githubFork/roundcubemail.git

Add workaround for https://bugs.php.net/bug.php?id=70757 (#1490582)

Aleksander Machniak

2015-11-06 9953d5c10c622b059758f359812502c26fd1c1c9

commit \| author \| age
0c2596	1	<?php
A	2
	3	/*
	4	+-----------------------------------------------------------------------+
	5	\| This file is part of the Roundcube Webmail client \|
ce2019	6	\| Copyright (C) 2008-2014, The Roundcube Dev Team \|
TB	7	\| Copyright (C) 2011-2014, Kolab Systems AG \|
0c2596	8	\| \|
A	9	\| Licensed under the GNU General Public License version 3 or \|
	10	\| any later version with exceptions for skins & plugins. \|
	11	\| See the README file for a full license statement. \|
	12	\| \|
	13	\| PURPOSE: \|
	14	\| Framework base class providing core functions and holding \|
	15	\| instances of all 'global' objects like db- and storage-connections \|
	16	+-----------------------------------------------------------------------+
	17	\| Author: Thomas Bruederli <roundcube@gmail.com> \|
	18	+-----------------------------------------------------------------------+
	19	*/
	20
	21
	22	/**
	23	* Base class of the Roundcube Framework
	24	* implemented as singleton
	25	*
315418	26	* @package Framework
AM	27	* @subpackage Core
0c2596	28	*/
A	29	class rcube
	30	{
681ba6	31	// Init options
AM	32	const INIT_WITH_DB = 1;
315418	33	const INIT_WITH_PLUGINS = 2;
681ba6	34
AM	35	// Request status
	36	const REQUEST_VALID = 0;
	37	const REQUEST_ERROR_URL = 1;
	38	const REQUEST_ERROR_TOKEN = 2;
0c2596	39
315418	40	/**
AM	41	* Singleton instace of rcube
	42	*
996af3	43	* @var rcube
315418	44	*/
AM	45	static protected $instance;
0c2596	46
315418	47	/**
AM	48	* Stores instance of rcube_config.
	49	*
	50	* @var rcube_config
	51	*/
	52	public $config;
0c2596	53
315418	54	/**
AM	55	* Instace of database class.
	56	*
	57	* @var rcube_db
	58	*/
	59	public $db;
0c2596	60
315418	61	/**
AM	62	* Instace of Memcache class.
	63	*
	64	* @var Memcache
	65	*/
	66	public $memcache;
0c2596	67
315418	68	/**
AM	69	* Instace of rcube_session class.
	70	*
	71	* @var rcube_session
	72	*/
	73	public $session;
0c2596	74
315418	75	/**
AM	76	* Instance of rcube_smtp class.
	77	*
	78	* @var rcube_smtp
	79	*/
	80	public $smtp;
0c2596	81
315418	82	/**
AM	83	* Instance of rcube_storage class.
	84	*
	85	* @var rcube_storage
	86	*/
	87	public $storage;
0c2596	88
315418	89	/**
AM	90	* Instance of rcube_output class.
	91	*
	92	* @var rcube_output
	93	*/
	94	public $output;
0c2596	95
315418	96	/**
AM	97	* Instance of rcube_plugin_api.
	98	*
	99	* @var rcube_plugin_api
	100	*/
	101	public $plugins;
ce2019	102
TB	103	/**
	104	* Instance of rcube_user class.
	105	*
	106	* @var rcube_user
	107	*/
	108	public $user;
0c2596	109
681ba6	110	/**
AM	111	* Request status
	112	*
	113	* @var int
	114	*/
	115	public $request_status = 0;
0c2596	116
315418	117	/* private/protected vars */
AM	118	protected $texts;
	119	protected $caches = array();
	120	protected $shutdown_functions = array();
0c2596	121
A	122
315418	123	/**
AM	124	* This implements the 'singleton' design pattern
	125	*
	126	* @param integer Options to initialize with this instance. See rcube::INIT_WITH_* constants
deb2b8	127	* @param string Environment name to run (e.g. live, dev, test)
315418	128	*
AM	129	* @return rcube The one and only instance
	130	*/
deb2b8	131	static function get_instance($mode = 0, $env = '')
315418	132	{
AM	133	if (!self::$instance) {
deb2b8	134	self::$instance = new rcube($env);
315418	135	self::$instance->init($mode);
71ee56	136	}
AM	137
315418	138	return self::$instance;
0c2596	139	}
A	140
	141
315418	142	/**
AM	143	* Private constructor
	144	*/
deb2b8	145	protected function __construct($env = '')
315418	146	{
AM	147	// load configuration
deb2b8	148	$this->config = new rcube_config($env);
315418	149	$this->plugins = new rcube_dummy_plugin_api;
0c2596	150
315418	151	register_shutdown_function(array($this, 'shutdown'));
0c2596	152	}
A	153
	154
315418	155	/**
AM	156	* Initial startup function
	157	*/
	158	protected function init($mode = 0)
	159	{
	160	// initialize syslog
	161	if ($this->config->get('log_driver') == 'syslog') {
	162	$syslog_id = $this->config->get('syslog_id', 'roundcube');
	163	$syslog_facility = $this->config->get('syslog_facility', LOG_USER);
	164	openlog($syslog_id, LOG_ODELAY, $syslog_facility);
	165	}
0c2596	166
315418	167	// connect to database
AM	168	if ($mode & self::INIT_WITH_DB) {
	169	$this->get_dbh();
	170	}
0c2596	171
315418	172	// create plugin API and load plugins
AM	173	if ($mode & self::INIT_WITH_PLUGINS) {
	174	$this->plugins = rcube_plugin_api::get_instance();
	175	}
0c2596	176	}
A	177
	178
315418	179	/**
AM	180	* Get the current database connection
	181	*
	182	* @return rcube_db Database object
	183	*/
	184	public function get_dbh()
	185	{
	186	if (!$this->db) {
6d5a1b	187	$this->db = rcube_db::factory(
AM	188	$this->config->get('db_dsnw'),
	189	$this->config->get('db_dsnr'),
	190	$this->config->get('db_persistent')
	191	);
	192
	193	$this->db->set_debug((bool)$this->config->get('sql_debug'));
315418	194	}
0c2596	195
315418	196	return $this->db;
0c2596	197	}
A	198
	199
315418	200	/**
AM	201	* Get global handle for memcache access
	202	*
	203	* @return object Memcache
	204	*/
	205	public function get_memcache()
	206	{
	207	if (!isset($this->memcache)) {
	208	// no memcache support in PHP
	209	if (!class_exists('Memcache')) {
	210	$this->memcache = false;
	211	return false;
	212	}
	213
	214	$this->memcache = new Memcache;
	215	$this->mc_available = 0;
	216
	217	// add all configured hosts to pool
c3e441	218	$pconnect = $this->config->get('memcache_pconnect', true);
JVM(S	219	$timeout = $this->config->get('memcache_timeout', 1);
	220	$retry_interval = $this->config->get('memcache_retry_interval', 15);
	221
315418	222	foreach ($this->config->get('memcache_hosts', array()) as $host) {
AM	223	if (substr($host, 0, 7) != 'unix://') {
	224	list($host, $port) = explode(':', $host);
	225	if (!$port) $port = 11211;
	226	}
	227	else {
	228	$port = 0;
	229	}
	230
	231	$this->mc_available += intval($this->memcache->addServer(
c3e441	232	$host, $port, $pconnect, 1, $timeout, $retry_interval, false, array($this, 'memcache_failure')));
315418	233	}
AM	234
	235	// test connection and failover (will result in $this->mc_available == 0 on complete failure)
	236	$this->memcache->increment('__CONNECTIONTEST__', 1); // NOP if key doesn't exist
	237
	238	if (!$this->mc_available) {
	239	$this->memcache = false;
	240	}
	241	}
	242
	243	return $this->memcache;
0c2596	244	}
A	245
	246
315418	247	/**
AM	248	* Callback for memcache failure
	249	*/
	250	public function memcache_failure($host, $port)
	251	{
	252	static $seen = array();
0c2596	253
315418	254	// only report once
AM	255	if (!$seen["$host:$port"]++) {
	256	$this->mc_available--;
	257	self::raise_error(array(
	258	'code' => 604, 'type' => 'db',
	259	'line' => __LINE__, 'file' => __FILE__,
	260	'message' => "Memcache failure on host $host:$port"),
	261	true, false);
	262	}
0c2596	263	}
A	264
	265
