53,7 @@ class http_authentication extends rcube_plugin
return $args;
}
-
+
function logout($args)
{
// redirect to configured URL in order to clear HTTP auth credentials
diff --git a/plugins/http_authentication/logout.html b/plugins/http_authentication/logout.html
new file mode 100644
index 000000000..0a78a62f2
--- /dev/null
+++ b/plugins/http_authentication/logout.html
@@ -0,0 +1,29 @@
+<!DOCTYPE html>
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<title>Logout</title>
+<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.6/jquery.min.js"></script>
+<script type="text/javascript">
+
+// as seen on http://stackoverflow.com/questions/31326/is-there-a-browser-equivalent-to-ies-clearauthenticationcache
+$(document).ready(function(){
+ if (document.all && document.execCommand) {
+ document.execCommand("ClearAuthenticationCache", "false");
+ }
+ else {
+ $.ajax({
+ url: location.href,
+ type: 'POST',
+ username: '__LOGOUT__',
+ password: '***********'
+ });
+ }
+});
+
+</script>
+</head>
+<body>
+<h1>You've successully been logged out!</h1>
+
+</body> \ No newline at end of file
diff --git a/plugins/newmail_notifier/newmail_notifier.js b/plugins/newmail_notifier/newmail_notifier.js
index 6e1ae9fbb..6afd66aee 100644
--- a/plugins/newmail_notifier/newmail_notifier.js
+++ b/plugins/newmail_notifier/newmail_notifier.js
@@ -1,7 +1,7 @@
/**
* New Mail Notifier plugin script
*
- * @version 0.1
+ * @version 0.2
* @author Aleksander Machniak <alec@alec.pl>
*/
@@ -50,14 +50,16 @@ function newmail_notifier_basic()
// Sound notification
function newmail_notifier_sound()
{
+ var elem, src = 'plugins/newmail_notifier/sound.wav';
+
// HTML5
try {
- var elem = $('<audio src="success.wav" />');
+ elem = $('<audio src="' + src + '" />');
elem.get(0).play();
}
// old method
catch (e) {
- var elem = $('<embed id="sound" src="success.wav" hidden=true autostart=true loop=false />');
+ elem = $('<embed id="sound" src="' + src + '" hidden=true autostart=true loop=false />');
elem.appendTo($('body'));
window.setTimeout("$('#sound').remove()", 5000);
}
diff --git a/plugins/newmail_notifier/newmail_notifier.php b/plugins/newmail_notifier/newmail_notifier.php
index 679072c7a..a72d728dc 100644
--- a/plugins/newmail_notifier/newmail_notifier.php
+++ b/plugins/newmail_notifier/newmail_notifier.php
@@ -7,7 +7,7 @@
* 1. Basic - focus browser window and change favicon
* 2. Sound - play wav file
*
- * @version 0.1
+ * @version 0.2
* @author Aleksander Machniak <alec@alec.pl>
*
*
diff --git a/program/include/rcube_imap_generic.php b/program/include/rcube_imap_generic.php
index e3c987cd3..102845ed0 100644
--- a/program/include/rcube_imap_generic.php
+++ b/program/include/rcube_imap_generic.php
@@ -105,6 +105,7 @@ class rcube_imap_generic
private $prefs;
private $cmd_tag;
private $cmd_num = 0;
+ private $resourceid;
private $_debug = false;
private $_debug_handler = false;
@@ -734,8 +735,13 @@ class rcube_imap_generic
$line = trim(fgets($this->fp, 8192));
- if ($this->_debug && $line) {
- $this->debug('S: '. $line);
+ if ($this->_debug) {
+ // set connection identifier for debug output
+ preg_match('/#([0-9]+)/', (string)$this->fp, $m);
+ $this->resourceid = strtoupper(substr(md5($m[1].$this->user.microtime()), 0, 4));
+
+ if ($line)
+ $this->debug('S: '. $line);
}
// Connected to wrong port or connection error?
