Roundcubemail devel
view | history | commit | commitdiff
thomascube
2005-12-03 1cded85790206afe084e1baff371c543711b2b18
commit | author | age
4e17e6 1 <?php
T 2
3 /*
4  +-----------------------------------------------------------------------+
5  | RoundCube Webmail IMAP Client                                         |
7902df 6  | Version 0.1-20051018                                                  |
4e17e6 7  |                                                                       |
T 8  | Copyright (C) 2005, RoundCube Dev. - Switzerland                      |
15fee7 9  | Licensed under the GNU GPL                                            |
4e17e6 10  |                                                                       |
T 11  | Redistribution and use in source and binary forms, with or without    |
12  | modification, are permitted provided that the following conditions    |
13  | are met:                                                              |
14  |                                                                       |
15  | o Redistributions of source code must retain the above copyright      |
16  |   notice, this list of conditions and the following disclaimer.       |
17  | o Redistributions in binary form must reproduce the above copyright   |
18  |   notice, this list of conditions and the following disclaimer in the |
19  |   documentation and/or other materials provided with the distribution.|
20  | o The names of the authors may not be used to endorse or promote      |
21  |   products derived from this software without specific prior written  |
22  |   permission.                                                         |
23  |                                                                       |
24  | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS   |
25  | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT     |
26  | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |
27  | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT  |
28  | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
29  | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT      |
30  | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
31  | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
32  | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT   |
33  | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
34  | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.  |
35  |                                                                       |
36  +-----------------------------------------------------------------------+
37  | Author: Thomas Bruederli <roundcube@gmail.com>                        |
38  +-----------------------------------------------------------------------+
39
40  $Id$
41
42 */
43
44 // define global vars
7cc38e 45 $INSTALL_PATH = dirname($_SERVER['SCRIPT_FILENAME']);
4e17e6 46 $OUTPUT_TYPE = 'html';
T 47 $JS_OBJECT_NAME = 'rcmail';
48
7cc38e 49 if (empty($INSTALL_PATH))
T 50   $INSTALL_PATH = './';
51 else
52   $INSTALL_PATH .= '/';
5abfcc 53     
d7cb77 54 // RC include folders MUST be included FIRST to avoid other
S 55 // possible not compatible libraries (i.e PEAR) to be included
56 // instead the ones provided by RC
7cc38e 57 ini_set('include_path', $INSTALL_PATH.PATH_SEPARATOR.$INSTALL_PATH.'program'.PATH_SEPARATOR.$INSTALL_PATH.'program/lib'.PATH_SEPARATOR.ini_get('include_path'));
d7cb77 58
4e17e6 59 ini_set('session.name', 'sessid');
T 60 ini_set('session.use_cookies', 1);
42b113 61 ini_set('error_reporting', E_ALL&~E_NOTICE);
4e17e6 62
T 63 // increase maximum execution time for php scripts
00fd33 64 // (does not work in safe mode)
1cded8 65 @set_time_limit(120);
4e17e6 66
T 67 // include base files
68 require_once('include/rcube_shared.inc');
69 require_once('include/rcube_imap.inc');
