summaryrefslogtreecommitdiff
path: root/program/steps
diff options
context:
space:
mode:
Diffstat (limited to 'program/steps')
-rw-r--r--program/steps/addressbook/delete.inc3
-rw-r--r--program/steps/addressbook/edit.inc15
-rw-r--r--program/steps/addressbook/func.inc17
-rw-r--r--program/steps/addressbook/list.inc6
-rw-r--r--program/steps/addressbook/search.inc3
-rw-r--r--program/steps/addressbook/show.inc34
-rw-r--r--program/steps/mail/addcontact.inc13
-rw-r--r--program/steps/mail/autocomplete.inc4
-rw-r--r--program/steps/mail/compose.inc22
-rw-r--r--program/steps/mail/func.inc33
-rw-r--r--program/steps/mail/list_contacts.inc3
-rw-r--r--program/steps/mail/sendmail.inc13
-rw-r--r--program/steps/mail/show.inc16
-rw-r--r--program/steps/settings/folders.inc2
-rw-r--r--program/steps/settings/func.inc4
-rw-r--r--program/steps/utils/error.inc2
-rw-r--r--program/steps/utils/modcss.inc81
17 files changed, 160 insertions, 111 deletions
diff --git a/program/steps/addressbook/delete.inc b/program/steps/addressbook/delete.inc
index a2f12495c..81b8a0970 100644
--- a/program/steps/addressbook/delete.inc
+++ b/program/steps/addressbook/delete.inc
@@ -70,6 +70,7 @@ $page = isset($_SESSION['page']) ? $_SESSION['page'] : 1;
// update saved search after data changed
if (($search_request = $_REQUEST['_search']) && isset($_SESSION['search'][$search_request])) {
$sort_col = $RCMAIL->config->get('addressbook_sort_col', 'name');
+ $afields = $RCMAIL->config->get('contactlist_fields');
$search = (array)$_SESSION['search'][$search_request];
$records = array();
@@ -83,7 +84,7 @@ if (($search_request = $_REQUEST['_search']) && isset($_SESSION['search'][$searc
$source->set_search_set($set);
// get records
- $result = $source->list_records(array('name', 'firstname', 'surname', 'email'));
+ $result = $source->list_records($afields);
if (!$result->count) {
unset($search[$s]);
diff --git a/program/steps/addressbook/edit.inc b/program/steps/addressbook/edit.inc
index f96ad6747..0f1fd6697 100644
--- a/program/steps/addressbook/edit.inc
+++ b/program/steps/addressbook/edit.inc
@@ -262,12 +262,27 @@ function rcmail_source_selector($attrib)
}
+/**
+ * Register container as active area to drop photos onto
+ */
+function rcmail_photo_drop_area($attrib)
+{
+ global $OUTPUT;
+
+ if ($attrib['id']) {
+ $OUTPUT->add_gui_object('filedrop', $attrib['id']);
+ $OUTPUT->set_env('filedrop', array('action' => 'upload-photo', 'fieldname' => '_photo', 'single' => 1, 'filter' => '^image/.+'));
+ }
+}
+
+
$OUTPUT->add_handlers(array(
'contactedithead' => 'rcmail_contact_edithead',
'contacteditform' => 'rcmail_contact_editform',
'contactphoto' => 'rcmail_contact_photo',
'photouploadform' => 'rcmail_upload_photo_form',
'sourceselector' => 'rcmail_source_selector',
+ 'filedroparea' => 'rcmail_photo_drop_area',
));
if ($RCMAIL->action == 'add' && $OUTPUT->template_exists('contactadd'))
diff --git a/program/steps/addressbook/func.inc b/program/steps/addressbook/func.inc
index 80d89b001..5f5fcc673 100644
--- a/program/steps/addressbook/func.inc
+++ b/program/steps/addressbook/func.inc
@@ -368,7 +368,7 @@ function rcmail_contact_frame($attrib)
$attrib['name'] = $attrib['id'];
$OUTPUT->set_env('contentframe', $attrib['name']);
- $OUTPUT->set_env('blankpage', $attrib['src'] ? $OUTPUT->abs_url($attrib['src']) : 'program/blank.gif');
+ $OUTPUT->set_env('blankpage', $attrib['src'] ? $OUTPUT->abs_url($attrib['src']) : 'program/resources/blank.gif');
return html::iframe($attrib);
}
@@ -580,8 +580,13 @@ function rcmail_contact_form($form, $record, $attrib = null)
if (empty($values) && $colprop['visible'])
$values[] = '';
+ if (!is_array($values)) {
