githubFork/roundcubemail.git

parent: 4ef242af | patch | commit | ignore whitespace

alecpl

2011-02-16 1a2754d18ca079ea55e4c272d7cdc9dc33c00179

- Applied fixes from trunk

5 files modified

	CHANGELOG	3 ●●●●● patch \| view \| raw \| blame \| history
	program/include/main.inc	33 ●●●●● patch \| view \| raw \| blame \| history
	program/include/rcmail.php	6 ●●●●● patch \| view \| raw \| blame \| history
	program/include/rcube_imap_generic.php	32 ●●●●● patch \| view \| raw \| blame \| history
	program/include/rcube_user.php	9 ●●●●● patch \| view \| raw \| blame \| history

 CHANGELOG

@@ -1,6 +1,9 @@
CHANGELOG Roundcube Webmail
===========================

- Fix SQL query in rcube_user::query() so it uses index on MySQL again
- Use only one from IMAP authentication methods to prevent login delays (1487784)
- Fix strftime format support in date_today option
- Removed redundant </form> tags from contact add/edit pages
- Fix CSS error in contact details screen on IE7 (#1487775)


 program/include/main.inc

@@ -975,7 +975,7 @@
 * @return string Formatted date string
 */
function format_date($date, $format=NULL)
  {
{
  global $CONFIG;
  
  $ts = NULL;
@@ -999,7 +999,7 @@

  if (empty($ts))
    return '';
   

  // get user's timezone
  if ($CONFIG['timezone'] === 'auto')
    $tz = isset($_SESSION['timezone']) ? $_SESSION['timezone'] : date('Z')/3600;
@@ -1011,7 +1011,7 @@

  // convert time to user's timezone
  $timestamp = $ts - date('Z', $ts) + ($tz * 3600);
  

  // get current timestamp in user's timezone
  $now = time();  // local time
  $now -= (int)date('Z'); // make GMT time
@@ -1019,30 +1019,33 @@
  $now_date = getdate($now);

  $today_limit = mktime(0, 0, 0, $now_date['mon'], $now_date['mday'], $now_date['year']);
  $week_limit = mktime(0, 0, 0, $now_date['mon'], $now_date['mday']-6, $now_date['year']);
  $week_limit  = mktime(0, 0, 0, $now_date['mon'], $now_date['mday']-6, $now_date['year']);

  // define date format depending on current time
  if (!$format) {
    if ($CONFIG['prettydate'] && $timestamp > $today_limit && $timestamp < $now)
      return sprintf('%s %s', rcube_label('today'), date($CONFIG['date_today'] ? $CONFIG['date_today'] : 'H:i', $timestamp));
    if ($CONFIG['prettydate'] && $timestamp > $today_limit && $timestamp < $now) {
      $format = $CONFIG['date_today'] ? $CONFIG['date_today'] : 'H:i';
      $today  = true;
    }
    else if ($CONFIG['prettydate'] && $timestamp > $week_limit && $timestamp < $now)
      $format = $CONFIG['date_short'] ? $CONFIG['date_short'] : 'D H:i';
    else
      $format = $CONFIG['date_long'] ? $CONFIG['date_long'] : 'd.m.Y H:i';
    }
  }

  // strftime() format
  if (preg_match('/%[a-z]+/i', $format))
    return strftime($format, $timestamp);
  if (preg_match('/%[a-z]+/i', $format)) {
    $format = strftime($format, $timestamp);
    return $today ? (rcube_label('today') . ' ' . $format) : $format;
  }

  // parse format string manually in order to provide localized weekday and month names
  // an alternative would be to convert the date() format string to fit with strftime()
  $out = '';
  for($i=0; $i<strlen($format); $i++)
    {
  for($i=0; $i<strlen($format); $i++) {
    if ($format{$i}=='\\')  // skip escape chars
      continue;
    

    // write char "as-is"
    if ($format{$i}==' ' || $format{$i-1}=='\\')
      $out .= $format{$i};
@@ -1062,11 +1065,11 @@
      $out .= strftime('%x %X', $timestamp);
    else
      $out .= date($format{$i}, $timestamp);
    }
  
  return $out;
  }

  return $today ? (rcube_label('today') . ' ' . $out) : $out;
}


/**
 * Compose a valid representation of name and e-mail address

 program/include/rcmail.php

@@ -1071,9 +1071,6 @@
   */
  public function shutdown()
  {
    if (is_object($this->imap))
      $this->imap->close();

    if (is_object($this->smtp))
      $this->smtp->disconnect();

@@ -1198,6 +1195,9 @@
      }
    }

    if (is_object($this->imap))
      $this->imap->close();

    return $base64 ? base64_encode($cipher) : $cipher;
  }


 program/include/rcube_imap_generic.php

@@ -757,6 +757,13 @@
                // Now we're secure, capabilities need to be reread
                $this->clearCapability();
            }

            // Use best (for security) supported authentication method
            foreach (array('DIGEST-MD5', 'CRAM-MD5', 'CRAM_MD5', 'PLAIN', 'LOGIN') as $auth_method) {
                if (in_array($auth_method, $auth_methods)) {
                    break;
                }
            }
        }

