Projects
Kolab:3.4
roundcubemail
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
Expand all
Collapse all
Changes of Revision 74
View file
roundcubemail.spec
Changed
@@ -43,7 +43,7 @@ Name: roundcubemail Version: 1.1 -Release: 0.6.beta20150101.git1881a8a1%{?dist} +Release: 0.7.beta20150114.gitb196d229%{?dist} Summary: Round Cube Webmail is a browser-based multilingual IMAP client @@ -51,7 +51,7 @@ License: GPLv2 URL: http://www.roundcube.net -# From GIT 1881a8a15291c5777144fecfa691d7634eee9c0d +# From GIT b196d229c3688c317b2cc28240723aec41b5eb5e Source0: roundcubemail-1.1.tar.gz Source1: comm.py @@ -60,7 +60,6 @@ Patch201: ticket-466-changes.patch Patch202: default-configuration.patch -Patch203: jquery.tagedit.patch BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root%(%{__id_u} -n) @@ -1269,7 +1268,6 @@ pushd %{name}-%{version} %patch201 -p1 %patch202 -p1 -%patch203 -p1 # Remove the results of patching when there's an incidental offset find . -type f -name "*.orig" -delete @@ -3021,10 +3019,13 @@ %defattr(-,root,root,-) %changelog +* Wed Jan 14 2015 Jeroen van Meeuwen <vanmeeuwen@kolabsys.com> - 1.1-0.7.git +- New snapshot release + * Fri Jan 9 2015 Timotheus Pokorra <tp@tbits.net> - jqueryui.tagedit: backport a commit for #3912 and #4188 -* Thu Jan 1 2015 Jeroen van meeuwen <vanmeeuwen@kolabsys.com> - 1.1-0.6.git +* Thu Jan 1 2015 Jeroen van Meeuwen <vanmeeuwen@kolabsys.com> - 1.1-0.6.git - New snapshot release for #4085 and various other tickets. * Thu Aug 21 2014 Daniel Hoffend <dh@dotlan.net> - 1.1-0.5.git
View file
debian.changelog
Changed
@@ -1,3 +1,9 @@ +roundcubemail (1:1.1~dev20150114-0~kolab1) unstable; urgency=low + + * New GIT snapshot (b196d229c3688c317b2cc28240723aec41b5eb5e) + + -- Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com> Wed, 14 Jan 2015 07:14:39 +0200 + roundcubemail (1:1.1~dev20150101-0~kolab2) unstable; urgency=low * jqueryui.tagedit: backport a commit for #3912 and #4188
View file
debian.series
Changed
@@ -1,3 +1,2 @@ default-configuration.patch -p1 ticket-466-changes.patch -p1 -jquery.tagedit.patch -p1
View file
roundcubemail-1.1.tar.gz/.htaccess
Changed
@@ -34,7 +34,7 @@ # - deny access to some locations RewriteRule ^/?(\.git|\.tx|SQL|bin|config|logs|temp|tests|program\/(include|lib|localization|steps)) - [F] # - deny access to some documentation files -RewriteRule /?(README\.md|composer\.json-dist|composer\.json|package\.xml)$ - [F] +RewriteRule /?(README\.md|composer\.json-dist|composer\.json|package\.xml|Dockerfile)$ - [F] </IfModule> <IfModule mod_deflate.c>
View file
roundcubemail-1.1.tar.gz/CHANGELOG
Changed
@@ -1,7 +1,19 @@ CHANGELOG Roundcube Webmail =========================== +- Fix download options menu (added by zipdownload plugin) in classic skin (#1490228) +- Fix blocked.gif image usage with assets_dir set +- Fix bug where max_group_members was ignored when adding a new contact (#1490214) +- Hide MDN and DSN options in compose if disabled by admin (#1490221) +- Fix checks based on window.ActiveXObject in IE > 10 +- Fix XSS issue in style attribute handling (#1490227) +- Fix bug where Drafts list wasn't updated on draft-save action in new window (#1490225) +- Fix so "set as default" option is hidden if identities_level > 1 (#1490226) + +RELEASE 1.1-rc +-------------- - Update jQuery to version 2.1.3 +- Allow to override any config option through env variables - Improve system security by using optional special URL with security token - use_secure_urls - Allow to define separate server/path for image/js/css files - assets_url/assets_dir - Sync vendor folder if exists in source package (#1490145) @@ -15,6 +27,7 @@ - Fix some rcube_utils::anytodatetime() corner cases with timezone mismatches (#1490163) - Improve move-to and contact-export button in classic skin (#1490166) - Fix wrong icon for download button in classic skin +- Fix bug where sent message was saved in Sent folder even if disabled by user (#1490208) RELEASE 1.1-beta ----------------
View file
roundcubemail-1.1.tar.gz/Dockerfile
Changed
@@ -20,7 +20,7 @@ RUN a2enmod ssl RUN apt-get install -qq php5 php-pear php5-mysql php5-pgsql php5-sqlite -RUN pear install mail_mime mail_mimedecode net_smtp2-beta net_idna2-beta auth_sasl2-beta net_sieve crypt_gpg +RUN pear install mail_mime mail_mimedecode net_smtp net_idna2-beta auth_sasl net_sieve crypt_gpg RUN rm -rf /var/www ADD . /var/www
View file
roundcubemail-1.1.tar.gz/config/config.inc.php.sample
Changed
@@ -4,7 +4,7 @@ +-----------------------------------------------------------------------+ | Local configuration for the Roundcube Webmail installation. | | | - | This is a sample configuration file only containing the minumum | + | This is a sample configuration file only containing the minimum | | setup required for a functional installation. Copy more options | | from defaults.inc.php to this file to override the defaults. | | |
View file
roundcubemail-1.1.tar.gz/plugins/acl/acl.js
Changed
@@ -353,6 +353,7 @@ id ? this.gettext('acl.editperms') : this.gettext('acl.newuser'), buttons, { + button_classes: ['mainaction'], modal: true, closeOnEscape: true, close: function(e, ui) {
View file
roundcubemail-1.1.tar.gz/plugins/help/skins/larry/help.css
Changed
@@ -5,7 +5,7 @@ } #mainscreen .readtext { - margin: 0 auto; + margin: 20px; } #helptoolbar {
View file
roundcubemail-1.1.tar.gz/plugins/jqueryui/jqueryui.php
Changed
@@ -108,6 +108,27 @@ $rcube->output->set_env('mscolors', self::get_color_values()); } + public static function tagedit() + { + if (in_array('tagedit', self::$features)) { + return; + } + + self::$features[] = 'tagedit'; + + $script = 'plugins/jqueryui/js/jquery.tagedit.js'; + $rcube = rcube::get_instance(); + $ui_theme = self::$ui_theme; + $css = "plugins/jqueryui/themes/$ui_theme/tagedit.css"; + + if (!file_exists(INSTALL_PATH . $css)) { + $css = "plugins/jqueryui/themes/larry/tagedit.css"; + } + + $rcube->output->include_css($css); + $rcube->output->add_header(html::tag('script', array('type' => "text/javascript", 'src' => $script))); + } + /** * Return a (limited) list of color values to be used for calendar and category coloring *
View file
roundcubemail-1.1.tar.gz/plugins/jqueryui/js/jquery.tagedit.js
Added
@@ -0,0 +1,683 @@ +/* +* Tagedit - jQuery Plugin +* The Plugin can be used to edit tags from a database the easy way +* +* Examples and documentation at: tagedit.webwork-albrecht.de +* +* License: +* This work is licensed under a MIT License +* +* @licstart The following is the entire license notice for the +* JavaScript code in this file. +* +* Copyright (c) 2010 Oliver Albrecht <info@webwork-albrecht.de> +* Copyright (c) 2014 Thomas Brüderli <thomas@roundcube.net> +* +* Licensed under the MIT licenses +* +* Permission is hereby granted, free of charge, to any person obtaining +* a copy of this software and associated documentation files (the +* "Software"), to deal in the Software without restriction, including +* without limitation the rights to use, copy, modify, merge, publish, +* distribute, sublicense, and/or sell copies of the Software, and to +* permit persons to whom the Software is furnished to do so, subject to +* the following conditions: +* +* The above copyright notice and this permission notice shall be +* included in all copies or substantial portions of the Software. +* +* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +* NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +* LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +* OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +* WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +* +* @licend The above is the entire license notice +* for the JavaScript code in this file. +* +* @author Oliver Albrecht Mial: info@webwork-albrecht.de Twitter: @webworka +* @version 1.5.2 (06/2014) +* Requires: jQuery v1.4+, jQueryUI v1.8+, jQuerry.autoGrowInput +* +* Example of usage: +* +* $( "input.tag" ).tagedit(); +* +* Possible options: +* +* autocompleteURL: '', // url for a autocompletion +* deleteEmptyItems: true, // Deletes items with empty value +* deletedPostfix: '-d', // will be put to the Items that are marked as delete +* addedPostfix: '-a', // will be put to the Items that are choosem from the database +* additionalListClass: '', // put a classname here if the wrapper ul shoud receive a special class +* allowEdit: true, // Switch on/off edit entries +* allowDelete: true, // Switch on/off deletion of entries. Will be ignored if allowEdit = false +* allowAdd: true, // switch on/off the creation of new entries +* direction: 'ltr' // Sets the writing direction for Outputs and Inputs +* animSpeed: 500 // Sets the animation speed for effects +* autocompleteOptions: {}, // Setting Options for the jquery UI Autocomplete (http://jqueryui.com/demos/autocomplete/) +* breakKeyCodes: [ 13, 44 ], // Sets the characters to break on to parse the tags (defaults: return, comma) +* checkNewEntriesCaseSensitive: false, // If there is a new Entry, it is checked against the autocompletion list. This Flag controlls if the check is (in-)casesensitive +* texts: { // some texts +* removeLinkTitle: 'Remove from list.', +* saveEditLinkTitle: 'Save changes.', +* deleteLinkTitle: 'Delete this tag from database.', +* deleteConfirmation: 'Are you sure to delete this entry?', +* deletedElementTitle: 'This Element will be deleted.', +* breakEditLinkTitle: 'Cancel' +* } +*/ + +(function($) { + + $.fn.tagedit = function(options) { + /** + * Merge Options with defaults + */ + options = $.extend(true, { + // default options here + autocompleteURL: null, + checkToDeleteURL: null, + deletedPostfix: '-d', + addedPostfix: '-a', + additionalListClass: '', + allowEdit: true, + allowDelete: true, + allowAdd: true, + direction: 'ltr', + animSpeed: 500, + autocompleteOptions: { + select: function( event, ui ) { + $(this).val(ui.item.value).trigger('transformToTag', [ui.item.id]); + return false; + } + }, + breakKeyCodes: [ 13, 44 ], + checkNewEntriesCaseSensitive: false, + texts: { + removeLinkTitle: 'Remove from list.', + saveEditLinkTitle: 'Save changes.', + deleteLinkTitle: 'Delete this tag from database.', + deleteConfirmation: 'Are you sure to delete this entry?', + deletedElementTitle: 'This Element will be deleted.', + breakEditLinkTitle: 'Cancel', + forceDeleteConfirmation: 'There are more records using this tag, are you sure do you want to remove it?' + }, + tabindex: false + }, options || {}); + + // no action if there are no elements + if(this.length == 0) { + return; + } + + // set the autocompleteOptions source + if(options.autocompleteURL) { + options.autocompleteOptions.source = options.autocompleteURL; + } + + // Set the direction of the inputs + var direction= this.attr('dir'); + if(direction && direction.length > 0) { + options.direction = this.attr('dir'); + } + + var elements = this; + var focusItem = null; + + var baseNameRegexp = new RegExp("^(.