squirrelmail.git
11 years agoWhen replying to original recipient, also reset the identity used to send the mail...
pdontthink [Mon, 17 Jun 2013 20:31:07 +0000 (20:31 +0000)]
When replying to original recipient, also reset the identity used to send the mail from

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14381 7612ce4b-ef26-0410-bec9-ea0150e637f0

11 years agoWhen using reply-all to reply to single-recipient message, make sure we still use...
pdontthink [Mon, 17 Jun 2013 20:27:22 +0000 (20:27 +0000)]
When using reply-all to reply to single-recipient message, make sure we still use the original recipient

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14379 7612ce4b-ef26-0410-bec9-ea0150e637f0

11 years agoReply to original recipient functionality should be consistent, even if original...
pdontthink [Mon, 17 Jun 2013 20:19:59 +0000 (20:19 +0000)]
Reply to original recipient functionality should be consistent, even if original recipient also happens to be one of our identities

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14376 7612ce4b-ef26-0410-bec9-ea0150e637f0

11 years agoRemove ancient code that tried to set the default identity to match the FROM header...
pdontthink [Mon, 17 Jun 2013 18:43:34 +0000 (18:43 +0000)]
Remove ancient code that tried to set the default identity to match the FROM header of the message being replied to. This makes no sense and is superceded by the identities match that occurs immediately below.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14374 7612ce4b-ef26-0410-bec9-ea0150e637f0

11 years agofindAddress() can return FALSE as well as zero
pdontthink [Mon, 17 Jun 2013 18:39:19 +0000 (18:39 +0000)]
findAddress() can return FALSE as well as zero

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14373 7612ce4b-ef26-0410-bec9-ea0150e637f0

11 years agoFix sloppy use of nearly identical variable names
pdontthink [Mon, 17 Jun 2013 18:34:16 +0000 (18:34 +0000)]
Fix sloppy use of nearly identical variable names

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14369 7612ce4b-ef26-0410-bec9-ea0150e637f0

11 years agoDocument the findAddress function
pdontthink [Mon, 17 Jun 2013 18:32:33 +0000 (18:32 +0000)]
Document the findAddress function

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14368 7612ce4b-ef26-0410-bec9-ea0150e637f0

11 years agoImprove usability of attachment checkboxes
pdontthink [Fri, 14 Jun 2013 23:04:58 +0000 (23:04 +0000)]
Improve usability of attachment checkboxes

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14365 7612ce4b-ef26-0410-bec9-ea0150e637f0

11 years agoRemove use of deprecated /e modifier in preg_replace.
kink [Thu, 16 May 2013 12:16:58 +0000 (12:16 +0000)]
Remove use of deprecated /e modifier in preg_replace.

This modifier starts generating Deprecated notices from PHP 5.5.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14360 7612ce4b-ef26-0410-bec9-ea0150e637f0

11 years agoFix error caused by typo of variable name
pdontthink [Wed, 15 May 2013 20:33:11 +0000 (20:33 +0000)]
Fix error caused by typo of variable name

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14358 7612ce4b-ef26-0410-bec9-ea0150e637f0

11 years agoSet svn:keywords
jervfors [Fri, 29 Mar 2013 12:54:24 +0000 (12:54 +0000)]
Set svn:keywords

This isn't just the files I committed in 14354.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14356 7612ce4b-ef26-0410-bec9-ea0150e637f0

11 years agoResetting $Id$
jervfors [Fri, 29 Mar 2013 11:35:02 +0000 (11:35 +0000)]
Resetting $Id$

Subversion expands the $Id$ keyword anchor to a string, but some files
in this repository have strings instead of keyword anchors.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14354 7612ce4b-ef26-0410-bec9-ea0150e637f0

11 years agogit-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14352...
pdontthink [Sat, 16 Mar 2013 03:44:20 +0000 (03:44 +0000)]
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14352 7612ce4b-ef26-0410-bec9-ea0150e637f0

11 years agoAdd Solarized Light and Dark themes by Pavneet Arora, although themes not used/migrat...
pdontthink [Sat, 16 Mar 2013 03:42:24 +0000 (03:42 +0000)]
Add Solarized Light and Dark themes by Pavneet Arora, although themes not used/migrated in 1.5.2

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14351 7612ce4b-ef26-0410-bec9-ea0150e637f0

11 years agoclean up code commented out since 8 y
kink [Tue, 15 Jan 2013 15:58:43 +0000 (15:58 +0000)]
clean up code commented out since 8 y

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14348 7612ce4b-ef26-0410-bec9-ea0150e637f0

11 years agoReplace calls to htmlspecialchars() with sm_encode_html_special_chars().
kink [Sun, 9 Dec 2012 12:06:30 +0000 (12:06 +0000)]
Replace calls to htmlspecialchars() with sm_encode_html_special_chars().

