From 681ba6fc3c296cd6cd11050531b8f4e785141786 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Tue, 16 Dec 2014 07:28:48 -0500
Subject: [PATCH] Improve system security by using optional special URL with security token Allows to define separate server/path for image/js/css files Fix bugs where CSRF attacks were still possible on some requests
---
program/steps/addressbook/func.inc | 310 +++++++++++++++++++++++++++-----------------------
1 files changed, 167 insertions(+), 143 deletions(-)
diff --git a/program/steps/addressbook/func.inc b/program/steps/addressbook/func.inc
index f94d153..c40b517 100644
--- a/program/steps/addressbook/func.inc
+++ b/program/steps/addressbook/func.inc
@@ -5,7 +5,7 @@
| program/steps/addressbook/func.inc |
| |
| This file is part of the Roundcube Webmail client |
- | Copyright (C) 2005-2012, The Roundcube Dev Team |
+ | Copyright (C) 2005-2013, The Roundcube Dev Team |
| |
| Licensed under the GNU General Public License version 3 or |
| any later version with exceptions for skins & plugins. |
@@ -23,37 +23,37 @@
// general definition of contact coltypes
$CONTACT_COLTYPES = array(
- 'name' => array('type' => 'text', 'size' => 40, 'maxlength' => 50, 'limit' => 1, 'label' => rcube_label('name'), 'category' => 'main'),
- 'firstname' => array('type' => 'text', 'size' => 19, 'maxlength' => 50, 'limit' => 1, 'label' => rcube_label('firstname'), 'category' => 'main'),
- 'surname' => array('type' => 'text', 'size' => 19, 'maxlength' => 50, 'limit' => 1, 'label' => rcube_label('surname'), 'category' => 'main'),
- 'email' => array('type' => 'text', 'size' => 40, 'maxlength' => 254, 'label' => rcube_label('email'), 'subtypes' => array('home','work','other'), 'category' => 'main'),
- 'middlename' => array('type' => 'text', 'size' => 19, 'maxlength' => 50, 'limit' => 1, 'label' => rcube_label('middlename'), 'category' => 'main'),
- 'prefix' => array('type' => 'text', 'size' => 8, 'maxlength' => 20, 'limit' => 1, 'label' => rcube_label('nameprefix'), 'category' => 'main'),
- 'suffix' => array('type' => 'text', 'size' => 8, 'maxlength' => 20, 'limit' => 1, 'label' => rcube_label('namesuffix'), 'category' => 'main'),
- 'nickname' => array('type' => 'text', 'size' => 40, 'maxlength' => 50, 'limit' => 1, 'label' => rcube_label('nickname'), 'category' => 'main'),
- 'jobtitle' => array('type' => 'text', 'size' => 40, 'maxlength' => 50, 'limit' => 1, 'label' => rcube_label('jobtitle'), 'category' => 'main'),
- 'organization' => array('type' => 'text', 'size' => 40, 'maxlength' => 50, 'limit' => 1, 'label' => rcube_label('organization'), 'category' => 'main'),
- 'department' => array('type' => 'text', 'size' => 40, 'maxlength' => 50, 'limit' => 1, 'label' => rcube_label('department'), 'category' => 'main'),
- 'gender' => array('type' => 'select', 'limit' => 1, 'label' => rcube_label('gender'), 'options' => array('male' => rcube_label('male'), 'female' => rcube_label('female')), 'category' => 'personal'),
- 'maidenname' => array('type' => 'text', 'size' => 40, 'maxlength' => 50, 'limit' => 1, 'label' => rcube_label('maidenname'), 'category' => 'personal'),
- 'phone' => array('type' => 'text', 'size' => 40, 'maxlength' => 20, 'label' => rcube_label('phone'), 'subtypes' => array('home','home2','work','work2','mobile','main','homefax','workfax','car','pager','video','assistant','other'), 'category' => 'main'),
- 'address' => array('type' => 'composite', 'label' => rcube_label('address'), 'subtypes' => array('home','work','other'), 'childs' => array(
- 'street' => array('type' => 'text', 'size' => 40, 'maxlength' => 50, 'label' => rcube_label('street'), 'category' => 'main'),
- 'locality' => array('type' => 'text', 'size' => 28, 'maxlength' => 50, 'label' => rcube_label('locality'), 'category' => 'main'),
- 'zipcode' => array('type' => 'text', 'size' => 8, 'maxlength' => 15, 'label' => rcube_label('zipcode'), 'category' => 'main'),
