4 files changed, 79 insertions, 55 deletions

diff --git a/plugins/database_attachments/database_attachments.php b/plugins/database_attachments/database_attachments.php
index 9a279f57e..079f4e567 100644
--- a/plugins/database_attachments/database_attachments.php
+++ b/plugins/database_attachments/database_attachments.php
@@ -46,9 +46,9 @@ class database_attachments extends filesystem_attachments
         $data = base64_encode($data);
 
         $status = $rcmail->db->query(
-            "INSERT INTO ".get_table_name('cache')."
-             (created, user_id, cache_key, data)
-             VALUES (".$rcmail->db->now().", ?, ?, ?)",
+            "INSERT INTO ".get_table_name('cache')
+             ." (created, user_id, cache_key, data)"
+             ." VALUES (".$rcmail->db->now().", ?, ?, ?)",
             $_SESSION['user_id'],
             $key,
             $data);
@@ -82,9 +82,9 @@ class database_attachments extends filesystem_attachments
         $data = base64_encode($args['data']);
 
         $status = $rcmail->db->query(
-            "INSERT INTO ".get_table_name('cache')."
-             (created, user_id, cache_key, data)
-             VALUES (".$rcmail->db->now().", ?, ?, ?)",
+            "INSERT INTO ".get_table_name('cache')
+             ." (created, user_id, cache_key, data)"
+             ." VALUES (".$rcmail->db->now().", ?, ?, ?)",
             $_SESSION['user_id'],
             $key,
             $data);
@@ -106,9 +106,9 @@ class database_attachments extends filesystem_attachments
         $args['status'] = false;
         $rcmail = rcmail::get_instance();
         $status = $rcmail->db->query(
-            "DELETE FROM ".get_table_name('cache')."
-             WHERE  user_id=?
-             AND    cache_key=?",
+            "DELETE FROM ".get_table_name('cache')
+             ." WHERE user_id = ?"
+                ." AND cache_key = ?",
             $_SESSION['user_id'],
             $args['id']);
 
@@ -138,10 +138,10 @@ class database_attachments extends filesystem_attachments
         $rcmail = rcmail::get_instance();
 
         $sql_result = $rcmail->db->query(
-            "SELECT cache_id, data
-             FROM ".get_table_name('cache')."
-             WHERE  user_id=?
-             AND    cache_key=?",
+            "SELECT data"
+             ." FROM ".get_table_name('cache')
+             ." WHERE user_id=?"
+                ." AND cache_key=?",
             $_SESSION['user_id'],
             $args['id']);
 
@@ -161,9 +161,9 @@ class database_attachments extends filesystem_attachments
         $prefix = $this->cache_prefix . $args['group'];
         $rcmail = rcmail::get_instance();
         $rcmail->db->query(
-            "DELETE FROM ".get_table_name('cache')."
-             WHERE  user_id=?
-             AND cache_key like '{$prefix}%'",
+            "DELETE FROM ".get_table_name('cache')
+            ." WHERE user_id = ?"
+                ." AND cache_key LIKE '{$prefix}%'",
             $_SESSION['user_id']);
     }
 }
diff --git a/plugins/http_authentication/http_authentication.php b/plugins/http_authentication/http_authentication.php
index 6c873713e..a14b5cbcc 100644
--- a/plugins/http_authentication/http_authentication.php
+++ b/plugins/http_authentication/http_authentication.php
@@ -17,51 +17,67 @@
  */
 class http_authentication extends rcube_plugin
 {
-  public $task = 'login|logout';
 
-  function init()
-  {
-    $this->add_hook('startup', array($this, 'startup'));
-    $this->add_hook('authenticate', array($this, 'authenticate'));
-    $this->add_hook('logout_after', array($this, 'logout'));
-  }
+    function init()
+    {
+        $this->add_hook('startup', array($this, 'startup'));
+        $this->add_hook('authenticate', array($this, 'authenticate'));
+        $this->add_hook('logout_after', array($this, 'logout'));
+    }
 