*)\\[([0-9]*?("+options.deletedPostfix+"|"+options.addedPostfix+")?)?\]$", "i"); + + var baseName = elements.eq(0).attr('name').match(baseNameRegexp); + if(baseName && baseName.length == 4) { + baseName = baseName[1]; + } + else { + // Elementname does not match the expected format, exit + alert('elementname dows not match the expected format (regexp: '+baseNameRegexp+')') + return; + } + + // read tabindex from source element + var ti; + if (!options.tabindex && (ti = elements.eq(0).attr('tabindex'))) + options.tabindex = ti; + + // init elements + inputsToList(); + + /** + * Creates the tageditinput from a list of textinputs + * + */ + function inputsToList() { + var html = '<ul class="tagedit-list '+options.additionalListClass+'">'; + + elements.each(function(i) { + var element_name = $(this).attr('name').match(baseNameRegexp); + if(element_name && element_name.length == 4 && (options.deleteEmptyItems == false || $(this).val().length > 0)) { + if(element_name[1].length > 0) { + var elementId = typeof element_name[2] != 'undefined'? element_name[2]: '', + domId = 'tagedit-' + baseName + '-' + (elementId || i); + + html += '<li class="tagedit-listelement tagedit-listelement-old" aria-labelledby="'+domId+'">'; + html += '<span dir="'+options.direction+'" id="'+domId+'">' + $(this).val() + '</span>'; + html += '<input type="hidden" name="'+baseName+'['+elementId+']" value="'+$(this).val()+'" />'; + if (options.allowDelete) + html += '<a class="tagedit-close" title="'+options.texts.removeLinkTitle+'" aria-label="'+options.texts.removeLinkTitle+' '+$(this).val()+'">x</a>'; + html += '</li>'; + } + } + }); + + // replace Elements with the list and save the list in the local variable elements + elements.last().after(html) + var newList = elements.last().next(); + elements.remove(); + elements = newList; + + // Check if some of the elementshav to be marked as deleted + if(options.deletedPostfix.length > 0) { + elements.find('input[name$="'+options.deletedPostfix+'\]"]').each(function() { + markAsDeleted($(this).parent()); + }); + } + + // put an input field at the End + // Put an empty element at the end + html = '<li class="tagedit-listelement tagedit-listelement-new">'; + if (options.allowAdd) + html += '<input type="text" name="'+baseName+'[]" value="" id="tagedit-input" disabled="disabled" class="tagedit-input-disabled" dir="'+options.direction+'"/>'; + html += '</li>'; + html += '</ul>'; + + elements + .append(html) + .attr('tabindex', options.tabindex) // set tabindex to <ul> to recieve focus + + // Set function on the input + .find('#tagedit-input') + .attr('tabindex', options.tabindex) + .each(function() { + $(this).autoGrowInput({comfortZone: 15, minWidth: 15, maxWidth: 20000}); + + // Event is triggert in case of choosing an item from the autocomplete, or finish the input + $(this).bind('transformToTag', function(event, id) { + var oldValue = (typeof id != 'undefined' && (id.length > 0 || id > 0)); + + var checkAutocomplete = oldValue == true || options.autocompleteOptions.noCheck ? false : true; + // check if the Value ist new + var isNewResult = isNew($(this).val(), checkAutocomplete); + if(isNewResult[0] === true || (isNewResult[0] === false && typeof isNewResult[1] == 'string')) { + + if(oldValue == false && typeof isNewResult[1] == 'string') { + oldValue = true; + id = isNewResult[1]; + } + + if(options.allowAdd == true || oldValue) { + var domId = 'tagedit-' + baseName + '-' + id; + // Make a new tag in front the input + html = '<li class="tagedit-listelement tagedit-listelement-old" aria-labelledby="'+domId+'">'; + html += '<span dir="'+options.direction+'" id="'+domId+'">' + $(this).val() + '</span>'; + var name = oldValue? baseName + '['+id+options.addedPostfix+']' : baseName + '[]'; + html += '<input type="hidden" name="'+name+'" value="'+$(this).val()+'" />'; + html += '<a class="tagedit-close" title="'+options.texts.removeLinkTitle+'" aria-label="'+options.texts.removeLinkTitle+' '+$(this).val()+'">x</a>'; + html += '</li>'; + + $(this).parent().before(html); + } + } + $(this).val(''); + + // close autocomplete + if(options.autocompleteOptions.source) { + if($(this).is(':ui-autocomplete')) + $(this).autocomplete( "close" ); + } + + }) + .keydown(function(event) { + var code = event.keyCode > 0? event.keyCode : event.which; + + switch(code) { + case 46: + if (!focusItem) + break; + case 8: // BACKSPACE + if(focusItem) { + focusItem.fadeOut(options.animSpeed, function() { + $(this).remove(); + }) + unfocusItem(); + event.preventDefault(); + return false; + } + else if($(this).val().length == 0) { + // delete Last Tag + var elementToRemove = elements.find('li.tagedit-listelement-old').last(); + elementToRemove.fadeOut(options.animSpeed, function() {elementToRemove.remove();}) + event.preventDefault(); + return false; + } + break; + case 9: // TAB + if($(this).val().length > 0 && $('ul.ui-autocomplete #ui-active-menuitem').length == 0) { + $(this).trigger('transformToTag'); + event.preventDefault(); + return false; + } + break; + case 37: // LEFT + case 39: // RIGHT + if($(this).val().length == 0) { + // select previous Tag + var inc = code == 37 ? -1 : 1, + items = elements.find('li.tagedit-listelement-old') + x = items.length, next = 0; + items.each(function(i, elem) { + if ($(elem).hasClass('tagedit-listelement-focus')) { + x = i; + return true; + } + }); + unfocusItem(); + next = Math.max(0, x + inc); + if (items.get(next)) { + focusItem = items.eq(next).addClass('tagedit-listelement-focus'); + $(this).attr('aria-activedescendant', focusItem.attr('aria-labelledby')) + + if(options.autocompleteOptions.source != false) { + $(this).autocomplete('close').autocomplete('disable'); + } + } + event.preventDefault(); + return false; + } + break; + default: + // ignore input if an item is focused + if (focusItem !== null) { + event.preventDefault(); + event.bubble = false; + return false; + } + } + return true; + }) + .keypress(function(event) { + var code = event.keyCode > 0? event.keyCode : event.which; + if($.inArray(code, options.breakKeyCodes) > -1) { + if($(this).val().length > 0 && $('ul.ui-autocomplete #ui-active-menuitem').length == 0) { + $(this).trigger('transformToTag'); + } + event.preventDefault(); + return false; + } + else if($(this).val().length > 0){ + unfocusItem(); + } + return true; + }) + .bind('paste', function(e){ + var that = $(this); + if (e.type == 'paste'){ + setTimeout(function(){ + that.trigger('transformToTag'); + }, 1); + } + }) + .blur(function() { + if($(this).val().length == 0) { + // disable the field to prevent sending with the form + $(this).attr('disabled', 'disabled').addClass('tagedit-input-disabled'); + } + else { + // Delete entry after a timeout + var input = $(this); + $(this).data('blurtimer', window.setTimeout(function() {input.val('');}, 500)); + } + unfocusItem(); + // restore tabindex when widget looses focus + if (options.tabindex) + elements.attr('tabindex', options.tabindex); + }) + .focus(function() { + window.clearTimeout($(this).data('blurtimer')); + // remove tabindex on <ul> because #tagedit-input now has it + elements.attr('tabindex', '-1'); + }); + + if(options.autocompleteOptions.source != false) { + $(this).autocomplete(options.autocompleteOptions); + } + }) + .end() + .click(function(event) { + switch(event.target.tagName) { + case 'A': + $(event.target).parent().fadeOut(options.animSpeed, function() { + $(event.target).parent().remove(); + elements.find('#tagedit-input').focus(); + }); + break; + case 'INPUT': + case 'SPAN': + case 'LI': + if($(event.target).hasClass('tagedit-listelement-deleted') == false && + $(event.target).parent('li').hasClass('tagedit-listelement-deleted') == false) { + // Don't edit an deleted Items + return doEdit(event); + } + default: + $(this).find('#tagedit-input') + .removeAttr('disabled') + .removeClass('tagedit-input-disabled') + .focus(); + } + return false; + }) + // forward focus event (on tabbing through the form) + .focus(function(e){ $(this).click(); }) + } + + /** + * Remove class and reference to currently focused tag item + */ + function unfocusItem() { + if(focusItem){ + if(options.autocompleteOptions.source != false) { + elements.find('#tagedit-input').autocomplete('enable'); + } + focusItem.removeClass('tagedit-listelement-focus'); + focusItem = null; + elements.find('#tagedit-input').removeAttr('aria-activedescendant'); + } + } + + /** + * Sets all Actions and events for editing an Existing Tag. + * + * @param event {object} The original Event