| | |
| | | // check client |
| | | $BROWSER = rcube_browser(); |
| | | |
| | | // load config file |
| | | include_once('config/main.inc.php'); |
| | | $CONFIG = is_array($rcmail_config) ? $rcmail_config : array(); |
| | | |
| | | // load host-specific configuration |
| | | rcmail_load_host_config($CONFIG); |
| | | |
| | | $CONFIG['skin_path'] = $CONFIG['skin_path'] ? unslashify($CONFIG['skin_path']) : 'skins/default'; |
| | | |
| | | // load db conf |
| | | include_once('config/db.inc.php'); |
| | | $CONFIG = array_merge($CONFIG, $rcmail_config); |
| | | |
| | | if (empty($CONFIG['log_dir'])) |
| | | $CONFIG['log_dir'] = $INSTALL_PATH.'logs'; |
| | | else |
| | | $CONFIG['log_dir'] = unslashify($CONFIG['log_dir']); |
| | | |
| | | // set PHP error logging according to config |
| | | if ($CONFIG['debug_level'] & 1) |
| | | { |
| | | ini_set('log_errors', 1); |
| | | ini_set('error_log', $CONFIG['log_dir'].'/errors'); |
| | | } |
| | | if ($CONFIG['debug_level'] & 4) |
| | | ini_set('display_errors', 1); |
| | | else |
| | | ini_set('display_errors', 0); |
| | | |
| | | // load configuration |
| | | $CONFIG = rcmail_load_config(); |
| | | |
| | | // set session garbage collecting time according to session_lifetime |
| | | if (!empty($CONFIG['session_lifetime'])) |
| | | ini_set('session.gc_maxlifetime', ($CONFIG['session_lifetime']+2)*60); |
| | | |
| | | ini_set('session.gc_maxlifetime', ($CONFIG['session_lifetime']) * 120); |
| | | |
| | | // prepare DB connection |
| | | require_once('include/rcube_'.(empty($CONFIG['db_backend']) ? 'db' : $CONFIG['db_backend']).'.inc'); |
| | |
| | | $DB = new rcube_db($CONFIG['db_dsnw'], $CONFIG['db_dsnr'], $CONFIG['db_persistent']); |
| | | $DB->sqlite_initials = $INSTALL_PATH.'SQL/sqlite.initial.sql'; |
| | | $DB->db_connect('w'); |
| | | |
| | | |
| | | // we can use the database for storing session data |
| | | if (!$DB->is_error()) |
| | | include_once('include/session.inc'); |
| | |
| | | } |
| | | |
| | | |
| | | // load roundcube configuration into global var |
| | | function rcmail_load_config() |
| | | { |
| | | global $INSTALL_PATH; |
| | | |
| | | // load config file |
| | | include_once('config/main.inc.php'); |
| | | $conf = is_array($rcmail_config) ? $rcmail_config : array(); |
| | | |
| | | // load host-specific configuration |
| | | rcmail_load_host_config($conf); |
| | | |
| | | $conf['skin_path'] = $conf['skin_path'] ? unslashify($conf['skin_path']) : 'skins/default'; |
| | | |
| | | // load db conf |
| | | include_once('config/db.inc.php'); |
| | | $conf = array_merge($conf, $rcmail_config); |
| | | |
| | | if (empty($conf['log_dir'])) |
| | | $conf['log_dir'] = $INSTALL_PATH.'logs'; |
| | | else |
| | | $conf['log_dir'] = unslashify($conf['log_dir']); |
| | | |
| | | // set PHP error logging according to config |
| | | if ($conf['debug_level'] & 1) |
| | | { |
| | | ini_set('log_errors', 1); |
| | | ini_set('error_log', $conf['log_dir'].'/errors'); |
| | | } |
| | | if ($conf['debug_level'] & 4) |
| | | ini_set('display_errors', 1); |
| | | else |
| | | ini_set('display_errors', 0); |
| | | |
| | | return $conf; |
| | | } |
| | | |
| | | |
| | | // load a host-specific config file if configured |
| | | function rcmail_load_host_config(&$config) |
| | | { |
| | |
| | | function rcmail_authenticate_session() |
| | | { |
| | | $now = mktime(); |
| | | $valid = ($_COOKIE['sessauth'] == rcmail_auth_hash(session_id(), $_SESSION['auth_time'])); |
| | | $valid = ($_COOKIE['sessauth'] == rcmail_auth_hash(session_id(), $_SESSION['auth_time']) || |
| | | $_COOKIE['sessauth'] == rcmail_auth_hash(session_id(), $_SESSION['last_auth'])); |
| | | |
| | | // renew auth cookie every 5 minutes (only for GET requests) |
| | | if (!$valid || ($_SERVER['REQUEST_METHOD']!='POST' && $now-$_SESSION['auth_time'] > 300)) |
