From 3cf664939b98befe8e9f9a8e3fa8a7e9a85a5745 Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Wed, 21 Mar 2007 05:56:49 -0400
Subject: [PATCH] Minor bugfixes posted to the dev-mailing list
---
program/include/main.inc | 40 +++++++++++++++++++++-------------------
1 files changed, 21 insertions(+), 19 deletions(-)
diff --git a/program/include/main.inc b/program/include/main.inc
index 88c22b8..3fe196a 100644
--- a/program/include/main.inc
+++ b/program/include/main.inc
@@ -190,13 +190,6 @@
setcookie('sessauth', rcmail_auth_hash(session_id(), $now));
}
- if (!$valid)
- write_log('timeouts',
- "REQUEST: " . var_export($_REQUEST, true) .
- "\nEXPECTED: " . rcmail_auth_hash(session_id(), $_SESSION['auth_time']) .
- "\nOR LAST: " . rcmail_auth_hash(session_id(), $_SESSION['last_auth']) .
- "\nSESSION: " . var_export($_SESSION, true));
-
return $valid;
}
@@ -559,6 +552,7 @@
$_SESSION['username'] = $user;
$_SESSION['user_lang'] = $sess_user_lang;
$_SESSION['password'] = encrypt_passwd($pass);
+ $_SESSION['login_time'] = mktime();
// force reloading complete list of subscribed mailboxes
rcmail_set_imap_prop();
@@ -586,10 +580,10 @@
$DB->query("INSERT INTO ".get_table_name('users')."
(created, last_login, username, mail_host, alias, language)
VALUES (".$DB->now().", ".$DB->now().", ?, ?, ?, ?)",
- $user,
- $host,
- $user_email,
- $_SESSION['user_lang']);
+ strip_newlines($user),
+ strip_newlines($host),
+ strip_newlines($user_email),
+ $_SESSION['user_lang']);
if ($user_id = $DB->insert_id(get_sequence_name('users')))
{
@@ -601,7 +595,7 @@
$user_name = $user!=$user_email ? $user : '';
// try to resolve the e-mail address from the virtuser table
- if (!empty($CONFIG['virtuser_query']) &&
+ if (!empty($CONFIG['virtuser_query']) &&
($sql_result = $DB->query(preg_replace('/%u/', $user, $CONFIG['virtuser_query']))) &&
($DB->num_rows()>0))
while ($sql_arr = $DB->fetch_array($sql_result))
@@ -610,7 +604,7 @@
(user_id, del, standard, name, email)
VALUES (?, 0, 1, ?, ?)",
$user_id,
- $user_name,
+ strip_newlines($user_name),
preg_replace('/^@/', $user . '@', $sql_arr[0]));
}
else
@@ -620,8 +614,8 @@
(user_id, del, standard, name, email)
VALUES (?, 0, 1, ?, ?)",
$user_id,
- $user_name,
- $user_email);
+ strip_newlines($user_name),
+ strip_newlines($user_email));
}
// get existing mailboxes
@@ -1032,7 +1026,7 @@
$str = strip_tags($str);
// avoid douple quotation of &
- $out = preg_replace('/&([a-z]{2,5});/', '&\\1;', strtr($str, $encode_arr));
+ $out = preg_replace('/&([a-z]{2,5}|#[0-9]{2,4});/', '&\\1;', strtr($str, $encode_arr));
return $newlines ? nl2br($out) : $out;
}
@@ -1144,6 +1138,14 @@
function strip_quotes($str)
{
return preg_replace('/[\'"]/', '', $str);
+}
+
+/**
+ * Remove new lines characters from given string
+ */
+function strip_newlines($str)
+{
+ return preg_replace('/[\r\n]/', '', $str);
}
@@ -1732,9 +1734,9 @@
$week_limit = mktime(0, 0, 0, $now_date['mon'], $now_date['mday']-6, $now_date['year']);
// define date format depending on current time
- if ($CONFIG['prettydate'] && !$format && $timestamp > $today_limit)
+ if ($CONFIG['prettydate'] && !$format && $timestamp > $today_limit && $timestamp < $now)
return sprintf('%s %s', rcube_label('today'), date($CONFIG['date_today'] ? $CONFIG['date_today'] : 'H:i', $timestamp));
- else if ($CONFIG['prettydate'] && !$format && $timestamp > $week_limit)
+ else if ($CONFIG['prettydate'] && !$format && $timestamp > $week_limit && $timestamp < $now)
$format = $CONFIG['date_short'] ? $CONFIG['date_short'] : 'D H:i';
else if (!$format)
$format = $CONFIG['date_long'] ? $CONFIG['date_long'] : 'd.m.Y H:i';
@@ -1852,7 +1854,7 @@
$labels['pass'] = rcube_label('password');
$labels['host'] = rcube_label('server');
- $input_user = new textfield(array('name' => '_user', 'id' => 'rcmloginuser', 'size' => 30));
+ $input_user = new textfield(array('name' => '_user', 'id' => 'rcmloginuser', 'size' => 30, 'autocomplete' => 'off'));
$input_pass = new passwordfield(array('name' => '_pass', 'id' => 'rcmloginpwd', 'size' => 30));
$input_action = new hiddenfield(array('name' => '_action', 'value' => 'login'));
--
Gitblit v1.9.1