squirrelmail.git
12 years agoSanitize integer option fields - only digits allowed
pdontthink [Thu, 29 Dec 2011 06:56:03 +0000 (06:56 +0000)]
Sanitize integer option fields - only digits allowed

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14247 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoFix what seems to have been a copy/paste bug
pdontthink [Thu, 29 Dec 2011 01:34:06 +0000 (01:34 +0000)]
Fix what seems to have been a copy/paste bug

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14243 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoUnify address book searches. See ChangeLog comments. Also, fixed bug wherein file...
pdontthink [Wed, 28 Dec 2011 02:59:31 +0000 (02:59 +0000)]
Unify address book searches.  See ChangeLog comments.  Also, fixed bug wherein file backend wasn't escaping regular expression correctly.  File based backend used to search all fields at once, concatenated by spaces, which 'worked', but is misleading and nothing like the other backends.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14242 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoaddrsrch_fullname is already fetched by load_prefs.php
pdontthink [Wed, 21 Dec 2011 13:27:54 +0000 (13:27 +0000)]
addrsrch_fullname is already fetched by load_prefs.php

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14240 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoMake PHP default language for xgettext
pdontthink [Sun, 18 Dec 2011 01:32:51 +0000 (01:32 +0000)]
Make PHP default language for xgettext

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14234 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoAdd plugin compatiblility info
pdontthink [Thu, 15 Dec 2011 23:20:47 +0000 (23:20 +0000)]
Add plugin compatiblility info

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14232 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoAllow addition of extra attributes to user/pwd inputs
pdontthink [Thu, 15 Dec 2011 15:08:06 +0000 (15:08 +0000)]
Allow addition of extra attributes to user/pwd inputs

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14229 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoVerify Reply To still has its uses
pdontthink [Tue, 29 Nov 2011 13:13:42 +0000 (13:13 +0000)]
Verify Reply To still has its uses

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14158 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoEnsure that Reply-To isn't missing domain - we already do the same for the From heade...
pdontthink [Tue, 29 Nov 2011 12:44:31 +0000 (12:44 +0000)]
Ensure that Reply-To isn't missing domain - we already do the same for the From header in functions/identity.php

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14156 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoTemporarily sanitize output in wrong place
pdontthink [Sun, 11 Sep 2011 12:26:58 +0000 (12:26 +0000)]
Temporarily sanitize output in wrong place

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14145 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoFixed broken highlighting form (missing security tokens) (#3381117)
pdontthink [Sun, 11 Sep 2011 01:11:03 +0000 (01:11 +0000)]
Fixed broken highlighting form (missing security tokens) (#3381117)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14144 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoFixed untranslated string
pdontthink [Sun, 11 Sep 2011 01:08:13 +0000 (01:08 +0000)]
Fixed untranslated string

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14143 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoFix hook name clash: new smtp_auth hook added recently (a few months ago) has been...
pdontthink [Mon, 5 Sep 2011 07:00:18 +0000 (07:00 +0000)]
Fix hook name clash: new smtp_auth hook added recently (a few months ago) has been renamed to smtp_authenticate

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14141 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agodocument cve id's for posterity
kink [Tue, 26 Jul 2011 20:28:11 +0000 (20:28 +0000)]
document cve id's for posterity

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14138 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoattary may be empty at this point and the sq_fixatts call will generate PHP
kink [Wed, 13 Jul 2011 08:44:04 +0000 (08:44 +0000)]
attary may be empty at this point and the sq_fixatts call will generate PHP
Warnings. Wrap it in a conditional just like the other sq_fixatts call.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14134 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoFix XSS problem with unsanitized style tags in messages [CVE-2011-2023]
pdontthink [Tue, 12 Jul 2011 04:59:12 +0000 (04:59 +0000)]
Fix XSS problem with unsanitized style tags in messages [CVE-2011-2023]

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14122 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoFix XSS holes in generic options inputs, XSS hole in the SquirrelSpell plugin, and...
pdontthink [Tue, 12 Jul 2011 04:45:49 +0000 (04:45 +0000)]
Fix XSS holes in generic options inputs, XSS hole in the SquirrelSpell plugin, and added anti-CSRF protection to the empty trash feature (thanks to Nicholas Carlini for finding all these issues) [CVE-2010-4555]

