squirrelmail.git
13 years agoTemporarily sanitize output in wrong place
pdontthink [Sun, 11 Sep 2011 12:26:58 +0000 (12:26 +0000)]
Temporarily sanitize output in wrong place

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14145 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoFixed broken highlighting form (missing security tokens) (#3381117)
pdontthink [Sun, 11 Sep 2011 01:11:03 +0000 (01:11 +0000)]
Fixed broken highlighting form (missing security tokens) (#3381117)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14144 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoFixed untranslated string
pdontthink [Sun, 11 Sep 2011 01:08:13 +0000 (01:08 +0000)]
Fixed untranslated string

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14143 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoFix hook name clash: new smtp_auth hook added recently (a few months ago) has been...
pdontthink [Mon, 5 Sep 2011 07:00:18 +0000 (07:00 +0000)]
Fix hook name clash: new smtp_auth hook added recently (a few months ago) has been renamed to smtp_authenticate

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14141 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agodocument cve id's for posterity
kink [Tue, 26 Jul 2011 20:28:11 +0000 (20:28 +0000)]
document cve id's for posterity

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14138 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoattary may be empty at this point and the sq_fixatts call will generate PHP
kink [Wed, 13 Jul 2011 08:44:04 +0000 (08:44 +0000)]
attary may be empty at this point and the sq_fixatts call will generate PHP
Warnings. Wrap it in a conditional just like the other sq_fixatts call.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14134 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoFix XSS problem with unsanitized style tags in messages [CVE-2011-2023]
pdontthink [Tue, 12 Jul 2011 04:59:12 +0000 (04:59 +0000)]
Fix XSS problem with unsanitized style tags in messages [CVE-2011-2023]

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14122 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoFix XSS holes in generic options inputs, XSS hole in the SquirrelSpell plugin, and...
pdontthink [Tue, 12 Jul 2011 04:45:49 +0000 (04:45 +0000)]
Fix XSS holes in generic options inputs, XSS hole in the SquirrelSpell plugin, and added anti-CSRF protection to the empty trash feature (thanks to Nicholas Carlini for finding all these issues) [CVE-2010-4555]

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14120 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoAdd clickjacking protection (thanks to Asbjorn Thorsen and Geir Hansen for bringing...
pdontthink [Tue, 12 Jul 2011 03:44:23 +0000 (03:44 +0000)]
Add clickjacking protection (thanks to Asbjorn Thorsen and Geir Hansen for bringing this to our attention) [CVE-2010-4554]

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14118 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agogit-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14108...
pdontthink [Tue, 3 May 2011 06:23:56 +0000 (06:23 +0000)]
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14108 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoAllow administrators to configure subfolders of user INBOXes to be treated as special...
pdontthink [Tue, 3 May 2011 06:05:08 +0000 (06:05 +0000)]
Allow administrators to configure subfolders of user INBOXes to be treated as special folders by adding $subfolders_of_inbox_are_special to config_local.php

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14107 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoRemove quotes around personal names in message list (#3292587)
pdontthink [Wed, 27 Apr 2011 09:43:25 +0000 (09:43 +0000)]
Remove quotes around personal names in message list (#3292587)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14106 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoAdd smtp_auth hook (thanks to Emmanuel Dreyfus)
pdontthink [Sat, 2 Apr 2011 19:19:45 +0000 (19:19 +0000)]
Add smtp_auth hook (thanks to Emmanuel Dreyfus)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14094 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoUndelete button shouldn't be related to whether or not a trash folder is in use ...
pdontthink [Fri, 11 Mar 2011 02:22:57 +0000 (02:22 +0000)]
Undelete button shouldn't be related to whether or not a trash folder is in use - it's just a product of auto-expunge

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14092 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoDon't use regular expressions when you don't need to
pdontthink [Fri, 4 Mar 2011 01:19:33 +0000 (01:19 +0000)]
Don't use regular expressions when you don't need to

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14090 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoHappy New Year!
pdontthink [Thu, 6 Jan 2011 03:16:21 +0000 (03:16 +0000)]
Happy New Year!

