From f06aa8058b7e32ba32d4551074b6e0b8a300f751 Mon Sep 17 00:00:00 2001
From: Thomas Bruederli <thomas@roundcube.net>
Date: Mon, 21 Oct 2013 15:02:40 -0400
Subject: [PATCH] Bump version after security fix
---
program/include/main.inc | 133 +++++++++++++++++++++-----------------------
1 files changed, 64 insertions(+), 69 deletions(-)
diff --git a/program/include/main.inc b/program/include/main.inc
index 35c2df4..bf56cb2 100644
--- a/program/include/main.inc
+++ b/program/include/main.inc
@@ -158,33 +158,6 @@
}
-/**
- * Garbage collector for cache entries.
- * Remove all expired message cache records
- * @return void
- */
-function rcmail_cache_gc()
-{
- $rcmail = rcmail::get_instance();
- $db = $rcmail->get_dbh();
-
- // get target timestamp
- $ts = get_offset_time($rcmail->config->get('message_cache_lifetime', '30d'), -1);
-
- $db->query("DELETE FROM ".get_table_name('cache_messages')
- ." WHERE changed < " . $db->fromunixtime($ts));
-
- $db->query("DELETE FROM ".get_table_name('cache_index')
- ." WHERE changed < " . $db->fromunixtime($ts));
-
- $db->query("DELETE FROM ".get_table_name('cache_thread')
- ." WHERE changed < " . $db->fromunixtime($ts));
-
- $db->query("DELETE FROM ".get_table_name('cache')
- ." WHERE created < " . $db->fromunixtime($ts));
-}
-
-
// Deprecated
function rcube_charset_convert($str, $from, $to=NULL)
{
@@ -752,7 +725,7 @@
* Convert the given date to a human readable form
* This uses the date formatting properties from config
*
- * @param mixed Date representation (string or timestamp)
+ * @param mixed Date representation (string, timestamp or DateTime object)
* @param string Date format to use
* @param bool Enables date convertion according to user timezone
*
@@ -762,34 +735,41 @@
{
global $RCMAIL, $CONFIG;
- if (!empty($date))
- $ts = rcube_strtotime($date);
-
- if (empty($ts))
- return '';
-
- try {
- $date = new DateTime("@".$ts);
- }
- catch (Exception $e) {
- return '';
- }
-
- try {
- // convert to the right timezone
- $stz = date_default_timezone_get();
- $tz = new DateTimeZone($convert ? $RCMAIL->config->get('timezone') : 'GMT');
- $date->setTimezone($tz);
- date_default_timezone_set($tz->getName());
-
+ if (is_object($date) && is_a($date, 'DateTime')) {
$timestamp = $date->format('U');
}
- catch (Exception $e) {
- $timestamp = $ts;
+ else {
+ if (!empty($date))
+ $timestamp = rcube_strtotime($date);
+
+ if (empty($timestamp))
+ return '';
+
+ try {
+ $date = new DateTime("@".$timestamp);
+ }
+ catch (Exception $e) {
+ return '';
+ }
+ }
+
+ if ($convert) {
+ try {
+ // convert to the right timezone
+ $stz = date_default_timezone_get();
+ $tz = new DateTimeZone($RCMAIL->config->get('timezone'));
+ $date->setTimezone($tz);
+ date_default_timezone_set($tz->getName());
+
+ $timestamp = $date->format('U');
+ }
+ catch (Exception $e) {
+ }
}
// define date format depending on current time
if (!$format) {
+ $now = time();
$now_date = getdate($now);
$today_limit = mktime(0, 0, 0, $now_date['mon'], $now_date['mday'], $now_date['year']);
$week_limit = mktime(0, 0, 0, $now_date['mon'], $now_date['mday']-6, $now_date['year']);
@@ -807,14 +787,18 @@
// strftime() format
if (preg_match('/%[a-z]+/i', $format)) {
$format = strftime($format, $timestamp);
- date_default_timezone_set($stz);
+
+ if ($convert && $stz) {
+ date_default_timezone_set($stz);
+ }
+
return $today ? (rcube_label('today') . ' ' . $format) : $format;
}
// parse format string manually in order to provide localized weekday and month names
// an alternative would be to convert the date() format string to fit with strftime()
$out = '';
- for($i=0; $i<strlen($format); $i++) {
+ for ($i=0; $i<strlen($format); $i++) {
if ($format[$i]=='\\') // skip escape chars
continue;
@@ -823,20 +807,20 @@
$out .= $format[$i];
// weekday (short)
else if ($format[$i]=='D')