315418	266	/**
AM	267	* Initialize and get cache object
	268	*
	269	* @param string $name Cache identifier
	270	* @param string $type Cache type ('db', 'apc' or 'memcache')
	271	* @param string $ttl Expiration time for cache items
	272	* @param bool $packed Enables/disables data serialization
	273	*
	274	* @return rcube_cache Cache object
	275	*/
	276	public function get_cache($name, $type='db', $ttl=0, $packed=true)
	277	{
	278	if (!isset($this->caches[$name]) && ($userid = $this->get_user_id())) {
	279	$this->caches[$name] = new rcube_cache($type, $userid, $name, $ttl, $packed);
	280	}
0c2596	281
315418	282	return $this->caches[$name];
0c2596	283	}
A	284
	285
315418	286	/**
50abd5	287	* Initialize and get shared cache object
AM	288	*
	289	* @param string $name Cache identifier
	290	* @param bool $packed Enables/disables data serialization
	291	*
	292	* @return rcube_cache_shared Cache object
	293	*/
	294	public function get_cache_shared($name, $packed=true)
	295	{
	296	$shared_name = "shared_$name";
	297
22a41b	298	if (!array_key_exists($shared_name, $this->caches)) {
50abd5	299	$opt = strtolower($name) . '_cache';
AM	300	$type = $this->config->get($opt);
	301	$ttl = $this->config->get($opt . '_ttl');
	302
	303	if (!$type) {
22a41b	304	// cache is disabled
AM	305	return $this->caches[$shared_name] = null;
50abd5	306	}
22a41b	307
50abd5	308	if ($ttl === null) {
22a41b	309	$ttl = $this->config->get('shared_cache_ttl', '10d');
50abd5	310	}
AM	311
	312	$this->caches[$shared_name] = new rcube_cache_shared($type, $name, $ttl, $packed);
	313	}
	314
	315	return $this->caches[$shared_name];
	316	}
	317
	318
	319	/**
315418	320	* Create SMTP object and connect to server
AM	321	*
	322	* @param boolean True if connection should be established
	323	*/
	324	public function smtp_init($connect = false)
	325	{
	326	$this->smtp = new rcube_smtp();
0c2596	327
315418	328	if ($connect) {
AM	329	$this->smtp->connect();
	330	}
0c2596	331	}
315418	332
AM	333
	334	/**
	335	* Initialize and get storage object
	336	*
	337	* @return rcube_storage Storage object
	338	*/
	339	public function get_storage()
	340	{
	341	// already initialized
	342	if (!is_object($this->storage)) {
	343	$this->storage_init();
	344	}
	345
	346	return $this->storage;
0c2596	347	}
315418	348
AM	349
	350	/**
	351	* Initialize storage object
	352	*/
	353	public function storage_init()
	354	{
	355	// already initialized
	356	if (is_object($this->storage)) {
	357	return;
	358	}
	359
	360	$driver = $this->config->get('storage_driver', 'imap');
	361	$driver_class = "rcube_{$driver}";
	362
	363	if (!class_exists($driver_class)) {
	364	self::raise_error(array(
	365	'code' => 700, 'type' => 'php',
	366	'file' => __FILE__, 'line' => __LINE__,
	367	'message' => "Storage driver class ($driver) not found!"),
	368	true, true);
	369	}
	370
	371	// Initialize storage object
	372	$this->storage = new $driver_class;
	373
	374	// for backward compat. (deprecated, will be removed)
	375	$this->imap = $this->storage;
	376
	377	// set class options
	378	$options = array(
109bcc	379	'auth_type' => $this->config->get("{$driver}_auth_type", 'check'),
AM	380	'auth_cid' => $this->config->get("{$driver}_auth_cid"),
	381	'auth_pw' => $this->config->get("{$driver}_auth_pw"),
	382	'debug' => (bool) $this->config->get("{$driver}_debug"),
	383	'force_caps' => (bool) $this->config->get("{$driver}_force_caps"),
	384	'disabled_caps' => $this->config->get("{$driver}_disabled_caps"),
	385	'socket_options' => $this->config->get("{$driver}_conn_options"),
	386	'timeout' => (int) $this->config->get("{$driver}_timeout"),
	387	'skip_deleted' => (bool) $this->config->get('skip_deleted'),
	388	'driver' => $driver,
315418	389	);
AM	390
	391	if (!empty($_SESSION['storage_host'])) {
	392	$options['host'] = $_SESSION['storage_host'];
	393	$options['user'] = $_SESSION['username'];
	394	$options['port'] = $_SESSION['storage_port'];
	395	$options['ssl'] = $_SESSION['storage_ssl'];
	396	$options['password'] = $this->decrypt($_SESSION['password']);
	397	$_SESSION[$driver.'_host'] = $_SESSION['storage_host'];
	398	}
	399
	400	$options = $this->plugins->exec_hook("storage_init", $options);
	401
	402	// for backward compat. (deprecated, to be removed)
	403	$options = $this->plugins->exec_hook("imap_init", $options);
	404
	405	$this->storage->set_options($options);
	406	$this->set_storage_prop();
	407
f95492	408	// subscribe to 'storage_connected' hook for session logging
TB	409	if ($this->config->get('imap_log_session', false)) {
	410	$this->plugins->register_hook('storage_connected', array($this, 'storage_log_session'));
	411	}
	412	}
315418	413
AM	414	/**
	415	* Set storage parameters.
	416	*/
	417	protected function set_storage_prop()
	418	{
	419	$storage = $this->get_storage();
	420
8d34b9	421	// set pagesize from config
AM	422	$pagesize = $this->config->get('mail_pagesize');
	423	if (!$pagesize) {
	424	$pagesize = $this->config->get('pagesize', 50);
	425	}
	426
	427	$storage->set_pagesize($pagesize);
a92beb	428	$storage->set_charset($this->config->get('default_charset', RCUBE_CHARSET));
315418	429
8d34b9	430	// enable caching of mail data
AM	431	$driver = $this->config->get('storage_driver', 'imap');
	432	$storage_cache = $this->config->get("{$driver}_cache");
	433	$messages_cache = $this->config->get('messages_cache');
	434	// for backward compatybility
	435	if ($storage_cache === null && $messages_cache === null && $this->config->get('enable_caching')) {
	436	$storage_cache = 'db';
	437	$messages_cache = true;
315418	438	}
8d34b9	439
AM	440	if ($storage_cache) {
	441	$storage->set_caching($storage_cache);
	442	}
	443	if ($messages_cache) {
	444	$storage->set_messages_caching(true);
315418	445	}
AM	446	}
0c2596	447
A	448
963a10	449	/**
dc0b50	450	* Set special folders type association.
AM	451	* This must be done AFTER connecting to the server!
	452	*/
	453	protected function set_special_folders()
	454	{
	455	$storage = $this->get_storage();
	456	$folders = $storage->get_special_folders(true);
	457	$prefs = array();
	458
	459	// check SPECIAL-USE flags on IMAP folders
	460	foreach ($folders as $type => $folder) {
	461	$idx = $type . '_mbox';
	462	if ($folder !== $this->config->get($idx)) {
	463	$prefs[$idx] = $folder;
	464	}
	465	}
	466
	467	// Some special folders differ, update user preferences
	468	if (!empty($prefs) && $this->user) {
	469	$this->user->save_prefs($prefs);
	470	}
	471
	472	// create default folders (on login)
	473	if ($this->config->get('create_default_folders')) {
	474	$storage->create_default_folders();
	475	}
	476	}
	477
f95492	478
TB	479	/**
	480	* Callback for IMAP connection events to log session identifiers
	481	*/
	482	public function storage_log_session($args)
	483	{
	484	if (!empty($args['session']) && session_id()) {
	485	$this->write_log('imap_session', $args['session']);
	486	}
	487	}
dc0b50	488
AM	489	/**
963a10	490	* Create session object and start the session.
A	491	*/
	492	public function session_init()
	493	{
	494	// session started (Installer?)
