pdontthink [Sat, 7 Dec 2013 11:02:18 +0000 (11:02 +0000)]
Preserve compose action during HTML address book activity
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14408
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Thu, 7 Nov 2013 09:42:54 +0000 (09:42 +0000)]
Change string to something already in squirrelmail.pot
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14400
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Wed, 6 Nov 2013 16:47:55 +0000 (16:47 +0000)]
Add full date and time as "title" (mouseover) text for dates shown on the message list screen
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14398
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Wed, 23 Oct 2013 10:09:16 +0000 (10:09 +0000)]
Add new spacer image and allow its use for unsafe images instead of the sec_remove_* image -- brings HTML emails into the modern age (much more viewable)
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14396
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Tue, 22 Oct 2013 21:48:11 +0000 (21:48 +0000)]
Typo
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14394
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Tue, 22 Oct 2013 15:49:26 +0000 (15:49 +0000)]
Add associative edit list option widget with optional folder list selector for values; Minor fixes for non-associative edit list widget
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14393
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Mon, 16 Sep 2013 18:06:58 +0000 (18:06 +0000)]
Don't allow TO field to be blank; adjust auto-detection of FROM for reply-all actions as well
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14391
7612ce4b-ef26-0410-bec9-
ea0150e637f0
jervfors [Fri, 26 Jul 2013 17:31:02 +0000 (17:31 +0000)]
Update copyright
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14387
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Wed, 19 Jun 2013 07:44:53 +0000 (07:44 +0000)]
Note a bug
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14385
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Tue, 18 Jun 2013 04:20:50 +0000 (04:20 +0000)]
Allow more liberal reuse of tokens to avoid cross-frame conflicts
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14383
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Mon, 17 Jun 2013 20:31:07 +0000 (20:31 +0000)]
When replying to original recipient, also reset the identity used to send the mail from
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14381
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Mon, 17 Jun 2013 20:27:22 +0000 (20:27 +0000)]
When using reply-all to reply to single-recipient message, make sure we still use the original recipient
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14379
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Mon, 17 Jun 2013 20:19:59 +0000 (20:19 +0000)]
Reply to original recipient functionality should be consistent, even if original recipient also happens to be one of our identities
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14376
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Mon, 17 Jun 2013 18:43:34 +0000 (18:43 +0000)]
Remove ancient code that tried to set the default identity to match the FROM header of the message being replied to. This makes no sense and is superceded by the identities match that occurs immediately below.
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14374
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Mon, 17 Jun 2013 18:39:19 +0000 (18:39 +0000)]
findAddress() can return FALSE as well as zero
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14373
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Mon, 17 Jun 2013 18:34:16 +0000 (18:34 +0000)]
Fix sloppy use of nearly identical variable names
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14369
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Mon, 17 Jun 2013 18:32:33 +0000 (18:32 +0000)]
Document the findAddress function
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14368
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Fri, 14 Jun 2013 23:04:58 +0000 (23:04 +0000)]
Improve usability of attachment checkboxes
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14365
7612ce4b-ef26-0410-bec9-
ea0150e637f0
kink [Thu, 16 May 2013 12:16:58 +0000 (12:16 +0000)]
Remove use of deprecated /e modifier in preg_replace.
This modifier starts generating Deprecated notices from PHP 5.5.
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14360
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Wed, 15 May 2013 20:33:11 +0000 (20:33 +0000)]
Fix error caused by typo of variable name
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14358
7612ce4b-ef26-0410-bec9-
ea0150e637f0
jervfors [Fri, 29 Mar 2013 12:54:24 +0000 (12:54 +0000)]
Set svn:keywords
This isn't just the files I committed in 14354.
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14356
7612ce4b-ef26-0410-bec9-
ea0150e637f0
jervfors [Fri, 29 Mar 2013 11:35:02 +0000 (11:35 +0000)]
Resetting $Id$
Subversion expands the $Id$ keyword anchor to a string, but some files
in this repository have strings instead of keyword anchors.
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14354
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Sat, 16 Mar 2013 03:44:20 +0000 (03:44 +0000)]
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14352
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Sat, 16 Mar 2013 03:42:24 +0000 (03:42 +0000)]
Add Solarized Light and Dark themes by Pavneet Arora, although themes not used/migrated in 1.5.2
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14351
7612ce4b-ef26-0410-bec9-
ea0150e637f0
kink [Tue, 15 Jan 2013 15:58:43 +0000 (15:58 +0000)]
clean up code commented out since 8 y
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14348
7612ce4b-ef26-0410-bec9-
ea0150e637f0
kink [Sun, 9 Dec 2012 12:06:30 +0000 (12:06 +0000)]
Replace calls to htmlspecialchars() with sm_encode_html_special_chars().
