From a366a323b5d78f453b4988be576e6520957c9488 Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Mon, 13 Jul 2009 14:52:15 -0400
Subject: [PATCH] Prevent from endless loops in render_page hook
---
program/include/rcube_template.php | 36 ++++++++++++++++++++++++++++++------
1 files changed, 30 insertions(+), 6 deletions(-)
diff --git a/program/include/rcube_template.php b/program/include/rcube_template.php
index 8c0a8d0..3825080 100755
--- a/program/include/rcube_template.php
+++ b/program/include/rcube_template.php
@@ -201,7 +201,9 @@
*/
public function command()
{
- $this->js_commands[] = func_get_args();
+ $cmd = func_get_args();
+ if (strpos($cmd[0], 'plugin.') === false)
+ $this->js_commands[] = $cmd;
}
@@ -285,6 +287,11 @@
public function send($templ = null, $exit = true)
{
if ($templ != 'iframe') {
+ // prevent from endless loops
+ if ($this->app->plugins->is_processing('render_page')) {
+ raise_error(array('code' => 505, 'type' => 'php', 'message' => 'Recursion alert: ignoring output->send()'), true, false);
+ return;
+ }
$this->parse($templ, false);
}
else {
@@ -292,6 +299,10 @@
$this->write();
}
+ // set output asap
+ ob_flush();
+ flush();
+
if ($exit) {
exit;
}
@@ -369,15 +380,19 @@
// parse for specialtags
$output = $this->parse_conditions($templ);
$output = $this->parse_xml($output);
+
+ // trigger generic hook where plugins can put additional content to the page
+ $hook = $this->app->plugins->exec_hook("render_page", array('template' => $name, 'content' => $output));
// add debug console
if ($this->config['debug_level'] & 8) {
- $this->add_footer('<div style="position:absolute;top:5px;left:5px;width:405px;padding:2px;background:white;opacity:0.8;filter:alpha(opacity=80);z-index:9000">
+ $this->add_footer('<div id="console" style="position:absolute;top:5px;left:5px;width:405px;padding:2px;background:white;z-index:9000;">
<a href="#toggle" onclick="con=document.getElementById(\'dbgconsole\');con.style.display=(con.style.display==\'none\'?\'block\':\'none\');return false">console</a>
<form action="/" name="debugform" style="display:inline"><textarea name="console" id="dbgconsole" rows="20" cols="40" wrap="off" style="display:none;width:400px;border:none;font-size:x-small" spellcheck="false"></textarea></form></div>'
);
}
- $output = $this->parse_with_globals($output);
+
+ $output = $this->parse_with_globals($hook['content']);
$this->write(trim($output));
if ($exit) {
exit;
@@ -433,6 +448,7 @@
*/
private function parse_with_globals($input)
{
+ $GLOBALS['__version'] = Q(RCMAIL_VERSION);
$GLOBALS['__comm_path'] = Q($this->app->comm_path);
return preg_replace('/\$(__[a-z0-9_\-]+)/e', '$GLOBALS["\\1"]', $input);
}
@@ -516,14 +532,16 @@
'/config:([a-z0-9_]+)(:([a-z0-9_]+))?/i',
'/env:([a-z0-9_]+)/i',
'/request:([a-z0-9_]+)/i',
- '/cookie:([a-z0-9_]+)/i'
+ '/cookie:([a-z0-9_]+)/i',
+ '/browser:([a-z0-9_]+)/i'
),
array(
"\$_SESSION['\\1']",
"\$this->app->config->get('\\1',get_boolean('\\3'))",
"\$this->env['\\1']",
"get_input_value('\\1', RCUBE_INPUT_GPC)",
- "\$_COOKIE['\\1']"
+ "\$_COOKIE['\\1']",
+ "\$this->browser->{'\\1'}"
),
$expression);
}
@@ -677,6 +695,9 @@
case 'cookie':
$value = htmlspecialchars($_COOKIE[$name]);
break;
+ case 'browser':
+ $value = $this->browser->{$name};
+ break;
}
if (is_array($value)) {
@@ -797,6 +818,9 @@
else if (in_array($attrib['command'], $a_static_commands)) {
$attrib['href'] = rcmail_url($attrib['command']);
}
+ else if ($attrib['command'] == 'permaurl' && !empty($this->env['permaurl'])) {
+ $attrib['href'] = $this->env['permaurl'];
+ }
}
// overwrite attributes
@@ -958,7 +982,7 @@
// save original url
$url = get_input_value('_url', RCUBE_INPUT_POST);
- if (empty($url) && !preg_match('/_action=logout/', $_SERVER['QUERY_STRING']))
+ if (empty($url) && !preg_match('/_(task|action)=logout/', $_SERVER['QUERY_STRING']))
$url = $_SERVER['QUERY_STRING'];
$input_user = new html_inputfield(array('name' => '_user', 'id' => 'rcmloginuser', 'size' => 30) + $attrib);
--
Gitblit v1.9.1