From bd0551b22076b82a6d49e9f7a2b2e0c90a1b2326 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 05 Feb 2016 07:25:27 -0500
Subject: [PATCH] Secure also downloads of addressbook exports, managesieve script exports and Enigma keys exports
---
program/steps/addressbook/save.inc | 24 +++++++++++++-----------
1 files changed, 13 insertions(+), 11 deletions(-)
diff --git a/program/steps/addressbook/save.inc b/program/steps/addressbook/save.inc
index 4f30fd4..3f2a75c 100644
--- a/program/steps/addressbook/save.inc
+++ b/program/steps/addressbook/save.inc
@@ -1,6 +1,6 @@
<?php
-/*
+/**
+-----------------------------------------------------------------------+
| program/steps/addressbook/save.inc |
| |
@@ -124,7 +124,7 @@
else if ($tempfile = $_SESSION['contacts']['files'][$a_record['photo']]) {
$tempfile = $RCMAIL->plugins->exec_hook('attachment_get', $tempfile);
if ($tempfile['status'])
- $a_record['photo'] = $tempfile['data'] ? $tempfile['data'] : @file_get_contents($tempfile['path']);
+ $a_record['photo'] = $tempfile['data'] ?: @file_get_contents($tempfile['path']);
}
else
unset($a_record['photo']);
@@ -166,7 +166,7 @@
// define list of cols to be displayed
$a_js_cols = array();
- $record = $CONTACTS->get_record($newcid ? $newcid : $cid, true);
+ $record = $CONTACTS->get_record($newcid ?: $cid, true);
$record['email'] = reset($CONTACTS->get_col_values('email', $record, true));
$record['name'] = rcube_addressbook::compose_list_name($record);
@@ -186,7 +186,7 @@
else {
// show error message
$err = $CONTACTS->get_error();
- $OUTPUT->show_message($plugin['message'] ? $plugin['message'] : ($err['message'] ? $err['message'] : 'errorsaving'), 'error', null, false);
+ $OUTPUT->show_message($plugin['message'] ?: ($err['message'] ?: 'errorsaving'), 'error', null, false);
$RCMAIL->overwrite_action('show');
}
}
@@ -226,13 +226,15 @@
$plugin = $RCMAIL->plugins->exec_hook('group_addmembers', array(
'group_id' => $CONTACTS->group_id, 'ids' => $insert_id, 'source' => $source));
- $counts = $CONTACTS->count();
-
if (!$plugin['abort']) {
- if (($maxnum = $RCMAIL->config->get('max_group_members', 0)) && ($counts->count + 1 > $maxnum))
- $OUTPUT->show_message('maxgroupmembersreached', 'warning', array('max' => $maxnum));
-
- $CONTACTS->add_to_group($plugin['group_id'], $plugin['ids']);
+ if (($maxnum = $RCMAIL->config->get('max_group_members', 0)) && ($CONTACTS->count()->count + 1 > $maxnum)) {
+ // @FIXME: should we remove the contact?
+ $msgtext = $RCMAIL->gettext(array('name' => 'maxgroupmembersreached', 'vars' => array('max' => $maxnum)));
+ $OUTPUT->command('parent.display_message', $msgtext, 'warning');
+ }
+ else {
+ $CONTACTS->add_to_group($plugin['group_id'], $plugin['ids']);
+ }
}
}
@@ -247,7 +249,7 @@
else {
// show error message
$err = $CONTACTS->get_error();
- $OUTPUT->show_message($plugin['message'] ? $plugin['message'] : ($err['message'] ? $err['message'] : 'errorsaving'), 'error', null, false);
+ $OUTPUT->show_message($plugin['message'] ?: ($err['message'] ?: 'errorsaving'), 'error', null, false);
$RCMAIL->overwrite_action('add');
}
}
--
Gitblit v1.9.1