| | | { |
| | | $_SESSION['last_auth'] = $_SESSION['auth_time']; |
| | | $_SESSION['auth_time'] = $now; |
| | | setcookie('sessauth', rcmail_auth_hash(session_id(), $now)); |
| | | } |
| | | |
| | | |
| | | if (!$valid) |
| | | write_log('timeouts', |
| | | "REQUEST: " . var_export($_REQUEST, true) . |
| | | "\nEXPECTED: " . rcmail_auth_hash(session_id(), $_SESSION['auth_time']) . |
| | | "\nOR LAST: " . rcmail_auth_hash(session_id(), $_SESSION['last_auth']) . |
| | | "\nSESSION: " . var_export($_SESSION, true)); |
| | | |
| | | return $valid; |
| | | } |
| | | |
| | |
| | | |
| | | // add common javascripts |
| | | $javascript = "var $JS_OBJECT_NAME = new rcube_webmail();\n"; |
| | | $javascript .= "$JS_OBJECT_NAME.set_env('comm_path', '$COMM_PATH');\n"; |
| | | $javascript .= sprintf("%s.set_env('comm_path', '%s');\n", $JS_OBJECT_NAME, str_replace('&', '&', $COMM_PATH)); |
| | | |
| | | if (isset($CONFIG['javascript_config'] )){ |
| | | foreach ($CONFIG['javascript_config'] as $js_config_var){ |
| | | $javascript .= "$JS_OBJECT_NAME.set_env('$js_config_var', '" . $CONFIG[$js_config_var] . "');\n"; |
| | | } |
| | | } |
| | | |
| | | |
| | | // don't wait for page onload. Call init at the bottom of the page (delayed) |
| | | $javascript_foot = "if (window.call_init)\n call_init('$JS_OBJECT_NAME');"; |
| | | |
| | | if (!empty($GLOBALS['_framed'])) |
| | | $javascript .= "$JS_OBJECT_NAME.set_env('framed', true);\n"; |
| | | |
| | | $OUTPUT->add_script($javascript); |
| | | $OUTPUT->add_script($javascript, 'head'); |
| | | $OUTPUT->add_script($javascript_foot, 'foot'); |
| | | $OUTPUT->include_script('common.js'); |
| | | $OUTPUT->include_script('app.js'); |
| | | $OUTPUT->scripts_path = 'program/js/'; |
| | |
| | | $MBSTRING = $s_mbstring_loaded = FALSE; |
| | | |
| | | $OUTPUT->set_charset(rcube_language_prop($lang, 'charset')); |
| | | } |
| | | |
| | | |
| | | // auto-select IMAP host based on the posted login information |
| | | function rcmail_autoselect_host() |
| | | { |
| | | global $CONFIG; |
| | | |
| | | $host = isset($_POST['_host']) ? get_input_value('_host', RCUBE_INPUT_POST) : $CONFIG['default_host']; |
| | | if (is_array($host)) |
| | | { |
| | | list($user, $domain) = explode('@', get_input_value('_user', RCUBE_INPUT_POST)); |
| | | if (!empty($domain)) |
| | | { |
| | | foreach ($host as $imap_host => $mail_domains) |
| | | if (is_array($mail_domains) && in_array($domain, $mail_domains)) |
| | | { |
| | | $host = $imap_host; |
| | | break; |
| | | } |
| | | } |
| | | |
| | | // take the first entry if $host is still an array |
| | | if (is_array($host)) |
| | | $host = array_shift($host); |
| | | } |
| | | |
| | | return $host; |
| | | } |
| | | |
| | | |
| | |
| | | $user_name = $user!=$user_email ? $user : ''; |
| | | |
| | | // try to resolve the e-mail address from the virtuser table |
| | | if (!empty($CONFIG['virtuser_query'])) |
| | | { |
| | | $sql_result = $DB->query(preg_replace('/%u/', $user, $CONFIG['virtuser_query'])); |
| | | if ($sql_arr = $DB->fetch_array($sql_result)) |
| | | $user_email = $sql_arr[0]; |
| | | if (!empty($CONFIG['virtuser_query']) && |
| | | ($sql_result = $DB->query(preg_replace('/%u/', $user, $CONFIG['virtuser_query']))) && |
| | | ($DB->num_rows()>0)) |
| | | while ($sql_arr = $DB->fetch_array($sql_result)) |
| | | { |
| | | $DB->query("INSERT INTO ".get_table_name('identities')." |
| | | (user_id, del, standard, name, email) |
| | | VALUES (?, 0, 1, ?, ?)", |
| | | $user_id, |
| | | $user_name, |
| | | preg_replace('/^@/', $user . '@', $sql_arr[0])); |
| | | } |
| | | else |
| | | { |
| | | // also create new identity records |
| | | $DB->query("INSERT INTO ".get_table_name('identities')." |
| | | (user_id, del, standard, name, email) |
| | | VALUES (?, 0, 1, ?, ?)", |
