From 4daaa09438bc05f9d5d6cf339cc0b60b511057e9 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Sun, 06 Oct 2013 09:02:25 -0400
Subject: [PATCH] Move PEAR libs from plugins into main Roundcube lib directory, list them as dependencies in INSTALL file (#1489182)
---
program/steps/mail/compose.inc | 439 ++++++++++++++++++++++++++++++------------------------
1 files changed, 245 insertions(+), 194 deletions(-)
diff --git a/program/steps/mail/compose.inc b/program/steps/mail/compose.inc
index b4dbd8d..dc24525 100644
--- a/program/steps/mail/compose.inc
+++ b/program/steps/mail/compose.inc
@@ -20,10 +20,10 @@
*/
// define constants for message compose mode
-define('RCUBE_COMPOSE_REPLY', 0x0106);
-define('RCUBE_COMPOSE_FORWARD', 0x0107);
-define('RCUBE_COMPOSE_DRAFT', 0x0108);
-define('RCUBE_COMPOSE_EDIT', 0x0109);
+define('RCUBE_COMPOSE_REPLY', 'reply');
+define('RCUBE_COMPOSE_FORWARD', 'forward');
+define('RCUBE_COMPOSE_DRAFT', 'draft');
+define('RCUBE_COMPOSE_EDIT', 'edit');
$MESSAGE_FORM = null;
$COMPOSE_ID = get_input_value('_id', RCUBE_INPUT_GET);
@@ -54,30 +54,12 @@
$COMPOSE_ID = uniqid(mt_rand());
$_SESSION['compose_data_'.$COMPOSE_ID] = array(
'id' => $COMPOSE_ID,
- 'param' => request2param(RCUBE_INPUT_GET),
+ 'param' => rcube_utils::request2param(RCUBE_INPUT_GET, 'task|action', true),
'mailbox' => $RCMAIL->storage->get_folder(),
);
$COMPOSE =& $_SESSION['compose_data_'.$COMPOSE_ID];
- // process values like "mailto:foo@bar.com?subject=new+message&cc=another"
- if ($COMPOSE['param']['to']) {
- // #1486037: remove "mailto:" prefix
- $COMPOSE['param']['to'] = preg_replace('/^mailto:/i', '', $COMPOSE['param']['to']);
- $mailto = explode('?', $COMPOSE['param']['to']);
- if (count($mailto) > 1) {
- $COMPOSE['param']['to'] = $mailto[0];
- parse_str($mailto[1], $query);
- foreach ($query as $f => $val)
- $COMPOSE['param'][$f] = $val;
- }
- }
-
- // select folder where to save the sent message
- $COMPOSE['param']['sent_mbox'] = $RCMAIL->config->get('sent_mbox');
-
- // pipe compose parameters thru plugins
- $plugin = $RCMAIL->plugins->exec_hook('message_compose', $COMPOSE);
- $COMPOSE['param'] = array_merge($COMPOSE['param'], $plugin['param']);
+ rcmail_process_compose_params($COMPOSE);
// add attachments listed by message_compose hook
if (is_array($plugin['attachments'])) {
@@ -139,28 +121,31 @@
}
// set current mailbox in client environment
$OUTPUT->set_env('mailbox', $RCMAIL->storage->get_folder());
-$OUTPUT->set_env('sig_above', $RCMAIL->config->get('sig_above', false));
$OUTPUT->set_env('top_posting', intval($RCMAIL->config->get('reply_mode')) > 0);
$OUTPUT->set_env('recipients_separator', trim($RCMAIL->config->get('recipients_separator', ',')));
// default font for HTML editor
-$font = rcube_fontdefs($RCMAIL->config->get('default_font', 'Verdana'));
+$font = rcube_fontdefs($RCMAIL->config->get('default_font'));
if ($font && !is_array($font)) {
$OUTPUT->set_env('default_font', $font);
+}
+
+// default font size for HTML editor
+if ($font_size = $RCMAIL->config->get('default_font_size')) {
+ $OUTPUT->set_env('default_font_size', $font_size);
}
// get reference message and set compose mode
if ($msg_uid = $COMPOSE['param']['draft_uid']) {
$compose_mode = RCUBE_COMPOSE_DRAFT;
+ $OUTPUT->set_env('draft_id', $msg_uid);
$RCMAIL->storage->set_folder($CONFIG['drafts_mbox']);
}
else if ($msg_uid = $COMPOSE['param']['reply_uid']) {
$compose_mode = RCUBE_COMPOSE_REPLY;
- $OUTPUT->set_env('compose_mode', 'reply');
}
else if ($msg_uid = $COMPOSE['param']['forward_uid']) {
$compose_mode = RCUBE_COMPOSE_FORWARD;
- $OUTPUT->set_env('compose_mode', 'forward');
$COMPOSE['forward_uid'] = $msg_uid;
$COMPOSE['as_attachment'] = !empty($COMPOSE['param']['attachment']);
