From 3cf664939b98befe8e9f9a8e3fa8a7e9a85a5745 Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Wed, 21 Mar 2007 05:56:49 -0400
Subject: [PATCH] Minor bugfixes posted to the dev-mailing list
---
program/steps/mail/func.inc | 350 ++++++++++++++++++++++++++++++++++++---------------------
1 files changed, 221 insertions(+), 129 deletions(-)
diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc
index bae14a2..1b98f1d 100644
--- a/program/steps/mail/func.inc
+++ b/program/steps/mail/func.inc
@@ -30,16 +30,16 @@
}
// set imap properties and session vars
-if (strlen($_GET['_mbox']))
+if ($mbox = get_input_value('_mbox', RCUBE_INPUT_GPC))
{
- $IMAP->set_mailbox($_GET['_mbox']);
- $_SESSION['mbox'] = $_GET['_mbox'];
+ $IMAP->set_mailbox($mbox);
+ $_SESSION['mbox'] = $mbox;
}
-if (strlen($_GET['_page']))
+if (!empty($_GET['_page']))
{
- $IMAP->set_page($_GET['_page']);
- $_SESSION['page'] = $_GET['_page'];
+ $IMAP->set_page((int)$_GET['_page']);
+ $_SESSION['page'] = (int)$_GET['_page'];
}
// set mailbox to INBOX if not set
@@ -51,11 +51,15 @@
$_SESSION['sort_col'] = $CONFIG['message_sort_col'];
if (!isset($_SESSION['sort_order']))
$_SESSION['sort_order'] = $CONFIG['message_sort_order'];
-
+
+// set message set for search result
+if (!empty($_GET['_search']) && isset($_SESSION['search'][$_GET['_search']]))
+ $IMAP->set_search_set($_SESSION['search'][$_GET['_search']]);
+
// define url for getting message parts
if (strlen($_GET['_uid']))
- $GET_URL = sprintf('%s&_action=get&_mbox=%s&_uid=%d', $COMM_PATH, $IMAP->get_mailbox_name(), $_GET['_uid']);
+ $GET_URL = sprintf('%s&_action=get&_mbox=%s&_uid=%d', $COMM_PATH, $IMAP->get_mailbox_name(), get_input_value('_uid', RCUBE_INPUT_GET));
// set current mailbox in client environment
@@ -79,6 +83,7 @@
// add some labels to client
rcube_add_label('purgefolderconfirm');
+ rcube_add_label('deletemessagesconfirm');
// $mboxlist_start = rcube_timer();
@@ -192,7 +197,7 @@
{
$fname = abbrevate_string($foldername, $maxlength);
if ($fname != $foldername)
- $title = ' title="'.rep_specialchars_output($foldername, 'html', 'all').'"';
+ $title = ' title="'.Q($foldername).'"';
$foldername = $fname;
}
}
@@ -214,7 +219,7 @@
else if ($folder['id']==$CONFIG['junk_mbox'])
$class_name = 'junk';
- $js_name = htmlspecialchars(rep_specialchars_output($folder['id'], 'js'));
+ $js_name = htmlspecialchars(JQ($folder['id']));
$out .= sprintf('<li id="rcmbx%s" class="mailbox %s %s%s%s"><a href="%s&_mbox=%s"'.
' onclick="return %s.command(\'list\',\'%s\')"'.
' onmouseover="return %s.focus_mailbox(\'%s\')"' .