	495	if (session_id()) {
	496	return;
	497	}
	498
	499	$sess_name = $this->config->get('session_name');
	500	$sess_domain = $this->config->get('session_domain');
ae7027	501	$sess_path = $this->config->get('session_path');
963a10	502	$lifetime = $this->config->get('session_lifetime', 0) * 60;
8e4b49	503	$is_secure = $this->config->get('use_https') \|\| rcube_utils::https_check();
963a10	504
A	505	// set session domain
	506	if ($sess_domain) {
	507	ini_set('session.cookie_domain', $sess_domain);
	508	}
ae7027	509	// set session path
AM	510	if ($sess_path) {
	511	ini_set('session.cookie_path', $sess_path);
	512	}
963a10	513	// set session garbage collecting time according to session_lifetime
A	514	if ($lifetime) {
	515	ini_set('session.gc_maxlifetime', $lifetime * 2);
	516	}
	517
8e4b49	518	ini_set('session.cookie_secure', $is_secure);
963a10	519	ini_set('session.name', $sess_name ? $sess_name : 'roundcube_sessid');
A	520	ini_set('session.use_cookies', 1);
	521	ini_set('session.use_only_cookies', 1);
0afe27	522	ini_set('session.cookie_httponly', 1);
963a10	523
A	524	// use database for storing session data
	525	$this->session = new rcube_session($this->get_dbh(), $this->config);
	526
9953d5	527	$path = $_SERVER['SCRIPT_NAME'];
AM	528	if (strpos($path, '://')) {
	529	$path = parse_url($path, PHP_URL_PATH); // #1490582
	530	}
	531
3dbe4f	532	$this->session->register_gc_handler(array($this, 'gc'));
9953d5	533	$this->session->set_secret($this->config->get('des_key') . dirname($path));
c442f8	534	$this->session->set_ip_check($this->config->get('ip_check'));
AM	535
8d2963	536	if ($this->config->get('session_auth_name')) {
TB	537	$this->session->set_cookiename($this->config->get('session_auth_name'));
	538	}
	539
963a10	540	// start PHP session (if not in CLI mode)
A	541	if ($_SERVER['REMOTE_ADDR']) {
42de33	542	$this->session->start();
963a10	543	}
A	544	}
	545
	546
	547	/**
ee73a7	548	* Garbage collector - cache/temp cleaner
AM	549	*/
	550	public function gc()
	551	{
60b6d7	552	rcube_cache::gc();
AM	553	rcube_cache_shared::gc();
	554	$this->get_storage()->cache_gc();
ee73a7	555
AM	556	$this->gc_temp();
	557	}
	558
	559
	560	/**
963a10	561	* Garbage collector function for temp files.
A	562	* Remove temp files older than two days
	563	*/
ee73a7	564	public function gc_temp()
963a10	565	{
A	566	$tmp = unslashify($this->config->get('temp_dir'));
de8687	567
DC	568	// expire in 48 hours by default
	569	$temp_dir_ttl = $this->config->get('temp_dir_ttl', '48h');
	570	$temp_dir_ttl = get_offset_sec($temp_dir_ttl);
	571	if ($temp_dir_ttl < 6*3600)
	572	$temp_dir_ttl = 6*3600; // 6 hours sensible lower bound.
	573
	574	$expire = time() - $temp_dir_ttl;
963a10	575
A	576	if ($tmp && ($dir = opendir($tmp))) {
	577	while (($fname = readdir($dir)) !== false) {
311d87	578	if ($fname[0] == '.') {
963a10	579	continue;
A	580	}
	581
311d87	582	if (@filemtime($tmp.'/'.$fname) < $expire) {
963a10	583	@unlink($tmp.'/'.$fname);
A	584	}
	585	}
	586
	587	closedir($dir);
	588	}
ee73a7	589	}
AM	590
	591
	592	/**
	593	* Runs garbage collector with probability based on
	594	* session settings. This is intended for environments
	595	* without a session.
	596	*/
	597	public function gc_run()
	598	{
	599	$probability = (int) ini_get('session.gc_probability');
	600	$divisor = (int) ini_get('session.gc_divisor');
	601
	602	if ($divisor > 0 && $probability > 0) {
	603	$random = mt_rand(1, $divisor);
	604	if ($random <= $probability) {
	605	$this->gc();
	606	}
	607	}
963a10	608	}
A	609
	610
315418	611	/**
AM	612	* Get localized text in the desired language
	613	*
	614	* @param mixed $attrib Named parameters array or label name
	615	* @param string $domain Label domain (plugin) name
	616	*
	617	* @return string Localized text
0c2596	618	*/
315418	619	public function gettext($attrib, $domain=null)
AM	620	{
	621	// load localization files if not done yet
	622	if (empty($this->texts)) {
	623	$this->load_language();
	624	}
0c2596	625
315418	626	// extract attributes
AM	627	if (is_string($attrib)) {
	628	$attrib = array('name' => $attrib);
	629	}
0c2596	630
315418	631	$name = $attrib['name'] ? $attrib['name'] : '';
AM	632
	633	// attrib contain text values: use them from now
	634	if (($setval = $attrib[strtolower($_SESSION['language'])]) \|\| ($setval = $attrib['en_us'])) {
	635	$this->texts[$name] = $setval;
	636	}
	637
	638	// check for text with domain
	639	if ($domain && ($text = $this->texts[$domain.'.'.$name])) {
	640	}
	641	// text does not exist
	642	else if (!($text = $this->texts[$name])) {
	643	return "[$name]";
	644	}
	645
	646	// replace vars in text
	647	if (is_array($attrib['vars'])) {
	648	foreach ($attrib['vars'] as $var_key => $var_value) {
	649	$text = str_replace($var_key[0]!='$' ? '$'.$var_key : $var_key, $var_value, $text);
	650	}
	651	}
	652
	653	// format output
	654	if (($attrib['uppercase'] && strtolower($attrib['uppercase'] == 'first')) \|\| $attrib['ucfirst']) {
	655	return ucfirst($text);
	656	}
	657	else if ($attrib['uppercase']) {
	658	return mb_strtoupper($text);
	659	}
	660	else if ($attrib['lowercase']) {
	661	return mb_strtolower($text);
	662	}
	663
	664	return strtr($text, array('\n' => "\n"));
0c2596	665	}
A	666
	667
315418	668	/**
AM	669	* Check if the given text label exists
	670	*
	671	* @param string $name Label name
	672	* @param string $domain Label domain (plugin) name or '*' for all domains
	673	* @param string $ref_domain Sets domain name if label is found
	674	*
	675	* @return boolean True if text exists (either in the current language or in en_US)
	676	*/
	677	public function text_exists($name, $domain = null, &$ref_domain = null)
	678	{
	679	// load localization files if not done yet
	680	if (empty($this->texts)) {
	681	$this->load_language();
	682	}
0c2596	683
315418	684	if (isset($this->texts[$name])) {
AM	685	$ref_domain = '';
	686	return true;
	687	}
0c2596	688
315418	689	// any of loaded domains (plugins)
AM	690	if ($domain == '*') {
	691	foreach ($this->plugins->loaded_plugins() as $domain) {
	692	if (isset($this->texts[$domain.'.'.$name])) {
	693	$ref_domain = $domain;
	694	return true;
	695	}
	696	}
	697	}
	698	// specified domain
	699	else if ($domain) {
	700	$ref_domain = $domain;
	701	return isset($this->texts[$domain.'.'.$name]);
	702	}
0c2596	703
315418	704	return false;
AM	705	}
	706
	707
	708	/**
	709	* Load a localization package
	710	*
75a5c3	711	* @param string $lang Language ID
AM	712	* @param array $add Additional text labels/messages
	713	* @param array $merge Additional text labels/messages to merge
315418	714	*/
75a5c3	715	public function load_language($lang = null, $add = array(), $merge = array())
315418	716	{
AM	717	$lang = $this->language_prop(($lang ? $lang : $_SESSION['language']));
	718
	719	// load localized texts