}
@@ -168,9 +153,15 @@
$compose_mode = RCUBE_COMPOSE_EDIT;
}
+$COMPOSE['mode'] = $compose_mode;
+$OUTPUT->set_env('compose_mode', $compose_mode);
+
$config_show_sig = $RCMAIL->config->get('show_sig', 1);
if ($compose_mode == RCUBE_COMPOSE_EDIT || $compose_mode == RCUBE_COMPOSE_DRAFT) {
// don't add signature in draft/edit mode, we'll also not remove the old-one
+ // but only on page display, later we should be able to change identity/sig (#1489229)
+ if ($config_show_sig == 1 || $config_show_sig == 2)
+ $OUTPUT->set_env('show_sig_later', true);
}
else if ($config_show_sig == 1)
$OUTPUT->set_env('show_sig', true);
@@ -184,9 +175,18 @@
if (!empty($msg_uid) && empty($COMPOSE['as_attachment']))
{
- // similar as in program/steps/mail/show.inc
- // re-set 'prefer_html' to have possibility to use html part for compose
- $CONFIG['prefer_html'] = $CONFIG['prefer_html'] || $CONFIG['htmleditor'] || $compose_mode == RCUBE_COMPOSE_DRAFT || $compose_mode == RCUBE_COMPOSE_EDIT;
+ $mbox_name = $RCMAIL->storage->get_folder();
+
+ // set format before rcube_message construction
+ // use the same format as for the message view
+ if (isset($_SESSION['msg_formats'][$mbox_name.':'.$msg_uid])) {
+ $RCMAIL->config->set('prefer_html', $_SESSION['msg_formats'][$mbox_name.':'.$msg_uid]);
+ }
+ else {
+ $prefer_html = $CONFIG['prefer_html'] || $CONFIG['htmleditor'] || $compose_mode == RCUBE_COMPOSE_DRAFT || $compose_mode == RCUBE_COMPOSE_EDIT;
+ $RCMAIL->config->set('prefer_html', $prefer_html);
+ }
+
$MESSAGE = new rcube_message($msg_uid);
// make sure message is marked as read
@@ -196,7 +196,10 @@
if (!empty($MESSAGE->headers->charset))
$RCMAIL->storage->set_charset($MESSAGE->headers->charset);
- if ($compose_mode == RCUBE_COMPOSE_REPLY) {
+ if (!$MESSAGE->headers) {
+ // error
+ }
+ else if ($compose_mode == RCUBE_COMPOSE_REPLY) {
$COMPOSE['reply_uid'] = $msg_uid;
$COMPOSE['reply_msgid'] = $MESSAGE->headers->messageID;
$COMPOSE['references'] = trim($MESSAGE->headers->references . " " . $MESSAGE->headers->messageID);
@@ -211,10 +214,10 @@
$COMPOSE['param']['sent_mbox'] = $sent_folder;
}
}
- else if ($compose_mode == RCUBE_COMPOSE_DRAFT) {
- if ($MESSAGE->headers->others['x-draft-info']) {
+ else if ($compose_mode == RCUBE_COMPOSE_DRAFT || $compose_mode == RCUBE_COMPOSE_EDIT) {
+ if ($compose_mode == RCUBE_COMPOSE_DRAFT && ($draft_info = $MESSAGE->headers->get('x-draft-info'))) {
// get reply_uid/forward_uid to flag the original message when sending
- $info = rcmail_draftinfo_decode($MESSAGE->headers->others['x-draft-info']);
+ $info = rcmail_draftinfo_decode($draft_info);
if ($info['type'] == 'reply')
$COMPOSE['reply_uid'] = $info['uid'];
@@ -231,14 +234,22 @@
}
}
- if ($MESSAGE->headers->in_reply_to)
- $COMPOSE['reply_msgid'] = '<'.$MESSAGE->headers->in_reply_to.'>';
+ if ($in_reply_to = $MESSAGE->headers->get('in-reply-to'))
+ $COMPOSE['reply_msgid'] = '<' . $in_reply_to . '>';
- $COMPOSE['references'] = $MESSAGE->headers->references;
+ $COMPOSE['references'] = $MESSAGE->headers->references;
}
}
else {
$MESSAGE = new stdClass();
+
+ // apply mailto: URL parameters
+ if (!empty($COMPOSE['param']['in-reply-to'])) {
+ $COMPOSE['reply_msgid'] = '<' . $COMPOSE['param']['in-reply-to'] . '>';
+ }
+ if (!empty($COMPOSE['param']['references'])) {
+ $COMPOSE['references'] = $COMPOSE['param']['references'];
+ }
}
$MESSAGE->compose = array();
@@ -308,8 +319,8 @@
else if (!empty($MESSAGE->headers->from))
$fvalue = $MESSAGE->headers->from;
- // Reply to message sent by yourself (#1487074)
- if (!empty($ident) && $fvalue == $ident['ident']) {
+ // Reply to message sent by yourself (#1487074, #1489230)
+ if (!empty($ident) && in_array($ident['ident'], array($fvalue, $MESSAGE->headers->from))) {
