Commit Graph

1124 Commits (05db0f5d87b2476286216b3f2ee552d6bcbe2c7c)

Author SHA1 Message Date
Aleksander Machniak 30ab2eec5f Remove function_exists() checks for mbstring functions 7 years ago
Aleksander Machniak 4b97f40af9 Get rid of debug_level (#6298) 7 years ago
Aleksander Machniak 71eec07d25 Fix regression where some non-inline attachments could be not listed (#6291) 7 years ago
Aleksander Machniak 430c000e32 Support skin localization (#5853) 7 years ago
Aleksander Machniak 1247a8dd7d Fix bug where some forbidden characters on Cyrus-IMAP were not prevented from use in folder names 7 years ago
Aleksander Machniak 0716d499bc Fix bug where some escape sequences in html styles could bypass security checks 7 years ago
Edgaras L c236c22c41 Parse all quotas from GETQUOTAROOT (#6280) 7 years ago
Aleksander Machniak c0b9025215 Remove sample PHP configuration from .htaccess and .user.ini files (#5850)
Moved to https://github.com/roundcube/roundcubemail/wiki/Installation#php-configuration
7 years ago
Aleksander Machniak 63d3ad11fb Use Masterminds/HTML5 parser for HTML5 support (#5761) 7 years ago
Aleksander Machniak e79838aaac Enigma: Disable autofill for new keypair password 7 years ago
Aleksander Machniak dd3ea4ed2b Fix extracting codepage 7 years ago
Aleksander Machniak 8a6a9e86ae Fix handling of forwarded messages inside of a TNEF message (#5632) 7 years ago
Aleksander Machniak a889f55c31 Fix PHP Warning: Use of undefined constant IDNA_DEFAULT on systems without php-intl (#6244) 7 years ago
Aleksander Machniak b2bebe531a Fix bug where usernames without domain part could be malformed or converted to lower-case on logon (#6224) 7 years ago
Aleksander Machniak 8df6d7c3e4 Fix regression in compressMessageSet() (#6235) 7 years ago
Aleksander Machniak 8b0540d402 Fix possible IMAP command injection and type juggling vulnerabilities (#6229) 7 years ago
Aleksander Machniak df3878501c Fix PHP 7.2: count(): Parameter must be an array in enchant-based spellchecker (#6234) 7 years ago
Aleksander Machniak 73ea8f94d0 Use htmlspecialchars() with charset argument, simplify some code 7 years ago
Aleksander Machniak f36e23b778 Fix parsing date strings (e.g. from a Date: mail header) with comments (#6216) 7 years ago
Aleksander Machniak 2196f50437 Support redis_debug in the redis session driver 7 years ago
Aleksander Machniak 0f3ad342f7 Fix bug where some unix timestamps were not handled correctly by rcube_utils::anytodatetime() (#6212) 7 years ago
Aleksander Machniak a451ad6599 Fix handling encoding of HTML tags in "inline" JSON output (#6207) 7 years ago
Aleksander Machniak 981cd8726d Remove holes in cache index keys - makes the serialized representation shorter 7 years ago
Aleksander Machniak 1058924e21 Move some framework classes to sub-directories 7 years ago
Aleksander Machniak d07b032bcd Refactor cache code with separate engine-specific classes 7 years ago
Aleksander Machniak fa06d37901 Merge branch 'feature/add_redis_as_cache' of https://github.com/ledgr/roundcubemail into ledgr-feature/add_redis_as_cache 7 years ago
Aleksander Machniak 6bfebc5e32 Add sanity check when auto-unsubscribing non-existing folders 7 years ago
Aleksander Machniak 1556eb01c7 Use JSON_UNESCAPED_UNICODE only on PHP >= 7.1.0 (#6187) 7 years ago
laodc 672e57ea48 Patched bug where rcube_db::quote() was causing an infinite connection loop. (#6175)
As rcube_db::quote() checks to see if the connection is up before quoting, this would cause the class to try connect again, as rcube_db::$dbh was not being set until AFTER conn_configure was completed, causing a loop.

So updated rcube_db::$dbh in the rcube::conn_create() function instead allowing access to the new object straight away.

It's needed for edeb5d7.
7 years ago
Aleksander Machniak a1be62b19d Remove redundant trim() 7 years ago
Aleksander Machniak 9d2b303b51 Fix bug in remote content blocking on HTML image and style tags (#6178) 7 years ago
Aleksander Machniak b46cd5de1d Fix PHP Warning: exif_read_data(...): Illegal IFD size (#6169) 7 years ago
Edgaras Lukoševičius e371469664 Add Redis as cache backend 7 years ago
laodc edeb5d7ab4 Add support for PostgreSQL schemas in DSN (#6150)
If schema is set in the dsn, set search_path to the schema value.