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14120 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoAdd clickjacking protection (thanks to Asbjorn Thorsen and Geir Hansen for bringing...
pdontthink [Tue, 12 Jul 2011 03:44:23 +0000 (03:44 +0000)]
Add clickjacking protection (thanks to Asbjorn Thorsen and Geir Hansen for bringing this to our attention) [CVE-2010-4554]

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14118 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agogit-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14108...
pdontthink [Tue, 3 May 2011 06:23:56 +0000 (06:23 +0000)]
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14108 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoAllow administrators to configure subfolders of user INBOXes to be treated as special...
pdontthink [Tue, 3 May 2011 06:05:08 +0000 (06:05 +0000)]
Allow administrators to configure subfolders of user INBOXes to be treated as special folders by adding $subfolders_of_inbox_are_special to config_local.php

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14107 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoRemove quotes around personal names in message list (#3292587)
pdontthink [Wed, 27 Apr 2011 09:43:25 +0000 (09:43 +0000)]
Remove quotes around personal names in message list (#3292587)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14106 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoAdd smtp_auth hook (thanks to Emmanuel Dreyfus)
pdontthink [Sat, 2 Apr 2011 19:19:45 +0000 (19:19 +0000)]
Add smtp_auth hook (thanks to Emmanuel Dreyfus)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14094 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoUndelete button shouldn't be related to whether or not a trash folder is in use ...
pdontthink [Fri, 11 Mar 2011 02:22:57 +0000 (02:22 +0000)]
Undelete button shouldn't be related to whether or not a trash folder is in use - it's just a product of auto-expunge

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14092 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoDon't use regular expressions when you don't need to
pdontthink [Fri, 4 Mar 2011 01:19:33 +0000 (01:19 +0000)]
Don't use regular expressions when you don't need to

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14090 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoHappy New Year!
pdontthink [Thu, 6 Jan 2011 03:16:21 +0000 (03:16 +0000)]
Happy New Year!

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14085 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoRefine HMAC-MD5 generator; use native PHP Hash extension if available
pdontthink [Mon, 27 Dec 2010 00:35:24 +0000 (00:35 +0000)]
Refine HMAC-MD5 generator; use native PHP Hash extension if available

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14083 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoUnify output strings (Thanks to Juergen Edner) (#3139973).
pdontthink [Tue, 21 Dec 2010 14:04:08 +0000 (14:04 +0000)]
Unify output strings (Thanks to Juergen Edner) (#3139973).

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14082 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoForce the addition of a file suffix to attachments that lack a filename (helps forwar...
pdontthink [Fri, 17 Dec 2010 21:41:39 +0000 (21:41 +0000)]
Force the addition of a file suffix to attachments that lack a filename (helps forwarded messages avoid spam filters) (Thanks to Petr Kletecka) (#3139004)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14080 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoUnify SMTP auth mechanisms in configuration tool
pdontthink [Fri, 26 Nov 2010 10:02:51 +0000 (10:02 +0000)]
Unify SMTP auth mechanisms in configuration tool

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14076 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoFix sqauth_read_password() for plugins running on the login_verified hook when the...
pdontthink [Sat, 25 Sep 2010 04:08:03 +0000 (04:08 +0000)]
Fix sqauth_read_password() for plugins running on the login_verified hook when the 'key' cookie isn't yet set

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14067 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoAdding strings to the template.
jervfors [Mon, 13 Sep 2010 10:43:27 +0000 (10:43 +0000)]
Adding strings to the template.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14062 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoNow allow multiple plugins to handle (add links for) a single attachment MIME type
pdontthink [Sun, 12 Sep 2010 06:02:18 +0000 (06:02 +0000)]
Now allow multiple plugins to handle (add links for) a single attachment MIME type

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14059 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoFixed system lock-ups caused by a combination of certain rare, malformed message...
pdontthink [Fri, 3 Sep 2010 03:09:51 +0000 (03:09 +0000)]
Fixed system lock-ups caused by a combination of certain rare, malformed message headers and buggy versions of PHP mbstring (#3053349, 987016)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14056 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoRetiring Seth per his request
pdontthink [Thu, 22 Jul 2010 01:24:53 +0000 (01:24 +0000)]
Retiring Seth per his request

