summaryrefslogtreecommitdiff
path: root/program/include
diff options
context:
space:
mode:
Diffstat (limited to 'program/include')
-rwxr-xr-xprogram/include/iniset.php2
-rw-r--r--program/include/main.inc9
-rw-r--r--program/include/rcmail.php4
-rw-r--r--program/include/rcube_html_page.php86
-rw-r--r--program/include/rcube_imap.php95
-rw-r--r--program/include/rcube_plugin_api.php3
-rwxr-xr-xprogram/include/rcube_template.php4
7 files changed, 150 insertions, 53 deletions
diff --git a/program/include/iniset.php b/program/include/iniset.php
index aeb4549fc..ac96880c3 100755
--- a/program/include/iniset.php
+++ b/program/include/iniset.php
@@ -36,7 +36,7 @@ foreach ($crit_opts as $optname => $optval) {
}
// application constants
-define('RCMAIL_VERSION', '0.5');
+define('RCMAIL_VERSION', '0.5.1');
define('RCMAIL_CHARSET', 'UTF-8');
define('JS_OBJECT_NAME', 'rcmail');
define('RCMAIL_START', microtime(true));
diff --git a/program/include/main.inc b/program/include/main.inc
index b61f8aea2..b8d27d68c 100644
--- a/program/include/main.inc
+++ b/program/include/main.inc
@@ -861,8 +861,8 @@ function rcmail_mod_css_styles($source, $container_id)
$replacements = new rcube_string_replacer;
// ignore the whole block if evil styles are detected
- $stripped = preg_replace('/[^a-z\(:]/', '', rcmail_xss_entity_decode($source));
- if (preg_match('/expression|behavior|url\(|import/', $stripped))
+ $stripped = preg_replace('/[^a-z\(:;]/', '', rcmail_xss_entity_decode($source));
+ if (preg_match('/expression|behavior|url\(|import[^a]/', $stripped))
return '/* evil! */';
// remove css comments (sometimes used for some ugly hacks)
@@ -1771,16 +1771,17 @@ function rcube_sess_unset($var_name=null)
* Replaces hostname variables
*
* @param string $name Hostname
+ * @param string $host Optional IMAP hostname
* @return string
*/
-function rcube_parse_host($name)
+function rcube_parse_host($name, $host='')
{
// %n - host
$n = preg_replace('/:\d+$/', '', $_SERVER['SERVER_NAME']);
// %d - domain name without first part, e.g. %d=mail.domain.tld, %m=domain.tld
$d = preg_replace('/^[^\.]+\./', '', $n);
// %h - IMAP host
- $h = $_SESSION['imap_host'];
+ $h = $_SESSION['imap_host'] ? $_SESSION['imap_host'] : $host;
// %z - IMAP domain without first part, e.g. %h=imap.domain.tld, %z=domain.tld
$z = preg_replace('/^[^\.]+\./', '', $h);
diff --git a/program/include/rcmail.php b/program/include/rcmail.php
index e4078a72f..e9f5b5fce 100644
--- a/program/include/rcmail.php
+++ b/program/include/rcmail.php
@@ -673,9 +673,9 @@ class rcmail
// Check if we need to add domain
if (!empty($config['username_domain']) && strpos($username, '@') === false) {
if (is_array($config['username_domain']) && isset($config['username_domain'][$host]))
- $username .= '@'.rcube_parse_host($config['username_domain'][$host]);
+ $username .= '@'.rcube_parse_host($config['username_domain'][$host], $host);
else if (is_string($config['username_domain']))
- $username .= '@'.rcube_parse_host($config['username_domain']);
+ $username .= '@'.rcube_parse_host($config['username_domain'], $host);
}
// Convert username to lowercase. If IMAP backend
diff --git a/program/include/rcube_html_page.php b/program/include/rcube_html_page.php
index 06cb5cb56..9ac03d01f 100644
--- a/program/include/rcube_html_page.php
+++ b/program/include/rcube_html_page.php
@@ -28,11 +28,13 @@ class rcube_html_page