that was given + * return {boolean} + */ + function doEdit(event) { + if(options.allowEdit == false) { + // Do nothing + return; + } + + var element = event.target.tagName == 'SPAN'? $(event.target).parent() : $(event.target); + + var closeTimer = null; + + // Event that is fired if the User finishes the edit of a tag + element.bind('finishEdit', function(event, doReset) { + window.clearTimeout(closeTimer); + + var textfield = $(this).find(':text'); + var isNewResult = isNew(textfield.val(), true); + if(textfield.val().length > 0 && (typeof doReset == 'undefined' || doReset === false) && (isNewResult[0] == true)) { + // This is a new Value and we do not want to do a reset. Set the new value + $(this).find(':hidden').val(textfield.val()); + $(this).find('span').html(textfield.val()); + } + + textfield.remove(); + $(this).find('a.tagedit-save, a.tagedit-break, a.tagedit-delete').remove(); // Workaround. This normaly has to be done by autogrow Plugin + $(this).removeClass('tagedit-listelement-edit').unbind('finishEdit'); + return false; + }); + + var hidden = element.find(':hidden'); + html = '<input type="text" name="tmpinput" autocomplete="off" value="'+hidden.val()+'" class="tagedit-edit-input" dir="'+options.direction+'"/>'; + html += '<a class="tagedit-save" title="'+options.texts.saveEditLinkTitle+'">o</a>'; + html += '<a class="tagedit-break" title="'+options.texts.breakEditLinkTitle+'">x</a>'; + + // If the Element is one from the Database, it can be deleted + if(options.allowDelete == true && element.find(':hidden').length > 0 && + typeof element.find(':hidden').attr('name').match(baseNameRegexp)[3] != 'undefined') { + html += '<a class="tagedit-delete" title="'+options.texts.deleteLinkTitle+'">d</a>'; + } + + hidden.after(html); + element + .addClass('tagedit-listelement-edit') + .find('a.tagedit-save') + .click(function() { + $(this).parent().trigger('finishEdit'); + return false; + }) + .end() + .find('a.tagedit-break') + .click(function() { + $(this).parent().trigger('finishEdit', [true]); + return false; + }) + .end() + .find('a.tagedit-delete') + .click(function() { + window.clearTimeout(closeTimer); + if(confirm(options.texts.deleteConfirmation)) { + var canDelete = checkToDelete($(this).parent()); + if (!canDelete && confirm(options.texts.forceDeleteConfirmation)) { + markAsDeleted($(this).parent()); + } + + if(canDelete) { + markAsDeleted($(this).parent()); + } + + $(this).parent().find(':text').trigger('finishEdit', [true]); + } + else { + $(this).parent().find(':text').trigger('finishEdit', [true]); + } + return false; + }) + .end() + .find(':text') + .focus() + .autoGrowInput({comfortZone: 10, minWidth: 15, maxWidth: 20000}) + .keypress(function(event) { + switch(event.keyCode) { + case 13: // RETURN + event.preventDefault(); + $(this).parent().trigger('finishEdit'); + return false; + case 27: // ESC + event.preventDefault(); + $(this).parent().trigger('finishEdit', [true]); + return false; + } + return true; + }) + .blur(function() { + var that = $(this); + closeTimer = window.setTimeout(function() {that.parent().trigger('finishEdit', [true])}, 500); + }); + } + + /** + * Verifies if the tag select to be deleted is used by other records using an Ajax request. + * + * @param element + * @returns {boolean} + */ + function checkToDelete(element) { + // if no URL is provide will not verify + if(options.checkToDeleteURL === null) { + return false; + } + + var inputName = element.find('input:hidden').attr('name'); + var idPattern = new RegExp('\\d'); + var tagId = inputName.match(idPattern); + var checkResult = false; + + $.ajax({ + async : false, + url : options.checkToDeleteURL, + dataType: 'json', + type : 'POST', + data : { 'tagId' : tagId}, + complete: function (XMLHttpRequest, textStatus) { + + // Expected JSON Object: { "success": Boolean, "allowDelete": Boolean} + var result = $.parseJSON(XMLHttpRequest.responseText); + if(result.success === true){ + checkResult = result.allowDelete; + } + } + }); + + return checkResult; + } + + /** + * Marks a single Tag as deleted. + * + * @param element {object} + */ + function markAsDeleted(element) { + element + .trigger('finishEdit', [true]) + .addClass('tagedit-listelement-deleted') + .attr('title', options.deletedElementTitle); + element.find(':hidden').each(function() { + var nameEndRegexp = new RegExp('('+options.addedPostfix+'|'+options.deletedPostfix+')?\]'); + var name = $(this).attr('name').replace(nameEndRegexp, options.deletedPostfix+']'); + $(this).attr('name', name); + }); + + } + + /** + * Checks if a tag is already choosen. + * + * @param value {string} + * @param checkAutocomplete {boolean} optional Check also the autocomplet values + * @returns {Array} First item is a boolean, telling if the item should be put to the list, second is optional the ID from autocomplete list + */ + function isNew(value, checkAutocomplete) { + checkAutocomplete = typeof checkAutocomplete == 'undefined'? false : checkAutocomplete; + var autoCompleteId = null; + + var compareValue = options.checkNewEntriesCaseSensitive == true? value : value.toLowerCase(); + + var isNew = true; + elements.find('li.tagedit-listelement-old input:hidden').each(function() { + var elementValue = options.checkNewEntriesCaseSensitive == true? $(this).val() : $(this).val().toLowerCase(); + if(elementValue == compareValue) { + isNew = false; + } + }); + + if (isNew == true && checkAutocomplete == true && options.autocompleteOptions.source != false) { + var result = []; + if ($.isArray(options.autocompleteOptions.source)) { + result = options.autocompleteOptions.source; + } + else if ($.isFunction(options.autocompleteOptions.source)) { + options.autocompleteOptions.source({term: value}, function (data) {result = data}); + } + else if (typeof options.autocompleteOptions.source === "string") { + // Check also autocomplete values + var autocompleteURL = options.autocompleteOptions.source; + if (autocompleteURL.match(/\?/)) { + autocompleteURL += '&'; + } else { + autocompleteURL += '?'; + } + autocompleteURL += 'term=' + value; + $.ajax({ + async: false, + url: autocompleteURL, + dataType: 'json', + complete: function (XMLHttpRequest, textStatus) { + result = $.parseJSON(XMLHttpRequest.responseText); + } + }); + } + + // If there is an entry for that already in the autocomplete, don't use it (Check could be case sensitive or not) + for (var i = 0; i < result.length; i++) { + var resultValue = result[i].label? result[i].label : result[i]; + var label = options.checkNewEntriesCaseSensitive == true? resultValue : resultValue.toLowerCase(); + if (label == compareValue) { + isNew = false; + autoCompleteId = typeof result[i] == 'string' ? i : result[i].id; + break; + } + } + } + + return new Array(isNew, autoCompleteId); + } + } +})(jQuery); + +(function($){ + +// jQuery autoGrowInput plugin by James Padolsey +// See related thread: http://stackoverflow.com/questions/931207/is-there-a-jquery-autogrow-plugin-for-text-fields + +$.fn.autoGrowInput = function(o) { + + o = $.extend({ + maxWidth: 1000, + minWidth: 0, + comfortZone: 70 + }, o); + + this.filter('input:text').each(function(){ + + var minWidth = o.minWidth || $(this).width(), + val = '', + input = $(this), + testSubject = $('<tester/>').css({ + position: 'absolute', + top: -9999, + left: -9999, + width: 'auto', + fontSize: input.css('fontSize'), + fontFamily: input.css('fontFamily'), + fontWeight: input.css('fontWeight'), + letterSpacing: input.css('letterSpacing'), + whiteSpace: 'nowrap' + }), + check = function() { + + if (val === (val = input.val())) {return;} + + // Enter new content into testSubject + var escaped = val.replace(/&/g, '&').replace(/\s/g,' ').replace(/</g, '<').replace(/>/g, '>'); + testSubject.html(escaped); + + // Calculate new width + whether to change + var testerWidth = testSubject.width(), + newWidth = (testerWidth + o.comfortZone) >= minWidth ? testerWidth + o.comfortZone : minWidth, + currentWidth = input.width(), + isValidWidthChange = (newWidth < currentWidth && newWidth >= minWidth) + || (newWidth > minWidth && newWidth < o.maxWidth); + + // Animate width + if (isValidWidthChange) { + input.width(newWidth); + } + + }; + + testSubject.insertAfter(input); + + $(this).bind('keyup keydown blur update', check); + + check(); + }); + + return this; + +}; + +})(jQuery); \ No newline at end of file
View file
roundcubemail-1.1.tar.gz/plugins/jqueryui/themes/larry/tagedit.css
Added
