From bd0551b22076b82a6d49e9f7a2b2e0c90a1b2326 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 05 Feb 2016 07:25:27 -0500
Subject: [PATCH] Secure also downloads of addressbook exports, managesieve script exports and Enigma keys exports
---
program/lib/Roundcube/rcube_result_multifolder.php | 147 ++++++++++++++++++++++++++++++++++++-------------
1 files changed, 108 insertions(+), 39 deletions(-)
diff --git a/program/lib/Roundcube/rcube_result_multifolder.php b/program/lib/Roundcube/rcube_result_multifolder.php
index b5473b8..1bb153f 100644
--- a/program/lib/Roundcube/rcube_result_multifolder.php
+++ b/program/lib/Roundcube/rcube_result_multifolder.php
@@ -1,6 +1,6 @@
<?php
-/*
+/**
+-----------------------------------------------------------------------+
| This file is part of the Roundcube Webmail client |
| Copyright (C) 2005-2011, The Roundcube Dev Team |
@@ -26,15 +26,17 @@
*/
class rcube_result_multifolder
{
- public $multi = true;
- public $sets = array();
+ public $multi = true;
+ public $sets = array();
+ public $incomplete = false;
public $folder;
- protected $meta = array();
- protected $index = array();
+ protected $meta = array();
+ protected $index = array();
protected $folders = array();
+ protected $sdata = array();
+ protected $order = 'ASC';
protected $sorting;
- protected $order = 'ASC';
/**
@@ -43,9 +45,8 @@
public function __construct($folders = array())
{
$this->folders = $folders;
- $this->meta = array('count' => 0);
+ $this->meta = array('count' => 0);
}
-
/**
* Initializes object with SORT command response
@@ -54,15 +55,28 @@
*/
public function add($result)
{
- if ($count = $result->count()) {
- $this->sets[] = $result;
- $this->meta['count'] += $count;
+ $this->sets[] = $result;
- // append UIDs to global index
- $folder = $result->get_parameters('MAILBOX');
- $index = array_map(function($uid) use ($folder) { return $uid . '-' . $folder; }, $result->get());
- $this->index = array_merge($this->index, $index);
+ if ($result->count()) {
+ $this->append_result($result);
}
+ else if ($result->incomplete) {
+ $this->incomplete = true;
+ }
+ }
+
+ /**
+ * Append message UIDs from the given result to our index
+ */
+ protected function append_result($result)
+ {
+ $this->meta['count'] += $result->count();
+
+ // append UIDs to global index
+ $folder = $result->get_parameters('MAILBOX');
+ $index = array_map(function($uid) use ($folder) { return $uid . '-' . $folder; }, $result->get());
+
+ $this->index = array_merge($this->index, $index);
}
/**
@@ -76,7 +90,7 @@
}
$this->sorting = $sort_field;
- $this->order = $sort_order;
+ $this->order = $sort_order;
}
/**
@@ -89,7 +103,6 @@
return false;
}
-
/**
* Checks if the result is empty
*
@@ -100,7 +113,6 @@
return empty($this->sets) || $this->meta['count'] == 0;
}
-
/**
* Returns number of elements in the result
*
@@ -110,7 +122,6 @@
{
return $this->meta['count'];
}
-
/**
* Returns number of elements in the result.
@@ -123,26 +134,21 @@
return $this->count();
}
-
/**
* Reverts order of elements in the result
*/
public function revert()
{
$this->order = $this->order == 'ASC' ? 'DESC' : 'ASC';
- $this->index = array();
+ $this->index = array_reverse($this->index);
// revert order in all sub-sets
foreach ($this->sets as $set) {
if ($this->order != $set->get_parameters('ORDER')) {
$set->revert();
}
- $folder = $set->get_parameters('MAILBOX');
- $index = array_map(function($uid) use ($folder) { return $uid . '-' . $folder; }, $set->get());
- $this->index = array_merge($this->index, $index);
}
}
-
/**
* Check if the given message ID exists in the object
@@ -158,14 +164,14 @@
if (!empty($this->folder)) {
$msgid .= '-' . $this->folder;
}
+
return array_search($msgid, $this->index);
}
-
/**
* Filters data set. Removes elements listed in $ids list.
