From bd0551b22076b82a6d49e9f7a2b2e0c90a1b2326 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 05 Feb 2016 07:25:27 -0500
Subject: [PATCH] Secure also downloads of addressbook exports, managesieve script exports and Enigma keys exports
---
plugins/subscriptions_option/subscriptions_option.php | 10 ++++++----
1 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/plugins/subscriptions_option/subscriptions_option.php b/plugins/subscriptions_option/subscriptions_option.php
index 284c048..fa40631 100644
--- a/plugins/subscriptions_option/subscriptions_option.php
+++ b/plugins/subscriptions_option/subscriptions_option.php
@@ -10,9 +10,9 @@
* Add it to the plugins list in config.inc.php to enable the user option
* The user option can be hidden and set globally by adding 'use_subscriptions'
* to the 'dont_override' configure line:
- * $rcmail_config['dont_override'] = array('use_subscriptions');
+ * $config['dont_override'] = array('use_subscriptions');
* and then set the global preference
- * $rcmail_config['use_subscriptions'] = true; // or false
+ * $config['use_subscriptions'] = true; // or false
*
* Roundcube caches folder lists. When a user changes this option or visits
* their folder list, this cache is refreshed. If the option is on the
@@ -61,7 +61,7 @@
$rcmail = rcmail::get_instance();
$use_subscriptions = $rcmail->config->get('use_subscriptions');
- $args['prefs']['use_subscriptions'] = isset($_POST['_use_subscriptions']) ? true : false;
+ $args['prefs']['use_subscriptions'] = isset($_POST['_use_subscriptions']);
// if the use_subscriptions preference changes, flush the folder cache
if (($use_subscriptions && !isset($_POST['_use_subscriptions'])) ||
@@ -86,7 +86,9 @@
{
$rcmail = rcmail::get_instance();
if (!$rcmail->config->get('use_subscriptions', true)) {
- $args['table']->remove_column('subscribed');
+ foreach ($args['list'] as $idx => $data) {
+ $args['list'][$idx]['content'] = preg_replace('/<input [^>]+>/', '', $data['content']);
+ }
}
return $args;
}
--
Gitblit v1.9.1