@@ -0,0 +1,122 @@ +/** + * Styles of the tagedit inputsforms + */ +.tagedit-list { + width: 100%; + margin: 0; + padding: 4px 4px 0 5px; + overflow: auto; + min-height: 26px; + background: #fff; + border: 1px solid #b2b2b2; + border-radius: 4px; + box-shadow: inset 0 0 2px 1px rgba(0,0,0, 0.1); + -moz-box-shadow: inset 0 0 2px 1px rgba(0,0,0, 0.1); + -webkit-box-shadow: inset 0 0 2px 1px rgba(0,0,0, 0.1); + -o-box-shadow: inset 0 0 2px 1px rgba(0,0,0, 0.1); +} +.tagedit-list li.tagedit-listelement { + list-style-type: none; + float: left; + margin: 0 4px 4px 0; + padding: 0; +} + +/* New Item input */ +.tagedit-list li.tagedit-listelement-new input { + border: 0; + height: 100%; + padding: 4px 1px; + width: 15px; + background: #fff; + border-radius: 0; + box-shadow: none; + -moz-box-shadow: none; + -webkit-box-shadow: none; + -o-box-shadow: none; +} +.tagedit-list li.tagedit-listelement-new input:focus { + box-shadow: none; + -moz-box-shadow: none; + -webkit-box-shadow: none; + -o-box-shadow: none; + outline: none; +} +.tagedit-list li.tagedit-listelement-new input.tagedit-input-disabled { + display: none; +} + +/* Item that is put to the List */ +.tagedit span.tag-element, +.tagedit-list li.tagedit-listelement-old { + padding: 3px 6px 1px 6px; + background: #ddeef5; + background: -moz-linear-gradient(top, #edf6fa 0%, #d6e9f3 100%); + background: -webkit-gradient(linear, left top, left bottom, color-stop(0%,#edf6fa), color-stop(100%,#d6e9f3)); + background: -o-linear-gradient(top, #edf6fa 0%, #d6e9f3 100%); + background: -ms-linear-gradient(top, #edf6fa 0%, #d6e9f3 100%); + background: linear-gradient(top, #edf6fa 0%, #d6e9f3 100%); + border: 1px solid #c2dae5; + -moz-border-radius: 4px; + -webkit-border-radius: 4px; + border-radius: 4px; + color: #0d5165; + line-height: 1.3em; +} + +.tagedit-list li.tagedit-listelement-focus { + border-color: #4787b1; + -moz-box-shadow: 0 0 3px 1px rgba(71,135,177, 0.8); + -webkit-box-shadow: 0 0 3px 1px rgba(71,135,177, 0.8); + -o-box-shadow: 0 0 3px 1px rgba(71,135,177, 0.8); + box-shadow: 0 0 3px 1px rgba(71,135,177, 0.8); +} + +.tagedit span.tag-element { + margin-right: 0.6em; + padding: 2px 6px; +/* cursor: pointer; */ +} + +.tagedit span.tag-element.inherit { + color: #666; + background: #f2f2f2; + border-color: #ddd; +} + +.tagedit-list li.tagedit-listelement-old a.tagedit-close, +.tagedit-list li.tagedit-listelement-old a.tagedit-break, +.tagedit-list li.tagedit-listelement-old a.tagedit-delete, +.tagedit-list li.tagedit-listelement-old a.tagedit-save { + text-indent: -2000px; + display: inline-block; + position: relative; + top: -1px; + width: 16px; + height: 16px; + margin: 0 -4px 0 6px; + background: url('data:image/gif;base64,iVBORw0KGgoAAAANSUhEUgAAAA0AAAAOCAYAAAD0f5bSAAAAgUlEQVQoz2NgQAKzdxwWAOIEIG5AwiC+AAM2AJQIAOL3QPwfCwaJB6BrSMChGB0nwDQYwATP3nn4f+Ge4ygKQXyQOJKYAUjTepjAm09fwBimEUTDxJA0rWdANxWmaMXB0xiGwDADurthGkEAmwbqaCLFeWQFBOlBTlbkkp2MSE2wAA8R50rWvqeRAAAAAElFTkSuQmCC') left 1px no-repeat; + cursor: pointer; +} + +.tagedit-list li.tagedit-listelement-old span { + display: inline-block; + height: 15px; +} + +/** Special hacks for IE7 **/ + +html.ie7 .tagedit span.tag-element, +html.ie7 .tagedit-list li.tagedit-listelement-old { + filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#edf6fa', endColorstr='#d6e9f3', GradientType=0); +} + +html.ie7 .tagedit-list li.tagedit-listelement span { + position: relative; + top: -3px; +} + +html.ie7 .tagedit-list li.tagedit-listelement-old a.tagedit-close { + left: 5px; +} +
View file
roundcubemail-1.1.tar.gz/plugins/managesieve/Changelog
Changed
@@ -1,3 +1,9 @@ +* version 8.2 [2015-01-14] +----------------------------------------------------------- +- Fix bug where actions without if/elseif/else in sieve scripts were skipped +- Support "not allof" test as a negation of all sub-tests +- Fix bug where vacation rule was saved to wrong script if managesieve_kolab_master=true + * version 8.1 [2014-12-09] ----------------------------------------------------------- - Added simple API to manage vacation rule
View file
roundcubemail-1.1.tar.gz/plugins/managesieve/composer.json
Changed
@@ -3,7 +3,7 @@ "type": "roundcube-plugin", "description": "Adds a possibility to manage Sieve scripts (incoming mail filters). It's clickable interface which operates on text scripts and communicates with server using managesieve protocol. Adds Filters tab in Settings.", "license": "GPLv3+", - "version": "8.1", + "version": "8.2", "authors": [ { "name": "Aleksander Machniak",
View file
roundcubemail-1.1.tar.gz/plugins/managesieve/lib/Roundcube/rcube_sieve_engine.php
Changed
@@ -63,7 +63,7 @@ 1 => 'notifyimportancehigh' ); - const VERSION = '8.1'; + const VERSION = '8.2'; const PROGNAME = 'Roundcube (Managesieve)'; const PORT = 4190; @@ -227,7 +227,7 @@ if ($script_name === null || $script_name === '') { // get (first) active script - if (!empty($this->active[0])) { + if (!empty($this->active)) { $script_name = $this->active[0]; } else if ($list) { @@ -1270,8 +1270,11 @@ $out .= $hiddenfields->show(); // 'any' flag - if (sizeof($scr['tests']) == 1 && $scr['tests'][0]['test'] == 'true' && !$scr['tests'][0]['not']) + if ((!isset($this->form) && empty($scr['tests']) && !empty($scr)) + || (sizeof($scr['tests']) == 1 && $scr['tests'][0]['test'] == 'true' && !$scr['tests'][0]['not']) + ) { $any = true; + } // filter name input $field_id = '_name'; @@ -1332,7 +1335,7 @@ $out .= sprintf("%s<label for=\"%s\">%s</label>\n", $input_join, $field_id, rcube::Q($this->plugin->gettext('filterany'))); - $rows_num = isset($scr) ? sizeof($scr['tests']) : 1; + $rows_num = !empty($scr['tests']) ? sizeof($scr['tests']) : 1; $out .= '<div id="rules"'.($any ? ' style="display: none"' : '').'>'; for ($x=0; $x<$rows_num; $x++) @@ -1463,31 +1466,26 @@ $select_op->add(rcube::Q($this->plugin->gettext('valuenotequals')), 'value-ne'); } + $test = self::rule_test($rule); + $target = ''; + // target(s) input if (in_array($rule['test'], array('header', 'address', 'envelope'))) { - $test = ($rule['not'] ? 'not' : '').($rule['type'] ? $rule['type'] : 'is'); $target = $rule['arg2']; } else if (in_array($rule['test'], array('body', 'date', 'currentdate'))) { - $test = ($rule['not'] ? 'not' : '').($rule['type'] ? $rule['type'] : 'is'); $target = $rule['arg']; } else if ($rule['test'] == 'size') { - $test = ''; - $target = ''; if (preg_match('/^([0-9]+)(K|M|G)?$/', $rule['arg'], $matches)) { $sizetarget = $matches[1]; - $sizeitem = $matches[2]; + $sizeitem = $matches[2]; } else { $sizetarget = $rule['arg']; - $sizeitem = $rule['item']; + $sizeitem = $rule['item']; } } - else { - $test = ($rule['not'] ? 'not' : '').$rule['test']; - $target = ''; - } // (current)date part select if (in_array('date', $this->exts) || in_array('currentdate', $this->exts)) { @@ -1637,6 +1635,43 @@ return $out; } + private static function rule_test(&$rule) + { + // first modify value/count tests with 'not' keyword + // we'll revert the meaning of operators + if ($rule['not'] && preg_match('/^(count|value)-([gteqnl]{2})/', $rule['type'], $m)) { + $rule['not'] = false; + + switch ($m[2]) { + case 'gt': $rule['type'] = $m[1] . '-le'; break; + case 'ge': $rule['type'] = $m[1] . '-lt'; break; + case 'lt': $rule['type'] = $m[1] . '-ge'; break; + case 'le': $rule['type'] = $m[1] . '-gt'; break; + case 'eq': $rule['type'] = $m[1] . '-ne'; break; + case 'ne': $rule['type'] = $m[1] . '-eq'; break; + } + } + else if ($rule['not'] && $rule['test'] == 'size') { + $rule['not'] = false; + $rule['type'] = $rule['type'] == 'over' ? 'under' : 'over'; + } + + $set = array('header', 'address', 'envelope', 'body', 'date', 'currentdate'); + + // build test string supported by select element + if ($rule['size']) { + $test = $rule['type']; + } + else if (in_array($rule['test'], $set)) { + $test = ($rule['not'] ? 'not' : '') . ($rule['type'] ? $rule['type'] : 'is'); + } + else { + $test = ($rule['not'] ? 'not' : '') . $rule['test']; + } + + return $test; + } + function action_div($fid, $id, $div=true) { $action = isset($this->form) ? $this->form['actions'][$id] : $this->script[$fid]['actions'][$id]; @@ -2043,7 +2078,6 @@ // Handle active script(s) and list of scripts according to Kolab's KEP:14 if ($this->rc->config->get('managesieve_kolab_master')) { - // Skip protected names foreach ((array)$this->list as $idx => $name) { $_name = strtoupper($name); @@ -2105,6 +2139,11 @@ } } + // reindex + if (!empty($this->list)) { + $this->list = array_values($this->list); + } + return $this->list; } @@ -2282,7 +2321,7 @@ $i = 1; foreach ($this->script as $idx => $filter) { - if ($filter['type'] != 'if') { + if (empty($filter['actions'])) { continue; } $fname = $filter['name'] ? $filter['name'] : "#$i";
View file
roundcubemail-1.1.tar.gz/plugins/managesieve/lib/Roundcube/rcube_sieve_script.php
Changed
@@ -622,6 +622,7 @@ $disabled = false; $join = false; + $join_not = false; // disabled rule (false + comment): if false # ..... if (preg_match('/^\s*false\s+#/i', $content)) { @@ -650,15 +651,22 @@ $not = false; } + // we support "not allof" as a negation of allof sub-tests + if ($join_not) { + $not = !$not; + } + switch ($token) { case 'allof': - $join = true; + $join = true; + $join_not = $not; break; + case 'anyof': break; case 'size': - $test = array('test' => 'size', 'not' => $not); + $test = array('test' => 'size', 'not' => $not); $test['arg'] = array_pop($tokens); @@ -740,16 +748,16 @@ break; case 'exists': - $tests[] = array('test' => 'exists', 'not' => $not, + $tests[] = array('test' => 'exists', 'not' => $not, 'arg' => array_pop($tokens)); break; case 'true': - $tests[] = array('test' => 'true', 'not' => $not); + $tests[] = array('test' => 'true', 'not' => $not); break; case 'false': - $tests[] = array('test' => 'true', 'not' => !$not); + $tests[] = array('test' => 'true', 'not' => !$not); break; }
View file
roundcubemail-1.1.tar.gz/program/include/rcmail.php
Changed
@@ -2284,6 +2284,29 @@ return $result; } + /** + * Get resource file content (with assets_dir support) + * + * @param string $name File name + */ + public function get_resource_content($name) + { + if (!strpos($name, '/')) { + $name = "program/resources/$name"; + } + + $assets_dir = $this->config->get('assets_dir'); + + if ($assets_dir) { + $path = slashify($assets_dir) . $name; + if (@file_exists($path)) { + $name = $path; + } + } + + return file_get_contents($name, false); + } + /************************************************************************ ********* Deprecated methods (to be removed) *********
View file
roundcubemail-1.1.tar.gz/program/js/app.js
Changed
