X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=functions%2Fmailbox_display.php;h=5897635586385a5ee6208030b5c3b9cf9847604b;hp=07cb1ca56fb70a434f5a63810e09e80641343d8a;hb=696129d8f22f887c23cb06da5cc04ed7cd63351a;hpb=e3e770bdae1706d364495ef5529435682916a736 diff --git a/functions/mailbox_display.php b/functions/mailbox_display.php index 07cb1ca5..58976355 100644 --- a/functions/mailbox_display.php +++ b/functions/mailbox_display.php @@ -6,7 +6,7 @@ * This contains functions that display mailbox information, such as the * table row that has sender, date, subject, etc... * - * @copyright © 1999-2007 The SquirrelMail Project Team + * @copyright 1999-2017 The SquirrelMail Project Team * @license http://opensource.org/licenses/gpl-license.php GNU Public License * @version $Id$ * @package squirrelmail @@ -554,11 +554,11 @@ function prepareMessageList(&$aMailbox, $aProps) { $sMailbox = (isset($aAddr[SQM_ADDR_MAILBOX])) ? $aAddr[SQM_ADDR_MAILBOX] : ''; $sHost = (isset($aAddr[SQM_ADDR_HOST])) ? $aAddr[SQM_ADDR_HOST] : ''; if ($sPersonal) { - $title .= htmlspecialchars($sMailbox.'@'.$sHost).', '; + $title .= sm_encode_html_special_chars($sMailbox.'@'.$sHost).', '; } else { // if $value gets truncated we need to add the addresses with no // personal name as well - $title_maybe .= htmlspecialchars($sMailbox.'@'.$sHost).', '; + $title_maybe .= sm_encode_html_special_chars($sMailbox.'@'.$sHost).', '; } } if ($title) { @@ -566,7 +566,7 @@ function prepareMessageList(&$aMailbox, $aProps) { } $sTmp = decodeHeader($sTmp); if (isset($aColumnDesc[$k]['truncate']) && $aColumnDesc[$k]['truncate']) { - $sTrunc = truncateWithEntities($sTmp, $aColumnDesc[$k]['truncate']); + $sTrunc = sm_truncate_string($sTmp, $aColumnDesc[$k]['truncate'], '...', TRUE); if ($sTrunc != $sTmp) { if (!$title) { $title = $sTmp; @@ -578,7 +578,7 @@ function prepareMessageList(&$aMailbox, $aProps) { $sTmp = $sTrunc; } } - $value = ($sTmp) ? $sTmp : $sUnknown; + $value = ($sTmp) ? (substr($sTmp, 0, 6) == '"' && substr($sTmp, -6) == '"' ? substr(substr($sTmp, 0, -6), 6) : $sTmp) : $sUnknown; break; case SQM_COL_SUBJ: // subject is mime encoded, decode it. @@ -591,9 +591,11 @@ function prepareMessageList(&$aMailbox, $aProps) { $iIndent = (isset($aIndentArray[$aId[$i]])) ? $aIndentArray[$aId[$i]] : 0; // FIXME: don't break 8bit symbols and html entities during truncation if (isset($aColumnDesc[$k]['truncate']) && $aColumnDesc[$k]['truncate']) { - $sTmp = truncateWithEntities($value, $aColumnDesc[$k]['truncate']-$iIndent); + $sTmp = sm_truncate_string($value, $aColumnDesc[$k]['truncate']-$iIndent, '...', TRUE); // drop any double spaces since these will be displayed in the title - $title = ($sTmp != $value) ? preg_replace('/\s{2,}/', ' ', $value) : ''; + // Nah, it's nice to always have a roll-over + //$title = ($sTmp != $value) ? preg_replace('/\s{2,}/', ' ', $value) : ''; + $title = preg_replace('/\s{2,}/', ' ', $value); $value = $sTmp; } /* generate the link to the message */ @@ -618,23 +620,27 @@ function prepareMessageList(&$aMailbox, $aProps) { break; case SQM_COL_DATE: case SQM_COL_INT_DATE: - $value = getDateString(getTimeStamp(explode(' ',trim($value)))); + $value = getTimeStamp(explode(' ',trim($value))); + $title = getDateString($value, TRUE); + $value = getDateString($value); break; case SQM_COL_FLAGS: $aFlagColumn = array('seen' => false, 'deleted'=>false, 'answered'=>false, + 'forwarded'=>false, 'flagged' => false, 'draft' => false); if(!is_array($value)) $value = array(); foreach ($value as $sFlag => $v) { switch ($sFlag) { - case '\\seen' : $aFlagColumn['seen'] = true; break; - case '\\deleted' : $aFlagColumn['deleted'] = true; break; - case '\\answered': $aFlagColumn['answered'] = true; break; - case '\\flagged' : $aFlagColumn['flagged'] = true; break; - case '\\draft' : $aFlagColumn['draft'] = true; break; + case '\\seen' : $aFlagColumn['seen'] = true; break; + case '\\deleted' : $aFlagColumn['deleted'] = true; break; + case '\\answered': $aFlagColumn['answered'] = true; break; + case '$forwarded': $aFlagColumn['forwarded'] = true; break; + case '\\flagged' : $aFlagColumn['flagged'] = true; break; + case '\\draft' : $aFlagColumn['draft'] = true; break; default: break; } } @@ -973,7 +979,7 @@ function showMessagesForMailbox($imapConnection, &$aMailbox,$aProps, &$iError) { $source_url = $php_self; } - $baseurl = $source_url.'?mailbox=' . urlencode($aMailbox['NAME']) .'&account='.$aMailbox['ACCOUNT']; + $baseurl = $source_url.'?mailbox=' . urlencode($aMailbox['NAME']) .'&account='.$aMailbox['ACCOUNT'] . (strpos($source_url, 'src/search.php') ? '&smtoken=' . sm_generate_security_token() : ''); $where = urlencode($aMailbox['SEARCH'][$iSetIndx][0]); $what = urlencode($aMailbox['SEARCH'][$iSetIndx][1]); $baseurl .= '&where=' . $where . '&what=' . $what; @@ -1039,7 +1045,7 @@ function showMessagesForMailbox($imapConnection, &$aMailbox,$aProps, &$iError) { $trash_folder) ? true : false; // $showUndelete = (!$aMailbox['AUTO_EXPUNGE'] && $aMailbox['RIGHTS'] != 'READ-ONLY' && - in_array('\\deleted',$aMailbox['PERMANENTFLAGS'], true) && !$trash_folder) ? true : false; + in_array('\\deleted',$aMailbox['PERMANENTFLAGS'], true) /* trash folder unrelated methinks: && !$trash_folder*/) ? true : false; $showMove = ($aMailbox['RIGHTS'] != 'READ-ONLY') ? true : false; $showExpunge = (!$aMailbox['AUTO_EXPUNGE'] && $aMailbox['RIGHTS'] != 'READ-ONLY' && in_array('\\deleted',$aMailbox['PERMANENTFLAGS'], true)) ? true : false; @@ -1251,53 +1257,6 @@ function showMessagesForMailbox($imapConnection, &$aMailbox,$aProps, &$iError) { } -/** - * Truncates a string and take care of html encoded characters - * - * @param string $s string to truncate - * @param int $iTrimAt Trim at nn characters - * @return string Trimmed string - */ -function truncateWithEntities($s, $iTrimAt) { - global $languages, $squirrelmail_language; - - $ent_strlen = strlen($s); - if (($iTrimAt <= 0) || ($ent_strlen <= $iTrimAt)) - return $s; - - if (isset($languages[$squirrelmail_language]['XTRA_CODE']) && - function_exists($languages[$squirrelmail_language]['XTRA_CODE'] . '_strimwidth')) { - return call_user_func($languages[$squirrelmail_language]['XTRA_CODE'] . '_strimwidth', $s, $iTrimAt); - } else { - /* - * see if this is entities-encoded string - * If so, Iterate through the whole string, find out - * the real number of characters, and if more - * than $iTrimAt, substr with an updated trim value. - */ - $trim_val = $iTrimAt; - $ent_offset = 0; - $ent_loc = 0; - while ( $ent_loc < $trim_val && (($ent_loc = strpos($s, '&', $ent_offset)) !