Example:

$config['db_dsnw'] = 'pgsql://user:pass@localhost/dbname?schema=exampleschema';
7 years ago
Aleksander Machniak 4793ec753a Remove double-quotes in filename* parameter of the Content-Disposition of downloads (#5857) 7 years ago
Aleksander Machniak 55e99398e1 Fix possible information leak - add more strict sql error check on user creation (#6125) 7 years ago
Aleksander Machniak ce338164e3 Fix bug where contacts search could skip some records (#6130) 7 years ago
Richard Hillmann 59bbf6c081 Fix preg_match in guess_type function (#6123) 7 years ago
Aleksander Machniak b172fb505c Improve trusted_host_patterns code 7 years ago
Aleksander Machniak 4a5ca74724 Merge branch 'trusted-host-patterns' of https://github.com/dsoares/roundcubemail into dsoares-trusted-host-patterns 7 years ago
Daniel Kesselberg a8d5547163 Update idn convertion methods (#6115)
* Add more test cases
* Update phpdoc
7 years ago
Aleksander Machniak 63a7d2313f Improve SMTPUTF8 support and fix relaxed email validation issues 7 years ago
Aleksander Machniak 5665344673 Merge branch 'smtputf8' of https://github.com/jprjr/roundcubemail into jprjr-smtputf8 7 years ago
Aleksander Machniak a2875cdda9 - Fix searching contacts by address in LDAP source (#6084) 7 years ago
Aleksander Machniak c0959bd619 Sanity checks for header data length in FETCH (#6087)
Where we know what expected data length is we truncate the input.
7 years ago
Aleksander Machniak 3cdc8af297 Fix possible performance issue when parsing malformed and long Date header (#6087) 7 years ago
johndoh 05d1b1947e Check for minified CSS files (#6089) 7 years ago
Aleksander Machniak 3488531b26 Fix PHP Warning: Use of undefined constant INTL_IDNA_VARIANT_UTS46 on servers without php-intl extension 7 years ago
Georgeto 161038ee87 Support additional connect parameters in PostgreSQL database wrapper (#6071)
Most notably this change enables you to specify whether or with what
priority a secure SSL TCP/IP connection will be negotiated with the
database server.
7 years ago
Aleksander Machniak 61a6666eee Small CS fixes 7 years ago
Aleksander Machniak ca39a4e093 Fix PHP warning "idn_to_utf8(): INTL_IDNA_VARIANT_2003 is deprecated" with PHP 7.2 (#6075) 7 years ago
Aleksander Machniak 36638ec0c2 Fix untagged COPYUID responses handling - again (#5982) 7 years ago
Aleksander Machniak 9ce8948294 Get rid of the 2nd argument of include_stylesheet()
.. make the optional behavior default now.
7 years ago
Aleksander Machniak 1cf72fa2b6 Allow plugins to include Less files (#6051) 7 years ago
Aleksander Machniak c6b2d8bead Merge branch 'dev-elastic' 7 years ago
Aleksander Machniak 4cb7713520 Fix checking table columns when there's more schemas/databases in postgres/mysql (#6047) 7 years ago
Aleksander Machniak a6c37b7735 Fix broken long filenames when using imap4d server - workaround server bug (#6048) 7 years ago
Aleksander Machniak eed4be3ba6 Display value of the SMTP message size limit in the error message (#6032) 7 years ago
Aleksander Machniak 4dc1f3b757 Use configured log_file_ext also for errors thrown by PHP (#6035) 7 years ago
Aleksander Machniak 910c735b87 Merge branch 'master' into dev-elastic 7 years ago
Aleksander Machniak a0374f3c45 Fix mangled non-ASCII characters in links in HTML messages (#6028) 7 years ago
Aleksander Machniak 23af0b7f36 Merge branch 'master' into dev-elastic 7 years ago
dsoares 5282cbaff9 Check against trusted_host_patterns in rcube_utils::parse_host() 7 years ago
Aleksander Machniak 0f4f85e097 Skip redundant INSERT query on successful logon when using PHP7
Since PHP 7.0 session_regenerate_id() will cause the old session data update.
This is redundant INSERT query and also produces a record for the session
we don't need anymore.
7 years ago
Aleksander Machniak ef0982f1b8 Merge branch 'master' into dev-elastic 7 years ago
dsoares 50a9c8f777 Add option trusted_host_patterns 7 years ago
JohnDoh 515d496808 Replace display_version with display_product_info (#5904) 7 years ago
Aleksander Machniak e21ab984bc Skip <span> wrappers in html_table that is a <ul> list 7 years ago
