summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--CHANGELOG7
-rw-r--r--program/js/app.js9
-rw-r--r--program/steps/addressbook/save.inc6
3 files changed, 17 insertions, 5 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 584f8f1f5..a5a9ad452 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,12 +1,13 @@
CHANGELOG Roundcube Webmail
===========================
+RELEASE 0.6-beta
+----------------
- Fixed selecting identity on reply/forward (#1487981)
- Add option to hide selected LDAP addressbook on the list
- Add client-side checking of uploaded files size
- Add newlines between organization, department, jobtitle (#1488028)
- Recalculate date when replying to a message and localize the cite header (#1487675)
-- Fix XSS vulnerability in UI messages (#1488030)
- Fix handling of email addresses with quoted local part (#1487939)
- Fix EOL character in vCard exports (#1487873)
- Added optional "multithreading" autocomplete feature
@@ -70,6 +71,10 @@ CHANGELOG Roundcube Webmail
- Fulltext search over (almost) all data for contacts
- Extend address book with rich contact information
+RELEASE 0.5.4
+-------------
+- Fix XSS vulnerability in UI messages (#1488030)
+
RELEASE 0.5.3
-------------
- Fix identities "reply-to" and "bcc" fields have a bogus value when left empty (#1487943)
diff --git a/program/js/app.js b/program/js/app.js
index 6da5a578c..808adc575 100644
--- a/program/js/app.js
+++ b/program/js/app.js
@@ -3997,12 +3997,19 @@ function rcube_webmail()
};
// update a contact record in the list
- this.update_contact_row = function(cid, cols_arr, newcid)
+ this.update_contact_row = function(cid, cols_arr, newcid, source)
{
var c, row, list = this.contact_list;
cid = String(cid).replace(this.identifier_expr, '_');
+ // when in searching mode, concat cid with the source name
+ if (!list.rows[cid]) {
+ cid = cid+'-'+source;
+ if (newcid)
+ newcid = newcid+'-'+source;
+ }
+
if (list.rows[cid] && (row = list.rows[cid].obj)) {
for (c=0; c<cols_arr.length; c++)
if (row.cells[c])
diff --git a/program/steps/addressbook/save.inc b/program/steps/addressbook/save.inc
index c463bf7fe..ddbd630ef 100644
--- a/program/steps/addressbook/save.inc
+++ b/program/steps/addressbook/save.inc
@@ -104,12 +104,13 @@ if (isset($a_record['photo'])) {
$RCMAIL->session->remove('contacts');
}
+$source = get_input_value('_source', RCUBE_INPUT_GPC);
// update an existing contact
if (!empty($cid))
{
$plugin = $RCMAIL->plugins->exec_hook('contact_update',
- array('id' => $cid, 'record' => $a_record, 'source' => get_input_value('_source', RCUBE_INPUT_GPC)));
+ array('id' => $cid, 'record' => $a_record, 'source' => $source));
$a_record = $plugin['record'];
if (!$plugin['abort'])
@@ -136,7 +137,7 @@ if (!empty($cid))
$a_js_cols[] = Q((string)$record[$col]);
// update the changed col in list
- $OUTPUT->command('parent.update_contact_row', $cid, $a_js_cols, $newcid);
+ $OUTPUT->command('parent.update_contact_row', $cid, $a_js_cols, $newcid, $source);
// show confirmation
$OUTPUT->show_message('successfullysaved', 'confirmation', null, false);
@@ -152,7 +153,6 @@ if (!empty($cid))
// insert a new contact
else {
- $source = get_input_value('_source', RCUBE_INPUT_GPC);
// Name of the addressbook already selected on the list
$orig_source = get_input_value('_orig_source', RCUBE_INPUT_GPC);