From 3cf664939b98befe8e9f9a8e3fa8a7e9a85a5745 Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Wed, 21 Mar 2007 05:56:49 -0400
Subject: [PATCH] Minor bugfixes posted to the dev-mailing list
---
program/include/main.inc | 465 ++++++++++++++++++++++++++++++++++++++++++----------------
1 files changed, 337 insertions(+), 128 deletions(-)
diff --git a/program/include/main.inc b/program/include/main.inc
index 051d6e2..3fe196a 100644
--- a/program/include/main.inc
+++ b/program/include/main.inc
@@ -39,40 +39,12 @@
// check client
$BROWSER = rcube_browser();
- // load config file
- include_once('config/main.inc.php');
- $CONFIG = is_array($rcmail_config) ? $rcmail_config : array();
-
- // load host-specific configuration
- rcmail_load_host_config($CONFIG);
-
- $CONFIG['skin_path'] = $CONFIG['skin_path'] ? unslashify($CONFIG['skin_path']) : 'skins/default';
-
- // load db conf
- include_once('config/db.inc.php');
- $CONFIG = array_merge($CONFIG, $rcmail_config);
-
- if (empty($CONFIG['log_dir']))
- $CONFIG['log_dir'] = $INSTALL_PATH.'logs';
- else
- $CONFIG['log_dir'] = unslashify($CONFIG['log_dir']);
-
- // set PHP error logging according to config
- if ($CONFIG['debug_level'] & 1)
- {
- ini_set('log_errors', 1);
- ini_set('error_log', $CONFIG['log_dir'].'/errors');
- }
- if ($CONFIG['debug_level'] & 4)
- ini_set('display_errors', 1);
- else
- ini_set('display_errors', 0);
-
+ // load configuration
+ $CONFIG = rcmail_load_config();
// set session garbage collecting time according to session_lifetime
if (!empty($CONFIG['session_lifetime']))
- ini_set('session.gc_maxlifetime', ($CONFIG['session_lifetime']+2)*60);
-
+ ini_set('session.gc_maxlifetime', ($CONFIG['session_lifetime']) * 120);
// prepare DB connection
require_once('include/rcube_'.(empty($CONFIG['db_backend']) ? 'db' : $CONFIG['db_backend']).'.inc');
@@ -80,7 +52,7 @@
$DB = new rcube_db($CONFIG['db_dsnw'], $CONFIG['db_dsnr'], $CONFIG['db_persistent']);
$DB->sqlite_initials = $INSTALL_PATH.'SQL/sqlite.initial.sql';
$DB->db_connect('w');
-
+
// we can use the database for storing session data
if (!$DB->is_error())
include_once('include/session.inc');
@@ -129,6 +101,44 @@
}
+// load roundcube configuration into global var
+function rcmail_load_config()
+ {
+ global $INSTALL_PATH;
+
+ // load config file
+ include_once('config/main.inc.php');
+ $conf = is_array($rcmail_config) ? $rcmail_config : array();
+
+ // load host-specific configuration
+ rcmail_load_host_config($conf);
+
+ $conf['skin_path'] = $conf['skin_path'] ? unslashify($conf['skin_path']) : 'skins/default';
+
+ // load db conf
+ include_once('config/db.inc.php');
+ $conf = array_merge($conf, $rcmail_config);
+
+ if (empty($conf['log_dir']))
+ $conf['log_dir'] = $INSTALL_PATH.'logs';
+ else
+ $conf['log_dir'] = unslashify($conf['log_dir']);
+
+ // set PHP error logging according to config
+ if ($conf['debug_level'] & 1)
+ {
+ ini_set('log_errors', 1);
+ ini_set('error_log', $conf['log_dir'].'/errors');
+ }
+ if ($conf['debug_level'] & 4)
+ ini_set('display_errors', 1);
+ else
+ ini_set('display_errors', 0);
+
+ return $conf;
+ }
+
+
// load a host-specific config file if configured
function rcmail_load_host_config(&$config)
{
@@ -169,15 +179,17 @@
function rcmail_authenticate_session()
{
$now = mktime();
- $valid = ($_COOKIE['sessauth'] == rcmail_auth_hash(session_id(), $_SESSION['auth_time']));
