From 2d08c50fd78e8ae74f27a2418f7909b18ae2bf42 Mon Sep 17 00:00:00 2001
From: alecpl <alec@alec.pl>
Date: Fri, 05 Mar 2010 04:47:32 -0500
Subject: [PATCH] - Support/Require tls:// prefix in 'smtp_server' option for TLS connections - "Split" config file into sections
---
program/include/rcube_shared.inc | 34 +++++++++++++++++-----------------
1 files changed, 17 insertions(+), 17 deletions(-)
diff --git a/program/include/rcube_shared.inc b/program/include/rcube_shared.inc
index 278f5a1..f4f23a2 100644
--- a/program/include/rcube_shared.inc
+++ b/program/include/rcube_shared.inc
@@ -39,6 +39,8 @@
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: private, must-revalidate, post-check=0, pre-check=0");
header("Pragma: no-cache");
+ // Request browser to disable DNS prefetching (CVE-2010-0464)
+ header("X-DNS-Prefetch-Control: off");
// We need to set the following headers to make downloads work using IE in HTTPS mode.
if (rcube_https_check()) {
@@ -408,12 +410,13 @@
function abbreviate_string($str, $maxlength, $place_holder='...')
{
$length = mb_strlen($str);
- $first_part_length = floor($maxlength/2) - mb_strlen($place_holder);
if ($length > $maxlength)
{
- $second_starting_location = $length - $maxlength + $first_part_length + 1;
- $str = mb_substr($str, 0, $first_part_length) . $place_holder . mb_substr($str, $second_starting_location, $length);
+ $place_holder_length = mb_strlen($place_holder);
+ $first_part_length = floor(($maxlength - $place_holder_length)/2);
+ $second_starting_location = $length - $maxlength + $first_part_length + $place_holder_length;
+ $str = mb_substr($str, 0, $first_part_length) . $place_holder . mb_substr($str, $second_starting_location);
}
return $str;
@@ -443,20 +446,15 @@
$mime_type = $mime_ext[$suffix];
}
// try fileinfo extension if available
- if (!$mime_type) {
- if (!extension_loaded('fileinfo')) {
- @dl('fileinfo.' . PHP_SHLIB_SUFFIX);
- }
- if (function_exists('finfo_open')) {
- if ($finfo = finfo_open(FILEINFO_MIME, $mime_magic)) {
- $mime_type = finfo_file($finfo, $path);
- finfo_close($finfo);
- }
+ if (!$mime_type && function_exists('finfo_open')) {
+ if ($finfo = finfo_open(FILEINFO_MIME, $mime_magic)) {
+ $mime_type = finfo_file($finfo, $path);
+ finfo_close($finfo);
}
}
// try PHP's mime_content_type
if (!$mime_type && function_exists('mime_content_type')) {
- $mime_type = mime_content_type($path);
+ $mime_type = mime_content_type($path);
}
// fall back to user-submitted string
if (!$mime_type) {
@@ -515,10 +513,10 @@
return $input;
// iconv/mbstring are much faster (especially with long strings)
- if (function_exists('mb_convert_encoding') && ($res = mb_convert_encoding($input, 'UTF8', 'UTF8')) !== false)
+ if (function_exists('mb_convert_encoding') && ($res = mb_convert_encoding($input, 'UTF-8', 'UTF-8')) !== false)
return $res;
- if (function_exists('iconv') && ($res = iconv('UTF8', 'UTF8//IGNORE', $input)) !== false)
+ if (function_exists('iconv') && ($res = @iconv('UTF-8', 'UTF-8//IGNORE', $input)) !== false)
return $res;
$regexp = '/^('.
@@ -536,7 +534,7 @@
$seq = '';
$out = '';
- for ($i = 0, $len = strlen($input)-1; $i < $len; $i++) {
+ for ($i = 0, $len = strlen($input); $i < $len; $i++) {
$chr = $input[$i];
$ord = ord($chr);
// 1-byte character
@@ -577,7 +575,9 @@
{
$input = rc_utf8_clean($input);
- return json_encode($input);
+ // sometimes even using rc_utf8_clean() the input contains invalid UTF-8 sequences
+ // that's why we have @ here
+ return @json_encode($input);
}
--
Gitblit v1.9.1