- Applied fixes from trunk up to r5126
2 files added
11 files modified
| | |
| | | CHANGELOG Roundcube Webmail |
| | | =========================== |
| | | |
| | | - Fixed selecting identity on reply/forward (#1487981) |
| | | - Fix image type check for contact photo uploads |
| | | |
| | | RELEASE 0.6-beta |
| | | ---------------- |
| | | - Added unique connection identifier to IMAP debug messages |
| | | - Add option to hide selected LDAP addressbook on the list |
| | | - Add client-side checking of uploaded files size |
| | | - Add newlines between organization, department, jobtitle (#1488028) |
| | | - Recalculate date when replying to a message and localize the cite header (#1487675) |
| | | - Fix XSS vulnerability in UI messages (#1488030) |
| | | - Fix handling of email addresses with quoted local part (#1487939) |
| | | - Fix EOL character in vCard exports (#1487873) |
| | | - Added optional "multithreading" autocomplete feature |
New file |
| | |
| | | <?php |
| | | |
| | | $labels['sharing'] = 'Freigabe'; |
| | | $labels['myrights'] = 'Zugriffsrechte'; |
| | | $labels['username'] = 'Benutzer:'; |
| | | $labels['advanced'] = 'erweiterter Modus'; |
| | | $labels['newuser'] = 'Eintrag hinzufügen'; |
| | | $labels['actions'] = 'Zugriffsrechte Aktionen...'; |
| | | $labels['anyone'] = 'Alle Benutzer (anyone)'; |
| | | $labels['anonymous'] = 'Gäste (anonymous)'; |
| | | $labels['identifier'] = 'Bezeichnung'; |
| | | |
| | | $labels['acll'] = 'Ordner sichtbar'; |
| | | $labels['aclr'] = 'Nachrichten lesen'; |
| | | $labels['acls'] = 'Lesestatus ändern'; |
| | | $labels['aclw'] = 'Flags schreiben'; |
| | | $labels['acli'] = 'Nachrichten Hinzufügen'; |
| | | $labels['aclp'] = 'Nachrichten Senden an'; |
| | | $labels['aclc'] = 'Unterordner erstellen'; |
| | | $labels['aclk'] = 'Unterordner erstellen'; |
| | | $labels['acld'] = 'Nachrichten als gelöscht markieren'; |
| | | $labels['aclt'] = 'Nachrichten als gelöscht markieren'; |
| | | $labels['acle'] = 'Nachrichten endgültig Löschen'; |
| | | $labels['aclx'] = 'Ordner löschen'; |
| | | $labels['acla'] = 'Zugriffsrechte Verwalten'; |
| | | |
| | | $labels['aclfull'] = 'Vollzugriff'; |
| | | $labels['aclother'] = 'Andere'; |
| | | $labels['aclread'] = 'Lesen'; |
| | | $labels['aclwrite'] = 'Schreiben'; |
| | | $labels['acldelete'] = 'Löschen'; |
| | | |
| | | $labels['shortacll'] = 'Sichtbar'; |
| | | $labels['shortaclr'] = 'Lesen'; |
| | | $labels['shortacls'] = 'Lesestatus'; |
| | | $labels['shortaclw'] = 'Flags ändern'; |
| | | $labels['shortacli'] = 'Hinzufügen'; |
| | | $labels['shortaclp'] = 'Senden an'; |
| | | $labels['shortaclc'] = 'Erstellen'; |
| | | $labels['shortaclk'] = 'Erstellen'; |
| | | $labels['shortacld'] = 'Löschen'; |
| | | $labels['shortaclt'] = 'Löschen'; |
| | | $labels['shortacle'] = 'endgültig löschen'; |
| | | $labels['shortaclx'] = 'Ordner löschen'; |
| | | $labels['shortacla'] = 'Verwalten'; |
| | | |
| | | $labels['shortaclother'] = 'Andere'; |
| | | $labels['shortaclread'] = 'Lesen'; |
| | | $labels['shortaclwrite'] = 'Schreiben'; |
| | | $labels['shortacldelete'] = 'Löschen'; |
| | | |
| | | $labels['longacll'] = 'Der Ordner ist sichtbar und kann abonniert werden'; |
