Changeset 5022 in subversion


Ignore:
Timestamp:
Aug 4, 2011 5:01:36 AM (22 months ago)
Author:
alec
Message:
  • Add ACL check on parent folder
Location:
trunk/roundcubemail/program
Files:
3 edited

Legend:

Unmodified
Added
Removed

  • trunk/roundcubemail/program/localization/en_US/messages.inc

    r5014 r5022  
    151151$messages['invalidimageformat'] = 'Not a valid image format.'; 
    152152$messages['mispellingsfound'] = 'Spelling errors detected in the message.'; 
     153$messages['parentnotwritable'] = 'Unable to create/move folder into selected parent folder. No access rights.'; 
    153154 
    154155?> 

  • trunk/roundcubemail/program/steps/settings/edit_folder.inc

    r4997 r5022  
    256256        } 
    257257 
    258         if ($content) {         
     258        if ($content) { 
    259259            $out .= html::tag('fieldset', null, html::tag('legend', null, Q($tab['name'])) . $content) ."\n"; 
    260260        } 

  • trunk/roundcubemail/program/steps/settings/save_folder.inc

    r4886 r5022  
    5353            break; 
    5454        } 
     55    } 
     56} 
     57 
     58// Check access rights to the parent folder 
     59if (!$error && strlen($path)) { 
     60    $parent_opts = $RCMAIL->imap->mailbox_info($path); 
     61    if ($parent_opts['namespace'] != 'personal' 
     62        && (empty($parent_opts['rights']) || !preg_match('/[ck]/', implode($parent_opts))) 
     63    ) { 
     64        $error = rcube_label('parentnotwritable'); 
    5565    } 
    5666} 
Note: See TracChangeset for help on using the changeset viewer.