Dev May 2013

dev@lists.roundcube.net

23 participants
24 discussions

Larry: improved attachment preview page?
by A.L.E.C 01 Sep '13

01 Sep '13

While I work on a new plugin for files management. I found that we could improve our current attachment preview page. I'm attaching a screenshot from my plugin. I'd like to make attachment preview page to look the same, i.e. attachment properties on the left and toolbar with buttons (Download for now, but we could add other e.g. Print, Save, Edit). What do you think? An opposite layout would be to make it more looking as message preview page with properties on top and small buttons in right-top corner (and no toolbar). I however, prefer the solution with toolbar. -- Aleksander 'A.L.E.C' Machniak LAN Management System Developer [http://lms.org.pl] Roundcube Webmail Developer [http://roundcube.net] --------------------------------------------------- PGP: 19359DC1 @@ GG: 2275252 @@ WWW: http://alec.pl

3 4

Re: [RCD] Custom Session Handlers (was: Update 0.9.1 released)
by Thomas Bruederli 05 Jun '13

05 Jun '13

Hello! I'm trying to ignore all the rants and personal accusations and get back to the a constructive conversation about a technical problem. First, let's start a new thread since it has actually nothing to do with the 0.9.1 update. Second, there are reasons that Roundcube comes with a custom session handler and those are still valid. We didn't do this just for fun, believe me! The main reason are concurrent http request which alter session data. Image the following scenario: A) [r]----------- big file being uploaded ------------[w] B) [r]----- fast upload ----[w] In PHP, session data is read when the process starts and written when the process ends. With the scenario from above, the session changes of request B) would be lost when A) finishes. Until now I don't know of any solution with default PHP session handlers that would be able to handle such a case properly. Another more performance related reason for you custom handler is the check if session data actually changed before issuing a (useless) update query. Sure, we could store file upload information somewhere else than in session but the underlying problem of concurrent requests overlapping each others still persists and can happen in other cases, too. On Wed, May 22, 2013 at 9:00 PM, till <klimpong(a)gmail.com> wrote: > I agree that session handling could be nicer in RoundCube — or maybe not at > all. ;-) If we wouldn't have customized session handling code we could let > people configure PHP directly to use the filesystem, memcache or database. I > think the least we could (or should) do is use an external library for > session handling because that doesn't seem our domain (which is an email > client). > > Not sure if we could use something from Symfony2 or ZF2. They each provide > wrappers — PHP 5.3, et all. Are people ready to move/upgrade yet? We're open for suggestions to get rid of the custom session handlers but please keep the above scenario in mind. Switching to an external library might be a solution but don't they use custom save handlers, too? Speaking of which: what Roundcube does is to call session_set_save_handler() in a very early stage of the script startup. That's the API PHP provides and we sticked to the documentation for implementing the handler functions including returning true to signalize success. Unfortunately I don't have an explanation for the errors you reported without being able to reproduce it. So let's try it the old fashioned way and eliminate possible factors. @Harald, could you run Roundcube on a PHP5.4 without Suhosin to rule that out first? And please everybody, choose your words wisely! Regards, Thomas > -------- Original-Nachricht -------- > Betreff: Re: [RCD] Update 0.9.1 released > Datum: Mon, 20 May 2013 16:39:51 +0200 > Von: Reindl Harald <h.reindl(a)thelounge.net> > > and when will sessions continue to work on machines with > Apache 2.4 / PHP 5.4 / MariaDB while the error messages > below make ZERO sense because RC refuses to work with a > untouched session management like every other webapp > > would RC use simply session_start() and not fuckup the > admin settings it *would* in fact use /var/www/sessiondata > and it would it use *with success* > > ** give us a option to NOT touch any session setting ** P.S. we can but for the just explained reasons your Roundcube users will complain about lost attachments and other weird behavior.

