| commit | author | age | ||
| 4e17e6 | 1 | <?php |
| T | 2 | /* |
| 3 | +-----------------------------------------------------------------------+ | |
| 4 | | RoundCube Webmail IMAP Client | | |
| 13c1af | 5 | | Version 0.1-20060220 | |
| 4e17e6 | 6 | | | |
| T | 7 | | Copyright (C) 2005, RoundCube Dev. - Switzerland | |
| 15fee7 | 8 | | Licensed under the GNU GPL | |
| 4e17e6 | 9 | | | |
| T | 10 | | Redistribution and use in source and binary forms, with or without | |
| 11 | | modification, are permitted provided that the following conditions | | |
| 12 | | are met: | | |
| 13 | | | | |
| 14 | | o Redistributions of source code must retain the above copyright | | |
| 15 | | notice, this list of conditions and the following disclaimer. | | |
| 16 | | o Redistributions in binary form must reproduce the above copyright | | |
| 17 | | notice, this list of conditions and the following disclaimer in the | | |
| 18 | | documentation and/or other materials provided with the distribution.| | |
| 19 | | o The names of the authors may not be used to endorse or promote | | |
| 20 | | products derived from this software without specific prior written | | |
| 21 | | permission. | | |
| 22 | | | | |
| 23 | | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | | |
| 24 | | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | | |
| 25 | | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR | | |
| 26 | | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT | | |
| 27 | | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | | |
| 28 | | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT | | |
| 29 | | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | | |
| 30 | | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | | |
| 31 | | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | | |
| 32 | | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | | |
| 33 | | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | | |
| 34 | | | | |
| 35 | +-----------------------------------------------------------------------+ | |
| 36 | | Author: Thomas Bruederli <roundcube@gmail.com> | | |
| 37 | +-----------------------------------------------------------------------+ | |
| 38 | ||
| 39 | $Id$ | |
| 40 | ||
| 41 | */ | |
| 15a9d1 | 42 | |
| 13c1af | 43 | define('RCMAIL_VERSION', '0.1-20060220'); |
| 15a9d1 | 44 | |
| 4e17e6 | 45 | |
| T | 46 | // define global vars |
| 7cc38e | 47 | $INSTALL_PATH = dirname($_SERVER['SCRIPT_FILENAME']); |
| 4e17e6 | 48 | $OUTPUT_TYPE = 'html'; |
| T | 49 | $JS_OBJECT_NAME = 'rcmail'; |
| d2006d | 50 | $CHARSET = 'UTF-8'; |
| 4e17e6 | 51 | |
| 7cc38e | 52 | if (empty($INSTALL_PATH)) |
| T | 53 | $INSTALL_PATH = './'; |
| 54 | else | |
| 55 | $INSTALL_PATH .= '/'; | |
| 5abfcc | 56 | |
| d7cb77 | 57 | // RC include folders MUST be included FIRST to avoid other |
| S | 58 | // possible not compatible libraries (i.e PEAR) to be included |
| 59 | // instead the ones provided by RC | |
| 7cc38e | 60 | ini_set('include_path', $INSTALL_PATH.PATH_SEPARATOR.$INSTALL_PATH.'program'.PATH_SEPARATOR.$INSTALL_PATH.'program/lib'.PATH_SEPARATOR.ini_get('include_path')); |
| d7cb77 | 61 | |
| 4e17e6 | 62 | ini_set('session.name', 'sessid'); |
| T | 63 | ini_set('session.use_cookies', 1); |
| 977a29 | 64 | ini_set('session.gc_maxlifetime', 21600); |
| T | 65 | ini_set('session.gc_divisor', 500); |
| 66 | ini_set('error_reporting', E_ALL&~E_NOTICE); | |