- 'region' => array('type' => 'text', 'size' => 12, 'maxlength' => 50, 'label' => rcube_label('region'), 'category' => 'main'),
- 'country' => array('type' => 'text', 'size' => 40, 'maxlength' => 50, 'label' => rcube_label('country'), 'category' => 'main'),
- ), 'category' => 'main'),
- 'birthday' => array('type' => 'date', 'size' => 12, 'maxlength' => 16, 'label' => rcube_label('birthday'), 'limit' => 1, 'render_func' => 'rcmail_format_date_col', 'category' => 'personal'),
- 'anniversary' => array('type' => 'date', 'size' => 12, 'maxlength' => 16, 'label' => rcube_label('anniversary'), 'limit' => 1, 'render_func' => 'rcmail_format_date_col', 'category' => 'personal'),
- 'website' => array('type' => 'text', 'size' => 40, 'maxlength' => 50, 'label' => rcube_label('website'), 'subtypes' => array('homepage','work','blog','profile','other'), 'category' => 'main'),
- 'im' => array('type' => 'text', 'size' => 40, 'maxlength' => 50, 'label' => rcube_label('instantmessenger'), 'subtypes' => array('aim','icq','msn','yahoo','jabber','skype','other'), 'category' => 'main'),
- 'notes' => array('type' => 'textarea', 'size' => 40, 'rows' => 15, 'maxlength' => 500, 'label' => rcube_label('notes'), 'limit' => 1),
- 'photo' => array('type' => 'image', 'limit' => 1, 'category' => 'main'),
- 'assistant' => array('type' => 'text', 'size' => 40, 'maxlength' => 50, 'limit' => 1, 'label' => rcube_label('assistant'), 'category' => 'personal'),
- 'manager' => array('type' => 'text', 'size' => 40, 'maxlength' => 50, 'limit' => 1, 'label' => rcube_label('manager'), 'category' => 'personal'),
- 'spouse' => array('type' => 'text', 'size' => 40, 'maxlength' => 50, 'limit' => 1, 'label' => rcube_label('spouse'), 'category' => 'personal'),
- // TODO: define fields for vcards like GEO, KEY
+ 'name' => array('type' => 'text', 'size' => 40, 'maxlength' => 50, 'limit' => 1, 'label' => $RCMAIL->gettext('name'), 'category' => 'main'),
+ 'firstname' => array('type' => 'text', 'size' => 19, 'maxlength' => 50, 'limit' => 1, 'label' => $RCMAIL->gettext('firstname'), 'category' => 'main'),
+ 'surname' => array('type' => 'text', 'size' => 19, 'maxlength' => 50, 'limit' => 1, 'label' => $RCMAIL->gettext('surname'), 'category' => 'main'),
+ 'email' => array('type' => 'text', 'size' => 40, 'maxlength' => 254, 'label' => $RCMAIL->gettext('email'), 'subtypes' => array('home','work','other'), 'category' => 'main'),
+ 'middlename' => array('type' => 'text', 'size' => 19, 'maxlength' => 50, 'limit' => 1, 'label' => $RCMAIL->gettext('middlename'), 'category' => 'main'),
+ 'prefix' => array('type' => 'text', 'size' => 8, 'maxlength' => 20, 'limit' => 1, 'label' => $RCMAIL->gettext('nameprefix'), 'category' => 'main'),
+ 'suffix' => array('type' => 'text', 'size' => 8, 'maxlength' => 20, 'limit' => 1, 'label' => $RCMAIL->gettext('namesuffix'), 'category' => 'main'),
+ 'nickname' => array('type' => 'text', 'size' => 40, 'maxlength' => 50, 'limit' => 1, 'label' => $RCMAIL->gettext('nickname'), 'category' => 'main'),
+ 'jobtitle' => array('type' => 'text', 'size' => 40, 'maxlength' => 50, 'limit' => 1, 'label' => $RCMAIL->gettext('jobtitle'), 'category' => 'main'),
+ 'organization' => array('type' => 'text', 'size' => 40, 'maxlength' => 50, 'limit' => 1, 'label' => $RCMAIL->gettext('organization'), 'category' => 'main'),
+ 'department' => array('type' => 'text', 'size' => 40, 'maxlength' => 50, 'limit' => 1, 'label' => $RCMAIL->gettext('department'), 'category' => 'main'),
+ 'gender' => array('type' => 'select', 'limit' => 1, 'label' => $RCMAIL->gettext('gender'), 'options' => array('male' => $RCMAIL->gettext('male'), 'female' => $RCMAIL->gettext('female')), 'category' => 'personal'),
+ 'maidenname' => array('type' => 'text', 'size' => 40, 'maxlength' => 50, 'limit' => 1, 'label' => $RCMAIL->gettext('maidenname'), 'category' => 'personal'),
