From cf58ce8512f389f9b9c1bad3fe6dfcb293163f15 Mon Sep 17 00:00:00 2001
From: alecpl <alec@alec.pl>
Date: Fri, 29 Apr 2011 14:36:40 -0400
Subject: [PATCH] - Fix a bug where selecting too many contacts would produce too large URI request (#1487892)

---
 CHANGELOG                            |    1 +
 program/steps/addressbook/mailto.inc |    4 ++--
 program/js/app.js                    |   15 ++++++---------
 3 files changed, 9 insertions(+), 11 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index c3495cd..fca1ce7 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
 CHANGELOG Roundcube Webmail
 ===========================
 
+- Fix a bug where selecting too many contacts would produce too large URI request (#1487892)
 - Fix relative URLs handling according to a <base> in HTML (#1487889)
 - Fix handling of top-level domains with more than 5 chars or unicode chars (#1487883)
 - Fix usage of non-standard HTTP error codes (#1487797)
diff --git a/program/js/app.js b/program/js/app.js
index 2633556..e83f337 100644
--- a/program/js/app.js
+++ b/program/js/app.js
@@ -808,10 +808,10 @@
       case 'compose':
         var url = this.env.comm_path+'&_action=compose';
 
-        if (this.task=='mail') {
+        if (this.task == 'mail') {
           url += '&_mbox='+urlencode(this.env.mailbox);
 
-          if (this.env.mailbox==this.env.drafts_mailbox) {
+          if (this.env.mailbox == this.env.drafts_mailbox) {
             var uid;
             if (uid = this.get_single_uid())
               url += '&_draft_uid='+uid;
@@ -820,7 +820,7 @@
              url += '&_to='+urlencode(props);
         }
         // modify url if we're in addressbook
-        else if (this.task=='addressbook') {
+        else if (this.task == 'addressbook') {
           // switch to mail compose step directly
           if (props && props.indexOf('@') > 0) {
             url = this.get_task_url('mail', url);
@@ -829,24 +829,21 @@
           }
 
           // use contact_id passed as command parameter
-          var a_cids = [];
+          var n, len, a_cids = [];
           if (props)
             a_cids.push(props);
           // get selected contacts
           else if (this.contact_list) {
             var selection = this.contact_list.get_selection();
-            for (var n=0; n<selection.length; n++)
+            for (n=0, len=selection.length; n<len; n++)
               a_cids.push(selection[n]);
           }
 
           if (a_cids.length)
-            this.http_request('mailto', '_cid='+urlencode(a_cids.join(','))+'&_source='+urlencode(this.env.source), true);
+            this.http_post('mailto', {_cid: a_cids.join(','), _source: this.env.source}, true);
 
           break;
         }
-
-        // don't know if this is necessary...
-        url = url.replace(/&_framed=1/, '');
 
         this.redirect(url);
         break;
diff --git a/program/steps/addressbook/mailto.inc b/program/steps/addressbook/mailto.inc
index 702e1a6..e4f2801 100644
--- a/program/steps/addressbook/mailto.inc
+++ b/program/steps/addressbook/mailto.inc
@@ -19,14 +19,14 @@
 
 */
 
-$cid = get_input_value('_cid', RCUBE_INPUT_GET);
+$cid = get_input_value('_cid', RCUBE_INPUT_POST);
 $recipients = null;
 $mailto = array();
 
 if ($cid && preg_match('/^[a-z0-9\+\/=_-]+(,[a-z0-9\+\/=_-]+)*$/i', $cid) && $CONTACTS->ready)
 {
   $CONTACTS->set_page(1);
-  $CONTACTS->set_pagesize(100);
+  $CONTACTS->set_pagesize(substr_count($cid, ',')+2); // +2 to skip counting query
   $recipients = $CONTACTS->search($CONTACTS->primary_key, $cid);
 
   while (is_object($recipients) && ($rec = $recipients->iterate())) {

--
Gitblit v1.9.1