+ $valid = ($_COOKIE['sessauth'] == rcmail_auth_hash(session_id(), $_SESSION['auth_time']) ||
+ $_COOKIE['sessauth'] == rcmail_auth_hash(session_id(), $_SESSION['last_auth']));
// renew auth cookie every 5 minutes (only for GET requests)
if (!$valid || ($_SERVER['REQUEST_METHOD']!='POST' && $now-$_SESSION['auth_time'] > 300))
{
+ $_SESSION['last_auth'] = $_SESSION['auth_time'];
$_SESSION['auth_time'] = $now;
setcookie('sessauth', rcmail_auth_hash(session_id(), $now));
}
-
+
return $valid;
}
@@ -346,18 +358,22 @@
// add common javascripts
$javascript = "var $JS_OBJECT_NAME = new rcube_webmail();\n";
- $javascript .= "$JS_OBJECT_NAME.set_env('comm_path', '$COMM_PATH');\n";
+ $javascript .= sprintf("%s.set_env('comm_path', '%s');\n", $JS_OBJECT_NAME, str_replace('&', '&', $COMM_PATH));
if (isset($CONFIG['javascript_config'] )){
foreach ($CONFIG['javascript_config'] as $js_config_var){
$javascript .= "$JS_OBJECT_NAME.set_env('$js_config_var', '" . $CONFIG[$js_config_var] . "');\n";
}
}
-
+
+ // don't wait for page onload. Call init at the bottom of the page (delayed)
+ $javascript_foot = "if (window.call_init)\n call_init('$JS_OBJECT_NAME');";
+
if (!empty($GLOBALS['_framed']))
$javascript .= "$JS_OBJECT_NAME.set_env('framed', true);\n";
- $OUTPUT->add_script($javascript);
+ $OUTPUT->add_script($javascript, 'head');
+ $OUTPUT->add_script($javascript_foot, 'foot');
$OUTPUT->include_script('common.js');
$OUTPUT->include_script('app.js');
$OUTPUT->scripts_path = 'program/js/';
@@ -377,7 +393,7 @@
// set localization charset based on the given language
function rcmail_set_locale($lang)
{
- global $OUTPUT, $MBSTRING;
+ global $OUTPUT, $CHARSET, $MBSTRING;
static $s_mbstring_loaded = NULL;
// settings for mbstring module (by Tadashi Jokagi)
@@ -385,8 +401,39 @@
$MBSTRING = $s_mbstring_loaded = extension_loaded("mbstring");
else
$MBSTRING = $s_mbstring_loaded = FALSE;
+
+ if ($MBSTRING)
+ mb_internal_encoding($CHARSET);
$OUTPUT->set_charset(rcube_language_prop($lang, 'charset'));
+ }
+
+
+// auto-select IMAP host based on the posted login information
+function rcmail_autoselect_host()
+ {
+ global $CONFIG;
+
+ $host = isset($_POST['_host']) ? get_input_value('_host', RCUBE_INPUT_POST) : $CONFIG['default_host'];
+ if (is_array($host))
+ {
+ list($user, $domain) = explode('@', get_input_value('_user', RCUBE_INPUT_POST));
+ if (!empty($domain))
+ {
+ foreach ($host as $imap_host => $mail_domains)
+ if (is_array($mail_domains) && in_array($domain, $mail_domains))
+ {
+ $host = $imap_host;
+ break;
+ }
+ }
+
+ // take the first entry if $host is still an array
+ if (is_array($host))
+ $host = array_shift($host);
+ }
+
+ return $host;
}
@@ -398,6 +445,26 @@
if (!$host)
$host = $CONFIG['default_host'];
+
+ // Validate that selected host is in the list of configured hosts
+ if (is_array($CONFIG['default_host']))
+ {
+ $allowed = FALSE;
+ foreach ($CONFIG['default_host'] as $key => $host_allowed)
+ {
+ if (!is_numeric($key))
+ $host_allowed = $key;
+ if ($host == $host_allowed)
+ {
+ $allowed = TRUE;
+ break;
+ }
+ }
+ if (!$allowed)
+ return FALSE;
+ }
+ else if (!empty($CONFIG['default_host']) && $host != $CONFIG['default_host'])
+ return FALSE;
// parse $host URL
$a_host = parse_url($host);
@@ -466,7 +533,7 @@
// update user's record
$DB->query("UPDATE ".get_table_name('users')."
