From bd0551b22076b82a6d49e9f7a2b2e0c90a1b2326 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 05 Feb 2016 07:25:27 -0500
Subject: [PATCH] Secure also downloads of addressbook exports, managesieve script exports and Enigma keys exports

---
 program/lib/Roundcube/rcube_contacts.php |    7 ++++---
 1 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/program/lib/Roundcube/rcube_contacts.php b/program/lib/Roundcube/rcube_contacts.php
index 2c37c70..5ac5759 100644
--- a/program/lib/Roundcube/rcube_contacts.php
+++ b/program/lib/Roundcube/rcube_contacts.php
@@ -281,7 +281,7 @@
     /**
      * Search contacts
      *
-     * @param mixed   $fields   The field name of array of field names to search in
+     * @param mixed   $fields   The field name or array of field names to search in
      * @param mixed   $value    Search value (or array of values when $fields is array)
      * @param int     $mode     Matching mode:
      *                          0 - partial (*abc*),
@@ -349,7 +349,8 @@
         }
         else {
             // require each word in to be present in one of the fields
-            foreach (rcube_utils::tokenize_string($value, 1) as $word) {
+            $words = $mode == 1 ? array($value) : rcube_utils::tokenize_string($value, 1);
+            foreach ($words as $word) {
                 $groups = array();
                 foreach ((array)$fields as $idx => $col) {
                     $groups[] = $this->fulltext_sql_where($word, $mode, $col);
@@ -740,7 +741,7 @@
         $words = '';
 
         // copy values into vcard object
-        $vcard = new rcube_vcard($record['vcard'] ? $record['vcard'] : $save_data['vcard'], RCUBE_CHARSET, false, $this->vcard_fieldmap);
+        $vcard = new rcube_vcard($record['vcard'] ?: $save_data['vcard'], RCUBE_CHARSET, false, $this->vcard_fieldmap);
         $vcard->reset();
 
         // don't store groups in vCard (#1490277)

--
Gitblit v1.9.1