summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--CHANGELOG9
-rw-r--r--index.php44
-rwxr-xr-xprogram/include/iniset.php4
-rw-r--r--program/include/rcube_imap_generic.php76
-rw-r--r--program/include/rcube_vcard.php6
-rw-r--r--program/js/app.js4
-rw-r--r--program/steps/mail/func.inc3
-rw-r--r--skins/default/functions.js2
8 files changed, 77 insertions, 71 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 7f8076002..0d60da567 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,15 @@
CHANGELOG Roundcube Webmail
===========================
+- Fix handling of backslash as IMAP delimiter
+- Fix charset replacement in HTML message bodies (#1487021)
+- Fix: contact group input is empty when using rename action more than once on the same group record
+- Fix "Server Error! (Not Found)" when using utils/save-pref action (#1487023)
+- Fix handling of Thunderbird's vCards (#1487024)
+
+RELEASE 0.4.1
+-------------
+
- Fix space-stuffing in format=flowed messages (#1487018)
- Fix msgexport.sh now using the new imap wrapper
- Avoid displaying password on shell (#1486947)
diff --git a/index.php b/index.php
index a6e2ada46..a8dd55c90 100644
--- a/index.php
+++ b/index.php
@@ -2,7 +2,7 @@
/*
+-------------------------------------------------------------------------+
| Roundcube Webmail IMAP Client |
- | Version 0.4.1 |
+ | Version 0.4.2 |
| |
| Copyright (C) 2005-2010, Roundcube Dev. - Switzerland |
| |
@@ -141,22 +141,6 @@ else if ($RCMAIL->task != 'login' && $_SESSION['user_id'] && $RCMAIL->action !=
}
}
-// don't check for valid request tokens in these actions
-$request_check_whitelist = array('login'=>1, 'spell'=>1);
-
-// check client X-header to verify request origin
-if ($OUTPUT->ajax_call) {
- if (!$RCMAIL->config->get('devel_mode') && rc_request_header('X-Roundcube-Request') != $RCMAIL->get_request_token() && !empty($RCMAIL->user->ID)) {
- header('HTTP/1.1 404 Not Found');
- die("Invalid Request");
- }
-}
-// check request token in POST form submissions
-else if (!empty($_POST) && !$request_check_whitelist[$RCMAIL->action] && !$RCMAIL->check_request()) {
- $OUTPUT->show_message('invalidrequest', 'error');
- $OUTPUT->send($RCMAIL->task);
-}
-
// not logged in -> show login page
if (empty($RCMAIL->user->ID)) {
if ($OUTPUT->ajax_call)
@@ -176,17 +160,37 @@ if (empty($RCMAIL->user->ID)) {
)
);
}
-
+
$OUTPUT->set_env('task', 'login');
$OUTPUT->send('login');
}
+// CSRF prevention
+else {
+ // don't check for valid request tokens in these actions
+ $request_check_whitelist = array('login'=>1, 'spell'=>1);
+
+ // check client X-header to verify request origin
+ if ($OUTPUT->ajax_call) {
+ if (rc_request_header('X-Roundcube-Request') != $RCMAIL->get_request_token()) {
+ header('HTTP/1.1 404 Not Found');
+ die("Invalid Request");
+ }
+ }
+ // check request token in POST form submissions
+ else if (!empty($_POST) && !$request_check_whitelist[$RCMAIL->action] && !$RCMAIL->check_request()) {
+ $OUTPUT->show_message('invalidrequest', 'error');
+ $OUTPUT->send($RCMAIL->task);
+ }
+}
-
-// handle keep-alive signal
+// handle special actions
if ($RCMAIL->action == 'keep-alive') {
$OUTPUT->reset();
$OUTPUT->send();
}
+else if ($RCMAIL->action == 'save-pref') {
+ include 'steps/utils/save_pref.inc';
+}
// map task/action to a certain include file
diff --git a/program/include/iniset.php b/program/include/iniset.php
index b4027ecbd..c2c07fc90 100755
--- a/program/include/iniset.php
+++ b/program/include/iniset.php
