pull/1/head
alecpl 13 years ago
parent f547424c75
commit a267c6ccd2

@ -23,33 +23,34 @@
*/
class rcube_content_filter extends php_user_filter
{
private $buffer = '';
private $cutoff = 2048;
function onCreate()
{
$this->cutoff = rand(2048, 3027);
return true;
}
function filter($in, $out, &$consumed, $closing)
{
while ($bucket = stream_bucket_make_writeable($in)) {
$this->buffer .= $bucket->data;
// check for evil content and abort
if (preg_match('/<(script|iframe|object)/i', $this->buffer))
return PSFS_ERR_FATAL;
// keep buffer small enough
if (strlen($this->buffer) > 4096)
$this->buffer = substr($this->buffer, $this->cutoff);
$consumed += $bucket->datalen;
stream_bucket_append($out, $bucket);
private $buffer = '';
private $cutoff = 2048;
function onCreate()
{
$this->cutoff = rand(2048, 3027);
return true;
}
return PSFS_PASS_ON;
}
}
function filter($in, $out, &$consumed, $closing)
{
while ($bucket = stream_bucket_make_writeable($in)) {
$this->buffer .= $bucket->data;
// check for evil content and abort
if (preg_match('/<(script|iframe|object)/i', $this->buffer)) {
return PSFS_ERR_FATAL;
}
// keep buffer small enough
if (strlen($this->buffer) > 4096) {
$this->buffer = substr($this->buffer, $this->cutoff);
}
$consumed += $bucket->datalen;
stream_bucket_append($out, $bucket);
}
return PSFS_PASS_ON;
}
}

@ -53,8 +53,12 @@ class rcube_html_page
{
static $sa_files = array();
if (!preg_match('|^https?://|i', $file) && $file[0] != '/')
$file = $this->scripts_path . $file . (($fs = @filemtime($this->scripts_path . $file)) ? '?s='.$fs : '');
if (!preg_match('|^https?://|i', $file) && $file[0] != '/') {
$file = $this->scripts_path . $file;
if ($fs = @filemtime($file)) {
$file .= '?s=' . $fs;
}
}
if (in_array($file, $sa_files)) {
return;
@ -65,6 +69,7 @@ class rcube_html_page
if (!is_array($this->script_files[$position])) {
$this->script_files[$position] = array();
}
$this->script_files[$position][] = $file;
}
@ -77,9 +82,10 @@ class rcube_html_page
public function add_script($script, $position='head')
{
if (!isset($this->scripts[$position])) {
$this->scripts[$position] = "\n".rtrim($script);
} else {
$this->scripts[$position] .= "\n".rtrim($script);
$this->scripts[$position] = "\n" . rtrim($script);
}
else {
$this->scripts[$position] .= "\n" . rtrim($script);
}
}
@ -100,7 +106,7 @@ class rcube_html_page
*/
public function add_header($str)
{
$this->header .= "\n".$str;
$this->header .= "\n" . $str;
}
/**
@ -111,7 +117,7 @@ class rcube_html_page
*/
public function add_footer($str)
{
$this->footer .= "\n".$str;
$this->footer .= "\n" . $str;
}
/**
@ -262,7 +268,8 @@ class rcube_html_page
) {
$css = '';
foreach ($this->css_files as $file) {
$css .= html::tag('link', array('rel' => 'stylesheet', 'type' => 'text/css', 'href' => $file, 'nl' => true));
$css .= html::tag('link', array('rel' => 'stylesheet',
'type' => 'text/css', 'href' => $file, 'nl' => true));
}
$output = substr_replace($output, $css, $pos, 0);
}
@ -279,10 +286,12 @@ class rcube_html_page
// trigger hook with final HTML content to be sent
$hook = rcmail::get_instance()->plugins->exec_hook("send_page", array('content' => $output));
if (!$hook['abort']) {
if ($this->charset != RCMAIL_CHARSET)
if ($this->charset != RCMAIL_CHARSET) {
echo rcube_charset_convert($hook['content'], RCMAIL_CHARSET, $this->charset);
else
}
else {
echo $hook['content'];
}
}
}
@ -296,14 +305,17 @@ class rcube_html_page
$file = $matches[3];
// correct absolute paths
if ($file[0] == '/')
if ($file[0] == '/') {
$file = $this->base_path . $file;
}
// add file modification timestamp
if (preg_match('/\.(js|css)$/', $file))
$file .= '?s=' . @filemtime($file);
if (preg_match('/\.(js|css)$/', $file)) {
if ($fs = @filemtime($file)) {
$file .= '?s=' . $fs;
}
}
return sprintf("%s=%s%s%s", $matches[1], $matches[2], $file, $matches[4]);
return $matches[1] . '=' . $matches[2] . $file . $matches[4];
}
}