- $out .= rcube_label(strtolower($date->format('D')));
+ $out .= rcube_label(strtolower(date('D', $timestamp)));
// weekday long
else if ($format[$i]=='l')
- $out .= rcube_label(strtolower($date->format('l')));
+ $out .= rcube_label(strtolower(date('l', $timestamp)));
// month name (short)
else if ($format[$i]=='M')
- $out .= rcube_label(strtolower($date->format('M')));
+ $out .= rcube_label(strtolower(date('M', $timestamp)));
// month name (long)
else if ($format[$i]=='F')
- $out .= rcube_label('long'.strtolower($date->format('M')));
+ $out .= rcube_label('long'.strtolower(date('M', $timestamp)));
else if ($format[$i]=='x')
$out .= strftime('%x %X', $timestamp);
else
- $out .= $date->format($format[$i]);
+ $out .= date($format[$i], $timestamp);
}
if ($today) {
@@ -850,7 +834,10 @@
}
}
- date_default_timezone_set($stz);
+ if ($convert && $stz) {
+ date_default_timezone_set($stz);
+ }
+
return $out;
}
@@ -899,13 +886,14 @@
$attrib['folder_name'] = '*';
// get mailbox list
- $mbox_name = $RCMAIL->storage->get_folder();
+ $storage = $RCMAIL->get_storage();
+ $mbox_name = $storage->get_folder();
// build the folders tree
if (empty($a_mailboxes)) {
// get mailbox list
- $a_folders = $RCMAIL->storage->list_folders_subscribed('', $attrib['folder_name'], $attrib['folder_filter']);
- $delimiter = $RCMAIL->storage->get_hierarchy_delimiter();
+ $a_folders = $storage->list_folders_subscribed('', $attrib['folder_name'], $attrib['folder_filter']);
+ $delimiter = $storage->get_hierarchy_delimiter();
$a_mailboxes = array();
foreach ($a_folders as $folder)
@@ -913,7 +901,15 @@
}
// allow plugins to alter the folder tree or to localize folder names
- $hook = $RCMAIL->plugins->exec_hook('render_mailboxlist', array('list' => $a_mailboxes, 'delimiter' => $delimiter));
+ $hook = $RCMAIL->plugins->exec_hook('render_mailboxlist', array(
+ 'list' => $a_mailboxes,
+ 'delimiter' => $delimiter,
+ 'type' => $type,
+ 'attribs' => $attrib,
+ ));
+
+ $a_mailboxes = $hook['list'];
+ $attrib = $hook['attribs'];
if ($type == 'select') {
$select = new html_select($attrib);
@@ -922,12 +918,12 @@
if ($attrib['noselection'])
$select->add(rcube_label($attrib['noselection']), '');
- rcmail_render_folder_tree_select($hook['list'], $mbox_name, $attrib['maxlength'], $select, $attrib['realnames']);
- $out = $select->show();
+ rcmail_render_folder_tree_select($a_mailboxes, $mbox_name, $attrib['maxlength'], $select, $attrib['realnames']);
+ $out = $select->show($attrib['default']);
}
else {
$js_mailboxlist = array();
- $out = html::tag('ul', $attrib, rcmail_render_folder_tree_html($hook['list'], $mbox_name, $js_mailboxlist, $attrib), html::$common_attrib);
+ $out = html::tag('ul', $attrib, rcmail_render_folder_tree_html($a_mailboxes, $mbox_name, $js_mailboxlist, $attrib), html::$common_attrib);
$RCMAIL->output->add_gui_object('mailboxlist', $attrib['id']);
$RCMAIL->output->set_env('mailboxes', $js_mailboxlist);
@@ -1236,8 +1232,7 @@
if (!$attrib['id'])
$attrib['id'] = 'rcmquotadisplay';
- if(isset($attrib['display']))
- $_SESSION['quota_display'] = $attrib['display'];
+ $_SESSION['quota_display'] = !empty($attrib['display']) ? $attrib['display'] : 'text';
$OUTPUT->add_gui_object('quotadisplay', $attrib['id']);
@@ -1383,7 +1378,7 @@
'skin_path' => $RCMAIL->output->get_skin_path(),
'spellcheck' => intval($RCMAIL->config->get('enable_spellcheck')),
'spelldict' => intval($RCMAIL->config->get('spellcheck_dictionary')),
- ))), 'foot');
+ ))), 'docready');
}
@@ -1622,7 +1617,7 @@
$mem_limit = parse_bytes(ini_get('memory_limit'));
$memory = function_exists('memory_get_usage') ? memory_get_usage() : 16*1024*1024; // safe value: 16MB
- return $mem_limit && $memory + $need > $mem_limit ? false : true;
+ return $mem_limit > 0 && $memory + $need > $mem_limit ? false : true;
}
--
Gitblit v1.9.1