diff options
Diffstat (limited to 'program/include')
-rwxr-xr-x | program/include/iniset.php | 2 | ||||
-rw-r--r-- | program/include/main.inc | 9 | ||||
-rw-r--r-- | program/include/rcmail.php | 4 | ||||
-rw-r--r-- | program/include/rcube_html_page.php | 86 | ||||
-rw-r--r-- | program/include/rcube_imap.php | 95 | ||||
-rw-r--r-- | program/include/rcube_plugin_api.php | 3 | ||||
-rwxr-xr-x | program/include/rcube_template.php | 4 |
7 files changed, 150 insertions, 53 deletions
diff --git a/program/include/iniset.php b/program/include/iniset.php index aeb4549fc..ac96880c3 100755 --- a/program/include/iniset.php +++ b/program/include/iniset.php @@ -36,7 +36,7 @@ foreach ($crit_opts as $optname => $optval) { } // application constants -define('RCMAIL_VERSION', '0.5'); +define('RCMAIL_VERSION', '0.5.1'); define('RCMAIL_CHARSET', 'UTF-8'); define('JS_OBJECT_NAME', 'rcmail'); define('RCMAIL_START', microtime(true)); diff --git a/program/include/main.inc b/program/include/main.inc index b61f8aea2..b8d27d68c 100644 --- a/program/include/main.inc +++ b/program/include/main.inc @@ -861,8 +861,8 @@ function rcmail_mod_css_styles($source, $container_id) $replacements = new rcube_string_replacer; // ignore the whole block if evil styles are detected - $stripped = preg_replace('/[^a-z\(:]/', '', rcmail_xss_entity_decode($source)); - if (preg_match('/expression|behavior|url\(|import/', $stripped)) + $stripped = preg_replace('/[^a-z\(:;]/', '', rcmail_xss_entity_decode($source)); + if (preg_match('/expression|behavior|url\(|import[^a]/', $stripped)) return '/* evil! */'; // remove css comments (sometimes used for some ugly hacks) @@ -1771,16 +1771,17 @@ function rcube_sess_unset($var_name=null) * Replaces hostname variables * * @param string $name Hostname + * @param string $host Optional IMAP hostname * @return string */ -function rcube_parse_host($name) +function rcube_parse_host($name, $host='') { // %n - host $n = preg_replace('/:\d+$/', '', $_SERVER['SERVER_NAME']); // %d - domain name without first part, e.g. %d=mail.domain.tld, %m=domain.tld $d = preg_replace('/^[^\.]+\./', '', $n); // %h - IMAP host - $h = $_SESSION['imap_host']; + $h = $_SESSION['imap_host'] ? $_SESSION['imap_host'] : $host; // %z - IMAP domain without first part, e.g. %h=imap.domain.tld, %z=domain.tld $z = preg_replace('/^[^\.]+\./', '', $h); diff --git a/program/include/rcmail.php b/program/include/rcmail.php index e4078a72f..e9f5b5fce 100644 --- a/program/include/rcmail.php +++ b/program/include/rcmail.php @@ -673,9 +673,9 @@ class rcmail // Check if we need to add domain if (!empty($config['username_domain']) && strpos($username, '@') === false) { if (is_array($config['username_domain']) && isset($config['username_domain'][$host])) - $username .= '@'.rcube_parse_host($config['username_domain'][$host]); + $username .= '@'.rcube_parse_host($config['username_domain'][$host], $host); else if (is_string($config['username_domain'])) - $username .= '@'.rcube_parse_host($config['username_domain']); + $username .= '@'.rcube_parse_host($config['username_domain'], $host); } // Convert username to lowercase. If IMAP backend diff --git a/program/include/rcube_html_page.php b/program/include/rcube_html_page.php index 06cb5cb56..9ac03d01f 100644 --- a/program/include/rcube_html_page.php +++ b/program/include/rcube_html_page.php @@ -28,11 +28,13 @@ class rcube_html_page { protected $scripts_path = ''; protected $script_files = array(); + protected $css_files = array(); protected $scripts = array(); protected $charset = RCMAIL_CHARSET; protected $script_tag_file = "<script type=\"text/javascript\" src=\"%s\"></script>\n"; protected $script_tag = "<script type=\"text/javascript\">\n/* <![CDATA[ */\n%s\n/* ]]> */\n</script>"; + protected $link_css_file = "<link rel=\"stylesheet\" type=\"text/css\" href=\"%s\" />\n"; protected $default_template = "<html>\n<head><title></title></head>\n<body></body>\n</html>"; protected $title = ''; @@ -61,6 +63,9 @@ class rcube_html_page if (in_array($file, $sa_files)) { return; } + + $sa_files[] = $file; + if (!is_array($this->script_files[$position])) { $this->script_files[$position] = array(); } @@ -83,6 +88,16 @@ class rcube_html_page } /** + * Link an external css file + * + * @param string File URL + */ + public function include_css($file) + { + $this->css_files[] = $file; + } + + /** * Add HTML code to the page header * * @param string $str HTML code @@ -163,52 +178,53 @@ class rcube_html_page } // replace specialchars in content - $__page_title = Q($this->title, 'show', FALSE); - $__page_header = $__page_body = $__page_footer = ''; + $page_title = Q($this->title, 'show', FALSE); + $page_header = ''; + $page_footer = ''; // include meta tag with charset if (!empty($this->charset)) { if (!headers_sent()) { header('Content-Type: text/html; charset=' . $this->charset); } - $__page_header = '<meta http-equiv="content-type"'; - $__page_header.