- SET last_login=now()
+ SET last_login=".$DB->now()."
WHERE user_id=?",
$user_id);
}
@@ -485,6 +552,7 @@
$_SESSION['username'] = $user;
$_SESSION['user_lang'] = $sess_user_lang;
$_SESSION['password'] = encrypt_passwd($pass);
+ $_SESSION['login_time'] = mktime();
// force reloading complete list of subscribed mailboxes
rcmail_set_imap_prop();
@@ -511,22 +579,15 @@
$DB->query("INSERT INTO ".get_table_name('users')."
(created, last_login, username, mail_host, alias, language)
- VALUES (now(), now(), ?, ?, ?, ?)",
- $user,
- $host,
- $user_email,
- $_SESSION['user_lang']);
+ VALUES (".$DB->now().", ".$DB->now().", ?, ?, ?, ?)",
+ strip_newlines($user),
+ strip_newlines($host),
+ strip_newlines($user_email),
+ $_SESSION['user_lang']);
if ($user_id = $DB->insert_id(get_sequence_name('users')))
{
- $mail_domain = $host;
- if (is_array($CONFIG['mail_domain']))
- {
- if (isset($CONFIG['mail_domain'][$host]))
- $mail_domain = $CONFIG['mail_domain'][$host];
- }
- else if (!empty($CONFIG['mail_domain']))
- $mail_domain = $CONFIG['mail_domain'];
+ $mail_domain = rcmail_mail_domain($host);
if ($user_email=='')
$user_email = strstr($user, '@') ? $user : sprintf('%s@%s', $user, $mail_domain);
@@ -534,21 +595,28 @@
$user_name = $user!=$user_email ? $user : '';
// try to resolve the e-mail address from the virtuser table
- if (!empty($CONFIG['virtuser_query']))
- {
- $sql_result = $DB->query(preg_replace('/%u/', $user, $CONFIG['virtuser_query']));
- if ($sql_arr = $DB->fetch_array($sql_result))
- $user_email = $sql_arr[0];
+ if (!empty($CONFIG['virtuser_query']) &&
+ ($sql_result = $DB->query(preg_replace('/%u/', $user, $CONFIG['virtuser_query']))) &&
+ ($DB->num_rows()>0))
+ while ($sql_arr = $DB->fetch_array($sql_result))
+ {
+ $DB->query("INSERT INTO ".get_table_name('identities')."
+ (user_id, del, standard, name, email)
+ VALUES (?, 0, 1, ?, ?)",
+ $user_id,
+ strip_newlines($user_name),
+ preg_replace('/^@/', $user . '@', $sql_arr[0]));
+ }
+ else
+ {
+ // also create new identity records
+ $DB->query("INSERT INTO ".get_table_name('identities')."
+ (user_id, del, standard, name, email)
+ VALUES (?, 0, 1, ?, ?)",
+ $user_id,
+ strip_newlines($user_name),
+ strip_newlines($user_email));
}
-
- // also create new identity records
- $DB->query("INSERT INTO ".get_table_name('identities')."
