From bd0551b22076b82a6d49e9f7a2b2e0c90a1b2326 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 05 Feb 2016 07:25:27 -0500
Subject: [PATCH] Secure also downloads of addressbook exports, managesieve script exports and Enigma keys exports
---
program/lib/Roundcube/rcube_result_multifolder.php | 191 +++++++++++++++++++++++++++++++++++++++++------
1 files changed, 164 insertions(+), 27 deletions(-)
diff --git a/program/lib/Roundcube/rcube_result_multifolder.php b/program/lib/Roundcube/rcube_result_multifolder.php
index 8d7ae5d..1bb153f 100644
--- a/program/lib/Roundcube/rcube_result_multifolder.php
+++ b/program/lib/Roundcube/rcube_result_multifolder.php
@@ -1,6 +1,6 @@
<?php
-/*
+/**
+-----------------------------------------------------------------------+
| This file is part of the Roundcube Webmail client |
| Copyright (C) 2005-2011, The Roundcube Dev Team |
@@ -26,21 +26,27 @@
*/
class rcube_result_multifolder
{
- public $multi = true;
- public $sets = array();
+ public $multi = true;
+ public $sets = array();
+ public $incomplete = false;
+ public $folder;
- protected $meta = array();
- protected $order = 'ASC';
+ protected $meta = array();
+ protected $index = array();
+ protected $folders = array();
+ protected $sdata = array();
+ protected $order = 'ASC';
+ protected $sorting;
/**
* Object constructor.
*/
- public function __construct()
+ public function __construct($folders = array())
{
- $this->meta = array('count' => 0);
+ $this->folders = $folders;
+ $this->meta = array('count' => 0);
}
-
/**
* Initializes object with SORT command response
@@ -50,9 +56,42 @@
public function add($result)
{
$this->sets[] = $result;
- $this->meta['count'] += $result->count();
+
+ if ($result->count()) {
+ $this->append_result($result);
+ }
+ else if ($result->incomplete) {
+ $this->incomplete = true;
+ }
}
+ /**
+ * Append message UIDs from the given result to our index
+ */
+ protected function append_result($result)
+ {
+ $this->meta['count'] += $result->count();
+
+ // append UIDs to global index
+ $folder = $result->get_parameters('MAILBOX');
+ $index = array_map(function($uid) use ($folder) { return $uid . '-' . $folder; }, $result->get());
+
+ $this->index = array_merge($this->index, $index);
+ }
+
+ /**
+ * Store a global index of (sorted) message UIDs
+ */
+ public function set_message_index($headers, $sort_field, $sort_order)
+ {
+ $this->index = array();
+ foreach ($headers as $header) {
+ $this->index[] = $header->uid . '-' . $header->folder;
+ }
+
+ $this->sorting = $sort_field;
+ $this->order = $sort_order;
+ }
/**
* Checks the result from IMAP command
@@ -64,7 +103,6 @@
return false;
}
-
/**
* Checks if the result is empty
*
@@ -75,7 +113,6 @@
return empty($this->sets) || $this->meta['count'] == 0;
}
-
/**
* Returns number of elements in the result
*
@@ -85,7 +122,6 @@
{
return $this->meta['count'];
}
-
/**
* Returns number of elements in the result.
@@ -98,15 +134,21 @@
return $this->count();
}
-
/**
* Reverts order of elements in the result
*/
public function revert()
{
$this->order = $this->order == 'ASC' ? 'DESC' : 'ASC';
- }
+ $this->index = array_reverse($this->index);
+ // revert order in all sub-sets
+ foreach ($this->sets as $set) {
+ if ($this->order != $set->get_parameters('ORDER')) {
+ $set->revert();
+ }
+ }
+ }
/**
* Check if the given message ID exists in the object
@@ -119,14 +161,17 @@
*/
public function exists($msgid, $get_index = false)
{
- return false;
- }
+ if (!empty($this->folder)) {
+ $msgid .= '-' . $this->folder;
+ }
+ return array_search($msgid, $this->index);
+ }
/**
* Filters data set. Removes elements listed in $ids list.
*
- * @param array $ids List of IDs to remove.