+ 'phone' => array('type' => 'text', 'size' => 40, 'maxlength' => 20, 'label' => $RCMAIL->gettext('phone'), 'subtypes' => array('home','home2','work','work2','mobile','main','homefax','workfax','car','pager','video','assistant','other'), 'category' => 'main'),
+ 'address' => array('type' => 'composite', 'label' => $RCMAIL->gettext('address'), 'subtypes' => array('home','work','other'), 'childs' => array(
+ 'street' => array('type' => 'text', 'size' => 40, 'maxlength' => 50, 'label' => $RCMAIL->gettext('street'), 'category' => 'main'),
+ 'locality' => array('type' => 'text', 'size' => 28, 'maxlength' => 50, 'label' => $RCMAIL->gettext('locality'), 'category' => 'main'),
+ 'zipcode' => array('type' => 'text', 'size' => 8, 'maxlength' => 15, 'label' => $RCMAIL->gettext('zipcode'), 'category' => 'main'),
+ 'region' => array('type' => 'text', 'size' => 12, 'maxlength' => 50, 'label' => $RCMAIL->gettext('region'), 'category' => 'main'),
+ 'country' => array('type' => 'text', 'size' => 40, 'maxlength' => 50, 'label' => $RCMAIL->gettext('country'), 'category' => 'main'),
+ ), 'category' => 'main'),
+ 'birthday' => array('type' => 'date', 'size' => 12, 'maxlength' => 16, 'label' => $RCMAIL->gettext('birthday'), 'limit' => 1, 'render_func' => 'rcmail_format_date_col', 'category' => 'personal'),
+ 'anniversary' => array('type' => 'date', 'size' => 12, 'maxlength' => 16, 'label' => $RCMAIL->gettext('anniversary'), 'limit' => 1, 'render_func' => 'rcmail_format_date_col', 'category' => 'personal'),
+ 'website' => array('type' => 'text', 'size' => 40, 'maxlength' => 50, 'label' => $RCMAIL->gettext('website'), 'subtypes' => array('homepage','work','blog','profile','other'), 'category' => 'main'),
+ 'im' => array('type' => 'text', 'size' => 40, 'maxlength' => 50, 'label' => $RCMAIL->gettext('instantmessenger'), 'subtypes' => array('aim','icq','msn','yahoo','jabber','skype','other'), 'category' => 'main'),
+ 'notes' => array('type' => 'textarea', 'size' => 40, 'rows' => 15, 'maxlength' => 500, 'label' => $RCMAIL->gettext('notes'), 'limit' => 1),
+ 'photo' => array('type' => 'image', 'limit' => 1, 'category' => 'main'),
+ 'assistant' => array('type' => 'text', 'size' => 40, 'maxlength' => 50, 'limit' => 1, 'label' => $RCMAIL->gettext('assistant'), 'category' => 'personal'),
+ 'manager' => array('type' => 'text', 'size' => 40, 'maxlength' => 50, 'limit' => 1, 'label' => $RCMAIL->gettext('manager'), 'category' => 'personal'),
+ 'spouse' => array('type' => 'text', 'size' => 40, 'maxlength' => 50, 'limit' => 1, 'label' => $RCMAIL->gettext('spouse'), 'category' => 'personal'),
+ // TODO: define fields for vcards like GEO, KEY
);
$PAGE_SIZE = $RCMAIL->config->get('addressbook_pagesize', $RCMAIL->config->get('pagesize', 50));
@@ -81,14 +81,13 @@
$OUTPUT->set_env('search_mods', $search_mods);
$OUTPUT->set_env('address_sources', $js_list);
$OUTPUT->set_env('writable_source', $writeable);
- $OUTPUT->set_env('compose_extwin', $RCMAIL->config->get('compose_extwin',false));
- $OUTPUT->set_pagetitle(rcube_label('addressbook'));
+ $OUTPUT->set_pagetitle($RCMAIL->gettext('addressbook'));
$_SESSION['addressbooks_count'] = $count;
$_SESSION['addressbooks_count_writeable'] = $writeable;
// select address book
- $source = get_input_value('_source', RCUBE_INPUT_GPC);
+ $source = rcube_utils::get_input_value('_source', rcube_utils::INPUT_GPC);
// use first directory by default
if (!strlen($source) || !isset($js_list[$source])) {
@@ -109,13 +108,38 @@
$RCMAIL->session->remove('contact_undo');
}
+// register UI objects
+$OUTPUT->add_handlers(array(
+ 'directorylist' => 'rcmail_directory_list',
+ 'savedsearchlist' => 'rcmail_savedsearch_list',
+ 'addresslist' => 'rcmail_contacts_list',
+ 'addresslisttitle' => 'rcmail_contacts_list_title',
+ 'addressframe' => 'rcmail_contact_frame',
+ 'recordscountdisplay' => 'rcmail_rowcount_display',