- (user_id, del, standard, name, email)
- VALUES (?, 0, 1, ?, ?)",
- $user_id,
- $user_name,
- $user_email);
-
// get existing mailboxes
$a_mailboxes = $IMAP->list_mailboxes();
@@ -683,7 +751,7 @@
$framed = $GLOBALS['_framed'];
$command = sprintf("display_message('%s', '%s');",
- rep_specialchars_output(rcube_label(array('name' => $message, 'vars' => $vars)), 'js'),
+ JQ(rcube_label(array('name' => $message, 'vars' => $vars))),
$type);
if ($REMOTE_REQUEST)
@@ -803,23 +871,29 @@
$OUTPUT->add_script(sprintf("%s.add_label('%s', '%s');",
$JS_OBJECT_NAME,
$name,
- rep_specialchars_output(rcube_label($name), 'js')));
+ JQ(rcube_label($name))));
}
-// remove temp files of a session
-function rcmail_clear_session_temp($sess_id)
+// remove temp files older than two day
+function rcmail_temp_gc()
{
- global $CONFIG;
+ $tmp = unslashify($CONFIG['temp_dir']);
+ $expire = mktime() - 172800; // expire in 48 hours
- $temp_dir = slashify($CONFIG['temp_dir']);
- $cache_dir = $temp_dir.$sess_id;
-
- if (is_dir($cache_dir))
+ if ($dir = opendir($tmp))
{
- clear_directory($cache_dir);
- rmdir($cache_dir);
- }
+ while (($fname = readdir($dir)) !== false)
+ {
+ if ($fname{0} == '.')
+ continue;
+
+ if (filemtime($tmp.'/'.$fname) < $expire)
+ @unlink($tmp.'/'.$fname);
+ }
+
+ closedir($dir);
+ }
}
@@ -840,8 +914,15 @@
}
-// convert a string from one charset to another
-// this function is not complete and not tested well
+/**
+ * Convert a string from one charset to another.
+ * Uses mbstring and iconv functions if possible
+ *
+ * @param string Input string
+ * @param string Suspected charset of the input string
+ * @param string Target charset to convert to; defaults to $GLOBALS['CHARSET']
+ * @return Converted string
+ */
function rcube_charset_convert($str, $from, $to=NULL)
{
global $MBSTRING;
@@ -849,7 +930,7 @@
$from = strtoupper($from);
$to = $to==NULL ? strtoupper($GLOBALS['CHARSET']) : strtoupper($to);
- if ($from==$to || $str=='')
+ if ($from==$to || $str=='' || empty($from))
return $str;
// convert charset using mbstring module
@@ -871,7 +952,7 @@
// convert string to UTF-8
if ($from=='UTF-7')
- $str = rcube_charset_convert(UTF7DecodeString($str), 'ISO-8859-1');
+ $str = utf7_to_utf8($str);
else if (($from=='ISO-8859-1') && function_exists('utf8_encode'))
$str = utf8_encode($str);
else if ($from!='UTF-8')
@@ -882,7 +963,7 @@
// encode string for output
if ($to=='UTF-7')
- return UTF7EncodeString(rcube_charset_convert($str, 'UTF-8', 'ISO-8859-1'));
+ return utf8_to_utf7($str);
else if ($to=='ISO-8859-1' && function_exists('utf8_decode'))
return utf8_decode($str);
else if ($to!='UTF-8')
@@ -896,12 +977,19 @@
}
-
-// replace specials characters to a specific encoding type
+/**
+ * Replacing specials characters to a specific encoding type
+ *
+ * @param string Input string
+ * @param string Encoding type: text|html|xml|js|url
+ * @param string Replace mode for tags: show|replace|remove
+ * @param boolean Convert newlines
+ * @return The quoted string
+ */
function rep_specialchars_output($str, $enctype='', $mode='', $newlines=TRUE)
{
global $OUTPUT_TYPE, $OUTPUT;
