From 46f7b7096450939fe03c95aa81ce06ae4bfca89d Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Mon, 28 Mar 2016 06:51:43 -0400
Subject: [PATCH] Enable reply/reply-all/forward buttons also in preview frame of message/rfc822
---
program/include/rcmail.php | 23 ++++++++++++++++++-----
1 files changed, 18 insertions(+), 5 deletions(-)
diff --git a/program/include/rcmail.php b/program/include/rcmail.php
index 21ba812..1ff42b4 100644
--- a/program/include/rcmail.php
+++ b/program/include/rcmail.php
@@ -60,6 +60,7 @@
const ERROR_INVALID_REQUEST = 1;
const ERROR_INVALID_HOST = 2;
const ERROR_COOKIES_DISABLED = 3;
+ const ERROR_RATE_LIMIT = 4;
/**
@@ -602,12 +603,22 @@
// user already registered -> overwrite username
if ($user = rcube_user::query($username, $host)) {
$username = $user->data['username'];
+
+ // Brute-force prevention
+ if ($user->is_locked()) {
+ $this->login_error = self::ERROR_RATE_LIMIT;
+ return false;
+ }
}
$storage = $this->get_storage();
// try to log in
if (!$storage->connect($host, $username, $password, $port, $ssl)) {
+ if ($user) {
+ $user->failed_login();
+ }
+
// Wait a second to slow down brute-force attacks (#1490549)
sleep(1);
return false;
@@ -829,6 +840,8 @@
// this need to be full url to make redirects work
$absolute = true;
}
+ else if ($secure && ($token = $this->get_request_token()))
+ $url .= $delm . '_token=' . urlencode($token);
if ($absolute || $full) {
// add base path to this Roundcube installation
@@ -2232,12 +2245,12 @@
$size = $this->show_bytes((int)$part->d_parameters['size']);
}
else {
- $size = $part->size;
- if ($part->encoding == 'base64') {
- $size = $size / 1.33;
- }
+ $size = $part->size;
+ if ($part->encoding == 'base64') {
+ $size = $size / 1.33;
+ }
- $size = '~' . $this->show_bytes($size);
+ $size = '~' . $this->show_bytes($size);
}
return $size;
--
Gitblit v1.9.1