70 require_once('include/bugs.inc');
71 require_once('include/main.inc');
72 require_once('include/cache.inc');
7902df 73 require_once('PEAR.php');
T 74
75
76 // set PEAR error handling
77 // PEAR::setErrorHandling(PEAR_ERROR_TRIGGER, E_USER_NOTICE);
4e17e6 78
T 79
80 // catch some url/post parameters
597170 81 $_auth = !empty($_POST['_auth']) ? $_POST['_auth'] : $_GET['_auth'];
T 82 $_task = !empty($_POST['_task']) ? $_POST['_task'] : (!empty($_GET['_task']) ? $_GET['_task'] : 'mail');
83 $_action = !empty($_POST['_action']) ? $_POST['_action'] : (!empty($_GET['_action']) ? $_GET['_action'] : '');
84 $_framed = (!empty($_GET['_framed']) || !empty($_POST['_framed']));
42b113 85
T 86 if (!empty($_GET['_remote']))
87   $REMOTE_REQUEST = TRUE;
88
4e17e6 89 // start session with requested task
T 90 rcmail_startup($_task);
91
92 // set session related variables
93 $COMM_PATH = sprintf('./?_auth=%s&_task=%s', $sess_auth, $_task);
94 $SESS_HIDDEN_FIELD = sprintf('<input type="hidden" name="_auth" value="%s" />', $sess_auth);
95
96
97 // add framed parameter
597170 98 if ($_framed)
4e17e6 99   {
T 100   $COMM_PATH .= '&_framed=1';
ccfda8 101   $SESS_HIDDEN_FIELD .= "\n".'<input type="hidden" name="_framed" value="1" />';
4e17e6 102   }
T 103
104
105 // init necessary objects for GUI
106 load_gui();
107
108 // error steps
597170 109 if ($_action=='error' && !empty($_GET['_code']))
4e17e6 110   {
T 111   raise_error(array('code' => hexdec($_GET['_code'])), FALSE, TRUE);
112   }
113
114
115 // try to log in
116 if ($_action=='login' && $_task=='mail')
117   {
118   $host = $_POST['_host'] ? $_POST['_host'] : $CONFIG['default_host'];
119   
120   // check if client supports cookies
597170 121   if (empty($_COOKIE))
4e17e6 122     {
T 123     show_message("cookiesdisabled", 'warning');
124     }
597170 125   else if (isset($_POST['_user']) && isset($_POST['_pass']) && rcmail_login($_POST['_user'], $_POST['_pass'], $host))
4e17e6 126     {
T 127     // send redirect
128     header("Location: $COMM_PATH");
129     exit;
130     }
131   else
132     {
133     show_message("loginfailed", 'warning');
134     $_SESSION['user_id'] = '';
135     }
136   }
137
138 // end session
00fd33 139 else if ($_action=='logout' && isset($_SESSION['user_id']))
4e17e6 140   {
T 141   show_message('loggedout');
142   rcmail_kill_session();
143   }
144
145 // check session cookie and auth string
7cc38e 146 else if ($_action!='login' && $sess_auth && $_SESSION['user_id'])
4e17e6 147   {
7902df 148   if ($_auth !== $sess_auth || $_auth != rcmail_auth_hash($_SESSION['client_id'], $_SESSION['auth_time']) ||
ccfda8 149       ($CONFIG['session_lifetime'] && isset($SESS_CHANGED) && $SESS_CHANGED + $CONFIG['session_lifetime']*60 < mktime()))
4e17e6 150     {
42b113 151     $message = show_message('sessionerror', 'error');
4e17e6 152     rcmail_kill_session();
T 153     }
154   }
155
156
157 // log in to imap server
597170 158 if (!empty($_SESSION['user_id']) && $_task=='mail')
4e17e6 159   {
7902df 160   $conn = $IMAP->connect($_SESSION['imap_host'], $_SESSION['username'], decrypt_passwd($_SESSION['password']), $_SESSION['imap_port'], $_SESSION['imap_ssl']);
4e17e6 161   if (!$conn)
T 162     {
163     show_message('imaperror', 'error');
164     $_SESSION['user_id'] = '';
165     }
7902df 166   else
T 167     rcmail_set_imap_prop();
4e17e6 168   }
T 169
170
171 // not logged in -> set task to 'login
597170 172 if (empty($_SESSION['user_id']))
42b113 173   {
T 174   if ($REMOTE_REQUEST)
175     {
176     $message .= "setTimeout(\"location.href='\"+this.env.comm_path+\"'\", 2000);";
177     rcube_remote_response($message);
178     }
179   
4e17e6 180   $_task = 'login';
42b113 181   }
4e17e6 182
T 183
184
597170 185 // set task and action to client