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14085 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoRefine HMAC-MD5 generator; use native PHP Hash extension if available
pdontthink [Mon, 27 Dec 2010 00:35:24 +0000 (00:35 +0000)]
Refine HMAC-MD5 generator; use native PHP Hash extension if available

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14083 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoUnify output strings (Thanks to Juergen Edner) (#3139973).
pdontthink [Tue, 21 Dec 2010 14:04:08 +0000 (14:04 +0000)]
Unify output strings (Thanks to Juergen Edner) (#3139973).

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14082 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoForce the addition of a file suffix to attachments that lack a filename (helps forwar...
pdontthink [Fri, 17 Dec 2010 21:41:39 +0000 (21:41 +0000)]
Force the addition of a file suffix to attachments that lack a filename (helps forwarded messages avoid spam filters) (Thanks to Petr Kletecka) (#3139004)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14080 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoUnify SMTP auth mechanisms in configuration tool
pdontthink [Fri, 26 Nov 2010 10:02:51 +0000 (10:02 +0000)]
Unify SMTP auth mechanisms in configuration tool

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14076 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoFix sqauth_read_password() for plugins running on the login_verified hook when the...
pdontthink [Sat, 25 Sep 2010 04:08:03 +0000 (04:08 +0000)]
Fix sqauth_read_password() for plugins running on the login_verified hook when the 'key' cookie isn't yet set

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14067 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoAdding strings to the template.
jervfors [Mon, 13 Sep 2010 10:43:27 +0000 (10:43 +0000)]
Adding strings to the template.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14062 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoNow allow multiple plugins to handle (add links for) a single attachment MIME type
pdontthink [Sun, 12 Sep 2010 06:02:18 +0000 (06:02 +0000)]
Now allow multiple plugins to handle (add links for) a single attachment MIME type

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14059 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoFixed system lock-ups caused by a combination of certain rare, malformed message...
pdontthink [Fri, 3 Sep 2010 03:09:51 +0000 (03:09 +0000)]
Fixed system lock-ups caused by a combination of certain rare, malformed message headers and buggy versions of PHP mbstring (#3053349, 987016)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14056 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoRetiring Seth per his request
pdontthink [Thu, 22 Jul 2010 01:24:53 +0000 (01:24 +0000)]
Retiring Seth per his request

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13971 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoFix attachment filename decoding (#2994865)
pdontthink [Wed, 21 Jul 2010 19:19:07 +0000 (19:19 +0000)]
Fix attachment filename decoding (#2994865)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13967 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoThe use of 'user' as a column name no longer causes errors in SquirrelMail/PostgreSQL
pdontthink [Wed, 21 Jul 2010 07:24:37 +0000 (07:24 +0000)]
The use of 'user' as a column name no longer causes errors in SquirrelMail/PostgreSQL

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13965 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoFix issues caused by use of PostgreSQL keyword 'user' in SquirrelMail's default prefe...
pdontthink [Wed, 21 Jul 2010 07:06:12 +0000 (07:06 +0000)]
Fix issues caused by use of PostgreSQL keyword 'user' in SquirrelMail's default preferences database schema (#2943483)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13963 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoAdd information about online documentation
pdontthink [Wed, 21 Jul 2010 06:14:08 +0000 (06:14 +0000)]
Add information about online documentation

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13960 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoRetire Marc. We should probably retire some others who haven't contributed in the...
pdontthink [Wed, 21 Jul 2010 05:46:42 +0000 (05:46 +0000)]
Retire Marc.  We should probably retire some others who haven't contributed in the last few years

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13959 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoAggressive sanitizing of REQUEST_URI, PHP_SELF, and QUERY_STRING corrupted page URIs...
pdontthink [Sat, 26 Jun 2010 10:15:49 +0000 (10:15 +0000)]
Aggressive sanitizing of REQUEST_URI, PHP_SELF, and QUERY_STRING corrupted page URIs by encoding ampersands in the query string, so we have to un-sanitize ampersands.  Will this cause any security/XSS issues?

