From bd0551b22076b82a6d49e9f7a2b2e0c90a1b2326 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 05 Feb 2016 07:25:27 -0500
Subject: [PATCH] Secure also downloads of addressbook exports, managesieve script exports and Enigma keys exports

---
 program/steps/mail/show.inc |    6 ++++--
 1 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/program/steps/mail/show.inc b/program/steps/mail/show.inc
index af43fc8..59ae134 100644
--- a/program/steps/mail/show.inc
+++ b/program/steps/mail/show.inc
@@ -68,6 +68,7 @@
     $OUTPUT->set_env('safemode', $MESSAGE->is_safe);
     $OUTPUT->set_env('sender', $MESSAGE->sender['string']);
     $OUTPUT->set_env('mailbox', $mbox_name);
+    $OUTPUT->set_env('username', $RCMAIL->get_user_name());
     $OUTPUT->set_env('permaurl', $RCMAIL->url(array('_action' => 'show', '_uid' => $MESSAGE->uid, '_mbox' => $mbox_name)));
 
     if ($MESSAGE->headers->get('list-post', false)) {
@@ -240,6 +241,7 @@
         $out = html::tag('ul', $attrib, $ol, html::$common_attrib);
 
         $RCMAIL->output->set_env('attachments', $attachments);
+        $RCMAIL->output->add_gui_object('attachments', $attrib['id']);
     }
 
     return $out;
@@ -329,7 +331,7 @@
         $CONTACTS = $RCMAIL->get_address_book(-1, true);
 
         if (is_object($CONTACTS)) {
-            $existing = $CONTACTS->search('email', $email, true, false);
+            $existing = $CONTACTS->search('email', $email, 1, false);
             if ($existing->count) {
                 return true;
             }
@@ -344,7 +346,7 @@
     global $RCMAIL, $MESSAGE;
 
     $placeholder = $attrib['placeholder'] ? $RCMAIL->output->abs_url($attrib['placeholder'], true) : null;
-    $placeholder = $RCMAIL->output->asset_url($placeholder ? $placeholder : 'program/resources/blank.gif');
+    $placeholder = $RCMAIL->output->asset_url($placeholder ?: 'program/resources/blank.gif');
 
     if ($MESSAGE->sender) {
         $photo_img = $RCMAIL->url(array(

--
Gitblit v1.9.1