+ 'searchform' => array($OUTPUT, 'search_form')
+));
+
+// register action aliases
+$RCMAIL->register_action_map(array(
+ 'add' => 'edit.inc',
+ 'group-create' => 'groups.inc',
+ 'group-rename' => 'groups.inc',
+ 'group-delete' => 'groups.inc',
+ 'group-addmembers' => 'groups.inc',
+ 'group-delmembers' => 'groups.inc',
+ 'search-create' => 'search.inc',
+ 'search-delete' => 'search.inc',
+));
+
+
+
// instantiate a contacts object according to the given source
function rcmail_contact_source($source=null, $init_env=false, $writable=false)
{
global $RCMAIL, $OUTPUT, $CONTACT_COLTYPES, $PAGE_SIZE;
if (!strlen($source)) {
- $source = get_input_value('_source', RCUBE_INPUT_GPC);
+ $source = rcube_utils::get_input_value('_source', rcube_utils::INPUT_GPC);
}
// Get object
@@ -129,13 +153,13 @@
$CONTACTS->set_page(isset($_SESSION['page']) ? $_SESSION['page'] : 1);
if (!empty($_REQUEST['_gid']))
- $CONTACTS->set_group(get_input_value('_gid', RCUBE_INPUT_GPC));
+ $CONTACTS->set_group(rcube_utils::get_input_value('_gid', rcube_utils::INPUT_GPC));
if (!$init_env)
return $CONTACTS;
$OUTPUT->set_env('readonly', $CONTACTS->readonly);
- $OUTPUT->set_env('source', $source);
+ $OUTPUT->set_env('source', (string) $source);
// reduce/extend $CONTACT_COLTYPES with specification from the current $CONTACT object
if (is_array($CONTACTS->coltypes)) {
@@ -162,13 +186,13 @@
function rcmail_set_sourcename($abook)
{
- global $OUTPUT;
+ global $OUTPUT, $RCMAIL;
// get address book name (for display)
if ($abook && $_SESSION['addressbooks_count'] > 1) {
$name = $abook->get_name();
if (!$name) {
- $name = rcube_label('personaladrbook');
+ $name = $RCMAIL->gettext('personaladrbook');
}
$OUTPUT->set_env('sourcename', html_entity_decode($name, ENT_COMPAT, 'UTF-8'));
}
@@ -189,17 +213,17 @@
'id' => 'rcmli%s', 'class' => '%s', 'noclose' => true),
html::a(array('href' => '%s',
'rel' => '%s',
- 'onclick' => "return ".JS_OBJECT_NAME.".command('list','%s',this)"), '%s'));
+ 'onclick' => "return ".rcmail_output::JS_OBJECT_NAME.".command('list','%s',this)"), '%s'));
$sources = (array) $OUTPUT->get_env('address_sources');
reset($sources);
// currently selected source
- $current = get_input_value('_source', RCUBE_INPUT_GPC);
+ $current = rcube_utils::get_input_value('_source', rcube_utils::INPUT_GPC);
foreach ($sources as $j => $source) {
$id = strval(strlen($source['id']) ? $source['id'] : $j);
- $js_id = JQ($id);
+ $js_id = rcube::JQ($id);
// set class name(s)
$class_name = 'addressbook';
@@ -214,7 +238,7 @@
$out .= sprintf($line_templ,
rcube_utils::html_identifier($id, true),
$class_name,
- Q(rcmail_url(null, array('_source' => $id))),
+ rcube::Q($RCMAIL->url(array('_source' => $id))),
$source['id'],
$js_id, $name);
@@ -226,38 +250,53 @@
$out .= '</li>';
}
- $line_templ = html::tag('li', array(
- 'id' => 'rcmli%s', 'class' => '%s'),
- html::a(array('href' => '#', 'rel' => 'S%s',
- 'onclick' => "return ".JS_OBJECT_NAME.".command('listsearch', '%s', this)"), '%s'));
-
- // Saved searches
- $sources = $RCMAIL->user->list_searches(rcube_user::SEARCH_ADDRESSBOOK);
- foreach ($sources as $j => $source) {
- $id = $source['id'];
- $js_id = JQ($id);
-
- // set class name(s)
- $class_name = 'contactsearch';
- if ($current === $id)
- $class_name .= ' selected';
- if ($source['class_name'])
- $class_name .= ' ' . $source['class_name'];
-
- $out .= sprintf($line_templ,
- rcube_utils::html_identifier('S'.$id, true),
- $class_name,
- $id,
- $js_id, (!empty($source['name']) ? Q($source['name']) : Q($id)));
- }
-
$OUTPUT->set_env('contactgroups', $jsdata);
$OUTPUT->set_env('collapsed_abooks', (string)$RCMAIL->config->get('collapsed_abooks',''));
$OUTPUT->add_gui_object('folderlist', $attrib['id']);
$OUTPUT->include_script('treelist.js');
// add some labels to client
- $OUTPUT->add_label('deletegroupconfirm', 'groupdeleting', 'addingmember', 'removingmember');