-  function startup($args)
-  {
-    // change action to login
-    if (empty($args['action']) && empty($_SESSION['user_id'])
-        && !empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW']))
-      $args['action'] = 'login';
+    function startup($args)
+    {
+        if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) {
+            $rcmail = rcmail::get_instance();
+            $rcmail->add_shutdown_function(array('http_authentication', 'shutdown'));
 
-    return $args;
-  }
+            // handle login action
+            if (empty($args['action']) && empty($_SESSION['user_id'])) {
+                $args['action'] = 'login';
+            }
+            // Set user password in session (see shutdown() method for more info)
+            else if (!empty($_SESSION['user_id']) && empty($_SESION['password'])) {
+                $_SESSION['password'] = $rcmail->encrypt($_SERVER['PHP_AUTH_PW']);
+            }
+        }
 
-  function authenticate($args)
-  {
-    // Allow entering other user data in login form,
-    // e.g. after log out (#1487953)
-    if (!empty($args['user'])) {
         return $args;
     }
 
-    if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) {
-      $args['user'] = $_SERVER['PHP_AUTH_USER'];
-      $args['pass'] = $_SERVER['PHP_AUTH_PW'];
-    }
+    function authenticate($args)
+    {
+        // Allow entering other user data in login form,
+        // e.g. after log out (#1487953)
+        if (!empty($args['user'])) {
+            return $args;
+        }
 
-    $args['cookiecheck'] = false;
-    $args['valid'] = true;
+        if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) {
+            $args['user'] = $_SERVER['PHP_AUTH_USER'];
+            $args['pass'] = $_SERVER['PHP_AUTH_PW'];
+        }
 
-    return $args;
-  }
-  
-  function logout($args)
-  {
-    // redirect to configured URL in order to clear HTTP auth credentials
-    if (!empty($_SERVER['PHP_AUTH_USER']) && $args['user'] == $_SERVER['PHP_AUTH_USER'] && ($url = rcmail::get_instance()->config->get('logout_url'))) {
-      header("Location: $url", true, 307);
+        $args['cookiecheck'] = false;
+        $args['valid'] = true;
+
+        return $args;
     }
-  }
 
+    function logout($args)
+    {
+        // redirect to configured URL in order to clear HTTP auth credentials
+        if (!empty($_SERVER['PHP_AUTH_USER']) && $args['user'] == $_SERVER['PHP_AUTH_USER']) {
+            if ($url = rcmail::get_instance()->config->get('logout_url')) {
+                header("Location: $url", true, 307);
+            }
+        }
+    }
+
+    function shutdown()
+    {
+        // There's no need to store password (even if encrypted) in session
+        // We'll set it back on startup (#1486553)
+        rcmail::get_instance()->session->remove('password');
+    }
 }
 
diff --git a/plugins/http_authentication/package.xml b/plugins/http_authentication/package.xml
index d8f2036b6..aab3819a8 100644
--- a/plugins/http_authentication/package.xml
+++ b/plugins/http_authentication/package.xml
@@ -13,10 +13,10 @@
 		<email>roundcube@gmail.com</email>
 		<active>yes</active>
 	</lead>
-	<date>2011-11-21</date>
+	<date>2012-09-18</date>
 	<version>
-		<release>1.4</release>
-		<api>1.4</api>
+		<release>1.5</release>
+		<api>1.5</api>
 	</version>
 	<stability>
 		<release>stable</release>
diff --git a/plugins/managesieve/tests/Parser.php b/plugins/managesieve/tests/Parser.php
index 00915cc20..2f24870e2 100644
--- a/plugins/managesieve/tests/Parser.php
+++ b/plugins/managesieve/tests/Parser.php
@@ -15,7 +15,15 @@ class Parser extends PHPUnit_Framework_TestCase
      */
     function test_parser($input, $output, $message)
     {
-        $script = new rcube_sieve_script($input);
+        // get capabilities list from the script
+        $caps = array();
+        if (preg_match('/require \[([a-z0-9", ]+)\]/', $input, $m)) {
+            foreach (explode(',', $m[1]) as $cap) {
+                $caps[] = trim($cap, '" ');
+            }
+        }
+
+        $script = new rcube_sieve_script($input, $caps);
         $result = $script->as_text();
 
         $this->assertEquals(trim($result), trim($output), $message);