4e17e6 186 $script = sprintf("%s.set_env('task', '%s');", $JS_OBJECT_NAME, $_task);
T 187 if (!empty($_action))
188   $script .= sprintf("\n%s.set_env('action', '%s');", $JS_OBJECT_NAME, $_action);
189
190 $OUTPUT->add_script($script);
191
192
193
194 // not logged in -> show login page
195 if (!$_SESSION['user_id'])
196   {
197   parse_template('login');
198   exit;
199   }
200
201
1cded8 202 // handle keep-alive signal
T 203 if ($_action=='keep-alive')
204   {
205   rcube_remote_response('');
206   exit;
207   }
208
4e17e6 209
T 210 // include task specific files
211 if ($_task=='mail')
212   {
213   include_once('program/steps/mail/func.inc');
214
215   if ($_action=='show' || $_action=='print')
216     include('program/steps/mail/show.inc');
217
218   if ($_action=='get')
219     include('program/steps/mail/get.inc');
220
221   if ($_action=='moveto' || $_action=='delete')
222     include('program/steps/mail/move_del.inc');
223
224   if ($_action=='mark')
225     include('program/steps/mail/mark.inc');
226
227   if ($_action=='viewsource')
228     include('program/steps/mail/viewsource.inc');
229
230   if ($_action=='send')
231     include('program/steps/mail/sendmail.inc');
232
233   if ($_action=='upload')
234     include('program/steps/mail/upload.inc');
235
236   if ($_action=='compose')
237     include('program/steps/mail/compose.inc');
238
239   if ($_action=='addcontact')
240     include('program/steps/mail/addcontact.inc');
241     
242   if ($_action=='list' && $_GET['_remote'])
243     include('program/steps/mail/list.inc');
244
245   // kill compose entry from session
246   if (isset($_SESSION['compose']))
247     rcmail_compose_cleanup();
248   }
249
250
251 // include task specific files
252 if ($_task=='addressbook')
253   {
254   include_once('program/steps/addressbook/func.inc');
255
256   if ($_action=='save')
257     include('program/steps/addressbook/save.inc');
258   
259   if ($_action=='edit' || $_action=='add')
260     include('program/steps/addressbook/edit.inc');
261   
262   if ($_action=='delete')
263     include('program/steps/addressbook/delete.inc');
264
265   if ($_action=='show')
266     include('program/steps/addressbook/show.inc');  
267
268   if ($_action=='list' && $_GET['_remote'])
269     include('program/steps/addressbook/list.inc');
270   }
271
272
273 // include task specific files
274 if ($_task=='settings')
275   {
276   include_once('program/steps/settings/func.inc');
277
278   if ($_action=='save-identity')
279     include('program/steps/settings/save_identity.inc');
280
281   if ($_action=='add-identity' || $_action=='edit-identity')
282     include('program/steps/settings/edit_identity.inc');
283
284   if ($_action=='delete-identity')
285     include('program/steps/settings/delete_identity.inc');
286   
287   if ($_action=='identities')
288     include('program/steps/settings/identities.inc');  
289
290   if ($_action=='save-prefs')
291     include('program/steps/settings/save_prefs.inc');  
292
293   if ($_action=='folders' || $_action=='subscribe' || $_action=='unsubscribe' || $_action=='create-folder' || $_action=='delete-folder')
294     include('program/steps/settings/manage_folders.inc');
295
ecf759 296   }
T 297
298
539cd4 299 // only allow these templates to be included
T 300 $valid_tasks = array('mail','settings','addressbook');
4e17e6 301
539cd4 302 // parse main template
T 303 if (in_array($_task, $valid_tasks))
304   parse_template($_task);
305
306
307 // if we arrive here, something went wrong
308 raise_error(array('code' => 404,
309                   'type' => 'php',
310                   'line' => __LINE__,
311                   'file' => __FILE__,
312                   'message' => "Invalid request"), TRUE, TRUE);
313                       
4e17e6 314 ?>