== false) && - (($ent_loc_end = strpos($s, ';', $ent_loc+3)) !== false) ) { - $trim_val += ($ent_loc_end-$ent_loc); - $ent_offset = $ent_loc_end+1; - } - - if (($trim_val > $iTrimAt) && ($ent_strlen > $trim_val) && (strpos($s,';',$trim_val) < ($trim_val + 6))) { - $i = strpos($s,';',$trim_val); - if ($i !== false) { - $trim_val = strpos($s,';',$trim_val)+1; - } - } - // only print '...' when we're actually dropping part of the subject - if ($ent_strlen <= $trim_val) - return $s; - } - return substr_replace($s, '...', $trim_val); -} - - /** * Process messages list form and handle the cache gracefully. If $sButton and * $aUid are provided as argument then you can fake a message list submit and @@ -1339,6 +1298,11 @@ function handleMessageListForm($imapConnection, &$aMailbox, $sButton='', $aUid = (isset($msg) && is_array($msg)) ? array_values($msg) : $aUid; if (count($aUid) && $sButton != 'expunge') { + // don't do anything to any messages until we have done security check + // FIXME: not sure this code really belongs here, but there's nowhere else to put it with this architecture + sqgetGlobalVar('smtoken', $submitted_token, SQ_FORM, ''); + sm_validate_security_token($submitted_token, -1, TRUE); + // make sure message UIDs are sanitized (BIGINT) foreach ($aUid as $i => $uid) $aUid[$i] = (preg_match('/^[0-9]+$/', $uid) ? $uid : '0'); @@ -1385,7 +1349,8 @@ function handleMessageListForm($imapConnection, &$aMailbox, $sButton='', if (count($aMsgHeaders)) { $composesession = attachSelectedMessages($imapConnection,$aMsgHeaders); // dirty hack, add info to $aMailbox - $aMailbox['FORWARD_SESSION'] = $composesession; + $aMailbox['FORWARD_SESSION']['SESSION_NUMBER'] = $composesession; + $aMailbox['FORWARD_SESSION']['UIDS'] = $aUid; } break; default: @@ -1419,6 +1384,7 @@ function handleMessageListForm($imapConnection, &$aMailbox, $sButton='', $message = $aMailbox['MSG_HEADERS'][$iUid]['MESSAGE_OBJECT']; $message->is_seen = false; $message->is_answered = false; + $message->is_forwarded = false; $message->is_deleted = false; $message->is_flagged = false; $message->is_mdnsent = false; @@ -1427,6 +1393,8 @@ function handleMessageListForm($imapConnection, &$aMailbox, $sButton='', $message->is_seen = true; else if (strtolower($flag) == '\\answered' && $value) $message->is_answered = true; + else if (strtolower($flag) == '$forwarded' && $value) + $message->is_forwarded = true; else if (strtolower($flag) == '\\deleted' && $value) $message->is_deleted = true; else if (strtolower($flag) == '\\flagged' && $value) @@ -1568,6 +1536,17 @@ function attachSelectedMessages($imapConnection,$aMsgHeaders) { fclose($fp); $composeMessage->initAttachment('message/rfc822', $subject . '.eml', $filename); + + // create subject for new message + // + $subject = decodeHeader($subject,false,false,true); + $subject = str_replace('"', "'", $subject); + $subject = trim($subject); + if (substr(strtolower($subject), 0, 4) != 'fwd:') { + $subject = 'Fwd: ' . $subject; + } + $composeMessage->rfc822_header->subject = $subject; + } }