Aleksander Machniak
8b0540d402
Fix possible IMAP command injection and type juggling vulnerabilities ( #6229 )
7 years ago
Aleksander Machniak
df3878501c
Fix PHP 7.2: count(): Parameter must be an array in enchant-based spellchecker ( #6234 )
7 years ago
Aleksander Machniak
73ea8f94d0
Use htmlspecialchars() with charset argument, simplify some code
7 years ago
Aleksander Machniak
f36e23b778
Fix parsing date strings (e.g. from a Date: mail header) with comments ( #6216 )
7 years ago
Aleksander Machniak
2196f50437
Support redis_debug in the redis session driver
7 years ago
Aleksander Machniak
0f3ad342f7
Fix bug where some unix timestamps were not handled correctly by rcube_utils::anytodatetime() ( #6212 )
7 years ago
Aleksander Machniak
a451ad6599
Fix handling encoding of HTML tags in "inline" JSON output ( #6207 )
7 years ago
Aleksander Machniak
981cd8726d
Remove holes in cache index keys - makes the serialized representation shorter
7 years ago
Aleksander Machniak
1058924e21
Move some framework classes to sub-directories
7 years ago
Aleksander Machniak
d07b032bcd
Refactor cache code with separate engine-specific classes
7 years ago
Aleksander Machniak
fa06d37901
Merge branch 'feature/add_redis_as_cache' of https://github.com/ledgr/roundcubemail into ledgr-feature/add_redis_as_cache
7 years ago
Aleksander Machniak
6bfebc5e32
Add sanity check when auto-unsubscribing non-existing folders
7 years ago
Aleksander Machniak
1556eb01c7
Use JSON_UNESCAPED_UNICODE only on PHP >= 7.1.0 ( #6187 )
7 years ago
laodc
672e57ea48
Patched bug where rcube_db::quote() was causing an infinite connection loop. ( #6175 )
...
As rcube_db::quote() checks to see if the connection is up before quoting, this would cause the class to try connect again, as rcube_db::$dbh was not being set until AFTER conn_configure was completed, causing a loop.
So updated rcube_db::$dbh in the rcube::conn_create() function instead allowing access to the new object straight away.
It's needed for edeb5d7
.
7 years ago
Aleksander Machniak
a1be62b19d
Remove redundant trim()
7 years ago
Aleksander Machniak
9d2b303b51
Fix bug in remote content blocking on HTML image and style tags ( #6178 )
7 years ago
Aleksander Machniak
b46cd5de1d
Fix PHP Warning: exif_read_data(...): Illegal IFD size ( #6169 )
7 years ago
Edgaras Lukoševičius
e371469664
Add Redis as cache backend
7 years ago
laodc
edeb5d7ab4
Add support for PostgreSQL schemas in DSN ( #6150 )
...
If schema is set in the dsn, set search_path to the schema value.
Example:
$config['db_dsnw'] = 'pgsql://user:pass@localhost/dbname?schema=exampleschema';
7 years ago
Aleksander Machniak
4793ec753a
Remove double-quotes in filename* parameter of the Content-Disposition of downloads ( #5857 )
7 years ago
Aleksander Machniak
55e99398e1
Fix possible information leak - add more strict sql error check on user creation ( #6125 )
7 years ago
Aleksander Machniak
ce338164e3
Fix bug where contacts search could skip some records ( #6130 )
7 years ago
Richard Hillmann
59bbf6c081
Fix preg_match in guess_type function ( #6123 )
7 years ago
Aleksander Machniak
b172fb505c
Improve trusted_host_patterns code
7 years ago
Aleksander Machniak
4a5ca74724
Merge branch 'trusted-host-patterns' of https://github.com/dsoares/roundcubemail into dsoares-trusted-host-patterns
7 years ago
Daniel Kesselberg
a8d5547163
Update idn convertion methods ( #6115 )
...
* Add more test cases
* Update phpdoc
7 years ago
Aleksander Machniak
63a7d2313f
Improve SMTPUTF8 support and fix relaxed email validation issues
7 years ago
Aleksander Machniak
5665344673
Merge branch 'smtputf8' of https://github.com/jprjr/roundcubemail into jprjr-smtputf8
7 years ago
Aleksander Machniak
a2875cdda9
- Fix searching contacts by address in LDAP source ( #6084 )
7 years ago
Aleksander Machniak
c0959bd619
Sanity checks for header data length in FETCH ( #6087 )
...
Where we know what expected data length is we truncate the input.
7 years ago
Aleksander Machniak
3cdc8af297
Fix possible performance issue when parsing malformed and long Date header ( #6087 )
7 years ago
johndoh
05d1b1947e
Check for minified CSS files ( #6089 )
7 years ago
Aleksander Machniak
3488531b26
Fix PHP Warning: Use of undefined constant INTL_IDNA_VARIANT_UTS46 on servers without php-intl extension
7 years ago
Georgeto
161038ee87
Support additional connect parameters in PostgreSQL database wrapper ( #6071 )
...
Most notably this change enables you to specify whether or with what
priority a secure SSL TCP/IP connection will be negotiated with the
database server.
7 years ago
Aleksander Machniak
61a6666eee
Small CS fixes
7 years ago
Aleksander Machniak
ca39a4e093
Fix PHP warning "idn_to_utf8(): INTL_IDNA_VARIANT_2003 is deprecated" with PHP 7.2 ( #6075 )
7 years ago
Aleksander Machniak
36638ec0c2
Fix untagged COPYUID responses handling - again ( #5982 )
7 years ago
Aleksander Machniak
9ce8948294
Get rid of the 2nd argument of include_stylesheet()
...
.. make the optional behavior default now.
7 years ago
Aleksander Machniak
1cf72fa2b6
Allow plugins to include Less files ( #6051 )
7 years ago
Aleksander Machniak
c6b2d8bead
Merge branch 'dev-elastic'
7 years ago
Aleksander Machniak
4cb7713520
Fix checking table columns when there's more schemas/databases in postgres/mysql ( #6047 )
7 years ago
Aleksander Machniak
a6c37b7735
Fix broken long filenames when using imap4d server - workaround server bug ( #6048 )
7 years ago
Aleksander Machniak
eed4be3ba6
Display value of the SMTP message size limit in the error message ( #6032 )
7 years ago
Aleksander Machniak
4dc1f3b757
Use configured log_file_ext also for errors thrown by PHP ( #6035 )
7 years ago
Aleksander Machniak
910c735b87
Merge branch 'master' into dev-elastic
7 years ago
Aleksander Machniak
a0374f3c45
Fix mangled non-ASCII characters in links in HTML messages ( #6028 )
7 years ago
Aleksander Machniak
23af0b7f36
Merge branch 'master' into dev-elastic
7 years ago
dsoares
5282cbaff9
Check against trusted_host_patterns in rcube_utils::parse_host()
7 years ago
Aleksander Machniak
0f4f85e097
Skip redundant INSERT query on successful logon when using PHP7
...
Since PHP 7.0 session_regenerate_id() will cause the old session data update.
This is redundant INSERT query and also produces a record for the session
we don't need anymore.
7 years ago
Aleksander Machniak
ef0982f1b8
Merge branch 'master' into dev-elastic
7 years ago