| | | $labels['longaclr'] = 'Nachrichten im Ordner können gelesen werden'; |
| | | $labels['longacls'] = 'Der Lesestatus von Nachrichten kann geändert werden'; |
| | | $labels['longaclw'] = 'Alle Nachrichten-Flags und Schlüsselwörter außer "Gelesen" und "Gelöscht" können geändert werden'; |
| | | $labels['longacli'] = 'Nachrichten können in diesen Ordner kopiert oder verschoben werden'; |
| | | $labels['longaclp'] = 'Nachrichten können an diesen Ordner gesendet werden'; |
| | | $labels['longaclc'] = 'Unterordner können in diesem Ordner erstellt oder umbenannt werden'; |
| | | $labels['longaclk'] = 'Unterordner können in diesem Ordner erstellt oder umbenannt werden'; |
| | | $labels['longacld'] = 'Der "gelöscht" Status von Nachrichten kann geändert werden'; |
| | | $labels['longaclt'] = 'Der "gelöscht" Status von Nachrichten kann geändert werden'; |
| | | $labels['longacle'] = 'Als "gelöscht" markiert Nachrichten können gelöscht werden.'; |
| | | $labels['longaclx'] = 'Der Ordner kann gelöscht oder umbenannt werden'; |
| | | $labels['longacla'] = 'Die Zugriffsrechte des Ordners können geändert werden'; |
| | | |
| | | $labels['longaclfull'] = 'Vollzugriff inklusive Ordner-Verwaltung'; |
| | | $labels['longaclread'] = 'Der Ordnerinhalt kann gelesen werden'; |
| | | $labels['longaclwrite'] = 'Nachrichten können markiert, an den Ordner gesendet und in den Ordner kopiert oder verschoben werden'; |
| | | $labels['longacldelete'] = 'Nachrichten können gelöscht werden'; |
| | | |
| | | $messages['deleting'] = 'Zugriffsrechte werden entzogen...'; |
| | | $messages['saving'] = 'Zugriffsrechte werden gewährt...'; |
| | | $messages['updatesuccess'] = 'Zugriffsrechte erfolgreich geändert'; |
| | | $messages['deletesuccess'] = 'Zugriffsrechte erfolgreich entzogen'; |
| | | $messages['createsuccess'] = 'Zugriffsrechte erfolgreich gewährt'; |
| | | $messages['updateerror'] = 'Zugriffsrechte konnten nicht geändert werden'; |
| | | $messages['deleteerror'] = 'Zugriffsrechte konnten nicht entzogen werden'; |
| | | $messages['createerror'] = 'Zugriffsrechte konnten nicht gewährt werden'; |
| | | $messages['deleteconfirm'] = 'Sind Sie sicher, daß Sie die Zugriffsrechte den ausgewählten Benutzern entziehen möchten?'; |
| | | $messages['norights'] = 'Es wurden keine Zugriffsrechte ausgewählt!'; |
| | | $messages['nouser'] = 'Es wurde kein Benutzer ausgewählt!'; |
| | | |
| | | ?> |
| | |
| | | * // redirect the client to this URL after logout. This page is then responsible to clear HTTP auth |
| | | * $rcmail_config['logout_url'] = 'http://server.tld/logout.html'; |
| | | * |
| | | * see http://stackoverflow.com/questions/31326/is-there-a-browser-equivalent-to-ies-clearauthenticationcache |
| | | * about how HTTP auth can be cleared |
| | | * See logout.html (in this directory) for an example how HTTP auth can be cleared. |
| | | * |
| | | * @version 1.4 |
| | | * @author Thomas Bruederli |
| | |
| | | |
| | | return $args; |
| | | } |
| | | |
| | | |
| | | function logout($args) |
| | | { |
| | | // redirect to configured URL in order to clear HTTP auth credentials |
New file |
| | |
| | | <!DOCTYPE html> |
| | | <html> |
| | | <head> |
