[Svn] r5499 - in branches/release-0.7: . config installer program/include program/js program/lib program/steps/addressbook program/steps/mail skins/default tests

trac at roundcube.net trac at roundcube.net
Mon Nov 28 10:03:27 CET 2011


Author: alec
Date: 2011-11-28 03:03:27 -0600 (Mon, 28 Nov 2011)
New Revision: 5499

Modified:
   branches/release-0.7/CHANGELOG
   branches/release-0.7/config/main.inc.php.dist
   branches/release-0.7/installer/rcube_install.php
   branches/release-0.7/program/include/main.inc
   branches/release-0.7/program/include/rcube_browser.php
   branches/release-0.7/program/include/rcube_config.php
   branches/release-0.7/program/include/rcube_smtp.php
   branches/release-0.7/program/js/app.js
   branches/release-0.7/program/lib/html2text.php
   branches/release-0.7/program/steps/addressbook/func.inc
   branches/release-0.7/program/steps/mail/search.inc
   branches/release-0.7/skins/default/functions.js
   branches/release-0.7/tests/mailfunc.php
Log:
- Applied fixes from trunk up to r5498


Modified: branches/release-0.7/CHANGELOG
===================================================================
--- branches/release-0.7/CHANGELOG	2011-11-28 08:31:42 UTC (rev 5498)
+++ branches/release-0.7/CHANGELOG	2011-11-28 09:03:27 UTC (rev 5499)
@@ -1,6 +1,13 @@
 CHANGELOG Roundcube Webmail
 ===========================
 
+- Use strpos() instead of strstr() when possible (#1488211)
+- Fix handling HTML entities when converting HTML to text (#1488212)
+- Fix fit_string_to_size() renders browser and ui unresponsive (#1488207)
+- Fix handling of invalid characters in request (#1488124)
+- Fix merging some configuration options in update.sh script (#1485864)
+- Fix so TEXT key will remove all HEADER keys in IMAP SEARCH (#1488208)
+- Fix handling contact photo url with https:// prefix (#1488202)
 - Fix possible infinite redirect on attachment preview (#1488199)
 - Improved clickjacking protection for browsers which don't support X-Frame-Options headers
 - Fixed bug where similiar folder names were highlighted wrong (#1487860)

Modified: branches/release-0.7/config/main.inc.php.dist
===================================================================
--- branches/release-0.7/config/main.inc.php.dist	2011-11-28 08:31:42 UTC (rev 5498)
+++ branches/release-0.7/config/main.inc.php.dist	2011-11-28 09:03:27 UTC (rev 5499)
@@ -653,8 +653,8 @@
 // use this timezone to display date/time
 $rcmail_config['timezone'] = 'auto';
 
-// is daylight saving On?
-$rcmail_config['dst_active'] = (bool)date('I');
+// is daylight saving On? Default: (bool)date('I');
+$rcmail_config['dst_active'] = null;
 
 // prefer displaying HTML messages
 $rcmail_config['prefer_html'] = true;

Modified: branches/release-0.7/installer/rcube_install.php
===================================================================
--- branches/release-0.7/installer/rcube_install.php	2011-11-28 08:31:42 UTC (rev 5498)
+++ branches/release-0.7/installer/rcube_install.php	2011-11-28 09:03:27 UTC (rev 5499)
@@ -142,20 +142,22 @@
 
     foreach ($this->config as $prop => $default) {
 
-      $value = (isset($_POST["_$prop"]) || $this->bool_config_props[$prop]) ? $_POST["_$prop"] : $default;
+      $is_default = !isset($_POST["_$prop"]);
+      $value      = !$is_default || $this->bool_config_props[$prop] ? $_POST["_$prop"] : $default;
 