$fvalue = $MESSAGE->headers->to;
}
}
@@ -319,6 +330,20 @@
$fvalue .= $v;
if ($v = $MESSAGE->headers->cc)
$fvalue .= (!empty($fvalue) ? $separator : '') . $v;
+ // Use Sender header (#1489011)
+ if (($v = $MESSAGE->headers->get('Sender', false)) && strpos($v, '-bounces@') === false)
+ $fvalue .= (!empty($fvalue) ? $separator : '') . $v;
+
+ // When To: and Reply-To: are the same we add From: address to the list (#1489037)
+ if ($v = $MESSAGE->headers->from) {
+ $from = rcube_mime::decode_address_list($v, null, false, $MESSAGE->headers->charset, true);
+ $to = rcube_mime::decode_address_list($MESSAGE->headers->to, null, false, $MESSAGE->headers->charset, true);
+ $replyto = rcube_mime::decode_address_list($MESSAGE->headers->replyto, null, false, $MESSAGE->headers->charset, true);
+
+ if (count($replyto) && !count(array_diff($to, $replyto)) && count(array_diff($from, $to))) {
+ $fvalue .= (!empty($fvalue) ? $separator : '') . $v;
+ }
+ }
}
}
else if (in_array($compose_mode, array(RCUBE_COMPOSE_DRAFT, RCUBE_COMPOSE_EDIT))) {
@@ -349,7 +374,12 @@
$mailto = format_email(rcube_idn_to_utf8($addr_part['mailto']));
if (!in_array($mailto, $a_recipients)
- && ($header == 'to' || empty($MESSAGE->compose['from_email']) || $mailto != $MESSAGE->compose['from_email'])
+ && (
+ $header == 'to'
+ || $compose_mode != RCUBE_COMPOSE_REPLY
+ || empty($MESSAGE->compose['from_email'])
+ || $mailto != $MESSAGE->compose['from_email']
+ )
) {
if ($addr_part['name'] && $addr_part['mailto'] != $addr_part['name'])
$string = format_email_recipient($mailto, $addr_part['name']);
@@ -374,107 +404,58 @@
/****** compose mode functions ********/
-function rcmail_identity_select($MESSAGE, $identities, $compose_mode)
+// process compose request parameters
+function rcmail_process_compose_params(&$COMPOSE)
{
- $a_recipients = array();
- $a_names = array();
+ if ($COMPOSE['param']['to']) {
+ $mailto = explode('?', $COMPOSE['param']['to'], 2);
- // extract all recipients of the reply-message
- if (is_object($MESSAGE->headers) && in_array($compose_mode, array(RCUBE_COMPOSE_REPLY, RCUBE_COMPOSE_FORWARD))) {
- $a_to = rcube_mime::decode_address_list($MESSAGE->headers->to, null, true, $MESSAGE->headers->charset);
- foreach ($a_to as $addr) {
- if (!empty($addr['mailto'])) {
- $a_recipients[] = format_email($addr['mailto']);
- $a_names[] = $addr['name'];
- }
- }
+ // #1486037: remove "mailto:" prefix
+ $COMPOSE['param']['to'] = preg_replace('/^mailto:/i', '', $mailto[0]);
- if (!empty($MESSAGE->headers->cc)) {
- $a_cc = rcube_mime::decode_address_list($MESSAGE->headers->cc, null, true, $MESSAGE->headers->charset);
- foreach ($a_cc as $addr) {
- if (!empty($addr['mailto'])) {
- $a_recipients[] = format_email($addr['mailto']);
- $a_names[] = $addr['name'];
+ // Supported case-insensitive tokens in mailto URL
+ $url_tokens = array('to', 'cc', 'bcc', 'reply-to', 'in-reply-to', 'references', 'subject', 'body');
+
+ if (!empty($mailto[1])) {
+ parse_str($mailto[1], $query);
+ foreach ($query as $f => $val) {
+ if (($key = array_search(strtolower($f), $url_tokens)) !== false) {
+ $f = $url_tokens[$key];
+ }
+
+ // merge mailto: addresses with addresses from 'to' parameter
+ if ($f == 'to' && !empty($COMPOSE['param']['to'])) {
+ $to_addresses = rcube_mime::decode_address_list($COMPOSE['param']['to'], null, true, null, true);
+ $add_addresses = rcube_mime::decode_address_list($val, null, true);
+ foreach ($add_addresses as $addr) {
+ if (!in_array($addr['mailto'], $to_addresses)) {
+ $to_addresses[] = $addr['mailto'];
+ $COMPOSE['param']['to'] = (!empty($to_addresses) ? ', ' : '') . $addr['string'];
+ }
+ }
+ }
+ else {
+ $COMPOSE['param'][$f] = $val;
}
}
}
}
- $from_idx = null;
- $found_idx = null;