| | | <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> |
| | | <title>Logout</title> |
| | | <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.6/jquery.min.js"></script> |
| | | <script type="text/javascript"> |
| | | |
| | | // as seen on http://stackoverflow.com/questions/31326/is-there-a-browser-equivalent-to-ies-clearauthenticationcache |
| | | $(document).ready(function(){ |
| | | if (document.all && document.execCommand) { |
| | | document.execCommand("ClearAuthenticationCache", "false"); |
| | | } |
| | | else { |
| | | $.ajax({ |
| | | url: location.href, |
| | | type: 'POST', |
| | | username: '__LOGOUT__', |
| | | password: '***********' |
| | | }); |
| | | } |
| | | }); |
| | | |
| | | </script> |
| | | </head> |
| | | <body> |
| | | <h1>You've successully been logged out!</h1> |
| | | |
| | | </body> |
| | |
| | | /** |
| | | * New Mail Notifier plugin script |
| | | * |
| | | * @version 0.1 |
| | | * @version 0.2 |
| | | * @author Aleksander Machniak <alec@alec.pl> |
| | | */ |
| | | |
| | |
| | | // Sound notification |
| | | function newmail_notifier_sound() |
| | | { |
| | | var elem, src = 'plugins/newmail_notifier/sound.wav'; |
| | | |
| | | // HTML5 |
| | | try { |
| | | var elem = $('<audio src="success.wav" />'); |
| | | elem = $('<audio src="' + src + '" />'); |
| | | elem.get(0).play(); |
| | | } |
| | | // old method |
| | | catch (e) { |
| | | var elem = $('<embed id="sound" src="success.wav" hidden=true autostart=true loop=false />'); |
| | | elem = $('<embed id="sound" src="' + src + '" hidden=true autostart=true loop=false />'); |
| | | elem.appendTo($('body')); |
| | | window.setTimeout("$('#sound').remove()", 5000); |
| | | } |
| | |
| | | * 1. Basic - focus browser window and change favicon |
| | | * 2. Sound - play wav file |
| | | * |
| | | * @version 0.1 |
| | | * @version 0.2 |
| | | * @author Aleksander Machniak <alec@alec.pl> |
| | | * |
| | | * |
| | |
| | | private $prefs; |
| | | private $cmd_tag; |
| | | private $cmd_num = 0; |
| | | private $resourceid; |
| | | private $_debug = false; |
| | | private $_debug_handler = false; |
| | | |
| | |
| | | |
| | | $line = trim(fgets($this->fp, 8192)); |
| | | |
| | | if ($this->_debug && $line) { |
| | | $this->debug('S: '. $line); |
| | | if ($this->_debug) { |
| | | // set connection identifier for debug output |
| | | preg_match('/#([0-9]+)/', (string)$this->fp, $m); |
| | | $this->resourceid = strtoupper(substr(md5($m[1].$this->user.microtime()), 0, 4)); |
| | | |
| | | if ($line) |
| | | $this->debug('S: '. $line); |
| | | } |
| | | |
| | | // Connected to wrong port or connection error? |
| | |
| | | */ |
| | | private function debug($message) |
| | | { |
| | | if ($this->resourceid) { |
| | | $message = sprintf('[%s] %s', $this->resourceid, $message); |
| | | } |
| | | |
| | | if ($this->_debug_handler) { |
| | | call_user_func_array($this->_debug_handler, array(&$this, $message)); |
| | | } else { |
| | |
| | | // we have a search result resource |
| | | if ($this->ldap_result && $this->result->count > 0) |
| | | { |
| | | // sorting still on the ldap server |
| | | if ($this->sort_col && $this->prop['scope'] !== 'base' && !$this->vlv_active) |
