summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--CHANGELOG1
-rw-r--r--plugins/enigma/enigma.php3
-rw-r--r--plugins/enigma/lib/enigma_engine.php18
-rw-r--r--plugins/password/drivers/pam.php3
-rw-r--r--program/lib/Roundcube/rcube_db.php2
-rw-r--r--program/lib/Roundcube/rcube_smtp.php2
6 files changed, 14 insertions, 15 deletions
diff --git a/CHANGELOG b/CHANGELOG
index c97df8c96..5cba239ea 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
CHANGELOG Roundcube Webmail
===========================
+- Fix various PHP code bugs found using static analysis (#1489086)
- Fix backslash character handling on vCard import (#1489085)
- Fix csv import from Thunderbird with French localization (#1489059)
- Fix messages list focus issue in Opera and Webkit (#1489058)
diff --git a/plugins/enigma/enigma.php b/plugins/enigma/enigma.php
index c96b94620..1194d26c8 100644
--- a/plugins/enigma/enigma.php
+++ b/plugins/enigma/enigma.php
@@ -47,6 +47,8 @@ class enigma extends rcube_plugin
$rcmail = rcmail::get_instance();
$this->rc = $rcmail;
+ $section = rcube_utils::get_input_value('_section', rcube_utils::INPUT_GET);
+
if ($this->rc->task == 'mail') {
// message parse/display hooks
$this->add_hook('message_part_structure', array($this, 'parse_structure'));
@@ -79,7 +81,6 @@ class enigma extends rcube_plugin
$this->register_action('plugin.enigma', array($this, 'preferences_ui'));
// grab keys/certs management iframe requests
- $section = rcube_utils::get_input_value('_section', rcube_utils::INPUT_GET);
if ($this->rc->action == 'edit-prefs' && preg_match('/^enigma(certs|keys)/', $section)) {
$this->load_ui();
$this->ui->init($section);
diff --git a/plugins/enigma/lib/enigma_engine.php b/plugins/enigma/lib/enigma_engine.php
index 220d6c0b3..a30a517ec 100644
--- a/plugins/enigma/lib/enigma_engine.php
+++ b/plugins/enigma/lib/enigma_engine.php
@@ -374,17 +374,15 @@ class enigma_engine
{
// @TODO: Handle big bodies using (temp) files
// @TODO: caching of verification result
-
- $sig = $this->pgp_driver->verify($msg_body, $sig_body);
+ $sig = $this->pgp_driver->verify($msg_body, $sig_body);
- if (($sig instanceof enigma_error) && $sig->getCode() != enigma_error::E_KEYNOTFOUND)
- rcube::raise_error(array(
+ if (($sig instanceof enigma_error) && $sig->getCode() != enigma_error::E_KEYNOTFOUND)
+ rcube::raise_error(array(
'code' => 600, 'type' => 'php',
'file' => __FILE__, 'line' => __LINE__,
- 'message' => "Enigma plugin: " . $error->getMessage()
+ 'message' => "Enigma plugin: " . $sig->getMessage()
), true, false);
-//print_r($sig);
return $sig;
}
@@ -399,11 +397,9 @@ class enigma_engine
{
// @TODO: Handle big bodies using (temp) files
// @TODO: caching of verification result
-
+ $key = ''; $pass = ''; // @TODO
$result = $this->pgp_driver->decrypt($msg_body, $key, $pass);
-//print_r($result);
-
if ($result instanceof enigma_error) {
$err_code = $result->getCode();
if (!in_array($err_code, array(enigma_error::E_KEYNOTFOUND, enigma_error::E_BADPASS)))
@@ -430,7 +426,7 @@ class enigma_engine
{
$this->load_pgp_driver();
$result = $this->pgp_driver->list_keys($pattern);
-
+
if ($result instanceof enigma_error) {
rcube::raise_error(array(
'code' => 600, 'type' => 'php',
@@ -438,7 +434,7 @@ class enigma_engine
'message' => "Enigma plugin: " . $result->getMessage()
), true, false);
}
-
+
return $result;
}
diff --git a/plugins/password/drivers/pam.php b/plugins/password/drivers/pam.php
index 8cd94c737..4d0ba1656 100644
--- a/plugins/password/drivers/pam.php
+++ b/plugins/password/drivers/pam.php
@@ -11,7 +11,8 @@ class rcube_pam_password
{
function save($currpass, $newpass)
{
- $user = $_SESSION['username'];
+ $user = $_SESSION['username'];
+ $error = '';
if (extension_loaded('pam') || extension_loaded('pam_auth')) {
if (pam_auth($user, $currpass, $error, false)) {
diff --git a/program/lib/Roundcube/rcube_db.php b/program/lib/Roundcube/rcube_db.php
index c96bccc90..4b9ab131c 100644
--- a/program/lib/Roundcube/rcube_db.php
+++ b/program/lib/Roundcube/rcube_db.php
@@ -128,7 +128,7 @@ class rcube_db
$dsn_string = $this->dsn_string($dsn);
$dsn_options = $this->dsn_options($dsn);
- if ($db_pconn) {
+ if ($this->db_pconn) {
$dsn_options[PDO::ATTR_PERSISTENT] = true;
}
diff --git a/program/lib/Roundcube/rcube_smtp.php b/program/lib/Roundcube/rcube_smtp.php
index 5c7d2203c..201e8269e 100644
--- a/program/lib/Roundcube/rcube_smtp.php
+++ b/program/lib/Roundcube/rcube_smtp.php
@@ -119,7 +119,7 @@ class rcube_smtp
}
// try to connect to server and exit on failure
- $result = $this->conn->connect($smtp_timeout);
+ $result = $this->conn->connect($CONFIG['smtp_timeout']);
if (PEAR::isError($result)) {
$this->response[] = "Connection failed: ".$result->getMessage();