{
protected $scripts_path = '';
protected $script_files = array();
+ protected $css_files = array();
protected $scripts = array();
protected $charset = RCMAIL_CHARSET;
protected $script_tag_file = "<script type=\"text/javascript\" src=\"%s\"></script>\n";
protected $script_tag = "<script type=\"text/javascript\">\n/* <![CDATA[ */\n%s\n/* ]]> */\n</script>";
+ protected $link_css_file = "<link rel=\"stylesheet\" type=\"text/css\" href=\"%s\" />\n";
protected $default_template = "<html>\n<head><title></title></head>\n<body></body>\n</html>";
protected $title = '';
@@ -61,6 +63,9 @@ class rcube_html_page
if (in_array($file, $sa_files)) {
return;
}
+
+ $sa_files[] = $file;
+
if (!is_array($this->script_files[$position])) {
$this->script_files[$position] = array();
}
@@ -83,6 +88,16 @@ class rcube_html_page
}
/**
+ * Link an external css file
+ *
+ * @param string File URL
+ */
+ public function include_css($file)
+ {
+ $this->css_files[] = $file;
+ }
+
+ /**
* Add HTML code to the page header
*
* @param string $str HTML code
@@ -163,52 +178,53 @@ class rcube_html_page
}
// replace specialchars in content
- $__page_title = Q($this->title, 'show', FALSE);
- $__page_header = $__page_body = $__page_footer = '';
+ $page_title = Q($this->title, 'show', FALSE);
+ $page_header = '';
+ $page_footer = '';
// include meta tag with charset
if (!empty($this->charset)) {
if (!headers_sent()) {
header('Content-Type: text/html; charset=' . $this->charset);
}
- $__page_header = '<meta http-equiv="content-type"';
- $__page_header.= ' content="text/html; charset=';
- $__page_header.= $this->charset . '" />'."\n";
+ $page_header = '<meta http-equiv="content-type"';
+ $page_header.= ' content="text/html; charset=';
+ $page_header.= $this->charset . '" />'."\n";
}
// definition of the code to be placed in the document header and footer
if (is_array($this->script_files['head'])) {
foreach ($this->script_files['head'] as $file) {
- $__page_header .= sprintf($this->script_tag_file, $file);
+ $page_header .= sprintf($this->script_tag_file, $file);
}
}
$head_script = $this->scripts['head_top'] . $this->scripts['head'];
if (!empty($head_script)) {
- $__page_header .= sprintf($this->script_tag, $head_script);
+ $page_header .= sprintf($this->script_tag, $head_script);
}
if (!empty($this->header)) {
- $__page_header .= $this->header;
+ $page_header .= $this->header;
}
if (is_array($this->script_files['foot'])) {
foreach ($this->script_files['foot'] as $file) {
- $__page_footer .= sprintf($this->script_tag_file, $file);
+ $page_footer .= sprintf($this->script_tag_file, $file);
}
}
if (!empty($this->scripts['foot'])) {
- $__page_footer .= sprintf($this->script_tag, $this->scripts['foot']);
+ $page_footer .= sprintf($this->script_tag, $this->scripts['foot']);
}
if (!empty($this->footer)) {
- $__page_footer .= $this->footer;
+ $page_footer .= $this->footer;
}
// find page header
if ($hpos = stripos($output, '</head>')) {
- $__page_header .= "\n";
+ $page_header .= "\n";
}
else {
if (!is_numeric($hpos)) {
@@ -220,49 +236,43 @@ class rcube_html_page
}
$hpos++;
}
- $__page_header = "<head>\n<title>$__page_title</title>\n$__page_header\n</head>\n";
+ $page_header = "<head>\n<title>$page_title</title>\n$page_header\n</head>\n";
}
// add page hader
if ($hpos) {
- $output = substr($output,0,$hpos) . $__page_header . substr($output,$hpos,strlen($output));