New function sm_encode_html_special_chars() encodes HTML special
characters by calling htmlspecialchars(). It sets the character set
to ISO-8859-1, to fix compatibility with PHP >= 5.4.

Patch by Paul Lesniewski.

See #3491925

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14346 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoUse sqsession_* instead of session_*
pdontthink [Tue, 18 Sep 2012 17:43:15 +0000 (17:43 +0000)]
Use sqsession_* instead of session_*

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14344 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoFor DSN values, allow current value to remain if no changes made
pdontthink [Sun, 9 Sep 2012 22:46:38 +0000 (22:46 +0000)]
For DSN values, allow current value to remain if no changes made

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14342 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoPrevent endless recursive sent subfolder names - see: http://thread.gmane.org/gmane...
pdontthink [Wed, 29 Aug 2012 17:03:09 +0000 (17:03 +0000)]
Prevent endless recursive sent subfolder names - see: thread.gmane.org/gmane.mail.squirrelmail.user/39178

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14340 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoAdd more flexibility for plugins
pdontthink [Sat, 4 Aug 2012 23:00:43 +0000 (23:00 +0000)]
Add more flexibility for plugins

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14336 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoSeparate E_STRICT reporting from E_ALL in internal debug mode (E_STRICT is included...
pdontthink [Sat, 28 Jul 2012 05:57:50 +0000 (05:57 +0000)]
Separate E_STRICT reporting from E_ALL in internal debug mode (E_STRICT is included in E_ALL only as of PHP 5.4.0)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14335 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoE_ALL is a moving target
pdontthink [Sat, 28 Jul 2012 05:48:24 +0000 (05:48 +0000)]
E_ALL is a moving target

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14334 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoAccount for servers that send extra unsolicited FETCH responses (such as when flags...
pdontthink [Fri, 27 Jul 2012 23:03:15 +0000 (23:03 +0000)]
Account for servers that send extra unsolicited FETCH responses (such as when flags change due to a FETCH request).  PLEASE TEST!

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14333 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoAdd option that allows users to have replies to their own messages sent to the recipi...
pdontthink [Sun, 1 Jul 2012 20:06:18 +0000 (20:06 +0000)]
Add option that allows users to have replies to their own messages sent to the recipient of the previous message (#3520988)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14331 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoFix occasional PHP notice
pdontthink [Wed, 9 May 2012 02:57:02 +0000 (02:57 +0000)]
Fix occasional PHP notice

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14324 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoClear checkbox selections when form is processed
pdontthink [Fri, 27 Apr 2012 07:18:17 +0000 (07:18 +0000)]
Clear checkbox selections when form is processed

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14320 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoRevert revision 14314; static functions are a PHP 5+ feature
pdontthink [Sun, 8 Apr 2012 01:51:00 +0000 (01:51 +0000)]
Revert revision 14314; static functions are a PHP 5+ feature

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14317 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agofunctions are only used statically. mark as such.
kink [Sat, 7 Apr 2012 15:17:48 +0000 (15:17 +0000)]
functions are only used statically. mark as such.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14314 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoFix E_STRICT notices
pdontthink [Sun, 1 Apr 2012 22:18:51 +0000 (22:18 +0000)]
Fix E_STRICT notices

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14312 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoFix E_STRICT notice
pdontthink [Sun, 1 Apr 2012 21:27:53 +0000 (21:27 +0000)]
Fix E_STRICT notice

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14309 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoFix simple E_STRICT notice
pdontthink [Sun, 1 Apr 2012 21:15:36 +0000 (21:15 +0000)]
Fix simple E_STRICT notice

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14308 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoFix PHP notices
pdontthink [Sun, 1 Apr 2012 20:35:47 +0000 (20:35 +0000)]
Fix PHP notices