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13971 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoFix attachment filename decoding (#2994865)
pdontthink [Wed, 21 Jul 2010 19:19:07 +0000 (19:19 +0000)]
Fix attachment filename decoding (#2994865)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13967 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoThe use of 'user' as a column name no longer causes errors in SquirrelMail/PostgreSQL
pdontthink [Wed, 21 Jul 2010 07:24:37 +0000 (07:24 +0000)]
The use of 'user' as a column name no longer causes errors in SquirrelMail/PostgreSQL

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13965 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoFix issues caused by use of PostgreSQL keyword 'user' in SquirrelMail's default prefe...
pdontthink [Wed, 21 Jul 2010 07:06:12 +0000 (07:06 +0000)]
Fix issues caused by use of PostgreSQL keyword 'user' in SquirrelMail's default preferences database schema (#2943483)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13963 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoAdd information about online documentation
pdontthink [Wed, 21 Jul 2010 06:14:08 +0000 (06:14 +0000)]
Add information about online documentation

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13960 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoRetire Marc. We should probably retire some others who haven't contributed in the...
pdontthink [Wed, 21 Jul 2010 05:46:42 +0000 (05:46 +0000)]
Retire Marc.  We should probably retire some others who haven't contributed in the last few years

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13959 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoAggressive sanitizing of REQUEST_URI, PHP_SELF, and QUERY_STRING corrupted page URIs...
pdontthink [Sat, 26 Jun 2010 10:15:49 +0000 (10:15 +0000)]
Aggressive sanitizing of REQUEST_URI, PHP_SELF, and QUERY_STRING corrupted page URIs by encoding ampersands in the query string, so we have to un-sanitize ampersands.  Will this cause any security/XSS issues?

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13957 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoNow fill in default subject when forwarding as attachment (#2936541)
pdontthink [Mon, 21 Jun 2010 08:16:05 +0000 (08:16 +0000)]
Now fill in default subject when forwarding as attachment (#2936541)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13955 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoNow properly quote personal part of encoded addresses when replying
pdontthink [Mon, 21 Jun 2010 07:58:11 +0000 (07:58 +0000)]
Now properly quote personal part of encoded addresses when replying

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13953 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoFixed minor vulnerability in Mail Fetch plugin [CVE-2010-1637/TEHTRI-SA-2010-009]
pdontthink [Mon, 21 Jun 2010 07:18:55 +0000 (07:18 +0000)]
Fixed minor vulnerability in Mail Fetch plugin [CVE-2010-1637/TEHTRI-SA-2010-009]

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13950 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoReduced default time security tokens stay valid from 30 days to 2 days (reduces chanc...
pdontthink [Mon, 21 Jun 2010 07:01:16 +0000 (07:01 +0000)]
Reduced default time security tokens stay valid from 30 days to 2 days (reduces chances of session data growing too large)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13949 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoSynchronize no-cache headers. This reverses revision 13940 because no-cahce headers...
pdontthink [Mon, 21 Jun 2010 00:39:12 +0000 (00:39 +0000)]
Synchronize no-cache headers.  This reverses revision 13940 because no-cahce headers were already being sent in displayHtmlHeader() for left_main.php and right_main.php (the tracker referred to in that revision only applies to SquirrelMail 1.4.x).

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13945 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years ago - Fix error with SpamCop reporting plugin not being able to send report as
jangliss [Sun, 20 Jun 2010 16:58:46 +0000 (16:58 +0000)]
  - Fix error with SpamCop reporting plugin not being able to send report as
    emails (#1795310).
  - Fix typo in SpamCop plugin.
  - Tidy some output (slightly personal to stop Eclipse complaining about errors in the code)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13942 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoExplicitly disable caching for left_main and right_main pages (#2983134)
jangliss [Sun, 20 Jun 2010 14:37:16 +0000 (14:37 +0000)]
Explicitly disable caching for left_main and right_main pages (#2983134)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13940 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoShow what user/group the web server is running as; helps with debugging certain plugi...
pdontthink [Fri, 16 Apr 2010 05:26:16 +0000 (05:26 +0000)]
Show what user/group the web server is running as; helps with debugging certain plugins for admins who aren't quite sure about these things

