Fix bug where serialized strings were truncated in PDO::quote() (#1489142)
Conflicts:
CHANGELOG
program/lib/Roundcube/rcube_cache_shared.php
| | |
| | | CHANGELOG Roundcube Webmail |
| | | =========================== |
| | | |
| | | - Fix bug where serialized strings were truncated in PDO::quote() (#1489142) |
| | | - Fix displaying messages with invalid self-closing HTML tags (#1489137) |
| | | - Fix PHP warning when responding to a message with many Return-Path headers (#1489136) |
| | | - Fix unintentional compose window resize (#1489114) |
| | |
| | | */ |
| | | function write($key, $data) |
| | | { |
| | | return $this->write_record($key, $this->packed ? serialize($data) : $data); |
| | | return $this->write_record($key, $this->serialize($data)); |
| | | } |
| | | |
| | | |
| | |
| | | if ($this->cache_changes[$key]) { |
| | | // Make sure we're not going to write unchanged data |
| | | // by comparing current md5 sum with the sum calculated on DB read |
| | | $data = $this->packed ? serialize($data) : $data; |
| | | $data = $this->serialize($data); |
| | | |
| | | if (!$this->cache_sums[$key] || $this->cache_sums[$key] != md5($data)) { |
| | | $this->write_record($key, $data); |
| | |
| | | |
| | | if ($data) { |
| | | $md5sum = md5($data); |
| | | $data = $this->packed ? unserialize($data) : $data; |
| | | $data = $this->unserialize($data); |
| | | |
| | | if ($nostore) { |
| | | return $data; |
| | |
| | | $key = substr($sql_arr['cache_key'], strlen($this->prefix)+1); |
| | | $md5sum = $sql_arr['data'] ? md5($sql_arr['data']) : null; |
| | | if ($sql_arr['data']) { |
| | | $data = $this->packed ? unserialize($sql_arr['data']) : $sql_arr['data']; |
| | | $data = $this->unserialize($sql_arr['data']); |
| | | } |
| | | |
| | | if ($nostore) { |
| | |
| | | * @param string $key Cache key name or pattern |
| | | * @param boolean $prefix_mode Enable it to clear all keys starting |
| | | * with prefix specified in $key |
| | | * |
| | | */ |
| | | private function remove_record($key=null, $prefix_mode=false) |
| | | { |
| | |
| | | // This way each cache will have its own index |
| | | return sprintf('%d:%s%s', $this->userid, $this->prefix, 'INDEX'); |
| | | } |
| | | |
| | | /** |
| | | * Serializes data for storing |
| | | */ |
| | | private function serialize($data) |
| | | { |
| | | if ($this->type == 'db') { |
| | | return $this->db->encode($data, $this->packed); |
| | | } |
| | | |
| | | return $this->packed ? serialize($data) : $data; |
| | | } |
| | | |
| | | /** |
| | | * Unserializes serialized data |
| | | */ |
| | | private function unserialize($data) |
| | | { |
| | | if ($this->type == 'db') { |
| | | return $this->db->decode($data, $this->packed); |
| | | } |
| | | |
| | | return $this->packed ? @unserialize($data) : $data; |
| | | } |
| | | } |
| | |
| | | /** |
| | | * Encodes non-UTF-8 characters in string/array/object (recursive) |
| | | * |
| | | * @param mixed $input Data to fix |
| | | * @param mixed $input Data to fix |
| | | * @param bool $serialized Enable serialization |
| | | * |
| | | * @return mixed Properly UTF-8 encoded data |
| | | */ |
| | | public static function encode($input) |
| | | public static function encode($input, $serialized = false) |
| | | { |
| | | // use Base64 encoding to workaround issues with invalid |
| | | // or null characters in serialized string (#1489142) |
| | | if ($serialized) { |
| | | return base64_encode(serialize($input)); |
| | | } |
| | | |
| | | if (is_object($input)) { |
| | | foreach (get_object_vars($input) as $idx => $value) { |
| | | $input->$idx = self::encode($value); |
| | |
| | | foreach ($input as $idx => $value) { |
| | | $input[$idx] = self::encode($value); |
| | | } |
| | | |
| | | return $input; |
| | | } |
| | | |
| | |
| | | /** |
| | | * Decodes encoded UTF-8 string/object/array (recursive) |
| | | * |
| | | * @param mixed $input Input data |
| | | * @param mixed $input Input data |
| | | * @param bool $serialized Enable serialization |
| | | * |
| | | * @return mixed Decoded data |
| | | */ |
| | | public static function decode($input) |
| | | public static function decode($input, $serialized = false) |
| | | { |
| | | if ($serialized) { |
| | | // use Base64 encoding to workaround issues with invalid |
| | | // or null characters in serialized string (#1489142) |
| | | return @unserialize(base64_decode($input)); |
| | | } |
| | | |
| | | if (is_object($input)) { |
| | | foreach (get_object_vars($input) as $idx => $value) { |
| | | $input->$idx = self::decode($value); |
| | |
| | | } |
| | | |
| | | unset($msg->flags); |
| | | $msg = serialize($this->db->encode($msg)); |
| | | $msg = $this->db->encode($msg, true); |
| | | |
| | | // update cache record (even if it exists, the update |
| | | // here will work as select, assume row exist if affected_rows=0) |
| | |
| | | |
| | | if ($sql_arr = $this->db->fetch_assoc($sql_result)) { |
| | | $data = explode('@', $sql_arr['data']); |
| | | $index = @unserialize($data[0]); |
| | | $index = $this->db->decode($data[0], true); |
| | | unset($data[0]); |
| | | |
| | | if (empty($index)) { |
| | |
| | | |
| | | if ($sql_arr = $this->db->fetch_assoc($sql_result)) { |
| | | $data = explode('@', $sql_arr['data']); |
| | | $thread = @unserialize($data[0]); |
| | | $thread = $this->db->decode($data[0], true); |
| | | unset($data[0]); |
| | | |
| | | if (empty($thread)) { |
| | |
| | | $data, $mbox_data = array(), $exists = false, $modseq = null) |
| | | { |
| | | $data = array( |
| | | serialize($data), |
| | | $this->db->encode($data, true), |
| | | $sort_field, |
| | | (int) $this->skip_deleted, |
| | | (int) $mbox_data['UIDVALIDITY'], |
| | |
| | | private function add_thread_row($mailbox, $data, $mbox_data = array(), $exists = false) |
| | | { |
| | | $data = array( |
| | | serialize($data), |
| | | $this->db->encode($data, true), |
| | | (int) $this->skip_deleted, |
| | | (int) $mbox_data['UIDVALIDITY'], |
| | | (int) $mbox_data['UIDNEXT'], |
| | |
| | | */ |
| | | private function build_message($sql_arr) |
| | | { |
| | | $message = $this->db->decode(unserialize($sql_arr['data'])); |
| | | $message = $this->db->decode($sql_arr['data'], true); |
| | | |
| | | if ($message) { |
| | | $message->flags = array(); |