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14306 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoRevert changes in revision 14302. Revision 14302 should only have changed functions...
pdontthink [Sun, 1 Apr 2012 20:09:11 +0000 (20:09 +0000)]
Revert changes in revision 14302.  Revision 14302 should only have changed functions/imap_general.php

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14304 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoFall back to using LIST if NAMESPACE answer is malformed or otherwise problematic...
pdontthink [Sun, 1 Apr 2012 19:50:49 +0000 (19:50 +0000)]
Fall back to using LIST if NAMESPACE answer is malformed or otherwise problematic.  This still doesn't account for situations where the NAMESPACE or LIST answer can't be parsed correctly.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14302 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoRe: rev 14289 - Proper fix is not to define a new object; code was assuming header...
pdontthink [Sun, 1 Apr 2012 17:57:20 +0000 (17:57 +0000)]
Re: rev 14289 - Proper fix is not to define a new object; code was assuming header that was already defined was placed in the message object (which it was not).  Also fix indention issues

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14301 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoChangeLog
kink [Sat, 24 Mar 2012 11:05:26 +0000 (11:05 +0000)]
ChangeLog

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14293 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoI believe this code worked by chance, redefining it from string to array and
kink [Sat, 24 Mar 2012 10:42:31 +0000 (10:42 +0000)]
I believe this code worked by chance, redefining it from string to array and
using it outside the code block it was defined in. This should repair it to
what was intended.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14291 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agomust initialise MessageHeader object to avoid
kink [Sat, 24 Mar 2012 10:27:57 +0000 (10:27 +0000)]
must initialise MessageHeader object to avoid
PHP Warning:  Creating default object from empty value

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14289 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoAlignment fix
pdontthink [Tue, 28 Feb 2012 18:18:29 +0000 (18:18 +0000)]
Alignment fix

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14281 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoClarify explanation slightly
pdontthink [Tue, 28 Feb 2012 18:16:48 +0000 (18:16 +0000)]
Clarify explanation slightly

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14280 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoUpdate the copyright year
jervfors [Wed, 15 Feb 2012 14:32:07 +0000 (14:32 +0000)]
Update the copyright year

The constant was neglected when updating all copyright years.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14278 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agohex2bin is introduced in PHP 5.4
kink [Wed, 8 Feb 2012 12:11:18 +0000 (12:11 +0000)]
hex2bin is introduced in PHP 5.4

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14277 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoSpelling mistake
pdontthink [Tue, 7 Feb 2012 23:05:36 +0000 (23:05 +0000)]
Spelling mistake

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14275 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoBetter performance by reducing token usage to only one at a time (also added an optio...
pdontthink [Tue, 7 Feb 2012 22:51:58 +0000 (22:51 +0000)]
Better performance by reducing token usage to only one at a time (also added an option to revert to old behavior if desired)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14273 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoAccount for case when no reply-to is set in user prefs
pdontthink [Mon, 9 Jan 2012 20:41:02 +0000 (20:41 +0000)]
Account for case when no reply-to is set in user prefs

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14265 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoDocument some previously added configuration parameters
pdontthink [Mon, 2 Jan 2012 21:51:22 +0000 (21:51 +0000)]
Document some previously added configuration parameters

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14256 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoUpdating copyrights. Happy New Year.
pdontthink [Mon, 2 Jan 2012 02:09:17 +0000 (02:09 +0000)]
Updating copyrights.  Happy New Year.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14249 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoSanitize integer option fields - only digits allowed
pdontthink [Thu, 29 Dec 2011 06:56:03 +0000 (06:56 +0000)]
Sanitize integer option fields - only digits allowed

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14247 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoFix what seems to have been a copy/paste bug
pdontthink [Thu, 29 Dec 2011 01:34:06 +0000 (01:34 +0000)]
Fix what seems to have been a copy/paste bug

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14243 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoUnify address book searches. See ChangeLog comments. Also, fixed bug wherein file...
pdontthink [Wed, 28 Dec 2011 02:59:31 +0000 (02:59 +0000)]
Unify address book searches.  See ChangeLog comments.  Also, fixed bug wherein file backend wasn't escaping regular expression correctly.  File based backend used to search all fields at once, concatenated by spaces, which 'worked', but is misleading and nothing like the other backends.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14242 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoaddrsrch_fullname is already fetched by load_prefs.php
pdontthink [Wed, 21 Dec 2011 13:27:54 +0000 (13:27 +0000)]
addrsrch_fullname is already fetched by load_prefs.php

