summaryrefslogtreecommitdiff
path: root/program
diff options
context:
space:
mode:
Diffstat (limited to 'program')
-rw-r--r--program/include/main.inc6
-rw-r--r--program/js/app.js13
-rw-r--r--program/steps/mail/compose.inc37
-rw-r--r--program/steps/mail/upload.inc22
4 files changed, 52 insertions, 26 deletions
diff --git a/program/include/main.inc b/program/include/main.inc
index efac8b2d2..b7f28c4e4 100644
--- a/program/include/main.inc
+++ b/program/include/main.inc
@@ -170,9 +170,9 @@ function rcmail_authenticate_session()
{
$now = mktime();
$valid = ($_COOKIE['sessauth'] == rcmail_auth_hash(session_id(), $_SESSION['auth_time']));
-
- // renew auth cookie every 5 minutes
- if (!$valid || ($now-$_SESSION['auth_time'] > 300))
+
+ // renew auth cookie every 5 minutes (only for GET requests)
+ if (!$valid || ($_SERVER['REQUEST_METHOD']!='POST' && $now-$_SESSION['auth_time'] > 300))
{
$_SESSION['auth_time'] = $now;
setcookie('sessauth', rcmail_auth_hash(session_id(), $now));
diff --git a/program/js/app.js b/program/js/app.js
index 83a50a0e9..f8c5aaf54 100644
--- a/program/js/app.js
+++ b/program/js/app.js
@@ -878,8 +878,9 @@ function rcube_webmail()
if (this.task=='mail' && this.env.mailbox==this.env.drafts_mailbox)
{
- var uid = this.get_single_uid();
- url += '&_draft_uid='+uid+'&_mbox='+escape(this.env.mailbox);
+ var uid;
+ if (uid = this.get_single_uid())
+ url += '&_draft_uid='+uid+'&_mbox='+escape(this.env.mailbox);
}
// modify url if we're in addressbook
else if (this.task=='addressbook')
@@ -2185,6 +2186,8 @@ function rcube_webmail()
if (!this.gui_objects.attachmentlist)
return false;
+ alert(content);
+
var li = document.createElement('LI');
li.id = name;
li.innerHTML = content;
@@ -3598,6 +3601,12 @@ function rcube_webmail()
// send periodic request to check for recent messages
this.check_for_recent = function()
{
+ if (this.busy)
+ {
+ this.send_keep_alive();
+ return;
+ }
+
this.set_busy(true, 'checkingmail');
var d = new Date();
this.http_request('check-recent', '_t='+d.getTime());
diff --git a/program/steps/mail/compose.inc b/program/steps/mail/compose.inc
index 32378f59c..639ea684e 100644
--- a/program/steps/mail/compose.inc
+++ b/program/steps/mail/compose.inc
@@ -23,20 +23,20 @@
require_once('Mail/mimeDecode.php');
// remove an attachment
-if ($_action=='remove-attachment' && !empty($_GET['_filename']))
+if ($_action=='remove-attachment' && preg_match('/^rcmfile([0-9]+)$/', $_GET['_file'], $regs))
{
- if (is_array($_SESSION['compose']['attachments']))
- foreach ($_SESSION['compose']['attachments'] as $i => $attachment)
- if ($attachment['name'] == $_GET['_filename'])
- {
- @unlink($attachment['path']);
- unset($_SESSION['compose']['attachments'][$i]);
- $commands = sprintf("parent.%s.remove_from_attachment_list('%s');\n", $JS_OBJECT_NAME, $_GET['_filename']);
- rcube_remote_response($commands);
- exit;
- }
+ $id = $regs[1];
+ if (is_array($_SESSION['compose']['attachments'][$id]))
+ {
+ @unlink($_SESSION['compose']['attachments'][$id]['path']);
+ $_SESSION['compose']['attachments'][$id] = NULL;
+ $commands = sprintf("parent.%s.remove_from_attachment_list('rcmfile%d');\n", $JS_OBJECT_NAME, $id);
+ rcube_remote_response($commands);
+ exit;
+ }
}
+
$MESSAGE_FORM = NULL;
$REPLY_MESSAGE = NULL;
$FORWARD_MESSAGE = NULL;
@@ -480,7 +480,7 @@ function rcmail_create_forward_body($body)