+ $OUTPUT->add_label('deletegroupconfirm', 'groupdeleting', 'addingmember', 'removingmember',
+ 'newgroup', 'grouprename', 'searchsave', 'namex', 'save'
+ );
+
+ return html::tag('ul', $attrib, $out, html::$common_attrib);
+}
+
+
+function rcmail_savedsearch_list($attrib)
+{
+ global $RCMAIL, $OUTPUT;
+
+ if (!$attrib['id'])
+ $attrib['id'] = 'rcmsavedsearchlist';
+
+ $out = '';
+ $line_templ = html::tag('li', array(
+ 'id' => 'rcmli%s', 'class' => '%s'),
+ html::a(array('href' => '#', 'rel' => 'S%s',
+ 'onclick' => "return ".rcmail_output::JS_OBJECT_NAME.".command('listsearch', '%s', this)"), '%s'));
+
+ // Saved searches
+ $sources = $RCMAIL->user->list_searches(rcube_user::SEARCH_ADDRESSBOOK);
+ foreach ($sources as $source) {
+ $id = $source['id'];
+ $js_id = rcube::JQ($id);
+
+ // set class name(s)
+ $classes = array('contactsearch');
+ if (!empty($source['class_name']))
+ $classes[] = $source['class_name'];
+
+ $out .= sprintf($line_templ,
+ rcube_utils::html_identifier('S'.$id, true),
+ join(' ', $classes),
+ $id,
+ $js_id, (!empty($source['name']) ? rcube::Q($source['name']) : rcube::Q($id))
+ );
+ }
+
+ $OUTPUT->add_gui_object('savedsearchlist', $attrib['id']);
return html::tag('ul', $attrib, $out, html::$common_attrib);
}
@@ -275,7 +314,7 @@
'id' => 'rcmli%s', 'class' => 'contactgroup'),
html::a(array('href' => '#',
'rel' => '%s:%s',
- 'onclick' => "return ".JS_OBJECT_NAME.".command('listgroup',{'source':'%s','id':'%s'},this)"), '%s'));
+ 'onclick' => "return ".rcmail_output::JS_OBJECT_NAME.".command('listgroup',{'source':'%s','id':'%s'},this)"), '%s'));
// append collapse/expand toggle and open a new <ul>
$is_collapsed = strpos($RCMAIL->config->get('collapsed_abooks',''), '&'.rawurlencode($args['source']).'&') !== false;
@@ -285,7 +324,7 @@
$groups_html .= sprintf($line_templ,
rcube_utils::html_identifier('G' . $args['source'] . $group['ID'], true),
$args['source'], $group['ID'],
- $args['source'], $group['ID'], Q($group['name'])
+ $args['source'], $group['ID'], rcube::Q($group['name'])
);
$args['jsdata']['G'.$args['source'].$group['ID']] = array(
'source' => $args['source'], 'id' => $group['ID'],
@@ -304,7 +343,7 @@
// return the contacts list as HTML table
function rcmail_contacts_list($attrib)
{
- global $CONTACTS, $OUTPUT;
+ global $RCMAIL, $CONTACTS, $OUTPUT;
// define list of cols to be displayed
$a_show_cols = array('name','action');
@@ -314,7 +353,7 @@
$attrib['id'] = 'rcmAddressList';
// create XHTML table
- $out = rcube_table_output($attrib, array(), $a_show_cols, $CONTACTS->primary_key);
+ $out = $RCMAIL->table_output($attrib, array(), $a_show_cols, $CONTACTS->primary_key);
// set client env
$OUTPUT->add_gui_object('contactslist', $attrib['id']);
@@ -330,7 +369,7 @@
function rcmail_js_contacts_list($result, $prefix='')
{
- global $OUTPUT;
+ global $OUTPUT, $RCMAIL;
if (empty($result) || $result->count == 0)
return;
@@ -357,7 +396,7 @@
$val = '';
switch ($col) {
case 'name':
- $val = Q(rcube_addressbook::compose_list_name($row));
+ $val = rcube::Q(rcube_addressbook::compose_list_name($row));
break;
case 'action':
@@ -365,16 +404,16 @@
$val = html::a(array(
'href' => '#list',
'rel' => $row['ID'],
- 'title' => rcube_label('listgroup'),
- 'onclick' => sprintf("return %s.command('pushgroup',{'source':'%s','id':'%s'},this,event)", JS_OBJECT_NAME, $source_id, $row['CID']),
+ 'title' => $RCMAIL->gettext('listgroup'),
+ 'onclick' => sprintf("return %s.command('pushgroup',{'source':'%s','id':'%s'},this,event)", rcmail_output::JS_OBJECT_NAME, $source_id, $row['CID']),
), '»');
}
else
- $val = ' ';
+ $val = '';
break;
default:
- $val = Q($row[$col]);
+ $val = rcube::Q($row[$col]);
break;
}
@@ -391,15 +430,15 @@
function rcmail_contacts_list_title($attrib)
{
- global $OUTPUT;
+ global $OUTPUT, $RCMAIL;
$attrib += array('label' => 'contacts', 'id' => 'rcmabooklisttitle', 'tag' => 'span');