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14240 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoMake PHP default language for xgettext
pdontthink [Sun, 18 Dec 2011 01:32:51 +0000 (01:32 +0000)]
Make PHP default language for xgettext

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14234 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoAdd plugin compatiblility info
pdontthink [Thu, 15 Dec 2011 23:20:47 +0000 (23:20 +0000)]
Add plugin compatiblility info

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14232 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoAllow addition of extra attributes to user/pwd inputs
pdontthink [Thu, 15 Dec 2011 15:08:06 +0000 (15:08 +0000)]
Allow addition of extra attributes to user/pwd inputs

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14229 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoVerify Reply To still has its uses
pdontthink [Tue, 29 Nov 2011 13:13:42 +0000 (13:13 +0000)]
Verify Reply To still has its uses

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14158 7612ce4b-ef26-0410-bec9-ea0150e637f0

12 years agoEnsure that Reply-To isn't missing domain - we already do the same for the From heade...
pdontthink [Tue, 29 Nov 2011 12:44:31 +0000 (12:44 +0000)]
Ensure that Reply-To isn't missing domain - we already do the same for the From header in functions/identity.php

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14156 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoTemporarily sanitize output in wrong place
pdontthink [Sun, 11 Sep 2011 12:26:58 +0000 (12:26 +0000)]
Temporarily sanitize output in wrong place

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14145 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoFixed broken highlighting form (missing security tokens) (#3381117)
pdontthink [Sun, 11 Sep 2011 01:11:03 +0000 (01:11 +0000)]
Fixed broken highlighting form (missing security tokens) (#3381117)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14144 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoFixed untranslated string
pdontthink [Sun, 11 Sep 2011 01:08:13 +0000 (01:08 +0000)]
Fixed untranslated string

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14143 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoFix hook name clash: new smtp_auth hook added recently (a few months ago) has been...
pdontthink [Mon, 5 Sep 2011 07:00:18 +0000 (07:00 +0000)]
Fix hook name clash: new smtp_auth hook added recently (a few months ago) has been renamed to smtp_authenticate

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14141 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agodocument cve id's for posterity
kink [Tue, 26 Jul 2011 20:28:11 +0000 (20:28 +0000)]
document cve id's for posterity

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14138 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoattary may be empty at this point and the sq_fixatts call will generate PHP
kink [Wed, 13 Jul 2011 08:44:04 +0000 (08:44 +0000)]
attary may be empty at this point and the sq_fixatts call will generate PHP
Warnings. Wrap it in a conditional just like the other sq_fixatts call.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14134 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoFix XSS problem with unsanitized style tags in messages [CVE-2011-2023]
pdontthink [Tue, 12 Jul 2011 04:59:12 +0000 (04:59 +0000)]
Fix XSS problem with unsanitized style tags in messages [CVE-2011-2023]

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14122 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoFix XSS holes in generic options inputs, XSS hole in the SquirrelSpell plugin, and...
pdontthink [Tue, 12 Jul 2011 04:45:49 +0000 (04:45 +0000)]
Fix XSS holes in generic options inputs, XSS hole in the SquirrelSpell plugin, and added anti-CSRF protection to the empty trash feature (thanks to Nicholas Carlini for finding all these issues) [CVE-2010-4555]

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14120 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoAdd clickjacking protection (thanks to Asbjorn Thorsen and Geir Hansen for bringing...
pdontthink [Tue, 12 Jul 2011 03:44:23 +0000 (03:44 +0000)]
Add clickjacking protection (thanks to Asbjorn Thorsen and Geir Hansen for bringing this to our attention) [CVE-2010-4554]

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14118 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agogit-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14108...
pdontthink [Tue, 3 May 2011 06:23:56 +0000 (06:23 +0000)]
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14108 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoAllow administrators to configure subfolders of user INBOXes to be treated as special...
pdontthink [Tue, 3 May 2011 06:05:08 +0000 (06:05 +0000)]
Allow administrators to configure subfolders of user INBOXes to be treated as special folders by adding $subfolders_of_inbox_are_special to config_local.php