| | | ldap_sort($this->conn, $this->ldap_result, $this->sort_col); |
| | | |
| | | // start and end of the page |
| | | $start_row = $this->vlv_active ? 0 : $this->result->first; |
| | | $start_row = $subset < 0 ? $start_row + $this->page_size + $subset : $start_row; |
| | | $last_row = $this->result->first + $this->page_size; |
| | | $last_row = $subset != 0 ? $start_row + abs($subset) : $last_row; |
| | | |
| | | // get all entries from the ldap server |
| | | $entries = ldap_get_entries($this->conn, $this->ldap_result); |
| | | |
| | | // filtering for group members |
| | | if ($this->groups and $this->group_id) |
| | | { |
| | | $count = 0; |
| | | $members = array(); |
| | | foreach ($entries as $entry) |
| | | { |
| | | if ($this->group_members[base64_encode($entry['dn'])]) |
| | | { |
| | | $members[] = $entry; |
| | | $count++; |
| | | } |
| | | } |
| | | $entries = $members; |
| | | $entries['count'] = $count; |
| | | $this->result->count = $count; |
| | | } |
| | | |
| | | // filter entries for this page |
| | | for ($i = $start_row; $i < min($entries['count'], $last_row); $i++) |
| | | $this->result->add($this->_ldap2result($entries[$i])); |
| | | } |
| | | |
| | | // temp hack for filtering group members |
| | | if ($this->groups and $this->group_id) |
| | | { |
| | | $result = new rcube_result_set(); |
| | | while ($record = $this->result->iterate()) |
| | | { |
| | | if ($this->group_members[$record['ID']]) |
| | | { |
| | | $result->add($record); |
| | | $result->count++; |
| | | } |
| | | } |
| | | $this->result = $result; |
| | | } |
| | | |
| | | return $this->result; |
| | | } |
| | | |
| | |
| | | |
| | | if ($write) { |
| | | // add debug console |
| | | if ($this->config['debug_level'] & 8) { |
| | | if ($realname != 'error' && ($this->config['debug_level'] & 8)) { |
| | | $this->add_footer('<div id="console" style="position:absolute;top:5px;left:5px;width:405px;padding:2px;background:white;z-index:9000;display:none"> |
| | | <a href="#toggle" onclick="con=$(\'#dbgconsole\');con[con.is(\':visible\')?\'hide\':\'show\']();return false">console</a> |
| | | <textarea name="console" id="dbgconsole" rows="20" cols="40" wrap="off" style="display:none;width:400px;border:none;font-size:10px" spellcheck="false"></textarea></div>' |
| | |
| | | break; |
| | | } |
| | | |
| | | // prevent from form submit with Enter key in file input fields |
| | | if (bw.ie) |
| | | $('input[type=file]').keydown(function(e) { if (e.keyCode == '13') e.preventDefault(); }); |
| | | |
| | | // flag object as complete |
| | | this.loaded = true; |
| | | |
| | |
| | | }; |
| | | |
| | | // update a contact record in the list |
| | | this.update_contact_row = function(cid, cols_arr, newcid) |
| | | this.update_contact_row = function(cid, cols_arr, newcid, source) |
| | | { |
| | | var c, row, list = this.contact_list; |
| | | |
| | | cid = String(cid).replace(this.identifier_expr, '_'); |
| | | |
| | | // when in searching mode, concat cid with the source name |
| | | if (!list.rows[cid]) { |
| | | cid = cid+'-'+source; |
| | | if (newcid) |
| | | newcid = newcid+'-'+source; |
| | | } |
| | | |
| | | if (list.rows[cid] && (row = list.rows[cid].obj)) { |