        // Send ID info
@@ -782,6 +789,13 @@
            else if (!$login_disabled) {
                $auth_methods[] = 'LOGIN';
            }


            // Use best (for security) supported authentication method

            foreach (array('DIGEST-MD5', 'CRAM-MD5', 'CRAM_MD5', 'PLAIN', 'LOGIN') as $auth_method) {

                if (in_array($auth_method, $auth_methods)) {

                    break;

                }

            }

        }
        else {
            // Prevent from sending credentials in plain text when connection is not secure
@@ -791,32 +805,28 @@
                return false;
            }
            // replace AUTH with CRAM-MD5 for backward compat.
            $auth_methods[] = $auth_method == 'AUTH' ? 'CRAM-MD5' : $auth_method;
            if ($auth_method == 'AUTH') {
                $auth_method = 'CRAM-MD5';
            }
        }

        // pre-login capabilities can be not complete
        $this->capability_readed = false;

        // Authenticate
        foreach ($auth_methods as $method) {
            switch ($method) {
        switch ($auth_method) {
            case 'CRAM_MD5':
                $method = 'CRAM-MD5';
                $auth_method = 'CRAM-MD5';
            case 'CRAM-MD5':
            case 'DIGEST-MD5':
            case 'PLAIN':
                $result = $this->authenticate($user, $password, $method);
                $result = $this->authenticate($user, $password, $auth_method);
                break;
            case 'LOGIN':
                $result = $this->login($user, $password);
                break;
            default:
                $this->setError(self::ERROR_BAD, "Configuration error. Unknown auth method: $method");
            }

            if (is_resource($result)) {
                break;
            }
                $this->setError(self::ERROR_BAD, "Configuration error. Unknown auth method: $auth_method");
        }

        // Connected and authenticated

 program/include/rcube_user.php

@@ -359,16 +359,15 @@
        $dbh = rcmail::get_instance()->get_dbh();

        // use BINARY (case-sensitive) comparison on MySQL, other engines are case-sensitive
        $prefix = preg_match('/^mysql/', $dbh->db_provider) ? 'BINARY ' : '';
        $mod = preg_match('/^mysql/', $dbh->db_provider) ? 'BINARY' : '';

        // query for matching user name
        $query = "SELECT * FROM ".get_table_name('users')." WHERE mail_host = ? AND %s = ?";

        $sql_result = $dbh->query(sprintf($query, $prefix.'username'), $host, $user);
        $query = "SELECT * FROM ".get_table_name('users')." WHERE mail_host = ? AND %s = $mod ?";
        $sql_result = $dbh->query(sprintf($query, 'username'), $host, $user);

        // query for matching alias
        if (!($sql_arr = $dbh->fetch_assoc($sql_result))) {
            $sql_result = $dbh->query(sprintf($query, $prefix.'alias'), $host, $user);
            $sql_result = $dbh->query(sprintf($query, 'alias'), $host, $user);
            $sql_arr = $dbh->fetch_assoc($sql_result);
        }

			@@ -1,6 +1,9 @@
			CHANGELOG Roundcube Webmail
			===========================

			- Fix SQL query in rcube_user::query() so it uses index on MySQL again
			- Use only one from IMAP authentication methods to prevent login delays (1487784)
			- Fix strftime format support in date_today option
			- Removed redundant </form> tags from contact add/edit pages
			- Fix CSS error in contact details screen on IE7 (#1487775)

			@@ -975,7 +975,7 @@
			* @return string Formatted date string
			*/
			function format_date($date, $format=NULL)
			{
			{
			global $CONFIG;

			$ts = NULL;
			@@ -999,7 +999,7 @@

			if (empty($ts))
			return '';


			// get user's timezone
			if ($CONFIG['timezone'] === 'auto')
			$tz = isset($_SESSION['timezone']) ? $_SESSION['timezone'] : date('Z')/3600;
			@@ -1011,7 +1011,7 @@

			// convert time to user's timezone
			$timestamp = $ts - date('Z', $ts) + ($tz * 3600);


			// get current timestamp in user's timezone
			$now = time(); // local time
			$now -= (int)date('Z'); // make GMT time
			@@ -1019,30 +1019,33 @@
			$now_date = getdate($now);

			$today_limit = mktime(0, 0, 0, $now_date['mon'], $now_date['mday'], $now_date['year']);
			$week_limit = mktime(0, 0, 0, $now_date['mon'], $now_date['mday']-6, $now_date['year']);
			$week_limit = mktime(0, 0, 0, $now_date['mon'], $now_date['mday']-6, $now_date['year']);

			// define date format depending on current time
			if (!$format) {
			if ($CONFIG['prettydate'] && $timestamp > $today_limit && $timestamp < $now)
			return sprintf('%s %s', rcube_label('today'), date($CONFIG['date_today'] ? $CONFIG['date_today'] : 'H:i', $timestamp));
			if ($CONFIG['prettydate'] && $timestamp > $today_limit && $timestamp < $now) {
			$format = $CONFIG['date_today'] ? $CONFIG['date_today'] : 'H:i';
			$today = true;
			}
			else if ($CONFIG['prettydate'] && $timestamp > $week_limit && $timestamp < $now)
			$format = $CONFIG['date_short'] ? $CONFIG['date_short'] : 'D H:i';
			else
			$format = $CONFIG['date_long'] ? $CONFIG['date_long'] : 'd.m.Y H:i';
			}
			}