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14107 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoRemove quotes around personal names in message list (#3292587)
pdontthink [Wed, 27 Apr 2011 09:43:25 +0000 (09:43 +0000)]
Remove quotes around personal names in message list (#3292587)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14106 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoAdd smtp_auth hook (thanks to Emmanuel Dreyfus)
pdontthink [Sat, 2 Apr 2011 19:19:45 +0000 (19:19 +0000)]
Add smtp_auth hook (thanks to Emmanuel Dreyfus)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14094 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoUndelete button shouldn't be related to whether or not a trash folder is in use ...
pdontthink [Fri, 11 Mar 2011 02:22:57 +0000 (02:22 +0000)]
Undelete button shouldn't be related to whether or not a trash folder is in use - it's just a product of auto-expunge

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14092 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoDon't use regular expressions when you don't need to
pdontthink [Fri, 4 Mar 2011 01:19:33 +0000 (01:19 +0000)]
Don't use regular expressions when you don't need to

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14090 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoHappy New Year!
pdontthink [Thu, 6 Jan 2011 03:16:21 +0000 (03:16 +0000)]
Happy New Year!

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14085 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoRefine HMAC-MD5 generator; use native PHP Hash extension if available
pdontthink [Mon, 27 Dec 2010 00:35:24 +0000 (00:35 +0000)]
Refine HMAC-MD5 generator; use native PHP Hash extension if available

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14083 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoUnify output strings (Thanks to Juergen Edner) (#3139973).
pdontthink [Tue, 21 Dec 2010 14:04:08 +0000 (14:04 +0000)]
Unify output strings (Thanks to Juergen Edner) (#3139973).

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14082 7612ce4b-ef26-0410-bec9-ea0150e637f0

13 years agoForce the addition of a file suffix to attachments that lack a filename (helps forwar...
pdontthink [Fri, 17 Dec 2010 21:41:39 +0000 (21:41 +0000)]
Force the addition of a file suffix to attachments that lack a filename (helps forwarded messages avoid spam filters) (Thanks to Petr Kletecka) (#3139004)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14080 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoUnify SMTP auth mechanisms in configuration tool
pdontthink [Fri, 26 Nov 2010 10:02:51 +0000 (10:02 +0000)]
Unify SMTP auth mechanisms in configuration tool

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14076 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoFix sqauth_read_password() for plugins running on the login_verified hook when the...
pdontthink [Sat, 25 Sep 2010 04:08:03 +0000 (04:08 +0000)]
Fix sqauth_read_password() for plugins running on the login_verified hook when the 'key' cookie isn't yet set

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14067 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoAdding strings to the template.
jervfors [Mon, 13 Sep 2010 10:43:27 +0000 (10:43 +0000)]
Adding strings to the template.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14062 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoNow allow multiple plugins to handle (add links for) a single attachment MIME type
pdontthink [Sun, 12 Sep 2010 06:02:18 +0000 (06:02 +0000)]
Now allow multiple plugins to handle (add links for) a single attachment MIME type

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14059 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoFixed system lock-ups caused by a combination of certain rare, malformed message...
pdontthink [Fri, 3 Sep 2010 03:09:51 +0000 (03:09 +0000)]
Fixed system lock-ups caused by a combination of certain rare, malformed message headers and buggy versions of PHP mbstring (#3053349, 987016)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14056 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoRetiring Seth per his request
pdontthink [Thu, 22 Jul 2010 01:24:53 +0000 (01:24 +0000)]
Retiring Seth per his request

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13971 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoFix attachment filename decoding (#2994865)
pdontthink [Wed, 21 Jul 2010 19:19:07 +0000 (19:19 +0000)]
Fix attachment filename decoding (#2994865)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13967 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoThe use of 'user' as a column name no longer causes errors in SquirrelMail/PostgreSQL
pdontthink [Wed, 21 Jul 2010 07:24:37 +0000 (07:24 +0000)]
The use of 'user' as a column name no longer causes errors in SquirrelMail/PostgreSQL

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13965 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoFix issues caused by use of PostgreSQL keyword 'user' in SquirrelMail's default prefe...
pdontthink [Wed, 21 Jul 2010 07:06:12 +0000 (07:06 +0000)]
Fix issues caused by use of PostgreSQL keyword 'user' in SquirrelMail's default preferences database schema (#2943483)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13963 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoAdd information about online documentation
pdontthink [Wed, 21 Jul 2010 06:14:08 +0000 (06:14 +0000)]
Add information about online documentation

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13960 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoRetire Marc. We should probably retire some others who haven't contributed in the...
pdontthink [Wed, 21 Jul 2010 05:46:42 +0000 (05:46 +0000)]
Retire Marc.  We should probably retire some others who haven't contributed in the last few years

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13959 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoAggressive sanitizing of REQUEST_URI, PHP_SELF, and QUERY_STRING corrupted page URIs...
pdontthink [Sat, 26 Jun 2010 10:15:49 +0000 (10:15 +0000)]
Aggressive sanitizing of REQUEST_URI, PHP_SELF, and QUERY_STRING corrupted page URIs by encoding ampersands in the query string, so we have to un-sanitize ampersands.  Will this cause any security/XSS issues?

