From a3b85d7b8560cdc1057fcaffa3acbd247b4b5b7a Mon Sep 17 00:00:00 2001
From: Thomas B. <thomas@roundcube.net>
Date: Mon, 07 Oct 2013 13:19:03 -0400
Subject: [PATCH] Merge pull request #133 from cwickert/release-0.9-canned-responses
---
program/steps/mail/compose.inc | 109 ++++++++++++++++++++++++++++++++++++++++++------------
1 files changed, 85 insertions(+), 24 deletions(-)
diff --git a/program/steps/mail/compose.inc b/program/steps/mail/compose.inc
index 09b53e9..9ad9771 100644
--- a/program/steps/mail/compose.inc
+++ b/program/steps/mail/compose.inc
@@ -127,7 +127,8 @@
$OUTPUT->add_label('nosubject', 'nosenderwarning', 'norecipientwarning', 'nosubjectwarning', 'cancel',
'nobodywarning', 'notsentwarning', 'notuploadedwarning', 'savingmessage', 'sendingmessage',
'messagesaved', 'converting', 'editorwarning', 'searching', 'uploading', 'uploadingmany',
- 'fileuploaderror', 'sendmessage');
+ 'fileuploaderror', 'sendmessage', 'savenewresponse', 'responsename', 'responsetext', 'save',
+ 'savingresponse');
$OUTPUT->set_env('compose_id', $COMPOSE['id']);
$OUTPUT->set_pagetitle(rcube_label('compose'));
@@ -198,7 +199,10 @@
if (!empty($MESSAGE->headers->charset))
$RCMAIL->storage->set_charset($MESSAGE->headers->charset);
- if ($compose_mode == RCUBE_COMPOSE_REPLY) {
+ if (!$MESSAGE->headers) {
+ // error
+ }
+ else if ($compose_mode == RCUBE_COMPOSE_REPLY) {
$COMPOSE['reply_uid'] = $msg_uid;
$COMPOSE['reply_msgid'] = $MESSAGE->headers->messageID;
$COMPOSE['references'] = trim($MESSAGE->headers->references . " " . $MESSAGE->headers->messageID);
@@ -365,7 +369,12 @@
$mailto = format_email(rcube_idn_to_utf8($addr_part['mailto']));
if (!in_array($mailto, $a_recipients)
- && ($header == 'to' || empty($MESSAGE->compose['from_email']) || $mailto != $MESSAGE->compose['from_email'])
+ && (
+ $header == 'to'
+ || $compose_mode != RCUBE_COMPOSE_REPLY
+ || empty($MESSAGE->compose['from_email'])
+ || $mailto != $MESSAGE->compose['from_email']
+ )
) {
if ($addr_part['name'] && $addr_part['mailto'] != $addr_part['name'])
$string = format_email_recipient($mailto, $addr_part['name']);
@@ -924,10 +933,10 @@
$prefix .= rcube_label('from') . ': ' . $MESSAGE->get_header('from') . "\n";
$prefix .= rcube_label('to') . ': ' . $MESSAGE->get_header('to') . "\n";
- if ($MESSAGE->headers->cc)
- $prefix .= rcube_label('cc') . ': ' . $MESSAGE->get_header('cc') . "\n";
- if ($MESSAGE->headers->replyto && $MESSAGE->headers->replyto != $MESSAGE->headers->from)
- $prefix .= rcube_label('replyto') . ': ' . $MESSAGE->get_header('replyto') . "\n";
+ if ($cc = $MESSAGE->headers->get('cc'))
+ $prefix .= rcube_label('cc') . ': ' . $cc . "\n";
+ if (($replyto = $MESSAGE->headers->get('reply-to')) && $replyto != $MESSAGE->get_header('from'))
+ $prefix .= rcube_label('replyto') . ': ' . $replyto . "\n";
$prefix .= "\n";
$body = trim($body, "\r\n");
@@ -950,15 +959,13 @@
rcube_label('from'), Q($MESSAGE->get_header('from'), 'replace'),
rcube_label('to'), Q($MESSAGE->get_header('to'), 'replace'));
- if ($MESSAGE->headers->cc)
+ if ($cc = $MESSAGE->headers->get('cc'))
$prefix .= sprintf("<tr><th align=\"right\" nowrap=\"nowrap\" valign=\"baseline\">%s: </th><td>%s</td></tr>",
- rcube_label('cc'),
- Q($MESSAGE->get_header('cc'), 'replace'));
+ rcube_label('cc'), Q($cc, 'replace'));
- if ($MESSAGE->headers->replyto && $MESSAGE->headers->replyto != $MESSAGE->headers->from)
+ if (($replyto = $MESSAGE->headers->get('reply-to')) && $replyto != $MESSAGE->get_header('from'))
$prefix .= sprintf("<tr><th align=\"right\" nowrap=\"nowrap\" valign=\"baseline\">%s: </th><td>%s</td></tr>",
- rcube_label('replyto'),
- Q($MESSAGE->get_header('replyto'), 'replace'));
+ rcube_label('replyto'), Q($replyto, 'replace'));
$prefix .= "</tbody></table><br>";
}
@@ -980,10 +987,19 @@
&& count($MESSAGE->mime_parts) > 0)
{
$cid_map = rcmail_write_compose_attachments($MESSAGE, $bodyIsHtml);
+ }
+
