githubFork/roundcubemail.git

			@@ -48,9 +48,10 @@


			// set environment first
			ini_set('include_path', ini_get('include_path').PATH_SEPARATOR.'program'.PATH_SEPARATOR.'program/lib');
			ini_set('include_path', ini_get('include_path').PATH_SEPARATOR.$INSTALL_PATH.PATH_SEPARATOR.'program'.PATH_SEPARATOR.'program/lib');
			ini_set('session.name', 'sessid');
			ini_set('session.use_cookies', 1);
			ini_set('error_reporting', E_ALL&~E_NOTICE);
			//ini_set('session.save_path', $INSTALL_PATH.'session');


			@@ -68,10 +69,14 @@


			// catch some url/post parameters
			$_auth = strlen($_POST['_auth']) ? $_POST['_auth'] : $_GET['_auth'];
			$_task = strlen($_POST['_task']) ? $_POST['_task'] : ($_GET['_task'] ? $_GET['_task'] : 'mail');
			$_action = strlen($_POST['_action']) ? $_POST['_action'] : $_GET['_action'];
			$_framed = ($_GET['_framed'] \|\| $_POST['_framed']);
			$_auth = !empty($_POST['_auth']) ? $_POST['_auth'] : $_GET['_auth'];
			$_task = !empty($_POST['_task']) ? $_POST['_task'] : (!empty($_GET['_task']) ? $_GET['_task'] : 'mail');
			$_action = !empty($_POST['_action']) ? $_POST['_action'] : (!empty($_GET['_action']) ? $_GET['_action'] : '');
			$_framed = (!empty($_GET['_framed']) \|\| !empty($_POST['_framed']));

			if (!empty($_GET['_remote']))
			$REMOTE_REQUEST = TRUE;


			// start session with requested task
			rcmail_startup($_task);
			@@ -83,7 +88,7 @@


			// add framed parameter
			if ($_GET['_framed'] \|\| $_POST['_framed'])
			if ($_framed)
			{
			$COMM_PATH .= '&_framed=1';
			$SESS_HIDDEN_FIELD = "\n".'<input type="hidden" name="_framed" value="1" />';
			@@ -95,7 +100,7 @@


			// error steps
			if ($_action=='error' && strlen($_GET['_code']))
			if ($_action=='error' && !empty($_GET['_code']))
			{
			raise_error(array('code' => hexdec($_GET['_code'])), FALSE, TRUE);
			}
			@@ -107,11 +112,11 @@
			$host = $_POST['_host'] ? $_POST['_host'] : $CONFIG['default_host'];

			// check if client supports cookies
			if (!$_COOKIE[session_name()])
			if (empty($_COOKIE))
			{
			show_message("cookiesdisabled", 'warning');
			}
			else if ($_POST['_user'] && $_POST['_pass'] && rcmail_login($_POST['_user'], $_POST['_pass'], $host))
			else if (isset($_POST['_user']) && isset($_POST['_pass']) && rcmail_login($_POST['_user'], $_POST['_pass'], $host))
			{
			// send redirect
			header("Location: $COMM_PATH");
			@@ -136,14 +141,14 @@
			{
			if ($_auth !== $sess_auth \|\| $_auth != rcmail_auth_hash($_SESSION['client_id'], $_SESSION['auth_time']))
			{
			show_message('sessionerror', 'error');
			$message = show_message('sessionerror', 'error');
			rcmail_kill_session();
			}
			}


			// log in to imap server
			if ($_SESSION['user_id'] && $_task=='mail')
			if (!empty($_SESSION['user_id']) && $_task=='mail')
			{
			$conn = $IMAP->connect($_SESSION['imap_host'], $_SESSION['username'], decrypt_passwd($_SESSION['password']));
			if (!$conn)
			@@ -155,12 +160,20 @@


			// not logged in -> set task to 'login
			if (!$_SESSION['user_id'])
			if (empty($_SESSION['user_id']))
			{
			if ($REMOTE_REQUEST)
			{
			$message .= "setTimeout(\"location.href='\"+this.env.comm_path+\"'\", 2000);";
			rcube_remote_response($message);
			}

			$_task = 'login';
			}



			// set taask and action to client
			// set task and action to client
			$script = sprintf("%s.set_env('task', '%s');", $JS_OBJECT_NAME, $_task);
			if (!empty($_action))
			$script .= sprintf("\n%s.set_env('action', '%s');", $JS_OBJECT_NAME, $_action);