From e2f90dbd4e25c9c95764c30126ad7d2a1ec213c0 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Wed, 16 Oct 2013 03:35:36 -0400
Subject: [PATCH] Do not add css files to the page when body is empty, e.g. upload iframes
---
program/include/rcmail_output_html.php | 120 ++++++++++++++++++++++++++----------------------------------
1 files changed, 52 insertions(+), 68 deletions(-)
diff --git a/program/include/rcmail_output_html.php b/program/include/rcmail_output_html.php
index 02eef2f..6651a94 100644
--- a/program/include/rcmail_output_html.php
+++ b/program/include/rcmail_output_html.php
@@ -67,11 +67,12 @@
//$this->framed = $framed;
$this->set_env('task', $task);
$this->set_env('x_frame_options', $this->config->get('x_frame_options', 'sameorigin'));
+ $this->set_env('standard_windows', (bool) $this->config->get('standard_windows'));
// add cookie info
$this->set_env('cookie_domain', ini_get('session.cookie_domain'));
$this->set_env('cookie_path', ini_get('session.cookie_path'));
- $this->set_env('cookie_secure', ini_get('session.cookie_secure'));
+ $this->set_env('cookie_secure', filter_var(ini_get('session.cookie_secure'), FILTER_VALIDATE_BOOLEAN));
// load the correct skin (in case user-defined)
$skin = $this->config->get('skin');
@@ -105,7 +106,6 @@
));
}
-
/**
* Set environment variable
*
@@ -120,7 +120,6 @@
$this->js_env[$name] = $value;
}
}
-
/**
* Getter for the current page title
@@ -145,17 +144,17 @@
return $title;
}
-
/**
* Set skin
*/
public function set_skin($skin)
{
$valid = false;
+ $path = RCUBE_INSTALL_PATH . 'skins/';
- if (!empty($skin) && is_dir('skins/'.$skin) && is_readable('skins/'.$skin)) {
- $skin_path = 'skins/'.$skin;
- $valid = true;
+ if (!empty($skin) && is_dir($path . $skin) && is_readable($path . $skin)) {
+ $skin_path = 'skins/' . $skin;
+ $valid = true;
}
else {
$skin_path = $this->config->get('skin_path');
@@ -183,12 +182,15 @@
$this->skin_paths[] = $skin_path;
// read meta file and check for dependecies
- $meta = @json_decode(@file_get_contents($skin_path.'/meta.json'), true);
- if ($meta['extends'] && is_dir('skins/' . $meta['extends'])) {
- $this->load_skin('skins/' . $meta['extends']);
+ $meta = @file_get_contents(RCUBE_INSTALL_PATH . $skin_path . '/meta.json');
+ $meta = @json_decode($meta, true);
+ if ($meta['extends']) {
+ $path = RCUBE_INSTALL_PATH . 'skins/';
+ if (is_dir($path . $meta['extends']) && is_readable($path . $meta['extends'])) {
+ $this->load_skin('skins/' . $meta['extends']);
+ }
}
}
-
/**
* Check if a specific template exists
@@ -198,16 +200,17 @@
*/
public function template_exists($name)
{
- $found = false;
foreach ($this->skin_paths as $skin_path) {
- $filename = $skin_path . '/templates/' . $name . '.html';
- $found = (is_file($filename) && is_readable($filename)) || ($this->deprecated_templates[$name] && $this->template_exists($this->deprecated_templates[$name]));
- if ($found)
- break;
+ $filename = RCUBE_INSTALL_PATH . $skin_path . '/templates/' . $name . '.html';
+ if ((is_file($filename) && is_readable($filename))
+ || ($this->deprecated_templates[$name] && $this->template_exists($this->deprecated_templates[$name]))
+ ) {
+ return true;
+ }
}
- return $found;
- }
+ return false;
+ }
/**
* Find the given file in the current skin path stack
@@ -233,7 +236,6 @@
return false;
}
-
/**
* Register a GUI object to the client script
*
@@ -245,7 +247,6 @@
{
$this->add_script(self::JS_OBJECT_NAME.".gui_object('$obj', '$id');");
}
-
/**
* Call a client method
@@ -262,7 +263,6 @@
$this->js_commands[] = $cmd;
}
-
/**
* Add a localized label to the client environment
*/
@@ -276,7 +276,6 @@
$this->js_labels[$name] = $this->app->gettext($name);
}
}
-
/**
* Invoke display_message command
@@ -304,7 +303,6 @@
}
}
-
/**
* Delete all stored env variables and commands
*
@@ -327,7 +325,6 @@
$this->body = '';
}
-
/**
* Redirect to a certain url
*
@@ -342,7 +339,6 @@
header('Location: ' . $location);
exit;
}
-
/**
* Send the request output to the client.