@@ -3781,14 +3781,13 @@ this.set_draft_id = function(id) { - var rc; - if (id && id != this.env.draft_id) { - if (rc = this.opener()) { - // refresh the drafts folder in opener window - if (rc.env.task == 'mail' && rc.env.action == '' && rc.env.mailbox == this.env.drafts_mailbox) - rc.command('checkmail'); - } + var filter = {task: 'mail', action: ''}, + rc = this.opener(false, filter) || this.opener(true, filter); + + // refresh the drafts folder in the opener window + if (rc && rc.env.mailbox == this.env.drafts_mailbox) + rc.command('checkmail'); this.env.draft_id = id; $("input[name='_draft_saveid']").val(id); @@ -4774,6 +4773,9 @@ if (!src) src = this.env.source; + if (refresh) + group = this.env.group; + if (page && this.current_page == page && src == this.env.source && group == this.env.group) return false; @@ -5796,6 +5798,9 @@ // on the list when dragging starts (and stops), this is slow, but // I didn't find a method to check droptarget on over event accept: function(node) { + if (!$(node).is('.mailbox')) + return false; + var source_folder = ref.folder_id2name($(node).attr('id')), dest_folder = ref.folder_id2name(this.id), source = ref.env.subscriptionrows[source_folder], @@ -5816,7 +5821,7 @@ this.folder_id2name = function(id) { - return ref.html_identifier_decode(id.replace(/^rcmli/, '')); + return id ? ref.html_identifier_decode(id.replace(/^rcmli/, '')) : null; }; this.subscription_select = function(id) @@ -6724,7 +6729,7 @@ this.set_quota = function(content) { if (this.gui_objects.quotadisplay && content && content.type == 'text') - $(this.gui_objects.quotadisplay).html(content.percent+'%').attr('title', content.title); + $(this.gui_objects.quotadisplay).text((content.percent||0) + '%').attr('title', content.title); this.triggerEvent('setquota', content); this.env.quota_content = content; @@ -7891,12 +7896,24 @@ }; // get window.opener.rcmail if available - this.opener = function() + this.opener = function(deep, filter) { + var i, win = window.opener; + // catch Error: Permission denied to access property rcmail try { - if (window.opener && !opener.closed && opener.rcmail) - return opener.rcmail; + if (win && !win.closed) { + // try parent of the opener window, e.g. preview frame + if (deep && (!win.rcmail || win.rcmail.env.framed) && win.parent && win.parent.rcmail) + win = win.parent; + + if (win.rcmail && filter) + for (i in filter) + if (win.rcmail.env[i] != filter[i]) + return; + + return win.rcmail; + } } catch (e) {} }; @@ -8063,7 +8080,7 @@ if (plugin && plugin.enabledPlugin) return 1; - if (window.ActiveXObject) { + if ('ActiveXObject' in window) { try { if (plugin = new ActiveXObject("AcroPDF.PDF")) return 1; @@ -8096,7 +8113,7 @@ if (plugin && plugin.enabledPlugin) return 1; - if (window.ActiveXObject) { + if ('ActiveXObject' in window) { try { if (plugin = new ActiveXObject("ShockwaveFlash.ShockwaveFlash")) return 1; @@ -8180,7 +8197,7 @@ if (!elem.title) { var $elem = $(elem); if ($elem.width() + (indent || 0) * 15 > $elem.parent().width()) - elem.title = $elem.text(); + elem.title = rcube_webmail.subject_text(elem); } }; @@ -8197,10 +8214,17 @@ tmp.remove(); if (w + $('span.branch', $elem).width() * 15 > $elem.width()) - elem.title = txt; + elem.title = rcube_webmail.subject_text(elem); } }; +rcube_webmail.subject_text = function(elem) +{ + var t = $(elem).clone(); + t.find('.skip-on-drag').remove(); + return t.text(); +}; + rcube_webmail.prototype.get_cookie = getCookie; // copy event engine prototype
View file
roundcubemail-1.1.tar.gz/program/js/common.js
Changed
@@ -103,7 +103,7 @@ this.xmlhttp_test = function() { var activeX_test = new Function("try{var o=new ActiveXObject('Microsoft.XMLHTTP');return true;}catch(err){return false;}"); - this.xmlhttp = (window.XMLHttpRequest || (window.ActiveXObject && activeX_test())); + this.xmlhttp = window.XMLHttpRequest || (('ActiveXObject' in window) && activeX_test()); return this.xmlhttp; };
View file
roundcubemail-1.1.tar.gz/program/js/list.js
Changed
@@ -219,7 +219,7 @@ if (this.column_fixed == r) continue; col = this.thead.rows[0].cells[r]; - col.onmousedown = function(e){ return p.drag_column(e, this); }; + col.onmousedown = function(e) { return p.drag_column(e, this); }; this.colcount++; } } @@ -240,8 +240,8 @@ $(this.list).before(this.fixed_header); var me = this; - $(window).resize(function(){ me.resize() }); - $(window).scroll(function(){ + $(window).resize(function() { me.resize(); }); + $(window).scroll(function() { var w = $(window); me.fixed_header.css('marginLeft', (-w.scrollLeft()) + 'px'); if (!bw.webkit) @@ -270,14 +270,14 @@ var column_widths = []; // get column widths from original thead - $(this.tbody).parent().find('thead tr td').each(function(index) { + $(this.tbody).parent().find('thead th,thead td').each(function(index) { column_widths[index] = $(this).width(); }); // apply fixed widths to fixed table header $(this.thead).parent().width($(this.tbody).parent().width()); - $(this.thead).find('tr td').each(function(index) { - $(this).css('width', column_widths[index]); + $(this.thead).find('th,td').each(function(index) { + $(this).width(column_widths[index]); }); $(window).scroll();
View file
roundcubemail-1.1.tar.gz/program/lib/Roundcube/rcube_config.php
Changed
@@ -3,7 +3,7 @@ /* +-----------------------------------------------------------------------+ | This file is part of the Roundcube Webmail client | - | Copyright (C) 2008-2013, The Roundcube Dev Team | + | Copyright (C) 2008-2014, The Roundcube Dev Team | | | | Licensed under the GNU General Public License version 3 or | | any later version with exceptions for skins & plugins. | @@ -26,12 +26,13 @@ { const DEFAULT_SKIN = 'larry'; - private $env = ''; - private $paths = array(); - private $prop = array(); - private $errors = array(); + private $env = ''; + private $paths = array(); + private $prop = array(); + private $errors = array(); private $userprefs = array(); + /** * Renamed options * @@ -48,7 +49,6 @@ 'redundant_attachments_cache_ttl' => 'redundant_attachments_memcache_ttl', ); - /** * Object constructor * @@ -92,7 +92,6 @@ $this->set('contactlist_fields', array('name', 'firstname', 'surname', 'email')); } - /** * @brief Guess the type the string may fit into. * @@ -121,7 +120,6 @@ return $_; } - /** * @brief Parse environment variable into PHP type. * @@ -159,11 +157,10 @@ default: $_ = $this->parse_env($_, $this->guess_type($_)); } - + return $_; } - /** * @brief Get environment variable value. * @@ -179,7 +176,7 @@ private function getenv_default($varname, $default_value, $type = null) { $_ = getenv($varname); - + if ($_ === false) { $_ = $default_value; } @@ -187,13 +184,13 @@ if (is_null($type)) { $type = gettype($default_value); } + $_ = $this->parse_env($_, $type); } - + return $_; } - /** * Load config from local config file * @@ -240,8 +237,9 @@ $this->prop['temp_dir'] = $this->prop['temp_dir'] ? realpath(unslashify($this->prop['temp_dir'])) : RCUBE_INSTALL_PATH . 'temp'; // fix default imap folders encoding - foreach (array('drafts_mbox', 'junk_mbox', 'sent_mbox', 'trash_mbox') as $folder) + foreach (array('drafts_mbox', 'junk_mbox', 'sent_mbox', 'trash_mbox') as $folder) { $this->prop[$folder] = rcube_charset::convert($this->prop[$folder], RCUBE_CHARSET, 'UTF7-IMAP'); + } // set PHP error logging according to config if ($this->prop['debug_level'] & 1) { @@ -403,7 +401,6 @@ return $plugin['result']; } - /** * Setter for a config parameter * @@ -415,7 +412,6 @@ $this->prop[$name] = $value; } - /** * Override config options with the given values (eg. user prefs) * @@ -427,7 +423,6 @@ $this->prop = array_merge($this->prop, $prefs, $this->userprefs); } - /** * Merge the given prefs over the current config * and make sure that they survive further merging. @@ -455,7 +450,6 @@ $this->prop = array_merge($this->prop, $prefs); } - /** * Getter for all config options * @@ -465,8 +459,9 @@ { $props = $this->prop; - foreach ($props as $prop_name => $prop_value) + foreach ($props as $prop_name => $prop_value) { $props[$prop_name] = $this->getenv_default('ROUNDCUBE_' . strtoupper($prop_name), $prop_value); + } $rcube = rcube::get_instance(); $plugin = $rcube->plugins->exec_hook('config_get', array( @@ -483,16 +478,16 @@ */ public function get_timezone() { - if ($tz = $this->get('timezone')) { - try { - $tz = new DateTimeZone($tz); - return $tz->getOffset(new DateTime('now')) / 3600; - } - catch (Exception $e) { + if ($tz = $this->get('timezone')) { + try { + $tz = new DateTimeZone($tz); + return $tz->getOffset(new DateTime('now')) / 3600; + } + catch (Exception $e) { + } } - } - return 0; + return 0; } /** @@ -526,7 +521,6 @@ return $key; } - /** * Try to autodetect operating system and find the correct line endings * @@ -537,14 +531,16 @@ // use the configured delimiter for headers if (!empty($this->prop['mail_header_delimiter'])) { $delim = $this->prop['mail_header_delimiter']; - if ($delim == "\n" || $delim == "\r\n") + if ($delim == "\n" || $delim == "\r\n") { return $delim; - else + } + else { rcube::raise_error(array( 'code' => 500, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Invalid mail_header_delimiter setting" ), true, false); + } } $php_os = strtolower(substr(PHP_OS, 0, 3)); @@ -558,7 +554,6 @@ return "\n"; } - /** * Return the mail domain configured for the given host * @@ -585,7 +580,6 @@ return $domain; } - /** * Getter for error state * @@ -596,7 +590,6 @@ return empty($this->errors) ? false : join("\n", $this->errors); } - /** * Internal getter for client's (browser) timezone identifier */
View file
roundcubemail-1.1.tar.gz/program/lib/Roundcube/rcube_db.php
Changed
@@ -1,6 +1,6 @@ <?php -/** +/* +-----------------------------------------------------------------------+ | This file is part of the Roundcube Webmail client | | Copyright (C) 2005-2012, The Roundcube Dev Team |
View file
roundcubemail-1.1.tar.gz/program/lib/Roundcube/rcube_db_mssql.php
Changed
@@ -1,6 +1,6 @@ <?php -/** +/* +-----------------------------------------------------------------------+ | This file is part of the Roundcube Webmail client | | Copyright (C) 2005-2012, The Roundcube Dev Team |