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13934 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoFix PHP errors. Thanks to Jacek Kalinski
pdontthink [Tue, 30 Mar 2010 03:30:24 +0000 (03:30 +0000)]
Fix PHP errors.  Thanks to Jacek Kalinski

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13931 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoAdd FIXME
pdontthink [Fri, 26 Mar 2010 18:36:33 +0000 (18:36 +0000)]
Add FIXME

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13930 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoDon't push out onsubmit handler unless necessary
pdontthink [Fri, 19 Mar 2010 08:29:44 +0000 (08:29 +0000)]
Don't push out onsubmit handler unless necessary

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13929 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agor13926 from stable:
kink [Mon, 8 Mar 2010 09:37:07 +0000 (09:37 +0000)]
r13926 from stable:
code in findDisplayEntity expects object, not array. Make findAltenativeEntity
return an object or null consistently.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13927 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoRFC 3676 says there can't be more in the signature delimiter line than this
pdontthink [Tue, 16 Feb 2010 20:13:21 +0000 (20:13 +0000)]
RFC 3676 says there can't be more in the signature delimiter line than this

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13913 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoGrammar
pdontthink [Sat, 13 Feb 2010 23:13:56 +0000 (23:13 +0000)]
Grammar

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13909 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoAdded ability to configure Google Mail (Gmail) as the mail server behind SquirrelMail
pdontthink [Sat, 13 Feb 2010 23:11:28 +0000 (23:11 +0000)]
Added ability to configure Google Mail (Gmail) as the mail server behind SquirrelMail

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13907 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoSend X-DNS-Prefetch-Control: off header to browsers to prevent information
kink [Sat, 13 Feb 2010 16:27:52 +0000 (16:27 +0000)]
Send X-DNS-Prefetch-Control: off header to browsers to prevent information
leakage when Firefox does DNS prefetching for URL's contained in emails.
https://secure.grepular.com/DNS_Prefetch_Exposure_on_Thunderbird_and_Webmail

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13903 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoMultibyte strings (notably subjects) are now handled correctly (#2824813, #2925731)
pdontthink [Thu, 4 Feb 2010 20:05:51 +0000 (20:05 +0000)]
Multibyte strings (notably subjects) are now handled correctly (#2824813, #2925731)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13901 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoEncoded From headers now properly quoted (#2830141). A better fix might be to re...
pdontthink [Sat, 30 Jan 2010 17:10:07 +0000 (17:10 +0000)]
Encoded From headers now properly quoted (#2830141). A better fix might be to re-write encodeHeader()

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13900 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agodisplayInternalLink() was removed 2.5 years ago (revision 12549), but this plugin...
pdontthink [Thu, 28 Jan 2010 16:59:27 +0000 (16:59 +0000)]
displayInternalLink() was removed 2.5 years ago (revision 12549), but this plugin was not updated.  Thanks to Christian Kujau for noticing.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13898 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoAvoid notices in some environments
pdontthink [Wed, 27 Jan 2010 23:36:52 +0000 (23:36 +0000)]
Avoid notices in some environments

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13897 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoREQUEST_URI is used in php_self(), so make sure it's sanitized too
pdontthink [Wed, 27 Jan 2010 23:05:18 +0000 (23:05 +0000)]
REQUEST_URI is used in php_self(), so make sure it's sanitized too

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13895 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoUpdate copyrights to 2010
pdontthink [Mon, 25 Jan 2010 03:23:30 +0000 (03:23 +0000)]
Update copyrights to 2010

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13894 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoSlight rewrite of php_self()
pdontthink [Sun, 24 Jan 2010 23:26:33 +0000 (23:26 +0000)]
Slight rewrite of php_self()