@@ -236,7 +241,7 @@
$JS_OBJECT_NAME,
$js_name,
$title,
- rep_specialchars_output($foldername, 'html', 'all'));
+ Q($foldername));
if (!empty($folder['folders']))
$out .= "\n<ul>\n" . rcmail_render_folder_tree_html($folder['folders'], $special, $mbox_name, $maxlength, $nestLevel+1) . "</ul>\n";
@@ -273,7 +278,7 @@
$out .= sprintf('<option value="%s">%s%s</option>'."\n",
htmlspecialchars($folder['id']),
str_repeat(' ', $nestLevel*4),
- rep_specialchars_output($foldername, 'html', 'all'));
+ Q($foldername));
if (!empty($folder['folders']))
$out .= rcmail_render_folder_tree_select($folder['folders'], $special, $mbox_name, $maxlength, $nestLevel+1);
@@ -339,7 +344,7 @@
foreach ($a_show_cols as $col)
{
// get column name
- $col_name = rep_specialchars_output(rcube_label($col));
+ $col_name = Q(rcube_label($col));
// make sort links
$sort = '';
@@ -393,10 +398,9 @@
// no messages in this mailbox
if (!sizeof($a_headers))
{
- $out .= rep_specialchars_output(
- sprintf('<tr><td colspan="%d">%s</td></tr>',
- sizeof($a_show_cols)+2,
- rcube_label('nomessagesfound')));
+ $out .= sprintf('<tr><td colspan="%d">%s</td></tr>',
+ sizeof($a_show_cols)+2,
+ Q(rcube_label('nomessagesfound')));
}
@@ -442,10 +446,11 @@
foreach ($a_show_cols as $col)
{
if ($col=='from' || $col=='to')
- $cont = rep_specialchars_output(rcmail_address_string($header->$col, 3, $attrib['addicon']));
+ $cont = Q(rcmail_address_string($header->$col, 3, $attrib['addicon']), 'show');
else if ($col=='subject')
{
- $cont = rep_specialchars_output($IMAP->decode_header($header->$col), 'html', 'all');
+ $cont = Q($IMAP->decode_header($header->$col));
+ if (!$cont) $cont = Q(rcube_label('nosubject'));
// firefox/mozilla temporary workaround to pad subject with content so that whitespace in rows responds to drag+drop
$cont .= '<img src="./program/blank.gif" height="5" width="1000" alt="" />';
}
@@ -454,9 +459,9 @@
else if ($col=='date')
$cont = format_date($header->date); //date('m.d.Y G:i:s', strtotime($header->date));
else
- $cont = rep_specialchars_output($header->$col, 'html', 'all');
+ $cont = Q($header->$col);
- $out .= '<td class="'.$col.'">' . $cont . "</td>\n";
+ $out .= '<td class="'.$col.'">' . $cont . "</td>\n";
}
$out .= sprintf("<td class=\"icon\">%s</td>\n", $attach_icon ? sprintf($image_tag, $skin_path, $attach_icon, '') : '');
@@ -495,6 +500,7 @@
$javascript .= sprintf("%s.set_env('messages', %s);", $JS_OBJECT_NAME, array2js($a_js_message_arr));
$OUTPUT->add_script($javascript);
+ $OUTPUT->include_script('list.js');
return $out;
}
@@ -511,8 +517,8 @@
$a_show_cols = is_array($CONFIG['list_cols']) ? $CONFIG['list_cols'] : array('subject');
// show 'to' instead of from in sent messages
- if (strtolower($IMAP->get_mailbox_name())=='sent' && ($f = array_search('from', $a_show_cols))
- && !array_search('to', $a_show_cols))
+ if (($IMAP->get_mailbox_name()==$CONFIG['sent_mbox'] || $IMAP->get_mailbox_name()==$CONFIG['drafts_mbox'])
+ && ($f = array_search('from', $a_show_cols)) && !array_search('to', $a_show_cols))
$a_show_cols[$f] = 'to';
$commands .= sprintf("this.set_message_coltypes(%s);\n", array2js($a_show_cols));
@@ -528,15 +534,18 @@
foreach ($a_show_cols as $col)
{
if ($col=='from' || $col=='to')
- $cont = rep_specialchars_output(rcmail_address_string($header->$col, 3), 'html');
+ $cont = Q(rcmail_address_string($header->$col, 3), 'show');
else if ($col=='subject')
