summaryrefslogtreecommitdiff
path: root/program/steps/mail
diff options
context:
space:
mode:
Diffstat (limited to 'program/steps/mail')
-rw-r--r--program/steps/mail/compose.inc20
-rw-r--r--program/steps/mail/copy.inc8
-rw-r--r--program/steps/mail/func.inc23
-rw-r--r--program/steps/mail/get.inc53
-rw-r--r--program/steps/mail/mark.inc10
-rw-r--r--program/steps/mail/move_del.inc2
-rw-r--r--program/steps/mail/sendmail.inc44
-rw-r--r--program/steps/mail/show.inc2
8 files changed, 101 insertions, 61 deletions
diff --git a/program/steps/mail/compose.inc b/program/steps/mail/compose.inc
index c166eb74e..81b598377 100644
--- a/program/steps/mail/compose.inc
+++ b/program/steps/mail/compose.inc
@@ -139,7 +139,6 @@ if (!empty($CONFIG['drafts_mbox'])) {
}
// set current mailbox in client environment
$OUTPUT->set_env('mailbox', $RCMAIL->storage->get_folder());
-$OUTPUT->set_env('sig_above', $RCMAIL->config->get('sig_above', false));
$OUTPUT->set_env('top_posting', intval($RCMAIL->config->get('reply_mode')) > 0);
$OUTPUT->set_env('recipients_separator', trim($RCMAIL->config->get('recipients_separator', ',')));
@@ -152,6 +151,7 @@ if ($font && !is_array($font)) {
// get reference message and set compose mode
if ($msg_uid = $COMPOSE['param']['draft_uid']) {
$compose_mode = RCUBE_COMPOSE_DRAFT;
+ $OUTPUT->set_env('draft_id', $msg_uid);
$RCMAIL->storage->set_folder($CONFIG['drafts_mbox']);
}
else if ($msg_uid = $COMPOSE['param']['reply_uid']) {
@@ -220,9 +220,9 @@ if (!empty($msg_uid) && empty($COMPOSE['as_attachment']))
}
}
else if ($compose_mode == RCUBE_COMPOSE_DRAFT) {
- if ($MESSAGE->headers->others['x-draft-info']) {
+ if ($draft_info = $MESSAGE->headers->get('x-draft-info')) {
// get reply_uid/forward_uid to flag the original message when sending
- $info = rcmail_draftinfo_decode($MESSAGE->headers->others['x-draft-info']);
+ $info = rcmail_draftinfo_decode($draft_info);
if ($info['type'] == 'reply')
$COMPOSE['reply_uid'] = $info['uid'];
@@ -239,8 +239,8 @@ if (!empty($msg_uid) && empty($COMPOSE['as_attachment']))
}
}
- if ($MESSAGE->headers->in_reply_to)
- $COMPOSE['reply_msgid'] = '<'.$MESSAGE->headers->in_reply_to.'>';
+ if ($in_reply_to = $MESSAGE->headers->get('in-reply-to'))
+ $COMPOSE['reply_msgid'] = '<' . $in_reply_to . '>';
$COMPOSE['references'] = $MESSAGE->headers->references;
}
@@ -461,7 +461,7 @@ function rcmail_compose_header_from($attrib)
if (count($MESSAGE->identities))
{
$a_signatures = array();
- $separator = $RCMAIL->config->get('sig_above')
+ $separator = intval($RCMAIL->config->get('reply_mode')) > 0
&& ($compose_mode == RCUBE_COMPOSE_REPLY || $compose_mode == RCUBE_COMPOSE_FORWARD) ? '---' : '-- ';
$field_attrib['onchange'] = JS_OBJECT_NAME.".change_identity(this)";
@@ -571,7 +571,7 @@ function rcmail_prepare_message_body()
rcmail_write_forward_attachments();
}
// reply/edit/draft/forward
- else if ($compose_mode && ($compose_mode != RCUBE_COMPOSE_REPLY || $RCMAIL->config->get('reply_mode') != -1)) {