+ $output = substr($output,0,$hpos) . $page_header . substr($output,$hpos,strlen($output));
}
else {
- $output = $__page_header . $output;
+ $output = $page_header . $output;
}
- // find page body
- if ($bpos = stripos($output, '<body')) {
- while ($output[$bpos] != '>') {
- $bpos++;
- }
- $bpos++;
- }
- else {
- $bpos = stripos($output, '</head>')+7;
- }
-
- // add page body
- if ($bpos && $__page_body) {
- $output = substr($output,0,$bpos) . "\n$__page_body\n" . substr($output,$bpos,strlen($output));
- }
-
- // find and add page footer
+ // add page footer
if (($fpos = strripos($output, '</body>')) || ($fpos = strripos($output, '</html>'))) {
- $output = substr($output, 0, $fpos) . "$__page_footer\n" . substr($output, $fpos);
+ $output = substr($output, 0, $fpos) . "$page_footer\n" . substr($output, $fpos);
}
else {
- $output .= "\n".$__page_footer;
+ $output .= "\n".$page_footer;
}
- // reset those global vars
- $__page_header = $__page_footer = '';
+ // add css files in head, before scripts, for speed up with parallel downloads
+ if (!empty($this->css_files) &&
+ (($pos = stripos($output, '<script ')) || ($pos = stripos($output, '</head>')))
+ ) {
+ $css = '';
+ foreach ($this->css_files as $file) {
+ $css .= sprintf($this->link_css_file, $file);
+ }
+ $output = substr($output, 0, $pos) . $css . substr($output, $pos);
+ }
$this->base_path = $base_path;
+
// correct absolute paths in images and other tags
// add timestamp to .js and .css filename
- $output = preg_replace_callback('!(src|href|background)=(["\']?)([a-z0-9/_.-]+)(["\'\s>])!i',
- array($this, 'file_callback'), $output);
+ $output = preg_replace_callback(
+ '!(src|href|background)=(["\']?)([a-z0-9/_.-]+)(["\'\s>])!i',
+ array($this, 'file_callback'), $output);
$output = str_replace('$__skin_path', $base_path, $output);
if ($this->charset != RCMAIL_CHARSET)
diff --git a/program/include/rcube_imap.php b/program/include/rcube_imap.php
index 26975044d..bfbf740fd 100644
--- a/program/include/rcube_imap.php
+++ b/program/include/rcube_imap.php
@@ -2053,7 +2053,7 @@ class rcube_imap
return false;
}
- $struct = &$this->_structure_part($structure);
+ $struct = &$this->_structure_part($structure, 0, '', $headers);
$struct->headers = get_object_vars($headers);
// don't trust given content-type
@@ -2185,6 +2185,11 @@ class rcube_imap
$struct->charset = $struct->ctype_parameters['charset'];
}
+ // #1487700: workaround for lack of charset in malformed structure
+ if (empty($struct->charset) && !empty($mime_headers) && $mime_headers->charset) {
+ $struct->charset = $mime_headers->charset;
+ }
+
// read content encoding
if (!empty($part[5]) && $part[5]!='NIL') {
$struct->encoding = strtolower($part[5]);
@@ -2233,7 +2238,11 @@ class rcube_imap
$mime_headers = $this->conn->fetchPartHeader(
$this->mailbox, $this->_msg_id, false, $struct->mime_id);
}
- $struct->headers = $this->_parse_headers($mime_headers) + $struct->headers;
+
+ if (is_string($mime_headers))
+ $struct->headers = $this->_parse_headers($mime_headers) + $struct->headers;
+ else if (is_object($mime_headers))
+ $struct->headers = get_object_vars($mime_headers) + $struct->headers;
// get real content-type of message/rfc822
if ($struct->mimetype == 'message/rfc822') {
@@ -4691,10 +4700,13 @@ class rcube_imap
private function _parse_address_list($str, $decode=true)
{
// remove any newlines and carriage returns before