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13891 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoMake base URL autodetection more robust (probably #1741469). Sorry, this should have...
pdontthink [Thu, 21 Jan 2010 14:55:19 +0000 (14:55 +0000)]
Make base URL autodetection more robust (probably #1741469). Sorry, this should have been included in the last commit.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13889 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoMake php_self() more robust. Seems to fix certain lighttpd issues, such as probably...
pdontthink [Thu, 21 Jan 2010 14:40:52 +0000 (14:40 +0000)]
Make php_self() more robust.  Seems to fix certain lighttpd issues, such as probably #1741469

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13886 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoFix for mailto: URLs containing a + sign. Thanks to Michael Puls II for the patch.
jangliss [Tue, 19 Jan 2010 03:17:14 +0000 (03:17 +0000)]
Fix for mailto: URLs containing a + sign.  Thanks to Michael Puls II for the patch.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13885 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoQuote dynamic regex contents to be safe. Thanks to Daniel Hahler.
pdontthink [Tue, 5 Jan 2010 08:58:04 +0000 (08:58 +0000)]
Quote dynamic regex contents to be safe.  Thanks to Daniel Hahler.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13882 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoFix for security token missing in newmail plugin (#2919418).
jangliss [Tue, 22 Dec 2009 17:15:34 +0000 (17:15 +0000)]
Fix for security token missing in newmail plugin (#2919418).

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13880 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoAdd security tokens to change password plugin
pdontthink [Fri, 18 Dec 2009 06:46:16 +0000 (06:46 +0000)]
Add security tokens to change password plugin

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13878 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoneed to move strtolower inside if-block to prevent notice when attached
kink [Fri, 27 Nov 2009 09:25:08 +0000 (09:25 +0000)]
need to move strtolower inside if-block to prevent notice when attached
file has no extention

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13876 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoFix issue with multi-part related messages not showing all attachments (#2830140).
jangliss [Sun, 22 Nov 2009 16:19:52 +0000 (16:19 +0000)]
Fix issue with multi-part related messages not showing all attachments (#2830140).

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13874 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoSynch message list table width with css/default.css since the lack of a width here...
pdontthink [Thu, 19 Nov 2009 20:09:06 +0000 (20:09 +0000)]
Synch message list table width with css/default.css since the lack of a width here seems to break some layouts/browsers/configurations

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13872 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoNULL not accepted as a replacement for empty arrays as of PHP 5.3
pdontthink [Sun, 1 Nov 2009 08:02:25 +0000 (08:02 +0000)]
NULL not accepted as a replacement for empty arrays as of PHP 5.3

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13870 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoTurning som FIXMEs into one-liners.
jervfors [Wed, 28 Oct 2009 12:01:57 +0000 (12:01 +0000)]
Turning som FIXMEs into one-liners.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13867 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoAvoid prefixing global $check_referrer value with protocol prefix - use local variabl...
pdontthink [Mon, 12 Oct 2009 22:11:35 +0000 (22:11 +0000)]
Avoid prefixing global $check_referrer value with protocol prefix - use local variable instead

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13865 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoFixed broken SpamCop email submission: needed updated send button name and security...
pdontthink [Sun, 4 Oct 2009 23:01:35 +0000 (23:01 +0000)]
Fixed broken SpamCop email submission: needed updated send button name and security token

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13862 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoFix wrong doc
pdontthink [Sun, 4 Oct 2009 22:58:41 +0000 (22:58 +0000)]
Fix wrong doc

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13861 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoIf we add a token to lang_setup (#13855), need to check it in lang_change
pdontthink [Sun, 4 Oct 2009 21:00:28 +0000 (21:00 +0000)]
If we add a token to lang_setup (#13855), need to check it in lang_change