- $cont = rep_specialchars_output($IMAP->decode_header($header->$col), 'html', 'all');
+ {
+ $cont = Q($IMAP->decode_header($header->$col));
+ if (!$cont) $cont = Q(rcube_label('nosubject'));
+ }
else if ($col=='size')
$cont = show_bytes($header->$col);
else if ($col=='date')
$cont = format_date($header->date); //date('m.d.Y G:i:s', strtotime($header->date));
else
- $cont = rep_specialchars_output($header->$col, 'html', 'all');
+ $cont = Q($header->$col);
$a_msg_cols[$col] = $cont;
}
@@ -555,6 +564,27 @@
return $commands;
}
+
+// return an HTML iframe for loading mail content
+function rcmail_messagecontent_frame($attrib)
+ {
+ global $OUTPUT, $JS_OBJECT_NAME;
+
+ if (empty($attrib['id']))
+ $attrib['id'] = 'rcmailcontentwindow';
+
+ // allow the following attributes to be added to the <iframe> tag
+ $attrib_str = create_attrib_string($attrib, array('id', 'class', 'style', 'src', 'width', 'height', 'frameborder'));
+ $framename = $attrib['id'];
+
+ $out = sprintf('<iframe name="%s"%s></iframe>'."\n",
+ $framename,
+ $attrib_str);
+
+ $OUTPUT->add_script("$JS_OBJECT_NAME.set_env('contentframe', '$framename');");
+
+ return $out;
+ }
// return code for search function
function rcmail_search_form($attrib)
@@ -611,7 +641,7 @@
function rcmail_quota_display($attrib)
{
- global $IMAP, $OUTPUT, $JS_OBJECT_NAME;
+ global $OUTPUT, $JS_OBJECT_NAME, $COMM_PATH;
if (!$attrib['id'])
$attrib['id'] = 'rcmquotadisplay';
@@ -620,16 +650,45 @@
// allow the following attributes to be added to the <span> tag
$attrib_str = create_attrib_string($attrib, array('style', 'class', 'id'));
-
- if (!$IMAP->get_capability('QUOTA'))
- $quota_text = rcube_label('unknown');
- else if (!($quota_text = $IMAP->get_quota()))
- $quota_text = rcube_label('unlimited');
$out = '<span' . $attrib_str . '>';
- $out .= $quota_text;
+ $out .= rcmail_quota_content($attrib['display']);
$out .= '</span>';
return $out;
+ }
+
+
+function rcmail_quota_content($display)
+ {
+ global $IMAP, $COMM_PATH;
+
+ if (!$IMAP->get_capability('QUOTA'))
+ $quota_text = rcube_label('unknown');
+ else if ($quota = $IMAP->get_quota())
+ {
+ $quota_text = sprintf("%s / %s (%.0f%%)",
+ show_bytes($quota["used"] * 1024),
+ show_bytes($quota["total"] * 1024),
+ $quota["percent"]);
+
+ // show quota as image (by Brett Patterson)
+ if ($display == 'image' && function_exists('imagegif'))
+ {
+ $attrib = array('width' => 100, 'height' => 14);
+ $quota_text = sprintf('<img src="%s&_action=quotaimg&u=%s&q=%d&w=%d&h=%d" width="%d" height="%d" alt="%s" title="%s / %s" />',
+ $COMM_PATH,
+ $quota['used'], $quota['total'],
+ $attrib['width'], $attrib['height'],
+ $attrib['width'], $attrib['height'],
+ $quota_text,
+ show_bytes($quota["used"] * 1024),
+ show_bytes($quota["total"] * 1024));
+ }
+ }
+ else
+ $quota_text = rcube_label('unlimited');
+
+ return $quota_text;
}
@@ -658,7 +717,7 @@
'to' => min($max, $start_msg + $IMAP->page_size - 1),
'count' => $max)));
- return rep_specialchars_output($out);
+ return Q($out);
}
@@ -667,7 +726,15 @@
global $IMAP, $REMOTE_OBJECTS, $JS_OBJECT_NAME;
$body = is_array($part->replaces) ? strtr($part->body, $part->replaces) : $part->body;
-
+
+ // convert html to text/plain
+ if ($part->ctype_secondary=='html' && $plain)
+ {
+ $txt = new html2text($body, false, true);
+ $body = $txt->get_text();
+ $part->ctype_secondary = 'plain';
+ }
+
// text/html
if ($part->ctype_secondary=='html')
{
@@ -676,18 +743,18 @@