- static $html_encode_arr, $js_rep_table, $rtf_rep_table, $xml_rep_table;
+ static $html_encode_arr, $js_rep_table, $xml_rep_table;
if (!$enctype)
$enctype = $GLOBALS['OUTPUT_TYPE'];
@@ -921,7 +1009,6 @@
{
$html_encode_arr = get_html_translation_table(HTML_SPECIALCHARS);
unset($html_encode_arr['?']);
- unset($html_encode_arr['&']);
}
$ltpos = strpos($str, '<');
@@ -933,41 +1020,39 @@
unset($encode_arr['"']);
unset($encode_arr['<']);
unset($encode_arr['>']);
+ unset($encode_arr['&']);
}
else if ($mode=='remove')
$str = strip_tags($str);
-
- $out = strtr($str, $encode_arr);
+
+ // avoid douple quotation of &
+ $out = preg_replace('/&([a-z]{2,5}|#[0-9]{2,4});/', '&\\1;', strtr($str, $encode_arr));
return $newlines ? nl2br($out) : $out;
}
-
if ($enctype=='url')
return rawurlencode($str);
-
- // if the replace tables for RTF, XML and JS are not yet defined
+ // if the replace tables for XML and JS are not yet defined
if (!$js_rep_table)
{
- $js_rep_table = $rtf_rep_table = $xml_rep_table = array();
+ $js_rep_table = $xml_rep_table = array();
$xml_rep_table['&'] = '&';
for ($c=160; $c<256; $c++) // can be increased to support more charsets
{
$hex = dechex($c);
- $rtf_rep_table[Chr($c)] = "\\'$hex";
$xml_rep_table[Chr($c)] = "&#$c;";
if ($OUTPUT->get_charset()=='ISO-8859-1')
$js_rep_table[Chr($c)] = sprintf("\u%s%s", str_repeat('0', 4-strlen($hex)), $hex);
}
- $js_rep_table['"'] = sprintf("\u%s%s", str_repeat('0', 4-strlen(dechex(34))), dechex(34));
$xml_rep_table['"'] = '"';
}
- // encode for RTF
+ // encode for XML
if ($enctype=='xml')
return strtr($str, $xml_rep_table);
@@ -980,12 +1065,26 @@
return addslashes(preg_replace(array("/\r\n/", "/\r/"), array('\n', '\n'), strtr($str, $js_rep_table)));
}
- // encode for RTF
- if ($enctype=='rtf')
- return preg_replace("/\r\n/", "\par ", strtr($str, $rtf_rep_table));
-
// no encoding given -> return original string
return $str;
+ }
+
+/**
+ * Quote a given string. Alias function for rep_specialchars_output
+ * @see rep_specialchars_output
+ */
+function Q($str, $mode='strict', $newlines=TRUE)
+ {
+ return rep_specialchars_output($str, 'html', $mode, $newlines);
+ }
+
+/**
+ * Quote a given string. Alias function for rep_specialchars_output
+ * @see rep_specialchars_output
+ */
+function JQ($str)
+ {
+ return rep_specialchars_output($str, 'js');
}
@@ -1033,7 +1132,21 @@
return $value;
}
+/**
+ * Remove single and double quotes from given string
+ */
+function strip_quotes($str)
+{
+ return preg_replace('/[\'"]/', '', $str);
+}
+/**
+ * Remove new lines characters from given string
+ */
+function strip_newlines($str)
+{
+ return preg_replace('/[\r\n]/', '', $str);
+}
// ************** template parsing and gui functions **************
@@ -1078,8 +1191,12 @@
// parse for specialtags
- $output = parse_rcube_xml($templ);
+ $output = parse_rcube_xml(parse_rcube_conditions($templ));
+ // add debug console
+ if ($CONFIG['debug_level'] & 8)
+ $OUTPUT->footer = '<div style="position:absolute;top:5px;left:5px;width:400px;opacity:0.8;z-index:9000;"><form name="debugform"><textarea name="console" rows="15" cols="40" style="width:400px;border:none;font-size:x-small"></textarea></form>';