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13957 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoNow fill in default subject when forwarding as attachment (#2936541)
pdontthink [Mon, 21 Jun 2010 08:16:05 +0000 (08:16 +0000)]
Now fill in default subject when forwarding as attachment (#2936541)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13955 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoNow properly quote personal part of encoded addresses when replying
pdontthink [Mon, 21 Jun 2010 07:58:11 +0000 (07:58 +0000)]
Now properly quote personal part of encoded addresses when replying

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13953 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoFixed minor vulnerability in Mail Fetch plugin [CVE-2010-1637/TEHTRI-SA-2010-009]
pdontthink [Mon, 21 Jun 2010 07:18:55 +0000 (07:18 +0000)]
Fixed minor vulnerability in Mail Fetch plugin [CVE-2010-1637/TEHTRI-SA-2010-009]

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13950 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoReduced default time security tokens stay valid from 30 days to 2 days (reduces chanc...
pdontthink [Mon, 21 Jun 2010 07:01:16 +0000 (07:01 +0000)]
Reduced default time security tokens stay valid from 30 days to 2 days (reduces chances of session data growing too large)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13949 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoSynchronize no-cache headers. This reverses revision 13940 because no-cahce headers...
pdontthink [Mon, 21 Jun 2010 00:39:12 +0000 (00:39 +0000)]
Synchronize no-cache headers.  This reverses revision 13940 because no-cahce headers were already being sent in displayHtmlHeader() for left_main.php and right_main.php (the tracker referred to in that revision only applies to SquirrelMail 1.4.x).

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13945 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years ago - Fix error with SpamCop reporting plugin not being able to send report as
jangliss [Sun, 20 Jun 2010 16:58:46 +0000 (16:58 +0000)]
  - Fix error with SpamCop reporting plugin not being able to send report as
    emails (#1795310).
  - Fix typo in SpamCop plugin.
  - Tidy some output (slightly personal to stop Eclipse complaining about errors in the code)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13942 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoExplicitly disable caching for left_main and right_main pages (#2983134)
jangliss [Sun, 20 Jun 2010 14:37:16 +0000 (14:37 +0000)]
Explicitly disable caching for left_main and right_main pages (#2983134)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13940 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoShow what user/group the web server is running as; helps with debugging certain plugi...
pdontthink [Fri, 16 Apr 2010 05:26:16 +0000 (05:26 +0000)]
Show what user/group the web server is running as; helps with debugging certain plugins for admins who aren't quite sure about these things

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13934 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoFix PHP errors. Thanks to Jacek Kalinski
pdontthink [Tue, 30 Mar 2010 03:30:24 +0000 (03:30 +0000)]
Fix PHP errors.  Thanks to Jacek Kalinski

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13931 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoAdd FIXME
pdontthink [Fri, 26 Mar 2010 18:36:33 +0000 (18:36 +0000)]
Add FIXME

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13930 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoDon't push out onsubmit handler unless necessary
pdontthink [Fri, 19 Mar 2010 08:29:44 +0000 (08:29 +0000)]
Don't push out onsubmit handler unless necessary

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13929 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agor13926 from stable:
kink [Mon, 8 Mar 2010 09:37:07 +0000 (09:37 +0000)]
r13926 from stable:
code in findDisplayEntity expects object, not array. Make findAltenativeEntity
return an object or null consistently.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13927 7612ce4b-ef26-0410-bec9-ea0150e637f0

14 years agoRFC 3676 says there can't be more in the signature delimiter line than this
pdontthink [Tue, 16 Feb 2010 20:13:21 +0000 (20:13 +0000)]
RFC 3676 says there can't be more in the signature delimiter line than this

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13913 7612ce4b-ef26-0410-bec9-ea0150e637f0