{
if ($part->disposition=='attachment' || $part->disposition=='inline' || $part->headers['content-id'] ||
(empty($part->disposition) && ($part->d_parameters['filename'] || $part->ctype_parameters['name'])))
- {
+ {
$tmp_path = tempnam($temp_dir, 'rcmAttmnt');
if ($fp = fopen($tmp_path, 'w'))
{
@@ -621,20 +621,21 @@ function rcmail_compose_attachment_list($attrib)
if (is_array($_SESSION['compose']['attachments']))
{
if ($attrib['deleteicon'])
- $button = sprintf('<img src="%s%s" alt="%s" border="0" / style="padding-right:2px;vertical-align:middle">',
+ $button = sprintf('<img src="%s%s" alt="%s" border="0" style="padding-right:2px;vertical-align:middle" />',
$CONFIG['skin_path'],
$attrib['deleteicon'],
rcube_label('delete'));
else
$button = rcube_label('delete');
- foreach ($_SESSION['compose']['attachments'] as $i => $a_prop)
- $out .= sprintf('<li id="%s"><a href="#" onclick="%s.command(\'remove-attachment\',\'%s\')" title="%s">%s</a>%s</li>',
- $a_prop['name'],
+ foreach ($_SESSION['compose']['attachments'] as $id => $a_prop)
+ $out .= sprintf('<li id="rcmfile%d"><a href="#delete" onclick="return %s.command(\'remove-attachment\',\'rcmfile%d\', this)" title="%s">%s</a>%s</li>',
+ $id,
$JS_OBJECT_NAME,
- $a_prop['name'],
+ $id,
rcube_label('delete'),
- $button, $a_prop['name']);
+ $button,
+ rep_specialchars_output($a_prop['name']));
}
$OUTPUT->add_script(sprintf("%s.gui_object('attachmentlist', '%s');", $JS_OBJECT_NAME, $attrib['id']));
diff --git a/program/steps/mail/upload.inc b/program/steps/mail/upload.inc
index abab3891b..850ccd01d 100644
--- a/program/steps/mail/upload.inc
+++ b/program/steps/mail/upload.inc
@@ -41,13 +41,29 @@ foreach ($_FILES['_attachments']['tmp_name'] as $i => $filepath)
$tmpfname = tempnam($temp_dir, 'rcmAttmnt');
if (move_uploaded_file($filepath, $tmpfname))
{
+ $id = count($_SESSION['compose']['attachments']);
$_SESSION['compose']['attachments'][] = array('name' => $_FILES['_attachments']['name'][$i],
'mimetype' => $_FILES['_attachments']['type'][$i],
'path' => $tmpfname);
- $button = sprintf('<img src="%s/images/icons/remove-attachment.png" alt="%s" border="0" style="padding-right:2px;vertical-align:middle">', $CONFIG['skin_path'], rcube_label('delete'));
- $content = sprintf('<a href="#" onclick="%s.command(\\\'remove-attachment\\\',\\\'%s\\\')" title="%s">%s</a>%s',$JS_OBJECT_NAME, $_FILES['_attachments']['name'][$i], rcube_label('delete'), $button, $_FILES['_attachments']['name'][$i]);
- $response .= sprintf('parent.%s.add2attachment_list(\'%s\',\'%s\');',$JS_OBJECT_NAME, $_FILES['_attachments']['name'][$i], $content);
+ if (is_file($CONFIG['skin_path'] . '/images/icons/remove-attachment.png'))
+ $button = sprintf('<img src="%s/images/icons/remove-attachment.png" alt="%s" border="0" style="padding-right:2px;vertical-align:middle" />',
+ $CONFIG['skin_path'],
+ rcube_label('delete'));
+ else
+ $button = rcube_label('delete');
+
+ $content = sprintf('<a href="#delete" onclick="return %s.command(\\\'remove-attachment\\\', \\\'rcmfile%d\\\', this)" title="%s">%s</a>%s',
+ $JS_OBJECT_NAME,
+ $id,
+ rcube_label('delete'),
+ $button,
+ rep_specialchars_output($_FILES['_attachments']['name'][$i], 'js'));
+
+ $response .= sprintf('parent.%s.add2attachment_list(\'rcmfile%d\',\'%s\');',
+ $JS_OBJECT_NAME,
+ $id,
+ $content);
}
}