+ // $values can be an object, don't use (array)$values syntax
+ $values = !empty($values) ? array($values) : array();
+ }
+
$rows = '';
- foreach ((array)$values as $i => $val) {
+ foreach ($values as $i => $val) {
if ($subtypes[$i])
$subtype = $subtypes[$i];
@@ -705,11 +710,15 @@ function rcmail_contact_photo($attrib)
if ($result = $CONTACTS->get_result())
$record = $result->first();
- $photo_img = $attrib['placeholder'] ? $CONFIG['skin_path'] . $attrib['placeholder'] : 'program/blank.gif';
+ $photo_img = $attrib['placeholder'] ? $CONFIG['skin_path'] . $attrib['placeholder'] : 'program/resources/blank.gif';
$RCMAIL->output->set_env('photo_placeholder', $photo_img);
unset($attrib['placeholder']);
- if (preg_match('!^https?://!i', $record['photo']))
+ $plugin = $RCMAIL->plugins->exec_hook('contact_photo', array('record' => $record, 'data' => $record['photo']));
+
+ if ($plugin['url'])
+ $photo_img = $plugin['url'];
+ else if (preg_match('!^https?://!i', $record['photo']))
$photo_img = $record['photo'];
else if ($record['photo'])
$photo_img = $RCMAIL->url(array('_action' => 'photo', '_cid' => $record['ID'], '_source' => $SOURCE_ID));
diff --git a/program/steps/addressbook/list.inc b/program/steps/addressbook/list.inc
index a24fb9520..06a1e10a3 100644
--- a/program/steps/addressbook/list.inc
+++ b/program/steps/addressbook/list.inc
@@ -19,6 +19,8 @@
+-----------------------------------------------------------------------+
*/
+$afields = $RCMAIL->config->get('contactlist_fields');
+
// Use search result
if (!empty($_REQUEST['_search']) && isset($_SESSION['search'][$_REQUEST['_search']]))
{
@@ -43,7 +45,7 @@ if (!empty($_REQUEST['_search']) && isset($_SESSION['search'][$_REQUEST['_search
$source->set_search_set($set);
// get records
- $result = $source->list_records(array('name', 'firstname', 'surname', 'email'));
+ $result = $source->list_records($afields);
while ($row = $result->next()) {
$row['sourceid'] = $s;
@@ -73,7 +75,7 @@ else {
$CONTACTS = rcmail_contact_source(null, true);
// get contacts for this user
- $result = $CONTACTS->list_records(array('name', 'firstname', 'surname', 'email'));
+ $result = $CONTACTS->list_records($afields);
if (!$result->count && $result->searchonly) {
$OUTPUT->show_message('contactsearchonly', 'notice');
diff --git a/program/steps/addressbook/search.inc b/program/steps/addressbook/search.inc
index f83eb9fd6..d31e54b1a 100644
--- a/program/steps/addressbook/search.inc
+++ b/program/steps/addressbook/search.inc
@@ -145,6 +145,7 @@ function rcmail_contact_search()
$search_set = array();
$records = array();
$sort_col = $RCMAIL->config->get('addressbook_sort_col', 'name');
+ $afields = $RCMAIL->config->get('contactlist_fields');
foreach ($sources as $s) {
$source = $RCMAIL->get_address_book($s['id']);
@@ -179,7 +180,7 @@ function rcmail_contact_search()
}
// get records
- $result = $source->list_records(array('name', 'firstname', 'surname', 'email'));
+ $result = $source->list_records($afields);
while ($row = $result->next()) {
$row['sourceid'] = $s['id'];
diff --git a/program/steps/addressbook/show.inc b/program/steps/addressbook/show.inc
index e5ff0d73e..48e37256d 100644
--- a/program/steps/addressbook/show.inc
+++ b/program/steps/addressbook/show.inc
@@ -22,7 +22,7 @@
// Get contact ID and source ID from request
$cids = rcmail_get_cids();
$source = key($cids);
-$cid = array_shift($cids[$source]);
+$cid = $cids ? array_shift($cids[$source]) : null;
// Initialize addressbook source
$CONTACTS = rcmail_contact_source($source, true);
@@ -39,6 +39,19 @@ rcmail_set_sourcename($CONTACTS);
// return raw photo of the given contact
if ($RCMAIL->action == 'photo') {
+ // search for contact first