       // convert some form data
-      if ($prop == 'debug_level') {
-        $val = 0;
-        if (is_array($value))
+      if ($prop == 'debug_level' && !$is_default) {
+        if (is_array($value)) {
+          $val = 0;
           foreach ($value as $dbgval)
             $val += intval($dbgval);
-        $value = $val;
+          $value = $val;
+        }
       }
       else if ($which == 'db' && $prop == 'db_dsnw' && !empty($_POST['_dbtype'])) {
         if ($_POST['_dbtype'] == 'sqlite')
           $value = sprintf('%s://%s?mode=0646', $_POST['_dbtype'], $_POST['_dbname']{0} == '/' ? '/' . $_POST['_dbname'] : $_POST['_dbname']);
-        else
+        else if ($_POST['_dbtype'])
           $value = sprintf('%s://%s:%s@%s/%s', $_POST['_dbtype'], 
             rawurlencode($_POST['_dbuser']), rawurlencode($_POST['_dbpass']), $_POST['_dbhost'], $_POST['_dbname']);
       }
@@ -177,9 +179,9 @@
         $value = '%p';
       }
       else if ($prop == 'default_imap_folders') {
-	    $value = Array();
+	    $value = array();
 	    foreach ($this->config['default_imap_folders'] as $_folder) {
-	      switch($_folder) {
+	      switch ($_folder) {
 	      case 'Drafts': $_folder = $this->config['drafts_mbox']; break;
 	      case 'Sent':   $_folder = $this->config['sent_mbox']; break;
 	      case 'Junk':   $_folder = $this->config['junk_mbox']; break;
@@ -206,7 +208,7 @@
       // replace the matching line in config file
       $out = preg_replace(
         '/(\$rcmail_config\[\''.preg_quote($prop).'\'\])\s+=\s+(.+);/Uie',
-        "'\\1 = ' . rcube_install::_dump_var(\$value) . ';'",
+        "'\\1 = ' . rcube_install::_dump_var(\$value, \$prop) . ';'",
         $out);
     }
 
@@ -299,7 +301,7 @@
     $current = $this->config;
     $this->config = array();
     $this->load_defaults();
-    
+
     foreach ($this->replaced_config as $prop => $replacement) {
       if (isset($current[$prop])) {
         if ($prop == 'skin_path')
@@ -328,9 +330,9 @@
     
     if ($current['keep_alive'] && $current['session_lifetime'] < $current['keep_alive'])
       $current['session_lifetime'] = max(10, ceil($current['keep_alive'] / 60) * 2);
-    
+
     $this->config  = array_merge($this->config, $current);
-    
+
     foreach ((array)$current['ldap_public'] as $key => $values) {
       $this->config['ldap_public'][$key] = $current['ldap_public'][$key];
     }
@@ -614,7 +616,22 @@
   }
   
   
-  static function _dump_var($var) {
+  static function _dump_var($var, $name=null) {
+    // special values
+    switch ($name) {
+    case 'syslog_facility':
+      $list = array(32 => 'LOG_AUTH', 80 => 'LOG_AUTHPRIV', 72 => ' LOG_CRON',
+                    24 => 'LOG_DAEMON', 0 => 'LOG_KERN', 128 => 'LOG_LOCAL0',
+                    136 => 'LOG_LOCAL1', 144 => 'LOG_LOCAL2', 152 => 'LOG_LOCAL3',
+                    160 => 'LOG_LOCAL4', 168 => 'LOG_LOCAL5', 176 => 'LOG_LOCAL6',
+                    184 => 'LOG_LOCAL7', 48 => 'LOG_LPR', 16 => 'LOG_MAIL',
+                    56 => 'LOG_NEWS', 40 => 'LOG_SYSLOG', 8 => 'LOG_USER', 64 => 'LOG_UUCP');
+      if ($val = $list[$var])
+        return $val;
+      break;
+    }
+
+
     if (is_array($var)) {
       if (empty($var)) {
         return 'array()';

Modified: branches/release-0.7/program/include/main.inc
===================================================================
--- branches/release-0.7/program/include/main.inc	2011-11-28 08:31:42 UTC (rev 5498)
+++ branches/release-0.7/program/include/main.inc	2011-11-28 09:03:27 UTC (rev 5499)
@@ -640,20 +640,23 @@
 function get_input_value($fname, $source, $allow_html=FALSE, $charset=NULL)
 {
   $value = NULL;
-  
-  if ($source==RCUBE_INPUT_GET && isset($_GET[$fname]))
-    $value = $_GET[$fname];
-  else if ($source==RCUBE_INPUT_POST && isset($_POST[$fname]))
-    $value = $_POST[$fname];
-  else if ($source==RCUBE_INPUT_GPC)
-    {
+
+  if ($source == RCUBE_INPUT_GET) {
+    if (isset($_GET[$fname]))
+      $value = $_GET[$fname];
+  }
+  else if ($source == RCUBE_INPUT_POST) {
     if (isset($_POST[$fname]))
       $value = $_POST[$fname];
+  }
+  else if ($source == RCUBE_INPUT_GPC) {
+    if (isset($_POST[$fname]))
+      $value = $_POST[$fname];
     else if (isset($_GET[$fname]))
       $value = $_GET[$fname];
     else if (isset($_COOKIE[$fname]))
       $value = $_COOKIE[$fname];
-    }
+  }
 
