fa2824fdcd
Fix XSS issue in handling of a style tag inside of an svg element
9 years ago
85a750a068
Bump version to 1.2.4
9 years ago
1568bd9e04
Fix bug where external content in src attribute of input/video tags was not secured ( #5583 )
9 years ago
f90f22ffb8
Fix bug where image data URIs in css style were treated as evil/remote in mail preview ( #5580 )
9 years ago
79613c1e4f
Fix variable substitution in ldap host for some use-cases, e.g. new_user_identity ( #5544 )
9 years ago
f04fc506b0
Bump version to 1.2.3
9 years ago
e8fc8888a6
Remove leftower code from last few backports
9 years ago
31df33d4e0
Fix regression where LDAP results could be counted incorrectly when using VLV
...
... broken by d08bd0a51f
9 years ago
53ede465e3
Avoid PHP fatal error
...
After last change to file `rcube_ldap.php`, my roundcube instance was getting this error:
```
PHP Fatal error: Cannot use object of type Net_LDAP3_Result as array in ...
```
In
```php
protected function extended_search($count = false)
```
`$result = $this->ldap->search()` returns a LDAP object (whatever package we use).
If the search returns no results (and if `$is_extended_search` is false), then it gets to line 971 trying to do a `usort()` and then a `count()` on an object, instead of an array.
9 years ago
6ccfcab17a
Searching in both contacts and groups when LDAP addressbook with group_filters option is used
...
Conflicts:
CHANGELOG
program/steps/addressbook/search.inc
9 years ago
f84233785d
Fix vulnerability in handling of mail()'s 5th argument
9 years ago
5dfacede3f
Make sure $prefs property is an array ( #5523 )
9 years ago
7f04df9ec0
Fix storing "empty" values in rcube_cache/rcube_cache_shared ( #5519 )
9 years ago
c633e605dd
Support contact+group searches in all relevant places (T1360)
...
Before the search worked only in Addressbook, not also in Compose.
The point of the change is also to align group searches with contact searches
in that it now uses the same set of attributes. Previously groups
in Compose were searched by name only.
9 years ago
115d575421
Add convenient method to create new session records
9 years ago
7983a7d63f
Fix "Illegal string offset" warning in rcube::log_bug() on PHP 7.1 ( #5508 )
9 years ago
9eac1dd513
Fix bug where it wasn't possible to store more that 2MB objects in memcache/apc ( #5452 )
...
Added memcache_max_allowed_packet and apc_max_allowed_packet settings
9 years ago
d867ea98ed
Fix bug where IMAP password could be exposed via error message ( #5472 )
9 years ago
4013e8fd41
Fix To: header encoding in mail sent with mail() method ( #5475 )
9 years ago
4480b2615f
Fix bug where deleting folders with subfolders could fail in some cases ( #5466 )
9 years ago
41d72ca7da
Fix regression where creation of default folders wasn't functioning without prefix ( #5460 )
9 years ago
0c8419e31c
Simplify mbstring code path in rcube_charset::convert()
9 years ago
444fdb6161
Bump version to 1.2.2
9 years ago
4378699663
Implemented rcube::sleep() method for disconnecting all external connection in long-running/sleeping scripts
...
Conflicts:
program/lib/Roundcube/rcube_db.php
9 years ago
d6f87f81c1
Fix so when moving to Trash we make sure the folder exists ( #5192 )
9 years ago
bcf576c662
Fix bug where folder creation could fail if personal namespace contained more than one entry ( #5403 )
...
+ small code improvements
9 years ago
2fdb9c43eb
Fix E_DEPRECATED warning when using Auth_SASL::factory() ( #5401 )
10 years ago
c2b44147b6
Fix bug where Message-ID domain part was tied to username instead of current identity ( #5385 )
10 years ago
792dd40d90
Properly set the memcache debug log file name
...
Properly set the debug log file name ('memcache') as $this->type is undefined
10 years ago
fcf1a988a1
Wash position:fixed style in HTML mail for better security ( #5264 )
10 years ago
fa0769dc0e
Better time handling in rcube_utils::clean_datestr()
10 years ago
0e15c9bd45
Remove debug code
10 years ago
4624b22967
Managesieve: Fix parsing of vacation date-time with non-default date_format ( #5372 )
...
Added new method rcube_utils::format_datestr() to convert date_format date
into ISO date format.
10 years ago
654d4e51fc
Fix regression in resizing JPEG images with Imagick ( #5376 )
...
Conflicts:
program/lib/Roundcube/rcube_image.php
10 years ago
3a7a550518
Bump version to 1.2.1
10 years ago
9fe1cf16b3
Fix handling of blockquote tags with mixed case on html2text conversion ( #5363 )
10 years ago
9a9a147c58
We already require PEAR, so it's not needed to check if PEAR class exists.
...
Sooner or later it will fail if PEAR does not exist, so better to do this sooner.
10 years ago
537aaa3d09
Remove deprecated function flattenImages
...
flattenImages in imagick is deprecated since php 5.6.
`PHP Deprecated: Imagick::flattenImages method is deprecated and it's use should be avoided `
Proposed solution works with imagick 3.1.0+.
11 is used as an alternative to `Imagick::ALPHACHANNEL_REMOVE` which was added in imagick 3.2.0.
10 years ago
a1e23a8967
Fix handling of 'mailto' and 'error' arguments in message_before_send hook ( #5347 )
...
Conflicts:
program/lib/Roundcube/rcube.php
10 years ago
75e136f28e
Support type=password in rcube_output::get_edit_field()
10 years ago
e2ca2e1d08
Trim error message
10 years ago
4dc138b8c1
Don't add HTTP response body/headers to the spellchecker error message (it is displayed to the user)
10 years ago
b1217807f3
Fix bug where microsecond format in logged date didn't work in some cases
10 years ago
205233f93d
Workaround PHP issue by calling closelog() on script shutdown when using log_driver=syslog ( #5289 )
10 years ago
06d09b23c6
Fix handling of --delete argument in moduserprefs.sh script ( #5296 )
10 years ago
e2278a3c1c
Fix searching by email address in contacts with multiple addresses ( #5291 )
10 years ago
e660f157c0
Fix multi-folder search issues in "this and subfolders" scope ( #5282 , #5259 )
...
- Fix bug where multi-folder search could choose a wrong folder
- Fix bug where multi-folder search didn't work for unsubscribed INBOX
10 years ago
7621c18b8e
Fix bug where errors could have been not logged when per_user_logging=true
...
Conflicts:
CHANGELOG
10 years ago
d2e2a8f32e
Bump version to 1.2.0 (stable)
10 years ago
12b7d5f1b5
Fix XSS issue in href attribute on area tag ( #5240 , #5241 )
10 years ago
Aleksander Machniak