+ if (!$record && ($email = get_input_value('_email', RCUBE_INPUT_GPC))) {
+ foreach ($RCMAIL->get_address_sources() as $s) {
+ $abook = $RCMAIL->get_address_book($s['id']);
+ $result = $abook->search(array('email'), $email, 1, true, true, 'photo');
+ while ($result && ($record = $result->iterate())) {
+ if ($record['photo'])
+ break 2;
+ }
+ }
+ }
+
+ // read the referenced file
if (($file_id = get_input_value('_photo', RCUBE_INPUT_GPC)) && ($tempfile = $_SESSION['contacts']['files'][$file_id])) {
$tempfile = $RCMAIL->plugins->exec_hook('attachment_display', $tempfile);
if ($tempfile['status']) {
@@ -54,8 +67,25 @@ if ($RCMAIL->action == 'photo') {
$data = base64_decode($data, true);
}
+ // let plugins do fancy things with contact photos
+ $plugin = $RCMAIL->plugins->exec_hook('contact_photo', array('record' => $record, 'email' => $email, 'data' => $data));
+
+ // redirect to url provided by a plugin
+ if ($plugin['url'])
+ $RCMAIL->output->redirect($plugin['url']);
+ else
+ $data = $plugin['data'];
+
+ // deliver alt image
+ if (!$data && ($alt_img = get_input_value('_alt', RCUBE_INPUT_GPC)) && is_file($alt_img))
+ $data = file_get_contents($alt_img);
+
+ // cache for one day if requested by email
+ if (!$cid && $email)
+ $RCMAIL->output->future_expire_header(86400);
+
header('Content-Type: ' . rc_image_content_type($data));
- echo $data ? $data : file_get_contents('program/blank.gif');
+ echo $data ? $data : file_get_contents('program/resources/blank.gif');
exit;
}
diff --git a/program/steps/mail/addcontact.inc b/program/steps/mail/addcontact.inc
index 2dc406f84..380557766 100644
--- a/program/steps/mail/addcontact.inc
+++ b/program/steps/mail/addcontact.inc
@@ -23,17 +23,8 @@
if (!$OUTPUT->ajax_call)
return;
-$abook = $RCMAIL->config->get('default_addressbook');
-
-// Get configured addressbook
-$CONTACTS = $RCMAIL->get_address_book($abook, true);
-
-// Get first writeable addressbook if the configured doesn't exist
-// This can happen when user deleted the addressbook (e.g. Kolab folder)
-if ($abook == null || !is_object($CONTACTS)) {
- $source = reset($RCMAIL->get_address_sources(true));
- $CONTACTS = $RCMAIL->get_address_book($source['id'], true);
-}
+// Get default addressbook
+$CONTACTS = $RCMAIL->get_address_book(-1, true);
if (!empty($_POST['_address']) && is_object($CONTACTS))
{
diff --git a/program/steps/mail/autocomplete.inc b/program/steps/mail/autocomplete.inc
index ba34fa5aa..55579814c 100644
--- a/program/steps/mail/autocomplete.inc
+++ b/program/steps/mail/autocomplete.inc
@@ -26,7 +26,7 @@ if ($RCMAIL->action == 'group-expand') {
$members = array();
$abook->set_group($gid);
$abook->set_pagesize(1000); // TODO: limit number of group members by config
- $result = $abook->list_records(array('name', 'firstname', 'surname', 'email'));
+ $result = $abook->list_records($RCMAIL->config->get('contactlist_fields'));
while ($result && ($sql_arr = $result->iterate())) {
foreach ((array)$sql_arr['email'] as $email) {
$members[] = format_email_recipient($email, rcube_addressbook::compose_list_name($sql_arr));
@@ -64,7 +64,7 @@ if (!empty($book_types) && strlen($search)) {
$abook = $RCMAIL->get_address_book($id);
$abook->set_pagesize($MAXNUM);
- if ($result = $abook->search(array('name', 'firstname', 'surname', 'email'), $search, $mode, true, true, 'email')) {
+ if ($result = $abook->search($RCMAIL->config->get('contactlist_fields'), $search, $mode, true, true, 'email')) {
while ($sql_arr = $result->iterate()) {
// Contact can have more than one e-mail address
$email_arr = (array)$abook->get_col_values('email', $sql_arr, true);
diff --git a/program/steps/mail/compose.inc b/program/steps/mail/compose.inc
index 70f657d8d..57869d1f7 100644