   return parse_input_value($value, $allow_html, $charset);
 }
@@ -661,7 +664,7 @@
 /**
  * Parse/validate input value. See get_input_value()
  * Performs stripslashes() and charset conversion if necessary
- * 
+ *
  * @param  string   Input value
  * @param  boolean  Allow HTML tags in field value
  * @param  string   Charset to convert into
@@ -687,15 +690,21 @@
   else if (get_magic_quotes_gpc() || get_magic_quotes_runtime())
     $value = stripslashes($value);
 
-  // remove HTML tags if not allowed    
+  // remove HTML tags if not allowed
   if (!$allow_html)
     $value = strip_tags($value);
-  
+
+  $output_charset = is_object($OUTPUT) ? $OUTPUT->get_charset() : null;
+
+  // remove invalid characters (#1488124)
+  if ($output_charset == 'UTF-8')
+    $value = rc_utf8_clean($value);
+
   // convert to internal charset
-  if (is_object($OUTPUT) && $charset)
-    return rcube_charset_convert($value, $OUTPUT->get_charset(), $charset);
-  else
-    return $value;
+  if ($charset && $output_charset)
+    $value = rcube_charset_convert($value, $output_charset, $charset);
+
+  return $value;
 }
 
 /**
@@ -711,10 +720,10 @@
   $src = $mode == RCUBE_INPUT_GET ? $_GET : ($mode == RCUBE_INPUT_POST ? $_POST : $_REQUEST);
   foreach ($src as $key => $value) {
     $fname = $key[0] == '_' ? substr($key, 1) : $key;
-    if ($ignore && !preg_match("/($ignore)/", $fname))
+    if ($ignore && !preg_match('/^(' . $ignore . ')$/', $fname))
       $out[$fname] = get_input_value($key, $mode);
   }
-  
+
   return $out;
 }
 

Modified: branches/release-0.7/program/include/rcube_browser.php
===================================================================
--- branches/release-0.7/program/include/rcube_browser.php	2011-11-28 08:31:42 UTC (rev 5498)
+++ branches/release-0.7/program/include/rcube_browser.php	2011-11-28 09:03:27 UTC (rev 5499)
@@ -33,19 +33,19 @@
         $HTTP_USER_AGENT = strtolower($_SERVER['HTTP_USER_AGENT']);
 
         $this->ver = 0;
-        $this->win = strstr($HTTP_USER_AGENT, 'win');
-        $this->mac = strstr($HTTP_USER_AGENT, 'mac');
-        $this->linux = strstr($HTTP_USER_AGENT, 'linux');
-        $this->unix  = strstr($HTTP_USER_AGENT, 'unix');
+        $this->win = strpos($HTTP_USER_AGENT, 'win') != false;
+        $this->mac = strpos($HTTP_USER_AGENT, 'mac') != false;
+        $this->linux = strpos($HTTP_USER_AGENT, 'linux') != false;
+        $this->unix  = strpos($HTTP_USER_AGENT, 'unix') != false;
 
