summaryrefslogtreecommitdiff
path: root/program
diff options
context:
space:
mode:
Diffstat (limited to 'program')
-rw-r--r--program/include/main.inc24
-rw-r--r--program/include/rcube_imap.inc9
-rw-r--r--program/steps/mail/compose.inc10
-rw-r--r--program/steps/mail/func.inc2
4 files changed, 29 insertions, 16 deletions
diff --git a/program/include/main.inc b/program/include/main.inc
index e522b4350..3fe196a74 100644
--- a/program/include/main.inc
+++ b/program/include/main.inc
@@ -580,10 +580,10 @@ function rcmail_create_user($user, $host)
$DB->query("INSERT INTO ".get_table_name('users')."
(created, last_login, username, mail_host, alias, language)
VALUES (".$DB->now().", ".$DB->now().", ?, ?, ?, ?)",
- $user,
- $host,
- $user_email,
- $_SESSION['user_lang']);
+ strip_newlines($user),
+ strip_newlines($host),
+ strip_newlines($user_email),
+ $_SESSION['user_lang']);
if ($user_id = $DB->insert_id(get_sequence_name('users')))
{
@@ -595,7 +595,7 @@ function rcmail_create_user($user, $host)
$user_name = $user!=$user_email ? $user : '';
// try to resolve the e-mail address from the virtuser table
- if (!empty($CONFIG['virtuser_query']) &&
+ if (!empty($CONFIG['virtuser_query']) &&
($sql_result = $DB->query(preg_replace('/%u/', $user, $CONFIG['virtuser_query']))) &&
($DB->num_rows()>0))
while ($sql_arr = $DB->fetch_array($sql_result))
@@ -604,7 +604,7 @@ function rcmail_create_user($user, $host)
(user_id, del, standard, name, email)
VALUES (?, 0, 1, ?, ?)",
$user_id,
- $user_name,
+ strip_newlines($user_name),
preg_replace('/^@/', $user . '@', $sql_arr[0]));
}
else
@@ -614,8 +614,8 @@ function rcmail_create_user($user, $host)
(user_id, del, standard, name, email)
VALUES (?, 0, 1, ?, ?)",
$user_id,
- $user_name,
- $user_email);
+ strip_newlines($user_name),
+ strip_newlines($user_email));
}
// get existing mailboxes
@@ -1140,6 +1140,14 @@ function strip_quotes($str)
return preg_replace('/[\'"]/', '', $str);
}
+/**
+ * Remove new lines characters from given string
+ */
+function strip_newlines($str)
+{
+ return preg_replace('/[\r\n]/', '', $str);
+}
+
// ************** template parsing and gui functions **************
diff --git a/program/include/rcube_imap.inc b/program/include/rcube_imap.inc
index 3463ae21b..871b6c1f4 100644
--- a/program/include/rcube_imap.inc
+++ b/program/include/rcube_imap.inc
@@ -2117,7 +2117,12 @@ class rcube_imap
$j++;
$address = $val['address'];
$name = preg_replace(array('/^[\'"]/', '/[\'"]$/'), '', trim($val['name']));
- $string = $name!==$address ? sprintf('%s <%s>', strpos($name, ',')!==FALSE ? '"'.$name.'"' : $name, $address) : $address;
+ if ($name && $address && $name != $address)
+ $string = sprintf('%s <%s>', strpos($name, ',')!==FALSE ? '"'.$name.'"' : $name, $address);
+ else if ($address)
+ $string = $address;
+ else if ($name)
+ $string = $name;
$out[$j] = array('name' => $name,
'mailto' => $address,
@@ -2476,7 +2481,7 @@ class rcube_imap
foreach ($sub_a as $k => $v)
{
- if ((strpos($v, '@') > 0) && (strpos($v, '.') > 0))
+ if (strpos($v, '@') > 0)
$result[$key]['address'] = str_replace('<', '', str_replace('>', '', $v));
else
$result[$key]['name'] .= (empty($result[$key]['name'])?'':' ').str_replace("\"",'',stripslashes($v));
diff --git a/program/steps/mail/compose.inc b/program/steps/mail/compose.inc
index a794e9814..24057a224 100644
--- a/program/steps/mail/compose.inc
+++ b/program/steps/mail/compose.inc
@@ -201,7 +201,7 @@ function rcmail_compose_headers($attrib)
$fvalue = '';
foreach ($to_addresses as $addr_part)
{
- if (!in_array($addr_part['mailto'], $sa_recipients) && (!$MESSAGE['FROM'] || !in_array($addr_part['mailto'], $MESSAGE['FROM'])))
+ if (!empty($addr_part['mailto']) && !in_array($addr_part['mailto'], $sa_recipients) && (!$MESSAGE['FROM'] || !in_array($addr_part['mailto'], $MESSAGE['FROM'])))
{
$fvalue .= (strlen($fvalue) ? ', ':'').$addr_part['string'];
$sa_recipients[] = $addr_part['mailto'];
@@ -384,8 +384,8 @@ function rcmail_compose_body($attrib)
$body = rcmail_first_text_part($MESSAGE);
$isHtml = false;
}
- if (strlen($body))
- $body = rcmail_create_reply_body($body, $isHtml);
+
+ $body = rcmail_create_reply_body($body, $isHtml);
}
// forward message body inline
else if ($compose_mode == RCUBE_COMPOSE_FORWARD)
@@ -417,8 +417,8 @@ function rcmail_compose_body($attrib)
$body = rcmail_first_text_part($MESSAGE);
$isHtml = false;
}
- if (strlen($body))
- $body = rcmail_create_draft_body($body, $isHtml);
+
+ $body = rcmail_create_draft_body($body, $isHtml);
}
$OUTPUT->include_script('tiny_mce/tiny_mce.js');
diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc
index e5e4db837..1b98f1d52 100644
--- a/program/steps/mail/func.inc
+++ b/program/steps/mail/func.inc
@@ -1252,7 +1252,7 @@ function rcmail_sanitize_html($body, $container_id)
// parse link attributes and set correct target
function rcmail_alter_html_link($in)
{
- $in = preg_replace('/=([^("|\s)]+)(\s|$)/', '="\1"', $in);
+ $in = preg_replace('/=([^("|\'|\s)]+)(\s|$)/', '="\1"', $in);
$attrib = parse_attrib_string($in);
if (stristr((string)$attrib['href'], 'mailto:'))