if (!$safe) // remove remote images and scripts
{
- $remote_patterns = array('/(src|background)=(["\']?)([hftps]{3,5}:\/{2}[^"\'\s]+)(\2|\s|>)/Ui',
- // '/(src|background)=(["\']?)([\.\/]+[^"\'\s]+)(\2|\s|>)/Ui',
+ $remote_patterns = array('/<img\s+(.*)src=(["\']?)([hftps]{3,5}:\/{2}[^"\'\s]+)(\2|\s|>)/Ui',
+ '/(src|background)=(["\']?)([hftps]{3,5}:\/{2}[^"\'\s]+)(\2|\s|>)/Ui',
'/(<base.*href=["\']?)([hftps]{3,5}:\/{2}[^"\'\s]+)([^<]*>)/i',
'/(<link.*href=["\']?)([hftps]{3,5}:\/{2}[^"\'\s]+)([^<]*>)/i',
'/url\s*\(["\']?([hftps]{3,5}:\/{2}[^"\'\s]+)["\']?\)/i',
'/url\s*\(["\']?([\.\/]+[^"\'\s]+)["\']?\)/i',
'/<script.+<\/script>/Umis');
- $remote_replaces = array('', // '\\1=\\2#\\4',
- // '\\1=\\2#\\4',
+ $remote_replaces = array('<img \\1src=\\2./program/blocked.gif\\4',
'',
- '', // '\\1#\\3',
+ '',
+ '',
'none',
'none',
'');
@@ -705,13 +772,13 @@
$body = preg_replace($remote_patterns, $remote_replaces, $body);
}
- return rep_specialchars_output($body, 'html', '', FALSE);
+ return Q($body, 'show', FALSE);
}
// text/enriched
if ($part->ctype_secondary=='enriched')
{
- return rep_specialchars_output(enriched_to_html($body), 'html');
+ return Q(enriched_to_html($body), 'show');
}
else
{
@@ -760,13 +827,13 @@
$quotation = str_repeat("</blockquote>", $quote_level);
$quote_level = $q;
- $a_lines[$n] = $quotation . rep_specialchars_output($line, 'html', 'replace', FALSE);
+ $a_lines[$n] = $quotation . Q($line, 'replace', FALSE);
}
// insert the links for urls and mailtos
$body = preg_replace("/##string_replacement\{([0-9]+)\}##/e", "\$replace_strings[\\1]", join("\n", $a_lines));
- return "<div class=\"pre\">\n".$body."\n</div>";
+ return "<div class=\"pre\">".$body."\n</div>";
}
}
@@ -916,30 +983,23 @@
// part is file/attachment
else if ($mail_part->disposition=='attachment' || $mail_part->disposition=='inline' || $mail_part->headers['content-id'] ||
- (empty($mail_part->disposition) && ($mail_part->d_parameters['filename'] || $mail_part->ctype_parameters['name'])))
+ (empty($mail_part->disposition) && $mail_part->filename))
{
- // skip apple ressource files
+ // skip apple resource forks
if ($message_ctype_secondary=='appledouble' && $secondary_type=='applefile')
continue;
// part belongs to a related message
if ($message_ctype_secondary=='related' && $mail_part->headers['content-id'])
{
- $mail_part->filename = rcube_imap::decode_mime_string($mail_part->d_parameters['filename']);
$mail_part->content_id = preg_replace(array('/^</', '/>$/'), '', $mail_part->headers['content-id']);
$sa_inline_objects[] = $mail_part;
}
// is regular attachment
- else if (($fname = $mail_part->d_parameters['filename']) ||
- ($fname = $mail_part->ctype_parameters['name']) ||
- ($fname = $mail_part->headers['content-description']))
- {
- $mail_part->filename = rcube_imap::decode_mime_string($fname);
+ else if ($mail_part->filename)
$a_attachments[] = $mail_part;
- }
}
}
-
// if this was a related part try to resolve references
if ($message_ctype_secondary=='related' && sizeof($sa_inline_objects))
@@ -947,7 +1007,7 @@
$a_replaces = array();
foreach ($sa_inline_objects as $inline_object)
- $a_replaces['cid:'.$inline_object->content_id] = sprintf($get_url, $inline_object->mime_id);
+ $a_replaces['cid:'.$inline_object->content_id] = htmlspecialchars(sprintf($get_url, $inline_object->mime_id));
// add replace array to each content part
// (will be applied later when part body is available)
