- Applied fixes from trunk
| | |
| | | CHANGELOG Roundcube Webmail |
| | | =========================== |
| | | |
| | | - Stateless request tokens. No keep-alive necessary on login page (#1487829) |
| | | - PEAR::Net_SMTP 1.5.1 |
| | | - Force names of unique constraints in PostgreSQL DDL |
| | | - Add code for prevention from IMAP connection hangs when server closes socket unexpectedly |
| | |
| | | |
| | | // check client X-header to verify request origin |
| | | if ($OUTPUT->ajax_call) { |
| | | if (rc_request_header('X-Roundcube-Request') != $RCMAIL->get_request_token()) { |
| | | if (rc_request_header('X-Roundcube-Request') != $RCMAIL->get_request_token() && !$RCMAIL->config->get('devel_mode')) { |
| | | header('HTTP/1.1 404 Not Found'); |
| | | die("Invalid Request"); |
| | | } |
| | |
| | | */ |
| | | public function get_request_token() |
| | | { |
| | | $key = $this->task; |
| | | |
| | | if (!$_SESSION['request_tokens'][$key]) |
| | | $_SESSION['request_tokens'][$key] = md5(uniqid($key . mt_rand(), true)); |
| | | |
| | | return $_SESSION['request_tokens'][$key]; |
| | | $sess_id = $_COOKIE[ini_get('session.name')]; |
| | | if (!$sess_id) $sess_id = session_id(); |
| | | return md5('RT' . $this->task . $this->config->get('des_key') . $sess_id); |
| | | } |
| | | |
| | | |
| | |
| | | public function check_request($mode = RCUBE_INPUT_POST) |
| | | { |
| | | $token = get_input_value('_token', $mode); |
| | | return !empty($token) && $_SESSION['request_tokens'][$this->task] == $token; |
| | | $sess_id = $_COOKIE[ini_get('session.name')]; |
| | | return !empty($sess_id) && $token == $this->get_request_token(); |
| | | } |
| | | |
| | | |
| | |
| | | $this->ns4 = strstr($HTTP_USER_AGENT, 'mozilla/4') && !strstr($HTTP_USER_AGENT, 'msie'); |
| | | $this->ns = ($this->ns4 || strstr($HTTP_USER_AGENT, 'netscape')); |
| | | $this->ie = !$this->opera && strstr($HTTP_USER_AGENT, 'compatible; msie'); |
| | | $this->mz = strstr($HTTP_USER_AGENT, 'mozilla/5'); |
| | | $this->mz = !$this->ie && strstr($HTTP_USER_AGENT, 'mozilla/5'); |
| | | $this->chrome = strstr($HTTP_USER_AGENT, 'chrome'); |
| | | $this->khtml = strstr($HTTP_USER_AGENT, 'khtml'); |
| | | $this->safari = !$this->chrome && ($this->khtml || strstr($HTTP_USER_AGENT, 'safari')); |
| | |
| | | 'cs_CZ' => 'Czech (Česky)', |
| | | 'da_DK' => 'Danish (Dansk)', |
| | | 'fa_AF' => 'Dari (ﻯﺭﺩ)', |
| | | 'de_DE' => 'Deutsch (Deutsch)', |
| | | 'de_CH' => 'Deutsch (Schweiz)', |
| | | 'de_DE' => 'German (Deutsch)', |
| | | 'de_CH' => 'German (Schweiz)', |
| | | 'nl_NL' => 'Dutch (Nederlands)', |
| | | 'en_GB' => 'English (GB)', |
| | | 'en_US' => 'English (US)', |
| | |
| | | } |
| | | |
| | | $data = file_get_contents('php://input'); |
| | | // Google has some problem with spaces, use \n instead |
| | | $data = str_replace(' ', "\n", $data); |
| | | $store = ""; |
| | | |
| | | if ($fp = fsockopen($host, $port, $errno, $errstr, 30)) |
| | |
| | | $path = $a_uri['path'] . ($a_uri['query'] ? '?'.$a_uri['query'] : '') . $lang; |
| | | } |
| | | |
| | | $wordstr = implode(' ', (array) $data); |
| | | $wordstr = implode("\n", (array) $data); |
| | | $data = '<?xml version="1.0" encoding="utf-8" ?>' |
| | | .'<spellrequest textalreadyclipped="0" ignoredups="0" ignoredigits="1" ignoreallcaps="1">' |
| | | .'<text>' . $wordstr . '</text>' |