From 1172330b2abb6fe287e88e98e9c3dbd9d76ee785 Mon Sep 17 00:00:00 2001 From: Aleksander Machniak Date: Fri, 31 Jul 2015 18:48:17 +0200 Subject: [PATCH] Fix error when using back button after sending an email (#1490009) --- CHANGELOG | 1 + index.php | 2 +- program/localization/en_US/messages.inc | 5 +++-- program/steps/mail/compose.inc | 8 +++++--- program/steps/mail/func.inc | 14 -------------- program/steps/mail/sendmail.inc | 16 ++++++++++++++++ program/steps/utils/error.inc | 9 +++++++++ 7 files changed, 35 insertions(+), 20 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index 5d8b00989..2f40db2ae 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -22,6 +22,7 @@ CHANGELOG Roundcube Webmail - Fix bug where new messages weren't added to the list in search mode - Fix wrong positioning of message list header on page scroll in Webkit browsers (#1490035) - Fix some javascript errors in rare situations (#1490441) +- Fix error when using back button after sending an email (#1490009) RELEASE 1.1.2 ------------- diff --git a/index.php b/index.php index fa78618d8..0312b7104 100644 --- a/index.php +++ b/index.php @@ -131,7 +131,7 @@ if ($RCMAIL->task == 'login' && $RCMAIL->action == 'login') { // prevent redirect to compose with specified ID (#1488226) if ($query['_action'] == 'compose' && !empty($query['_id'])) { - $query = array(); + $query = array('_action' => 'compose'); } } diff --git a/program/localization/en_US/messages.inc b/program/localization/en_US/messages.inc index a23bfd645..621b7eafd 100644 --- a/program/localization/en_US/messages.inc +++ b/program/localization/en_US/messages.inc @@ -189,5 +189,6 @@ $messages['errrequestcheckfailed'] = 'Request Check Failed'; $messages['errcsrfprotectionexplain'] = "For your protection, access to this resource is secured against CSRF.\nIf you see this, you probably didn't log out before leaving the web application.\n\nHuman interaction is now required to continue."; $messages['errcontactserveradmin'] = 'Please contact your server-administrator.'; $messages['clicktoresumesession'] = 'Click here to resume your previous session'; - -?> +$messages['errcomposesession'] = 'Compose session error'; +$messages['errcomposesessionexplain'] = 'Requested compose session not found.'; +$messages['clicktocompose'] = 'Click here to compose a new message'; diff --git a/program/steps/mail/compose.inc b/program/steps/mail/compose.inc index 326b817aa..0c045c258 100644 --- a/program/steps/mail/compose.inc +++ b/program/steps/mail/compose.inc @@ -47,9 +47,11 @@ while ($COMPOSE_ID && !is_array($COMPOSE) && $RCMAIL->db->is_replicated() && $re if (!is_array($COMPOSE)) { // Infinite redirect prevention in case of broken session (#1487028) if ($COMPOSE_ID) { - rcube::raise_error(array('code' => 500, 'type' => 'php', - 'file' => __FILE__, 'line' => __LINE__, - 'message' => "Invalid compose ID"), true, true); + // if we know the message with specified ID was already sent + // we can ignore the error and compose a new message (#1490009) + if ($COMPOSE_ID != $_SESSION['last_compose_session']) { + rcube::raise_error(array('code' => 450), false, true); + } } $COMPOSE_ID = uniqid(mt_rand()); diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc index f4d26752f..21089a85c 100644 --- a/program/steps/mail/func.inc +++ b/program/steps/mail/func.inc @@ -1753,20 +1753,6 @@ function rcmail_draftinfo_decode($str) return $info; } -/** - * clear message composing settings - */ -function rcmail_compose_cleanup($id) -{ - if (!isset($_SESSION['compose_data_'.$id])) { - return; - } - - $rcmail = rcmail::get_instance(); - $rcmail->plugins->exec_hook('attachments_cleanup', array('group' => $id)); - $rcmail->session->remove('compose_data_'.$id); -} - /** * Send the MDN response * diff --git a/program/steps/mail/sendmail.inc b/program/steps/mail/sendmail.inc index 154a4245c..5e155345e 100644 --- a/program/steps/mail/sendmail.inc +++ b/program/steps/mail/sendmail.inc @@ -954,3 +954,19 @@ function rcmail_generic_message_footer($isHtml) return false; } + +/** + * clear message composing settings + */ +function rcmail_compose_cleanup($id) +{ + if (!isset($_SESSION['compose_data_'.$id])) { + return; + } + + $rcmail = rcmail::get_instance(); + $rcmail->plugins->exec_hook('attachments_cleanup', array('group' => $id)); + $rcmail->session->remove('compose_data_'.$id); + + $_SESSION['last_compose_session'] = $id; +} diff --git a/program/steps/utils/error.inc b/program/steps/utils/error.inc index 16fbb03d9..16ff11878 100644 --- a/program/steps/utils/error.inc +++ b/program/steps/utils/error.inc @@ -72,6 +72,15 @@ else if ($ERROR_CODE == 404) { $__error_text .= '

' . $rcmail->gettext('errfailedrequest') . ":
\n//$request_url

"; } +// invalid compose ID +else if ($ERROR_CODE == 450 && $_SERVER['REQUEST_METHOD'] == 'GET' && $rcmail->action == 'compose') { + $url = $rcmail->url('compose'); + + $__error_title = strtoupper($rcmail->gettext('errcomposesession')); + $__error_text = nl2br($rcmail->gettext('errcomposesessionexplain')) + . '

' . html::a($url, $rcmail->gettext('clicktocompose')) . '

'; +} + // database connection error else if ($ERROR_CODE == 601) { $__error_title = "CONFIGURATION ERROR";