| | | $user_id, |
| | | $user_name, |
| | | $user_email); |
| | | } |
| | | |
| | | // also create new identity records |
| | | $DB->query("INSERT INTO ".get_table_name('identities')." |
| | | (user_id, del, standard, name, email) |
| | | VALUES (?, 0, 1, ?, ?)", |
| | | $user_id, |
| | | $user_name, |
| | | $user_email); |
| | | |
| | | |
| | | // get existing mailboxes |
| | | $a_mailboxes = $IMAP->list_mailboxes(); |
| | |
| | | } |
| | | |
| | | |
| | | // remove temp files of a session |
| | | function rcmail_clear_session_temp($sess_id) |
| | | // remove temp files older than two day |
| | | function rcmail_temp_gc() |
| | | { |
| | | global $CONFIG; |
| | | $tmp = unslashify($CONFIG['temp_dir']); |
| | | $expire = mktime() - 172800; // expire in 48 hours |
| | | |
| | | $temp_dir = slashify($CONFIG['temp_dir']); |
| | | $cache_dir = $temp_dir.$sess_id; |
| | | |
| | | if (is_dir($cache_dir)) |
| | | if ($dir = opendir($tmp)) |
| | | { |
| | | clear_directory($cache_dir); |
| | | rmdir($cache_dir); |
| | | } |
| | | while (($fname = readdir($dir)) !== false) |
| | | { |
| | | if ($fname{0} == '.') |
| | | continue; |
| | | |
| | | if (filemtime($tmp.'/'.$fname) < $expire) |
| | | @unlink($tmp.'/'.$fname); |
| | | } |
| | | |
| | | closedir($dir); |
| | | } |
| | | } |
| | | |
| | | |
| | |
| | | |
| | | // convert string to UTF-8 |
| | | if ($from=='UTF-7') |
| | | $str = rcube_charset_convert(UTF7DecodeString($str), 'ISO-8859-1'); |
| | | $str = utf7_to_utf8($str); |
| | | else if (($from=='ISO-8859-1') && function_exists('utf8_encode')) |
| | | $str = utf8_encode($str); |
| | | else if ($from!='UTF-8') |
| | |
| | | |
| | | // encode string for output |
| | | if ($to=='UTF-7') |
| | | return UTF7EncodeString(rcube_charset_convert($str, 'UTF-8', 'ISO-8859-1')); |
| | | return utf8_to_utf7($str); |
| | | else if ($to=='ISO-8859-1' && function_exists('utf8_decode')) |
| | | return utf8_decode($str); |
| | | else if ($to!='UTF-8') |
| | |
| | | } |
| | | else if ($mode=='remove') |
| | | $str = strip_tags($str); |
| | | |
| | | $out = strtr($str, $encode_arr); |
| | | |
| | | // avoid douple quotation of & |
| | | $out = preg_replace('/&([a-z]{2,5});/', '&\\1;', strtr($str, $encode_arr)); |
| | | |
| | | return $newlines ? nl2br($out) : $out; |
| | | } |
| | |
| | | return $value; |
| | | } |
| | | |
| | | |
| | | /** |
| | | * Remove single and double quotes from given string |
| | | */ |
| | | function strip_quotes($str) |
| | | { |
| | | return preg_replace('/[\'"]/', '', $str); |
| | | } |
| | | |
| | | |
| | | // ************** template parsing and gui functions ************** |
| | |
| | | |
| | | |
| | | // parse for specialtags |
| | | $output = parse_rcube_xml($templ); |
| | | $output = parse_rcube_xml(parse_rcube_conditions($templ)); |
| | | |
| | | // add debug console |
| | | if ($CONFIG['debug_level'] & 8) |
| | | $OUTPUT->footer = '<div style="position:absolute;top:5px;left:5px;width:400px;opacity:0.8;z-index:9000;"><form name="debugform"><textarea name="console" rows="15" cols="40" style="width:400px;border:none;font-size:x-small"></textarea></form>'; |
| | | |
| | | $OUTPUT->write(trim(parse_with_globals($output)), $skin_path); |
| | | |
| | | if ($exit) |
| | |
| | | } |
| | | |
| | | |
| | | // parse conditional code |
| | | function parse_rcube_conditions($input) |
| | | { |
| | | if (($matches = preg_split('/<roundcube:(if|elseif|else|endif)\s+([^>]+)>/is', $input, 2, PREG_SPLIT_DELIM_CAPTURE)) && count($matches)==4) |
| | | { |
| | | if (preg_match('/^(else|endif)$/i', $matches[1])) |
| | | return $matches[0] . parse_rcube_conditions($matches[3]); |
| | | else |
| | | { |
| | | $attrib = parse_attrib_string($matches[2]); |
| | | if (isset($attrib['condition'])) |
| | | { |
| | | $condmet = rcube_xml_condition($attrib['condition']); |
