Roundcubemail devel
parent: de9497ce | patch | commit | ignore whitespace
Aleksander Machniak
2012-08-15 b7c84a1bb82a8446241517577875afd5f9c3a26c 
Fix lower-casing email address on replies (#1488598)
3 files modified
33 ■■■■ changed files
CHANGELOG 1 ●●●● patch | view | raw | blame | history
program/include/rcube_shared.inc 23 ●●●●● patch | view | raw | blame | history
program/steps/mail/compose.inc 9 ●●●●● patch | view | raw | blame | history 
 CHANGELOG


@@ -1,6 +1,7 @@


CHANGELOG Roundcube Webmail


===========================




- Fix lower-casing email address on replies (#1488598)


- Fix line separator in exported messages (#1488603)


- Fix XSS issue where plain signatures wasn't secured in HTML mode (#1488613)


- Fix XSS issue where href="javascript:" wasn't secured (#1488613)




 program/include/rcube_shared.inc


@@ -470,6 +470,29 @@






/**


 * Format e-mail address


 *


 * @param string $email E-mail address


 *


 * @return string Formatted e-mail address


 */


function format_email($email)


{


    $email = trim($email);


    $parts = explode('@', $email);


    $count = count($parts);




    if ($count > 1) {


        $parts[$count-1] = mb_strtolower($parts[$count-1]);




        $email = implode('@', $parts);


    }




    return $email;


}






/**


 * mbstring replacement functions


 */






 program/steps/mail/compose.inc


@@ -255,7 +255,8 @@


if (count($MESSAGE->identities))


{


  foreach ($MESSAGE->identities as $idx => $ident) {


    $email = mb_strtolower(rcube_idn_to_utf8($ident['email']));


    $ident['email'] = format_email($ident['email']);


    $email = format_email(rcube_idn_to_utf8($ident['email']));




    $MESSAGE->identities[$idx]['email_ascii'] = $ident['email'];


    $MESSAGE->identities[$idx]['ident']       = format_email_recipient($ident['email'], $ident['name']);


@@ -280,7 +281,7 @@


    $a_to = rcube_mime::decode_address_list($MESSAGE->headers->to, null, true, $MESSAGE->headers->charset);


    foreach ($a_to as $addr) {


      if (!empty($addr['mailto'])) {


        $a_recipients[] = strtolower($addr['mailto']);


        $a_recipients[] = format_email($addr['mailto']);


        $a_names[]      = $addr['name'];


      }


    }


@@ -289,7 +290,7 @@


      $a_cc = rcube_mime::decode_address_list($MESSAGE->headers->cc, null, true, $MESSAGE->headers->charset);


      foreach ($a_cc as $addr) {


        if (!empty($addr['mailto'])) {


          $a_recipients[] = strtolower($addr['mailto']);


          $a_recipients[] = format_email($addr['mailto']);


          $a_names[]      = $addr['name'];


        }


      }


@@ -436,7 +437,7 @@


      if (empty($addr_part['mailto']))


        continue;




      $mailto = mb_strtolower(rcube_idn_to_utf8($addr_part['mailto']));


      $mailto = format_email(rcube_idn_to_utf8($addr_part['mailto']));




      if (!in_array($mailto, $a_recipients)


        && ($header == 'to' || empty($MESSAGE->compose['from_email']) || $mailto != $MESSAGE->compose['from_email'])