New function sm_encode_html_special_chars() encodes HTML special
characters by calling htmlspecialchars(). It sets the character set
to ISO-8859-1, to fix compatibility with PHP >= 5.4.
Patch by Paul Lesniewski.
See #
3491925
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14346
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Tue, 18 Sep 2012 17:43:15 +0000 (17:43 +0000)]
Use sqsession_* instead of session_*
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14344
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Sun, 9 Sep 2012 22:46:38 +0000 (22:46 +0000)]
For DSN values, allow current value to remain if no changes made
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14342
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Wed, 29 Aug 2012 17:03:09 +0000 (17:03 +0000)]
Prevent endless recursive sent subfolder names - see: thread.gmane.org/gmane.mail.squirrelmail.user/39178
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14340
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Sat, 4 Aug 2012 23:00:43 +0000 (23:00 +0000)]
Add more flexibility for plugins
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14336
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Sat, 28 Jul 2012 05:57:50 +0000 (05:57 +0000)]
Separate E_STRICT reporting from E_ALL in internal debug mode (E_STRICT is included in E_ALL only as of PHP 5.4.0)
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14335
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Sat, 28 Jul 2012 05:48:24 +0000 (05:48 +0000)]
E_ALL is a moving target
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14334
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Fri, 27 Jul 2012 23:03:15 +0000 (23:03 +0000)]
Account for servers that send extra unsolicited FETCH responses (such as when flags change due to a FETCH request). PLEASE TEST!
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14333
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Sun, 1 Jul 2012 20:06:18 +0000 (20:06 +0000)]
Add option that allows users to have replies to their own messages sent to the recipient of the previous message (#
3520988)
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14331
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Wed, 9 May 2012 02:57:02 +0000 (02:57 +0000)]
Fix occasional PHP notice
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14324
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Fri, 27 Apr 2012 07:18:17 +0000 (07:18 +0000)]
Clear checkbox selections when form is processed
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14320
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Sun, 8 Apr 2012 01:51:00 +0000 (01:51 +0000)]
Revert revision 14314; static functions are a PHP 5+ feature
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14317
7612ce4b-ef26-0410-bec9-
ea0150e637f0
kink [Sat, 7 Apr 2012 15:17:48 +0000 (15:17 +0000)]
functions are only used statically. mark as such.
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14314
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Sun, 1 Apr 2012 22:18:51 +0000 (22:18 +0000)]
Fix E_STRICT notices
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14312
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Sun, 1 Apr 2012 21:27:53 +0000 (21:27 +0000)]
Fix E_STRICT notice
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14309
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Sun, 1 Apr 2012 21:15:36 +0000 (21:15 +0000)]
Fix simple E_STRICT notice
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14308
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Sun, 1 Apr 2012 20:35:47 +0000 (20:35 +0000)]
Fix PHP notices
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14306
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Sun, 1 Apr 2012 20:09:11 +0000 (20:09 +0000)]
Revert changes in revision 14302. Revision 14302 should only have changed functions/imap_general.php
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14304
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Sun, 1 Apr 2012 19:50:49 +0000 (19:50 +0000)]
Fall back to using LIST if NAMESPACE answer is malformed or otherwise problematic. This still doesn't account for situations where the NAMESPACE or LIST answer can't be parsed correctly.
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14302
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Sun, 1 Apr 2012 17:57:20 +0000 (17:57 +0000)]
Re: rev 14289 - Proper fix is not to define a new object; code was assuming header that was already defined was placed in the message object (which it was not). Also fix indention issues
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14301
7612ce4b-ef26-0410-bec9-
ea0150e637f0
kink [Sat, 24 Mar 2012 11:05:26 +0000 (11:05 +0000)]
ChangeLog
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14293
7612ce4b-ef26-0410-bec9-
ea0150e637f0
kink [Sat, 24 Mar 2012 10:42:31 +0000 (10:42 +0000)]
I believe this code worked by chance, redefining it from string to array and
using it outside the code block it was defined in. This should repair it to
what was intended.
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14291
7612ce4b-ef26-0410-bec9-
ea0150e637f0
kink [Sat, 24 Mar 2012 10:27:57 +0000 (10:27 +0000)]
must initialise MessageHeader object to avoid
PHP Warning: Creating default object from empty value
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14289
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Tue, 28 Feb 2012 18:18:29 +0000 (18:18 +0000)]
Alignment fix
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14281
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Tue, 28 Feb 2012 18:16:48 +0000 (18:16 +0000)]
Clarify explanation slightly
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14280
7612ce4b-ef26-0410-bec9-
ea0150e637f0
jervfors [Wed, 15 Feb 2012 14:32:07 +0000 (14:32 +0000)]
Update the copyright year
The constant was neglected when updating all copyright years.