@@ -376,7 +372,6 @@
exit;
}
}
-
/**
* Process template and write to stdOut
@@ -412,7 +407,6 @@
// call super method
$this->_write($template, $this->config->get('skin_path'));
}
-
/**
* Parse a specific skin template and deliver to stdout (or return)
@@ -538,7 +532,6 @@
}
}
-
/**
* Return executable javascript code for all registered commands
*
@@ -570,7 +563,6 @@
return $out;
}
-
/**
* Make URLs starting with a slash point to skin directory
*
@@ -589,7 +581,6 @@
else
return $str;
}
-
/**
* Show error page and terminate script execution
@@ -625,7 +616,6 @@
array($this, 'globals_callback'), $input);
}
-
/**
* Callback funtion for preg_replace_callback() in parse_with_globals()
*/
@@ -633,7 +623,6 @@
{
return $GLOBALS[$matches[1]];
}
-
/**
* Correct absolute paths in images and other tags
@@ -646,7 +635,6 @@
array($this, 'file_callback'), $output);
}
-
/**
* Callback function for preg_replace_callback in write()
*
@@ -655,7 +643,7 @@
protected function file_callback($matches)
{
$file = $matches[3];
- $file[0] = preg_replace('!^/this/!', '/', $file[0]);
+ $file = preg_replace('!^/this/!', '/', $file);
// correct absolute paths
if ($file[0] == '/') {
@@ -672,7 +660,6 @@
return $matches[1] . '=' . $matches[2] . $file . $matches[4];
}
-
/**
* Public wrapper to dipp into template parsing.
*
@@ -688,7 +675,6 @@
return $input;
}
-
/**
* Parse for conditional tags
@@ -727,7 +713,6 @@
return $input;
}
-
/**
* Determines if a given condition is met
*
@@ -739,7 +724,6 @@
{
return $this->eval_expression($condition);
}
-
/**
* Inserts hidden field with CSRF-prevention-token into POST forms
@@ -756,7 +740,6 @@
return $out;
}
-
/**
* Parse & evaluate a given expression and return its result.
@@ -804,7 +787,6 @@
return $fn($this->app, $this->browser, $this->env);
}
-
/**
* Search for special tags in input and replace them
* with the appropriate content
@@ -818,7 +800,6 @@
{
return preg_replace_callback('/<roundcube:([-_a-z]+)\s+((?:[^>]|\\\\>)+)(?<!\\\\)>/Ui', array($this, 'xml_command'), $input);
}
-
/**
* Callback function for parsing an xml command tag
@@ -943,8 +924,21 @@
}
else if ($object == 'logo') {
$attrib += array('alt' => $this->xml_command(array('', 'object', 'name="productname"')));
- if ($logo = $this->config->get('skin_logo'))
- $attrib['src'] = $logo;
+
+ if ($logo = $this->config->get('skin_logo')) {
+ if (is_array($logo)) {
+ if ($template_logo = $logo[$this->template_name]) {
+ $attrib['src'] = $template_logo;
+ }
+ elseif ($template_logo = $logo['*']) {
+ $attrib['src'] = $template_logo;
+ }
+ }
+ else {
+ $attrib['src'] = $logo;
+ }
+ }
+
$content = html::img($attrib);
}
else if ($object == 'productname') {
@@ -1023,11 +1017,12 @@
}
return html::quote($value);
- break;
+
+ case 'form':
+ return $this->form_tag($attrib);
}
return '';
}
-
/**
* Include a specific file and return it's contents
@@ -1045,7 +1040,6 @@
return $out;
}
-
/**
* Create and register a button
*
@@ -1061,7 +1055,7 @@
// these commands can be called directly via url
$a_static_commands = array('compose', 'list', 'preferences', 'folders', 'identities');
- if (!($attrib['command'] || $attrib['name'])) {
+ if (!($attrib['command'] || $attrib['name'] || $attrib['href'])) {
return '';
}
@@ -1201,7 +1195,6 @@
return $out;
}
-
/**