- $default_identity = 0; // default identity is always first on the list
+ $RCMAIL = rcmail::get_instance();
- // Select identity
- foreach ($identities as $idx => $ident) {
- // use From header
- if (in_array($compose_mode, array(RCUBE_COMPOSE_DRAFT, RCUBE_COMPOSE_EDIT))) {
- if ($MESSAGE->headers->from == $ident['ident']) {
- $from_idx = $idx;
- break;
- }
- }
- // reply to yourself
- else if ($compose_mode == RCUBE_COMPOSE_REPLY && $MESSAGE->headers->from == $ident['ident']) {
- $from_idx = $idx;
- break;
- }
- // use replied message recipients
- else if (($found = array_search($ident['email_ascii'], $a_recipients)) !== false) {
- if ($found_idx === null) {
- $found_idx = $idx;
- }
- // match identity name
- if ($a_names[$found] && $ident['name'] && $a_names[$found] == $ident['name']) {
- $from_idx = $idx;
- break;
- }
- }
- }
+ // select folder where to save the sent message
+ $COMPOSE['param']['sent_mbox'] = $RCMAIL->config->get('sent_mbox');
- // If matching by name+address doesn't found any amtches, get first found address (identity)
- if ($from_idx === null) {
- $from_idx = $found_idx;
- }
-
- // Try Return-Path
- if ($from_idx === null && ($return_path = $MESSAGE->headers->others['return-path'])) {
- foreach ($identities as $idx => $ident) {
- if (strpos($return_path, str_replace('@', '=', $ident['email_ascii']).'@') !== false) {
- $from_idx = $idx;
- break;
- }
- }
- }
-
- // Fallback using Delivered-To
- if ($from_idx === null && ($delivered_to = $MESSAGE->headers->others['delivered-to'])) {
- foreach ($identities as $idx => $ident) {
- if (in_array($ident['email_ascii'], (array)$delivered_to)) {
- $from_idx = $idx;
- break;
- }
- }
- }
-
- // Fallback using Envelope-To
- if ($from_idx === null && ($envelope_to = $MESSAGE->headers->others['envelope-to'])) {
- foreach ($identities as $idx => $ident) {
- if (in_array($ident['email_ascii'], (array)$envelope_to)) {
- $from_idx = $idx;
- break;
- }
- }
- }
-
- return $identities[$from_idx !== null ? $from_idx : $default_identity];
+ // pipe compose parameters thru plugins
+ $plugin = $RCMAIL->plugins->exec_hook('message_compose', $COMPOSE);
+ $COMPOSE['param'] = array_merge($COMPOSE['param'], $plugin['param']);
}
-
function rcmail_compose_headers($attrib)
{
global $MESSAGE;
- list($form_start, $form_end) = get_form_tags($attrib);
+ list($form_start,) = get_form_tags($attrib);
$out = '';
$part = strtolower($attrib['part']);
@@ -538,7 +519,7 @@
function rcmail_compose_header_from($attrib)
{
- global $MESSAGE, $OUTPUT, $RCMAIL, $compose_mode;
+ global $MESSAGE, $OUTPUT, $RCMAIL, $COMPOSE, $compose_mode;
// pass the following attributes to the form class
$field_attrib = array('name' => '_from');
@@ -549,7 +530,8 @@
if (count($MESSAGE->identities))
{
$a_signatures = array();
- $separator = $RCMAIL->config->get('sig_above')
+ $identities = array();
+ $separator = intval($RCMAIL->config->get('reply_mode')) > 0
&& ($compose_mode == RCUBE_COMPOSE_REPLY || $compose_mode == RCUBE_COMPOSE_FORWARD) ? '---' : '-- ';
$field_attrib['onchange'] = JS_OBJECT_NAME.".change_identity(this)";
@@ -567,7 +549,7 @@
$text = $html = $sql_arr['signature'];
if ($sql_arr['html_signature']) {
- $h2t = new html2text($sql_arr['signature'], false, false);
+ $h2t = new rcube_html2text($sql_arr['signature'], false, false);
$text = trim($h2t->get_text());
}
else {
@@ -586,12 +568,21 @@
$a_signatures[$identity_id]['text'] = $text;
$a_signatures[$identity_id]['html'] = $html;
}
+
+ // add bcc and reply-to
+ if (!empty($sql_arr['reply-to'])) {
+ $identities[$identity_id]['replyto'] = $sql_arr['reply-to'];
+ }
+ if (!empty($sql_arr['bcc'])) {
+ $identities[$identity_id]['bcc'] = $sql_arr['bcc'];
+ }
}