View file
roundcubemail-1.1.tar.gz/program/lib/Roundcube/rcube_db_mysql.php
Changed
@@ -1,6 +1,6 @@ <?php -/** +/* +-----------------------------------------------------------------------+ | This file is part of the Roundcube Webmail client | | Copyright (C) 2005-2012, The Roundcube Dev Team |
View file
roundcubemail-1.1.tar.gz/program/lib/Roundcube/rcube_db_oracle.php
Changed
@@ -1,6 +1,6 @@ <?php -/** +/* +-----------------------------------------------------------------------+ | This file is part of the Roundcube Webmail client | | Copyright (C) 2011-2014, Kolab Systems AG |
View file
roundcubemail-1.1.tar.gz/program/lib/Roundcube/rcube_db_pgsql.php
Changed
@@ -1,6 +1,6 @@ <?php -/** +/* +-----------------------------------------------------------------------+ | This file is part of the Roundcube Webmail client | | Copyright (C) 2005-2012, The Roundcube Dev Team |
View file
roundcubemail-1.1.tar.gz/program/lib/Roundcube/rcube_db_sqlite.php
Changed
@@ -1,6 +1,6 @@ <?php -/** +/* +-----------------------------------------------------------------------+ | This file is part of the Roundcube Webmail client | | Copyright (C) 2005-2012, The Roundcube Dev Team |
View file
roundcubemail-1.1.tar.gz/program/lib/Roundcube/rcube_db_sqlsrv.php
Changed
@@ -1,6 +1,6 @@ <?php -/** +/* +-----------------------------------------------------------------------+ | This file is part of the Roundcube Webmail client | | Copyright (C) 2005-2012, The Roundcube Dev Team |
View file
roundcubemail-1.1.tar.gz/program/lib/Roundcube/rcube_html2text.php
Changed
@@ -1,6 +1,6 @@ <?php -/** +/* +-----------------------------------------------------------------------+ | This file is part of the Roundcube Webmail client | | Copyright (C) 2008-2012, The Roundcube Dev Team |
View file
roundcubemail-1.1.tar.gz/program/lib/Roundcube/rcube_imap_generic.php
Changed
@@ -1,6 +1,6 @@ <?php -/** +/* +-----------------------------------------------------------------------+ | This file is part of the Roundcube Webmail client | | Copyright (C) 2005-2012, The Roundcube Dev Team |
View file
roundcubemail-1.1.tar.gz/program/lib/Roundcube/rcube_message_header.php
Changed
@@ -1,6 +1,6 @@ <?php -/** +/* +-----------------------------------------------------------------------+ | This file is part of the Roundcube Webmail client | | Copyright (C) 2005-2012, The Roundcube Dev Team |
View file
roundcubemail-1.1.tar.gz/program/lib/Roundcube/rcube_plugin_api.php
Changed
@@ -40,47 +40,15 @@ public $allowed_session_prefs = array(); public $active_plugins = array(); - protected $plugins = array(); - protected $tasks = array(); - protected $actions = array(); - protected $actionmap = array(); - protected $objectsmap = array(); + protected $plugins = array(); + protected $tasks = array(); + protected $actions = array(); + protected $actionmap = array(); + protected $objectsmap = array(); protected $template_contents = array(); - protected $exec_stack = array(); - - // Deprecated names of hooks, will be removed after 0.5-stable release - protected $deprecated_hooks = array( - 'create_user' => 'user_create', - 'kill_session' => 'session_destroy', - 'upload_attachment' => 'attachment_upload', - 'save_attachment' => 'attachment_save', - 'get_attachment' => 'attachment_get', - 'cleanup_attachments' => 'attachments_cleanup', - 'display_attachment' => 'attachment_display', - 'remove_attachment' => 'attachment_delete', - 'outgoing_message_headers' => 'message_outgoing_headers', - 'outgoing_message_body' => 'message_outgoing_body', - 'address_sources' => 'addressbooks_list', - 'get_address_book' => 'addressbook_get', - 'create_contact' => 'contact_create', - 'save_contact' => 'contact_update', - 'contact_save' => 'contact_update', - 'delete_contact' => 'contact_delete', - 'manage_folders' => 'folders_list', - 'list_mailboxes' => 'mailboxes_list', - 'save_preferences' => 'preferences_save', - 'user_preferences' => 'preferences_list', - 'list_prefs_sections' => 'preferences_sections_list', - 'list_identities' => 'identities_list', - 'create_identity' => 'identity_create', - 'delete_identity' => 'identity_delete', - 'save_identity' => 'identity_update', - 'identity_save' => 'identity_update', - // to be removed after 0.8 - 'imap_init' => 'storage_init', - 'mailboxes_list' => 'storage_folders', - 'imap_connect' => 'storage_connect', - ); + protected $exec_stack = array(); + protected $deprecated_hooks = array(); + /** * This implements the 'singleton' design pattern @@ -225,7 +193,7 @@ true, false); } } - elseif ($require) { + else if ($require) { rcube::raise_error(array('code' => 520, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Failed to load plugin file $fn"), true, false); @@ -243,130 +211,134 @@ */ public function get_info($plugin_name) { - static $composer_lock, $license_uris = array( - 'Apache' => 'http://www.apache.org/licenses/LICENSE-2.0.html', - 'Apache-2' => 'http://www.apache.org/licenses/LICENSE-2.0.html', - 'Apache-1' => 'http://www.apache.org/licenses/LICENSE-1.0', - 'Apache-1.1' => 'http://www.apache.org/licenses/LICENSE-1.1', - 'GPL' => 'http://www.gnu.org/licenses/gpl.html', - 'GPLv2' => 'http://www.gnu.org/licenses/gpl-2.0.html', - 'GPL-2.0' => 'http://www.gnu.org/licenses/gpl-2.0.html', - 'GPLv3' => 'http://www.gnu.org/licenses/gpl-3.0.html', - 'GPLv3+' => 'http://www.gnu.org/licenses/gpl-3.0.html', - 'GPL-3.0' => 'http://www.gnu.org/licenses/gpl-3.0.html', - 'GPL-3.0+' => 'http://www.gnu.org/licenses/gpl.html', - 'GPL-2.0+' => 'http://www.gnu.org/licenses/gpl.html', - 'AGPLv3' => 'http://www.gnu.org/licenses/agpl.html', - 'AGPLv3+' => 'http://www.gnu.org/licenses/agpl.html', - 'AGPL-3.0' => 'http://www.gnu.org/licenses/agpl.html', - 'LGPL' => 'http://www.gnu.org/licenses/lgpl.html', - 'LGPLv2' => 'http://www.gnu.org/licenses/lgpl-2.0.html', - 'LGPLv2.1' => 'http://www.gnu.org/licenses/lgpl-2.1.html', - 'LGPLv3' => 'http://www.gnu.org/licenses/lgpl.html', - 'LGPL-2.0' => 'http://www.gnu.org/licenses/lgpl-2.0.html', - 'LGPL-2.1' => 'http://www.gnu.org/licenses/lgpl-2.1.html', - 'LGPL-3.0' => 'http://www.gnu.org/licenses/lgpl.html', - 'LGPL-3.0+' => 'http://www.gnu.org/licenses/lgpl.html', - 'BSD' => 'http://opensource.org/licenses/bsd-license.html', - 'BSD-2-Clause' => 'http://opensource.org/licenses/BSD-2-Clause', - 'BSD-3-Clause' => 'http://opensource.org/licenses/BSD-3-Clause', - 'FreeBSD' => 'http://opensource.org/licenses/BSD-2-Clause', - 'MIT' => 'http://www.opensource.org/licenses/mit-license.php', - 'PHP' => 'http://opensource.org/licenses/PHP-3.0', - 'PHP-3' => 'http://www.php.net/license/3_01.txt', - 'PHP-3.0' => 'http://www.php.net/license/3_0.txt', - 'PHP-3.01' => 'http://www.php.net/license/3_01.txt', - ); - - $dir = dir($this->dir); - $fn = unslashify($dir->path) . "/$plugin_name/$plugin_name.php"; - $info = false; - - if (!class_exists($plugin_name, false)) { - if (is_readable($fn)) - include($fn); - else - return false; - } - - if (class_exists($plugin_name)) - $info = $plugin_name::info(); - - // fall back to composer.json file - if (!$info) { - $composer = INSTALL_PATH . "/plugins/$plugin_name/composer.json"; - if (is_readable($composer) && ($json = @json_decode(file_get_contents($composer), true))) { - list($info['vendor'], $info['name']) = explode('/', $json['name']); - $info['version'] = $json['version']; - $info['license'] = $json['license']; - $info['uri'] = $json['homepage']; - $info['require'] = array_filter(array_keys((array)$json['require']), function($pname) { - if (strpos($pname, '/') == false) - return false; - list($vendor, $name) = explode('/', $pname); - return !($name == 'plugin-installer' || $vendor == 'pear-pear'); - }); + static $composer_lock, $license_uris = array( + 'Apache' => 'http://www.apache.org/licenses/LICENSE-2.0.html', + 'Apache-2' => 'http://www.apache.org/licenses/LICENSE-2.0.html', + 'Apache-1' => 'http://www.apache.org/licenses/LICENSE-1.0', + 'Apache-1.1' => 'http://www.apache.org/licenses/LICENSE-1.1', + 'GPL' => 'http://www.gnu.org/licenses/gpl.html', + 'GPLv2' => 'http://www.gnu.org/licenses/gpl-2.0.html', + 'GPL-2.0' => 'http://www.gnu.org/licenses/gpl-2.0.html', + 'GPLv3' => 'http://www.gnu.org/licenses/gpl-3.0.html', + 'GPLv3+' => 'http://www.gnu.org/licenses/gpl-3.0.html', + 'GPL-3.0' => 'http://www.gnu.org/licenses/gpl-3.0.html', + 'GPL-3.0+' => 'http://www.gnu.org/licenses/gpl.html', + 'GPL-2.0+' => 'http://www.gnu.org/licenses/gpl.html', + 'AGPLv3' => 'http://www.gnu.org/licenses/agpl.html', + 'AGPLv3+' => 'http://www.gnu.org/licenses/agpl.html', + 'AGPL-3.0' => 'http://www.gnu.org/licenses/agpl.html', + 'LGPL' => 'http://www.gnu.org/licenses/lgpl.html', + 'LGPLv2' => 'http://www.gnu.org/licenses/lgpl-2.0.html', + 'LGPLv2.1' => 'http://www.gnu.org/licenses/lgpl-2.1.html', + 'LGPLv3' => 'http://www.gnu.org/licenses/lgpl.html', + 'LGPL-2.0' => 'http://www.gnu.org/licenses/lgpl-2.0.html', + 'LGPL-2.1' => 'http://www.gnu.org/licenses/lgpl-2.1.html', + 'LGPL-3.0' => 'http://www.gnu.org/licenses/lgpl.html', + 'LGPL-3.0+' => 'http://www.gnu.org/licenses/lgpl.html', + 'BSD' => 'http://opensource.org/licenses/bsd-license.html', + 'BSD-2-Clause' => 'http://opensource.org/licenses/BSD-2-Clause', + 'BSD-3-Clause' => 'http://opensource.org/licenses/BSD-3-Clause', + 'FreeBSD' => 'http://opensource.org/licenses/BSD-2-Clause', + 'MIT' => 'http://www.opensource.org/licenses/mit-license.php', + 'PHP' => 'http://opensource.org/licenses/PHP-3.0', + 'PHP-3' => 'http://www.php.net/license/3_01.txt', + 'PHP-3.0' => 'http://www.php.net/license/3_0.txt', + 'PHP-3.01' => 'http://www.php.net/license/3_01.txt', + ); + + $dir = dir($this->dir); + $fn = unslashify($dir->path) . "/$plugin_name/$plugin_name.php"; + $info = false; + + if (!class_exists($plugin_name, false)) { + if (is_readable($fn)) { + include($fn); + } + else { + return false; + } } - // read local composer.lock file (once) - if (!isset($composer_lock)) { - $composer_lock = @json_decode(@file_get_contents(INSTALL_PATH . "/composer.lock"), true); - if ($composer_lock['packages']) { - foreach ($composer_lock['packages'] as $i => $package) { - $composer_lock['installed'][$package['name']] = $package; - } - } + if (class_exists($plugin_name)) { + $info = $plugin_name::info(); } - // load additional information from local composer.lock file - if ($lock = $composer_lock['installed'][$json['name']]) { - $info['version'] = $lock['version']; - $info['uri'] = $lock['homepage'] ? $lock['homepage'] : $lock['source']['uri']; - $info['src_uri'] = $lock['dist']['uri'] ? $lock['dist']['uri'] : $lock['source']['uri']; + // fall back to composer.json file + if (!