From e019f2d0f2dc2fbfa345ab5d7ae85e67bfdd76b8 Mon Sep 17 00:00:00 2001
From: alecpl <alec@alec.pl>
Date: Sat, 25 Sep 2010 09:03:53 -0400
Subject: [PATCH] - s/RoundCube/Roundcube/
---
program/include/rcube_shared.inc | 125 ++++++++++++++++++++++++++---------------
1 files changed, 78 insertions(+), 47 deletions(-)
diff --git a/program/include/rcube_shared.inc b/program/include/rcube_shared.inc
index bfd6740..845230d 100644
--- a/program/include/rcube_shared.inc
+++ b/program/include/rcube_shared.inc
@@ -4,8 +4,8 @@
+-----------------------------------------------------------------------+
| rcube_shared.inc |
| |
- | This file is part of the RoundCube PHP suite |
- | Copyright (C) 2005-2007, RoundCube Dev. - Switzerland |
+ | This file is part of the Roundcube PHP suite |
+ | Copyright (C) 2005-2007, Roundcube Dev. - Switzerland |
| Licensed under the GNU GPL |
| |
| CONTENTS: |
@@ -21,7 +21,7 @@
/**
- * RoundCube shared functions
+ * Roundcube shared functions
*
* @package Core
*/
@@ -32,18 +32,23 @@
*/
function send_nocacheing_headers()
{
+ global $OUTPUT;
+
if (headers_sent())
return;
header("Expires: ".gmdate("D, d M Y H:i:s")." GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
- header("Cache-Control: private, must-revalidate, post-check=0, pre-check=0");
- header("Pragma: no-cache");
-
+ // Request browser to disable DNS prefetching (CVE-2010-0464)
+ header("X-DNS-Prefetch-Control: off");
+
// We need to set the following headers to make downloads work using IE in HTTPS mode.
- if (rcube_https_check()) {
- header('Pragma: ');
- header('Cache-Control: ');
+ if ($OUTPUT->browser->ie && rcube_https_check()) {
+ header('Pragma: private');
+ header("Cache-Control: private, must-revalidate");
+ } else {
+ header("Cache-Control: private, no-cache, must-revalidate, post-check=0, pre-check=0");
+ header("Pragma: no-cache");
}
}
@@ -257,7 +262,12 @@
$para = explode($break, $string);
$string = '';
while (count($para)) {
- $list = explode(' ', array_shift($para));
+ $line = array_shift($para);
+ if ($line[0] == '>') {
+ $string .= $line.$break;
+ continue;
+ }
+ $list = explode(' ', $line);
$len = 0;
while (count($list)) {
$line = array_shift($list);
@@ -268,25 +278,25 @@
$string .= ($len ? ' ' : '').$line;
$len += (1 + $l);
} else {
- if ($l > $width) {
- if ($cut) {
- $start = 0;
- while ($l) {
- $str = mb_substr($line, $start, $width);
- $strlen = mb_strlen($str);
- $string .= ($len ? $break : '').$str;
- $start += $strlen;
- $l -= $strlen;
- $len = $strlen;
- }
- } else {
- $string .= ($len ? $break : '').$line;
- if (count($list)) $string .= $break;
- $len = 0;
- }
- } else {
+ if ($l > $width) {
+ if ($cut) {
+ $start = 0;
+ while ($l) {
+ $str = mb_substr($line, $start, $width);
+ $strlen = mb_strlen($str);
+ $string .= ($len ? $break : '').$str;
+ $start += $strlen;
+ $l -= $strlen;
+ $len = $strlen;
+ }
+ } else {
+ $string .= ($len ? $break : '').$line;
+ if (count($list)) $string .= $break;
+ $len = 0;
+ }
+ } else {
$string .= $break.$line;
- $len = $l;
+ $len = $l;
}
}
}
@@ -408,12 +418,13 @@
function abbreviate_string($str, $maxlength, $place_holder='...')
{
$length = mb_strlen($str);
- $first_part_length = floor($maxlength/2) - mb_strlen($place_holder);
if ($length > $maxlength)
{
- $second_starting_location = $length - $maxlength + $first_part_length + 1;
- $str = mb_substr($str, 0, $first_part_length) . $place_holder . mb_substr($str, $second_starting_location, $length);
+ $place_holder_length = mb_strlen($place_holder);
+ $first_part_length = floor(($maxlength - $place_holder_length)/2);
+ $second_starting_location = $length - $maxlength + $first_part_length + $place_holder_length;
+ $str = mb_substr($str, 0, $first_part_length) . $place_holder . mb_substr($str, $second_starting_location);
}
return $str;
@@ -422,16 +433,17 @@
/**
* A method to guess the mime_type of an attachment.
*
- * @param string $path Path to the file.
- * @param string $name File name (with suffix)
- * @param string $failover Mime type supplied for failover.
+ * @param string $path Path to the file.
+ * @param string $name File name (with suffix)
+ * @param string $failover Mime type supplied for failover.
+ * @param string $is_stream Set to True if $path contains file body
*
* @return string
* @author Till Klampaeckel <till@php.net>
* @see http://de2.php.net/manual/en/ref.fileinfo.php
* @see http://de2.php.net/mime_content_type
*/
-function rc_mime_content_type($path, $name, $failover = 'application/octet-stream')
+function rc_mime_content_type($path, $name, $failover = 'application/octet-stream', $is_stream=false)
{
$mime_type = null;
$mime_magic = rcmail::get_instance()->config->get('mime_magic');
@@ -443,20 +455,18 @@
$mime_type = $mime_ext[$suffix];
}
// try fileinfo extension if available
- if (!$mime_type) {
- if (!extension_loaded('fileinfo')) {
- @dl('fileinfo.' . PHP_SHLIB_SUFFIX);
- }
- if (function_exists('finfo_open')) {
- if ($finfo = finfo_open(FILEINFO_MIME, $mime_magic)) {
+ if (!$mime_type && function_exists('finfo_open')) {
+ if ($finfo = finfo_open(FILEINFO_MIME, $mime_magic)) {
+ if ($is_stream)
+ $mime_type = finfo_buffer($finfo, $path);
+ else
$mime_type = finfo_file($finfo, $path);
- finfo_close($finfo);
- }
+ finfo_close($finfo);
}
}
// try PHP's mime_content_type
- if (!$mime_type && function_exists('mime_content_type')) {
- $mime_type = mime_content_type($path);
+ if (!$mime_type && !$is_stream && function_exists('mime_content_type')) {
+ $mime_type = @mime_content_type($path);
}
// fall back to user-submitted string
if (!$mime_type) {
@@ -577,7 +587,9 @@
{
$input = rc_utf8_clean($input);
- return json_encode($input);
+ // sometimes even using rc_utf8_clean() the input contains invalid UTF-8 sequences
+ // that's why we have @ here
+ return @json_encode($input);
}
@@ -604,6 +616,26 @@
$result[] = substr($string, $p);
return $result;
+}
+
+
+/**
+ * Get all keys from array (recursive)
+ *
+ * @param array Input array
+ * @return array
+ */
+function array_keys_recursive($array)
+{
+ $keys = array();
+
+ if (!empty($array))
+ foreach ($array as $key => $child) {
+ $keys[] = $key;
+ foreach (array_keys_recursive($child) as $val)
+ $keys[] = $val;
+ }
+ return $keys;
}
@@ -644,4 +676,3 @@
}
}
-?>
--
Gitblit v1.9.1