@@ -958,6 +1018,10 @@
}
}
}
+
+ // message is single part non-text
+ else if ($structure->filename)
+ $a_attachments[] = $structure;
return array($a_return_parts, $a_attachments);
}
@@ -1002,12 +1066,12 @@
if ($hkey=='date' && !empty($headers[$hkey]))
$header_value = format_date(strtotime($headers[$hkey]));
else if (in_array($hkey, array('from', 'to', 'cc', 'bcc', 'reply-to')))
- $header_value = rep_specialchars_output(rcmail_address_string($headers[$hkey], NULL, $attrib['addicon']));
+ $header_value = Q(rcmail_address_string($headers[$hkey], NULL, $attrib['addicon']), 'show');
else
- $header_value = rep_specialchars_output($IMAP->decode_header($headers[$hkey]), '', 'all');
+ $header_value = Q($IMAP->decode_header($headers[$hkey]));
$out .= "\n<tr>\n";
- $out .= '<td class="header-title">'.rep_specialchars_output(rcube_label($hkey)).": </td>\n";
+ $out .= '<td class="header-title">'.Q(rcube_label($hkey)).": </td>\n";
$out .= '<td class="'.$hkey.'" width="90%">'.$header_value."</td>\n</tr>";
$header_count++;
}
@@ -1060,17 +1124,17 @@
else if ($part->type=='content')
{
if (empty($part->ctype_parameters) || empty($part->ctype_parameters['charset']))
- $$part->ctype_parameters['charset'] = $MESSAGE['headers']->charset;
-
+ $part->ctype_parameters['charset'] = $MESSAGE['headers']->charset;
+
// fetch part if not available
if (!isset($part->body))
$part->body = $IMAP->get_message_part($MESSAGE['UID'], $part->mime_id, $part);
-
- $body = rcmail_print_body($part, $safe_mode);
+
+ $body = rcmail_print_body($part, $safe_mode, !$CONFIG['prefer_html']);
$out .= '<div class="message-part">';
if ($part->ctype_secondary != 'plain')
- $out .= rcmail_mod_html_body($body, $attrib['id']);
+ $out .= rcmail_sanitize_html($body, $attrib['id']);
else
$out .= $body;
@@ -1092,8 +1156,8 @@
foreach ($MESSAGE['attachments'] as $attach_prop)
{
if (strpos($attach_prop->mimetype, 'image/')===0)
- $out .= sprintf("\n<hr />\n<p align=\"center\"><img src=\"%s&_part=%s\" alt=\"%s\" title=\"%s\" /></p>\n",
- $GET_URL, $attach_prop->mime_id,
+ $out .= sprintf("\n<hr />\n<p align=\"center\"><img src=\"%s&_part=%s\" alt=\"%s\" title=\"%s\" /></p>\n",
+ htmlspecialchars($GET_URL), $attach_prop->mime_id,
$attach_prop->filename,
$attach_prop->filename);
}
@@ -1110,7 +1174,7 @@
// modify a HTML message that it can be displayed inside a HTML page
-function rcmail_mod_html_body($body, $container_id)
+function rcmail_sanitize_html($body, $container_id)
{
// remove any null-byte characters before parsing
$body = preg_replace('/\x00/', '', $body);
@@ -1121,15 +1185,13 @@
// find STYLE tags
while (($pos = strpos($body_lc, '<style', $last_style_pos)) && ($pos2 = strpos($body_lc, '</style>', $pos)))
{
- $pos2 += 8;
- $body_pre = substr($body, 0, $pos);
- $styles = substr($body, $pos, $pos2-$pos);
- $body_post = substr($body, $pos2, strlen($body)-$pos2);
-
+ $pos = strpos($body_lc, '>', $pos)+1;
+
// replace all css definitions with #container [def]
- $styles = rcmail_mod_css_styles($styles, $container_id);
-
- $body = $body_pre . $styles . $body_post;
+ $styles = rcmail_mod_css_styles(substr($body, $pos, $pos2-$pos), $container_id);
+
+ $body = substr($body, 0, $pos) . $styles . substr($body, $pos2);
+ $body_lc = strtolower($body);
$last_style_pos = $pos2;
}
@@ -1139,14 +1201,19 @@
{
while (($pos = strpos($body_lc, '<'.$tag)) && ($pos2 = strpos($body_lc, '</'.$tag.'>', $pos)))
