Aleksander Machniak
b2b9b591ce
Fix handling random_bytes() errors in PHP 7.0.0RC3
9 years ago
Aleksander Machniak
e85bbc9e9c
random_bytes() can throw an exception in some cases, since PHP 7.0.0rc3
9 years ago
Aleksander Machniak
26086981a2
Improve randomness of security tokens ( #1490529 )
9 years ago
Aleksander Machniak
f00e1f5333
CS fixes
9 years ago
Aleksander Machniak
7a42173a16
Simplify rcube_utils::check_ip()
9 years ago
Aleksander Machniak
6b31846c43
Fix IPv6 address validation on PHP with disabled IPv6 support
9 years ago
Aleksander Machniak
93e64008a6
Small code improvements
9 years ago
Aleksander Machniak
8447bae77c
Require Mbstring and OpenSSL extensions ( #1490415 ) - remove redundant code
10 years ago
Aleksander Machniak
9aae1b7fc3
Fix so microseconds macro (u) in log_date_format works ( #1490446 )
10 years ago
Aleksander Machniak
a958748947
CS fixes
10 years ago
Aleksander Machniak
3994b3a26c
Installer: Use openssl_random_pseudo_bytes() (if available) to generate des_key ( #1490402 )
10 years ago
Thomas Bruederli
c32998084d
Add untility function to match strings ignoring word order
10 years ago
Thomas Bruederli
e8b82c2e7b
Fix rcube_utils::normalize_string() to support unicode characters + add argument for minimum token length
10 years ago
Thomas Bruederli
09c58d1add
Make rcube_utils::strtotime() timezone aware ( #1490163 )
10 years ago
Aleksander Machniak
787a421846
Fix rcube_utils::anytodatetime() with no timezone specified
10 years ago
Aleksander Machniak
848e204ef9
Fix validation of email addresses with IDNA domains ( #1490067 )
10 years ago
Aleksander Machniak
29c24e647c
Get rid of DIRECTORY_SEPARATOR for consistency
10 years ago
Aleksander Machniak
5f58127eae
Added rcube_utils::resolve_url()
10 years ago
Aleksander Machniak
75bbada03b
Remove code for PHP<5.3, use PHP_VERSION_ID instead of version_compare() for version checks
10 years ago
Thomas Bruederli
cc850263d4
Add optional timezone argument for date conversion
10 years ago
Aleksander Machniak
49dad5f669
Fix broken normalize_string(), add support for ISO-8859-2
11 years ago
Felix Eckhofer
30e6b980a6
Remove usage of $RCMAIL global variable
11 years ago
Felix Eckhofer
ef721fc430
Add config variable 'proxy_whitelist'
...
HTTP headers X_FORWARDED_* and X_REAL_IP are only evaluated when
received from an IP listed in proxy_whitelist. Furthermore, only the
last non-trusted IP from X-Forwarded-For is used in place of the real
ip.
Without this, an attacker can easily spoof the headers and control the
result of the ip or ssl check.
This fixes several problems with [3a4c9f42
], [4d480b36
] and [a520f331
] as
mentioned in #1489729 .
11 years ago
Aleksander Machniak
517c9f9a8d
Fix directories check in Installer on Windows ( #1489576 )
...
Added rcube_utils::is_absolute_path() method
11 years ago
Aleksander Machniak
f6d23a8dce
Fix PHP warning when 1st argument of parse_host() is not a string ( #1489486 )
11 years ago
Aleksander Machniak
a520f331c1
Fix handling of X-Forwarded-For header with multiple addresses ( #1489481 )
11 years ago
Aleksander Machniak
d19c0f9f30
In normalize_string() replace 4-byte unicode characters with '?' character.
...
These are not supported in default utf-8 charset on mysql,
the chance we'd need them in searching is very low.
11 years ago
Aleksander Machniak
b1f3c3bee8
Fixed saving contact birthday/anniversary dates before 01-01-1970
11 years ago
Thomas Bruederli
fdb30f3279
Fix CSS selector modifications when nested in @media blocks
11 years ago
Aleksander Machniak
ff6de99ae4
Some micro-optimizations
11 years ago
Aleksander Machniak
d1abd8e339
Fix infinite loop in rcube_utils::mod_css_styles() after recent changes in rcube_string_replacer
11 years ago
Aleksander Machniak
af79a7b837
Fixed issues where HTML comments inside style tag would hang Internet Explorer
11 years ago
Aleksander Machniak
eafd5b1aa4
Improved mailto: link arguments handling ( #1489363 )
11 years ago
Thomas Bruederli
52830ea605
Improve handling of date strings and DateTime values in contacts
11 years ago
Aleksander Machniak
b32fab16ef
Fix handling of non-default date formats ( #1489294 )
...
- remove ambiguous m/d/Y format from default config
11 years ago
Thomas Bruederli
4d480b36ea
Respect HTTP_X_FORWARDED_FOR and HTTP_X_REAL_IP variables for session IP check
11 years ago
Aleksander Machniak
39b905b7a8
Canonize boolean ini_get() results ( #1489189 )
12 years ago
Aleksander Machniak
896e2b4e51
Add more rcube_utils tests
12 years ago
Aleksander Machniak
fe0f1d589b
Improve rcube_utils::file2class() to not return duplicates
12 years ago
Aleksander Machniak
3725cfb245
Avoid uninitialized/unused variables
12 years ago
Aleksander Machniak
b7570fb564
Fix parsing invalid date string ( #1489035 )
12 years ago
Thomas Bruederli
293a5798af
Use the right variable for IPv6 check
12 years ago
Aleksander Machniak
d2534c63f2
Cleanup, remove file paths from doc
12 years ago
Thomas Bruederli
60226a75d8
Separate the very application-specific output classes from the Roundcube framework; add autoloader for rmail* classes
12 years ago
Aleksander Machniak
ba6f21caeb
Framework files moved to lib/Roundcube
12 years ago