	720	if (empty($this->texts) \|\| $lang != $_SESSION['language']) {
	721	$this->texts = array();
	722
	723	// handle empty lines after closing PHP tag in localization files
	724	ob_start();
	725
	726	// get english labels (these should be complete)
9be2f4	727	@include(RCUBE_LOCALIZATION_DIR . 'en_US/labels.inc');
TB	728	@include(RCUBE_LOCALIZATION_DIR . 'en_US/messages.inc');
315418	729
AM	730	if (is_array($labels))
	731	$this->texts = $labels;
	732	if (is_array($messages))
	733	$this->texts = array_merge($this->texts, $messages);
	734
	735	// include user language files
9be2f4	736	if ($lang != 'en' && $lang != 'en_US' && is_dir(RCUBE_LOCALIZATION_DIR . $lang)) {
TB	737	include_once(RCUBE_LOCALIZATION_DIR . $lang . '/labels.inc');
	738	include_once(RCUBE_LOCALIZATION_DIR . $lang . '/messages.inc');
315418	739
AM	740	if (is_array($labels))
	741	$this->texts = array_merge($this->texts, $labels);
	742	if (is_array($messages))
	743	$this->texts = array_merge($this->texts, $messages);
	744	}
	745
	746	ob_end_clean();
	747
	748	$_SESSION['language'] = $lang;
	749	}
	750
	751	// append additional texts (from plugin)
	752	if (is_array($add) && !empty($add)) {
	753	$this->texts += $add;
	754	}
75a5c3	755
AM	756	// merge additional texts (from plugin)
	757	if (is_array($merge) && !empty($merge)) {
	758	$this->texts = array_merge($this->texts, $merge);
	759	}
315418	760	}
AM	761
	762
	763	/**
	764	* Check the given string and return a valid language code
	765	*
	766	* @param string Language code
	767	*
	768	* @return string Valid language code
	769	*/
	770	protected function language_prop($lang)
	771	{
	772	static $rcube_languages, $rcube_language_aliases;
	773
	774	// user HTTP_ACCEPT_LANGUAGE if no language is specified
	775	if (empty($lang) \|\| $lang == 'auto') {
	776	$accept_langs = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
2c6a23	777	$lang = $accept_langs[0];
AM	778
	779	if (preg_match('/^([a-z]+)[_-]([a-z]+)$/i', $lang, $m)) {
	780	$lang = $m[1] . '_' . strtoupper($m[2]);
	781	}
315418	782	}
AM	783
	784	if (empty($rcube_languages)) {
9be2f4	785	@include(RCUBE_LOCALIZATION_DIR . 'index.inc');
315418	786	}
AM	787
	788	// check if we have an alias for that language
	789	if (!isset($rcube_languages[$lang]) && isset($rcube_language_aliases[$lang])) {
	790	$lang = $rcube_language_aliases[$lang];
	791	}
	792	// try the first two chars
	793	else if (!isset($rcube_languages[$lang])) {
	794	$short = substr($lang, 0, 2);
	795
	796	// check if we have an alias for the short language code
	797	if (!isset($rcube_languages[$short]) && isset($rcube_language_aliases[$short])) {
	798	$lang = $rcube_language_aliases[$short];
	799	}
	800	// expand 'nn' to 'nn_NN'
	801	else if (!isset($rcube_languages[$short])) {
	802	$lang = $short.'_'.strtoupper($short);
	803	}
	804	}
	805
9be2f4	806	if (!isset($rcube_languages[$lang]) \|\| !is_dir(RCUBE_LOCALIZATION_DIR . $lang)) {
315418	807	$lang = 'en_US';
AM	808	}
	809
	810	return $lang;
	811	}
	812
	813
	814	/**
	815	* Read directory program/localization and return a list of available languages
	816	*
	817	* @return array List of available localizations
	818	*/
	819	public function list_languages()
	820	{
	821	static $sa_languages = array();
	822
	823	if (!sizeof($sa_languages)) {
9be2f4	824	@include(RCUBE_LOCALIZATION_DIR . 'index.inc');
315418	825
9be2f4	826	if ($dh = @opendir(RCUBE_LOCALIZATION_DIR)) {
315418	827	while (($name = readdir($dh)) !== false) {
9be2f4	828	if ($name[0] == '.' \|\| !is_dir(RCUBE_LOCALIZATION_DIR . $name)) {
315418	829	continue;
AM	830	}
	831
	832	if ($label = $rcube_languages[$name]) {
	833	$sa_languages[$name] = $label;
	834	}
	835	}
	836	closedir($dh);
	837	}
	838	}
	839
	840	return $sa_languages;
	841	}
	842
	843
	844	/**
	845	* Encrypt using 3DES
	846	*
	847	* @param string $clear clear text input
	848	* @param string $key encryption key to retrieve from the configuration, defaults to 'des_key'
	849	* @param boolean $base64 whether or not to base64_encode() the result before returning
	850	*
	851	* @return string encrypted text
	852	*/
	853	public function encrypt($clear, $key = 'des_key', $base64 = true)
	854	{
	855	if (!$clear) {
	856	return '';
	857	}
	858
	859	/*-
	860	* Add a single canary byte to the end of the clear text, which
	861	* will help find out how much of padding will need to be removed
	862	* upon decryption; see http://php.net/mcrypt_generic#68082
	863	*/
	864	$clear = pack("a*H2", $clear, "80");
e05050	865	$ckey = $this->config->get_crypto_key($key);
315418	866
6c1c60	867	if (function_exists('openssl_encrypt')) {
AM	868	$method = 'DES-EDE3-CBC';
	869	$opts = defined('OPENSSL_RAW_DATA') ? OPENSSL_RAW_DATA : true;
	870	$iv = $this->create_iv(openssl_cipher_iv_length($method));
	871	$cipher = $iv . openssl_encrypt($clear, $method, $ckey, $opts, $iv);
	872	}
	873	else if (function_exists('mcrypt_module_open') &&
315418	874	($td = mcrypt_module_open(MCRYPT_TripleDES, "", MCRYPT_MODE_CBC, ""))
AM	875	) {
	876	$iv = $this->create_iv(mcrypt_enc_get_iv_size($td));
e05050	877	mcrypt_generic_init($td, $ckey, $iv);
315418	878	$cipher = $iv . mcrypt_generic($td, $clear);
AM	879	mcrypt_generic_deinit($td);
	880	mcrypt_module_close($td);
	881	}
	882	else {
	883	@include_once 'des.inc';
	884
	885	if (function_exists('des')) {
	886	$des_iv_size = 8;
	887	$iv = $this->create_iv($des_iv_size);
e05050	888	$cipher = $iv . des($ckey, $clear, 1, 1, $iv);
315418	889	}
AM	890	else {
	891	self::raise_error(array(
	892	'code' => 500, 'type' => 'php',
	893	'file' => __FILE__, 'line' => __LINE__,
6c1c60	894	'message' => "Could not perform encryption; make sure OpenSSL or Mcrypt or lib/des.inc is available"
315418	895	), true, true);
AM	896	}
	897	}
	898
	899	return $base64 ? base64_encode($cipher) : $cipher;
	900	}
	901
	902
	903	/**
	904	* Decrypt 3DES-encrypted string
	905	*
	906	* @param string $cipher encrypted text
	907	* @param string $key encryption key to retrieve from the configuration, defaults to 'des_key'
	908	* @param boolean $base64 whether or not input is base64-encoded
	909	*
	910	* @return string decrypted text
	911	*/
	912	public function decrypt($cipher, $key = 'des_key', $base64 = true)
	913	{
	914	if (!$cipher) {
	915	return '';
	916	}
	917
	918	$cipher = $base64 ? base64_decode($cipher) : $cipher;
e05050	919	$ckey = $this->config->get_crypto_key($key);
315418	920
6c1c60	921	if (function_exists('openssl_decrypt')) {
AM	922	$method = 'DES-EDE3-CBC';
	923	$opts = defined('OPENSSL_RAW_DATA') ? OPENSSL_RAW_DATA : true;
	924	$iv_size = openssl_cipher_iv_length($method);
	925	$iv = substr($cipher, 0, $iv_size);
	926
	927	// session corruption? (#1485970)
	928	if (strlen($iv) < $iv_size) {
	929	return '';
	930	}
	931
	932	$cipher = substr($cipher, $iv_size);
	933	$clear = openssl_decrypt($cipher, $method, $ckey, $opts, $iv);