| 4e17e6 | 67 | |
| T | 68 | // increase maximum execution time for php scripts |
| 00fd33 | 69 | // (does not work in safe mode) |
| 1cded8 | 70 | @set_time_limit(120); |
| 4e17e6 | 71 | |
| T | 72 | // include base files |
| 73 | require_once('include/rcube_shared.inc'); | |
| 74 | require_once('include/rcube_imap.inc'); | |
| 75 | require_once('include/bugs.inc'); | |
| 76 | require_once('include/main.inc'); | |
| 77 | require_once('include/cache.inc'); | |
| 7902df | 78 | require_once('PEAR.php'); |
| T | 79 | |
| 80 | ||
| 81 | // set PEAR error handling | |
| 82 | // PEAR::setErrorHandling(PEAR_ERROR_TRIGGER, E_USER_NOTICE); | |
| 4e17e6 | 83 | |
| T | 84 | |
| 85 | // catch some url/post parameters | |
| 597170 | 86 | $_auth = !empty($_POST['_auth']) ? $_POST['_auth'] : $_GET['_auth']; |
| T | 87 | $_task = !empty($_POST['_task']) ? $_POST['_task'] : (!empty($_GET['_task']) ? $_GET['_task'] : 'mail'); |
| 88 | $_action = !empty($_POST['_action']) ? $_POST['_action'] : (!empty($_GET['_action']) ? $_GET['_action'] : ''); | |
| 89 | $_framed = (!empty($_GET['_framed']) || !empty($_POST['_framed'])); | |
| 42b113 | 90 | |
| T | 91 | if (!empty($_GET['_remote'])) |
| 92 | $REMOTE_REQUEST = TRUE; | |
| 93 | ||
| 4e17e6 | 94 | // start session with requested task |
| T | 95 | rcmail_startup($_task); |
| 96 | ||
| 97 | // set session related variables | |
| 98 | $COMM_PATH = sprintf('./?_auth=%s&_task=%s', $sess_auth, $_task); | |
| 99 | $SESS_HIDDEN_FIELD = sprintf('<input type="hidden" name="_auth" value="%s" />', $sess_auth); | |
| 100 | ||
| 101 | ||
| 102 | // add framed parameter | |
| 597170 | 103 | if ($_framed) |
| 4e17e6 | 104 | { |
| T | 105 | $COMM_PATH .= '&_framed=1'; |
| ccfda8 | 106 | $SESS_HIDDEN_FIELD .= "\n".'<input type="hidden" name="_framed" value="1" />'; |
| 4e17e6 | 107 | } |
| T | 108 | |
| 109 | ||
| 110 | // init necessary objects for GUI | |
| 111 | load_gui(); | |
| 112 | ||
| 113 | // error steps | |
| 597170 | 114 | if ($_action=='error' && !empty($_GET['_code'])) |
| 4e17e6 | 115 | { |
| T | 116 | raise_error(array('code' => hexdec($_GET['_code'])), FALSE, TRUE); |
| 117 | } | |
| 118 | ||
| 119 | ||
| 120 | // try to log in | |
| 121 | if ($_action=='login' && $_task=='mail') | |
| 122 | { | |
| 123 | $host = $_POST['_host'] ? $_POST['_host'] : $CONFIG['default_host']; | |
| 124 | ||
| 125 | // check if client supports cookies | |
| 597170 | 126 | if (empty($_COOKIE)) |
| 4e17e6 | 127 | { |
| T | 128 | show_message("cookiesdisabled", 'warning'); |
| 129 | } | |
| ea7c46 | 130 | else if (isset($_POST['_user']) && isset($_POST['_pass']) && |
| T | 131 | rcmail_login(get_input_value('_user', RCUBE_INPUT_POST), |
| 132 | get_input_value('_pass', RCUBE_INPUT_POST), | |
| 133 | $host)) | |
| 4e17e6 | 134 | { |
| T | 135 | // send redirect |
| 136 | header("Location: $COMM_PATH"); | |
| 137 | exit; | |
| 138 | } | |
| 139 | else | |
| 140 | { | |
| 141 | show_message("loginfailed", 'warning'); | |
| 142 | $_SESSION['user_id'] = ''; | |
| 143 | } | |
| 144 | } | |
| 145 | ||
| 146 | // end session | |
| 00fd33 | 147 | else if ($_action=='logout' && isset($_SESSION['user_id'])) |
| 4e17e6 | 148 | { |
| T | 149 | show_message('loggedout'); |
| 150 | rcmail_kill_session(); | |
| 151 | } | |
| 152 | ||
| 153 | // check session cookie and auth string | |
| 7cc38e | 154 | else if ($_action!='login' && $sess_auth && $_SESSION['user_id']) |
