githubFork/roundcubemail.git

			@@ -106,21 +106,23 @@
			// reset some session parameters when changing task
			if ($this->task != 'utils') {
			// we reset list page when switching to another task
			// but only to the main task interface - empty action (#1489076)
			// but only to the main task interface - empty action (#1489076, #1490116)
			// this will prevent from unintentional page reset on cross-task requests
			if ($this->session && $_SESSION['task'] != $this->task && empty($this->action)) {
			$this->session->remove('page');
			}

			// set current task to session
			$_SESSION['task'] = $this->task;
			// set current task to session
			$_SESSION['task'] = $this->task;
			}
			}

			// init output class
			if (!empty($_REQUEST['_remote']))
			// init output class (not in CLI mode)
			if (!empty($_REQUEST['_remote'])) {
			$GLOBALS['OUTPUT'] = $this->json_init();
			else
			}
			else if ($_SERVER['REMOTE_ADDR']) {
			$GLOBALS['OUTPUT'] = $this->load_gui(!empty($_REQUEST['_framed']));
			}

			// load plugins
			$this->plugins->init($this, $this->task);
			@@ -173,7 +175,7 @@
			setlocale(LC_ALL, $lang . '.utf8', $lang . '.UTF-8', 'en_US.utf8', 'en_US.UTF-8');

			// workaround for http://bugs.php.net/bug.php?id=18556
			if (version_compare(PHP_VERSION, '5.5.0', '<') && in_array($lang, array('tr_TR', 'ku', 'az_AZ'))) {
			if (PHP_VERSION_ID < 50500 && in_array($lang, array('tr_TR', 'ku', 'az_AZ'))) {
			setlocale(LC_CTYPE, 'en_US.utf8', 'en_US.UTF-8');
			}
			}
			@@ -437,7 +439,7 @@

			// add some basic labels to client
			$this->output->add_label('loading', 'servererror', 'connerror', 'requesttimedout',
			'refreshing', 'windowopenerror');
			'refreshing', 'windowopenerror', 'uploadingmany');

			return $this->output;
			}
			@@ -758,49 +760,16 @@
			}

			/**
			* Generate a unique token to be used in a form request
			*
			* @return string The request token
			*/
			public function get_request_token()
			{
			$sess_id = $_COOKIE[ini_get('session.name')];

			if (!$sess_id) {
			$sess_id = session_id();
			}

			$plugin = $this->plugins->exec_hook('request_token', array(
			'value' => md5('RT' . $this->get_user_id() . $this->config->get('des_key') . $sess_id)));

			return $plugin['value'];
			}

			/**
			* Check if the current request contains a valid token
			*
			* @param int Request method
			*
			* @return boolean True if request token is valid false if not
			*/
			public function check_request($mode = rcube_utils::INPUT_POST)
			{
			$token = rcube_utils::get_input_value('_token', $mode);
			$sess_id = $_COOKIE[ini_get('session.name')];

			return !empty($sess_id) && $token == $this->get_request_token();
			}

			/**
			* Build a valid URL to this instance of Roundcube
			*
			* @param mixed Either a string with the action or url parameters as key-value pairs
			* @param boolean Build an URL absolute to document root
			* @param boolean Create fully qualified URL including http(s):// and hostname
			* @param bool Return absolute URL in secure location
			*
			* @return string Valid application URL
			*/
			public function url($p, $absolute = false, $full = false)
			public function url($p, $absolute = false, $full = false, $secure = false)
			{
			if (!is_array($p)) {
			if (strpos($p, 'http') === 0) {
			@@ -826,27 +795,32 @@
			}
			}

			$base_path = strval($_SERVER['REDIRECT_SCRIPT_URL'] ?: $_SERVER['SCRIPT_NAME']);
			$base_path = preg_replace('![^/]+$!', '', $base_path);

			if ($secure && ($token = $this->get_secure_url_token(true))) {
			// add token to the url
			$url = $token . '/' . $url;

			// remove old token from the path
			$base_path = rtrim($base_path, '/');
			$base_path = preg_replace('/\/[a-f0-9]{' . strlen($token) . '}$/', '', $base_path);

			// this need to be full url to make redirects work
			$absolute = true;
			}

			if ($absolute \|\| $full) {
			$prefix = '';
			// add base path to this Roundcube installation
			if ($base_path == '') $base_path = '/';
			$prefix = $base_path;

			// prepend protocol://hostname:port
			if ($full) {
			$schema = 'http';
			$default_port = 80;
			if (rcube_utils::https_check()) {
			$schema = 'https';
			$default_port = 443;
			}
			$prefix = $schema . '://' . preg_replace('/:\d+$/', '', $_SERVER['HTTP_HOST']);
			if ($_SERVER['SERVER_PORT'] != $default_port) {
			$prefix .= ':' . $_SERVER['SERVER_PORT'];
			}
			$prefix = rcube_utils::resolve_url($prefix);
			}