	934	}
	935	else if (function_exists('mcrypt_module_open') &&
315418	936	($td = mcrypt_module_open(MCRYPT_TripleDES, "", MCRYPT_MODE_CBC, ""))
AM	937	) {
	938	$iv_size = mcrypt_enc_get_iv_size($td);
e05050	939	$iv = substr($cipher, 0, $iv_size);
315418	940
AM	941	// session corruption? (#1485970)
	942	if (strlen($iv) < $iv_size) {
	943	return '';
	944	}
	945
	946	$cipher = substr($cipher, $iv_size);
e05050	947	mcrypt_generic_init($td, $ckey, $iv);
315418	948	$clear = mdecrypt_generic($td, $cipher);
AM	949	mcrypt_generic_deinit($td);
	950	mcrypt_module_close($td);
	951	}
	952	else {
	953	@include_once 'des.inc';
	954
	955	if (function_exists('des')) {
	956	$des_iv_size = 8;
e05050	957	$iv = substr($cipher, 0, $des_iv_size);
315418	958	$cipher = substr($cipher, $des_iv_size);
e05050	959	$clear = des($ckey, $cipher, 0, 1, $iv);
315418	960	}
AM	961	else {
	962	self::raise_error(array(
	963	'code' => 500, 'type' => 'php',
	964	'file' => __FILE__, 'line' => __LINE__,
e05050	965	'message' => "Could not perform decryption; make sure OpenSSL or Mcrypt or lib/des.inc is available"
315418	966	), true, true);
AM	967	}
	968	}
	969
	970	/*-
	971	* Trim PHP's padding and the canary byte; see note in
	972	* rcube::encrypt() and http://php.net/mcrypt_generic#68082
	973	*/
	974	$clear = substr(rtrim($clear, "\0"), 0, -1);
	975
	976	return $clear;
	977	}
	978
	979
	980	/**
	981	* Generates encryption initialization vector (IV)
	982	*
	983	* @param int Vector size
	984	*
	985	* @return string Vector string
	986	*/
	987	private function create_iv($size)
	988	{
	989	// mcrypt_create_iv() can be slow when system lacks entrophy
	990	// we'll generate IV vector manually
	991	$iv = '';
	992	for ($i = 0; $i < $size; $i++) {
	993	$iv .= chr(mt_rand(0, 255));
	994	}
	995
	996	return $iv;
	997	}
	998
	999
	1000	/**
681ba6	1001	* Returns session token for secure URLs
AM	1002	*
	1003	* @param bool $generate Generate token if not exists in session yet
	1004	*
	1005	* @return string\|bool Token string, False when disabled
	1006	*/
	1007	public function get_secure_url_token($generate = false)
	1008	{
	1009	if ($len = $this->config->get('use_secure_urls')) {
	1010	if (empty($_SESSION['secure_token']) && $generate) {
	1011	// generate x characters long token
	1012	$length = $len > 1 ? $len : 16;
5529d9	1013	$token = rcube_utils::random_bytes($length);
681ba6	1014
AM	1015	$plugin = $this->plugins->exec_hook('secure_token',
	1016	array('value' => $token, 'length' => $length));
	1017
	1018	$_SESSION['secure_token'] = $plugin['value'];
	1019	}
	1020
	1021	return $_SESSION['secure_token'];
	1022	}
	1023
	1024	return false;
	1025	}
	1026
	1027
	1028	/**
	1029	* Generate a unique token to be used in a form request
	1030	*
	1031	* @return string The request token
	1032	*/
	1033	public function get_request_token()
	1034	{
3d9798	1035	if (empty($_SESSION['request_token'])) {
AM	1036	$plugin = $this->plugins->exec_hook('request_token', array(
	1037	'value' => rcube_utils::random_bytes(32)));
	1038
	1039	$_SESSION['request_token'] = $plugin['value'];
681ba6	1040	}
AM	1041
3d9798	1042	return $_SESSION['request_token'];
681ba6	1043	}
AM	1044
	1045
	1046	/**
	1047	* Check if the current request contains a valid token.
	1048	* Empty requests aren't checked until use_secure_urls is set.
	1049	*
	1050	* @param int Request method
	1051	*
	1052	* @return boolean True if request token is valid false if not
	1053	*/
	1054	public function check_request($mode = rcube_utils::INPUT_POST)
	1055	{
	1056	// check secure token in URL if enabled
	1057	if ($token = $this->get_secure_url_token()) {
	1058	foreach (explode('/', preg_replace('/[?#&].*$/', '', $_SERVER['REQUEST_URI'])) as $tok) {
	1059	if ($tok == $token) {
	1060	return true;
	1061	}
	1062	}
	1063
	1064	$this->request_status = self::REQUEST_ERROR_URL;
	1065
	1066	return false;
	1067	}
	1068
	1069	$sess_tok = $this->get_request_token();
	1070
	1071	// ajax requests
	1072	if (rcube_utils::request_header('X-Roundcube-Request') == $sess_tok) {
	1073	return true;
	1074	}
	1075
	1076	// skip empty requests
	1077	if (($mode == rcube_utils::INPUT_POST && empty($_POST))
	1078	\|\| ($mode == rcube_utils::INPUT_GET && empty($_GET))
	1079	) {
	1080	return true;
	1081	}
	1082
	1083	// default method of securing requests
	1084	$token = rcube_utils::get_input_value('_token', $mode);
	1085	$sess_id = $_COOKIE[ini_get('session.name')];
	1086
	1087	if (empty($sess_id) \|\| $token != $sess_tok) {
	1088	$this->request_status = self::REQUEST_ERROR_TOKEN;
	1089	return false;
	1090	}
	1091
	1092	return true;
	1093	}
	1094
	1095
	1096	/**
315418	1097	* Build a valid URL to this instance of Roundcube
AM	1098	*
	1099	* @param mixed Either a string with the action or url parameters as key-value pairs
	1100	* @return string Valid application URL
	1101	*/
	1102	public function url($p)
	1103	{
	1104	// STUB: should be overloaded by the application
0c2596	1105	return '';
A	1106	}
	1107
315418	1108
AM	1109	/**
	1110	* Function to be executed in script shutdown
	1111	* Registered with register_shutdown_function()
0c2596	1112	*/
315418	1113	public function shutdown()
AM	1114	{
	1115	foreach ($this->shutdown_functions as $function) {
	1116	call_user_func($function);
0c2596	1117	}
A	1118
3dbe4f	1119	// write session data as soon as possible and before
AM	1120	// closing database connection, don't do this before
	1121	// registered shutdown functions, they may need the session
	1122	// Note: this will run registered gc handlers (ie. cache gc)
	1123	if ($_SERVER['REMOTE_ADDR'] && is_object($this->session)) {
	1124	$this->session->write_close();
315418	1125	}
AM	1126
3dbe4f	1127	if (is_object($this->smtp)) {
AM	1128	$this->smtp->disconnect();
ee73a7	1129	}
AM	1130
315418	1131	foreach ($this->caches as $cache) {
AM	1132	if (is_object($cache)) {
	1133	$cache->close();
	1134	}
	1135	}
	1136
	1137	if (is_object($this->storage)) {
	1138	$this->storage->close();
	1139	}
0c2596	1140	}
A	1141
	1142
315418	1143	/**
AM	1144	* Registers shutdown function to be executed on shutdown.
	1145	* The functions will be executed before destroying any
	1146	* objects like smtp, imap, session, etc.
	1147	*
	1148	* @param callback Function callback
	1149	*/
	1150	public function add_shutdown_function($function)
	1151	{
	1152	$this->shutdown_functions[] = $function;
	1153	}
	1154
	1155
	1156	/**
10da75	1157	* Quote a given string.
TB	1158	* Shortcut function for rcube_utils::rep_specialchars_output()
	1159	*
	1160	* @return string HTML-quoted string
	1161	*/
	1162	public static function Q($str, $mode = 'strict', $newlines = true)
	1163	{
	1164	return rcube_utils::rep_specialchars_output($str, 'html', $mode, $newlines);
	1165	}
	1166
	1167
	1168	/**
	1169	* Quote a given string for javascript output.