@@ -3361,6 +3367,10 @@ class rcube_imap_generic
*/
private function debug($message)
{
+ if ($this->resourceid) {
+ $message = sprintf('[%s] %s', $this->resourceid, $message);
+ }
+
if ($this->_debug_handler) {
call_user_func_array($this->_debug_handler, array(&$this, $message));
} else {
diff --git a/program/include/rcube_ldap.php b/program/include/rcube_ldap.php
index c363dc572..bf978a7ff 100644
--- a/program/include/rcube_ldap.php
+++ b/program/include/rcube_ldap.php
@@ -431,34 +431,41 @@ class rcube_ldap extends rcube_addressbook
// we have a search result resource
if ($this->ldap_result && $this->result->count > 0)
{
+ // sorting still on the ldap server
if ($this->sort_col && $this->prop['scope'] !== 'base' && !$this->vlv_active)
ldap_sort($this->conn, $this->ldap_result, $this->sort_col);
+ // start and end of the page
$start_row = $this->vlv_active ? 0 : $this->result->first;
$start_row = $subset < 0 ? $start_row + $this->page_size + $subset : $start_row;
$last_row = $this->result->first + $this->page_size;
$last_row = $subset != 0 ? $start_row + abs($subset) : $last_row;
+ // get all entries from the ldap server
$entries = ldap_get_entries($this->conn, $this->ldap_result);
- for ($i = $start_row; $i < min($entries['count'], $last_row); $i++)
- $this->result->add($this->_ldap2result($entries[$i]));
- }
- // temp hack for filtering group members
- if ($this->groups and $this->group_id)
- {
- $result = new rcube_result_set();
- while ($record = $this->result->iterate())
+ // filtering for group members
+ if ($this->groups and $this->group_id)
{
- if ($this->group_members[$record['ID']])
+ $count = 0;
+ $members = array();
+ foreach ($entries as $entry)
{
- $result->add($record);
- $result->count++;
+ if ($this->group_members[base64_encode($entry['dn'])])
+ {
+ $members[] = $entry;
+ $count++;
+ }
}
+ $entries = $members;
+ $entries['count'] = $count;
+ $this->result->count = $count;
}
- $this->result = $result;
- }
+ // filter entries for this page
+ for ($i = $start_row; $i < min($entries['count'], $last_row); $i++)
+ $this->result->add($this->_ldap2result($entries[$i]));
+ }
return $this->result;
}
diff --git a/program/include/rcube_template.php b/program/include/rcube_template.php
index f5c741fc5..c4dd73b23 100755
--- a/program/include/rcube_template.php
+++ b/program/include/rcube_template.php
@@ -434,7 +434,7 @@ class rcube_template extends rcube_html_page
if ($write) {
// add debug console
- if ($this->config['debug_level'] & 8) {
+ if ($realname != 'error' && ($this->config['debug_level'] & 8)) {
$this->add_footer('<div id="console" style="position:absolute;top:5px;left:5px;width:405px;padding:2px;background:white;z-index:9000;display:none">
<a href="#toggle" onclick="con=$(\'#dbgconsole\');con[con.is(\':visible\')?\'hide\':\'show\']();return false">console</a>
<textarea name="console" id="dbgconsole" rows="20" cols="40" wrap="off" style="display:none;width:400px;border:none;font-size:10px" spellcheck="false"></textarea></div>'
diff --git a/program/js/app.js b/program/js/app.js
index d15950d36..bbb14e7ad 100644
--- a/program/js/app.js
+++ b/program/js/app.js
@@ -402,6 +402,10 @@ function rcube_webmail()
break;
}
+ // prevent from form submit with Enter key in file input fields
+ if (bw.ie)
+ $('input[type=file]').keydown(function(e) { if (e.keyCode == '13') e.preventDefault(); });
+
// flag object as complete
this.loaded = true;
