From b4b3777c92457cd2caf6a988e530942f70bc4f54 Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Mon, 28 Nov 2011 10:55:21 -0500
Subject: [PATCH] Set (empty) value of member attribute when creating a new group

---
 index.php |   17 +++++++++++++----
 1 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/index.php b/index.php
index 001e6f5..550ee0c 100644
--- a/index.php
+++ b/index.php
@@ -2,7 +2,7 @@
 /*
  +-------------------------------------------------------------------------+
  | Roundcube Webmail IMAP Client                                           |
- | Version 0.6-svn                                                         |
+ | Version 0.8-svn                                                         |
  |                                                                         |
  | Copyright (C) 2005-2011, The Roundcube Dev Team                         |
  |                                                                         |
@@ -32,6 +32,9 @@
 
 // init application, start session, init output class, etc.
 $RCMAIL = rcmail::get_instance();
+
+// Make the whole PHP output non-cacheable (#1487797)
+send_nocacheing_headers();
 
 // turn on output buffering
 ob_start();
@@ -155,7 +158,7 @@
 // not logged in -> show login page
 if (empty($RCMAIL->user->ID)) {
   // log session failures
-  if ($RCMAIL->task != 'login' && $RCMAIL->task != 'logout' && !$session_error && ($sess_id = $_COOKIE[ini_get('session.name')])) {
+  if (($task = get_input_value('_task', RCUBE_INPUT_GPC)) && !in_array($task, array('login','logout')) && !$session_error && ($sess_id = $_COOKIE[ini_get('session.name')])) {
     $RCMAIL->session->log("Aborted session " . $sess_id . "; no valid session data found");
     $session_error = true;
   }
@@ -177,7 +180,7 @@
       )
     );
   }
-  
+
   if ($session_error || $_REQUEST['_err'] == 'session')
     $OUTPUT->show_message('sessionerror', 'error', null, true, -1);
 
@@ -192,7 +195,7 @@
   // check client X-header to verify request origin
   if ($OUTPUT->ajax_call) {
     if (rc_request_header('X-Roundcube-Request') != $RCMAIL->get_request_token() && !$RCMAIL->config->get('devel_mode')) {
-      header('HTTP/1.1 404 Not Found');
+      header('HTTP/1.1 403 Forbidden');
       die("Invalid Request");
     }
   }
@@ -211,6 +214,12 @@
   }
 }
 
+// we're ready, user is authenticated and the request is safe
+$plugin = $RCMAIL->plugins->exec_hook('ready', array('task' => $RCMAIL->task, 'action' => $RCMAIL->action));
+$RCMAIL->set_task($plugin['task']);
+$RCMAIL->action = $plugin['action'];
+
+
 // handle special actions
 if ($RCMAIL->action == 'keep-alive') {
   $OUTPUT->reset();

--
Gitblit v1.9.1