- $a = rcube_explode_quoted_string('[,;]', preg_replace( "/[\r\n]/", " ", $str));
+ $str = preg_replace('/\r?\n(\s|\t)?/', ' ', $str);
+
+ // extract list items, remove comments
+ $str = self::explode_header_string(',;', $str, true);
$result = array();
- foreach ($a as $key => $val) {
+ foreach ($str as $key => $val) {
$name = '';
$address = '';
$val = trim($val);
@@ -4736,6 +4748,81 @@ class rcube_imap
/**
+ * Explodes header (e.g. address-list) string into array of strings
+ * using specified separator characters with proper handling
+ * of quoted-strings and comments (RFC2822)
+ *
+ * @param string $separator String containing separator characters
+ * @param string $str Header string
+ * @param bool $remove_comments Enable to remove comments
+ *
+ * @return array Header items
+ */
+ static function explode_header_string($separator, $str, $remove_comments=false)
+ {
+ $length = strlen($str);
+ $result = array();
+ $quoted = false;
+ $comment = 0;
+ $out = '';
+
+ for ($i=0; $i<$length; $i++) {
+ // we're inside a quoted string
+ if ($quoted) {
+ if ($str[$i] == '"') {
+ $quoted = false;
+ }
+ else if ($str[$i] == '\\') {
+ if ($comment <= 0) {
+ $out .= '\\';
+ }
+ $i++;
+ }
+ }
+ // we're inside a comment string
+ else if ($comment > 0) {
+ if ($str[$i] == ')') {
+ $comment--;
+ }
+ else if ($str[$i] == '(') {
+ $comment++;
+ }
+ else if ($str[$i] == '\\') {
+ $i++;
+ }
+ continue;
+ }
+ // separator, add to result array
+ else if (strpos($separator, $str[$i]) !== false) {
+ if ($out) {
+ $result[] = $out;
+ }
+ $out = '';
+ continue;
+ }
+ // start of quoted string
+ else if ($str[$i] == '"') {
+ $quoted = true;
+ }
+ // start of comment
+ else if ($remove_comments && $str[$i] == '(') {
+ $comment++;
+ }
+
+ if ($comment <= 0) {
+ $out .= $str[$i];
+ }
+ }
+
+ if ($out && $comment <= 0) {
+ $result[] = $out;
+ }
+
+ return $result;
+ }
+
+
+ /**
* This is our own debug handler for the IMAP connection
* @access public
*/
diff --git a/program/include/rcube_plugin_api.php b/program/include/rcube_plugin_api.php
index f0fe8c20e..ab5c40686 100644
--- a/program/include/rcube_plugin_api.php
+++ b/program/include/rcube_plugin_api.php
@@ -395,7 +395,7 @@ class rcube_plugin_api
{
if ($this->output->type == 'html') {
$src = $this->resource_url($fn);
- $this->output->add_header(html::tag('link', array('rel' => "stylesheet", 'type' => "text/css", 'href' => $src)));
+ $this->output->include_css($src);
}
}
@@ -437,4 +437,3 @@ class rcube_plugin_api
}
}
-
diff --git a/program/include/rcube_template.php b/program/include/rcube_template.php
index 92eddc2d8..5433dc202 100755
--- a/program/include/rcube_template.php
+++ b/program/include/rcube_template.php
@@ -1229,8 +1229,8 @@ class rcube_template extends rcube_html_page
'UTF-8' => 'UTF-8 ('.rcube_label('unicode').')',
'US-ASCII' => 'ASCII ('.rcube_label('english').')',
'ISO-8859-1' => 'ISO-8859-1 ('.rcube_label('westerneuropean').')',
- 'ISO-8859-2' => 'ISO-8895-2 ('.rcube_label('easterneuropean').')',
- 'ISO-8859-4' => 'ISO-8895-4 ('.rcube_label('baltic').')',
+ 'ISO-8859-2' => 'ISO-8859-2 ('.rcube_label('easterneuropean').')',
+ 'ISO-8859-4' => 'ISO-8859-4 ('.rcube_label('baltic').')',
'ISO-8859-5' => 'ISO-8859-5 ('.rcube_label('cyrillic').')',
'ISO-8859-6' => 'ISO-8859-6 ('.rcube_label('arabic').')',
'ISO-8859-7' => 'ISO-8859-7 ('.rcube_label('greek').')',