$info) { + $composer = INSTALL_PATH . "/plugins/$plugin_name/composer.json"; + if (is_readable($composer) && ($json = @json_decode(file_get_contents($composer), true))) { + list($info['vendor'], $info['name']) = explode('/', $json['name']); + $info['version'] = $json['version']; + $info['license'] = $json['license']; + $info['uri'] = $json['homepage']; + $info['require'] = array_filter(array_keys((array)$json['require']), function($pname) { + if (strpos($pname, '/') == false) { + return false; + } + list($vendor, $name) = explode('/', $pname); + return !($name == 'plugin-installer' || $vendor == 'pear-pear'); + }); + } + + // read local composer.lock file (once) + if (!isset($composer_lock)) { + $composer_lock = @json_decode(@file_get_contents(INSTALL_PATH . "/composer.lock"), true); + if ($composer_lock['packages']) { + foreach ($composer_lock['packages'] as $i => $package) { + $composer_lock['installed'][$package['name']] = $package; + } + } + } + + // load additional information from local composer.lock file + if ($lock = $composer_lock['installed'][$json['name']]) { + $info['version'] = $lock['version']; + $info['uri'] = $lock['homepage'] ? $lock['homepage'] : $lock['source']['uri']; + $info['src_uri'] = $lock['dist']['uri'] ? $lock['dist']['uri'] : $lock['source']['uri']; + } } - } - - // fall back to package.xml file - if (!$info) { - $package = INSTALL_PATH . "/plugins/$plugin_name/package.xml"; - if (is_readable($package) && ($file = file_get_contents($package))) { - $doc = new DOMDocument(); - $doc->loadXML($file); - $xpath = new DOMXPath($doc); - $xpath->registerNamespace('rc', "http://pear.php.net/dtd/package-2.0"); - - // XPaths of plugin metadata elements - $metadata = array( - 'name' => 'string(//rc:package/rc:name)', - 'version' => 'string(//rc:package/rc:version/rc:release)', - 'license' => 'string(//rc:package/rc:license)', - 'license_uri' => 'string(//rc:package/rc:license/@uri)', - 'src_uri' => 'string(//rc:package/rc:srcuri)', - 'uri' => 'string(//rc:package/rc:uri)', - ); - - foreach ($metadata as $key => $path) { - $info[$key] = $xpath->evaluate($path); - } - - // dependent required plugins (can be used, but not included in config) - $deps = $xpath->evaluate('//rc:package/rc:dependencies/rc:required/rc:package/rc:name'); - for ($i = 0; $i < $deps->length; $i++) { - $dn = $deps->item($i)->nodeValue; - $info['require'][] = $dn; - } + + // fall back to package.xml file + if (!$info) { + $package = INSTALL_PATH . "/plugins/$plugin_name/package.xml"; + if (is_readable($package) && ($file = file_get_contents($package))) { + $doc = new DOMDocument(); + $doc->loadXML($file); + $xpath = new DOMXPath($doc); + $xpath->registerNamespace('rc', "http://pear.php.net/dtd/package-2.0"); + + // XPaths of plugin metadata elements + $metadata = array( + 'name' => 'string(//rc:package/rc:name)', + 'version' => 'string(//rc:package/rc:version/rc:release)', + 'license' => 'string(//rc:package/rc:license)', + 'license_uri' => 'string(//rc:package/rc:license/@uri)', + 'src_uri' => 'string(//rc:package/rc:srcuri)', + 'uri' => 'string(//rc:package/rc:uri)', + ); + + foreach ($metadata as $key => $path) { + $info[$key] = $xpath->evaluate($path); + } + + // dependent required plugins (can be used, but not included in config) + $deps = $xpath->evaluate('//rc:package/rc:dependencies/rc:required/rc:package/rc:name'); + for ($i = 0; $i < $deps->length; $i++) { + $dn = $deps->item($i)->nodeValue; + $info['require'][] = $dn; + } + } } - } - // At least provide the name - if (!$info && class_exists($plugin_name)) { - $info = array('name' => $plugin_name, 'version' => '--'); - } - else if ($info['license'] && empty($info['license_uri']) && ($license_uri = $license_uris[$info['license']])) { - $info['license_uri'] = $license_uri; - } + // At least provide the name + if (!$info && class_exists($plugin_name)) { + $info = array('name' => $plugin_name, 'version' => '--'); + } + else if ($info['license'] && empty($info['license_uri']) && ($license_uri = $license_uris[$info['license']])) { + $info['license_uri'] = $license_uri; + } - return $info; + return $info; } /**
View file
roundcubemail-1.1.tar.gz/program/lib/Roundcube/rcube_text2html.php
Changed
@@ -1,6 +1,6 @@ <?php -/** +/* +-----------------------------------------------------------------------+ | This file is part of the Roundcube Webmail client | | Copyright (C) 2008-2014, The Roundcube Dev Team |
View file
roundcubemail-1.1.tar.gz/program/lib/Roundcube/rcube_washtml.php
Changed
@@ -1,6 +1,6 @@ <?php -/** +/* +-----------------------------------------------------------------------+ | This file is part of the Roundcube Webmail client | | Copyright (C) 2008-2012, The Roundcube Dev Team | @@ -18,7 +18,7 @@ +-----------------------------------------------------------------------+ */ -/** +/* * Washtml, a HTML sanityzer. * * Copyright (c) 2007 Frederic Motte <fmotte@ubixis.com> @@ -244,8 +244,8 @@ $t .= ' ' . $key . '="' . htmlspecialchars($value, ENT_QUOTES) . '"'; } else if ($key == 'style' && ($style = $this->wash_style($value))) { - $quot = strpos($style, '"') !== false ? "'" : '"'; - $t .= ' style=' . $quot . $style . $quot; + // replace double quotes to prevent syntax error and XSS issues (#1490227) + $t .= ' style="' . str_replace('"', '"', $style) . '"'; } else if ($key == 'background' || ($key == 'src' && preg_match('/^(img|source)$/i', $node->tagName))
View file
roundcubemail-1.1.tar.gz/program/steps/addressbook/export.inc
Changed
@@ -133,8 +133,13 @@ foreach ($record as $key => $values) { list($field, $section) = explode(':', $key); - foreach ((array)$values as $value) { - if (is_array($value) || @strlen($value)) { + // avoid casting DateTime objects to array + // (same as in rcube_contacts::convert_save_data()) + if (is_object($values) && is_a($values, 'DateTime')) { + $values = array(0 => $values); + } + foreach ($values as $value) { + if (is_array($value) || is_a($value, 'DateTime') || @strlen($value)) { $vcard->set($field, $value, strtoupper($section)); } }
View file
roundcubemail-1.1.tar.gz/program/steps/addressbook/save.inc
Changed
@@ -226,13 +226,15 @@ $plugin = $RCMAIL->plugins->exec_hook('group_addmembers', array( 'group_id' => $CONTACTS->group_id, 'ids' => $insert_id, 'source' => $source)); - $counts = $CONTACTS->count(); - if (!$plugin['abort']) { - if (($maxnum = $RCMAIL->config->get('max_group_members', 0)) && ($counts->count + 1 > $maxnum)) - $OUTPUT->show_message('maxgroupmembersreached', 'warning', array('max' => $maxnum)); - - $CONTACTS->add_to_group($plugin['group_id'], $plugin['ids']); + if (($maxnum = $RCMAIL->config->get('max_group_members', 0)) && ($CONTACTS->count()->count + 1 > $maxnum)) { + // @FIXME: should we remove the contact? + $msgtext = $RCMAIL->gettext(array('name' => 'maxgroupmembersreached', 'vars' => array('max' => $maxnum))); + $OUTPUT->command('parent.display_message', $msgtext, 'warning'); + } + else { + $CONTACTS->add_to_group($plugin['group_id'], $plugin['ids']); + } } }
View file
roundcubemail-1.1.tar.gz/program/steps/mail/compose.inc
Changed
@@ -419,7 +419,8 @@ 'filedroparea' => 'compose_file_drop_area', 'priorityselector' => 'rcmail_priority_selector', 'editorselector' => 'rcmail_editor_selector', - 'receiptcheckbox' => 'rcmail_receipt_checkbox', + 'receiptcheckbox' => 'rcmail_mdn_checkbox', // deprecated + 'mdncheckbox' => 'rcmail_mdn_checkbox', 'dsncheckbox' => 'rcmail_dsn_checkbox', 'storetarget' => 'rcmail_store_target_selection', 'addressbooks' => 'rcmail_addressbook_list', @@ -780,12 +781,13 @@ unset($plugin); // add blocked.gif attachment (#1486516) - if ($isHtml && preg_match('#<img src="\./program/resources/blocked\.gif"#', $body)) { - if ($attachment = rcmail_save_image('program/resources/blocked.gif', 'image/gif')) { + if ($isHtml && preg_match('#<img src="program/resources/blocked\.gif"#', $body)) { + $content = $RCMAIL->get_resource_content('blocked.gif'); + if ($content && ($attachment = rcmail_save_image('blocked.gif', 'image/gif', $content))) { $COMPOSE['attachments'][$attachment['id']] = $attachment; $url = sprintf('%s&_id=%s&_action=display-attachment&_file=rcmfile%s', $RCMAIL->comm_path, $COMPOSE['id'], $attachment['id']); - $body = preg_replace('#\./program/resources/blocked\.gif#', $url, $body); + $body = preg_replace('#program/resources/blocked\.gif#', $url, $body); } } @@ -1399,18 +1401,31 @@ return false; } -function rcmail_save_image($path, $mimetype='') +function rcmail_save_image($path, $mimetype = '', $data = null) { global $COMPOSE; // handle attachments in memory - $data = file_get_contents($path); + if (empty($data)) { + $data = file_get_contents($path); + $is_file = true; + } + $name = rcmail_basename($path); + if (empty($mimetype)) { + if ($is_file) { + $mimetype = rcube_mime::file_content_type($path, $name); + } + else { + $mimetype = rcube_mime::file_content_type($data, $name, 'application/octet-stream', true); + } + } + $attachment = array( 'group' => $COMPOSE['id'], 'name' => $name, - 'mimetype' => $mimetype ? $mimetype : rcube_mime::file_content_type($path, $name), + 'mimetype' => $mimetype, 'data' => $data, 'size' => strlen($data), ); @@ -1642,7 +1657,7 @@ } -function rcmail_receipt_checkbox($attrib) +function rcmail_mdn_checkbox($attrib) { global $RCMAIL, $MESSAGE, $compose_mode; @@ -1652,13 +1667,13 @@ if (!isset($attrib['id'])) $attrib['id'] = 'receipt'; - $attrib['name'] = '_receipt'; + $attrib['name'] = '_mdn'; $attrib['value'] = '1'; $checkbox = new html_checkbox($attrib); - if (isset($_POST['_receipt'])) - $mdn_default = $_POST['_receipt']; + if (isset($_POST['_mdn'])) + $mdn_default = $_POST['_mdn']; else if (in_array($compose_mode, array(RCUBE_COMPOSE_DRAFT, RCUBE_COMPOSE_EDIT))) $mdn_default = (bool) $MESSAGE->headers->mdn_to; else