@@ -3997,12 +4001,19 @@ function rcube_webmail()
};
// update a contact record in the list
- this.update_contact_row = function(cid, cols_arr, newcid)
+ this.update_contact_row = function(cid, cols_arr, newcid, source)
{
var c, row, list = this.contact_list;
cid = String(cid).replace(this.identifier_expr, '_');
+ // when in searching mode, concat cid with the source name
+ if (!list.rows[cid]) {
+ cid = cid+'-'+source;
+ if (newcid)
+ newcid = newcid+'-'+source;
+ }
+
if (list.rows[cid] && (row = list.rows[cid].obj)) {
for (c=0; c<cols_arr.length; c++)
if (row.cells[c])
@@ -5833,11 +5844,12 @@ function rcube_webmail()
// handle upload errors, parsing iframe content in onload
$(frame_name).bind('load', {ts:ts}, onload);
- form.target = frame_name;
- form.action = this.url(action, { _id:this.env.compose_id||'', _uploadid:ts });
- form.setAttribute('method', 'POST');
- form.setAttribute('enctype', 'multipart/form-data');
- form.submit();
+ $(form).attr({
+ target: frame_name,
+ action: this.url(action, { _id:this.env.compose_id||'', _uploadid:ts }),
+ method: 'POST'})
+ .attr(form.encoding ? 'encoding' : 'enctype', 'multipart/form-data')
+ .submit();
return frame_name;
};
diff --git a/program/steps/addressbook/save.inc b/program/steps/addressbook/save.inc
index c463bf7fe..ddbd630ef 100644
--- a/program/steps/addressbook/save.inc
+++ b/program/steps/addressbook/save.inc
@@ -104,12 +104,13 @@ if (isset($a_record['photo'])) {
$RCMAIL->session->remove('contacts');
}
+$source = get_input_value('_source', RCUBE_INPUT_GPC);
// update an existing contact
if (!empty($cid))
{
$plugin = $RCMAIL->plugins->exec_hook('contact_update',
- array('id' => $cid, 'record' => $a_record, 'source' => get_input_value('_source', RCUBE_INPUT_GPC)));
+ array('id' => $cid, 'record' => $a_record, 'source' => $source));
$a_record = $plugin['record'];
if (!$plugin['abort'])
@@ -136,7 +137,7 @@ if (!empty($cid))
$a_js_cols[] = Q((string)$record[$col]);
// update the changed col in list
- $OUTPUT->command('parent.update_contact_row', $cid, $a_js_cols, $newcid);
+ $OUTPUT->command('parent.update_contact_row', $cid, $a_js_cols, $newcid, $source);
// show confirmation
$OUTPUT->show_message('successfullysaved', 'confirmation', null, false);
@@ -152,7 +153,6 @@ if (!empty($cid))
// insert a new contact
else {
- $source = get_input_value('_source', RCUBE_INPUT_GPC);
// Name of the addressbook already selected on the list
$orig_source = get_input_value('_orig_source', RCUBE_INPUT_GPC);
diff --git a/program/steps/addressbook/upload_photo.inc b/program/steps/addressbook/upload_photo.inc
index 1ed71f8cb..f0430ae80 100644
--- a/program/steps/addressbook/upload_photo.inc
+++ b/program/steps/addressbook/upload_photo.inc
@@ -19,14 +19,20 @@
*/
+// Supported image format types
+// ImageMagick works with other non-image types (e.g.pdf) we don't want here
+$IMAGE_TYPES = explode(',', 'jpeg,jpg,jp2,tiff,tif,bmp,eps,gif,png,png8,png24,png32,svg,ico');
+
// clear all stored output properties (like scripts and env vars)
$OUTPUT->reset();
-console($_FILES);
+
if ($filepath = $_FILES['_photo']['tmp_name']) {
// check file type and resize image
$imageprop = rcmail::imageprops($_FILES['_photo']['tmp_name']);
- if ($imageprop['width'] && $imageprop['height']) {
+ if (in_array(strtolower($imageprop['type']), $IMAGE_TYPES)
+ && $imageprop['width'] && $imageprop['height']
+ ) {
$maxsize = intval($RCMAIL->config->get('contact_photo_size', 160));