$out = $select_from->show($MESSAGE->compose['from']);
// add signatures to client
$OUTPUT->set_env('signatures', $a_signatures);
+ $OUTPUT->set_env('identities', $identities);
}
// no identities, display text input field
else {
@@ -606,7 +597,7 @@
function rcmail_compose_editor_mode()
{
- global $RCMAIL, $MESSAGE, $compose_mode;
+ global $RCMAIL, $compose_mode;
static $useHtml;
if ($useHtml !== null)
@@ -618,13 +609,13 @@
$useHtml = !empty($_POST['_is_html']);
}
else if ($compose_mode == RCUBE_COMPOSE_DRAFT || $compose_mode == RCUBE_COMPOSE_EDIT) {
- $useHtml = $MESSAGE->has_html_part(false, true);
+ $useHtml = rcmail_message_is_html();
}
else if ($compose_mode == RCUBE_COMPOSE_REPLY) {
- $useHtml = ($html_editor == 1 || ($html_editor >= 2 && $MESSAGE->has_html_part(false, true)));
+ $useHtml = ($html_editor == 1 || ($html_editor >= 2 && rcmail_message_is_html()));
}
else if ($compose_mode == RCUBE_COMPOSE_FORWARD) {
- $useHtml = ($html_editor == 1 || ($html_editor == 3 && $MESSAGE->has_html_part(false, true)));
+ $useHtml = ($html_editor == 1 || ($html_editor == 3 && rcmail_message_is_html()));
}
else {
$useHtml = ($html_editor == 1);
@@ -633,10 +624,15 @@
return $useHtml;
}
+function rcmail_message_is_html()
+{
+ global $RCMAIL, $MESSAGE;
+ return $RCMAIL->config->get('prefer_html') && ($MESSAGE instanceof rcube_message) && $MESSAGE->has_html_part(true);
+}
function rcmail_prepare_message_body()
{
- global $RCMAIL, $MESSAGE, $COMPOSE, $compose_mode, $LINE_LENGTH, $HTML_MODE;
+ global $RCMAIL, $MESSAGE, $COMPOSE, $compose_mode, $HTML_MODE;
// use posted message body
if (!empty($_POST['_message'])) {
@@ -651,18 +647,34 @@
else if ($compose_mode == RCUBE_COMPOSE_FORWARD && $COMPOSE['as_attachment']) {
$isHtml = rcmail_compose_editor_mode();
$body = '';
- if (empty($COMPOSE['attachments']))
- rcmail_write_forward_attachments();
+ rcmail_write_forward_attachments();
}
// reply/edit/draft/forward
- else if ($compose_mode && ($compose_mode != RCUBE_COMPOSE_REPLY || $RCMAIL->config->get('reply_mode') != -1)) {
- $isHtml = rcmail_compose_editor_mode();
+ else if ($compose_mode && ($compose_mode != RCUBE_COMPOSE_REPLY || intval($RCMAIL->config->get('reply_mode')) != -1)) {
+ $isHtml = rcmail_compose_editor_mode();
+ $messages = array();
if (!empty($MESSAGE->parts)) {
+ // collect IDs of message/rfc822 parts
+ if ($compose_mode == RCUBE_COMPOSE_EDIT || $compose_mode == RCUBE_COMPOSE_DRAFT) {
+ foreach ($MESSAGE->attachments as $part) {
+ if ($part->mimetype == 'message/rfc822') {
+ $messages[] = $part->mime_id;
+ }
+ }
+ }
+
foreach ($MESSAGE->parts as $part) {
// skip no-content and attachment parts (#1488557)
if ($part->type != 'content' || !$part->size || $MESSAGE->is_attachment($part)) {
continue;
+ }
+
+ // skip all content parts inside the message/rfc822 part in DRAFT/EDIT mode
+ foreach ($messages as $mimeid) {
+ if (strpos($part->mime_id, $mimeid . '.') === 0) {
+ continue 2;
+ }
}
if ($part_body = rcmail_compose_part_body($part, $isHtml)) {
@@ -710,7 +722,7 @@
function rcmail_compose_part_body($part, $isHtml = false)
{
- global $RCMAIL, $MESSAGE, $compose_mode;
+ global $RCMAIL, $MESSAGE, $LINE_LENGTH, $compose_mode;
// Check if we have enough memory to handle the message in it
// #1487424: we need up to 10x more memory than the body
@@ -747,6 +759,11 @@
$body = rcmail_remove_signature($body);
}
}
+
+ if ($part->ctype_parameters['format'] == 'flowed') {
+ $body = rcube_mime::unfold_flowed($body);
+ }
+
// add HTML formatting
$body = rcmail_plain_body($body);
if ($body) {
@@ -764,11 +781,8 @@
// use html part if it has been used for message (pre)viewing
// decrease line length for quoting
$len = $compose_mode == RCUBE_COMPOSE_REPLY ? $LINE_LENGTH-2 : $LINE_LENGTH;