	1170	* Shortcut function for rcube_utils::rep_specialchars_output()
	1171	*
	1172	* @return string JS-quoted string
	1173	*/
	1174	public static function JQ($str)
	1175	{
	1176	return rcube_utils::rep_specialchars_output($str, 'js');
	1177	}
	1178
	1179
	1180	/**
315418	1181	* Construct shell command, execute it and return output as string.
AM	1182	* Keywords {keyword} are replaced with arguments
	1183	*
	1184	* @param $cmd Format string with {keywords} to be replaced
	1185	* @param $values (zero, one or more arrays can be passed)
	1186	*
	1187	* @return output of command. shell errors not detectable
	1188	*/
	1189	public static function exec(/* $cmd, $values1 = array(), ... */)
	1190	{
	1191	$args = func_get_args();
	1192	$cmd = array_shift($args);
	1193	$values = $replacements = array();
	1194
	1195	// merge values into one array
	1196	foreach ($args as $arg) {
	1197	$values += (array)$arg;
	1198	}
	1199
	1200	preg_match_all('/({(-?)([a-z]\w*)})/', $cmd, $matches, PREG_SET_ORDER);
	1201	foreach ($matches as $tags) {
	1202	list(, $tag, $option, $key) = $tags;
	1203	$parts = array();
	1204
	1205	if ($option) {
	1206	foreach ((array)$values["-$key"] as $key => $value) {
	1207	if ($value === true \|\| $value === false \|\| $value === null) {
	1208	$parts[] = $value ? $key : "";
	1209	}
	1210	else {
	1211	foreach ((array)$value as $val) {
	1212	$parts[] = "$key " . escapeshellarg($val);
	1213	}
	1214	}
	1215	}
	1216	}
	1217	else {
	1218	foreach ((array)$values[$key] as $value) {
	1219	$parts[] = escapeshellarg($value);
	1220	}
	1221	}
	1222
	1223	$replacements[$tag] = join(" ", $parts);
	1224	}
	1225
	1226	// use strtr behaviour of going through source string once
	1227	$cmd = strtr($cmd, $replacements);
	1228
	1229	return (string)shell_exec($cmd);
	1230	}
0c2596	1231
A	1232
	1233	/**
	1234	* Print or write debug messages
	1235	*
	1236	* @param mixed Debug message or data
	1237	*/
	1238	public static function console()
	1239	{
	1240	$args = func_get_args();
	1241
be98df	1242	if (class_exists('rcube', false)) {
0c2596	1243	$rcube = self::get_instance();
be98df	1244	$plugin = $rcube->plugins->exec_hook('console', array('args' => $args));
A	1245	if ($plugin['abort']) {
	1246	return;
0c2596	1247	}
be98df	1248	$args = $plugin['args'];
0c2596	1249	}
A	1250
	1251	$msg = array();
	1252	foreach ($args as $arg) {
	1253	$msg[] = !is_string($arg) ? var_export($arg, true) : $arg;
	1254	}
	1255
	1256	self::write_log('console', join(";\n", $msg));
	1257	}
	1258
	1259
	1260	/**
	1261	* Append a line to a logfile in the logs directory.
	1262	* Date will be added automatically to the line.
	1263	*
	1264	* @param $name name of log file
	1265	* @param line Line to append
	1266	*/
	1267	public static function write_log($name, $line)
	1268	{
	1269	if (!is_string($line)) {
	1270	$line = var_export($line, true);
	1271	}
	1272
f95492	1273	$date_format = $log_driver = $session_key = null;
TB	1274	if (self::$instance) {
	1275	$date_format = self::$instance->config->get('log_date_format');
	1276	$log_driver = self::$instance->config->get('log_driver');
	1277	$session_key = intval(self::$instance->config->get('log_session_id', 8));
	1278	}
0c2596	1279
A	1280	if (empty($date_format)) {
	1281	$date_format = 'd-M-Y H:i:s O';
	1282	}
	1283
	1284	$date = date($date_format);
	1285
	1286	// trigger logging hook
	1287	if (is_object(self::$instance) && is_object(self::$instance->plugins)) {
	1288	$log = self::$instance->plugins->exec_hook('write_log', array('name' => $name, 'date' => $date, 'line' => $line));
	1289	$name = $log['name'];
	1290	$line = $log['line'];
	1291	$date = $log['date'];
	1292	if ($log['abort'])
	1293	return true;
	1294	}
	1295
596d43	1296	// add session ID to the log
f95492	1297	if ($session_key > 0 && ($sess = session_id())) {
TB	1298	$line = '<' . substr($sess, 0, $session_key) . '> ' . $line;
596d43	1299	}
AM	1300
0c2596	1301	if ($log_driver == 'syslog') {
A	1302	$prio = $name == 'errors' ? LOG_ERR : LOG_INFO;
	1303	syslog($prio, $line);
	1304	return true;
	1305	}
	1306
	1307	// log_driver == 'file' is assumed here
	1308
	1309	$line = sprintf("[%s]: %s\n", $date, $line);
3786a4	1310	$log_dir = null;
TB	1311
	1312	// per-user logging is activated
	1313	if (self::$instance && self::$instance->config->get('per_user_logging', false) && self::$instance->get_user_id()) {
	1314	$log_dir = self::$instance->get_user_log_dir();
	1315	if (empty($log_dir))
	1316	return false;
	1317	}
	1318	else if (!empty($log['dir'])) {
	1319	$log_dir = $log['dir'];
	1320	}
	1321	else if (self::$instance) {
	1322	$log_dir = self::$instance->config->get('log_dir');
	1323	}
0c2596	1324
A	1325	if (empty($log_dir)) {
9be2f4	1326	$log_dir = RCUBE_INSTALL_PATH . 'logs';
0c2596	1327	}
A	1328
	1329	// try to open specific log file for writing
	1330	$logfile = $log_dir.'/'.$name;
	1331
	1332	if ($fp = @fopen($logfile, 'a')) {
	1333	fwrite($fp, $line);
	1334	fflush($fp);
	1335	fclose($fp);
	1336	return true;
	1337	}
	1338
	1339	trigger_error("Error writing to log file $logfile; Please check permissions", E_USER_WARNING);
	1340	return false;
	1341	}
	1342
	1343
	1344	/**
	1345	* Throw system error (and show error page).