--- a/program/steps/mail/compose.inc
+++ b/program/steps/mail/compose.inc
@@ -629,7 +629,8 @@ function rcmail_prepare_message_body()
if (!empty($MESSAGE->parts)) {
foreach ($MESSAGE->parts as $part) {
- if ($part->type != 'content' || !$part->size) {
+ // skip no-content and attachment parts (#1488557)
+ if ($part->type != 'content' || !$part->size || $MESSAGE->is_attachment($part)) {
continue;
}
@@ -662,10 +663,10 @@ function rcmail_prepare_message_body()
unset($plugin);
// add blocked.gif attachment (#1486516)
- if ($isHtml && preg_match('#<img src="\./program/blocked\.gif"#', $body)) {
- if ($attachment = rcmail_save_image('program/blocked.gif', 'image/gif')) {
+ if ($isHtml && preg_match('#<img src="\./program/resources/blocked\.gif"#', $body)) {
+ if ($attachment = rcmail_save_image('program/resources/blocked.gif', 'image/gif')) {
$COMPOSE['attachments'][$attachment['id']] = $attachment;
- $body = preg_replace('#\./program/blocked\.gif#',
+ $body = preg_replace('#\./program/resources/blocked\.gif#',
$RCMAIL->comm_path.'&_action=display-attachment&_file=rcmfile'.$attachment['id'].'&_id='.$COMPOSE['id'],
$body);
}
@@ -842,7 +843,7 @@ function rcmail_compose_body($attrib)
"googie.decorateTextarea('%s');\n".
"%s.set_env('spellcheck', googie);",
$RCMAIL->output->get_skin_path(),
- $RCMAIL->url(array('_task' => 'utils', '_action' => 'spell')),
+ $RCMAIL->url(array('_task' => 'utils', '_action' => 'spell', '_remote' => 1)),
!empty($dictionary) ? 'true' : 'false',
JQ(Q(rcube_label('checkspelling'))),
JQ(Q(rcube_label('resumeediting'))),
@@ -859,7 +860,7 @@ function rcmail_compose_body($attrib)
$OUTPUT->set_env('spellcheck_langs', join(',', $editor_lang_set));
}
- $out .= "\n".'<iframe name="savetarget" src="program/blank.gif" style="width:0;height:0;border:none;visibility:hidden;"></iframe>';
+ $out .= "\n".'<iframe name="savetarget" src="program/resources/blank.gif" style="width:0;height:0;border:none;visibility:hidden;"></iframe>';
return $out;
}
@@ -958,18 +959,18 @@ function rcmail_create_forward_body($body, $bodyIsHtml)
"<tr><th align=\"right\" nowrap=\"nowrap\" valign=\"baseline\">%s: </th><td>%s</td></tr>",
rcube_label('subject'), Q($MESSAGE->subject),
rcube_label('date'), Q($date),
- rcube_label('from'), htmlspecialchars(Q($MESSAGE->get_header('from'), 'replace'), ENT_COMPAT, $charset),
- rcube_label('to'), htmlspecialchars(Q($MESSAGE->get_header('to'), 'replace'), ENT_COMPAT, $charset));
+ rcube_label('from'), Q($MESSAGE->get_header('from'), 'replace'),
+ rcube_label('to'), Q($MESSAGE->get_header('to'), 'replace'));
if ($MESSAGE->headers->cc)
$prefix .= sprintf("<tr><th align=\"right\" nowrap=\"nowrap\" valign=\"baseline\">%s: </th><td>%s</td></tr>",
rcube_label('cc'),
- htmlspecialchars(Q($MESSAGE->get_header('cc'), 'replace'), ENT_COMPAT, $charset));
+ Q($MESSAGE->get_header('cc'), 'replace'));
if ($MESSAGE->headers->replyto && $MESSAGE->headers->replyto != $MESSAGE->headers->from)
$prefix .= sprintf("<tr><th align=\"right\" nowrap=\"nowrap\" valign=\"baseline\">%s: </th><td>%s</td></tr>",
rcube_label('replyto'),
- htmlspecialchars(Q($MESSAGE->get_header('replyto'), 'replace'), ENT_COMPAT, $charset));
+ Q($MESSAGE->get_header('replyto'), 'replace'));
$prefix .= "</tbody></table><br>";
}
@@ -1522,6 +1523,7 @@ function get_form_tags($attrib)
$hiddenfields = new html_hiddenfield(array('name' => '_task', 'value' => $RCMAIL->task));
$hiddenfields->add(array('name' => '_action', 'value' => 'send'));
$hiddenfields->add(array('name' => '_id', 'value' => $COMPOSE['id']));
+ $hiddenfields->add(array('name' => '_attachments'));
$form_start = empty($attrib['form']) ? $RCMAIL->output->form_tag(array('name' => "form", 'method' => "post")) : '';