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13858 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoAdditional smtoken changes.
jangliss [Sun, 4 Oct 2009 15:42:49 +0000 (15:42 +0000)]
Additional smtoken changes.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13855 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoAdding and improving comments.
jervfors [Tue, 29 Sep 2009 12:37:05 +0000 (12:37 +0000)]
Adding and improving comments.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13851 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoThe copyright symbol isn't really needed since the word "copyright" is there. Also...
jervfors [Tue, 29 Sep 2009 12:15:33 +0000 (12:15 +0000)]
The copyright symbol isn't really needed since the word "copyright" is there. Also it doesn't display right in the documentation.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13850 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoClarifying a TODO.
jervfors [Tue, 29 Sep 2009 09:36:26 +0000 (09:36 +0000)]
Clarifying a TODO.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13849 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoFix broken'Thread' and the no-javascript 'All' links (add security tokens)
pdontthink [Sat, 19 Sep 2009 20:22:15 +0000 (20:22 +0000)]
Fix broken'Thread' and the no-javascript 'All' links (add security tokens)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13848 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoFix broken search pagination (add security tokens)
pdontthink [Sat, 19 Sep 2009 20:11:13 +0000 (20:11 +0000)]
Fix broken search pagination (add security tokens)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13847 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoFix for deleting message from search expiring cache.
pdontthink [Sat, 19 Sep 2009 19:36:25 +0000 (19:36 +0000)]
Fix for deleting message from search expiring cache.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13846 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoUngreedy modifier does nothing here; remove to avoid unecessary confusion
pdontthink [Tue, 15 Sep 2009 20:48:33 +0000 (20:48 +0000)]
Ungreedy modifier does nothing here; remove to avoid unecessary confusion

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13844 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoFix PHP notice - $use_js was removed from the core in revision 13713
pdontthink [Sat, 12 Sep 2009 20:49:22 +0000 (20:49 +0000)]
Fix PHP notice - $use_js was removed from the core in revision 13713

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13843 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoAttachments were being lost when going to address book page due to lack of proper...
pdontthink [Sat, 12 Sep 2009 20:25:52 +0000 (20:25 +0000)]
Attachments were being lost when going to address book page due to lack of proper encoding [#2851493]

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13842 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoAllow plugins to submit security token via GET request
pdontthink [Sat, 12 Sep 2009 19:12:26 +0000 (19:12 +0000)]
Allow plugins to submit security token via GET request

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13841 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoFixed more links that needed security tokens
pdontthink [Wed, 2 Sep 2009 06:00:28 +0000 (06:00 +0000)]
Fixed more links that needed security tokens

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13836 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoDelete requests can come via GET or POST
pdontthink [Mon, 17 Aug 2009 23:47:07 +0000 (23:47 +0000)]
Delete requests can come via GET or POST

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13829 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoProtect message deletion with security token system. (Secunia Advisory SA34627)
pdontthink [Mon, 17 Aug 2009 23:18:47 +0000 (23:18 +0000)]
Protect message deletion with security token system. (Secunia Advisory SA34627)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13826 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoCorrect documentation
pdontthink [Wed, 12 Aug 2009 08:36:13 +0000 (08:36 +0000)]
Correct documentation

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13821 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoAdd controls for page referal verification and security token system to the configura...
pdontthink [Wed, 12 Aug 2009 08:30:59 +0000 (08:30 +0000)]
Add controls for page referal verification and security token system to the configuration tool

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13819 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoImplemented security token system. (Secunia Advisory SA34627)
pdontthink [Wed, 12 Aug 2009 08:28:38 +0000 (08:28 +0000)]
Implemented security token system. (Secunia Advisory SA34627)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13817 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoImplemented page referal verification mechanism. (Secunia Advisory SA34627)
pdontthink [Wed, 12 Aug 2009 08:20:46 +0000 (08:20 +0000)]
Implemented page referal verification mechanism. (Secunia Advisory SA34627)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13816 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoFix incorrect stristr() parameter order
pdontthink [Mon, 10 Aug 2009 23:18:20 +0000 (23:18 +0000)]
Fix incorrect stristr() parameter order

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13813 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoDon't encode stuff that's used in hyperlink addresses
pdontthink [Sat, 8 Aug 2009 20:15:19 +0000 (20:15 +0000)]
Don't encode stuff that's used in hyperlink addresses

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13812 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoAllow forward slashes in Windows-style full paths
pdontthink [Sat, 8 Aug 2009 19:23:59 +0000 (19:23 +0000)]
Allow forward slashes in Windows-style full paths

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13811 7612ce4b-ef26-0410-bec9-ea0150e637f0

15 years agoFix broken regular expression
pdontthink [Sat, 1 Aug 2009 19:17:55 +0000 (19:17 +0000)]
Fix broken regular expression

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13809 7612ce4b-ef26-0410-bec9-ea0150e637f0