	1346	*
	1347	* @param array Named parameters
	1348	* - code: Error code (required)
	1349	* - type: Error type [php\|db\|imap\|javascript] (required)
	1350	* - message: Error message
b3e259	1351	* - file: File where error occurred
AM	1352	* - line: Line where error occurred
0c2596	1353	* @param boolean True to log the error
A	1354	* @param boolean Terminate script execution
	1355	*/
	1356	public static function raise_error($arg = array(), $log = false, $terminate = false)
	1357	{
76e499	1358	// handle PHP exceptions
TB	1359	if (is_object($arg) && is_a($arg, 'Exception')) {
a39fd4	1360	$arg = array(
76e499	1361	'code' => $arg->getCode(),
TB	1362	'line' => $arg->getLine(),
	1363	'file' => $arg->getFile(),
	1364	'message' => $arg->getMessage(),
	1365	);
a39fd4	1366	}
f23ef1	1367	else if (is_string($arg)) {
0301d9	1368	$arg = array('message' => $arg);
f23ef1	1369	}
a39fd4	1370
AM	1371	if (empty($arg['code'])) {
	1372	$arg['code'] = 500;
76e499	1373	}
TB	1374
0c2596	1375	// installer
eea11e	1376	if (class_exists('rcmail_install', false)) {
TB	1377	$rci = rcmail_install::get_instance();
0c2596	1378	$rci->raise_error($arg);
A	1379	return;
	1380	}
	1381
f23ef1	1382	$cli = php_sapi_name() == 'cli';
AM	1383
0301d9	1384	if (($log \|\| $terminate) && !$cli && $arg['message']) {
819315	1385	$arg['fatal'] = $terminate;
0c2596	1386	self::log_bug($arg);
A	1387	}
	1388
f23ef1	1389	// terminate script
AM	1390	if ($terminate) {
	1391	// display error page
	1392	if (is_object(self::$instance->output)) {
	1393	self::$instance->output->raise_error($arg['code'], $arg['message']);
	1394	}
	1395	else if ($cli) {
	1396	fwrite(STDERR, 'ERROR: ' . $arg['message']);
	1397	}
	1398
	1399	exit(1);
0c2596	1400	}
8cc65d	1401	else if ($cli) {
AM	1402	fwrite(STDERR, 'ERROR: ' . $arg['message']);
	1403	}
0c2596	1404	}
A	1405
	1406
	1407	/**
	1408	* Report error according to configured debug_level
	1409	*
	1410	* @param array Named parameters
	1411	* @see self::raise_error()
	1412	*/
	1413	public static function log_bug($arg_arr)
	1414	{
0301d9	1415	$program = strtoupper(!empty($arg_arr['type']) ? $arg_arr['type'] : 'php');
0c2596	1416	$level = self::get_instance()->config->get('debug_level');
A	1417
	1418	// disable errors for ajax requests, write to log instead (#1487831)
	1419	if (($level & 4) && !empty($_REQUEST['_remote'])) {
	1420	$level = ($level ^ 4) \| 1;
	1421	}
	1422
	1423	// write error to local log file
819315	1424	if (($level & 1) \|\| !empty($arg_arr['fatal'])) {
0c2596	1425	if ($_SERVER['REQUEST_METHOD'] == 'POST') {
A	1426	$post_query = '?_task='.urlencode($_POST['_task']).'&_action='.urlencode($_POST['_action']);
	1427	}
	1428	else {
	1429	$post_query = '';
	1430	}
	1431
	1432	$log_entry = sprintf("%s Error: %s%s (%s %s)",
	1433	$program,
	1434	$arg_arr['message'],
	1435	$arg_arr['file'] ? sprintf(' in %s on line %d', $arg_arr['file'], $arg_arr['line']) : '',
	1436	$_SERVER['REQUEST_METHOD'],
	1437	$_SERVER['REQUEST_URI'] . $post_query);
	1438
	1439	if (!self::write_log('errors', $log_entry)) {
	1440	// send error to PHPs error handler if write_log didn't succeed
f23ef1	1441	trigger_error($arg_arr['message'], E_USER_WARNING);
0c2596	1442	}
A	1443	}
	1444
	1445	// report the bug to the global bug reporting system
	1446	if ($level & 2) {
	1447	// TODO: Send error via HTTP
	1448	}
	1449
	1450	// show error if debug_mode is on
	1451	if ($level & 4) {
	1452	print "<b>$program Error";
	1453
	1454	if (!empty($arg_arr['file']) && !empty($arg_arr['line'])) {
	1455	print " in $arg_arr[file] ($arg_arr[line])";
	1456	}
	1457
	1458	print ':</b> ';
	1459	print nl2br($arg_arr['message']);
	1460	print '<br />';
	1461	flush();
	1462	}
	1463	}
	1464
	1465
	1466	/**
	1467	* Returns current time (with microseconds).
	1468	*
	1469	* @return float Current time in seconds since the Unix
	1470	*/
	1471	public static function timer()
	1472	{
	1473	return microtime(true);
	1474	}
	1475
	1476
	1477	/**
	1478	* Logs time difference according to provided timer
	1479	*
	1480	* @param float $timer Timer (self::timer() result)
	1481	* @param string $label Log line prefix
	1482	* @param string $dest Log file name
	1483	*
	1484	* @see self::timer()
	1485	*/
	1486	public static function print_timer($timer, $label = 'Timer', $dest = 'console')
	1487	{
	1488	static $print_count = 0;
	1489
	1490	$print_count++;
	1491	$now = self::timer();
	1492	$diff = $now - $timer;
	1493
	1494	if (empty($label)) {
	1495	$label = 'Timer '.$print_count;
	1496	}
	1497
	1498	self::write_log($dest, sprintf("%s: %0.4f sec", $label, $diff));
	1499	}
	1500
ce2019	1501	/**
TB	1502	* Setter for system user object
	1503	*
	1504	* @param rcube_user Current user instance
	1505	*/
	1506	public function set_user($user)
	1507	{
	1508	if (is_object($user)) {
	1509	$this->user = $user;
	1510
	1511	// overwrite config with user preferences
	1512	$this->config->set_user_prefs((array)$this->user->get_prefs());
	1513	}
	1514	}
0c2596	1515
A	1516	/**
	1517	* Getter for logged user ID.
	1518	*
	1519	* @return mixed User identifier
	1520	*/
	1521	public function get_user_id()
	1522	{
	1523	if (is_object($this->user)) {
	1524	return $this->user->ID;
	1525	}
a2f896	1526	else if (isset($_SESSION['user_id'])) {
A	1527	return $_SESSION['user_id'];
	1528	}
0c2596	1529
A	1530	return null;
	1531	}
	1532
	1533
	1534	/**
	1535	* Getter for logged user name.
	1536	*
	1537	* @return string User name
	1538	*/
	1539	public function get_user_name()
	1540	{
	1541	if (is_object($this->user)) {
	1542	return $this->user->get_username();
	1543	}
789e59	1544	else if (isset($_SESSION['username'])) {
AM	1545	return $_SESSION['username'];
	1546	}
	1547	}
0c2596	1548
789e59	1549
AM	1550	/**
	1551	* Getter for logged user email (derived from user name not identity).
	1552	*
	1553	* @return string User email address
	1554	*/
	1555	public function get_user_email()
	1556	{
	1557	if (is_object($this->user)) {
	1558	return $this->user->get_username('mail');
	1559	}
0c2596	1560	}
5b06e2	1561
AM	1562
	1563	/**
	1564	* Getter for logged user password.
	1565	*
	1566	* @return string User password
	1567	*/
	1568	public function get_user_password()
	1569	{
	1570	if ($this->password) {
	1571	return $this->password;
	1572	}
	1573	else if ($_SESSION['password']) {
	1574	return $this->decrypt($_SESSION['password']);
	1575	}
	1576	}
a5b8ef	1577
3786a4	1578	/**
TB	1579	* Get the per-user log directory
	1580	*/
	1581	protected function get_user_log_dir()
	1582	{
	1583	$log_dir = $this->config->get('log_dir', RCUBE_INSTALL_PATH . 'logs');
	1584	$user_name = $this->get_user_name();
	1585	$user_log_dir = $log_dir . '/' . $user_name;
	1586
	1587	return !empty($user_name) && is_writable($user_log_dir) ? $user_log_dir : false;
	1588	}
a5b8ef	1589
AM	1590	/**
	1591	* Getter for logged user language code.
	1592	*
	1593	* @return string User language code
	1594	*/
	1595	public function get_user_language()
	1596	{
	1597	if (is_object($this->user)) {
	1598	return $this->user->language;
	1599	}
	1600	else if (isset($_SESSION['language'])) {
	1601	return $_SESSION['language'];
	1602	}
	1603	}
0b9a7b	1604
TB	1605	/**
	1606	* Unique Message-ID generator.
	1607	*
	1608	* @return string Message-ID
	1609	*/
	1610	public function gen_message_id()
	1611	{
	1612	$local_part = md5(uniqid('rcube'.mt_rand(), true));
	1613	$domain_part = $this->user->get_username('domain');
	1614
	1615	// Try to find FQDN, some spamfilters doesn't like 'localhost' (#1486924)
	1616	if (!preg_match('/\.[a-z]+$/i', $domain_part)) {
	1617	foreach (array($_SERVER['HTTP_HOST'], $_SERVER['SERVER_NAME']) as $host) {
	1618	$host = preg_replace('/:[0-9]+$/', '', $host);
	1619	if ($host && preg_match('/\.[a-z]+$/i', $host)) {
	1620	$domain_part = $host;
	1621	}
	1622	}
	1623	}
	1624
	1625	return sprintf('<%s@%s>', $local_part, $domain_part);
	1626	}
	1627
	1628	/**
	1629	* Send the given message using the configured method.
	1630	*
	1631	* @param object $message Reference to Mail_MIME object
	1632	* @param string $from Sender address string
	1633	* @param array $mailto Array of recipient address strings
	1634	* @param array $error SMTP error array (reference)
	1635	* @param string $body_file Location of file with saved message body (reference),
	1636	* used when delay_file_io is enabled
	1637	* @param array $options SMTP options (e.g. DSN request)
	1638	*
	1639	* @return boolean Send status.
