Aleksander Machniak
418c72137e
Improve search_form() for external use
7 years ago
Aleksander Machniak
b2bebe531a
Fix bug where usernames without domain part could be malformed or converted to lower-case on logon ( #6224 )
7 years ago
Aleksander Machniak
8e543f843e
Fix check_request() bypass in places using get_uids() [CVE-2018-9846] ( #6238 )
7 years ago
Aleksander Machniak
5832eca405
RCMAIL_CHARSET -> RCUBE_CHARSET ( #6236 )
7 years ago
Aleksander Machniak
73ea8f94d0
Use htmlspecialchars() with charset argument, simplify some code
7 years ago
Aleksander Machniak
a451ad6599
Fix handling encoding of HTML tags in "inline" JSON output ( #6207 )
7 years ago
Aleksander Machniak
4f6079833a
Fix PHP 7.2 warning: count(): Parameter must be an array or an object that implements Countable
7 years ago
Aleksander Machniak
b00d5c3836
Automatically localize data-label-* attributes of a template object
7 years ago
Aleksander Machniak
83bd85677b
Remove x_frame_options env
7 years ago
Aleksander Machniak
b172fb505c
Improve trusted_host_patterns code
7 years ago
Aleksander Machniak
55a1d6ef1b
Make search form's aria label to also support plugin localization (via label-domain property)
7 years ago
Aleksander Machniak
38d275445d
Plugin API: Add 'write' argument to 'render_page' hook
7 years ago
Aleksander Machniak
8e2f6275a4
Prevent from empty 'class' attribute in generated html
7 years ago
Aleksander Machniak
00cb440a07
Inline warnings can contain HTML code (regression fix)
7 years ago
Aleksander Machniak
db382fa19c
Change remote images to remote resources warning also in html attachment preview
7 years ago
Aleksander Machniak
46e2e7e16c
CS fix
7 years ago
Aleksander Machniak
758044d69e
Add skin config options to dont_override list
...
... so e.g. options in user preferences will be hidden.
7 years ago
Aleksander Machniak
1cf72fa2b6
Allow plugins to include Less files ( #6051 )
7 years ago
PhilW
26f1b0770c
use skinned alert boxes
7 years ago
PhilW
b897fe9349
use skined confirmation boxes where possible
7 years ago
Aleksander Machniak
910c735b87
Merge branch 'master' into dev-elastic
7 years ago
Aleksander Machniak
2a32f51c91
Fix file disclosure vulnerability caused by insuficient input validation in relation with attachment plugins ( #6026 )
7 years ago
Aleksander Machniak
ef0982f1b8
Merge branch 'master' into dev-elastic
7 years ago
JohnDoh
a8f0d35ebc
Extend disabled_actions config so it accepts also button names ( #5903 )
7 years ago
Aleksander Machniak
d815525c6a
Merge branch 'master' into dev-elastic
7 years ago
Aleksander Machniak
22b30de5d9
Fix bug where assets_path wasn't added to some watermark frames
7 years ago
Aleksander Machniak
3a77c906a1
Merge branch 'master' into dev-elastic
7 years ago
Aleksander Machniak
6ecf87b5bd
Support 'class' attribute in ComposeFormHead object
7 years ago
Aleksander Machniak
b77cce8d3e
Fix sending message with "Too many public recipients" dialog buttons ( #5924 )
7 years ago
Aleksander Machniak
13d203303e
Refactored Help plugin to use frames, added Elastic skin support
7 years ago
Aleksander Machniak
5d398d4d00
Add version number to the client environment
7 years ago
Aleksander Machniak
040a71e76c
Make public class rcmail_bounce_mail (now rcmail_resend_mail) ( #5861 )
7 years ago
Aleksander Machniak
cfed954a46
Fix bug where Chrome could not upload the same file that was selected before ( #5854 )
...
... and removed the cancel hack that is not needed anymore.
7 years ago
Aleksander Machniak
1b2d3c0ac2
Email Resent (Bounce) feature ( #4985 )
7 years ago
Aleksander Machniak
4b2f2b6b3b
Use about:blank instead of blank.gif for empty iframes
7 years ago
Aleksander Machniak
84a79ee8db
Move common mail composing/sending code to new rcmail_sendmail class
...
This is needed to make simpler an implementation of e.g.
- Mail Bounce feature (#4985 ),
- Direct Draft sending (#4998 ),
- Fast reply from mail preview (#5129 ).
7 years ago
Aleksander Machniak
86a4d78369
Merge branch 'dev-elastic'
7 years ago
Aleksander Machniak
05ea5a5548
Add ignore_errors option to rcube_db, so error logging can be disabled temporarily
...
Use ignore_errors to make sure the DDL upgrade errors are printed only once.
7 years ago
Aleksander Machniak
7b4b36b16c
Plugin API: Added 'show_bytes' hook ( #5001 )
7 years ago
Aleksander Machniak
8fff21deb5
Fix POST parameter reflection in default_charset selector ( #5768 )
8 years ago
Aleksander Machniak
5101cfc67a
Bump version to 1.4-git
8 years ago
Aleksander Machniak
9858c2a294
Merge branch 'master' into dev-elastic
8 years ago
Aleksander Machniak
cc0defce86
Fix failing database schema check in all engines except mysql ( #5730 )
8 years ago
Aleksander Machniak
51fb3bfa58
Support including files with path relative to templates dir
8 years ago
Aleksander Machniak
559254d6ee
Use <button> instead of <input> for submit button on logon screen
8 years ago
Aleksander Machniak
b1be7fca51
Unify inline warnings in rcmail_html_page
8 years ago
Aleksander Machniak
34446e00ca
Fix bug where namespace prefix could not be truncated on folders list if show_real_foldernames=true ( #5695 )
8 years ago
Aleksander Machniak
51dffcda86
Skip <script> element if it has no content
8 years ago
Aleksander Machniak
f03839b24b
Add support for 'link' objects in templates (with conditions)
...
.. to simplify conditional <link> tags injection while nested 'if' objects do not work
8 years ago
Aleksander Machniak
71ff264b02
Support conditional include
8 years ago