Aleksander Machniak d815525c6a Merge branch 'master' into dev-elastic 7 years ago
Brendan Braybrook 4574870adc fix: unknown content-disposition type should be treated as attachment (#6002) 7 years ago
Aleksander Machniak 5e08a6ac59 Handle remote stylesheets the same as remote images, ask the user to allow them (#5994)
Fixes the issue where remote stylesheet could have been blocked
if the message contained no remote images and user have no way to
allow that content.
7 years ago
Aleksander Machniak 3196d656db Fix css conflicts in user interface and e-mail content (#5891)
... by adding prefix to element/class identifiers
Also cleaned up some code and removed global variable use.
7 years ago
Aleksander Machniak 403d8453c8 Fix issue caused by non-default session.cookie_lifetime setting (#5961) 7 years ago
Aleksander Machniak f8fc01b800 Fix so untagged COPYUID responses are also supported according to RFC6851 (#5982) 7 years ago
Aleksander Machniak 5d3add78aa Add Message-ID to the sendmail log (#5871) 7 years ago
Aleksander Machniak 117c150b2f Fix bug where mail search could return empty result on servers without SORT capability (#5973) 7 years ago
Aleksander Machniak 3c1b78af48 Merge branch 'master' into dev-elastic 7 years ago
Aleksander Machniak 4223bed7e8 Add html_button class 7 years ago
Aleksander Machniak 5d16751ed8 Fix (again) bug where image data URIs in css style were treated as evil/remote in mail preview (#5580) 7 years ago
Thomas Bruederli 3723f3f178 Fix rcube_utils::random_bytes() to not throw exception for length=0 7 years ago
Lukas Erlacher 130f0cde3e Add host to IMAP login error
This simplifies debugging authentication failures in multi-host setups.
7 years ago
Aleksander Machniak 72fe97ddfc Fix bug where HTML messages could have been rendered empty on some systems (#5957)
Consistently use $nodeName instead of $tagName property.
7 years ago
Aleksander Machniak ee6b5e9e58 Fix PHP 7.2 error: count(): Parameter must be an array or an object that implements Countable 7 years ago
Aleksander Machniak fa3eb6813f Ignore rewind() warnings (#5950) 7 years ago
Aleksander Machniak 3a77c906a1 Merge branch 'master' into dev-elastic 7 years ago
Aleksander Machniak 7fc626d527 Changed defaults for smtp_user (%u), smtp_pass (%p) and smtp_port (587) 7 years ago
Aleksander Machniak cdcbad1879 Handle inline images also inside multipart/mixed messages (#5905) 7 years ago
Aleksander Machniak 2d608a799c Fix decoding message/rtf822 part body/size
When e.g. an encrypted message has one of it's sub-parts a part that is message/rfc822
part we need it's body and size, because it will be listed on the attachments list
and also can be downloaded.
7 years ago
Aleksander Machniak 1235dcf321 Encode JSON with JSON_UNESCAPED_SLASHES and JSON_UNESCAPED_UNICODE options 7 years ago
Thomas Bruederli 919338d4ba Escape textarea contents in Washtml 7 years ago
Aleksander Machniak 1c24c69a3b Fix path for css file existence check in include_stylesheet() 7 years ago
Aleksander Machniak 4a71847c98 Fix bug where last character of a filename extracted from TNEF could be truncated (#5799) 7 years ago
Aleksander Machniak 69f50b122d Add a way to include plugin stylesheets optionally only if the file exists 7 years ago
Aleksander Machniak fc1a0a1f65 Fix bug where messages count was not updated after delete when imap_cache is set (#5872) 7 years ago
Aleksander Machniak 76adb49454 Support for IMAP folders that cannot contain both folders and messages (#5057) 7 years ago
Aleksander Machniak b97e3b5cd7 Don't ignore (global) userlogins/sendmail logs in per_user_logging mode 8 years ago
Aleksander Machniak e04f72d018 Fix PHP 7.2 warnings on count() use (#5845) 8 years ago
Aleksander Machniak 97bf251dc6 Don't use create_function() deprecated in PHP 7.2 8 years ago
Aleksander Machniak 86a4d78369 Merge branch 'dev-elastic' 8 years ago
Aleksander Machniak 05ea5a5548 Add ignore_errors option to rcube_db, so error logging can be disabled temporarily
Use ignore_errors to make sure the DDL upgrade errors are printed only once.
8 years ago