| 4e17e6 | 155 | { |
| 7902df | 156 | if ($_auth !== $sess_auth || $_auth != rcmail_auth_hash($_SESSION['client_id'], $_SESSION['auth_time']) || |
| ccfda8 | 157 | ($CONFIG['session_lifetime'] && isset($SESS_CHANGED) && $SESS_CHANGED + $CONFIG['session_lifetime']*60 < mktime())) |
| 4e17e6 | 158 | { |
| 42b113 | 159 | $message = show_message('sessionerror', 'error'); |
| 4e17e6 | 160 | rcmail_kill_session(); |
| T | 161 | } |
| 162 | } | |
| 163 | ||
| 164 | ||
| 165 | // log in to imap server | |
| 597170 | 166 | if (!empty($_SESSION['user_id']) && $_task=='mail') |
| 4e17e6 | 167 | { |
| 7902df | 168 | $conn = $IMAP->connect($_SESSION['imap_host'], $_SESSION['username'], decrypt_passwd($_SESSION['password']), $_SESSION['imap_port'], $_SESSION['imap_ssl']); |
| 4e17e6 | 169 | if (!$conn) |
| T | 170 | { |
| 171 | show_message('imaperror', 'error'); | |
| 172 | $_SESSION['user_id'] = ''; | |
| 173 | } | |
| 7902df | 174 | else |
| T | 175 | rcmail_set_imap_prop(); |
| 4e17e6 | 176 | } |
| T | 177 | |
| 178 | ||
| 179 | // not logged in -> set task to 'login | |
| 597170 | 180 | if (empty($_SESSION['user_id'])) |
| 42b113 | 181 | { |
| T | 182 | if ($REMOTE_REQUEST) |
| 183 | { | |
| 184 | $message .= "setTimeout(\"location.href='\"+this.env.comm_path+\"'\", 2000);"; | |
| 185 | rcube_remote_response($message); | |
| 186 | } | |
| 187 | ||
| 4e17e6 | 188 | $_task = 'login'; |
| 42b113 | 189 | } |
| 4e17e6 | 190 | |
| T | 191 | |
| 192 | ||
| 597170 | 193 | // set task and action to client |
| 4e17e6 | 194 | $script = sprintf("%s.set_env('task', '%s');", $JS_OBJECT_NAME, $_task); |
| T | 195 | if (!empty($_action)) |
| 196 | $script .= sprintf("\n%s.set_env('action', '%s');", $JS_OBJECT_NAME, $_action); | |
| 197 | ||
| 198 | $OUTPUT->add_script($script); | |
| 199 | ||
| 200 | ||
| 201 | ||
| 202 | // not logged in -> show login page | |
| 203 | if (!$_SESSION['user_id']) | |
| 204 | { | |
| 205 | parse_template('login'); | |
| 206 | exit; | |
| 207 | } | |
| 208 | ||
| 209 | ||
| 1cded8 | 210 | // handle keep-alive signal |
| T | 211 | if ($_action=='keep-alive') |
| 212 | { | |
| 213 | rcube_remote_response(''); | |
| 214 | exit; | |
| 215 | } | |
| 216 | ||
| 4e17e6 | 217 | |
| T | 218 | // include task specific files |
| 219 | if ($_task=='mail') | |
| 220 | { | |
| 221 | include_once('program/steps/mail/func.inc'); | |
| 88375f | 222 | |
| 4e17e6 | 223 | if ($_action=='show' || $_action=='print') |
| T | 224 | include('program/steps/mail/show.inc'); |
| 225 | ||
| 226 | if ($_action=='get') | |
| 227 | include('program/steps/mail/get.inc'); | |
| 228 | ||
| 229 | if ($_action=='moveto' || $_action=='delete') | |
| 230 | include('program/steps/mail/move_del.inc'); | |
| 231 | ||
| 232 | if ($_action=='mark') | |
| 233 | include('program/steps/mail/mark.inc'); | |
| 234 | ||
| 235 | if ($_action=='viewsource') | |
| 236 | include('program/steps/mail/viewsource.inc'); | |
| 237 | ||
| 238 | if ($_action=='send') | |
| 239 | include('program/steps/mail/sendmail.inc'); | |
| 240 | ||
| 241 | if ($_action=='upload') | |
| 242 | include('program/steps/mail/upload.inc'); | |
| 243 | ||
| 244 | if ($_action=='compose') | |
| 245 | include('program/steps/mail/compose.inc'); | |
| 246 | ||
| 247 | if ($_action=='addcontact') | |
| 248 | include('program/steps/mail/addcontact.inc'); | |
| 15a9d1 | 249 | |
| 5e3512 | 250 | if ($_action=='expunge' || $_action=='purge') |