unset($attrib['name']);
$OUTPUT->add_gui_object('addresslist_title', $attrib['id']);
- $OUTPUT->add_label('contacts');
+ $OUTPUT->add_label('contacts','uponelevel');
- return html::tag($attrib['tag'], $attrib, rcube_label($attrib['label']), html::$common_attrib);
+ return html::tag($attrib['tag'], $attrib, $RCMAIL->gettext($attrib['label']), html::$common_attrib);
}
@@ -417,23 +456,23 @@
function rcmail_rowcount_display($attrib)
{
- global $OUTPUT;
+ global $RCMAIL;
if (!$attrib['id'])
$attrib['id'] = 'rcmcountdisplay';
- $OUTPUT->add_gui_object('countdisplay', $attrib['id']);
+ $RCMAIL->output->add_gui_object('countdisplay', $attrib['id']);
if ($attrib['label'])
$_SESSION['contactcountdisplay'] = $attrib['label'];
- return html::span($attrib, rcube_label('loading'));
+ return html::span($attrib, $RCMAIL->gettext('loading'));
}
function rcmail_get_rowcount_text($result=null)
{
- global $CONTACTS, $PAGE_SIZE;
+ global $RCMAIL, $CONTACTS, $PAGE_SIZE;
// read nr of contacts
if (!$result) {
@@ -441,9 +480,9 @@
}
if ($result->count == 0)
- $out = rcube_label('nocontactsfound');
+ $out = $RCMAIL->gettext('nocontactsfound');
else
- $out = rcube_label(array(
+ $out = $RCMAIL->gettext(array(
'name' => $_SESSION['contactcountdisplay'] ? $_SESSION['contactcountdisplay'] : 'contactsfromto',
'vars' => array(
'from' => $result->first + 1,
@@ -457,13 +496,15 @@
function rcmail_get_type_label($type)
{
+ global $RCMAIL;
+
$label = 'type'.$type;
- if (rcube_label_exists($label, '*', $domain))
- return rcube_label($label, $domain);
+ if ($RCMAIL->text_exists($label, '*', $domain))
+ return $RCMAIL->gettext($label, $domain);
else if (preg_match('/\w+(\d+)$/', $label, $m)
&& ($label = preg_replace('/(\d+)$/', '', $label))
- && rcube_label_exists($label, '*', $domain))
- return rcube_label($label, $domain) . ' ' . $m[1];
+ && $RCMAIL->text_exists($label, '*', $domain))
+ return $RCMAIL->gettext($label, $domain) . ' ' . $m[1];
return ucfirst($type);
}
@@ -480,7 +521,7 @@
$form = $plugin['form'];
$record = $plugin['record'];
$edit_mode = $RCMAIL->action != 'show';
- $del_button = $attrib['deleteicon'] ? html::img(array('src' => $RCMAIL->output->get_skin_file($attrib['deleteicon']), 'alt' => rcube_label('delete'))) : rcube_label('delete');
+ $del_button = $attrib['deleteicon'] ? html::img(array('src' => $RCMAIL->output->get_skin_file($attrib['deleteicon']), 'alt' => $RCMAIL->gettext('delete'))) : $RCMAIL->gettext('delete');
unset($attrib['deleteicon']);
$out = '';
@@ -491,7 +532,7 @@
foreach ($coltypes as $col => $prop) {
if ($prop['subtypes']) {
$subtype_names = array_map('rcmail_get_type_label', $prop['subtypes']);
- $select_subtype = new html_select(array('name' => '_subtype_'.$col.'[]', 'class' => 'contactselectsubtype'));
+ $select_subtype = new html_select(array('name' => '_subtype_'.$col.'[]', 'class' => 'contactselectsubtype', 'title' => $prop['label'] . ' ' . $RCMAIL->gettext('type')));
$select_subtype->add($subtype_names, $prop['subtypes']);
$coltypes[$col]['subtypes_select'] = $select_subtype->show();
}
@@ -507,7 +548,7 @@
continue;
$select_add = new html_select(array('class' => 'addfieldmenu', 'rel' => $section));
- $select_add->add(rcube_label('addfield'), '');
+ $select_add->add($RCMAIL->gettext('addfield'), '');
// render head section with name fields (not a regular list of rows)
if ($section == 'head') {
@@ -539,7 +580,7 @@
if ($RCMAIL->action == 'show') {
if (!empty($record[$col]))
- $fields .= html::span('namefield ' . $col, Q($record[$col])) . " ";
+ $fields .= html::span('namefield ' . $col, rcube::Q($record[$col])) . " ";
}
else {
$colprop = (array)$fieldset['content'][$col] + (array)$coltypes[$col];
@@ -548,7 +589,7 @@
$colprop['style'] = 'display:none';
$select_add->add($colprop['label'], $col);
}
- $fields .= rcmail_get_edit_field($col, $record[$col], $colprop, $colprop['type']);
