diff options
Diffstat (limited to 'program/include')
| -rw-r--r-- | program/include/main.inc | 46 | ||||
| -rw-r--r-- | program/include/rcmail.php | 4 | ||||
| -rw-r--r-- | program/include/rcube_config.php | 2 | ||||
| -rw-r--r-- | program/include/rcube_imap_generic.php | 6 | ||||
| -rw-r--r-- | program/include/rcube_ldap.php | 2 | ||||
| -rw-r--r-- | program/include/rcube_message.php | 10 | ||||
| -rw-r--r-- | program/include/rcube_session.php | 2 | ||||
| -rw-r--r-- | program/include/rcube_shared.inc | 2 | ||||
| -rw-r--r-- | program/include/rcube_smtp.php | 7 | ||||
| -rwxr-xr-x | program/include/rcube_template.php | 2 |
10 files changed, 71 insertions, 12 deletions
diff --git a/program/include/main.inc b/program/include/main.inc index b8d27d68c..f9cc4331b 100644 --- a/program/include/main.inc +++ b/program/include/main.inc @@ -1224,6 +1224,19 @@ function rcmail_remote_ip() /** + * Check whether the HTTP referer matches the current request + * + * @return boolean True if referer is the same host+path, false if not + */ +function rcube_check_referer() +{ + $uri = parse_url($_SERVER['REQUEST_URI']); + $referer = parse_url(rc_request_header('Referer')); + return $referer['host'] == rc_request_header('Host') && $referer['path'] == $uri['path']; +} + + +/** * @access private * @return mixed */ @@ -1863,6 +1876,39 @@ function check_email($email, $dns_check=true) return false; } +/* + * Idn_to_ascii wrapper. + * Intl/Idn modules version of this function doesn't work with e-mail address + */ +function rcube_idn_to_ascii($str) +{ + return rcube_idn_convert($str, true); +} + +/* + * Idn_to_ascii wrapper. + * Intl/Idn modules version of this function doesn't work with e-mail address + */ +function rcube_idn_to_utf8($str) +{ + return rcube_idn_convert($str, false); +} + +function rcube_idn_convert($input, $is_utf=false) +{ + if ($at = strpos($input, '@')) { + $user = substr($input, 0, $at); + $domain = substr($input, $at+1); + } + else { + $domain = $input; + } + + $domain = $is_utf ? idn_to_ascii($domain) : idn_to_utf8($domain); + + return $at ? $user . '@' . $domain : $domain; +} + /** * Helper class to turn relative urls into absolute ones diff --git a/program/include/rcmail.php b/program/include/rcmail.php index e9f5b5fce..4ff790d85 100644 --- a/program/include/rcmail.php +++ b/program/include/rcmail.php @@ -691,12 +691,12 @@ class rcmail // Here we need IDNA ASCII // Only rcube_contacts class is using domain names in Unicode - $host = idn_to_ascii($host); + $host = rcube_idn_to_ascii($host); if (strpos($username, '@')) { // lowercase domain name list($local, $domain) = explode('@', $username); $username = $local . '@' . mb_strtolower($domain); - $username = idn_to_ascii($username); + $username = rcube_idn_to_ascii($username); } // user already registered -> overwrite username diff --git a/program/include/rcube_config.php b/program/include/rcube_config.php index 76cf18307..15b9e3dd3 100644 --- a/program/include/rcube_config.php +++ b/program/include/rcube_config.php @@ -287,7 +287,7 @@ class rcube_config $domain = rcube_parse_host($this->prop['mail_domain']); if ($encode) - $domain = idn_to_ascii($domain); + $domain = rcube_idn_to_ascii($domain); return $domain; } diff --git a/program/include/rcube_imap_generic.php b/program/include/rcube_imap_generic.php index 166a106a1..3b2e3ee87 100644 --- a/program/include/rcube_imap_generic.php +++ b/program/include/rcube_imap_generic.php @@ -1494,7 +1494,7 @@ class rcube_imap_generic // INTERNALDATE "16-Nov-2008 21:08:46 +0100" BODYSTRUCTURE (...) // BODY[HEADER.FIELDS ... - if (preg_match('/^\* [0-9]+ FETCH \((.*) BODY/s', $line, $matches)) { + if (preg_match('/^\* [0-9]+ FETCH \((.*) BODY/sU', $line, $matches)) { $str = $matches[1]; // swap parents with quotes, then explode @@ -1531,7 +1531,7 @@ class rcube_imap_generic // BODYSTRUCTURE if ($bodystr) { - while (!preg_match('/ BODYSTRUCTURE (.