Merge branch 'master' of github.com:roundcube/roundcubemail

Conflicts:
	CHANGELOG

CHANGELOG

@@ -2,6 +2,8 @@ CHANGELOG Roundcube Webmail
 ===========================
 
 - Use IMAP BINARY (RFC3516) extension to fetch message/part bodies
+- Fix folder creation under public namespace root (#1488665)
+- Fix so "Edit as new" on draft creates a new message (#1488687)
 - Fix invalid error message on deleting mail from read only folder (#1488694)
 - Fix error where session wasn't updated after folder rename/delete (#1488692)
 - Replace data URIs of images (pasted in HTML editor) with inline attachments (#1488502)

installer/check.php

@@ -35,12 +35,12 @@ $ini_checks = array(
     'suhosin.session.encrypt'       => 0,
     'magic_quotes_runtime'          => 0,
     'magic_quotes_sybase'           => 0,
+    'date.timezone'                 => '-NOTEMPTY-',
 );
 
 $optional_checks = array(
     // required for utils/modcss.inc, should we require this?
     'allow_url_fopen'  => 1,
-    'date.timezone'    => '-NOTEMPTY-',
 );
 
 $source_urls = array(
@@ -171,7 +171,15 @@ foreach ($ini_checks as $var => $val) {
     $status = ini_get($var);
     if ($val === '-NOTEMPTY-') {
         if (empty($status)) {
-            $RCI->fail($var, "cannot be empty and needs to be set");
+            $RCI->fail($var, "empty value detected");
+        } else if ($var == 'date.timezone') {
+            try {
+                $tz = new DateTimeZone($status);
+                $RCI->pass($var);
+            }
+            catch (Exception $e) {
+                $RCI->fail($var, "invalid value detected: $status");
+            }
         } else {
             $RCI->pass($var);
         }

plugins/password/config.inc.php.dist

@@ -36,7 +36,8 @@ $rcmail_config['password_db_dsn'] = '';
 // The query can contain the following macros that will be expanded as follows:
 //      %p is replaced with the plaintext new password
 //      %c is replaced with the crypt version of the new password, MD5 if available
-//         otherwise DES.
+//         otherwise DES. More hash function can be enabled using the password_crypt_hash 
+//         configuration parameter.
 //      %D is replaced with the dovecotpw-crypted version of the new password
 //      %o is replaced with the password before the change
 //      %n is replaced with the hashed version of the new password
@@ -51,6 +52,13 @@ $rcmail_config['password_db_dsn'] = '';
 // Default: "SELECT update_passwd(%c, %u)"
 $rcmail_config['password_query'] = 'SELECT update_passwd(%c, %u)';
 
+// By default the crypt() function which is used to create the '%c' 
+// parameter uses the md5 algorithm. To use different algorithms 
+// you can choose between: des, md5, blowfish, sha256, sha512.
+// Before using other hash functions than des or md5 please make sure
+// your operating system supports the other hash functions.
+$rcmail_config['password_crypt_hash'] = 'md5';
+
 // By default domains in variables are using unicode.
 // Enable this option to use punycoded names
 $rcmail_config['password_idn_ascii'] = false;

plugins/password/drivers/sql.php

@@ -40,13 +40,38 @@ class rcube_sql_password
         // crypted password
         if (strpos($sql, '%c') !== FALSE) {
             $salt = '';
-            if (CRYPT_MD5) {
+
-                // Always use eight salt characters for MD5 (#1488136)
+            if (!($crypt_hash = $rcmail->config->get('password_crypt_hash')))
-    	        $len = 8;
+            {
-            } else if (CRYPT_STD_DES) {
+                if (CRYPT_MD5)
-        	    $len = 2;
+                    $crypt_hash = 'md5';
-            } else {
+                else if (CRYPT_STD_DES)
-        	    return PASSWORD_CRYPT_ERROR;
+                    $crypt_hash = 'des';
+            }
+            
+            switch ($crypt_hash)
+            {
+            case 'md5':
+                $len = 8;
+                $salt_hashindicator = '$1$';
+                break;
+            case 'des':
+                $len = 2;
+                break;
+            case 'blowfish':
+                $len = 22;
+                $salt_hashindicator = '$2a$';
+                break;
+            case 'sha256':
+                $len = 16;
+                $salt_hashindicator = '$5$';
+                break;
+            case 'sha512':
+                $len = 16;
+                $salt_hashindicator = '$6$';
+                break;
+            default:
+                return PASSWORD_CRYPT_ERROR;
             }
 