{
- $pos2 += 8;
+ $pos2 += strlen('</'.$tag.'>');
$body = substr($body, 0, $pos) . substr($body, $pos2, strlen($body)-$pos2);
$body_lc = strtolower($body);
}
}
// replace event handlers on any object
- $body = preg_replace('/\s(on[a-z]+)=/im', ' __removed=', $body);
+ while ($body != $prev_body)
+ {
+ $prev_body = $body;
+ $body = preg_replace('/(<[^!][^>]*\s)(on[^=>]+)=([^>]+>)/im', '$1__removed=$3', $body);
+ $body = preg_replace('/(<[^!][^>]*\shref=["\']?)(javascript:)([^>]*?>)/im', '$1null:$3', $body);
+ }
// resolve <base href>
$base_reg = '/(<base.*href=["\']?)([hftps]{3,5}:\/{2}[^"\'\s]+)([^<]*>)/i';
@@ -1168,13 +1235,16 @@
'/(<\/?meta[^>]*>)/i'),
'<!--\\1-->',
$body);
-
+
$out = preg_replace(array('/(<body[^>]*>)/i',
'/(<\/body>)/i'),
array('<div class="rcmBody">',
'</div>'),
$out);
-
+
+ // quote <? of php and xml files that are specified as text/html
+ $out = preg_replace(array('/<\?/', '/\?>/'), array('<?', '?>'), $out);
+
return $out;
}
@@ -1182,12 +1252,13 @@
// parse link attributes and set correct target
function rcmail_alter_html_link($in)
{
+ $in = preg_replace('/=([^("|\'|\s)]+)(\s|$)/', '="\1"', $in);
$attrib = parse_attrib_string($in);
if (stristr((string)$attrib['href'], 'mailto:'))
$attrib['onclick'] = sprintf("return %s.command('compose','%s',this)",
$GLOBALS['JS_OBJECT_NAME'],
- substr($attrib['href'], 7));
+ JQ(substr($attrib['href'], 7)));
else if (!empty($attrib['href']) && $attrib['href']{0}!='#')
$attrib['target'] = '_blank';
@@ -1209,16 +1280,66 @@
$source = substr($source, 0, $pos+1) . "<<str_replacement[$key]>>" . substr($source, $pos2, strlen($source)-$pos2);
$last_pos = $pos+2;
}
-
- $styles = preg_replace('/(^\s*|,\s*)([a-z0-9\._][a-z0-9\.\-_]*)/im', "\\1#$container_id \\2", $source);
- $styles = preg_replace('/<<str_replacement\[([0-9]+)\]>>/e', "\$a_css_values[\\1]", $styles);
-
- // replace body definition because we also stripped off the <body> tag
- $styles = preg_replace("/$container_id\s+body/i", "$container_id div.rcmBody", $styles);
-
+
+ // remove html commends and add #container to each tag selector.
+ // also replace body definition because we also stripped off the <body> tag
+ $styles = preg_replace(array('/(^\s*<!--)|(-->\s*$)/', '/(^\s*|,\s*|\}\s*)([a-z0-9\._][a-z0-9\.\-_]*)/im', '/<<str_replacement\[([0-9]+)\]>>/e', "/$container_id\s+body/i"),
+ array('', "\\1#$container_id \\2", "\$a_css_values[\\1]", "$container_id div.rcmBody"),
+ $source);
+
return $styles;
}
+
+function rcmail_has_html_part($message_parts)
+{
+ if (!is_array($message_parts))
+ return FALSE;
+
+ // check all message parts
+ foreach ($message_parts as $pid => $part)
+ {
+ $mimetype = strtolower($part->ctype_primary.'/'.$part->ctype_secondary);
+ if ($mimetype=='text/html')
+ {
+ return TRUE;
+ }
+ }
+
+ return FALSE;
+}
+
+// return first HTML part of a message
+function rcmail_first_html_part($message_struct)
+ {
+ global $IMAP;
+
+ if (!is_array($message_struct['parts']))
+ return FALSE;
+
+ $html_part = NULL;
+
+ // check all message parts
+ foreach ($message_struct['parts'] as $pid => $part)
+ {
+ $mimetype = strtolower($part->ctype_primary.'/'.$part->ctype_secondary);
+ if ($mimetype=='text/html')
+ {
+ $html_part = $IMAP->get_message_part($message_struct['UID'], $pid, $part);
+ }
+ }
+
+ if ($html_part)
+ {
+ // remove special chars encoding
+ //$trans = array_flip(get_html_translation_table(HTML_ENTITIES));