	1640	*/
	1641	public function deliver_message(&$message, $from, $mailto, &$error, &$body_file = null, $options = null)
	1642	{
	1643	$plugin = $this->plugins->exec_hook('message_before_send', array(
	1644	'message' => $message,
	1645	'from' => $from,
	1646	'mailto' => $mailto,
	1647	'options' => $options,
	1648	));
	1649
6efadf	1650	if ($plugin['abort']) {
efdbf4	1651	if (!empty($plugin['error'])) {
AM	1652	$error = $plugin['error'];
	1653	}
	1654	if (!empty($plugin['body_file'])) {
	1655	$body_file = $plugin['body_file'];
	1656	}
	1657
6efadf	1658	return isset($plugin['result']) ? $plugin['result'] : false;
AM	1659	}
	1660
0b9a7b	1661	$from = $plugin['from'];
TB	1662	$mailto = $plugin['mailto'];
	1663	$options = $plugin['options'];
	1664	$message = $plugin['message'];
	1665	$headers = $message->headers();
	1666
	1667	// send thru SMTP server using custom SMTP library
	1668	if ($this->config->get('smtp_server')) {
	1669	// generate list of recipients
409b64	1670	$a_recipients = (array) $mailto;
0b9a7b	1671
TB	1672	if (strlen($headers['Cc']))
	1673	$a_recipients[] = $headers['Cc'];
	1674	if (strlen($headers['Bcc']))
	1675	$a_recipients[] = $headers['Bcc'];
	1676
dddc98	1677	// remove Bcc header and get the whole head of the message as string
6564cf	1678	$smtp_headers = $this->message_head($message, array('Bcc'));
0b9a7b	1679
TB	1680	if ($message->getParam('delay_file_io')) {
	1681	// use common temp dir
2799f0	1682	$temp_dir = $this->config->get('temp_dir');
AM	1683	$body_file = tempnam($temp_dir, 'rcmMsg');
	1684	$mime_result = $message->saveMessageBody($body_file);
	1685
	1686	if (is_a($mime_result, 'PEAR_Error')) {
0b9a7b	1687	self::raise_error(array('code' => 650, 'type' => 'php',
TB	1688	'file' => __FILE__, 'line' => __LINE__,
	1689	'message' => "Could not create message: ".$mime_result->getMessage()),
2799f0	1690	true, false);
0b9a7b	1691	return false;
TB	1692	}
2799f0	1693
0b9a7b	1694	$msg_body = fopen($body_file, 'r');
TB	1695	}
	1696	else {
	1697	$msg_body = $message->get();
	1698	}
	1699
	1700	// send message
	1701	if (!is_object($this->smtp)) {
	1702	$this->smtp_init(true);
	1703	}
	1704
	1705	$sent = $this->smtp->send_mail($from, $a_recipients, $smtp_headers, $msg_body, $options);
	1706	$response = $this->smtp->get_response();
	1707	$error = $this->smtp->get_error();
	1708
	1709	// log error
	1710	if (!$sent) {
	1711	self::raise_error(array('code' => 800, 'type' => 'smtp',
	1712	'line' => __LINE__, 'file' => __FILE__,
a3fa84	1713	'message' => join("\n", $response)), true, false);
0b9a7b	1714	}
TB	1715	}
	1716	// send mail using PHP's mail() function
	1717	else {
6564cf	1718	// unset To,Subject headers because they will be added by the mail() function
AM	1719	$header_str = $this->message_head($message, array('To', 'Subject'));
0b9a7b	1720
TB	1721	// #1485779
	1722	if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
6564cf	1723	if (preg_match_all('/<([^@]+@[^>]+)>/', $headers['To'], $m)) {
AM	1724	$headers['To'] = implode(', ', $m[1]);
0b9a7b	1725	}
TB	1726	}
	1727
	1728	$msg_body = $message->get();
	1729
2799f0	1730	if (is_a($msg_body, 'PEAR_Error')) {
0b9a7b	1731	self::raise_error(array('code' => 650, 'type' => 'php',
TB	1732	'file' => __FILE__, 'line' => __LINE__,
	1733	'message' => "Could not create message: ".$msg_body->getMessage()),
2799f0	1734	true, false);
0b9a7b	1735	}
TB	1736	else {
	1737	$delim = $this->config->header_delimiter();
6564cf	1738	$to = $headers['To'];
AM	1739	$subject = $headers['Subject'];
0b9a7b	1740	$header_str = rtrim($header_str);
TB	1741
	1742	if ($delim != "\r\n") {
	1743	$header_str = str_replace("\r\n", $delim, $header_str);
	1744	$msg_body = str_replace("\r\n", $delim, $msg_body);
	1745	$to = str_replace("\r\n", $delim, $to);
	1746	$subject = str_replace("\r\n", $delim, $subject);
	1747	}
	1748
39b905	1749	if (filter_var(ini_get('safe_mode'), FILTER_VALIDATE_BOOLEAN))
0b9a7b	1750	$sent = mail($to, $subject, $msg_body, $header_str);
TB	1751	else
	1752	$sent = mail($to, $subject, $msg_body, $header_str, "-f$from");
	1753	}
	1754	}
	1755
	1756	if ($sent) {
	1757	$this->plugins->exec_hook('message_sent', array('headers' => $headers, 'body' => $msg_body));
	1758
	1759	// remove MDN headers after sending
	1760	unset($headers['Return-Receipt-To'], $headers['Disposition-Notification-To']);
	1761
	1762	if ($this->config->get('smtp_log')) {
409b64	1763	// get all recipient addresses
AM	1764	if (is_array($mailto)) {
	1765	$mailto = implode(',', $mailto);
	1766	}
	1767	if ($headers['Cc']) {
	1768	$mailto .= ',' . $headers['Cc'];
	1769	}
	1770	if ($headers['Bcc']) {
	1771	$mailto .= ',' . $headers['Bcc'];
	1772	}
	1773
	1774	$mailto = rcube_mime::decode_address_list($mailto, null, false, null, true);
	1775
0b9a7b	1776	self::write_log('sendmail', sprintf("User %s [%s]; Message for %s; %s",
TB	1777	$this->user->get_username(),
409b64	1778	rcube_utils::remote_addr(),
AM	1779	implode(', ', $mailto),
0b9a7b	1780	!empty($response) ? join('; ', $response) : ''));
TB	1781	}
	1782	}
aef6ed	1783	else {
TB	1784	// allow plugins to catch sending errors with the same parameters as in 'message_before_send'
	1785	$this->plugins->exec_hook('message_send_error', $plugin + array('error' => $error));
	1786	}
0b9a7b	1787
TB	1788	if (is_resource($msg_body)) {
	1789	fclose($msg_body);
	1790	}
	1791
dddc98	1792	$message->headers($headers, true);
0b9a7b	1793
TB	1794	return $sent;
	1795	}
	1796
6564cf	1797	/**
AM	1798	* Return message headers as a string
	1799	*/
	1800	protected function message_head($message, $unset = array())
	1801	{
	1802	// Mail_mime >= 1.9.0
	1803	if (method_exists($message, 'isMultipart')) {
	1804	foreach ($unset as $header) {
	1805	$headers[$header] = null;
	1806	}
	1807	}
	1808	else {
	1809	$headers = $message->headers();
	1810	foreach ($unset as $header) {
	1811	unset($headers[$header]);
	1812	}
	1813	$message->_headers = array();
	1814	}
	1815
	1816	return $message->txtHeaders($headers, true);
	1817	}
0c2596	1818	}
A	1819
	1820
	1821	/**
	1822	* Lightweight plugin API class serving as a dummy if plugins are not enabled
	1823	*
a07224	1824	* @package Framework
TB	1825	* @subpackage Core
0c2596	1826	*/
A	1827	class rcube_dummy_plugin_api
	1828	{
	1829	/**
	1830	* Triggers a plugin hook.
	1831	* @see rcube_plugin_api::exec_hook()
	1832	*/
	1833	public function exec_hook($hook, $args = array())
	1834	{
	1835	return $args;
	1836	}
	1837	}