- $txt = new html2text($body, false, true, $len);
+ $txt = new rcube_html2text($body, false, true, $len);
$body = $txt->get_text();
- }
- else if ($part->ctype_secondary == 'enriched') {
- $body = rcube_enriched::to_html($body);
}
else {
if ($part->ctype_secondary == 'plain' && $part->ctype_parameters['format'] == 'flowed') {
@@ -789,7 +803,7 @@
function rcmail_compose_body($attrib)
{
- global $RCMAIL, $CONFIG, $OUTPUT, $MESSAGE, $compose_mode, $LINE_LENGTH, $HTML_MODE, $MESSAGE_BODY;
+ global $RCMAIL, $CONFIG, $OUTPUT, $MESSAGE, $compose_mode, $HTML_MODE, $MESSAGE_BODY;
list($form_start, $form_end) = get_form_tags($attrib);
unset($attrib['form']);
@@ -973,8 +987,7 @@
if (!isset($COMPOSE['forward_attachments']) && is_array($MESSAGE->mime_parts))
$cid_map = rcmail_write_compose_attachments($MESSAGE, $bodyIsHtml);
- $date = format_date($MESSAGE->headers->date, $RCMAIL->config->get('date_long'));
- $charset = $RCMAIL->output->get_charset();
+ $date = format_date($MESSAGE->headers->date, $RCMAIL->config->get('date_long'));
if (!$bodyIsHtml) {
$prefix = "\n\n\n-------- " . rcube_label('originalmessage') . " --------\n";
@@ -983,10 +996,10 @@
$prefix .= rcube_label('from') . ': ' . $MESSAGE->get_header('from') . "\n";
$prefix .= rcube_label('to') . ': ' . $MESSAGE->get_header('to') . "\n";
- if ($MESSAGE->headers->cc)
- $prefix .= rcube_label('cc') . ': ' . $MESSAGE->get_header('cc') . "\n";
- if ($MESSAGE->headers->replyto && $MESSAGE->headers->replyto != $MESSAGE->headers->from)
- $prefix .= rcube_label('replyto') . ': ' . $MESSAGE->get_header('replyto') . "\n";
+ if ($cc = $MESSAGE->headers->get('cc'))
+ $prefix .= rcube_label('cc') . ': ' . $cc . "\n";
+ if (($replyto = $MESSAGE->headers->get('reply-to')) && $replyto != $MESSAGE->get_header('from'))
+ $prefix .= rcube_label('replyto') . ': ' . $replyto . "\n";
$prefix .= "\n";
$body = trim($body, "\r\n");
@@ -1009,15 +1022,13 @@
rcube_label('from'), Q($MESSAGE->get_header('from'), 'replace'),
rcube_label('to'), Q($MESSAGE->get_header('to'), 'replace'));
- if ($MESSAGE->headers->cc)
+ if ($cc = $MESSAGE->headers->get('cc'))
$prefix .= sprintf("<tr><th align=\"right\" nowrap=\"nowrap\" valign=\"baseline\">%s: </th><td>%s</td></tr>",
- rcube_label('cc'),
- Q($MESSAGE->get_header('cc'), 'replace'));
+ rcube_label('cc'), Q($cc, 'replace'));
- if ($MESSAGE->headers->replyto && $MESSAGE->headers->replyto != $MESSAGE->headers->from)
+ if (($replyto = $MESSAGE->headers->get('reply-to')) && $replyto != $MESSAGE->get_header('from'))
$prefix .= sprintf("<tr><th align=\"right\" nowrap=\"nowrap\" valign=\"baseline\">%s: </th><td>%s</td></tr>",
- rcube_label('replyto'),
- Q($MESSAGE->get_header('replyto'), 'replace'));
+ rcube_label('replyto'), Q($replyto, 'replace'));
$prefix .= "</tbody></table><br>";
}
@@ -1028,7 +1039,7 @@
function rcmail_create_draft_body($body, $bodyIsHtml)
{
- global $MESSAGE, $OUTPUT, $COMPOSE;
+ global $MESSAGE, $COMPOSE;
/**
* add attachments
@@ -1039,10 +1050,19 @@
&& count($MESSAGE->mime_parts) > 0)
{
$cid_map = rcmail_write_compose_attachments($MESSAGE, $bodyIsHtml);
+ }
+
+ // clean up HTML tags - XSS prevention (#1489251)
+ if ($bodyIsHtml) {
+ $body = rcmail_wash_html($body, array('safe' => 1), $cid_map);
+
+ // remove comments (produced by washtml)
+ $body = preg_replace('/<!--[^>]+-->/', '', $body);
// replace cid with href in inline images links
- if ($cid_map)
+ if (!empty($cid_map)) {
$body = str_replace(array_keys($cid_map), array_values($cid_map), $body);
+ }
}
return $body;
@@ -1075,34 +1095,51 @@
{
global $RCMAIL, $COMPOSE, $compose_mode;
- $cid_map = $messages = array();
+ $loaded_attachments = array();
+ foreach ((array)$COMPOSE['attachments'] as $attachment) {