-        $this->opera = strstr($HTTP_USER_AGENT, 'opera');
-        $this->ns4 = strstr($HTTP_USER_AGENT, 'mozilla/4') && !stristr($HTTP_USER_AGENT, 'msie');
-        $this->ns  = ($this->ns4 || strstr($HTTP_USER_AGENT, 'netscape'));
-        $this->ie  = !$this->opera && stristr($HTTP_USER_AGENT, 'compatible; msie');
-        $this->mz  = !$this->ie && strstr($HTTP_USER_AGENT, 'mozilla/5');
-        $this->chrome = strstr($HTTP_USER_AGENT, 'chrome');
-        $this->khtml = strstr($HTTP_USER_AGENT, 'khtml');
-        $this->safari = !$this->chrome && ($this->khtml || strstr($HTTP_USER_AGENT, 'safari'));
+        $this->opera = strpos($HTTP_USER_AGENT, 'opera') !== false;
+        $this->ns4 = strpos($HTTP_USER_AGENT, 'mozilla/4') !== false && strpos($HTTP_USER_AGENT, 'msie') === false;
+        $this->ns  = ($this->ns4 || strpos($HTTP_USER_AGENT, 'netscape') !== false);
+        $this->ie  = !$this->opera && strpos($HTTP_USER_AGENT, 'compatible; msie') !== false;
+        $this->mz  = !$this->ie && strpos($HTTP_USER_AGENT, 'mozilla/5') !== false;
+        $this->chrome = strpos($HTTP_USER_AGENT, 'chrome') !== false;
+        $this->khtml = strpos($HTTP_USER_AGENT, 'khtml') !== false;
+        $this->safari = !$this->chrome && ($this->khtml || strpos($HTTP_USER_AGENT, 'safari') !== false);
 
         if ($this->ns || $this->chrome) {
             $test = preg_match('/(mozilla|chrome)\/([0-9.]+)/', $HTTP_USER_AGENT, $regs);

Modified: branches/release-0.7/program/include/rcube_config.php
===================================================================
--- branches/release-0.7/program/include/rcube_config.php	2011-11-28 08:31:42 UTC (rev 5498)
+++ branches/release-0.7/program/include/rcube_config.php	2011-11-28 09:03:27 UTC (rev 5499)
@@ -90,12 +90,15 @@
 
         // enable display_errors in 'show' level, but not for ajax requests
         ini_set('display_errors', intval(empty($_REQUEST['_remote']) && ($this->prop['debug_level'] & 4)));
-        
+
         // set timezone auto settings values
         if ($this->prop['timezone'] == 'auto') {
           $this->prop['dst_active'] = intval(date('I'));
-          $this->prop['_timezone_value']   = date('Z') / 3600 - $this->prop['dst_active'];
+          $this->prop['_timezone_value'] = date('Z') / 3600 - $this->prop['dst_active'];
         }
+        else if ($this->prop['dst_active'] === null) {
+          $this->prop['dst_active'] = intval(date('I'));
+        }
 
         // export config data
         $GLOBALS['CONFIG'] = &$this->prop;

Modified: branches/release-0.7/program/include/rcube_smtp.php
===================================================================
--- branches/release-0.7/program/include/rcube_smtp.php	2011-11-28 08:31:42 UTC (rev 5498)
+++ branches/release-0.7/program/include/rcube_smtp.php	2011-11-28 09:03:27 UTC (rev 5499)
@@ -381,7 +381,7 @@
           $from = $addresses[0];
 
         // Reject envelope From: addresses with spaces.
-        if (strstr($from, ' '))
+        if (strpos($from, ' ') !== false)
           return false;
 
         $lines[] = $key . ': ' . $value;

Modified: branches/release-0.7/program/js/app.js
===================================================================
--- branches/release-0.7/program/js/app.js	2011-11-28 08:31:42 UTC (rev 5498)
+++ branches/release-0.7/program/js/app.js	2011-11-28 09:03:27 UTC (rev 5499)
@@ -5743,10 +5743,13 @@
     });
   };
 
-  this.plain2html = function(plainText, id)
+  this.plain2html = function(plain, id)
   {
     var lock = this.set_busy(true, 'converting');
-    $('#'+id).val(plainText ? '<pre>'+plainText+'</pre>' : '');
+
+    plain = plain.replace(/&/g, '&').replace(/</g, '<').replace(/>/g, '>');
+    $('#'+id).val(plain ? '<pre>'+plain+'</pre>' : '');
+
     this.set_busy(false, null, lock);
   };
 

Modified: branches/release-0.7/program/lib/html2text.php
===================================================================
--- branches/release-0.7/program/lib/html2text.php	2011-11-28 08:31:42 UTC (rev 5498)
+++ branches/release-0.7/program/lib/html2text.php	2011-11-28 09:03:27 UTC (rev 54