View file
roundcubemail-1.1.tar.gz/program/steps/mail/func.inc
Changed
@@ -815,7 +815,7 @@ $wash_opts = array( 'show_washed' => false, 'allow_remote' => $p['safe'], - 'blocked_src' => "./program/resources/blocked.gif", + 'blocked_src' => 'program/resources/blocked.gif', 'charset' => RCUBE_CHARSET, 'cid_map' => $cid_replaces, 'html_elements' => array('body'),
View file
roundcubemail-1.1.tar.gz/program/steps/mail/get.inc
Changed
@@ -183,10 +183,12 @@ // send blocked.gif for expected images if (empty($_REQUEST['_mimewarning']) && strpos($mimetype, 'image/') === 0) { // Do not cache. Failure might be the result of a misconfiguration, thus real content should be returned once fixed. + $content = $RCMAIL->get_resource_content('blocked.gif'); $OUTPUT->nocacheing_headers(); header("Content-Type: image/gif"); header("Content-Transfer-Encoding: binary"); - readfile(INSTALL_PATH . 'program/resources/blocked.gif'); + header("Content-Length: " . strlen($content)); + echo $content; } else { // html warning with a button to load the file anyway $OUTPUT = new rcmail_html_page();
View file
roundcubemail-1.1.tar.gz/program/steps/mail/sendmail.inc
Changed
@@ -144,7 +144,7 @@ $http_header .= $nldlm . ' via '; } - $host = $_SERVER['REMOTE_ADDR']; + $host = $_SERVER['REMOTE_ADDR']; $hostname = gethostbyaddr($host); if ($encrypt) { @@ -171,7 +171,7 @@ $headers['Date'] = $RCMAIL->user_date(); $headers['From'] = rcube_charset::convert($from_string, RCUBE_CHARSET, $message_charset); -$headers['To'] = $mailto; +$headers['To'] = $mailto; // additional recipients if (!empty($mailcc)) { @@ -188,6 +188,10 @@ } } +$dont_override = (array) $RCMAIL->config->get('dont_override'); +$mdn_enabled = in_array('mdn_default', $dont_override) ? $RCMAIL->config->get('mdn_default') : !empty($_POST['_mdn']); +$dsn_enabled = in_array('dsn_default', $dont_override) ? $RCMAIL->config->get('dsn_default') : !empty($_POST['_dsn']); + // add subject $headers['Subject'] = trim(rcube_utils::get_input_value('_subject', rcube_utils::INPUT_POST, TRUE, $message_charset)); @@ -228,7 +232,7 @@ } } -if (!empty($_POST['_receipt'])) { +if ($mdn_enabled) { $headers['Return-Receipt-To'] = $from_string; $headers['Disposition-Notification-To'] = $from_string; } @@ -520,9 +524,7 @@ } // Handle Delivery Status Notification request - if (!empty($_POST['_dsn'])) { - $smtp_opts['dsn'] = true; - } + $smtp_opts['dsn'] = $dsn_enabled; $sent = $RCMAIL->deliver_message($MAIL_MIME, $from, $mailto, $smtp_error, $mailbody_file, $smtp_opts); @@ -564,8 +566,10 @@ $store_target = $drafts_mbox; } else if (!$RCMAIL->config->get('no_save_sent_messages')) { - $store_target = rcube_utils::get_input_value('_store_target', rcube_utils::INPUT_POST); - if (!strlen($store_target)) { + if (isset($_POST['_store_target'])) { + $store_target = rcube_utils::get_input_value('_store_target', rcube_utils::INPUT_POST); + } + else { $store_target = $RCMAIL->config->get('sent_mbox'); } }
View file
roundcubemail-1.1.tar.gz/program/steps/settings/edit_identity.inc
Changed
@@ -109,6 +109,11 @@ $IDENTITY_RECORD['signature'] = htmlspecialchars($IDENTITY_RECORD['signature'], ENT_NOQUOTES, RCUBE_CHARSET); } + // hide "default" checkbox if only one identity is allowed + if (IDENTITIES_LEVEL > 1) { + unset($form['addressing']['content']['standard']); + } + // disable some field according to access level if (IDENTITIES_LEVEL == 1 || IDENTITIES_LEVEL == 3) { $form['addressing']['content']['email']['disabled'] = true;
View file
roundcubemail-1.1.tar.gz/program/steps/settings/save_identity.inc
Changed
@@ -49,6 +49,11 @@ } } +// make the identity a "default" if only one identity is allowed +if (IDENTITIES_LEVEL > 1) { + $save_data['standard'] = 1; +} + // unset email address if user has no rights to change it if (IDENTITIES_LEVEL == 1 || IDENTITIES_LEVEL == 3) { unset($save_data['email']);
View file
roundcubemail-1.1.tar.gz/skins/classic/common.css
Changed
@@ -156,6 +156,11 @@ color: #999999; } +.voice +{ + display: none; +} + /* fixes vertical alignment of checkboxes and labels */ label input, label span
View file
roundcubemail-1.1.tar.gz/skins/classic/templates/compose.html
Changed
@@ -174,11 +174,13 @@ <div id="composeoptionsmenu" class="popupmenu"> <table> + <roundcube:if condition="!in_array('mdn_default', (array)config:dont_override)" /> <tr> <td><label for="rcmcomposereceipt"><roundcube:label name="returnreceipt" />:</label></td> - <td><roundcube:object name="receiptCheckBox" form="form" id="rcmcomposereceipt" /></td> + <td><roundcube:object name="mdnCheckBox" form="form" id="rcmcomposereceipt" /></td> </tr> - <roundcube:if condition="config:smtp_server != ''" /> + <roundcube:endif /> + <roundcube:if condition="config:smtp_server != '' and !in_array('dsn_default', (array)config:dont_override)" /> <tr> <td><label for="rcmcomposedsn"><roundcube:label name="dsn" />:</label></td> <td><roundcube:object name="dsnCheckBox" form="form" id="rcmcomposedsn" /></td>
View file
roundcubemail-1.1.tar.gz/skins/larry/templates/compose.html
Changed
@@ -146,10 +146,12 @@ <label for="rcmcomposepriority"><roundcube:label name="priority" /> <roundcube:object name="prioritySelector" form="form" id="rcmcomposepriority" tabindex="4" /></label> </span> + <roundcube:if condition="!in_array('mdn_default', (array)config:dont_override)" /> <span class="composeoption"> - <label><roundcube:object name="receiptCheckBox" form="form" id="rcmcomposereceipt" tabindex="4" /> <roundcube:label name="returnreceipt" /></label> + <label><roundcube:object name="mdnCheckBox" form="form" id="rcmcomposereceipt" tabindex="4" /> <roundcube:label name="returnreceipt" /></label> </span> - <roundcube:if condition="config:smtp_server != ''" /> + <roundcube:endif /> + <roundcube:if condition="config:smtp_server != '' and !in_array('dsn_default', (array)config:dont_override)" /> <span class="composeoption"> <label><roundcube:object name="dsnCheckBox" form="form" id="rcmcomposedsn" tabindex="4" /> <roundcube:label name="dsn" /></label> </span>
View file
roundcubemail-1.1.tar.gz/tests/Framework/Washtml.php
Changed
@@ -159,7 +159,7 @@ $washer = new rcube_washtml; $washed = $washer->wash($html); - $this->assertRegExp('|style=\'font-family: "新細明體","serif"; color: red\'|', $washed, "Unicode chars in style attribute - quoted (#1489697)"); + $this->assertRegExp('|style="font-family: \"新細明體\",\"serif\"; color: red"|', $washed, "Unicode chars in style attribute - quoted (#1489697)"); $html = "<html><meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" /> <body><span style='font-family:新細明體;color:red'>test</span></body></html>"; @@ -183,4 +183,26 @@ $this->assertRegExp('|line-height: 1;|', $washed, "Untouched line-height (#1489917)"); $this->assertRegExp('|; height: 10px|', $washed, "Fixed height units"); } + + /** + * Test invalid style cleanup - XSS prevention (#1490227) + */ + function test_style_wash_xss() + { + $html = "<img style=aaa:'\"/onerror=alert(1)//'>"; + $exp = "<img style=\"aaa: '"/onerror=alert(1)//'\" />"; + + $washer = new rcube_washtml; + $washed = $washer->wash($html); + + $this->assertTrue(strpos($washed, $exp) !== false, "Style quotes XSS issue (#1490227)"); + + $html = "<img style=aaa:'"/onerror=alert(1)//'>"; + $exp = "<img style=\"aaa: '"/onerror=alert(1)//'\" />"; + + $washer = new rcube_washtml; + $washed = $washer->wash($html); + + $this->assertTrue(strpos($washed, $exp) !== false, "Style quotes XSS issue (#1490227)"); + } }
View file
roundcubemail-1.1.tar.gz/tests/MailFunc.php
Changed
@@ -45,7 +45,7 @@ $html = rcmail_html4inline(rcmail_print_body($part->body, $part, array('safe' => false)), 'foo'); $this->assertRegExp('/src="'.$part->replaces['ex1.jpg'].'"/', $html, "Replace reference to inline image"); - $this->assertRegExp('#background="./program/resources/blocked.gif"#', $html, "Replace external background image"); + $this->assertRegExp('#background="program/resources/blocked.gif"#', $html, "Replace external background image"); $this->assertNotRegExp('/ex3.jpg/', $html, "No references to external images"); $this->assertNotRegExp('/<meta [^>]+>/', $html, "No meta tags allowed"); //$this->assertNoPattern('/<style [^>]+>/', $html, "No style tags allowed");
View file
roundcubemail.dsc
Changed
@@ -2,7 +2,7 @@ Source: roundcubemail Binary: roundcubemail Architecture: all -Version: 1:1.1~dev20150101-0~kolab2 +Version: 1:1.1~dev20150114-0~kolab1 Maintainer: Debian Roundcube Maintainers <pkg-roundcube-maintainers@lists.alioth.debian.org> Uploaders: Vincent Bernat <bernat@debian.org>, Romain Beauxis <toots@rastageeks.org>, Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>, Paul Klos <kolab@klos2day.nl> Homepage: http://www.roundcube.net/
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.