$form_start .= $hiddenfields->show();
diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc
index 5a18ded6b..ddd34315a 100644
--- a/program/steps/mail/func.inc
+++ b/program/steps/mail/func.inc
@@ -398,7 +398,7 @@ function rcmail_messagecontent_frame($attrib)
if ($RCMAIL->config->get('preview_pane'))
$OUTPUT->set_env('contentframe', $attrib['id']);
- $OUTPUT->set_env('blankpage', $attrib['src'] ? $OUTPUT->abs_url($attrib['src']) : 'program/blank.gif');
+ $OUTPUT->set_env('blankpage', $attrib['src'] ? $OUTPUT->abs_url($attrib['src']) : 'program/resources/blank.gif');
return html::iframe($attrib);
}
@@ -518,21 +518,26 @@ function rcmail_check_safe(&$message)
{
global $RCMAIL;
- $show_images = $RCMAIL->config->get('show_images');
if (!$message->is_safe
- && !empty($show_images)
- && $message->has_html_part())
- {
- switch($show_images) {
- case '1': // known senders only
- $CONTACTS = new rcube_contacts($RCMAIL->db, $_SESSION['user_id']);
- if ($CONTACTS->search('email', $message->sender['mailto'], true, false)->count) {
- $message->set_safe(true);
+ && ($show_images = $RCMAIL->config->get('show_images'))
+ && $message->has_html_part()
+ ) {
+ switch ($show_images) {
+ case 1: // known senders only
+ // get default addressbook, like in addcontact.inc
+ $CONTACTS = $RCMAIL->get_address_book(-1, true);
+
+ if ($CONTACTS) {
+ $result = $CONTACTS->search('email', $message->sender['mailto'], 1, false);
+ if ($result->count) {
+ $message->set_safe(true);
+ }
}
- break;
- case '2': // always
+ break;
+
+ case 2: // always
$message->set_safe(true);
- break;
+ break;
}
}
}
@@ -605,7 +610,7 @@ function rcmail_wash_html($html, $p, $cid_replaces)
$wash_opts = array(
'show_washed' => false,
'allow_remote' => $p['safe'],
- 'blocked_src' => "./program/blocked.gif",
+ 'blocked_src' => "./program/resources/blocked.gif",
'charset' => RCMAIL_CHARSET,
'cid_map' => $cid_replaces,
'html_elements' => array('body'),
diff --git a/program/steps/mail/list_contacts.inc b/program/steps/mail/list_contacts.inc
index 1a6480339..7c99a1309 100644
--- a/program/steps/mail/list_contacts.inc
+++ b/program/steps/mail/list_contacts.inc
@@ -57,7 +57,8 @@ if ($CONTACTS && $CONTACTS->ready) {
// get contacts for this user
$CONTACTS->set_group(0);
- $result = $CONTACTS->list_records(array('name', 'firstname', 'surname', 'email'));
+ $afields = $RCMAIL->config->get('contactlist_fields');
+ $result = $CONTACTS->list_records($afields);
if (!$result->count && $result->searchonly) {
$OUTPUT->show_message('contactsearchonly', 'notice');
diff --git a/program/steps/mail/sendmail.inc b/program/steps/mail/sendmail.inc
index 4790d35e2..70f1af714 100644
--- a/program/steps/mail/sendmail.inc
+++ b/program/steps/mail/sendmail.inc
@@ -458,6 +458,19 @@ if ($isHtml) {
$message_body .= "\r\n</body></html>\r\n";
}
+// sort attachments to make sure the order is the same as in the UI (#1488423)
+$files = get_input_value('_attachments', RCUBE_INPUT_POST);
+if ($files) {
+ $files = explode(',', $files);
+ $files = array_flip($files);
+ foreach ($files as $idx => $val) {
+ $files[$idx] = $COMPOSE['attachments'][$idx];
+ unset($COMPOSE['attachments'][$idx]);
+ }
+
+ $COMPOSE['attachments'] = array_merge(array_filter($files), $COMPOSE['attachments']);
+}
+
// set line length for body wrapping
$LINE_LENGTH = $RCMAIL->config->get('line_length', 72);
diff --git a/program/steps/mail/show.inc b/program/steps/mail/show.inc
index 5fa72d77f..82c826108 100644
--- a/program/steps/mail/show.inc
+++ b/program/steps/mail/show.inc
@@ -257,7 +257,7 @@ function rcmail_contact_exists($email)
if ($email) {
// @TODO: search in all address books?