@ -120,8 +120,9 @@ class rcube_imap_cache
*/
function get_index($mailbox, $sort_field = null, $sort_order = null, $existing = false)
{
if (empty($this->icache[$mailbox]))
if (empty($this->icache[$mailbox])) {
$this->icache[$mailbox] = array();
}
$sort_order = strtoupper($sort_order) == 'ASC' ? 'ASC' : 'DESC';
@ -226,8 +227,9 @@ class rcube_imap_cache
*/
function get_thread($mailbox)
{
if (empty($this->icache[$mailbox]))
if (empty($this->icache[$mailbox])) {
$this->icache[$mailbox] = array();
}
// Seek in internal cache
if (array_key_exists('thread', $this->icache[$mailbox])) {
@ -404,16 +406,19 @@ class rcube_imap_cache
*/
function add_message($mailbox, $message, $force = false)
{
if (!is_object($message) || empty($message->uid))
if (!is_object($message) || empty($message->uid)) {
return;
}
$msg = serialize($this->db->encode(clone $message));
$flags = 0;
if (!empty($message->flags)) {
foreach ($this->flags as $idx => $flag)
if (!empty($message->flags[$flag]))
foreach ($this->flags as $idx => $flag) {
if (!empty($message->flags[$flag])) {
$flags += $idx;
}
}
}
unset($msg->flags);
@ -428,8 +433,9 @@ class rcube_imap_cache
." AND uid = ?",
$flags, $msg, $this->userid, $mailbox, (int) $message->uid);
if ($this->db->affected_rows())
if ($this->db->affected_rows()) {
return;
}
}
// insert new record
@ -524,27 +530,30 @@ class rcube_imap_cache
// The index should be only removed from database when
// UIDVALIDITY was detected or the mailbox is empty
// otherwise use 'valid' flag to not loose HIGHESTMODSEQ value
if ($remove)
if ($remove) {
$this->db->query(
"DELETE FROM ".get_table_name('cache_index')
." WHERE user_id = ".intval($this->userid)
.(strlen($mailbox) ? " AND mailbox = ".$this->db->quote($mailbox) : "")
);
else
}
else {
$this->db->query(
"UPDATE ".get_table_name('cache_index')
." SET valid = 0"
." WHERE user_id = ".intval($this->userid)
.(strlen($mailbox) ? " AND mailbox = ".$this->db->quote($mailbox) : "")
);
}
if (strlen($mailbox)) {
unset($this->icache[$mailbox]['index']);
// Index removed, set flag to skip SELECT query in get_index()
$this->icache[$mailbox]['index_queried'] = true;
}
else
else {
$this->icache = array();
}
}
@ -566,8 +575,9 @@ class rcube_imap_cache
// Thread data removed, set flag to skip SELECT query in get_thread()
$this->icache[$mailbox]['thread_queried'] = true;
}
else
else {
$this->icache = array();
}
}
@ -672,19 +682,21 @@ class rcube_imap_cache
);
$data = implode('@', $data);
if ($exists)
if ($exists) {
$sql_result = $this->db->query(
"UPDATE ".get_table_name('cache_index')
." SET data = ?, valid = 1, changed = ".$this->db->now()
." WHERE user_id = ?"
." AND mailbox = ?",
$data, $this->userid, $mailbox);
else
}
else {
$sql_result = $this->db->query(
"INSERT INTO ".get_table_name('cache_index')
." (user_id, mailbox, data, valid, changed)"
." VALUES (?, ?, ?, 1, ".$this->db->now().")",
$this->userid, $mailbox, $data);
}
}
@ -701,19 +713,21 @@ class rcube_imap_cache
);
$data = implode('@', $data);
if ($exists)
if ($exists) {
$sql_result = $this->db->query(
"UPDATE ".get_table_name('cache_thread')
." SET data = ?, changed = ".$this->db->now()
." WHERE user_id = ?"
." AND mailbox = ?",
$data, $this->userid, $mailbox);
else
}
else {
$sql_result = $this->db->query(
"INSERT INTO ".get_table_name('cache_thread')
." (user_id, mailbox, data, changed)"
." VALUES (?, ?, ?, ".$this->db->now().")",
$this->userid, $mailbox, $data);
}
}
@ -1023,9 +1037,11 @@ class rcube_imap_cache
if ($message) {
$message->flags = array();
foreach ($this->flags as $idx => $flag)
if (($sql_arr['flags'] & $idx) == $idx)
foreach ($this->flags as $idx => $flag) {
if (($sql_arr['flags'] & $idx) == $idx) {
$message->flags[$flag] = true;
}
}
}
return $message;

Loading…
Cancel
Save