*) BODY\[HEADER.FIELDS/s', $line, $m)) { + while (!preg_match('/ BODYSTRUCTURE (.*) BODY\[HEADER.FIELDS/sU', $line, $m)) { $line2 = $this->readLine(1024); $line .= $this->multLine($line2, true); } @@ -1631,7 +1631,7 @@ class rcube_imap_generic break; case 'content-type': $ctype_parts = preg_split('/[; ]/', $string); - $result[$id]->ctype = array_shift($ctype_parts); + $result[$id]->ctype = strtolower(array_shift($ctype_parts)); if (preg_match('/charset\s*=\s*"?([a-z0-9\-\.\_]+)"?/i', $string, $regs)) { $result[$id]->charset = $regs[1]; } diff --git a/program/include/rcube_ldap.php b/program/include/rcube_ldap.php index d5cc13257..93b69649d 100644 --- a/program/include/rcube_ldap.php +++ b/program/include/rcube_ldap.php @@ -99,7 +99,7 @@ class rcube_ldap extends rcube_addressbook foreach ($this->prop['hosts'] as $host) { - $host = idn_to_ascii(rcube_parse_host($host)); + $host = rcube_idn_to_ascii(rcube_parse_host($host)); $this->_debug("C: Connect [$host".($this->prop['port'] ? ':'.$this->prop['port'] : '')."]"); if ($lc = @ldap_connect($host, $this->prop['port'])) diff --git a/program/include/rcube_message.php b/program/include/rcube_message.php index b6c865d1c..75b55fee0 100644 --- a/program/include/rcube_message.php +++ b/program/include/rcube_message.php @@ -506,6 +506,16 @@ class rcube_message ) { $this->attachments[] = $inline_object; } + // MS Outlook sometimes also adds non-image attachments as related + // We'll add all such attachments to the attachments list + // Warning: some browsers support pdf in <img/> + // @TODO: we should fetch HTML body and find attachment's content-id + // to handle also image attachments without reference in the body + if (!empty($inline_object->filename) + && !preg_match('/^image\/(gif|jpe?g|png|tiff|bmp|svg)/', $inline_object->mimetype) + ) { + $this->attachments[] = $inline_object; + } } // add replace array to each content part diff --git a/program/include/rcube_session.php b/program/include/rcube_session.php index 4137b3714..59ce42379 100644 --- a/program/include/rcube_session.php +++ b/program/include/rcube_session.php @@ -154,6 +154,8 @@ class rcube_session sprintf("DELETE FROM %s WHERE sess_id = ?", get_table_name('session')), $key); + if ($key == $this->key) + $this->vars = false; return true; } diff --git a/program/include/rcube_shared.inc b/program/include/rcube_shared.inc index d6d91e03f..afaa15d69 100644 --- a/program/include/rcube_shared.inc +++ b/program/include/rcube_shared.inc @@ -700,7 +700,7 @@ if (!function_exists('idn_to_utf8')) $loaded = true; } - if ($idn && $domain && preg_match('/(^|@|\.)xn--/i', $domain)) { + if ($idn && $domain && preg_match('/(^|\.)xn--/i', $domain)) { try { $domain = $idn->decode($domain); } diff --git a/program/include/rcube_smtp.php b/program/include/rcube_smtp.php index 5d1d459e9..81f212dcf 100644 --- a/program/include/rcube_smtp.php +++ b/program/include/rcube_smtp.php @@ -101,7 +101,7 @@ class rcube_smtp $helo_host = 'localhost'; // IDNA Support - $smtp_host = idn_to_ascii($smtp_host); + $smtp_host = rcube_idn_to_ascii($smtp_host); $this->conn = new Net_SMTP($smtp_host, $smtp_port, $helo_host); @@ -132,8 +132,9 @@ class rcube_smtp if ($smtp_user && $smtp_pass) { // IDNA Support - if (strpos($smtp_user, '@')) - $smtp_user = idn_to_ascii($smtp_user); + if (strpos($smtp_user, '@')) { + $smtp_user = rcube_idn_to_ascii($smtp_user); + } $result = $this->conn->auth($smtp_user, $smtp_pass, $smtp_auth_type, $use_tls, $smtp_authz); diff --git a/program/include/rcube_template.php b/program/include/rcube_template.php index 5433dc202..5806d5185 100755 --- a/program/include/rcube_template.php +++ b/program/include/rcube_template.php @@ -1031,7 +1031,7 @@ class rcube_template extends rcube_html_page $username = $this->app->user->get_username(); } - return idn_to_utf8($username); + return rcube_idn_to_utf8($username); } |