+ else if ($compose_mode && ($compose_mode != RCUBE_COMPOSE_REPLY || intval($RCMAIL->config->get('reply_mode')) != -1)) {
$isHtml = rcmail_compose_editor_mode();
if (!empty($MESSAGE->parts)) {
@@ -997,10 +997,12 @@ function rcmail_write_compose_attachments(&$message, $bodyIsHtml)
foreach ((array)$message->mime_parts as $pid => $part)
{
if ($part->disposition == 'attachment' || ($part->disposition == 'inline' && $bodyIsHtml) || $part->filename) {
- if (($part->ctype_primary == 'message' && $bodyIsHtml) || $part->ctype_primary == 'multipart') {
+ // skip parts that aren't valid attachments
+ if ($part->ctype_primary == 'multipart' || $part->mimetype == 'application/ms-tnef') {
continue;
}
- if ($part->mimetype == 'application/ms-tnef') {
+ // skip message attachments in reply mode
+ if ($part->ctype_primary == 'message' && $compose_mode == RCUBE_COMPOSE_REPLY) {
continue;
}
// skip inline images when forwarding in plain text
diff --git a/program/steps/mail/copy.inc b/program/steps/mail/copy.inc
index a72378b0e..876657485 100644
--- a/program/steps/mail/copy.inc
+++ b/program/steps/mail/copy.inc
@@ -24,10 +24,10 @@ if (!$OUTPUT->ajax_call)
return;
// move messages
-if (!empty($_POST['_uid']) && !empty($_POST['_target_mbox'])) {
- $uids = get_input_value('_uid', RCUBE_INPUT_POST);
+if (!empty($_POST['_uid']) && strlen($_POST['_target_mbox'])) {
+ $uids = get_input_value('_uid', RCUBE_INPUT_POST);
$target = get_input_value('_target_mbox', RCUBE_INPUT_POST, true);
- $mbox = get_input_value('_mbox', RCUBE_INPUT_POST, true);
+ $mbox = get_input_value('_mbox', RCUBE_INPUT_POST, true);
$copied = $RCMAIL->storage->copy_message($uids, $target, $mbox);
@@ -47,7 +47,7 @@ if (!empty($_POST['_uid']) && !empty($_POST['_target_mbox'])) {
}
// unknown action or missing query param
else {
- exit;
+ $OUTPUT->show_message('internalerror', 'error');
}
// send response
diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc
index 274c40b5c..60db3f310 100644
--- a/program/steps/mail/func.inc
+++ b/program/steps/mail/func.inc
@@ -896,7 +896,7 @@ function rcmail_washtml_callback($tagname, $attrib, $content, $washtml)
* return table with message headers
*/
function rcmail_message_headers($attrib, $headers=null)
- {
+{
global $OUTPUT, $MESSAGE, $PRINT_MODE, $RCMAIL;
static $sa_attrib;
@@ -1194,7 +1194,7 @@ function rcmail_message_body($attrib)
html::a($show_link + array('class' => 'image-link', 'style' => sprintf('width:%dpx', $thumbnail_size)),
html::img(array(
'class' => 'image-thumbnail',
- 'src' => $MESSAGE->get_part_url($attach_prop->mime_id, true) . '&_thumb=1',
+ 'src' => $MESSAGE->get_part_url($attach_prop->mime_id, 'image') . '&_thumb=1',
'title' => $attach_prop->filename,
'alt' => $attach_prop->filename,
'style' => sprintf('max-width:%dpx; max-height:%dpx', $thumbnail_size, $thumbnail_size),
@@ -1214,7 +1214,7 @@ function rcmail_message_body($attrib)
html::tag('legend', 'image-filename', Q($attach_prop->filename)) .
