From bd0551b22076b82a6d49e9f7a2b2e0c90a1b2326 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 05 Feb 2016 07:25:27 -0500
Subject: [PATCH] Secure also downloads of addressbook exports, managesieve script exports and Enigma keys exports

---
 program/steps/mail/search_contacts.inc |   16 ++++++++++++----
 1 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/program/steps/mail/search_contacts.inc b/program/steps/mail/search_contacts.inc
index 4d5abf9..12066a9 100644
--- a/program/steps/mail/search_contacts.inc
+++ b/program/steps/mail/search_contacts.inc
@@ -1,11 +1,11 @@
 <?php
 
-/*
+/**
  +-----------------------------------------------------------------------+
  | program/steps/mail/search_contacts.inc                                |
  |                                                                       |
  | This file is part of the Roundcube Webmail client                     |
- | Copyright (C) 2013, The Roundcube Dev Team                            |
+ | Copyright (C) 2013-2014, The Roundcube Dev Team                       |
  |                                                                       |
  | Licensed under the GNU General Public License version 3 or            |
  | any later version with exceptions for skins & plugins.                |
@@ -27,11 +27,17 @@
 $page_size     = $RCMAIL->config->get('addressbook_pagesize', $RCMAIL->config->get('pagesize', 50));
 $records       = array();
 $search_set    = array();
+$jsresult      = array();
 
 foreach ($sources as $s) {
     $source = $RCMAIL->get_address_book($s['id']);
     $source->set_page(1);
     $source->set_pagesize(9999);
+
+    // list matching groups of this source
+    if ($source->groups) {
+        $jsresult += rcmail_compose_contact_groups($source, $s['id'], $search, $search_mode);
+    }
 
     // get contacts count
     $result = $source->search($afields, $search, $search_mode, true, true, 'email');
@@ -52,6 +58,8 @@
     $search_set[$s['id']] = $source->get_search_set();
     unset($result);
 }
+
+$group_count = count($jsresult);
 
 // sort the records
 ksort($records, SORT_LOCALE_STRING);
@@ -79,7 +87,7 @@
             $row_id = $row['ID'].'-'.$i;
             $jsresult[$row_id] = format_email_recipient($email, $name);
             $OUTPUT->command('add_contact_row', $row_id, array(
-                'contact' => html::span(array('title' => $email), rcube::Q($name ? $name : $email) .
+                'contact' => html::a(array('title' => $email), rcube::Q($name ?: $email) .
                     ($name && count($emails) > 1 ? '&nbsp;' . html::span('email', rcube::Q($email)) : '')
                 )), 'person');
         }
@@ -98,7 +106,7 @@
     $OUTPUT->command('set_env', 'source', '');
     $OUTPUT->command('unselect_directory');
 }
-else {
+else if (!$group_count) {
     $OUTPUT->show_message('nocontactsfound', 'notice');
 }
 

--
Gitblit v1.9.1