From 5de338e45ebca0d055e0bb2a8df4db20fa61c6de Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Sat, 17 Oct 2015 07:38:36 -0400
Subject: [PATCH] Update changelog
---
program/include/rcmail.php | 67 +++++++++++++++++++++++----------
1 files changed, 47 insertions(+), 20 deletions(-)
diff --git a/program/include/rcmail.php b/program/include/rcmail.php
index 8b47a8d..918be18 100644
--- a/program/include/rcmail.php
+++ b/program/include/rcmail.php
@@ -174,9 +174,11 @@
// set localization
setlocale(LC_ALL, $lang . '.utf8', $lang . '.UTF-8', 'en_US.utf8', 'en_US.UTF-8');
- // workaround for http://bugs.php.net/bug.php?id=18556
- if (PHP_VERSION_ID < 50500 && in_array($lang, array('tr_TR', 'ku', 'az_AZ'))) {
- setlocale(LC_CTYPE, 'en_US.utf8', 'en_US.UTF-8');
+ // Workaround for http://bugs.php.net/bug.php?id=18556
+ // Also strtoupper/strtolower and other methods are locale-aware
+ // for these locales it is problematic (#1490519)
+ if (in_array($lang, array('tr_TR', 'ku', 'az_AZ'))) {
+ setlocale(LC_CTYPE, 'en_US.utf8', 'en_US.UTF-8', 'C');
}
}
@@ -590,6 +592,8 @@
// try to log in
if (!$storage->connect($host, $username, $pass, $port, $ssl)) {
+ // Wait a second to slow down brute-force attacks (#1490549)
+ sleep(1);
return false;
}
@@ -867,14 +871,6 @@
*/
public function request_security_check($mode = rcube_utils::INPUT_POST)
{
- // don't check for valid request tokens in these actions
- // @TODO: get rid of this
- $request_check_whitelist = array('spell'=>1, 'spell_html'=>1);
-
- if ($request_check_whitelist[$this->action]) {
- return;
- }
-
// check request token
if (!$this->check_request($mode)) {
self::raise_error(array(
@@ -1592,7 +1588,7 @@
// skip folders in which it isn't possible to create subfolders
if (!empty($opts['skip_noinferiors'])) {
$attrs = $this->storage->folder_attributes($folder['id']);
- if ($attrs && in_array('\\Noinferiors', $attrs)) {
+ if ($attrs && in_array_nocase('\\Noinferiors', $attrs)) {
continue;
}
}
@@ -1799,8 +1795,9 @@
* @param string $fallback Fallback message label
* @param array $fallback_args Fallback message label arguments
* @param string $suffix Message label suffix
+ * @param array $params Additional parameters (type, prefix)
*/
- public function display_server_error($fallback = null, $fallback_args = null, $suffix = '')
+ public function display_server_error($fallback = null, $fallback_args = null, $suffix = '', $params = array())
{
$err_code = $this->storage->get_error_code();
$res_code = $this->storage->get_response_code();
@@ -1821,13 +1818,13 @@
$error = 'errornoperm';
}
// try to detect full mailbox problem and display appropriate message
- // there can be e.g. "Quota exceeded" or "quotum would exceed"
- else if (stripos($err_str, 'quot') !== false && stripos($err_str, 'exceed') !== false) {
+ // there can be e.g. "Quota exceeded" / "quotum would exceed" / "Over quota"
+ else if (stripos($err_str, 'quot') !== false && preg_match('/exceed|over/i', $err_str)) {
$error = 'erroroverquota';
}
else {
$error = 'servererrormsg';
- $args = array('msg' => $err_str);
+ $args = array('msg' => rcube::Q($err_str));
}
}
else if ($err_code < 0) {
@@ -1836,13 +1833,21 @@
else if ($fallback) {
$error = $fallback;
$args = $fallback_args;
+ $params['prefix'] = false;
}
if ($error) {
if ($suffix && $this->text_exists($error . $suffix)) {
$error .= $suffix;
}
- $this->output->show_message($error, 'error', $args);
+
+ $msg = $this->gettext(array('name' => $error, 'vars' => $args));
+
+ if ($params['prefix'] && $fallback) {
+ $msg = $this->gettext(array('name' => $fallback, 'vars' => $fallback_args)) . ' ' . $msg;
+ }
+
+ $this->output->show_message($msg, $params['type'] ?: 'error');
}
}
@@ -2070,16 +2075,15 @@
if (!empty($_GET['_thumbnail'])) {
$temp_dir = $this->config->get('temp_dir');
$thumbnail_size = 80;
- list(,$ext) = explode('/', $file['mimetype']);
$mimetype = $file['mimetype'];
$file_ident = $file['id'] . ':' . $file['mimetype'] . ':' . $file['size'];
$cache_basename = $temp_dir . '/' . md5($file_ident . ':' . $this->user->ID . ':' . $thumbnail_size);
- $cache_file = $cache_basename . '.' . $ext;
+ $cache_file = $cache_basename . '.thumb';
// render thumbnail image if not done yet
if (!is_file($cache_file)) {
if (!$file['path']) {
- $orig_name = $filename = $cache_basename . '.orig.' . $ext;
+ $orig_name = $filename = $cache_basename . '.tmp';
file_put_contents($orig_name, $file['data']);
}
else {
@@ -2292,6 +2296,29 @@
return $result;
}
+ /**
+ * Get resource file content (with assets_dir support)
+ *
+ * @param string $name File name
+ */
+ public function get_resource_content($name)
+ {
+ if (!strpos($name, '/')) {
+ $name = "program/resources/$name";
+ }
+
+ $assets_dir = $this->config->get('assets_dir');
+
+ if ($assets_dir) {
+ $path = slashify($assets_dir) . $name;
+ if (@file_exists($path)) {
+ $name = $path;
+ }
+ }
+
+ return file_get_contents($name, false);
+ }
+
/************************************************************************
********* Deprecated methods (to be removed) *********
--
Gitblit v1.9.1