+ // clean up HTML tags - XSS prevention (#1489251)
+ if ($bodyIsHtml) {
+ $body = rcmail_wash_html($body, array('safe' => 1), $cid_map);
+
+ // remove comments (produced by washtml)
+ $body = preg_replace('/<!--[^>]+-->/', '', $body);
// replace cid with href in inline images links
- if ($cid_map)
+ if (!empty($cid_map)) {
$body = str_replace(array_keys($cid_map), array_values($cid_map), $body);
+ }
}
return $body;
@@ -1325,8 +1341,9 @@
if (!$attrib['id'])
$attrib['id'] = 'rcmAttachmentList';
- $out = "\n";
+ $out = "\n";
$jslist = array();
+ $button = '';
if (is_array($COMPOSE['attachments'])) {
if ($attrib['deleteicon']) {
@@ -1335,27 +1352,38 @@
'alt' => rcube_label('delete')
));
}
- else
+ else if (rcube_utils::get_boolean($attrib['textbuttons'])) {
$button = Q(rcube_label('delete'));
+ }
foreach ($COMPOSE['attachments'] as $id => $a_prop) {
if (empty($a_prop))
continue;
- $out .= html::tag('li', array('id' => 'rcmfile'.$id, 'class' => rcmail_filetype2classname($a_prop['mimetype'], $a_prop['name'])),
+ $out .= html::tag('li',
+ array(
+ 'id' => 'rcmfile'.$id,
+ 'class' => rcmail_filetype2classname($a_prop['mimetype'], $a_prop['name']),
+ 'onmouseover' => "rcube_webmail.long_subject_title_ex(this, 0)",
+ ),
html::a(array(
'href' => "#delete",
'title' => rcube_label('delete'),
'onclick' => sprintf("return %s.command('remove-attachment','rcmfile%s', this)", JS_OBJECT_NAME, $id),
- 'class' => 'delete'),
- $button) . Q($a_prop['name']));
+ 'class' => 'delete'
+ ),
+ $button
+ ) . Q($a_prop['name'])
+ );
- $jslist['rcmfile'.$id] = array('name' => $a_prop['name'], 'complete' => true, 'mimetype' => $a_prop['mimetype']);
+ $jslist['rcmfile'.$id] = array('name' => $a_prop['name'], 'complete' => true, 'mimetype' => $a_prop['mimetype']);
}
}
if ($attrib['deleteicon'])
$COMPOSE['deleteicon'] = $CONFIG['skin_path'] . $attrib['deleteicon'];
+ else if (rcube_utils::get_boolean($attrib['textbuttons']))
+ $COMPOSE['textbuttons'] = true;
if ($attrib['cancelicon'])
$OUTPUT->set_env('cancelicon', $CONFIG['skin_path'] . $attrib['cancelicon']);
if ($attrib['loadingicon'])
@@ -1422,17 +1450,17 @@
rcube_label('normal'),
rcube_label('high'),
rcube_label('highest')),
- array(5, 4, 0, 2, 1));
+ array('5', '4', '0', '2', '1'));
if (isset($_POST['_priority']))
$sel = $_POST['_priority'];
- else if (intval($MESSAGE->headers->priority) != 3)
- $sel = intval($MESSAGE->headers->priority);
+ else if (isset($MESSAGE->headers->priority) && intval($MESSAGE->headers->priority) != 3)
+ $sel = $MESSAGE->headers->priority;
else
$sel = 0;
$out = $form_start ? "$form_start\n" : '';
- $out .= $selector->show($sel);
+ $out .= $selector->show(strval($sel));
$out .= $form_end ? "\n$form_end" : '';
return $out;
@@ -1657,6 +1685,38 @@
}
+/**
+ *
+ */
+function rcmail_compose_responses_list($attrib)
+{
+ global $RCMAIL, $OUTPUT;
+
+ $attrib += array('id' => 'rcmresponseslist', 'tagname' => 'ul', 'cols' => 1);
+
+ $jsenv = array();
+ $list = array();
+ foreach ($RCMAIL->get_compose_responses(true) as $response) {
+ $key = $response['key'];
+ $item = html::a(array(
+ 'href '=> '#'.urlencode($response['name']),
+ 'class' => rtrim('insertresponse ' . $attrib['itemclass']),
+ 'unselectable' => 'on',
+ 'rel' => $key,
+ ), Q($response['name']));
+
+ $jsenv[$key] = $response;
+ $list[] = html::tag('li', null, html::span(null, $item));
+ }
+
+ // set client env
+ $OUTPUT->set_env('textresponses', $jsenv);
+ $OUTPUT->add_gui_object('responseslist', $attrib['id']);
+
+ return html::tag('ul', $attrib, join("\n", $list));
+}
+
+
// register UI objects
$OUTPUT->add_handlers(array(
'composeheaders' => 'rcmail_compose_headers',
@@ -1673,6 +1733,7 @@
'storetarget' => 'rcmail_store_target_selection',
'addressbooks' => 'rcmail_addressbook_list',
'addresslist' => 'rcmail_contacts_list',
+ 'responseslist' => 'rcmail_compose_responses_list',
));
$OUTPUT->send('compose');
--
Gitblit v1.9.1