html::p(array('align' => "center"),
html::img(array(
- 'src' => $MESSAGE->get_part_url($attach_prop->mime_id, true),
+ 'src' => $MESSAGE->get_part_url($attach_prop->mime_id, 'image'),
'title' => $attach_prop->filename,
'alt' => $attach_prop->filename,
)))
@@ -1897,13 +1897,15 @@ function rcmail_search_filter($attrib)
$attrib['onchange'] = JS_OBJECT_NAME.'.filter_mailbox(this.value)';
- /*
- RFC3501 (6.4.4): 'ALL', 'RECENT',
- 'ANSWERED', 'DELETED', 'FLAGGED', 'SEEN',
- 'UNANSWERED', 'UNDELETED', 'UNFLAGGED', 'UNSEEN',
- 'NEW', // = (RECENT UNSEEN)
- 'OLD' // = NOT RECENT
- */
+ // Content-Type values of messages with attachments
+ // the same as in app.js:add_message_row()
+ $ctypes = array('application/', 'multipart/m', 'multipart/signed', 'multipart/report');
+
+ // Build search string of "with attachment" filter
+ $attachment = str_repeat(' OR', count($ctypes)-1);
+ foreach ($ctypes as $type) {
+ $attachment .= ' HEADER Content-Type ' . rcube_imap_generic::escape($type);
+ }
$select_filter = new html_select($attrib);
$select_filter->add(rcube_label('all'), 'ALL');
@@ -1914,6 +1916,7 @@ function rcmail_search_filter($attrib)
$select_filter->add(rcube_label('deleted'), 'DELETED');
$select_filter->add(rcube_label('undeleted'), 'UNDELETED');
}
+ $select_filter->add(rcube_label('withattachment'), $attachment);
$select_filter->add(rcube_label('priority').': '.rcube_label('highest'), 'HEADER X-PRIORITY 1');
$select_filter->add(rcube_label('priority').': '.rcube_label('high'), 'HEADER X-PRIORITY 2');
$select_filter->add(rcube_label('priority').': '.rcube_label('normal'), 'NOT HEADER X-PRIORITY 1 NOT HEADER X-PRIORITY 2 NOT HEADER X-PRIORITY 4 NOT HEADER X-PRIORITY 5');
diff --git a/program/steps/mail/get.inc b/program/steps/mail/get.inc
index 23dc22b7c..bcc6f11bc 100644
--- a/program/steps/mail/get.inc
+++ b/program/steps/mail/get.inc
@@ -22,7 +22,7 @@
// show loading page
if (!empty($_GET['_preload'])) {
- $url = preg_replace('/([&?]+)_preload=/', '\\1_embed=', $_SERVER['REQUEST_URI']);
+ $url = preg_replace('/([&?]+)_preload=/', '\\1_mimewarning=1&_embed=', $_SERVER['REQUEST_URI']);
$message = rcube_label('loadingdata');
header('Content-Type: text/html; charset=' . RCMAIL_CHARSET);
@@ -62,9 +62,10 @@ else if ($_GET['_thumb']) {
$thumbnail_size = $RCMAIL->config->get('image_thumbnail_size', 240);
$temp_dir = $RCMAIL->config->get('temp_dir');
list(,$ext) = explode('/', $part->mimetype);
- $cache_basename = $temp_dir . '/' . md5($MESSAGE->headers->messageID . $part->mime_id . ':' . $RCMAIL->user->ID . ':' . $thumbnail_size);
- $cache_file = $cache_basename . '.' . $ext;
$mimetype = $part->mimetype;
+ $file_ident = $MESSAGE->headers->messageID . ':' . $part->mime_id . ':' . $part->size . ':' . $part->mimetype;
+ $cache_basename = $temp_dir . '/' . md5($file_ident . ':' . $RCMAIL->user->ID . ':' . $thumbnail_size);
+ $cache_file = $cache_basename . '.' . $ext;
// render thumbnail image if not done yet
if (!is_file($cache_file)) {
@@ -118,7 +119,7 @@ else if (strlen($pid = get_input_value('_part', RCUBE_INPUT_GET))) {
$file_extension = strtolower(pathinfo($part->filename, PATHINFO_EXTENSION));
// 1. compare filename suffix with expected suffix derived from mimetype
- $valid = $file_extension && in_array($file_extension, (array)$extensions);
+ $valid = $file_extension && in_array($file_extension, (array)$extensions) || !empty($_REQUEST['_mimeclass']);