| 15a9d1 | 251 | include('program/steps/mail/folders.inc'); |
| T | 252 | |
| 253 | if ($_action=='check-recent') | |
| 254 | include('program/steps/mail/check_recent.inc'); | |
| 255 | ||
| 256 | if ($_action=='getunread') | |
| 257 | include('program/steps/mail/getunread.inc'); | |
| 4e17e6 | 258 | |
| T | 259 | if ($_action=='list' && $_GET['_remote']) |
| 260 | include('program/steps/mail/list.inc'); | |
| 261 | ||
| 88375f | 262 | if ($_action=='rss') |
| T | 263 | include('program/steps/mail/rss.inc'); |
| 264 | ||
| 4e17e6 | 265 | // kill compose entry from session |
| T | 266 | if (isset($_SESSION['compose'])) |
| 267 | rcmail_compose_cleanup(); | |
| 01c86f | 268 | |
| T | 269 | // make sure the message count is refreshed |
| 270 | $IMAP->messagecount($_SESSION['mbox'], 'ALL', TRUE); | |
| 4e17e6 | 271 | } |
| T | 272 | |
| 273 | ||
| 274 | // include task specific files | |
| 275 | if ($_task=='addressbook') | |
| 276 | { | |
| 277 | include_once('program/steps/addressbook/func.inc'); | |
| 278 | ||
| 279 | if ($_action=='save') | |
| 280 | include('program/steps/addressbook/save.inc'); | |
| 281 | ||
| 282 | if ($_action=='edit' || $_action=='add') | |
| 283 | include('program/steps/addressbook/edit.inc'); | |
| 284 | ||
| 285 | if ($_action=='delete') | |
| 286 | include('program/steps/addressbook/delete.inc'); | |
| 287 | ||
| 288 | if ($_action=='show') | |
| 289 | include('program/steps/addressbook/show.inc'); | |
| 290 | ||
| 291 | if ($_action=='list' && $_GET['_remote']) | |
| 292 | include('program/steps/addressbook/list.inc'); | |
| d1d2c4 | 293 | |
| S | 294 | if ($_action=='ldappublicsearch') |
| 295 | include('program/steps/addressbook/ldapsearchform.inc'); | |
| 4e17e6 | 296 | } |
| T | 297 | |
| 298 | ||
| 299 | // include task specific files | |
| 300 | if ($_task=='settings') | |
| 301 | { | |
| 302 | include_once('program/steps/settings/func.inc'); | |
| 303 | ||
| 304 | if ($_action=='save-identity') | |
| 305 | include('program/steps/settings/save_identity.inc'); | |
| 306 | ||
| 307 | if ($_action=='add-identity' || $_action=='edit-identity') | |
| 308 | include('program/steps/settings/edit_identity.inc'); | |
| 309 | ||
| 310 | if ($_action=='delete-identity') | |
| 311 | include('program/steps/settings/delete_identity.inc'); | |
| 312 | ||
| 313 | if ($_action=='identities') | |
| 314 | include('program/steps/settings/identities.inc'); | |
| 315 | ||
| 316 | if ($_action=='save-prefs') | |
| 317 | include('program/steps/settings/save_prefs.inc'); | |
| 318 | ||
| 319 | if ($_action=='folders' || $_action=='subscribe' || $_action=='unsubscribe' || $_action=='create-folder' || $_action=='delete-folder') | |
| 320 | include('program/steps/settings/manage_folders.inc'); | |
| 321 | ||
| ecf759 | 322 | } |
| T | 323 | |
| 324 | ||
| 539cd4 | 325 | // only allow these templates to be included |
| T | 326 | $valid_tasks = array('mail','settings','addressbook'); |
| 4e17e6 | 327 | |
| 539cd4 | 328 | // parse main template |
| T | 329 | if (in_array($_task, $valid_tasks)) |
| 330 | parse_template($_task); | |
| 331 | ||
| 332 | ||
| 333 | // if we arrive here, something went wrong | |
| 334 | raise_error(array('code' => 404, | |
| 335 | 'type' => 'php', | |
| 336 | 'line' => __LINE__, | |
| 337 | 'file' => __FILE__, | |
| 338 | 'message' => "Invalid request"), TRUE, TRUE); | |
| 339 | ||
| d1d2c4 | 340 | ?> |