| | | for (c=0; c<cols_arr.length; c++) |
| | |
| | | // handle upload errors, parsing iframe content in onload |
| | | $(frame_name).bind('load', {ts:ts}, onload); |
| | | |
| | | form.target = frame_name; |
| | | form.action = this.url(action, { _id:this.env.compose_id||'', _uploadid:ts }); |
| | | form.setAttribute('method', 'POST'); |
| | | form.setAttribute('enctype', 'multipart/form-data'); |
| | | form.submit(); |
| | | $(form).attr({ |
| | | target: frame_name, |
| | | action: this.url(action, { _id:this.env.compose_id||'', _uploadid:ts }), |
| | | method: 'POST'}) |
| | | .attr(form.encoding ? 'encoding' : 'enctype', 'multipart/form-data') |
| | | .submit(); |
| | | |
| | | return frame_name; |
| | | }; |
| | |
| | | $RCMAIL->session->remove('contacts'); |
| | | } |
| | | |
| | | $source = get_input_value('_source', RCUBE_INPUT_GPC); |
| | | |
| | | // update an existing contact |
| | | if (!empty($cid)) |
| | | { |
| | | $plugin = $RCMAIL->plugins->exec_hook('contact_update', |
| | | array('id' => $cid, 'record' => $a_record, 'source' => get_input_value('_source', RCUBE_INPUT_GPC))); |
| | | array('id' => $cid, 'record' => $a_record, 'source' => $source)); |
| | | $a_record = $plugin['record']; |
| | | |
| | | if (!$plugin['abort']) |
| | |
| | | $a_js_cols[] = Q((string)$record[$col]); |
| | | |
| | | // update the changed col in list |
| | | $OUTPUT->command('parent.update_contact_row', $cid, $a_js_cols, $newcid); |
| | | $OUTPUT->command('parent.update_contact_row', $cid, $a_js_cols, $newcid, $source); |
| | | |
| | | // show confirmation |
| | | $OUTPUT->show_message('successfullysaved', 'confirmation', null, false); |
| | |
| | | |
| | | // insert a new contact |
| | | else { |
| | | $source = get_input_value('_source', RCUBE_INPUT_GPC); |
| | | // Name of the addressbook already selected on the list |
| | | $orig_source = get_input_value('_orig_source', RCUBE_INPUT_GPC); |
| | | |
| | |
| | | |
| | | */ |
| | | |
| | | // Supported image format types |
| | | // ImageMagick works with other non-image types (e.g.pdf) we don't want here |
| | | $IMAGE_TYPES = explode(',', 'jpeg,jpg,jp2,tiff,tif,bmp,eps,gif,png,png8,png24,png32,svg,ico'); |
| | | |
| | | // clear all stored output properties (like scripts and env vars) |
| | | $OUTPUT->reset(); |
| | | console($_FILES); |
| | | |
| | | if ($filepath = $_FILES['_photo']['tmp_name']) { |
| | | // check file type and resize image |
| | | $imageprop = rcmail::imageprops($_FILES['_photo']['tmp_name']); |
| | | |
| | | if ($imageprop['width'] && $imageprop['height']) { |
| | | if (in_array(strtolower($imageprop['type']), $IMAGE_TYPES) |
| | | && $imageprop['width'] && $imageprop['height'] |
| | | ) { |
| | | $maxsize = intval($RCMAIL->config->get('contact_photo_size', 160)); |
| | | $tmpfname = tempnam($RCMAIL->config->get('temp_dir'), 'rcmImgConvert'); |
| | | $save_hook = 'attachment_upload'; |
| | |
| | | $MESSAGE->identities = $USER->list_identities(); |
| | | if (count($MESSAGE->identities)) |
| | | { |
| | | foreach ($MESSAGE->identities as $idx => $sql_arr) { |
| | | $email = mb_strtolower(rcube_idn_to_utf8($sql_arr['email'])); |
| | | $MESSAGE->identities[$idx]['email_ascii'] = $sql_arr['email']; |
