| | |
|---|
| | | raise_error(array('code' => hexdec($_GET['_code'])), FALSE, TRUE); |
|---|
| | | } |
|---|
| | | |
|---|
| | | // check if https is required (for login) and redirect if necessary |
|---|
| | | if (empty($_SESSION['user_id']) && ($force_https = $RCMAIL->config->get('force_https', false))) { |
|---|
| | | $https_port = is_bool($force_https) ? 443 : $force_https; |
|---|
| | | if (!rcube_https_check($https_port)) { |
|---|
| | | $host = preg_replace('/:[0-9]+$/', '', $_SERVER['HTTP_HOST']); |
|---|
| | | $host .= ($https_port != 443 ? ':' . $https_port : ''); |
|---|
| | | header('Location: https://' . $host . $_SERVER['REQUEST_URI']); |
|---|
| | | exit; |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | // trigger startup plugin hook |
|---|
| | | $startup = $RCMAIL->plugins->exec_hook('startup', array('task' => $RCMAIL->task, 'action' => $RCMAIL->action)); |
|---|
| | | $RCMAIL->set_task($startup['task']); |
|---|
| | | $RCMAIL->action = $startup['action']; |
|---|
| | | |
|---|
| | | // try to log in |
|---|
| | | if ($RCMAIL->action=='login' && $RCMAIL->task=='mail') { |
|---|
| | | if ($RCMAIL->task == 'login' && $RCMAIL->action == 'login') { |
|---|
| | | // purge the session in case of new login when a session already exists |
|---|
| | | $RCMAIL->kill_session(); |
|---|
| | | |
|---|
| | |
|---|
| | | $RCMAIL->user->ID, |
|---|
| | | $_SERVER['REMOTE_ADDR'])); |
|---|
| | | } |
|---|
| | | |
|---|
| | | |
|---|
| | | // restore original request parameters |
|---|
| | | $query = array(); |
|---|
| | | if ($url = get_input_value('_url', RCUBE_INPUT_POST)) |
|---|
| | | parse_str($url, $query); |
|---|
| | | |
|---|
| | | $RCMAIL->set_task('mail'); |
|---|
| | | |
|---|
| | | // allow plugins to control the redirect url after login success |
|---|
| | | $redir = $RCMAIL->plugins->exec_hook('login_after', $query + array('task' => $RCMAIL->task)); |
|---|
| | |
|---|
| | | } |
|---|
| | | |
|---|
| | | // end session |
|---|
| | | else if ($RCMAIL->task=='logout' && isset($_SESSION['user_id'])) { |
|---|
| | | else if ($RCMAIL->task == 'logout' && isset($_SESSION['user_id'])) { |
|---|
| | | $userdata = array('user' => $_SESSION['username'], 'host' => $_SESSION['imap_host'], 'lang' => $RCMAIL->user->language); |
|---|
| | | $OUTPUT->show_message('loggedout'); |
|---|
| | | $RCMAIL->logout_actions(); |
|---|
| | |
|---|
| | | } |
|---|
| | | |
|---|
| | | // check session and auth cookie |
|---|
| | | else if ($RCMAIL->action != 'login' && $_SESSION['user_id'] && $RCMAIL->action != 'send') { |
|---|
| | | else if ($RCMAIL->task != 'login' && $_SESSION['user_id'] && $RCMAIL->action != 'send') { |
|---|
| | | if (!$RCMAIL->authenticate_session()) { |
|---|
| | | $OUTPUT->show_message('sessionerror', 'error'); |
|---|
| | | $RCMAIL->kill_session(); |
|---|
| | |
|---|
| | | if (empty($RCMAIL->user->ID)) { |
|---|
| | | if ($OUTPUT->ajax_call) |
|---|
| | | $OUTPUT->redirect(array(), 2000); |
|---|
| | | |
|---|
| | | |
|---|
| | | if (!empty($_REQUEST['_framed'])) |
|---|
| | | $OUTPUT->command('redirect', '?'); |
|---|
| | | |
|---|
