From bd0551b22076b82a6d49e9f7a2b2e0c90a1b2326 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 05 Feb 2016 07:25:27 -0500
Subject: [PATCH] Secure also downloads of addressbook exports, managesieve script exports and Enigma keys exports

---
 program/steps/settings/save_folder.inc |    9 ++++++---
 1 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/program/steps/settings/save_folder.inc b/program/steps/settings/save_folder.inc
index 30003aa..e724212 100644
--- a/program/steps/settings/save_folder.inc
+++ b/program/steps/settings/save_folder.inc
@@ -1,6 +1,6 @@
 <?php
 
-/*
+/**
  +-----------------------------------------------------------------------+
  | program/steps/settings/save_folder.inc                                |
  |                                                                       |
@@ -41,6 +41,9 @@
 }
 else if (mb_strlen($name) > 128) {
     $error = $RCMAIL->gettext('nametoolong');
+}
+else if ($name[0] == '.' && $RCMAIL->config->get('imap_skip_hidden_folders')) {
+    $error = $RCMAIL->gettext('namedotforbidden');
 }
 else {
     // these characters are problematic e.g. when used in LIST/LSUB
@@ -129,7 +132,7 @@
     }
     else {
         // show error message
-        $OUTPUT->show_message($plugin['message'] ? $plugin['message'] : 'errorsaving', 'error', null, false);
+        $OUTPUT->show_message($plugin['message'] ?: 'errorsaving', 'error', null, false);
     }
 }
 // update a mailbox
@@ -192,7 +195,7 @@
     }
     else {
         // show error message
-        $OUTPUT->show_message($plugin['message'] ? $plugin['message'] : 'errorsaving', 'error', null, false);
+        $OUTPUT->show_message($plugin['message'] ?: 'errorsaving', 'error', null, false);
     }
 }
 

--
Gitblit v1.9.1