* Link an external script file
*
@@ -1232,7 +1225,6 @@
$this->script_files[$position][] = $file;
}
-
/**
* Add inline javascript code
*
@@ -1249,7 +1241,6 @@
}
}
-
/**
* Link an external css file
*
@@ -1260,7 +1251,6 @@
$this->css_files[] = $file;
}
-
/**
* Add HTML code to the page header
*
@@ -1270,7 +1260,6 @@
{
$this->header .= "\n" . $str;
}
-
/**
* Add HTML code to the page footer
@@ -1283,7 +1272,6 @@
$this->footer .= "\n" . $str;
}
-
/**
* Process template and write to stdOut
*
@@ -1292,7 +1280,12 @@
*/
public function _write($templ = '', $base_path = '')
{
- $output = empty($templ) ? $this->default_template : trim($templ);
+ $output = trim($templ);
+
+ if (empty($output)) {
+ $output = $this->default_template;
+ $is_empty = true;
+ }
// set default page title
if (empty($this->pagetitle)) {
@@ -1383,8 +1376,8 @@
}
// add css files in head, before scripts, for speed up with parallel downloads
- if (!empty($this->css_files) &&
- (($pos = stripos($output, '<script ')) || ($pos = stripos($output, '</head>')))
+ if (!empty($this->css_files) && !$is_empty
+ && (($pos = stripos($output, '<script ')) || ($pos = stripos($output, '</head>')))
) {
$css = '';
foreach ($this->css_files as $file) {
@@ -1407,7 +1400,6 @@
}
}
}
-
/**
* Returns iframe object, registers some related env variables
@@ -1439,7 +1431,6 @@
/* ************* common functions delivering gui objects ************** */
-
/**
* Create a form tag with the necessary hidden fields
*
@@ -1461,11 +1452,10 @@
$attrib['noclose'] = true;
return html::tag('form',
- $attrib + array('action' => "./", 'method' => "get"),
+ $attrib + array('action' => $this->app->comm_path, 'method' => "get"),
$hidden . $content,
array('id','class','style','name','method','action','enctype','onsubmit'));
}
-
/**
* Build a form tag with a unique request token
@@ -1496,7 +1486,6 @@
else
return $this->form_tag($attrib, $hidden->show() . $content);
}
-
/**
* GUI object 'username'
@@ -1529,7 +1518,6 @@
return rcube_utils::idn_to_utf8($username);
}
-
/**
* GUI object 'loginform'
* Returns code for the webmail login form
@@ -1561,9 +1549,9 @@
$input_action = new html_hiddenfield(array('name' => '_action', 'value' => 'login'));
$input_tzone = new html_hiddenfield(array('name' => '_timezone', 'id' => 'rcmlogintz', 'value' => '_default_'));
$input_url = new html_hiddenfield(array('name' => '_url', 'id' => 'rcmloginurl', 'value' => $url));
- $input_user = new html_inputfield(array('name' => '_user', 'id' => 'rcmloginuser')
+ $input_user = new html_inputfield(array('name' => '_user', 'id' => 'rcmloginuser', 'required' => 'required')
+ $attrib + $user_attrib);
- $input_pass = new html_passwordfield(array('name' => '_pass', 'id' => 'rcmloginpwd')
+ $input_pass = new html_passwordfield(array('name' => '_pass', 'id' => 'rcmloginpwd', 'required' => 'required')
+ $attrib + $pass_attrib);
$input_host = null;
@@ -1629,7 +1617,6 @@
return $out;
}
-
/**
* GUI object 'preloader'
* Loads javascript code for images preloading
@@ -1651,7 +1638,6 @@
img.src = images[i];
}', 'docready');
}
-
/**
* GUI object 'searchform'
@@ -1691,7 +1677,6 @@
return $out;
}
-
/**
* Builder for GUI object 'message'
*
@@ -1708,7 +1693,6 @@
return html::div($attrib, '');
}
-
/**
* GUI object 'charsetselector'
--
Gitblit v1.9.1