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13957 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoNow fill in default subject when forwarding as attachment (#2936541)
pdontthink [Mon, 21 Jun 2010 08:16:05 +0000 (08:16 +0000)]
Now fill in default subject when forwarding as attachment (#2936541)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13955 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoNow properly quote personal part of encoded addresses when replying
pdontthink [Mon, 21 Jun 2010 07:58:11 +0000 (07:58 +0000)]
Now properly quote personal part of encoded addresses when replying

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13953 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoFixed minor vulnerability in Mail Fetch plugin [CVE-2010-1637/TEHTRI-SA-2010-009]
pdontthink [Mon, 21 Jun 2010 07:18:55 +0000 (07:18 +0000)]
Fixed minor vulnerability in Mail Fetch plugin [CVE-2010-1637/TEHTRI-SA-2010-009]

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13950 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoReduced default time security tokens stay valid from 30 days to 2 days (reduces chanc...
pdontthink [Mon, 21 Jun 2010 07:01:16 +0000 (07:01 +0000)]
Reduced default time security tokens stay valid from 30 days to 2 days (reduces chances of session data growing too large)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13949 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoSynchronize no-cache headers. This reverses revision 13940 because no-cahce headers...
pdontthink [Mon, 21 Jun 2010 00:39:12 +0000 (00:39 +0000)]
Synchronize no-cache headers.  This reverses revision 13940 because no-cahce headers were already being sent in displayHtmlHeader() for left_main.php and right_main.php (the tracker referred to in that revision only applies to SquirrelMail 1.4.x).

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13945 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years ago - Fix error with SpamCop reporting plugin not being able to send report as
jangliss [Sun, 20 Jun 2010 16:58:46 +0000 (16:58 +0000)]
  - Fix error with SpamCop reporting plugin not being able to send report as
    emails (#1795310).
  - Fix typo in SpamCop plugin.
  - Tidy some output (slightly personal to stop Eclipse complaining about errors in the code)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13942 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoExplicitly disable caching for left_main and right_main pages (#2983134)
jangliss [Sun, 20 Jun 2010 14:37:16 +0000 (14:37 +0000)]
Explicitly disable caching for left_main and right_main pages (#2983134)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13940 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoShow what user/group the web server is running as; helps with debugging certain plugi...
pdontthink [Fri, 16 Apr 2010 05:26:16 +0000 (05:26 +0000)]
Show what user/group the web server is running as; helps with debugging certain plugins for admins who aren't quite sure about these things

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13934 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoFix PHP errors. Thanks to Jacek Kalinski
pdontthink [Tue, 30 Mar 2010 03:30:24 +0000 (03:30 +0000)]
Fix PHP errors.  Thanks to Jacek Kalinski

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13931 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoAdd FIXME
pdontthink [Fri, 26 Mar 2010 18:36:33 +0000 (18:36 +0000)]
Add FIXME

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13930 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoDon't push out onsubmit handler unless necessary
pdontthink [Fri, 19 Mar 2010 08:29:44 +0000 (08:29 +0000)]
Don't push out onsubmit handler unless necessary

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13929 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agor13926 from stable:
kink [Mon, 8 Mar 2010 09:37:07 +0000 (09:37 +0000)]
r13926 from stable:
code in findDisplayEntity expects object, not array. Make findAltenativeEntity
return an object or null consistently.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13927 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoRFC 3676 says there can't be more in the signature delimiter line than this
pdontthink [Tue, 16 Feb 2010 20:13:21 +0000 (20:13 +0000)]
RFC 3676 says there can't be more in the signature delimiter line than this

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13913 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoGrammar
pdontthink [Sat, 13 Feb 2010 23:13:56 +0000 (23:13 +0000)]
Grammar

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13909 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoAdded ability to configure Google Mail (Gmail) as the mail server behind SquirrelMail
pdontthink [Sat, 13 Feb 2010 23:11:28 +0000 (23:11 +0000)]
Added ability to configure Google Mail (Gmail) as the mail server behind SquirrelMail

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13907 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoSend X-DNS-Prefetch-Control: off header to browsers to prevent information
kink [Sat, 13 Feb 2010 16:27:52 +0000 (16:27 +0000)]
Send X-DNS-Prefetch-Control: off header to browsers to prevent information
leakage when Firefox does DNS prefetching for URL's contained in emails.
https://secure.grepular.com/DNS_Prefetch_Exposure_on_Thunderbird_and_Webmail

