diff options
| author | alec <alec@208e9e7b-5314-0410-a742-e7e81cd9613c> | 2011-08-04 09:01:36 +0000 |
|---|---|---|
| committer | alec <alec@208e9e7b-5314-0410-a742-e7e81cd9613c> | 2011-08-04 09:01:36 +0000 |
| commit | 60a147392a6cf9e74cefe50b7506da2d7aa25dbe (patch) | |
| tree | b888d45c1317219f3a42442f3638f5f265de5848 /roundcubemail/program/steps/settings | |
| parent | 339f6b7512520e7ad1c07c00adb0a18073e67300 (diff) | |
- Add ACL check on parent folder
git-svn-id: https://svn.roundcube.net/trunk@5022 208e9e7b-5314-0410-a742-e7e81cd9613c
Diffstat (limited to 'roundcubemail/program/steps/settings')
| -rw-r--r-- | roundcubemail/program/steps/settings/edit_folder.inc | 2 | ||||
| -rw-r--r-- | roundcubemail/program/steps/settings/save_folder.inc | 10 |
2 files changed, 11 insertions, 1 deletions
diff --git a/roundcubemail/program/steps/settings/edit_folder.inc b/roundcubemail/program/steps/settings/edit_folder.inc index fe9cdc082..740c05ee5 100644 --- a/roundcubemail/program/steps/settings/edit_folder.inc +++ b/roundcubemail/program/steps/settings/edit_folder.inc @@ -255,7 +255,7 @@ function rcmail_folder_form($attrib) $content = rcmail_get_form_part($tab); } - if ($content) { + if ($content) { $out .= html::tag('fieldset', null, html::tag('legend', null, Q($tab['name'])) . $content) ."\n"; } } diff --git a/roundcubemail/program/steps/settings/save_folder.inc b/roundcubemail/program/steps/settings/save_folder.inc index 498829c3b..2f515627d 100644 --- a/roundcubemail/program/steps/settings/save_folder.inc +++ b/roundcubemail/program/steps/settings/save_folder.inc @@ -55,6 +55,16 @@ else { } } +// Check access rights to the parent folder +if (!$error && strlen($path)) { + $parent_opts = $RCMAIL->imap->mailbox_info($path); + if ($parent_opts['namespace'] != 'personal' + && (empty($parent_opts['rights']) || !preg_match('/[ck]/', implode($parent_opts))) + ) { + $error = rcube_label('parentnotwritable'); + } +} + if ($error) { $OUTPUT->command('display_message', $error, 'error'); } |