*
- * @param array $ids List of IDs to remove.
+ * @param array $ids List of IDs to remove.
* @param string $folder IMAP folder
*/
public function filter($ids = array(), $folder = null)
@@ -175,6 +181,7 @@
if ($set->get_parameters('MAILBOX') == $folder) {
$set->filter($ids);
}
+
$this->meta['count'] += $set->count();
}
}
@@ -182,9 +189,8 @@
/**
* Slices data set.
*
- * @param $offset Offset (as for PHP's array_slice())
- * @param $length Number of elements (as for PHP's array_slice())
- *
+ * @param int $offset Offset (as for PHP's array_slice())
+ * @param int $length Number of elements (as for PHP's array_slice())
*/
public function slice($offset, $length)
{
@@ -214,22 +220,20 @@
return $this->index;
}
-
/**
- * Return all messages in the result.
+ * Return all messages in the result in compressed form
*
- * @return array List of message IDs
+ * @return string List of message IDs in compressed form
*/
public function get_compressed()
{
return '';
}
-
/**
* Return result element at specified index
*
- * @param int|string $index Element's index or "FIRST" or "LAST"
+ * @param int|string $index Element's index or "FIRST" or "LAST"
*
* @return int Element value
*/
@@ -242,20 +246,19 @@
}
}
-
/**
* Returns response parameters, e.g. ESEARCH's MIN/MAX/COUNT/ALL/MODSEQ
* or internal data e.g. MAILBOX, ORDER
*
- * @param string $param Parameter name
+ * @param string $param Parameter name
*
* @return array|string Response parameters or parameter value
*/
public function get_parameters($param=null)
{
$params = array(
- 'SORT' => $this->sorting,
- 'ORDER' => $this->order,
+ 'SORT' => $this->sorting,
+ 'ORDER' => $this->order,
'MAILBOX' => $this->folders,
);
@@ -266,6 +269,23 @@
return $params;
}
+ /**
+ * Returns the stored result object for a particular folder
+ *
+ * @param string $folder Folder name
+ *
+ * @return false|object rcube_result_* instance of false if none found
+ */
+ public function get_set($folder)
+ {
+ foreach ($this->sets as $set) {
+ if ($set->get_parameters('MAILBOX') == $folder) {
+ return $set;
+ }
+ }
+
+ return false;
+ }
/**
* Returns length of internal data representation
@@ -276,4 +296,53 @@
{
return $this->count();
}
+
+
+ /* Serialize magic methods */
+
+ public function __sleep()
+ {
+ $this->sdata = array('incomplete' => array(), 'error' => array());
+
+ foreach ($this->sets as $set) {
+ if ($set->incomplete) {
+ $this->sdata['incomplete'][] = $set->get_parameters('MAILBOX');
+ }
+ else if ($set->is_error()) {
+ $this->sdata['error'][] = $set->get_parameters('MAILBOX');
+ }
+ }
+
+ return array('sdata', 'index', 'folders', 'sorting', 'order');
+ }
+
+ public function __wakeup()
+ {
+ $this->meta = array('count' => count($this->index));
+ $this->incomplete = count($this->sdata['incomplete']) > 0;
+
+ // restore result sets from saved index
+ $data = array();
+ foreach ($this->index as $item) {
+ list($uid, $folder) = explode('-', $item, 2);
+ $data[$folder] .= ' ' . $uid;
+ }
+
+ foreach ($this->folders as $folder) {
+ if (in_array($folder, $this->sdata['error'])) {
+ $data_str = null;
+ }
+ else {
+ $data_str = '* SORT' . $data[$folder];
+ }
+
+ $set = new rcube_result_index($folder, $data_str, strtoupper($this->order));
+
+ if (in_array($folder, $this->sdata['incomplete'])) {
+ $set->incomplete = true;
+ }
+
+ $this->sets[] = $set;
+ }
+ }
}
--
Gitblit v1.9.1