From 63e7937d021ebd3aaa763f7e9a8403b22fec6a2c Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Thu, 10 Sep 2015 02:53:11 -0400
Subject: [PATCH] Change so rcube_message class does not depend on $_GET parameters
---
program/lib/Roundcube/rcube_message.php | 15 ++++++++-------
program/steps/mail/show.inc | 3 +--
program/steps/mail/get.inc | 4 +---
3 files changed, 10 insertions(+), 12 deletions(-)
diff --git a/program/lib/Roundcube/rcube_message.php b/program/lib/Roundcube/rcube_message.php
index 77d7476..884141a 100644
--- a/program/lib/Roundcube/rcube_message.php
+++ b/program/lib/Roundcube/rcube_message.php
@@ -69,26 +69,27 @@
*
* Provide a uid, and parse message structure.
*
- * @param string $uid The message UID.
- * @param string $folder Folder name
+ * @param string $uid The message UID.
+ * @param string $folder Folder name
+ * @param bool $is_safe Security flag
*
* @see self::$app, self::$storage, self::$opt, self::$parts
*/
- function __construct($uid, $folder = null)
+ function __construct($uid, $folder = null, $is_safe = false)
{
// decode combined UID-folder identifier
if (preg_match('/^\d+-.+/', $uid)) {
list($uid, $folder) = explode('-', $uid, 2);
}
- $this->uid = $uid;
- $this->app = rcube::get_instance();
+ $this->uid = $uid;
+ $this->app = rcube::get_instance();
$this->storage = $this->app->get_storage();
$this->folder = strlen($folder) ? $folder : $this->storage->get_folder();
- $this->storage->set_options(array('all_headers' => true));
// Set current folder
$this->storage->set_folder($this->folder);
+ $this->storage->set_options(array('all_headers' => true));
$this->headers = $this->storage->get_message($uid);
@@ -100,7 +101,7 @@
$this->subject = $this->headers->get('subject');
list(, $this->sender) = each($this->mime->decode_address_list($this->headers->from, 1));
- $this->set_safe((intval($_GET['_safe']) || $_SESSION['safe_messages'][$this->folder.':'.$uid]));
+ $this->set_safe($is_safe || $_SESSION['safe_messages'][$this->folder.':'.$uid]);
$this->opt = array(
'safe' => $this->is_safe,
'prefer_html' => $this->app->config->get('prefer_html'),
diff --git a/program/steps/mail/get.inc b/program/steps/mail/get.inc
index dc056f1..fba22f9 100644
--- a/program/steps/mail/get.inc
+++ b/program/steps/mail/get.inc
@@ -37,12 +37,11 @@
ob_end_clean();
-
// similar code as in program/steps/mail/show.inc
if (!empty($_GET['_uid'])) {
$uid = rcube_utils::get_input_value('_uid', rcube_utils::INPUT_GET);
$RCMAIL->config->set('prefer_html', true);
- $MESSAGE = new rcube_message($uid);
+ $MESSAGE = new rcube_message($uid, null, intval($_GET['_safe']));
}
// check connection status
@@ -108,7 +107,6 @@
exit;
}
-
else if (strlen($part_id)) {
if ($part = $MESSAGE->mime_parts[$part_id]) {
$mimetype = rcmail_fix_mimetype($part->mimetype);
diff --git a/program/steps/mail/show.inc b/program/steps/mail/show.inc
index cf3432a..af43fc8 100644
--- a/program/steps/mail/show.inc
+++ b/program/steps/mail/show.inc
@@ -46,13 +46,12 @@
$RCMAIL->config->set('prefer_html', $_SESSION['msg_formats'][$mbox_name.':'.$uid]);
}
- $MESSAGE = new rcube_message($uid);
+ $MESSAGE = new rcube_message($uid, $mbox_name, intval($_GET['_safe']));
// if message not found (wrong UID)...
if (empty($MESSAGE->headers)) {
rcmail_message_error($uid);
}
-
// show images?
rcmail_check_safe($MESSAGE);
--
Gitblit v1.9.1