// 2. detect the real mimetype of the attachment part and compare it with the stated mimetype and filename extension
if ($valid || !$file_extension || $mimetype == 'application/octet-stream' || $mimetype == 'text/plain') {
@@ -145,6 +146,10 @@ else if (strlen($pid = get_input_value('_part', RCUBE_INPUT_GET))) {
$extensions = rcube_mime::get_mime_extensions($real_mimetype);
$valid_extension = (!$file_extension || in_array($file_extension, (array)$extensions));
+ // ignore filename extension if mimeclass matches (#1489029)
+ if (!empty($_REQUEST['_mimeclass']) && $real_ctype_primary == $_REQUEST['_mimeclass'])
+ $valid_extension = true;
+
// fix mimetype for images wrongly declared as octet-stream
if ($mimetype == 'application/octet-stream' && strpos($real_mimetype, 'image/') === 0 && $valid_extension)
$mimetype = $real_mimetype;
@@ -157,22 +162,32 @@ else if (strlen($pid = get_input_value('_part', RCUBE_INPUT_GET))) {
// show warning if validity checks failed
if (!$valid) {
- $OUTPUT = new rcmail_html_page();
- $OUTPUT->write(html::tag('html', null, html::tag('body', 'embed',
- html::div(array('class' => 'rcmail-inline-message rcmail-inline-warning'),
- rcube_label(array(
- 'name' => 'attachmentvalidationerror',
- 'vars' => array(
- 'expected' => $mimetype . ($file_extension ? "(.$file_extension)" : ''),
- 'detected' => $real_mimetype . ($extensions[0] ? "(.$extensions[0])" : ''),
+ // send blocked.gif for expected images
+ if (empty($_REQUEST['_mimewarning']) && strpos($mimetype, 'image/') === 0) {
+ // Do not cache. Failure might be the result of a misconfiguration, thus real content should be returned once fixed.
+ $OUTPUT->nocacheing_headers();
+ header("Content-Type: image/gif");
+ header("Content-Transfer-Encoding: binary");
+ readfile(INSTALL_PATH . 'program/resources/blocked.gif');
+ }
+ else { // html warning with a button to load the file anyway
+ $OUTPUT = new rcmail_html_page();
+ $OUTPUT->write(html::tag('html', null, html::tag('body', 'embed',
+ html::div(array('class' => 'rcmail-inline-message rcmail-inline-warning'),
+ rcube_label(array(
+ 'name' => 'attachmentvalidationerror',
+ 'vars' => array(
+ 'expected' => $mimetype . ($file_extension ? "(.$file_extension)" : ''),
+ 'detected' => $real_mimetype . ($extensions[0] ? "(.$extensions[0])" : ''),
+ )
+ )) .
+ html::p(array('class' => 'rcmail-inline-buttons'),
+ html::tag('button',
+ array('onclick' => "location.href='" . $RCMAIL->url(array_merge($_GET, array('_nocheck' => 1))) . "'"),
+ rcube_label('showanyway')))
)
- )) .
- html::p(array('class' => 'rcmail-inline-buttons'),
- html::tag('button',
- array('onclick' => "location.href='" . $RCMAIL->url(array_merge($_GET, array('_nocheck' => 1))) . "'"),
- rcube_label('showanyway')))
- )
- )));
+ )));
+ }
exit;
}
}
diff --git a/program/steps/mail/mark.inc b/program/steps/mail/mark.inc
index c220fc5c4..dfc892ea1 100644
--- a/program/steps/mail/mark.inc
+++ b/program/steps/mail/mark.inc
@@ -113,7 +113,7 @@ if (($uids = get_input_value('_uid', RCUBE_INPUT_POST)) && ($flag = get_input_va
$OUTPUT->command('set_rowcount', rcmail_get_messagecount_text($msg_count), $mbox);
if ($threading) {
- $count = get_input_value('_count', RCUBE_INPUT_POST);
+ $count = get_input_value('_count', RCUBE_INPUT_POST);
}
// add new rows from next page (if any)
@@ -125,9 +125,9 @@ if (($uids = get_input_value('_uid', RCUBE_INPUT_POST)) && ($flag = get_input_va
}
}
}
-
- $OUTPUT->send();
+}
+else {
+ $OUTPUT->show_message('internalerror', 'error');
}
-exit;
-