= ' content="text/html; charset='; - $__page_header.= $this->charset . '" />'."\n"; + $page_header = '<meta http-equiv="content-type"'; + $page_header.= ' content="text/html; charset='; + $page_header.= $this->charset . '" />'."\n"; } // definition of the code to be placed in the document header and footer if (is_array($this->script_files['head'])) { foreach ($this->script_files['head'] as $file) { - $__page_header .= sprintf($this->script_tag_file, $file); + $page_header .= sprintf($this->script_tag_file, $file); } } $head_script = $this->scripts['head_top'] . $this->scripts['head']; if (!empty($head_script)) { - $__page_header .= sprintf($this->script_tag, $head_script); + $page_header .= sprintf($this->script_tag, $head_script); } if (!empty($this->header)) { - $__page_header .= $this->header; + $page_header .= $this->header; } if (is_array($this->script_files['foot'])) { foreach ($this->script_files['foot'] as $file) { - $__page_footer .= sprintf($this->script_tag_file, $file); + $page_footer .= sprintf($this->script_tag_file, $file); } } if (!empty($this->scripts['foot'])) { - $__page_footer .= sprintf($this->script_tag, $this->scripts['foot']); + $page_footer .= sprintf($this->script_tag, $this->scripts['foot']); } if (!empty($this->footer)) { - $__page_footer .= $this->footer; + $page_footer .= $this->footer; } // find page header if ($hpos = stripos($output, '</head>')) { - $__page_header .= "\n"; + $page_header .= "\n"; } else { if (!is_numeric($hpos)) { @@ -220,49 +236,43 @@ class rcube_html_page } $hpos++; } - $__page_header = "<head>\n<title>$__page_title</title>\n$__page_header\n</head>\n"; + $page_header = "<head>\n<title>$page_title</title>\n$page_header\n</head>\n"; } // add page hader if ($hpos) { - $output = substr($output,0,$hpos) . $__page_header . substr($output,$hpos,strlen($output)); + $output = substr($output,0,$hpos) . $page_header . substr($output,$hpos,strlen($output)); } else { - $output = $__page_header . $output; + $output = $page_header . $output; } - // find page body - if ($bpos = stripos($output, '<body')) { - while ($output[$bpos] != '>') { - $bpos++; - } - $bpos++; - } - else { - $bpos = stripos($output, '</head>')+7; - } - - // add page body - if ($bpos && $__page_body) { - $output = substr($output,0,$bpos) . "\n$__page_body\n" . substr($output,$bpos,strlen($output)); - } - - // find and add page footer + // add page footer if (($fpos = strripos($output, '</body>')) || ($fpos = strripos($output, '</html>'))) { - $output = substr($output, 0, $fpos) . "$__page_footer\n" . substr($output, $fpos); + $output = substr($output, 0, $fpos) . "$page_footer\n" . substr($output, $fpos); } else { - $output .= "\n".$__page_footer; + $output .= "\n".$page_footer; } - // reset those global vars - $__page_header = $__page_footer = ''; + // add css files in head, before scripts, for speed up with parallel downloads + if (!empty($this->css_files) && + (($pos = stripos($output, '<script ')) || ($pos = stripos($output, '</head>'))) + ) { + $css = ''; + foreach ($this->css_files as $file) { + $css .= sprintf($this->link_css_file, $file); + } + $output = substr($output, 0, $pos) . $css . substr($output, $pos); + } $this->base_path = $base_path; + // correct absolute paths in images and other tags // add timestamp to .js and .css filename - $output = preg_replace_callback('!(src|href|background)=(["\']?)([a-z0-9/_.-]+)(["\'\s>])!i', - array($this, 'file_callback'), $output); + $output = preg_replace_callback( + '!(src|href|background)=(["\']?)([a-z0-9/_.-]+)(["\'\s>])!i', + array($this, 'file_callback'), $output); $output = str_replace('$__skin_path', $base_path, $output); if ($this->charset != RCMAIL_CHARSET) diff --git a/program/include/rcube_imap.php b/program/include/rcube_imap.php index 26975044d..bfbf740fd 100644 --- a/program/include/rcube_imap.php +++ b/program/include/rcube_imap.php @@ -2053,7 +2053,7 @@ class rcube_imap return false; } - $struct = &$this->_structure_part($structure); + $struct = &$this->_structure_part($structure, 0, '', $headers); $struct->headers = get_object_vars($headers); // don't trust given content-type @@ -2185,6 +2185,11 @@ class rcube_imap $struct->charset = $struct->ctype_parameters['charset']; } + // #1487700: workaround for lack of charset in malformed structure + if (empty($struct->charset) && !empty($mime_headers) && $mime_headers->charset) { + $struct->charset = $mime_headers->charset; + } + // read content encoding if (!empty($part[5]) && $part[5]!