+
$OUTPUT->write(trim(parse_with_globals($output)), $skin_path);
if ($exit)
@@ -1097,6 +1214,55 @@
}
+// parse conditional code
+function parse_rcube_conditions($input)
+ {
+ if (($matches = preg_split('/<roundcube:(if|elseif|else|endif)\s+([^>]+)>/is', $input, 2, PREG_SPLIT_DELIM_CAPTURE)) && count($matches)==4)
+ {
+ if (preg_match('/^(else|endif)$/i', $matches[1]))
+ return $matches[0] . parse_rcube_conditions($matches[3]);
+ else
+ {
+ $attrib = parse_attrib_string($matches[2]);
+ if (isset($attrib['condition']))
+ {
+ $condmet = rcube_xml_condition($attrib['condition']);
+ $submatches = preg_split('/<roundcube:(elseif|else|endif)\s+([^>]+)>/is', $matches[3], 2, PREG_SPLIT_DELIM_CAPTURE);
+
+ if ($condmet)
+ $result = $submatches[0] . preg_replace('/.*<roundcube:endif\s+[^>]+>/is', '', $submatches[3]);
+ else
+ $result = "<roundcube:$submatches[1] $submatches[2]>" . $submatches[3];
+
+ return $matches[0] . parse_rcube_conditions($result);
+ }
+ else
+ {
+ raise_error(array('code' => 500, 'type' => 'php', 'line' => __LINE__, 'file' => __FILE__,
+ 'message' => "Unable to parse conditional tag " . $matches[2]), TRUE, FALSE);
+ }
+ }
+ }
+
+ return $input;
+ }
+
+
+/**
+ * Determines if a given condition is met
+ *
+ * @return True if condition is valid, False is not
+ */
+function rcube_xml_condition($condition)
+ {
+ $condition = preg_replace(
+ array('/session:([a-z0-9_]+)/i', '/config:([a-z0-9_]+)/i', '/request:([a-z0-9_]+)/ie'),
+ array("\$_SESSION['\\1']", "\$GLOBALS['CONFIG']['\\1']", "get_input_value('\\1', RCUBE_INPUT_GPC)"),
+ $condition);
+
+ return @eval("return (".$condition.");");
+ }
+
function parse_rcube_xml($input)
{
@@ -1105,12 +1271,19 @@
}
+/**
+ * Convert a xml command tag into real content
+ */
function rcube_xml_command($command, $str_attrib, $add_attrib=array())
{
global $IMAP, $CONFIG, $OUTPUT;
$command = strtolower($command);
$attrib = parse_attrib_string($str_attrib) + $add_attrib;
+
+ // empty output if required condition is not met
+ if (!empty($attrib['condition']) && !rcube_xml_condition($attrib['condition']))
+ return '';
// execute command
switch ($command)
@@ -1124,7 +1297,7 @@
// show a label
case 'label':
if ($attrib['name'] || $attrib['command'])
- return rep_specialchars_output(rcube_label($attrib));
+ return Q(rcube_label($attrib));
break;
// create a menu item
@@ -1175,6 +1348,7 @@
'composeattachment' => 'rcmail_compose_attachment_field',
'priorityselector' => 'rcmail_priority_selector',
'charsetselector' => 'rcmail_charset_selector',
+ 'editorselector' => 'rcmail_editor_selector',
'searchform' => 'rcmail_search_form',
'receiptcheckbox' => 'rcmail_receipt_checkbox',
@@ -1206,7 +1380,7 @@
else if ($object=='productname')
{
$name = !empty($CONFIG['product_name']) ? $CONFIG['product_name'] : 'RoundCube Webmail';
- return rep_specialchars_output($name, 'html', 'all');
+ return Q($name);
}
else if ($object=='version')
{
@@ -1228,7 +1402,7 @@
else
$title .= ucfirst($task);
- return rep_specialchars_output($title, 'html', 'all');
+ return Q($title);
}
break;
@@ -1257,8 +1431,7 @@
if ($attrib['type'])
$attrib['type'] = strtolower($attrib['type']);