+ $fields .= rcube_output::get_edit_field($col, $record[$col], $colprop, $colprop['type']);
}
}
$content .= html::div($blockname, $fields);
@@ -557,7 +598,7 @@
if ($edit_mode)
$content .= html::p('addfield', $select_add->show(null));
- $out .= html::tag('fieldset', $attrib, (!empty($fieldset['name']) ? html::tag('legend', null, Q($fieldset['name'])) : '') . $content) ."\n";
+ $out .= html::tag('fieldset', $attrib, (!empty($fieldset['name']) ? html::tag('legend', null, rcube::Q($fieldset['name'])) : '') . $content) ."\n";
continue;
}
@@ -575,12 +616,12 @@
// merge colprop with global coltype configuration
$colprop += $coltypes[$field];
- $label = isset($colprop['label']) ? $colprop['label'] : rcube_label($col);
+ $label = isset($colprop['label']) ? $colprop['label'] : $RCMAIL->gettext($col);
// prepare subtype selector in edit mode
if ($edit_mode && is_array($colprop['subtypes'])) {
$subtype_names = array_map('rcmail_get_type_label', $colprop['subtypes']);
- $select_subtype = new html_select(array('name' => '_subtype_'.$col.'[]', 'class' => 'contactselectsubtype'));
+ $select_subtype = new html_select(array('name' => '_subtype_'.$col.'[]', 'class' => 'contactselectsubtype', 'title' => $colprop['label'] . ' ' . $RCMAIL->gettext('type')));
$select_subtype->add($subtype_names, $colprop['subtypes']);
}
else
@@ -622,6 +663,8 @@
if ($subtypes[$i])
$subtype = $subtypes[$i];
+ $colprop['id'] = 'ff_' . $col . intval($coltypes[$field]['count']);
+
// render composite field
if ($colprop['type'] == 'composite') {
$composite = array(); $j = 0;
@@ -636,10 +679,10 @@
if ($edit_mode) {
if ($colprop['subtypes'] || $colprop['limit'] != 1) $cp['array'] = true;
- $composite['{'.$childcol.'}'] = rcmail_get_edit_field($childcol, $childvalue, $cp, $cp['type']) . " ";
+ $composite['{'.$childcol.'}'] = rcube_output::get_edit_field($childcol, $childvalue, $cp, $cp['type']) . " ";
}
else {
- $childval = $cp['render_func'] ? call_user_func($cp['render_func'], $childvalue, $childcol) : Q($childvalue);
+ $childval = $cp['render_func'] ? call_user_func($cp['render_func'], $childvalue, $childcol) : rcube::Q($childvalue);
$composite['{'.$childcol.'}'] = html::span('data ' . $childcol, $childval) . " ";
}
$j++;
@@ -666,7 +709,7 @@
$val = rcmail_format_date_col($val);
}
- $val = rcmail_get_edit_field($col, $val, $colprop, $colprop['type']);
+ $val = rcube_output::get_edit_field($col, $val, $colprop, $colprop['type']);
$coltypes[$field]['count']++;
}
else if ($colprop['render_func'])
@@ -674,7 +717,7 @@
else if (is_array($colprop['options']) && isset($colprop['options'][$val]))
$val = $colprop['options'][$val];
else
- $val = Q($val);
+ $val = rcube::Q($val);
// use subtype as label
if ($colprop['subtypes'])
@@ -682,12 +725,12 @@
// add delete button/link
if ($edit_mode && !($colprop['visible'] && $colprop['limit'] == 1))
- $val .= html::a(array('href' => '#del', 'class' => 'contactfieldbutton deletebutton', 'title' => rcube_label('delete'), 'rel' => $col), $del_button);
+ $val .= html::a(array('href' => '#del', 'class' => 'contactfieldbutton deletebutton', 'title' => $RCMAIL->gettext('delete'), 'rel' => $col), $del_button);
// display row with label
if ($label) {
$rows .= html::div('row',
- html::div('contactfieldlabel label', $select_subtype ? $select_subtype->show($subtype) : Q($label)) .
+ html::div('contactfieldlabel label', $select_subtype ? $select_subtype->show($subtype) : html::label($colprop['id'], rcube::Q($label))) .
html::div('contactfieldcontent '.$colprop['type'], $val));
}
else // row without label
@@ -703,7 +746,7 @@
// wrap rows in fieldgroup container
if ($rows) {
$content .= html::tag('fieldset', array('class' => 'contactfieldgroup ' . ($colprop['subtypes'] ? 'contactfieldgroupmulti ' : '') . 'contactcontroller' . $col, 'style' => ($rows ? null : 'display:none')),
- ($colprop['subtypes'] ? html::tag('legend', null, Q($colprop['label'])) : ' ') .