+ //$html_part = strtr($html_part, $trans);
+
+ return $html_part;
+ }
+
+ return FALSE;
+}
// return first text part of a message
@@ -1226,9 +1347,9 @@
{
global $IMAP;
- if (!is_array($message_struct['parts']))
- return FALSE;
-
+ if (empty($message_struct['parts']))
+ return $message_struct['UID'] ? $IMAP->get_body($message_struct['UID']) : false;
+
// check all message parts
foreach ($message_struct['parts'] as $pid => $part)
{
@@ -1273,7 +1394,7 @@
{
$j++;
if ($PRINT_MODE)
- $out .= sprintf('%s <%s>', rep_specialchars_output($part['name']), $part['mailto']);
+ $out .= sprintf('%s <%s>', Q($part['name']), $part['mailto']);
else if (preg_match($EMAIL_ADDRESS_PATTERN, $part['mailto']))
{
$out .= sprintf('<a href="mailto:%s" onclick="return %s.command(\'compose\',\'%s\',this)" class="rcmContactAddress" title="%s">%s</a>',
@@ -1281,7 +1402,7 @@
$JS_OBJECT_NAME,
$part['mailto'],
$part['mailto'],
- rep_specialchars_output($part['name']));
+ Q($part['name']));
if ($addicon)
$out .= sprintf(' <a href="#add" onclick="return %s.command(\'add-contact\',\'%s\',this)" title="%s"><img src="%s%s" alt="add" border="0" /></a>',
@@ -1294,7 +1415,7 @@
else
{
if ($part['name'])
- $out .= rep_specialchars_output($part['name']);
+ $out .= Q($part['name']);
if ($part['mailto'])
$out .= (strlen($out) ? ' ' : '') . sprintf('<%s>', $part['mailto']);
}
@@ -1325,22 +1446,19 @@
$attrib_str = create_attrib_string($attrib, array('id', 'class', 'style', 'cellspacing', 'cellpadding', 'border', 'summary'));
$out = '<table '. $attrib_str . ">\n";
- $filename = $part->d_parameters['filename'] ? $part->d_parameters['filename'] : $part->ctype_parameters['name'];
- $filesize = $part->size;
-
if ($filename)
{
$out .= sprintf('<tr><td class="title">%s</td><td>%s</td><td>[<a href="./?%s">%s</a>]</tr>'."\n",
- rcube_label('filename'),
- rep_specialchars_output(rcube_imap::decode_mime_string($filename)),
+ Q(rcube_label('filename')),
+ Q($part->filename),
str_replace('_frame=', '_download=', $_SERVER['QUERY_STRING']),
- rcube_label('download'));
+ Q(rcube_label('download')));
}
- if ($filesize)
+ if ($part->size)
$out .= sprintf('<tr><td class="title">%s</td><td>%s</td></tr>'."\n",
- rcube_label('filesize'),
- show_bytes($filesize));
+ Q(rcube_label('filesize')),
+ show_bytes($part->size));
$out .= "\n</table>";
@@ -1365,45 +1483,19 @@
}
-// create temp dir for attachments
-function rcmail_create_compose_tempdir()
- {
- global $CONFIG;
-
- if ($_SESSION['compose']['temp_dir'])
- return $_SESSION['compose']['temp_dir'];
-
- if (!empty($CONFIG['temp_dir']))
- $temp_dir = $CONFIG['temp_dir'].(!eregi('\/$', $CONFIG['temp_dir']) ? '/' : '').$_SESSION['compose']['id'];
-
- // create temp-dir for uploaded attachments
- if (!empty($CONFIG['temp_dir']) && is_writeable($CONFIG['temp_dir']))
- {
- mkdir($temp_dir);
- $_SESSION['compose']['temp_dir'] = $temp_dir;
- }
-
- return $_SESSION['compose']['temp_dir'];
- }
-
-
// clear message composing settings
function rcmail_compose_cleanup()
{
if (!isset($_SESSION['compose']))
return;
-
+
// remove attachment files from temp dir
if (is_array($_SESSION['compose']['attachments']))
foreach ($_SESSION['compose']['attachments'] as $attachment)
@unlink($attachment['path']);
-
- // kill temp dir
- if ($_SESSION['compose']['temp_dir'])
- @rmdir($_SESSION['compose']['temp_dir']);
unset($_SESSION['compose']);
}
-?>
+?>
\ No newline at end of file
--
Gitblit v1.9.1