else
- $attrib['type'] = ($attrib['image'] || $attrib['imagepas'] || $arg['imageact']) ? 'image' : 'link';
-
+ $attrib['type'] = ($attrib['image'] || $attrib['imagepas'] || $attrib['imageact']) ? 'image' : 'link';
$command = $attrib['command'];
@@ -1267,7 +1440,7 @@
$attrib = $sa_buttons[$attrib['name']];
// add button to button stack
- else if($attrib['image'] || $arg['imageact'] || $attrib['imagepas'] || $attrib['class'])
+ else if($attrib['image'] || $attrib['imageact'] || $attrib['imagepas'] || $attrib['class'])
{
if(!$attrib['name'])
$attrib['name'] = $command;
@@ -1295,12 +1468,12 @@
// get localized text for labels and titles
if ($attrib['title'])
- $attrib['title'] = rep_specialchars_output(rcube_label($attrib['title']));
+ $attrib['title'] = Q(rcube_label($attrib['title']));
if ($attrib['label'])
- $attrib['label'] = rep_specialchars_output(rcube_label($attrib['label']));
+ $attrib['label'] = Q(rcube_label($attrib['label']));
if ($attrib['alt'])
- $attrib['alt'] = rep_specialchars_output(rcube_label($attrib['alt']));
+ $attrib['alt'] = Q(rcube_label($attrib['alt']));
// set title to alt attribute for IE browsers
if ($BROWSER['ie'] && $attrib['title'] && !$attrib['alt'])
@@ -1413,12 +1586,11 @@
$table .= "<thead><tr>\n";
foreach ($a_show_cols as $col)
- $table .= '<td class="'.$col.'">' . rep_specialchars_output(rcube_label($col)) . "</td>\n";
+ $table .= '<td class="'.$col.'">' . Q(rcube_label($col)) . "</td>\n";
$table .= "</tr></thead>\n<tbody>\n";
$c = 0;
-
if (!is_array($table_data))
{
while ($table_data && ($sql_arr = $DB->fetch_assoc($table_data)))
@@ -1430,8 +1602,8 @@
// format each col
foreach ($a_show_cols as $col)
{
- $cont = rep_specialchars_output($sql_arr[$col]);
- $table .= '<td class="'.$col.'">' . $cont . "</td>\n";
+ $cont = Q($sql_arr[$col]);
+ $table .= '<td class="'.$col.'">' . $cont . "</td>\n";
}
$table .= "</tr>\n";
@@ -1449,8 +1621,8 @@
// format each col
foreach ($a_show_cols as $col)
{
- $cont = rep_specialchars_output($row_data[$col]);
- $table .= '<td class="'.$col.'">' . $cont . "</td>\n";
+ $cont = Q($row_data[$col]);
+ $table .= '<td class="'.$col.'">' . $cont . "</td>\n";
}
$table .= "</tr>\n";
@@ -1465,7 +1637,15 @@
}
-
+/**
+ * Create an edit field for inclusion on a form
+ *
+ * @param string col field name
+ * @param string value field value
+ * @param array attrib HTML element attributes for field
+ * @param string type HTML element type (default 'text')
+ * @return string HTML field definition
+ */
function rcmail_get_edit_field($col, $value, $attrib, $type='text')
{
$fname = '_'.$col;
@@ -1511,12 +1691,12 @@
function parse_attrib_string($str)
{
$attrib = array();
- preg_match_all('/\s*([-_a-z]+)=["]([^"]+)["]?/i', stripslashes($str), $regs, PREG_SET_ORDER);
+ preg_match_all('/\s*([-_a-z]+)=(["\'])([^"]+)\2/Ui', stripslashes($str), $regs, PREG_SET_ORDER);
// convert attributes to an associative array (name => value)
if ($regs)
foreach ($regs as $attr)
- $attrib[strtolower($attr[1])] = $attr[2];
+ $attrib[strtolower($attr[1])] = $attr[3];
return $attrib;
}
@@ -1548,15 +1728,15 @@
$now = time(); // local time
$now -= (int)date('Z'); // make GMT time
