summaryrefslogtreecommitdiff
path: root/program
diff options
context:
space:
mode:
Diffstat (limited to 'program')
-rw-r--r--program/include/main.inc9
-rw-r--r--program/include/rcube_imap.inc30
-rw-r--r--program/lib/imap.inc2
-rw-r--r--program/steps/mail/show.inc4
4 files changed, 16 insertions, 29 deletions
diff --git a/program/include/main.inc b/program/include/main.inc
index ef2ecbfe8..e77df19e3 100644
--- a/program/include/main.inc
+++ b/program/include/main.inc
@@ -1274,6 +1274,9 @@ function rcube_button($attrib)
static $sa_buttons = array();
static $s_button_count = 100;
+ // these commands can be called directly via url
+ $a_static_commands = array('compose', 'list');
+
$skin_path = $CONFIG['skin_path'];
if (!($attrib['command'] || $attrib['name']))
@@ -1352,9 +1355,11 @@ function rcube_button($attrib)
$attrib['imagesel'] ? $skin_path.$attrib['imagesel'] : $attrib['classsel'],
$attrib['imageover'] ? $skin_path.$attrib['imageover'] : ''));
- // make valid href to task buttons
+ // make valid href to specific buttons
if (in_array($attrib['command'], $MAIN_TASKS))
- $attrib['href'] = ereg_replace('_task=[a-z]+', '_task='.$attrib['command'], $COMM_PATH);
+ $attrib['href'] = htmlentities(ereg_replace('_task=[a-z]+', '_task='.$attrib['command'], $COMM_PATH));
+ else if (in_array($attrib['command'], $a_static_commands))
+ $attrib['href'] = htmlentities($COMM_PATH.'&_action='.$attrib['command']);
}
// overwrite attributes
diff --git a/program/include/rcube_imap.inc b/program/include/rcube_imap.inc
index bc12eac06..177d05a62 100644
--- a/program/include/rcube_imap.inc
+++ b/program/include/rcube_imap.inc
@@ -501,29 +501,11 @@ class rcube_imap
$start_msg = ($this->list_page-1) * $this->page_size;
list($begin, $end) = $this->_get_message_range($max, $page);
-
- /*
- if ($page=='all')
- {
- $begin = 0;
- $end = $max;
- }
- else if (!$this->get_capability('sort') && $this->sort_order=='DESC')
- {
- $begin = $max - $this->page_size - $start_msg;
- $end = $max - $start_msg;
- }
- else
- {
- $begin = $start_msg;
- $end = $start_msg + $this->page_size;
- }
-
- if ($begin < 0) $begin = 0;
- if ($end < 0) $end = $max;
- if ($end > $max) $end = $max;
- */
-
+
+ // mailbox is empty
+ if ($begin >= $end)
+ return array();
+
//console("fetch headers $start_msg to ".($start_msg+$this->page_size)." (msg $begin to $end)");
$headers_sorted = FALSE;
@@ -553,7 +535,7 @@ class rcube_imap
}
else
{
- $msgs = sprintf("%d:%d", $begin+1, $end);
+ $msgs = sprintf("%d:%d", $begin+1, $end);
$sorted = FALSE;
}
diff --git a/program/lib/imap.inc b/program/lib/imap.inc
index b8f3dea39..70abdc40e 100644
--- a/program/lib/imap.inc
+++ b/program/lib/imap.inc
@@ -1755,7 +1755,7 @@ function iil_C_ListSubscribed(&$conn, $ref, $mailbox){
$line=iil_ReadLine($fp, 500);
$line=iil_MultLine($fp, $line);
$a = explode(" ", $line);
- if (($line[0]=="*") && ($a[1]=="LSUB")){
+ if (($line[0]=="*") && ($a[1]=="LSUB" || $a[1]=="LIST")){
$line = rtrim($line);
// split one line
$a=iil_ExplodeQuotedString(" ", $line);
diff --git a/program/steps/mail/show.inc b/program/steps/mail/show.inc
index 27fc44b3f..26a3d3312 100644
--- a/program/steps/mail/show.inc
+++ b/program/steps/mail/show.inc
@@ -109,8 +109,8 @@ function rcmail_message_attachments($attrib)
$attach_prop['filename'],
show_bytes($attach_prop['size']));
else
- $out .= sprintf('<li><a href="%s&_part=%s" onclick="return %s.command(\'load-attachment\',{part:\'%s\', mimetype:\'%s\'},this)">%s</a></li>'."\n",
- $GET_URL,
+ $out .= sprintf('<li><a href="%s&amp;_part=%s" onclick="return %s.command(\'load-attachment\',{part:\'%s\', mimetype:\'%s\'},this)">%s</a></li>'."\n",
+ htmlentities($GET_URL),
$attach_prop['part_id'],
$JS_OBJECT_NAME,
$attach_prop['part_id'],