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13903 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoMultibyte strings (notably subjects) are now handled correctly (#2824813, #2925731)
pdontthink [Thu, 4 Feb 2010 20:05:51 +0000 (20:05 +0000)]
Multibyte strings (notably subjects) are now handled correctly (#2824813, #2925731)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13901 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoEncoded From headers now properly quoted (#2830141). A better fix might be to re...
pdontthink [Sat, 30 Jan 2010 17:10:07 +0000 (17:10 +0000)]
Encoded From headers now properly quoted (#2830141). A better fix might be to re-write encodeHeader()

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13900 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agodisplayInternalLink() was removed 2.5 years ago (revision 12549), but this plugin...
pdontthink [Thu, 28 Jan 2010 16:59:27 +0000 (16:59 +0000)]
displayInternalLink() was removed 2.5 years ago (revision 12549), but this plugin was not updated.  Thanks to Christian Kujau for noticing.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13898 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoAvoid notices in some environments
pdontthink [Wed, 27 Jan 2010 23:36:52 +0000 (23:36 +0000)]
Avoid notices in some environments

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13897 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoREQUEST_URI is used in php_self(), so make sure it's sanitized too
pdontthink [Wed, 27 Jan 2010 23:05:18 +0000 (23:05 +0000)]
REQUEST_URI is used in php_self(), so make sure it's sanitized too

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13895 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoUpdate copyrights to 2010
pdontthink [Mon, 25 Jan 2010 03:23:30 +0000 (03:23 +0000)]
Update copyrights to 2010

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13894 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoSlight rewrite of php_self()
pdontthink [Sun, 24 Jan 2010 23:26:33 +0000 (23:26 +0000)]
Slight rewrite of php_self()

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13891 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoMake base URL autodetection more robust (probably #1741469). Sorry, this should have...
pdontthink [Thu, 21 Jan 2010 14:55:19 +0000 (14:55 +0000)]
Make base URL autodetection more robust (probably #1741469). Sorry, this should have been included in the last commit.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13889 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoMake php_self() more robust. Seems to fix certain lighttpd issues, such as probably...
pdontthink [Thu, 21 Jan 2010 14:40:52 +0000 (14:40 +0000)]
Make php_self() more robust.  Seems to fix certain lighttpd issues, such as probably #1741469

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13886 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoFix for mailto: URLs containing a + sign. Thanks to Michael Puls II for the patch.
jangliss [Tue, 19 Jan 2010 03:17:14 +0000 (03:17 +0000)]
Fix for mailto: URLs containing a + sign.  Thanks to Michael Puls II for the patch.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13885 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoQuote dynamic regex contents to be safe. Thanks to Daniel Hahler.
pdontthink [Tue, 5 Jan 2010 08:58:04 +0000 (08:58 +0000)]
Quote dynamic regex contents to be safe.  Thanks to Daniel Hahler.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13882 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoFix for security token missing in newmail plugin (#2919418).
jangliss [Tue, 22 Dec 2009 17:15:34 +0000 (17:15 +0000)]
Fix for security token missing in newmail plugin (#2919418).

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13880 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoAdd security tokens to change password plugin
pdontthink [Fri, 18 Dec 2009 06:46:16 +0000 (06:46 +0000)]
Add security tokens to change password plugin

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13878 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoneed to move strtolower inside if-block to prevent notice when attached
kink [Fri, 27 Nov 2009 09:25:08 +0000 (09:25 +0000)]
need to move strtolower inside if-block to prevent notice when attached
file has no extention

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13876 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoFix issue with multi-part related messages not showing all attachments (#2830140).
jangliss [Sun, 22 Nov 2009 16:19:52 +0000 (16:19 +0000)]
Fix issue with multi-part related messages not showing all attachments (#2830140).