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14278
7612ce4b-ef26-0410-bec9-
ea0150e637f0
kink [Wed, 8 Feb 2012 12:11:18 +0000 (12:11 +0000)]
hex2bin is introduced in PHP 5.4
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14277
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Tue, 7 Feb 2012 23:05:36 +0000 (23:05 +0000)]
Spelling mistake
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14275
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Tue, 7 Feb 2012 22:51:58 +0000 (22:51 +0000)]
Better performance by reducing token usage to only one at a time (also added an option to revert to old behavior if desired)
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14273
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Mon, 9 Jan 2012 20:41:02 +0000 (20:41 +0000)]
Account for case when no reply-to is set in user prefs
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14265
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Mon, 2 Jan 2012 21:51:22 +0000 (21:51 +0000)]
Document some previously added configuration parameters
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14256
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Mon, 2 Jan 2012 02:09:17 +0000 (02:09 +0000)]
Updating copyrights. Happy New Year.
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14249
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Thu, 29 Dec 2011 06:56:03 +0000 (06:56 +0000)]
Sanitize integer option fields - only digits allowed
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14247
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Thu, 29 Dec 2011 01:34:06 +0000 (01:34 +0000)]
Fix what seems to have been a copy/paste bug
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14243
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Wed, 28 Dec 2011 02:59:31 +0000 (02:59 +0000)]
Unify address book searches. See ChangeLog comments. Also, fixed bug wherein file backend wasn't escaping regular expression correctly. File based backend used to search all fields at once, concatenated by spaces, which 'worked', but is misleading and nothing like the other backends.
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14242
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Wed, 21 Dec 2011 13:27:54 +0000 (13:27 +0000)]
addrsrch_fullname is already fetched by load_prefs.php
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14240
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Sun, 18 Dec 2011 01:32:51 +0000 (01:32 +0000)]
Make PHP default language for xgettext
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14234
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Thu, 15 Dec 2011 23:20:47 +0000 (23:20 +0000)]
Add plugin compatiblility info
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14232
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Thu, 15 Dec 2011 15:08:06 +0000 (15:08 +0000)]
Allow addition of extra attributes to user/pwd inputs
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14229
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Tue, 29 Nov 2011 13:13:42 +0000 (13:13 +0000)]
Verify Reply To still has its uses
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14158
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Tue, 29 Nov 2011 12:44:31 +0000 (12:44 +0000)]
Ensure that Reply-To isn't missing domain - we already do the same for the From header in functions/identity.php
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14156
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Sun, 11 Sep 2011 12:26:58 +0000 (12:26 +0000)]
Temporarily sanitize output in wrong place
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14145
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Sun, 11 Sep 2011 01:11:03 +0000 (01:11 +0000)]
Fixed broken highlighting form (missing security tokens) (#
3381117)
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14144
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Sun, 11 Sep 2011 01:08:13 +0000 (01:08 +0000)]
Fixed untranslated string
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14143
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Mon, 5 Sep 2011 07:00:18 +0000 (07:00 +0000)]
Fix hook name clash: new smtp_auth hook added recently (a few months ago) has been renamed to smtp_authenticate
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14141
7612ce4b-ef26-0410-bec9-
ea0150e637f0
kink [Tue, 26 Jul 2011 20:28:11 +0000 (20:28 +0000)]
document cve id's for posterity
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14138
7612ce4b-ef26-0410-bec9-
ea0150e637f0
kink [Wed, 13 Jul 2011 08:44:04 +0000 (08:44 +0000)]
attary may be empty at this point and the sq_fixatts call will generate PHP
Warnings. Wrap it in a conditional just like the other sq_fixatts call.