4 15

Stable version 0.9.0 released
by Thomas Bruederli 01 Jun '13

01 Jun '13

Hello folks We can proudly announce the next stable release of Roundcube. This version enhances the webmail experience with these new features: * Improved rendering of forwarded and attached messages * Optionally display and compose email messages a new windows * Unified UI for message view and composition * Show sender photos from contacts in email view * Render thumbnails for image attachments * Download all attachments as zip archive (using the zipdownload plugin) * Forward multiple emails as attachments * CSV import for contacts The major change of this version isn't really visible to the users but even more important for the developers: the Roundcube framework. We decoupled the core functions for IMAP access, SMTP email sending, database abstraction, caching, etc. from the webmail application in order to make them usable for other free software products. Another major change since the 0.8 series is the new database abstraction layer. In order to add support for SQLite3, the PEAR:MDB2 dependency was dropped and Roundcube now uses the native PHP Data Objects (PDO). It's enabled by default since PHP 5.1 and is considered stable and well-developed. One drawback, however, is a small lack in the MySQL PDO driver which makes PHP 5.3 a requirement for this version of Roundcube when using the MySQL database. A minor but rather handy improvement is a complete new database update mechanism that makes schema changes much easier to be deployed. After the upgrade, simply run bin/updatedb.sh to apply the necessary changes to the database Roundcube connects to. In case you used bin/installto.sh to perform the update, the schema upgrades are done applied and no further actions are required. After lots of testing and collecting your feedback, this version is considered stable and it also includes the recently discovered vulnerability that allows an attacker to modify its users preferences in a way that he can then read arbitrary files from the server. We therefore recommend to update all productive installations of Roundcube. Download both the webmail and the framework packages from http://roundcube.net/download Read the full list of changes here: http://trac.roundcube.net/wiki/Changelog IMPORTANT: We're still getting a lot of support requests from users who are under the impression that Roundcube is a public service such as Gmail or Hotmail. Unfortunately we cannot help these people and thus we'd like to encourage everybody once more to enter an URL to the option named 'support_url' in the Roundcube config. This will be display a link on all screens including the login page that should guide your users to instructions how to get help for your specific email service that uses Roundcube. Thanks a lot for using Roundcube and for your support! Best, Thomas

7 8

Roundcube 0.9.1 brakes long URLs
by Tim Gerundt 29 May '13

29 May '13

Hi List, I updated recently my 0.8.6 Roundcube installation to 0.9.1. Now I have problems with long URL (for example of eBay auctions) which get broken, if I send emails. For example: col=owner&col=type&col=priority&col=component&col=version&order=priority (See the attachment for the real URL). Is this a general problem or something with my installation? (Tested with IE9 und Firefox 21; Language German; Classic-Skin) Greetings, Tim

2 2

Including department OU/information in LDAP searches
by David Carter 29 May '13

29 May '13

I have been asked to add department names into the results generated by searches and autocompletion against our LDAP directory. This solves problems with common names: I am one of at least four people named "David Carter" in the University. The following hack solves our requirement: it generates results of the form "David Carter [University Computing Service] <dpc22(a)cam.ac.uk>". The "[]" part gets stripped out by the onclick handler for autocompletion. It is however playing games with strings passed from rcube_addressbook.php to app.js.src and relies on the fact that our directory never generates entries which contain '[' or ']' characters. The correct solution would be to pass objects around instead. If I had a go at the correct approach would there be any interest in merging the change upstream? -- David Carter Email: David.Carter(a)ucs.cam.ac.uk University Computing Service, Phone: (01223) 334502 New Museums Site, Pembroke Street, Fax: (01223) 334679 Cambridge UK. CB2 3QH. --- program/lib/Roundcube/BAK/rcube_addressbook.php 2013-05-15 13:08:25.000000000 +0100 +++ program/lib/Roundcube/rcube_addressbook.php 2013-05-17 12:19:17.000000000 +0100 @@ -509,6 +509,13 @@ else $fn = !empty($contact['name']) ? $contact['name'] : join(' ', array($contact['prefix'], $contact['firstname'], $contact['middlename'], $contact['surname'], $contact['suffix'])); + # DPC addition + if ($fn and $contact['department']) { + $depts = is_array($contact['department']) + ? join(', ', $contact['department']) : $contact['department']; + $fn = $fn . " [". $depts . "]"; + } + $fn = trim($fn, ', '); // fallback to display name --- program/js/BAK/app.js.src 2013-05-15 20:31:27.000000000 +0100 +++ program/js/app.js.src 2013-05-17 12:19:05.000000000 +0100 @@ -3853,6 +3853,7 @@ } else if (typeof this.env.contacts[id] === 'string') { insert = this.env.contacts[id] + this.env.recipients_delimiter; + insert=insert.replace(/ \[.+\]/, ""); // DPC trigger = true; }