             //Restrict the character set used as salt (#1488136)
@@ -55,7 +80,7 @@ class rcube_sql_password
     	        $salt .= $seedchars[rand(0, 63)];
             }
 
-            $sql = str_replace('%c',  $db->quote(crypt($passwd, CRYPT_MD5 ? '$1$'.$salt.'$' : $salt)), $sql);
+            $sql = str_replace('%c',  $db->quote(crypt($passwd, $salt_hashindicator ? $salt_hashindicator .$salt.'$' : $salt)), $sql);
         }
 
         // dovecotpw

program/include/rcube_imap.php

@@ -3297,11 +3297,8 @@ class rcube_imap extends rcube_storage
         }
 
         // Get folder rights (MYRIGHTS)
-        if ($acl && !$options['noselect']) {
+        if ($acl && ($rights = $this->my_rights($folder))) {
-            // skip shared roots
+            $options['rights'] = $rights;
-            if (!$options['is_root'] || $options['namespace'] == 'personal') {
-                $options['rights'] =  (array)$this->my_rights($folder);
-            }
         }
 
         // Set 'norename' flag

program/js/app.js

@@ -669,7 +669,7 @@ function rcube_webmail()
           this.load_identity(props, 'edit-identity');
         else if (this.task == 'mail' && (cid = this.get_single_uid())) {
           url = { _mbox: this.env.mailbox };
-          url[this.env.mailbox == this.env.drafts_mailbox ? '_draft_uid' : '_uid'] = cid;
+          url[this.env.mailbox == this.env.drafts_mailbox && props != 'new' ? '_draft_uid' : '_uid'] = cid;
           this.goto_url('compose', url, true);
         }
         break;

skins/classic/includes/messagetoolbar.html

@@ -45,7 +45,7 @@
   <ul class="toolbarmenu">
     <li><roundcube:button class="printlink" command="print" label="printmessage" classAct="printlink active" /></li>
     <li><roundcube:button class="downloadlink" command="download" label="emlsave" classAct="downloadlink active" /></li>
-    <li><roundcube:button class="editlink" command="edit" label="editasnew" classAct="editlink active" /></li>
+    <li><roundcube:button class="editlink" command="edit" prop="new" label="editasnew" classAct="editlink active" /></li>
     <li class="separator_below"><roundcube:button class="sourcelink" command="viewsource" label="viewsource" classAct="sourcelink active" /></li>
     <li><roundcube:button class="openlink" command="open" label="openinextwin" target="_blank" classAct="openlink active" /></li>
     <roundcube:container name="messagemenu" id="messagemenu" />

skins/larry/includes/mailtoolbar.html

@@ -37,7 +37,7 @@
   <ul class="toolbarmenu iconized">
 	<li><roundcube:button command="print" label="printmessage" class="icon" classAct="icon active" innerclass="icon print" /></li>
 	<li><roundcube:button command="download" label="emlsave" class="icon" classAct="icon active" innerclass="icon download" /></li>
-	<li><roundcube:button command="edit" label="editasnew" class="icon" classAct="icon active" innerclass="icon edit" /></li>
+	<li><roundcube:button command="edit" prop="new" label="editasnew" class="icon" classAct="icon active" innerclass="icon edit" /></li>
 	<li><roundcube:button command="viewsource" label="viewsource" class="icon" classAct="icon active" innerclass="icon viewsource" /></li>
 	<li><roundcube:button command="open" label="openinextwin" target="_blank" class="icon" classAct="icon active" innerclass="icon extwin" /></li>
 	<roundcube:container name="messagemenu" id="messagemenu" />