			// strftime() format
			if (preg_match('/%[a-z]+/i', $format))
			return strftime($format, $timestamp);
			if (preg_match('/%[a-z]+/i', $format)) {
			$format = strftime($format, $timestamp);
			return $today ? (rcube_label('today') . ' ' . $format) : $format;
			}

			// parse format string manually in order to provide localized weekday and month names
			// an alternative would be to convert the date() format string to fit with strftime()
			$out = '';
			for($i=0; $i<strlen($format); $i++)
			{
			for($i=0; $i<strlen($format); $i++) {
			if ($format{$i}=='\\') // skip escape chars
			continue;


			// write char "as-is"
			if ($format{$i}==' ' \|\| $format{$i-1}=='\\')
			$out .= $format{$i};
			@@ -1062,11 +1065,11 @@
			$out .= strftime('%x %X', $timestamp);
			else
			$out .= date($format{$i}, $timestamp);
			}

			return $out;
			}

			return $today ? (rcube_label('today') . ' ' . $out) : $out;
			}


			/**
			* Compose a valid representation of name and e-mail address

			@@ -1071,9 +1071,6 @@
			*/
			public function shutdown()
			{
			if (is_object($this->imap))
			$this->imap->close();

			if (is_object($this->smtp))
			$this->smtp->disconnect();

			@@ -1198,6 +1195,9 @@
			}
			}

			if (is_object($this->imap))
			$this->imap->close();

			return $base64 ? base64_encode($cipher) : $cipher;
			}

			@@ -757,6 +757,13 @@
			// Now we're secure, capabilities need to be reread
			$this->clearCapability();
			}

			// Use best (for security) supported authentication method
			foreach (array('DIGEST-MD5', 'CRAM-MD5', 'CRAM_MD5', 'PLAIN', 'LOGIN') as $auth_method) {
			if (in_array($auth_method, $auth_methods)) {
			break;
			}
			}
			}

			// Send ID info
			@@ -782,6 +789,13 @@
			else if (!$login_disabled) {
			$auth_methods[] = 'LOGIN';
			}

			// Use best (for security) supported authentication method
			foreach (array('DIGEST-MD5', 'CRAM-MD5', 'CRAM_MD5', 'PLAIN', 'LOGIN') as $auth_method) {
			if (in_array($auth_method, $auth_methods)) {
			break;
			}
			}
			}
			else {
			// Prevent from sending credentials in plain text when connection is not secure
			@@ -791,32 +805,28 @@
			return false;
			}
			// replace AUTH with CRAM-MD5 for backward compat.
			$auth_methods[] = $auth_method == 'AUTH' ? 'CRAM-MD5' : $auth_method;
			if ($auth_method == 'AUTH') {
			$auth_method = 'CRAM-MD5';
			}
			}

			// pre-login capabilities can be not complete
			$this->capability_readed = false;

			// Authenticate
			foreach ($auth_methods as $method) {
			switch ($method) {
			switch ($auth_method) {
			case 'CRAM_MD5':
			$method = 'CRAM-MD5';
			$auth_method = 'CRAM-MD5';
			case 'CRAM-MD5':
			case 'DIGEST-MD5':
			case 'PLAIN':
			$result = $this->authenticate($user, $password, $method);
			$result = $this->authenticate($user, $password, $auth_method);
			break;
			case 'LOGIN':
			$result = $this->login($user, $password);
			break;
			default:
			$this->setError(self::ERROR_BAD, "Configuration error. Unknown auth method: $method");
			}

			if (is_resource($result)) {
			break;
			}
			$this->setError(self::ERROR_BAD, "Configuration error. Unknown auth method: $auth_method");
			}

			// Connected and authenticated

			@@ -359,16 +359,15 @@
			$dbh = rcmail::get_instance()->get_dbh();

			// use BINARY (case-sensitive) comparison on MySQL, other engines are case-sensitive
			$prefix = preg_match('/^mysql/', $dbh->db_provider) ? 'BINARY ' : '';
			$mod = preg_match('/^mysql/', $dbh->db_provider) ? 'BINARY' : '';

			// query for matching user name
			$query = "SELECT * FROM ".get_table_name('users')." WHERE mail_host = ? AND %s = ?";

			$sql_result = $dbh->query(sprintf($query, $prefix.'username'), $host, $user);
			$query = "SELECT * FROM ".get_table_name('users')." WHERE mail_host = ? AND %s = $mod ?";
			$sql_result = $dbh->query(sprintf($query, 'username'), $host, $user);

			// query for matching alias
			if (!($sql_arr = $dbh->fetch_assoc($sql_result))) {
			$sql_result = $dbh->query(sprintf($query, $prefix.'alias'), $host, $user);
			$sql_result = $dbh->query(sprintf($query, 'alias'), $host, $user);
			$sql_arr = $dbh->fetch_assoc($sql_result);
			}