1 0

Localisation of default mailbox names
by David Carter 29 May '13

29 May '13

Our users seem to be rather confused by the localisation which takes place on the default mailbox names: Drafts Sent Junk Deleted Items Largely because they are used to the names: postponed-msgs sent-mail spam Trash and are puzzled that the same mailbox can show up twice in the list of mailboxes with different names. A bit of experimentation reveals that the localisation can be disabled with two separate one line changes to program/include/rcmail.php (which could be controlled by a configuration option in config/main.inc.php). Unfortunately it isn't quite possible to do this using the Roundcube plugin architecture. Would the roundcube devs accept a small patch which doesn't change the default behaviour? -- David Carter Email: David.Carter(a)ucs.cam.ac.uk University Computing Service, Phone: (01223) 334502 New Museums Site, Pembroke Street, Fax: (01223) 334679 Cambridge UK. CB2 3QH.

2 2

How reset trac password?
by Tim Gerundt 23 May '13

23 May '13

Hi list, how can I reset my trac password (user "gerundt")? It seems that I forgot it. ;) Greetings, Tim Gerundt

1 0

Update 0.9.1 released
by Thomas Bruederli 22 May '13

22 May '13

Hello folks We proudly announce the first service release for the 0.9 series of Roundcube. As usual, it contains some bug fixes and improvements which didn't make it into the first stable version as well as some translation updates. After getting reports that some skin images weren't reloaded due to progressive cache settings, the packaged version now comes with unique urls of skin images referenced by templates and CSS files. If you're pulling the source directly from git you can achieve the same by running bin/updatecss.sh It's considered stable and we recommend to update all productive installations of Roundcube with this version. Download it from http://roundcube.net/download, see the full changelog here: http://trac.roundcube.net/wiki/Changelog Have fun! Thomas

13 42

0.9.1: is_readable() open_basedir restriction
by Reindl Harald 22 May '13

22 May '13

please change this to @is_readable() and it works with E_ALL "/usr/local/etc/httpd/conf/mime.types" does not exist on any normal system "/usr/share/misc" is in open_basedir because "/usr/share/misc/magic" open_basedir to /etc for "/etc/mime.types" is a no-go __________________________ [21-May-2013 20:05:35 Europe/Vienna] PHP Warning: is_readable() [<a href='http://at.php.net/manual/de/function.is-readable.php'>function.is-readable.php</a>]: open_basedir restriction in effect. File(/usr/local/etc/httpd/conf/mime.types) is not within the allowed path(s): (/usr/share/roundcubemail:/etc/roundcubemail:/var/log/roundcubemail:/usr/share/misc:/usr/share/pear:/tmp:/var/www/uploadtemp) in /usr/share/roundcubemail/program/lib/Roundcube/rcube_mime.php on line 798

1 0

AUTH PLAIN doesn't quite work
by Rimas Kudelis 20 May '13

20 May '13

Hi, it seems to me that RoundCube (0.9.0) can't authenticate to an Exim SMTP server (v4.72 on Debian) using AUTH PLAIN. I'm not sure which one of them is faulty here (or is it me?), but it looks like RoundCube is probably willing to send auth information after in a separate line than the AUTH PLAIN command, meanwhile Exim expects all that in the single line (AUTH PLAIN dGVzdAB0ZXN0AHRlc3RwYXNz). Is it a known problem? Rimas

2 1

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

Dev May 2013