From bd0551b22076b82a6d49e9f7a2b2e0c90a1b2326 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 05 Feb 2016 07:25:27 -0500
Subject: [PATCH] Secure also downloads of addressbook exports, managesieve script exports and Enigma keys exports
---
program/steps/addressbook/show.inc | 46 ++++++++++++++++++++++++++++------------------
1 files changed, 28 insertions(+), 18 deletions(-)
diff --git a/program/steps/addressbook/show.inc b/program/steps/addressbook/show.inc
index e6a515b..35f381d 100644
--- a/program/steps/addressbook/show.inc
+++ b/program/steps/addressbook/show.inc
@@ -1,11 +1,11 @@
<?php
-/*
+/**
+-----------------------------------------------------------------------+
| program/steps/addressbook/show.inc |
| |
| This file is part of the Roundcube Webmail client |
- | Copyright (C) 2005-2012, The Roundcube Dev Team |
+ | Copyright (C) 2005-2013, The Roundcube Dev Team |
| |
| Licensed under the GNU General Public License version 3 or |
| any later version with exceptions for skins & plugins. |
@@ -32,11 +32,24 @@
if ($cid && ($record = $CONTACTS->get_record($cid, true))) {
$OUTPUT->set_env('readonly', $CONTACTS->readonly || $record['readonly']);
$OUTPUT->set_env('cid', $record['ID']);
- $OUTPUT->set_env('compose_extwin', $RCMAIL->config->get('compose_extwin',false));
+
+ // remember current search request ID (if in search mode)
+ if ($search = rcube_utils::get_input_value('_search', rcube_utils::INPUT_GET)) {
+ $OUTPUT->set_env('search_request', $search);
+ }
}
// get address book name (for display)
rcmail_set_sourcename($CONTACTS);
+
+$OUTPUT->add_handlers(array(
+ 'contacthead' => 'rcmail_contact_head',
+ 'contactdetails' => 'rcmail_contact_details',
+ 'contactphoto' => 'rcmail_contact_photo',
+));
+
+$OUTPUT->send('contact');
+
function rcmail_contact_head($attrib)
@@ -51,12 +64,18 @@
$form = array(
'head' => array( // section 'head' is magic!
+ 'name' => $RCMAIL->gettext('contactnameandorg'),
'content' => array(
- 'prefix' => array('type' => 'text'),
- 'firstname' => array('type' => 'text'),
- 'middlename' => array('type' => 'text'),
- 'surname' => array('type' => 'text'),
- 'suffix' => array('type' => 'text'),
+ 'prefix' => array('type' => 'text'),
+ 'firstname' => array('type' => 'text'),
+ 'middlename' => array('type' => 'text'),
+ 'surname' => array('type' => 'text'),
+ 'suffix' => array('type' => 'text'),
+ 'name' => array('type' => 'text'),
+ 'nickname' => array('type' => 'text'),
+ 'organization' => array('type' => 'text'),
+ 'department' => array('type' => 'text'),
+ 'jobtitle' => array('type' => 'text'),
),
),
);
@@ -75,7 +94,7 @@
return false;
}
- $i_size = !empty($attrib['size']) ? $attrib['size'] : 40;
+ $i_size = $attrib['size'] ?: 40;
$form = array(
'contact' => array(
@@ -183,12 +202,3 @@
return $form_start . html::tag('fieldset', 'contactfieldgroup contactgroups', $table->show()) . $form_end;
}
-
-
-$OUTPUT->add_handlers(array(
- 'contacthead' => 'rcmail_contact_head',
- 'contactdetails' => 'rcmail_contact_details',
- 'contactphoto' => 'rcmail_contact_photo',
-));
-
-$OUTPUT->send('contact');
--
Gitblit v1.9.1