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13874 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoSynch message list table width with css/default.css since the lack of a width here...
pdontthink [Thu, 19 Nov 2009 20:09:06 +0000 (20:09 +0000)]
Synch message list table width with css/default.css since the lack of a width here seems to break some layouts/browsers/configurations

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13872 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoNULL not accepted as a replacement for empty arrays as of PHP 5.3
pdontthink [Sun, 1 Nov 2009 08:02:25 +0000 (08:02 +0000)]
NULL not accepted as a replacement for empty arrays as of PHP 5.3

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13870 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoTurning som FIXMEs into one-liners.
jervfors [Wed, 28 Oct 2009 12:01:57 +0000 (12:01 +0000)]
Turning som FIXMEs into one-liners.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13867 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoAvoid prefixing global $check_referrer value with protocol prefix - use local variabl...
pdontthink [Mon, 12 Oct 2009 22:11:35 +0000 (22:11 +0000)]
Avoid prefixing global $check_referrer value with protocol prefix - use local variable instead

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13865 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoFixed broken SpamCop email submission: needed updated send button name and security...
pdontthink [Sun, 4 Oct 2009 23:01:35 +0000 (23:01 +0000)]
Fixed broken SpamCop email submission: needed updated send button name and security token

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13862 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoFix wrong doc
pdontthink [Sun, 4 Oct 2009 22:58:41 +0000 (22:58 +0000)]
Fix wrong doc

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13861 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoIf we add a token to lang_setup (#13855), need to check it in lang_change
pdontthink [Sun, 4 Oct 2009 21:00:28 +0000 (21:00 +0000)]
If we add a token to lang_setup (#13855), need to check it in lang_change

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13858 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoAdditional smtoken changes.
jangliss [Sun, 4 Oct 2009 15:42:49 +0000 (15:42 +0000)]
Additional smtoken changes.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13855 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoAdding and improving comments.
jervfors [Tue, 29 Sep 2009 12:37:05 +0000 (12:37 +0000)]
Adding and improving comments.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13851 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoThe copyright symbol isn't really needed since the word "copyright" is there. Also...
jervfors [Tue, 29 Sep 2009 12:15:33 +0000 (12:15 +0000)]
The copyright symbol isn't really needed since the word "copyright" is there. Also it doesn't display right in the documentation.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13850 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoClarifying a TODO.
jervfors [Tue, 29 Sep 2009 09:36:26 +0000 (09:36 +0000)]
Clarifying a TODO.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13849 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoFix broken'Thread' and the no-javascript 'All' links (add security tokens)
pdontthink [Sat, 19 Sep 2009 20:22:15 +0000 (20:22 +0000)]
Fix broken'Thread' and the no-javascript 'All' links (add security tokens)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13848 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoFix broken search pagination (add security tokens)
pdontthink [Sat, 19 Sep 2009 20:11:13 +0000 (20:11 +0000)]
Fix broken search pagination (add security tokens)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13847 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoFix for deleting message from search expiring cache.
pdontthink [Sat, 19 Sep 2009 19:36:25 +0000 (19:36 +0000)]
Fix for deleting message from search expiring cache.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13846 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoUngreedy modifier does nothing here; remove to avoid unecessary confusion
pdontthink [Tue, 15 Sep 2009 20:48:33 +0000 (20:48 +0000)]
Ungreedy modifier does nothing here; remove to avoid unecessary confusion

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13844 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoFix PHP notice - $use_js was removed from the core in revision 13713
pdontthink [Sat, 12 Sep 2009 20:49:22 +0000 (20:49 +0000)]
Fix PHP notice - $use_js was removed from the core in revision 13713

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13843 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoAttachments were being lost when going to address book page due to lack of proper...
pdontthink [Sat, 12 Sep 2009 20:25:52 +0000 (20:25 +0000)]
Attachments were being lost when going to address book page due to lack of proper encoding [#2851493]

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13842 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoAllow plugins to submit security token via GET request
pdontthink [Sat, 12 Sep 2009 19:12:26 +0000 (19:12 +0000)]
Allow plugins to submit security token via GET request

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13841 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoFixed more links that needed security tokens
pdontthink [Wed, 2 Sep 2009 06:00:28 +0000 (06:00 +0000)]
Fixed more links that needed security tokens

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13836 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoDelete requests can come via GET or POST
pdontthink [Mon, 17 Aug 2009 23:47:07 +0000 (23:47 +0000)]
Delete requests can come via GET or POST