+ * @param array $ids List of IDs to remove.
* @param string $folder IMAP folder
*/
public function filter($ids = array(), $folder = null)
@@ -136,8 +181,23 @@
if ($set->get_parameters('MAILBOX') == $folder) {
$set->filter($ids);
}
+
$this->meta['count'] += $set->count();
}
+ }
+
+ /**
+ * Slices data set.
+ *
+ * @param int $offset Offset (as for PHP's array_slice())
+ * @param int $length Number of elements (as for PHP's array_slice())
+ */
+ public function slice($offset, $length)
+ {
+ $data = array_slice($this->get(), $offset, $length);
+
+ $this->index = $data;
+ $this->meta['count'] = count($data);
}
/**
@@ -157,47 +217,75 @@
*/
public function get()
{
- return array();
+ return $this->index;
}
-
/**
- * Return all messages in the result.
+ * Return all messages in the result in compressed form
*
- * @return array List of message IDs
+ * @return string List of message IDs in compressed form
*/
public function get_compressed()
{
return '';
}
-
/**
* Return result element at specified index
*
- * @param int|string $index Element's index or "FIRST" or "LAST"
+ * @param int|string $index Element's index or "FIRST" or "LAST"
*
* @return int Element value
*/
- public function get_element($index)
+ public function get_element($idx)
{
- return null;
+ switch ($idx) {
+ case 'FIRST': return $this->index[0];
+ case 'LAST': return end($this->index);
+ default: return $this->index[$idx];
+ }
}
-
/**
* Returns response parameters, e.g. ESEARCH's MIN/MAX/COUNT/ALL/MODSEQ
* or internal data e.g. MAILBOX, ORDER
*
- * @param string $param Parameter name
+ * @param string $param Parameter name
*
* @return array|string Response parameters or parameter value
*/
public function get_parameters($param=null)
{
+ $params = array(
+ 'SORT' => $this->sorting,
+ 'ORDER' => $this->order,
+ 'MAILBOX' => $this->folders,
+ );
+
+ if ($param !== null) {
+ return $params[$param];
+ }
+
return $params;
}
+ /**
+ * Returns the stored result object for a particular folder
+ *
+ * @param string $folder Folder name
+ *
+ * @return false|object rcube_result_* instance of false if none found
+ */
+ public function get_set($folder)
+ {
+ foreach ($this->sets as $set) {
+ if ($set->get_parameters('MAILBOX') == $folder) {
+ return $set;
+ }
+ }
+
+ return false;
+ }
/**
* Returns length of internal data representation
@@ -208,4 +296,53 @@
{
return $this->count();
}
+
+
+ /* Serialize magic methods */
+
+ public function __sleep()
+ {
+ $this->sdata = array('incomplete' => array(), 'error' => array());
+
+ foreach ($this->sets as $set) {
+ if ($set->incomplete) {
+ $this->sdata['incomplete'][] = $set->get_parameters('MAILBOX');
+ }
+ else if ($set->is_error()) {
+ $this->sdata['error'][] = $set->get_parameters('MAILBOX');
+ }
+ }
+
+ return array('sdata', 'index', 'folders', 'sorting', 'order');
+ }
+
+ public function __wakeup()
+ {
+ $this->meta = array('count' => count($this->index));
+ $this->incomplete = count($this->sdata['incomplete']) > 0;
+
+ // restore result sets from saved index
+ $data = array();
+ foreach ($this->index as $item) {
+ list($uid, $folder) = explode('-', $item, 2);
+ $data[$folder] .= ' ' . $uid;
+ }
+
+ foreach ($this->folders as $folder) {
+ if (in_array($folder, $this->sdata['error'])) {
+ $data_str = null;
+ }
+ else {
+ $data_str = '* SORT' . $data[$folder];
+ }
+
+ $set = new rcube_result_index($folder, $data_str, strtoupper($this->order));
+
+ if (in_array($folder, $this->sdata['incomplete'])) {
+ $set->incomplete = true;
+ }
+
+ $this->sets[] = $set;
+ }
+ }
}
--
Gitblit v1.9.1