$tmpfname = tempnam($RCMAIL->config->get('temp_dir'), 'rcmImgConvert');
$save_hook = 'attachment_upload';
diff --git a/program/steps/mail/compose.inc b/program/steps/mail/compose.inc
index 9a94ff742..4449ea0b2 100644
--- a/program/steps/mail/compose.inc
+++ b/program/steps/mail/compose.inc
@@ -225,9 +225,11 @@ $MESSAGE->compose = array();
$MESSAGE->identities = $USER->list_identities();
if (count($MESSAGE->identities))
{
- foreach ($MESSAGE->identities as $idx => $sql_arr) {
- $email = mb_strtolower(rcube_idn_to_utf8($sql_arr['email']));
- $MESSAGE->identities[$idx]['email_ascii'] = $sql_arr['email'];
+ foreach ($MESSAGE->identities as $idx => $ident) {
+ $email = mb_strtolower(rcube_idn_to_utf8($ident['email']));
+
+ $MESSAGE->identities[$idx]['email_ascii'] = $ident['email'];
+ $MESSAGE->identities[$idx]['ident'] = format_email_recipient($ident['email'], $ident['name']);
$MESSAGE->identities[$idx]['email'] = $email;
}
}
@@ -242,7 +244,7 @@ else if (!empty($_SESSION['compose']['param']['from'])) {
else if (count($MESSAGE->identities)) {
// extract all recipients of the reply-message
$a_recipients = array();
- if ($compose_mode == RCUBE_COMPOSE_REPLY && is_object($MESSAGE->headers))
+ if (is_object($MESSAGE->headers) && in_array($compose_mode, array(RCUBE_COMPOSE_REPLY, RCUBE_COMPOSE_FORWARD)))
{
$a_to = $IMAP->decode_address_list($MESSAGE->headers->to);
foreach ($a_to as $addr) {
@@ -260,39 +262,47 @@ else if (count($MESSAGE->identities)) {
}
$from_idx = null;
- $default_identity = 0;
+ $default_identity = null;
$return_path = $MESSAGE->headers->others['return-path'];
// Select identity
- foreach ($MESSAGE->identities as $idx => $sql_arr) {
+ foreach ($MESSAGE->identities as $idx => $ident) {
// save default identity ID
- if ($sql_arr['standard']) {
+ if ($ident['standard']) {
$default_identity = $idx;
}
- // we need ascii here
- $email = $sql_arr['email_ascii'];
- $ident = format_email_recipient($email, $sql_arr['name']);
- // select identity
- if (in_array($compose_mode, array(RCUBE_COMPOSE_DRAFT, RCUBE_COMPOSE_EDIT, RCUBE_COMPOSE_REPLY))) {
- if ($MESSAGE->headers->from == $ident) {
+ // use From header
+ if (in_array($compose_mode, array(RCUBE_COMPOSE_DRAFT, RCUBE_COMPOSE_EDIT))) {
+ if ($MESSAGE->headers->from == $ident['ident']) {
$from_idx = $idx;
break;
}
}
- // set identity if it's one of the reply-message recipients
- else if (in_array($email, $a_recipients) && ($from_idx === null || $sql_arr['standard'])) {
+ // reply to yourself
+ else if ($compose_mode == RCUBE_COMPOSE_REPLY && $MESSAGE->headers->from == $ident['ident']) {
$from_idx = $idx;
+ break;
}
- // set identity when replying to mailing list
- else if (strpos($return_path, str_replace('@', '=', $email).'@') !== false) {
+ // use replied message recipients
+ else if (in_array($ident['email_ascii'], $a_recipients)) {
$from_idx = $idx;
}
}
- // Still no ID, use first identity
+ // Fallback using Return-Path
+ if ($from_idx === null && $return_path) {
+ foreach ($MESSAGE->identities as $idx => $ident) {
+ if (strpos($return_path, str_replace('@', '=', $ident['email_ascii']).'@') !== false) {
+ $from_idx = $idx;
+ break;
+ }
+ }
+ }
+
+ // Still no ID, use default/first identity
if ($from_idx === null) {
- $from_idx = $default_identity;
+ $from_idx = $default_identity !== null ? $default_identity : key(reset($MESSAGE->identities));
}
$ident = $MESSAGE->identities[$from_idx];