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13829 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoProtect message deletion with security token system. (Secunia Advisory SA34627)
pdontthink [Mon, 17 Aug 2009 23:18:47 +0000 (23:18 +0000)]
Protect message deletion with security token system. (Secunia Advisory SA34627)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13826 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoCorrect documentation
pdontthink [Wed, 12 Aug 2009 08:36:13 +0000 (08:36 +0000)]
Correct documentation

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13821 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoAdd controls for page referal verification and security token system to the configura...
pdontthink [Wed, 12 Aug 2009 08:30:59 +0000 (08:30 +0000)]
Add controls for page referal verification and security token system to the configuration tool

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13819 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoImplemented security token system. (Secunia Advisory SA34627)
pdontthink [Wed, 12 Aug 2009 08:28:38 +0000 (08:28 +0000)]
Implemented security token system. (Secunia Advisory SA34627)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13817 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoImplemented page referal verification mechanism. (Secunia Advisory SA34627)
pdontthink [Wed, 12 Aug 2009 08:20:46 +0000 (08:20 +0000)]
Implemented page referal verification mechanism. (Secunia Advisory SA34627)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13816 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoFix incorrect stristr() parameter order
pdontthink [Mon, 10 Aug 2009 23:18:20 +0000 (23:18 +0000)]
Fix incorrect stristr() parameter order

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13813 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoDon't encode stuff that's used in hyperlink addresses
pdontthink [Sat, 8 Aug 2009 20:15:19 +0000 (20:15 +0000)]
Don't encode stuff that's used in hyperlink addresses

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13812 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoAllow forward slashes in Windows-style full paths
pdontthink [Sat, 8 Aug 2009 19:23:59 +0000 (19:23 +0000)]
Allow forward slashes in Windows-style full paths

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13811 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoFix broken regular expression
pdontthink [Sat, 1 Aug 2009 19:17:55 +0000 (19:17 +0000)]
Fix broken regular expression

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13809 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoFix broken regular expression
pdontthink [Sat, 1 Aug 2009 19:15:13 +0000 (19:15 +0000)]
Fix broken regular expression

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13808 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoRemove personal data from Message ID seed. (#880029/847107)
pdontthink [Fri, 31 Jul 2009 05:23:04 +0000 (05:23 +0000)]
Remove personal data from Message ID seed. (#880029/847107)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13805 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoThis time really make abook files get created with correct permissions
pdontthink [Wed, 29 Jul 2009 03:35:07 +0000 (03:35 +0000)]
This time really make abook files get created with correct permissions

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13803 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoStop using deprecated ereg() functions (#2820952)
pdontthink [Wed, 29 Jul 2009 01:55:21 +0000 (01:55 +0000)]
Stop using deprecated ereg() functions (#2820952)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13799 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoRemove possible bad system admin typos (#2827153).
pdontthink [Tue, 28 Jul 2009 23:24:11 +0000 (23:24 +0000)]
Remove possible bad system admin typos (#2827153).

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13794 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoPHP 5.3 deprecated ereg() function (#2820952)
pdontthink [Tue, 28 Jul 2009 23:13:45 +0000 (23:13 +0000)]
PHP 5.3 deprecated ereg() function (#2820952)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13793 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoPort Thijs fix (rev.13790) to DEVEL: no words must be an empty array, not a string...
pdontthink [Tue, 28 Jul 2009 22:50:12 +0000 (22:50 +0000)]
Port Thijs fix (rev.13790) to DEVEL: no words must be an empty array, not a string, to prevent notices when later array operations are done on $words.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13792 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoFixed broken RFC1918 reference in contrib/.htaccess and doc/.htaccess (#2798839).
jangliss [Tue, 2 Jun 2009 02:10:56 +0000 (02:10 +0000)]
Fixed broken RFC1918 reference in contrib/.htaccess and doc/.htaccess (#2798839).

This probably needs further discussion

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13778 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoPorting comments and strings between 1.4 and 1.5.
jervfors [Fri, 29 May 2009 10:55:17 +0000 (10:55 +0000)]
Porting comments and strings between 1.4 and 1.5.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13772 7612ce4b-ef26-0410-bec9-ea0150e637f0