@@ -5,7 +5,7 @@
| program/include/iniset.php |
| |
| This file is part of the Roundcube Webmail client |
- | Copyright (C) 2008-2009, Roundcube Dev, - Switzerland |
+ | Copyright (C) 2008-2010, Roundcube Dev, - Switzerland |
| Licensed under the GNU GPL |
| |
| PURPOSE: |
@@ -36,7 +36,7 @@ foreach ($crit_opts as $optname => $optval) {
}
// application constants
-define('RCMAIL_VERSION', '0.4.1');
+define('RCMAIL_VERSION', '0.4.2');
define('RCMAIL_CHARSET', 'UTF-8');
define('JS_OBJECT_NAME', 'rcmail');
define('RCMAIL_START', microtime(true));
diff --git a/program/include/rcube_imap_generic.php b/program/include/rcube_imap_generic.php
index b60ddc76e..bfbf072c3 100644
--- a/program/include/rcube_imap_generic.php
+++ b/program/include/rcube_imap_generic.php
@@ -423,23 +423,7 @@ class rcube_imap_generic
return true;
}
- if (!$this->getCapability('NAMESPACE')) {
- return false;
- }
-
- if (!$this->putLine("ns1 NAMESPACE")) {
- return false;
- }
- do {
- $line = $this->readLine(1024);
- if (preg_match('/^\* NAMESPACE/', $line)) {
- $i = 0;
- $line = $this->unEscape($line);
- $data = $this->parseNamespace(substr($line,11), $i, 0, 0);
- }
- } while (!$this->startsWith($line, 'ns1', true, true));
-
- if (!is_array($data)) {
+ if (!is_array($data = $this->_namespace())) {
return false;
}
@@ -488,13 +472,9 @@ class rcube_imap_generic
}
do {
- $line = $this->readLine(500);
- if ($line[0] == '*') {
- $line = rtrim($line);
- $a = rcube_explode_quoted_string(' ', $this->unEscape($line));
- if ($a[0] == '*') {
- $delimiter = str_replace('"', '', $a[count($a)-2]);
- }
+ $line = $this->readLine(1024);
+ if (preg_match('/^\* LIST \([^\)]*\) "*([^"]+)"* ""/', $line, $m)) {
+ $delimiter = $this->unEscape($m[1]);
}
} while (!$this->startsWith($line, 'ghd', true, true));
@@ -504,23 +484,10 @@ class rcube_imap_generic
// if that fails, try namespace extension
// try to fetch namespace data
- if (!$this->putLine("ns1 NAMESPACE")) {
+ if (!is_array($data = $this->_namespace())) {
return false;
}
- do {
- $line = $this->readLine(1024);
- if (preg_match('/^\* NAMESPACE/', $line)) {
- $i = 0;
- $line = $this->unEscape($line);
- $data = $this->parseNamespace(substr($line,11), $i, 0, 0);
- }
- } while (!$this->startsWith($line, 'ns1', true, true));
-
- if (!is_array($data)) {
- return false;
- }
-
// extract user space data (opposed to global/shared space)
$user_space_data = $data[0];
if (!is_array($user_space_data)) {
@@ -539,6 +506,31 @@ class rcube_imap_generic
return $delimiter;
}
+ function _namespace()
+ {
+ if (!$this->getCapability('NAMESPACE')) {
+ return false;
+ }
+
+ if (!$this->putLine("ns1 NAMESPACE")) {
+ return false;
+ }
+
+ do {
+ $line = $this->readLine(1024);
+ if (preg_match('/^\* NAMESPACE/', $line)) {
+ $i = 0;
+ $data = $this->parseNamespace(substr($line,11), $i, 0, 0);
+ }
+ } while (!$this->startsWith($line, 'ns1', true, true));
+
+ if (!is_array($data)) {
+ return false;
+ }
+
+ return $data;
+ }
+
function connect($host, $user, $password, $options=null)
{
// set options
@@ -1660,9 +1652,9 @@ class rcube_imap_generic
// folder name
$folders[] = preg_replace(array('/^"/', '/"$/'), '', $this->unEscape($m[3]));
// attributes
-// $attrib = explode(' ', $m[1]);
+// $attrib = explode(' ', $this->unEscape($m[1]));
// delimiter
-// $delim = $m[2];
+// $delim = $this->unEscape($m[2]);
}
} while (!$this->startsWith($line, $key, true));
@@ -2173,7 +2165,7 @@ class rcube_imap_generic
$in_quotes = false;