+ $loaded_attachments[$attachment['name'] . $attachment['mimetype']] = $attachment;
+ }
+
+ $cid_map = array();
+ $messages = array();
+
foreach ((array)$message->mime_parts as $pid => $part)
{
if ($part->disposition == 'attachment' || ($part->disposition == 'inline' && $bodyIsHtml) || $part->filename) {
- if ($part->ctype_primary == 'message' || $part->ctype_primary == 'multipart') {
+ // skip parts that aren't valid attachments
+ if ($part->ctype_primary == 'multipart' || $part->mimetype == 'application/ms-tnef') {
continue;
}
- if ($part->mimetype == 'application/ms-tnef') {
+ // skip message attachments in reply mode
+ if ($part->ctype_primary == 'message' && $compose_mode == RCUBE_COMPOSE_REPLY) {
continue;
}
- // skip inline images when forwarding in plain text
- if ($part->content_id && !$bodyIsHtml && $compose_mode == RCUBE_COMPOSE_FORWARD) {
+ // skip inline images when forwarding in text mode
+ if ($part->content_id && $part->disposition == 'inline' && !$bodyIsHtml && $compose_mode == RCUBE_COMPOSE_FORWARD) {
continue;
}
- $skip = false;
+ // skip message/rfc822 attachments on forwards (#1489214)
+ // Thunderbird when forwarding in inline mode displays such attachments
+ // and skips any attachments from inside of such part, this however
+ // skipped e.g. images used in HTML body or other attachments. So,
+ // better to skip .eml attachments but not their content (included files).
if ($part->mimetype == 'message/rfc822') {
+ if ($compose_mode == RCUBE_COMPOSE_FORWARD) {
+ continue;
+ }
$messages[] = $part->mime_id;
- } else if ($messages) {
+ }
+ else if ($compose_mode != RCUBE_COMPOSE_FORWARD) {
// skip attachments included in message/rfc822 attachment (#1486487)
foreach ($messages as $mimeid)
- if (strpos($part->mime_id, $mimeid.'.') === 0) {
- $skip = true;
- break;
+ if (strpos($part->mime_id, $mimeid . '.') === 0) {
+ continue 2;
}
}
- if (!$skip && ($attachment = rcmail_save_attachment($message, $pid))) {
+ if (($attachment = $loaded_attachments[rcmail_attachment_name($part) . $part->mimetype])
+ || ($attachment = rcmail_save_attachment($message, $pid))) {
$COMPOSE['attachments'][$attachment['id']] = $attachment;
if ($bodyIsHtml && ($part->content_id || $part->content_location)) {
$url = sprintf('%s&_id=%s&_action=display-attachment&_file=rcmfile%s',
@@ -1154,6 +1191,11 @@
$curr_mem = function_exists('memory_get_usage') ? memory_get_usage() : 16*1024*1024; // safe value: 16MB
$names = array();
+ $loaded_attachments = array();
+ foreach ((array)$COMPOSE['attachments'] as $attachment) {
+ $loaded_attachments[$attachment['name'] . $attachment['mimetype']] = $attachment;
+ }
+
if ($COMPOSE['forward_uid'] == '*') {
$index = $storage->index(null, rcmail_sort_column(), rcmail_sort_order());
$COMPOSE['forward_uid'] = $index->get();
@@ -1187,6 +1229,10 @@
$name .= '.eml';
$data = $path = null;
+
+ if (!empty($loaded_attachments[$name . 'message/rfc822'])) {
+ continue;
+ }
// don't load too big attachments into memory
if ($mem_limit > 0 && $message->size > $mem_limit - $curr_mem) {
@@ -1251,16 +1297,7 @@
}
$mimetype = $part->ctype_primary . '/' . $part->ctype_secondary;
- $filename = $part->filename;
- if (!strlen($filename)) {
- if ($mimetype == 'text/html') {
- $filename = rcube_label('htmlmessage');
- }
- else {
- $filename = 'Part_'.$pid;
- }
- $filename .= '.' . $part->ctype_secondary;
- }
+ $filename = rcmail_attachment_name($part);
$attachment = array(
'group' => $COMPOSE['id'],
@@ -1290,10 +1327,11 @@
// handle attachments in memory
$data = file_get_contents($path);
+ $name = rcmail_basename($path);
$attachment = array(
'group' => $COMPOSE['id'],
- 'name' => rcmail_basename($path),
+ 'name' => $name,
'mimetype' => $mimetype ? $mimetype : rc_mime_content_type($path, $name),
