- Applied fixes from trunk up to r5633

13 years ago · 96c946ee6c
parent 89dc8499c3
commit 96c946ee6c
6 changed files with 67 additions and 43 deletions
--- a/1
+++ b/1
@ -1,6 +1,7 @@
 CHANGELOG Roundcube Webmail
 ===========================

+- Fix crash with eAccelerator (#1488256)
 - Fix expanding folders during drag&drop (#1488260)
 - Fix wrong postgres sequence name in upgrade from 0.6
 - Fix broken CREATE INDEX queries in SQLite DDL files (#1488255)
--- a/program/include/rcube_content_filter.php
+++ b/program/include/rcube_content_filter.php
@ -0,0 +1,55 @@
+<?php
+
+/*
+ +-----------------------------------------------------------------------+
+ | program/include/rcube_content_filter.php                              |
+ |                                                                       |
+ | This file is part of the Roundcube Webmail client                     |
+ | Copyright (C) 2011, The Roundcube Dev Team                            |
+ | Licensed under the GNU GPL                                            |
+ |                                                                       |
+ | PURPOSE:                                                              |
+ |   PHP stream filter to detect evil content in mail attachments        |
+ |                                                                       |
+ +-----------------------------------------------------------------------+
+ | Author: Thomas Bruederli <roundcube@gmail.com>                        |
+ +-----------------------------------------------------------------------+
+
+ $Id$
+*/
+
+/**
+ * PHP stream filter to detect html/javascript code in attachments
+ */
+class rcube_content_filter extends php_user_filter
+{
+  private $buffer = '';
+  private $cutoff = 2048;
+
+  function onCreate()
+  {
+    $this->cutoff = rand(2048, 3027);
+    return true;
+  }
+
+  function filter($in, $out, &$consumed, $closing)
+  {
+    while ($bucket = stream_bucket_make_writeable($in)) {
+      $this->buffer .= $bucket->data;
+
+      // check for evil content and abort
+      if (preg_match('/<(script|iframe|object)/i', $this->buffer))
+        return PSFS_ERR_FATAL;
+
+      // keep buffer small enough
+      if (strlen($this->buffer) > 4096)
+        $this->buffer = substr($this->buffer, $this->cutoff);
+
+      $consumed += $bucket->datalen;
+      stream_bucket_append($out, $bucket);
+    }
+
+    return PSFS_PASS_ON;
+  }
+}
+
--- a/program/js/app.js
+++ b/program/js/app.js
@ -3082,7 +3082,7 @@ function rcube_webmail()
      if (!vis)
        this.stop_spellchecking();

-      $(this.env.spellcheck.spell_container).css('visibility', vis ? 'visible' : 'hidden');
+      $(this.env.spellcheck.spell_container)[vis ? 'show' : 'hide']();
    }
  };

--- a/program/steps/mail/autocomplete.inc
+++ b/program/steps/mail/autocomplete.inc
@ -28,8 +28,10 @@ if ($RCMAIL->action == 'group-expand') {
    $abook->set_pagesize(1000);  // TODO: limit number of group members by config
    $result = $abook->list_records(array('email','name'));
    while ($result && ($sql_arr = $result->iterate())) {
-      foreach ((array)$sql_arr['email'] as $email)
+      foreach ((array)$sql_arr['email'] as $email) {
        $members[] = format_email_recipient($email, $sql_arr['name']);
+        break;  // only expand one email per contact
+      }
    }

    $separator = trim($RCMAIL->config->get('recipients_separator', ',')) . ' ';
--- a/program/steps/mail/get.inc
+++ b/program/steps/mail/get.inc
@ -5,7 +5,7 @@
 | program/steps/mail/get.inc                                            |
 |                                                                       |
 | This file is part of the Roundcube Webmail client                     |
- | Copyright (C) 2005-2009, The Roundcube Dev Team                       |
+ | Copyright (C) 2005-2011, The Roundcube Dev Team                       |
 | Licensed under the GNU GPL                                            |
 |                                                                       |
 | PURPOSE:                                                              |
@ -179,39 +179,3 @@ header('HTTP/1.1 404 Not Found');
 exit;


-
-/**
- * PHP stream filter to detect html/javascript code in attachments
- */
-class rcube_content_filter extends php_user_filter
-{
-  private $buffer = '';
-  private $cutoff = 2048;
-
-  function onCreate()
-  {
-    $this->cutoff = rand(2048, 3027);
-    return true;
-  }
-
-  function filter($in, $out, &$consumed, $closing)
-  {
-    while ($bucket = stream_bucket_make_writeable($in)) {
-      $this->buffer .= $bucket->data;
-
-      // check for evil content and abort
-      if (preg_match('/<(script|iframe|object)/i', $this->buffer))
-        return PSFS_ERR_FATAL;
-
-      // keep buffer small enough
-      if (strlen($this->buffer) > 4096)
-        $this->buffer = substr($this->buffer, $this->cutoff);
-
-      $consumed += $bucket->datalen;
-      stream_bucket_append($out, $bucket);
-    }
-
-    return PSFS_PASS_ON;
-  }
-}
-
--- a/program/steps/settings/folders.inc
+++ b/program/steps/settings/folders.inc
@ -293,10 +293,12 @@ function rcube_subscription_form($attrib)
        if (!$disabled && $folder['virtual'] && $folder['level'] == 0 && !empty($namespace)) {
            $fname = $folder['id'] . $delimiter;
            foreach ($namespace as $ns) {
-                foreach ($ns as $item) {
-                    if ($item[0] === $fname) {
-                        $disabled = true;
-                        break 2;
+                if (is_array($ns)) {
+                    foreach ($ns as $item) {
+                        if ($item[0] === $fname) {
+                            $disabled = true;
+                            break 2;
+                        }
                    }
                }
            }