githubFork/roundcubemail.git

			@@ -3,7 +3,7 @@
			/*
			+-----------------------------------------------------------------------+
			\| RoundCube Webmail IMAP Client \|
			\| Version 0.1-20050929 \|
			\| Version 0.1-20051018 \|
			\| \|
			\| Copyright (C) 2005, RoundCube Dev. - Switzerland \|
			\| Licensed under the GNU GPL \|
			@@ -42,40 +42,52 @@
			*/

			// define global vars
			$INSTALL_PATH = './';
			$INSTALL_PATH = dirname($_SERVER['SCRIPT_FILENAME']);
			$OUTPUT_TYPE = 'html';
			$JS_OBJECT_NAME = 'rcmail';

			if (empty($INSTALL_PATH))
			$INSTALL_PATH = './';
			else
			$INSTALL_PATH .= '/';

			// RC include folders MUST be included FIRST to avoid other
			// possible not compatible libraries (i.e PEAR) to be included
			// instead the ones provided by RC
			ini_set('include_path', $INSTALL_PATH.PATH_SEPARATOR.$INSTALL_PATH.'program'.PATH_SEPARATOR.$INSTALL_PATH.'program/lib'.PATH_SEPARATOR.ini_get('include_path'));

			// set environment first
			ini_set('include_path', ini_get('include_path').PATH_SEPARATOR.'program'.PATH_SEPARATOR.'program/lib');
			ini_set('session.name', 'sessid');
			ini_set('session.use_cookies', 1);
			//ini_set('session.save_path', $INSTALL_PATH.'session');

			ini_set('error_reporting', E_ALL&~E_NOTICE);

			// increase maximum execution time for php scripts
			set_time_limit('120');

			// (does not work in safe mode)
			@set_time_limit(120);

			// include base files
			require_once('include/rcube_shared.inc');
			require_once('include/rcube_imap.inc');
			require_once('include/rcube_db.inc');
			require_once('include/bugs.inc');
			require_once('include/main.inc');
			require_once('include/cache.inc');
			require_once('PEAR.php');


			// set PEAR error handling
			// PEAR::setErrorHandling(PEAR_ERROR_TRIGGER, E_USER_NOTICE);


			// catch some url/post parameters
			$_auth = strlen($_POST['_auth']) ? $_POST['_auth'] : $_GET['_auth'];
			$_task = strlen($_POST['_task']) ? $_POST['_task'] : ($_GET['_task'] ? $_GET['_task'] : 'mail');
			$_action = strlen($_POST['_action']) ? $_POST['_action'] : $_GET['_action'];
			$_framed = ($_GET['_framed'] \|\| $_POST['_framed']);
			$_auth = !empty($_POST['_auth']) ? $_POST['_auth'] : $_GET['_auth'];
			$_task = !empty($_POST['_task']) ? $_POST['_task'] : (!empty($_GET['_task']) ? $_GET['_task'] : 'mail');
			$_action = !empty($_POST['_action']) ? $_POST['_action'] : (!empty($_GET['_action']) ? $_GET['_action'] : '');
			$_framed = (!empty($_GET['_framed']) \|\| !empty($_POST['_framed']));

			if (!empty($_GET['_remote']))
			$REMOTE_REQUEST = TRUE;

			// start session with requested task
			rcmail_startup($_task);


			// set session related variables
			$COMM_PATH = sprintf('./?_auth=%s&_task=%s', $sess_auth, $_task);
			@@ -83,19 +95,18 @@


			// add framed parameter
			if ($_GET['_framed'] \|\| $_POST['_framed'])
			if ($_framed)
			{
			$COMM_PATH .= '&_framed=1';
			$SESS_HIDDEN_FIELD = "\n".'<input type="hidden" name="_framed" value="1" />';
			$SESS_HIDDEN_FIELD .= "\n".'<input type="hidden" name="_framed" value="1" />';
			}


			// init necessary objects for GUI
			load_gui();


			// error steps
			if ($_action=='error' && strlen($_GET['_code']))
			if ($_action=='error' && !empty($_GET['_code']))
			{
			raise_error(array('code' => hexdec($_GET['_code'])), FALSE, TRUE);
			}
			@@ -107,11 +118,11 @@
			$host = $_POST['_host'] ? $_POST['_host'] : $CONFIG['default_host'];

			// check if client supports cookies
			if (!$_COOKIE[session_name()])
			if (empty($_COOKIE))
			{
			show_message("cookiesdisabled", 'warning');
			}
			else if ($_POST['_user'] && $_POST['_pass'] && rcmail_login($_POST['_user'], $_POST['_pass'], $host))
			else if (isset($_POST['_user']) && isset($_POST['_pass']) && rcmail_login($_POST['_user'], $_POST['_pass'], $host))
			{
			// send redirect
			header("Location: $COMM_PATH");
			@@ -125,42 +136,53 @@
			}

			// end session
			else if ($_action=='logout' && $_SESSION['user_id'])
			else if ($_action=='logout' && isset($_SESSION['user_id']))
			{
			show_message('loggedout');
			rcmail_kill_session();
			}

			// check session cookie and auth string
			else if ($_action!='login' && $_auth && $sess_auth)
			else if ($_action!='login' && $sess_auth && $_SESSION['user_id'])
			{
			if ($_auth !== $sess_auth \|\| $_auth != rcmail_auth_hash($_SESSION['client_id'], $_SESSION['auth_time']))
			if ($_auth !== $sess_auth \|\| $_auth != rcmail_auth_hash($_SESSION['client_id'], $_SESSION['auth_time']) \|\|
			($CONFIG['session_lifetime'] && isset($SESS_CHANGED) && $SESS_CHANGED + $CONFIG['session_lifetime']*60 < mktime()))
			{
			show_message('sessionerror', 'error');
			$message = show_message('sessionerror', 'error');
			rcmail_kill_session();
			}
			}


			// log in to imap server
			if ($_SESSION['user_id'] && $_task=='mail')
			if (!empty($_SESSION['user_id']) && $_task=='mail')
			{
			$conn = $IMAP->connect($_SESSION['imap_host'], $_SESSION['username'], decrypt_passwd($_SESSION['password']));
			$conn = $IMAP->connect($_SESSION['imap_host'], $_SESSION['username'], decrypt_passwd($_SESSION['password']), $_SESSION['imap_port'], $_SESSION['imap_ssl']);
			if (!$conn)
			{
			show_message('imaperror', 'error');
			$_SESSION['user_id'] = '';
			}
			else
			rcmail_set_imap_prop();
			}


			// not logged in -> set task to 'login
			if (!$_SESSION['user_id'])
			if (empty($_SESSION['user_id']))
			{
			if ($REMOTE_REQUEST)
			{
			$message .= "setTimeout(\"location.href='\"+this.env.comm_path+\"'\", 2000);";
			rcube_remote_response($message);
			}

			$_task = 'login';
			}



			// set taask and action to client
			// set task and action to client
			$script = sprintf("%s.set_env('task', '%s');", $JS_OBJECT_NAME, $_task);
			if (!empty($_action))
			$script .= sprintf("\n%s.set_env('action', '%s');", $JS_OBJECT_NAME, $_action);
			@@ -177,6 +199,13 @@
			}


			// handle keep-alive signal
			if ($_action=='keep-alive')
			{
			rcube_remote_response('');
			exit;
			}


			// include task specific files
			if ($_task=='mail')