$elem = 0;
- for ($i;$i<$len;$i++) {
+ for ($i; $i<$len; $i++) {
$c = (string)$str[$i];
if ($c == '(' && !$in_quotes) {
$i++;
@@ -2184,7 +2176,7 @@ class rcube_imap_generic
} else if ($c == '\\') {
$i++;
if ($in_quotes) {
- $data[$elem] .= $c.$str[$i];
+ $data[$elem] .= $str[$i];
}
} else if ($c == '"') {
$in_quotes = !$in_quotes;
diff --git a/program/include/rcube_vcard.php b/program/include/rcube_vcard.php
index 0eb7a780d..9bbc32b3c 100644
--- a/program/include/rcube_vcard.php
+++ b/program/include/rcube_vcard.php
@@ -218,7 +218,9 @@ class rcube_vcard
if ($in_vcard_block && !empty($line))
$vcard_block .= $line . "\n";
- if (trim($line) == 'END:VCARD') {
+ $line = trim($line);
+
+ if (preg_match('/^END:VCARD$/i', $line)) {
// parse vcard
$obj = new rcube_vcard(self::cleanup($vcard_block), $charset);
if (!empty($obj->displayname))
@@ -226,7 +228,7 @@ class rcube_vcard
$in_vcard_block = false;
}
- else if (trim($line) == 'BEGIN:VCARD') {
+ else if (preg_match('/^BEGIN:VCARD$/i', $line)) {
$vcard_block = $line . "\n";
$in_vcard_block = true;
}
diff --git a/program/js/app.js b/program/js/app.js
index 64cc7c631..5dec2ad39 100644
--- a/program/js/app.js
+++ b/program/js/app.js
@@ -1292,7 +1292,7 @@ function rcube_webmail()
}
}
- this.http_post('utils/save-pref', '_name=collapsed_folders&_value='+urlencode(this.env.collapsed_folders));
+ this.http_post('save-pref', '_name=collapsed_folders&_value='+urlencode(this.env.collapsed_folders));
this.set_unread_count_display(id, false);
};
@@ -1463,7 +1463,7 @@ function rcube_webmail()
if ((found = $.inArray('subject', this.env.coltypes)) >= 0)
this.set_env('subject_col', found);
- this.http_post('utils/save-pref', { '_name':'list_cols', '_value':this.env.coltypes, '_session':'list_attrib/columns' });
+ this.http_post('save-pref', { '_name':'list_cols', '_value':this.env.coltypes, '_session':'list_attrib/columns' });
};
this.check_droptarget = function(id)
diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc
index 119a5da31..0d12a5bde 100644
--- a/program/steps/mail/func.inc
+++ b/program/steps/mail/func.inc
@@ -661,7 +661,7 @@ function rcmail_wash_html($html, $p = array(), $cid_replaces)
// charset was converted to UTF-8 in rcube_imap::get_message_part(),
// -> change charset specification in HTML accordingly
- $charset_pattern = '(<meta\s+[^>]* content=)[\'"]?(\w+\/\w+;\s*charset=)([a-z0-9-_]+[\'"]?)';
+ $charset_pattern = '(<meta\s+[^>]*content=)[\'"]?(\w+\/\w+;\s*charset=)([a-z0-9-_]+[\'"]?)';
if (preg_match("/$charset_pattern/Ui", $html)) {
$html = preg_replace("/$charset_pattern/i", '\\1"\\2'.RCMAIL_CHARSET.'"', $html);
}
@@ -671,7 +671,6 @@ function rcmail_wash_html($html, $p = array(), $cid_replaces)
$html = '<head></head>'. $html;
$html = substr_replace($html, '<meta http-equiv="Content-Type" content="text/html; charset='.RCMAIL_CHARSET.'" />', intval(stripos($html, '<head>')+6), 0);
}
-
// turn relative into absolute urls
$html = rcmail_resolve_base($html);
diff --git a/skins/default/functions.js b/skins/default/functions.js
index 338ce203b..4615a462a 100644
--- a/skins/default/functions.js
+++ b/skins/default/functions.js
@@ -287,7 +287,7 @@ switch_preview_pane: function(elem)
rcmail.env.contentframe = null;
rcmail.show_contentframe(false);
}
- rcmail.http_post('utils/save-pref', '_name=preview_pane&_value='+(elem.checked?1:0));
+ rcmail.http_post('save-pref', '_name=preview_pane&_value='+(elem.checked?1:0));
},
/* Message composing */