+$OUTPUT->send();
diff --git a/program/steps/mail/move_del.inc b/program/steps/mail/move_del.inc
index 3fc6ac5a7..e21ba2c6b 100644
--- a/program/steps/mail/move_del.inc
+++ b/program/steps/mail/move_del.inc
@@ -74,6 +74,8 @@ else if ($RCMAIL->action=='delete' && !empty($_POST['_uid'])) {
}
// unknown action or missing query param
else {
+ $OUTPUT->show_message('internalerror', 'error');
+ $OUTPUT->send();
exit;
}
diff --git a/program/steps/mail/sendmail.inc b/program/steps/mail/sendmail.inc
index eb0ba89c6..2f96e930f 100644
--- a/program/steps/mail/sendmail.inc
+++ b/program/steps/mail/sendmail.inc
@@ -255,6 +255,33 @@ function rcmail_email_input_format($mailto, $count=false, $check=true)
}
+function rcmail_generic_message_footer($isHtml)
+{
+ global $CONFIG;
+
+ if ($isHtml && !empty($CONFIG['generic_message_footer_html'])) {
+ $file = $CONFIG['generic_message_footer_html'];
+ $html_footer = true;
+ }
+ else {
+ $file = $CONFIG['generic_message_footer'];
+ $html_footer = false;
+ }
+
+ if ($file && realpath($file)) {
+ // sanity check
+ if (!preg_match('/\.(php|ini|conf)$/', $file) && strpos($file, '/etc/') === false) {
+ $footer = file_get_contents($file);
+ if ($isHtml && !$html_footer)
+ $footer = '<pre>' . $footer . '</pre>';
+ return $footer;
+ }
+ }
+
+ return false;
+}
+
+
/****** compose message ********/
if (strlen($_POST['_draft_saveid']) > 3)
@@ -466,7 +493,7 @@ if (!$savedraft) {
$message_body = preg_replace('/\s*id="_rc_sig"/', '', $message_body);
// add inline css for blockquotes
- $bstyle = 'padding-left:5px; border-left:#1010ff 2px solid; margin-left:5px; width:100%';
+ $bstyle = 'padding-left:5px; border-left:#1010ff 2px solid; margin-left:5px';
$message_body = preg_replace('/<blockquote>/',
'<blockquote type="cite" style="'.$bstyle.'">', $message_body);
}
@@ -490,19 +517,10 @@ if (!$savedraft) {
}
// generic footer for all messages
- if ($isHtml && !empty($CONFIG['generic_message_footer_html'])) {
- $footer = file_get_contents(realpath($CONFIG['generic_message_footer_html']));
- $footer = rcube_charset_convert($footer, RCMAIL_CHARSET, $message_charset);
- }
- else if (!empty($CONFIG['generic_message_footer'])) {
- $footer = file_get_contents(realpath($CONFIG['generic_message_footer']));
+ if ($footer = rcmail_generic_message_footer($isHtml)) {
$footer = rcube_charset_convert($footer, RCMAIL_CHARSET, $message_charset);
- if ($isHtml)
- $footer = '<pre>'.$footer.'</pre>';
- }
-
- if ($footer)
$message_body .= "\r\n" . $footer;
+ }
}
if ($isHtml) {
@@ -820,6 +838,6 @@ else {
if ($store_folder && !$saved)
$OUTPUT->command('sent_successfully', 'error', rcube_label('errorsavingsent'));
else
- $OUTPUT->command('sent_successfully', 'confirmation', rcube_label('messagesent'));
+ $OUTPUT->command('sent_successfully', 'confirmation', rcube_label('messagesent'), $store_target);
$OUTPUT->send('iframe');
}
diff --git a/program/steps/mail/show.inc b/program/steps/mail/show.inc
index 552c180f5..1947c0f29 100644
--- a/program/steps/mail/show.inc
+++ b/program/steps/mail/show.inc
@@ -109,7 +109,7 @@ if ($uid) {
$OUTPUT->set_env('skip_deleted', true);
if ($CONFIG['display_next'])
$OUTPUT->set_env('display_next', true);
- if ($MESSAGE->headers->others['list-post'])
+ if ($MESSAGE->headers->get('list-post', false))
$OUTPUT->set_env('list_post', true);
if ($CONFIG['forward_attachment'])
$OUTPUT->set_env('forward_attachment', true);
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-28 00:48:02 +0000