- $CONTACTS = $RCMAIL->get_address_book(null, true);
+ $CONTACTS = $RCMAIL->get_address_book(-1, true);
$existing = $CONTACTS->search('email', $email, true, false);
if ($existing->count)
return true;
@@ -266,11 +266,25 @@ function rcmail_contact_exists($email)
return false;
}
+function rcmail_message_contactphoto($attrib)
+{
+ global $RCMAIL, $MESSAGE;
+
+ $placeholder = $attrib['placeholder'] ? $RCMAIL->config->get('skin_path') . $attrib['placeholder'] : null;
+ if ($MESSAGE->sender)
+ $photo_img = $RCMAIL->url(array('_task' => 'addressbook', '_action' => 'photo', '_email' => $MESSAGE->sender['mailto'], '_alt' => $placeholder));
+ else
+ $photo_img = $placeholder ? $placeholder : 'program/resources/blank.gif';
+
+ return html::img(array('src' => $photo_img) + $attrib);
+}
+
$OUTPUT->add_handlers(array(
'messageattachments' => 'rcmail_message_attachments',
'mailboxname' => 'rcmail_mailbox_name_display',
'messageobjects' => 'rcmail_message_objects',
+ 'contactphoto' => 'rcmail_message_contactphoto',
));
diff --git a/program/steps/settings/folders.inc b/program/steps/settings/folders.inc
index e4e9f3155..2691a6e26 100644
--- a/program/steps/settings/folders.inc
+++ b/program/steps/settings/folders.inc
@@ -363,7 +363,7 @@ function rcmail_folder_frame($attrib)
$attrib['name'] = $attrib['id'];
$OUTPUT->set_env('contentframe', $attrib['name']);
- $OUTPUT->set_env('blankpage', $attrib['src'] ? $OUTPUT->abs_url($attrib['src']) : 'program/blank.gif');
+ $OUTPUT->set_env('blankpage', $attrib['src'] ? $OUTPUT->abs_url($attrib['src']) : 'program/resources/blank.gif');
return html::iframe($attrib);
}
diff --git a/program/steps/settings/func.inc b/program/steps/settings/func.inc
index 7b5534e5d..3f5ef5390 100644
--- a/program/steps/settings/func.inc
+++ b/program/steps/settings/func.inc
@@ -34,7 +34,7 @@ function rcmail_preferences_frame($attrib)
$attrib['name'] = $attrib['id'];
$OUTPUT->set_env('contentframe', $attrib['name']);
- $OUTPUT->set_env('blankpage', $attrib['src'] ? $OUTPUT->abs_url($attrib['src']) : 'program/blank.gif');
+ $OUTPUT->set_env('blankpage', $attrib['src'] ? $OUTPUT->abs_url($attrib['src']) : 'program/resources/blank.gif');
return html::iframe($attrib);
}
@@ -181,7 +181,7 @@ function rcmail_user_prefs($current=null)
$select_timezone = new html_select(array('name' => '_timezone', 'id' => $field_id));
$select_timezone->add(rcube_label('autodetect'), 'auto');
- $now = new DateTime();
+ $zones = array();
foreach (DateTimeZone::listIdentifiers() as $i => $tzs) {
try {
$tz = new DateTimeZone($tzs);
diff --git a/program/steps/utils/error.inc b/program/steps/utils/error.inc
index 126cf2ef7..e6e409a21 100644
--- a/program/steps/utils/error.inc
+++ b/program/steps/utils/error.inc
@@ -23,7 +23,7 @@ $rcmail = rcmail::get_instance();
// browser is not compatible with this application
if ($ERROR_CODE==409) {
- $user_agent = $GLOBALS['HTTP_SERVER_VARS']['HTTP_USER_AGENT'];
+ $user_agent = $_SERVER['HTTP_USER_AGENT'];
$__error_title = 'Your browser does not suit the requirements for this application';
$__error_text = <<<EOF
<i>Supported browsers:</i><br />
diff --git a/program/steps/utils/modcss.inc b/program/steps/utils/modcss.inc
index 77be150fe..1a28c6598 100644