			// add base path to this Roundcube installation
			$base_path = preg_replace('![^/]+$!', '', strval($_SERVER['SCRIPT_NAME']));
			if ($base_path == '') $base_path = '/';
			$prefix .= $base_path;
			$prefix = rtrim($prefix, '/') . '/';
			}
			else {
			$prefix = './';
			@@ -883,6 +857,28 @@
			self::print_timer(RCMAIL_START, $log);
			else
			self::console($log);
			}
			}

			/**
			* CSRF attack prevention code
			*
			* @param int Request mode
			*/
			public function request_security_check($mode = rcube_utils::INPUT_POST)
			{
			// check request token
			if (!$this->check_request($mode)) {
			self::raise_error(array(
			'code' => 403, 'type' => 'php',
			'message' => "Request security check failed"), false, true);
			}

			// check referer if configured
			if ($this->config->get('referer_check') && !rcube_utils::check_referer()) {
			self::raise_error(array(
			'code' => 403, 'type' => 'php',
			'message' => "Referer check failed"), true, true);
			}
			}

			@@ -1809,7 +1805,7 @@
			$error = 'errorreadonly';
			}
			else if ($res_code == rcube_storage::OVERQUOTA) {
			$error = 'errorroverquota';
			$error = 'erroroverquota';
			}
			else if ($err_code && ($err_str = $this->storage->get_error_str())) {
			// try to detect access rights problem and display appropriate message
			@@ -1965,13 +1961,32 @@
			}

			if (!empty($params['total'])) {
			$params['percent'] = round($status['current']/$status['total']*100);
			$total = $this->show_bytes($params['total'], $unit);
			switch ($unit) {
			case 'GB':
			$gb = $params['current']/1073741824;
			$current = sprintf($gb >= 10 ? "%d" : "%.1f", $gb);
			break;
			case 'MB':
			$mb = $params['current']/1048576;
			$current = sprintf($mb >= 10 ? "%d" : "%.1f", $mb);
			break;
			case 'KB':
			$current = round($params['current']/1024);
			break;
			case 'B':
			default:
			$current = $params['current'];
			break;
			}

			$params['percent'] = round($params['current']/$params['total']*100);
			$params['text'] = $this->gettext(array(
			'name' => 'uploadprogress',
			'vars' => array(
			'percent' => $params['percent'] . '%',
			'current' => $this->show_bytes($params['current']),
			'total' => $this->show_bytes($params['total'])
			'current' => $current,
			'total' => $total
			)
			));
			}
			@@ -2157,25 +2172,30 @@
			/**
			* Create a human readable string for a number of bytes
			*
			* @param int Number of bytes
			* @param int Number of bytes
			* @param string Size unit
			*
			* @return string Byte string
			*/
			public function show_bytes($bytes)
			public function show_bytes($bytes, &$unit = null)
			{
			if ($bytes >= 1073741824) {
			$gb = $bytes/1073741824;
			$str = sprintf($gb>=10 ? "%d " : "%.1f ", $gb) . $this->gettext('GB');
			$unit = 'GB';
			$gb = $bytes/1073741824;
			$str = sprintf($gb >= 10 ? "%d " : "%.1f ", $gb) . $this->gettext($unit);
			}
			else if ($bytes >= 1048576) {
			$mb = $bytes/1048576;
			$str = sprintf($mb>=10 ? "%d " : "%.1f ", $mb) . $this->gettext('MB');
			$unit = 'MB';
			$mb = $bytes/1048576;
			$str = sprintf($mb >= 10 ? "%d " : "%.1f ", $mb) . $this->gettext($unit);
			}
			else if ($bytes >= 1024) {
			$str = sprintf("%d ", round($bytes/1024)) . $this->gettext('KB');
			$unit = 'KB';
			$str = sprintf("%d ", round($bytes/1024)) . $this->gettext($unit);
			}
			else {
			$str = sprintf('%d ', $bytes) . $this->gettext('B');
			$unit = 'B';
			$str = sprintf('%d ', $bytes) . $this->gettext($unit);
			}

			return $str;
			@@ -2264,6 +2284,29 @@
			return $result;
			}

			/**
			* Get resource file content (with assets_dir support)
			*
			* @param string $name File name
			*/
			public function get_resource_content($name)
			{
			if (!strpos($name, '/')) {
			$name = "program/resources/$name";
			}

			$assets_dir = $this->config->get('assets_dir');

			if ($assets_dir) {
			$path = slashify($assets_dir) . $name;
			if (@file_exists($path)) {
			$name = $path;
			}
			}

			return file_get_contents($name, false);
			}


			/************************************************************************
			******* Deprecated methods (to be removed) *******