='NIL') { $struct->encoding = strtolower($part[5]); @@ -2233,7 +2238,11 @@ class rcube_imap $mime_headers = $this->conn->fetchPartHeader( $this->mailbox, $this->_msg_id, false, $struct->mime_id); } - $struct->headers = $this->_parse_headers($mime_headers) + $struct->headers; + + if (is_string($mime_headers)) + $struct->headers = $this->_parse_headers($mime_headers) + $struct->headers; + else if (is_object($mime_headers)) + $struct->headers = get_object_vars($mime_headers) + $struct->headers; // get real content-type of message/rfc822 if ($struct->mimetype == 'message/rfc822') { @@ -4691,10 +4700,13 @@ class rcube_imap private function _parse_address_list($str, $decode=true) { // remove any newlines and carriage returns before - $a = rcube_explode_quoted_string('[,;]', preg_replace( "/[\r\n]/", " ", $str)); + $str = preg_replace('/\r?\n(\s|\t)?/', ' ', $str); + + // extract list items, remove comments + $str = self::explode_header_string(',;', $str, true); $result = array(); - foreach ($a as $key => $val) { + foreach ($str as $key => $val) { $name = ''; $address = ''; $val = trim($val); @@ -4736,6 +4748,81 @@ class rcube_imap /** + * Explodes header (e.g. address-list) string into array of strings + * using specified separator characters with proper handling + * of quoted-strings and comments (RFC2822) + * + * @param string $separator String containing separator characters + * @param string $str Header string + * @param bool $remove_comments Enable to remove comments + * + * @return array Header items + */ + static function explode_header_string($separator, $str, $remove_comments=false) + { + $length = strlen($str); + $result = array(); + $quoted = false; + $comment = 0; + $out = ''; + + for ($i=0; $i<$length; $i++) { + // we're inside a quoted string + if ($quoted) { + if ($str[$i] == '"') { + $quoted = false; + } + else if ($str[$i] == '\\') { + if ($comment <= 0) { + $out .= '\\'; + } + $i++; + } + } + // we're inside a comment string + else if ($comment > 0) { + if ($str[$i] == ')') { + $comment--; + } + else if ($str[$i] == '(') { + $comment++; + } + else if ($str[$i] == '\\') { + $i++; + } + continue; + } + // separator, add to result array + else if (strpos($separator, $str[$i]) !== false) { + if ($out) { + $result[] = $out; + } + $out = ''; + continue; + } + // start of quoted string + else if ($str[$i] == '"') { + $quoted = true; + } + // start of comment + else if ($remove_comments && $str[$i] == '(') { + $comment++; + } + + if ($comment <= 0) { + $out .= $str[$i]; + } + } + + if ($out && $comment <= 0) { + $result[] = $out; + } + + return $result; + } + + + /** * This is our own debug handler for the IMAP connection * @access public */ diff --git a/program/include/rcube_plugin_api.php b/program/include/rcube_plugin_api.php index f0fe8c20e..ab5c40686 100644 --- a/program/include/rcube_plugin_api.php +++ b/program/include/rcube_plugin_api.php @@ -395,7 +395,7 @@ class rcube_plugin_api { if ($this->output->type == 'html') { $src = $this->resource_url($fn); - $this->output->add_header(html::tag('link', array('rel' => "stylesheet", 'type' => "text/css", 'href' => $src))); + $this->output->include_css($src); } } @@ -437,4 +437,3 @@ class rcube_plugin_api } } - diff --git a/program/include/rcube_template.php b/program/include/rcube_template.php index 92eddc2d8..5433dc202 100755 --- a/program/include/rcube_template.php +++ b/program/include/rcube_template.php @@ -1229,8 +1229,8 @@ class rcube_template extends rcube_html_page 'UTF-8' => 'UTF-8 ('.rcube_label('unicode').')', 'US-ASCII' => 'ASCII ('.rcube_label('english').')', 'ISO-8859-1' => 'ISO-8859-1 ('.rcube_label('westerneuropean').')', - 'ISO-8859-2' => 'ISO-8895-2 ('.rcube_label('easterneuropean').')', - 'ISO-8859-4' => 'ISO-8895-4 ('.rcube_label('baltic').')', + 'ISO-8859-2' => 'ISO-8859-2 ('.rcube_label('easterneuropean').')', + 'ISO-8859-4' => 'ISO-8859-4 ('.rcube_label('baltic').')', 'ISO-8859-5' => 'ISO-8859-5 ('.rcube_label('cyrillic').')', 'ISO-8859-6' => 'ISO-8859-6 ('.rcube_label('arabic').')', 'ISO-8859-7' => 'ISO-8859-7 ('.rcube_label('greek').')', |