$now += ($tz * 3600); // user's time
- $now_date = getdate();
+ $now_date = getdate($now);
$today_limit = mktime(0, 0, 0, $now_date['mon'], $now_date['mday'], $now_date['year']);
$week_limit = mktime(0, 0, 0, $now_date['mon'], $now_date['mday']-6, $now_date['year']);
// define date format depending on current time
- if ($CONFIG['prettydate'] && !$format && $timestamp > $today_limit)
- return sprintf('%s %s', rcube_label('today'), date('H:i', $timestamp));
- else if ($CONFIG['prettydate'] && !$format && $timestamp > $week_limit)
+ if ($CONFIG['prettydate'] && !$format && $timestamp > $today_limit && $timestamp < $now)
+ return sprintf('%s %s', rcube_label('today'), date($CONFIG['date_today'] ? $CONFIG['date_today'] : 'H:i', $timestamp));
+ else if ($CONFIG['prettydate'] && !$format && $timestamp > $week_limit && $timestamp < $now)
$format = $CONFIG['date_short'] ? $CONFIG['date_short'] : 'D H:i';
else if (!$format)
$format = $CONFIG['date_long'] ? $CONFIG['date_long'] : 'd.m.Y H:i';
@@ -1646,6 +1826,24 @@
}
+// return the mail domain configured for the given host
+function rcmail_mail_domain($host)
+ {
+ global $CONFIG;
+
+ $domain = $host;
+ if (is_array($CONFIG['mail_domain']))
+ {
+ if (isset($CONFIG['mail_domain'][$host]))
+ $domain = $CONFIG['mail_domain'][$host];
+ }
+ else if (!empty($CONFIG['mail_domain']))
+ $domain = $CONFIG['mail_domain'];
+
+ return $domain;
+ }
+
+
// return code for the webmail login form
function rcmail_login_form($attrib)
{
@@ -1656,7 +1854,7 @@
$labels['pass'] = rcube_label('password');
$labels['host'] = rcube_label('server');
- $input_user = new textfield(array('name' => '_user', 'id' => 'rcmloginuser', 'size' => 30));
+ $input_user = new textfield(array('name' => '_user', 'id' => 'rcmloginuser', 'size' => 30, 'autocomplete' => 'off'));
$input_pass = new passwordfield(array('name' => '_pass', 'id' => 'rcmloginpwd', 'size' => 30));
$input_action = new hiddenfield(array('name' => '_action', 'value' => 'login'));
@@ -1670,14 +1868,22 @@
$select_host = new select(array('name' => '_host', 'id' => 'rcmloginhost'));
foreach ($CONFIG['default_host'] as $key => $value)
- $select_host->add($value, (is_numeric($key) ? $value : $key));
+ {
+ if (!is_array($value))
+ $select_host->add($value, (is_numeric($key) ? $value : $key));
+ else
+ {
+ unset($select_host);
+ break;
+ }
+ }
- $fields['host'] = $select_host->show($_POST['_host']);
+ $fields['host'] = isset($select_host) ? $select_host->show($_POST['_host']) : null;
}
else if (!strlen($CONFIG['default_host']))
{
- $input_host = new textfield(array('name' => '_host', 'id' => 'rcmloginhost', 'size' => 30));
- $fields['host'] = $input_host->show($_POST['_host']);
+ $input_host = new textfield(array('name' => '_host', 'id' => 'rcmloginhost', 'size' => 30));
+ $fields['host'] = $input_host->show($_POST['_host']);
}
$form_name = strlen($attrib['form']) ? $attrib['form'] : 'form';
@@ -1791,6 +1997,9 @@
function write_log($name, $line)
{
global $CONFIG;
+
+ if (!is_string($line))
+ $line = var_export($line, true);
$log_entry = sprintf("[%s]: %s\n",
date("d-M-Y H:i:s O", mktime()),
--
Gitblit v1.9.1