+ ($colprop['subtypes'] ? html::tag('legend', null, rcube::Q($colprop['label'])) : ' ') .
$rows);
}
}
@@ -722,7 +765,7 @@
}
if ($content)
- $out .= html::tag('fieldset', null, html::tag('legend', null, Q($fieldset['name'])) . $content) ."\n";
+ $out .= html::tag('fieldset', null, html::tag('legend', null, rcube::Q($fieldset['name'])) . $content) ."\n";
}
if ($edit_mode) {
@@ -742,11 +785,12 @@
if ($result = $CONTACTS->get_result())
$record = $result->first();
- $photo_img = $attrib['placeholder'] ? $RCMAIL->output->get_skin_file($attrib['placeholder']) : 'program/resources/blank.gif';
+ $photo_img = $attrib['placeholder'] ? $RCMAIL->output->abs_url($attrib['placeholder'], true) : 'program/resources/blank.gif';
if ($record['_type'] == 'group' && $attrib['placeholdergroup'])
- $photo_img = $RCMAIL->output->get_skin_file($attrib['placeholdergroup']);
+ $photo_img = $RCMAIL->output->abs_url($attrib['placeholdergroup'], true);
- $RCMAIL->output->set_env('photo_placeholder', $photo_img);
+ $RCMAIL->output->set_env('photo_placeholder', $RCMAIL->output->asset_url($photo_img));
+
unset($attrib['placeholder']);
$plugin = $RCMAIL->plugins->exec_hook('contact_photo', array('record' => $record, 'data' => $record['photo']));
@@ -773,11 +817,15 @@
}
$photo_img = $RCMAIL->url($url);
}
- else
+ else {
$ff_value = '-del-'; // will disable delete-photo action
+ }
- $img = html::img(array('src' => $photo_img, 'border' => 1, 'alt' => ''));
- $content = html::div($attrib, $img);
+ $content = html::div($attrib, html::img(array(
+ 'src' => $photo_img,
+ 'alt' => $RCMAIL->gettext('contactphoto'),
+ 'onerror' => 'this.src = rcmail.env.photo_placeholder',
+ )));
if ($CONTACT_COLTYPES['photo'] && ($RCMAIL->action == 'edit' || $RCMAIL->action == 'add')) {
$RCMAIL->output->add_gui_object('contactphoto', $attrib['id']);
@@ -792,7 +840,7 @@
function rcmail_format_date_col($val)
{
global $RCMAIL;
- return format_date($val, $RCMAIL->config->get('date_format', 'Y-m-d'), false);
+ return $RCMAIL->format_date($val, $RCMAIL->config->get('date_format', 'Y-m-d'), false);
}
/**
@@ -849,14 +897,14 @@
*
* @return array List of contact IDs per-source
*/
-function rcmail_get_cids($filter = null)
+function rcmail_get_cids($filter = null, $request_type = rcube_utils::INPUT_GPC)
{
// contact ID (or comma-separated list of IDs) is provided in two
// forms. If _source is an empty string then the ID is a string
// containing contact ID and source name in form: <ID>-<SOURCE>
- $cid = get_input_value('_cid', RCUBE_INPUT_GPC);
- $source = (string) get_input_value('_source', RCUBE_INPUT_GPC);
+ $cid = rcube_utils::get_input_value('_cid', $request_type);
+ $source = (string) rcube_utils::get_input_value('_source', rcube_utils::INPUT_GPC);
if (is_array($cid)) {
return $cid;
@@ -893,27 +941,3 @@
return $filter !== null ? $result[$filter] : $result;
}
-
-
-// register UI objects
-$OUTPUT->add_handlers(array(
- 'directorylist' => 'rcmail_directory_list',
-// 'groupslist' => 'rcmail_contact_groups',
- 'addresslist' => 'rcmail_contacts_list',
- 'addresslisttitle' => 'rcmail_contacts_list_title',
- 'addressframe' => 'rcmail_contact_frame',
- 'recordscountdisplay' => 'rcmail_rowcount_display',
- 'searchform' => array($OUTPUT, 'search_form')
-));
-
-// register action aliases
-$RCMAIL->register_action_map(array(
- 'add' => 'edit.inc',
- 'group-create' => 'groups.inc',
- 'group-rename' => 'groups.inc',
- 'group-delete' => 'groups.inc',
- 'group-addmembers' => 'groups.inc',
- 'group-delmembers' => 'groups.inc',
- 'search-create' => 'search.inc',
- 'search-delete' => 'search.inc',
-));
--
Gitblit v1.9.1