--- a/program/steps/utils/modcss.inc
+++ b/program/steps/utils/modcss.inc
@@ -5,7 +5,7 @@
| program/steps/utils/modcss.inc |
| |
| This file is part of the Roundcube Webmail client |
- | Copyright (C) 2007-2011, The Roundcube Dev Team |
+ | Copyright (C) 2007-2012, The Roundcube Dev Team |
| |
| Licensed under the GNU General Public License version 3 or |
| any later version with exceptions for skins & plugins. |
@@ -16,83 +16,48 @@
| |
+-----------------------------------------------------------------------+
| Author: Thomas Bruederli <roundcube@gmail.com> |
+ | Author: Aleksander Machniak <alec@alec.pl> |
+-----------------------------------------------------------------------+
*/
-$source = '';
-
$url = preg_replace('![^a-z0-9.-]!i', '', $_GET['_u']);
+
if ($url === null || !($realurl = $_SESSION['modcssurls'][$url])) {
header('HTTP/1.1 403 Forbidden');
- echo "Unauthorized request";
- exit;
+ exit("Unauthorized request");
}
-$a_uri = parse_url($realurl);
-$port = $a_uri['port'] ? $a_uri['port'] : 80;
-$host = $a_uri['host'];
-$path = $a_uri['path'] . ($a_uri['query'] ? '?'.$a_uri['query'] : '');
-
// don't allow any other connections than http(s)
-if (strtolower(substr($a_uri['scheme'], 0, 4)) != 'http') {
+if (!preg_match('~^(https?)://~i', $realurl, $matches)) {
header('HTTP/1.1 403 Forbidden');
- echo "Invalid URL";
- exit;
+ exit("Invalid URL");
}
-// try to open socket connection
-if (!($fp = fsockopen($host, $port, $errno, $error, 15))) {
- header('HTTP/1.1 500 Internal Server Error');
- echo $error;
- exit;
+if (!ini_get('allow_url_fopen')) {
+ header('HTTP/1.1 403 Forbidden');
+ exit("HTTP connections disabled");
}
-// set timeout for socket
-stream_set_timeout($fp, 30);
-
-// send request
-$out = "GET $path HTTP/1.0\r\n";
-$out .= "Host: $host\r\n";
-$out .= "Connection: Close\r\n\r\n";
-fwrite($fp, $out);
+$scheme = strtolower($matches[1]);
+$options = array(
+ $scheme => array(
+ 'method' => 'GET',
+ 'timeout' => 15,
+ )
+);
-// read response
-$header = true;
-$headers = array();
-while (!feof($fp)) {
- $line = trim(fgets($fp, 4048));
+$context = stream_context_create($options);
+$source = @file_get_contents($realurl, false, $context);
- if ($header) {
- if (preg_match('/^HTTP\/1\..\s+(\d+)/', $line, $regs)
- && intval($regs[1]) != 200) {
- break;
- }
- else if (empty($line)) {
- $header = false;
- }
- else {
- list($key, $value) = explode(': ', $line);
- $headers[strtolower($key)] = $value;
- }
- }
- else {
- $source .= "$line\n";
- }
-}
-fclose($fp);
+// php.net/manual/en/reserved.variables.httpresponseheader.php
+$headers = implode("\n", (array)$http_response_header);
+$ctype = '~Content-Type:\s+text/(css|plain)~i';
-// check content-type header and mod styles
-$mimetype = strtolower($headers['content-type']);
-if (!empty($source) && in_array($mimetype, array('text/css','text/plain'))) {
+if ($source !== false && preg_match($ctype, $headers)) {
header('Content-Type: text/css');
echo rcmail_mod_css_styles($source, preg_replace('/[^a-z0-9]/i', '', $_GET['_c']));
exit;
}
-else
- $error = "Invalid response returned by server";
header('HTTP/1.0 404 Not Found');
-echo $error;
-exit;
-
-
+exit("Invalid response returned by server");