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14134
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Tue, 12 Jul 2011 04:59:12 +0000 (04:59 +0000)]
Fix XSS problem with unsanitized style tags in messages [CVE-2011-2023]
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14122
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Tue, 12 Jul 2011 04:45:49 +0000 (04:45 +0000)]
Fix XSS holes in generic options inputs, XSS hole in the SquirrelSpell plugin, and added anti-CSRF protection to the empty trash feature (thanks to Nicholas Carlini for finding all these issues) [CVE-2010-4555]
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14120
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Tue, 12 Jul 2011 03:44:23 +0000 (03:44 +0000)]
Add clickjacking protection (thanks to Asbjorn Thorsen and Geir Hansen for bringing this to our attention) [CVE-2010-4554]
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14118
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Tue, 3 May 2011 06:23:56 +0000 (06:23 +0000)]
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14108
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Tue, 3 May 2011 06:05:08 +0000 (06:05 +0000)]
Allow administrators to configure subfolders of user INBOXes to be treated as special folders by adding $subfolders_of_inbox_are_special to config_local.php
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14107
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Wed, 27 Apr 2011 09:43:25 +0000 (09:43 +0000)]
Remove quotes around personal names in message list (#
3292587)
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14106
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Sat, 2 Apr 2011 19:19:45 +0000 (19:19 +0000)]
Add smtp_auth hook (thanks to Emmanuel Dreyfus)
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14094
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Fri, 11 Mar 2011 02:22:57 +0000 (02:22 +0000)]
Undelete button shouldn't be related to whether or not a trash folder is in use - it's just a product of auto-expunge
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14092
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Fri, 4 Mar 2011 01:19:33 +0000 (01:19 +0000)]
Don't use regular expressions when you don't need to
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14090
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Thu, 6 Jan 2011 03:16:21 +0000 (03:16 +0000)]
Happy New Year!
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14085
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Mon, 27 Dec 2010 00:35:24 +0000 (00:35 +0000)]
Refine HMAC-MD5 generator; use native PHP Hash extension if available
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14083
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Tue, 21 Dec 2010 14:04:08 +0000 (14:04 +0000)]
Unify output strings (Thanks to Juergen Edner) (#
3139973).
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14082
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Fri, 17 Dec 2010 21:41:39 +0000 (21:41 +0000)]
Force the addition of a file suffix to attachments that lack a filename (helps forwarded messages avoid spam filters) (Thanks to Petr Kletecka) (#
3139004)
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14080
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Fri, 26 Nov 2010 10:02:51 +0000 (10:02 +0000)]
Unify SMTP auth mechanisms in configuration tool
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14076
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Sat, 25 Sep 2010 04:08:03 +0000 (04:08 +0000)]
Fix sqauth_read_password() for plugins running on the login_verified hook when the 'key' cookie isn't yet set
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14067
7612ce4b-ef26-0410-bec9-
ea0150e637f0
jervfors [Mon, 13 Sep 2010 10:43:27 +0000 (10:43 +0000)]
Adding strings to the template.
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14062
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Sun, 12 Sep 2010 06:02:18 +0000 (06:02 +0000)]
Now allow multiple plugins to handle (add links for) a single attachment MIME type
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14059
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Fri, 3 Sep 2010 03:09:51 +0000 (03:09 +0000)]
Fixed system lock-ups caused by a combination of certain rare, malformed message headers and buggy versions of PHP mbstring (#
3053349, 987016)
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14056
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Thu, 22 Jul 2010 01:24:53 +0000 (01:24 +0000)]
Retiring Seth per his request
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13971
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Wed, 21 Jul 2010 19:19:07 +0000 (19:19 +0000)]
Fix attachment filename decoding (#
2994865)
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13967
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Wed, 21 Jul 2010 07:24:37 +0000 (07:24 +0000)]
The use of 'user' as a column name no longer causes errors in SquirrelMail/PostgreSQL
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13965
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Wed, 21 Jul 2010 07:06:12 +0000 (07:06 +0000)]
Fix issues caused by use of PostgreSQL keyword 'user' in SquirrelMail's default preferences database schema (#
2943483)
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13963
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Wed, 21 Jul 2010 06:14:08 +0000 (06:14 +0000)]
Add information about online documentation
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13960
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Wed, 21 Jul 2010 05:46:42 +0000 (05:46 +0000)]
Retire Marc. We should probably retire some others who haven't contributed in the last few years
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13959
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Sat, 26 Jun 2010 10:15:49 +0000 (10:15 +0000)]
Aggressive sanitizing of REQUEST_URI, PHP_SELF, and QUERY_STRING corrupted page URIs by encoding ampersands in the query string, so we have to un-sanitize ampersands. Will this cause any security/XSS issues?
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13957
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Mon, 21 Jun 2010 08:16:05 +0000 (08:16 +0000)]
Now fill in default subject when forwarding as attachment (#
2936541)
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13955
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Mon, 21 Jun 2010 07:58:11 +0000 (07:58 +0000)]
Now properly quote personal part of encoded addresses when replying
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13953
7612ce4b-ef26-0410-bec9-
ea0150e637f0
pdontthink [Mon, 21 Jun 2010 07:18:55 +0000 (07:18 +0000)]
Fixed minor vulnerability in Mail Fetch plugin [CVE-2010-1637/TEHTRI-SA-2010-009]
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13950
7612ce4b-ef26-0410-bec9-
ea0150e637f0