'data' => $data,
'size' => strlen($data),
@@ -1374,8 +1412,9 @@
if (!$attrib['id'])
$attrib['id'] = 'rcmAttachmentList';
- $out = "\n";
+ $out = "\n";
$jslist = array();
+ $button = '';
if (is_array($COMPOSE['attachments'])) {
if ($attrib['deleteicon']) {
@@ -1384,27 +1423,38 @@
'alt' => rcube_label('delete')
));
}
- else
+ else if (rcube_utils::get_boolean($attrib['textbuttons'])) {
$button = Q(rcube_label('delete'));
+ }
foreach ($COMPOSE['attachments'] as $id => $a_prop) {
if (empty($a_prop))
continue;
- $out .= html::tag('li', array('id' => 'rcmfile'.$id, 'class' => rcmail_filetype2classname($a_prop['mimetype'], $a_prop['name'])),
+ $out .= html::tag('li',
+ array(
+ 'id' => 'rcmfile'.$id,
+ 'class' => rcmail_filetype2classname($a_prop['mimetype'], $a_prop['name']),
+ 'onmouseover' => "rcube_webmail.long_subject_title_ex(this, 0)",
+ ),
html::a(array(
'href' => "#delete",
'title' => rcube_label('delete'),
'onclick' => sprintf("return %s.command('remove-attachment','rcmfile%s', this)", JS_OBJECT_NAME, $id),
- 'class' => 'delete'),
- $button) . Q($a_prop['name']));
+ 'class' => 'delete'
+ ),
+ $button
+ ) . Q($a_prop['name'])
+ );
- $jslist['rcmfile'.$id] = array('name' => $a_prop['name'], 'complete' => true, 'mimetype' => $a_prop['mimetype']);
+ $jslist['rcmfile'.$id] = array('name' => $a_prop['name'], 'complete' => true, 'mimetype' => $a_prop['mimetype']);
}
}
if ($attrib['deleteicon'])
$COMPOSE['deleteicon'] = $CONFIG['skin_path'] . $attrib['deleteicon'];
+ else if (rcube_utils::get_boolean($attrib['textbuttons']))
+ $COMPOSE['textbuttons'] = true;
if ($attrib['cancelicon'])
$OUTPUT->set_env('cancelicon', $CONFIG['skin_path'] . $attrib['cancelicon']);
if ($attrib['loadingicon'])
@@ -1431,7 +1481,7 @@
$out = html::div($attrib,
$OUTPUT->form_tag(array('id' => $attrib['id'].'Frm', 'name' => 'uploadform', 'method' => 'post', 'enctype' => 'multipart/form-data'),
- html::div(null, rcmail_compose_attachment_field(array('size' => $attrib['attachmentfieldsize']))) .
+ html::div(null, rcmail_compose_attachment_field()) .
html::div('hint', rcube_label(array('name' => 'maxuploadsize', 'vars' => array('size' => $max_filesize)))) .
(get_boolean($attrib['buttons']) ? html::div('buttons',
$button->show(rcube_label('close'), array('class' => 'button', 'onclick' => "$('#$attrib[id]').hide()")) . ' ' .
@@ -1445,7 +1495,7 @@
}
-function rcmail_compose_attachment_field($attrib)
+function rcmail_compose_attachment_field($attrib = array())
{
$attrib['type'] = 'file';
$attrib['name'] = '_attachments[]';
@@ -1471,17 +1521,17 @@
rcube_label('normal'),
rcube_label('high'),
rcube_label('highest')),
- array(5, 4, 0, 2, 1));
+ array('5', '4', '0', '2', '1'));
if (isset($_POST['_priority']))
$sel = $_POST['_priority'];
- else if (intval($MESSAGE->headers->priority) != 3)
- $sel = intval($MESSAGE->headers->priority);
+ else if (isset($MESSAGE->headers->priority) && intval($MESSAGE->headers->priority) != 3)
+ $sel = $MESSAGE->headers->priority;
else
$sel = 0;
$out = $form_start ? "$form_start\n" : '';
- $out .= $selector->show($sel);
+ $out .= $selector->show(strval($sel));
$out .= $form_end ? "\n$form_end" : '';
return $out;
@@ -1563,7 +1613,7 @@
$select->add(Q(rcube_label('plaintoggle')), 'plain');
return $select->show($useHtml ? 'html' : 'plain');
-
+/*
foreach ($choices as $value => $text) {
$attrib['id'] = '_' . $value;
$attrib['value'] = $value;
@@ -1571,6 +1621,7 @@
}
return $selector;
+*/
}
@@ -1664,7 +1715,7 @@
$class_name .= ' ' . $source['class_name'];
$out .= sprintf($line_templ,
- html_identifier($id),
+ html_identifier($id,true),
$class_name,
$source['id'],
$js_id, (!empty($source['name']) ? $source['name'] : $id));
--
Gitblit v1.9.1