| | | foreach ($MESSAGE->identities as $idx => $ident) { |
| | | $email = mb_strtolower(rcube_idn_to_utf8($ident['email'])); |
| | | |
| | | $MESSAGE->identities[$idx]['email_ascii'] = $ident['email']; |
| | | $MESSAGE->identities[$idx]['ident'] = format_email_recipient($ident['email'], $ident['name']); |
| | | $MESSAGE->identities[$idx]['email'] = $email; |
| | | } |
| | | } |
| | |
| | | else if (count($MESSAGE->identities)) { |
| | | // extract all recipients of the reply-message |
| | | $a_recipients = array(); |
| | | if ($compose_mode == RCUBE_COMPOSE_REPLY && is_object($MESSAGE->headers)) |
| | | if (is_object($MESSAGE->headers) && in_array($compose_mode, array(RCUBE_COMPOSE_REPLY, RCUBE_COMPOSE_FORWARD))) |
| | | { |
| | | $a_to = $IMAP->decode_address_list($MESSAGE->headers->to); |
| | | foreach ($a_to as $addr) { |
| | |
| | | } |
| | | |
| | | $from_idx = null; |
| | | $default_identity = 0; |
| | | $default_identity = null; |
| | | $return_path = $MESSAGE->headers->others['return-path']; |
| | | |
| | | // Select identity |
| | | foreach ($MESSAGE->identities as $idx => $sql_arr) { |
| | | foreach ($MESSAGE->identities as $idx => $ident) { |
| | | // save default identity ID |
| | | if ($sql_arr['standard']) { |
| | | if ($ident['standard']) { |
| | | $default_identity = $idx; |
| | | } |
| | | // we need ascii here |
| | | $email = $sql_arr['email_ascii']; |
| | | $ident = format_email_recipient($email, $sql_arr['name']); |
| | | |
| | | // select identity |
| | | if (in_array($compose_mode, array(RCUBE_COMPOSE_DRAFT, RCUBE_COMPOSE_EDIT, RCUBE_COMPOSE_REPLY))) { |
| | | if ($MESSAGE->headers->from == $ident) { |
| | | // use From header |
| | | if (in_array($compose_mode, array(RCUBE_COMPOSE_DRAFT, RCUBE_COMPOSE_EDIT))) { |
| | | if ($MESSAGE->headers->from == $ident['ident']) { |
| | | $from_idx = $idx; |
| | | break; |
| | | } |
| | | } |
| | | // set identity if it's one of the reply-message recipients |
| | | else if (in_array($email, $a_recipients) && ($from_idx === null || $sql_arr['standard'])) { |
| | | // reply to yourself |
| | | else if ($compose_mode == RCUBE_COMPOSE_REPLY && $MESSAGE->headers->from == $ident['ident']) { |
| | | $from_idx = $idx; |
| | | break; |
| | | } |
| | | // set identity when replying to mailing list |
| | | else if (strpos($return_path, str_replace('@', '=', $email).'@') !== false) { |
| | | // use replied message recipients |
| | | else if (in_array($ident['email_ascii'], $a_recipients)) { |
| | | $from_idx = $idx; |
| | | } |
| | | } |
| | | |
| | | // Still no ID, use first identity |
| | | // Fallback using Return-Path |
| | | if ($from_idx === null && $return_path) { |
| | | foreach ($MESSAGE->identities as $idx => $ident) { |
| | | if (strpos($return_path, str_replace('@', '=', $ident['email_ascii']).'@') !== false) { |
| | | $from_idx = $idx; |
| | | break; |
| | | } |
| | | } |
| | | } |
| | | |
| | | // Still no ID, use default/first identity |
| | | if ($from_idx === null) { |
| | | $from_idx = $default_identity; |
| | | $from_idx = $default_identity !== null ? $default_identity : key(reset($MESSAGE->identities)); |
| | | } |
| | | |
| | | $ident = $MESSAGE->identities[$from_idx]; |