| | | $submatches = preg_split('/<roundcube:(elseif|else|endif)\s+([^>]+)>/is', $matches[3], 2, PREG_SPLIT_DELIM_CAPTURE); |
| | | |
| | | if ($condmet) |
| | | $result = $submatches[0] . preg_replace('/.*<roundcube:endif\s+[^>]+>/is', '', $submatches[3]); |
| | | else |
| | | $result = "<roundcube:$submatches[1] $submatches[2]>" . $submatches[3]; |
| | | |
| | | return $matches[0] . parse_rcube_conditions($result); |
| | | } |
| | | else |
| | | { |
| | | raise_error(array('code' => 500, 'type' => 'php', 'line' => __LINE__, 'file' => __FILE__, |
| | | 'message' => "Unable to parse conditional tag " . $matches[2]), TRUE, FALSE); |
| | | } |
| | | } |
| | | } |
| | | |
| | | return $input; |
| | | } |
| | | |
| | | |
| | | /** |
| | | * Determines if a given condition is met |
| | | * |
| | | * @return True if condition is valid, False is not |
| | | */ |
| | | function rcube_xml_condition($condition) |
| | | { |
| | | $condition = preg_replace( |
| | | array('/session:([a-z0-9_]+)/i', '/config:([a-z0-9_]+)/i', '/request:([a-z0-9_]+)/ie'), |
| | | array("\$_SESSION['\\1']", "\$GLOBALS['CONFIG']['\\1']", "get_input_value('\\1', RCUBE_INPUT_GPC)"), |
| | | $condition); |
| | | |
| | | return @eval("return (".$condition.");"); |
| | | } |
| | | |
| | | |
| | | function parse_rcube_xml($input) |
| | | { |
| | |
| | | } |
| | | |
| | | |
| | | /** |
| | | * Convert a xml command tag into real content |
| | | */ |
| | | function rcube_xml_command($command, $str_attrib, $add_attrib=array()) |
| | | { |
| | | global $IMAP, $CONFIG, $OUTPUT; |
| | | |
| | | $command = strtolower($command); |
| | | $attrib = parse_attrib_string($str_attrib) + $add_attrib; |
| | | |
| | | // empty output if required condition is not met |
| | | if (!empty($attrib['condition']) && !rcube_xml_condition($attrib['condition'])) |
| | | return ''; |
| | | |
| | | // execute command |
| | | switch ($command) |
| | |
| | | 'composeattachment' => 'rcmail_compose_attachment_field', |
| | | 'priorityselector' => 'rcmail_priority_selector', |
| | | 'charsetselector' => 'rcmail_charset_selector', |
| | | 'editorselector' => 'rcmail_editor_selector', |
| | | 'searchform' => 'rcmail_search_form', |
| | | 'receiptcheckbox' => 'rcmail_receipt_checkbox', |
| | | |
| | |
| | | if ($attrib['type']) |
| | | $attrib['type'] = strtolower($attrib['type']); |
| | | else |
| | | $attrib['type'] = ($attrib['image'] || $attrib['imagepas'] || $arg['imageact']) ? 'image' : 'link'; |
| | | |
| | | $attrib['type'] = ($attrib['image'] || $attrib['imagepas'] || $attrib['imageact']) ? 'image' : 'link'; |
| | | |
| | | $command = $attrib['command']; |
| | | |
| | |
| | | $attrib = $sa_buttons[$attrib['name']]; |
| | | |
| | | // add button to button stack |
| | | else if($attrib['image'] || $arg['imageact'] || $attrib['imagepas'] || $attrib['class']) |
| | | else if($attrib['image'] || $attrib['imageact'] || $attrib['imagepas'] || $attrib['class']) |
| | | { |
| | | if(!$attrib['name']) |
| | | $attrib['name'] = $command; |
| | |
| | | } |
| | | |
| | | |
| | | |
| | | /** |
| | | * Create an edit field for inclusion on a form |
| | | * |
| | | * @param string col field name |
| | | * @param string value field value |
| | | * @param array attrib HTML element attributes for field |
| | | * @param string type HTML element type (default 'text') |
| | | * @return string HTML field definition |
| | | */ |
| | | function rcmail_get_edit_field($col, $value, $attrib, $type='text') |
| | | { |
| | | $fname = '_'.$col; |
| | |
| | | $now = time(); // local time |
| | | $now -= (int)date('Z'); // make GMT time |
| | | $now += ($tz * 3600); // user's time |
| | | $now_date = getdate(); |
| | | $now_date = getdate($now); |
| | | |
| | | $today_limit = mktime(0, 0, 0, $now_date['mon'], $now_date['mday'], $now_date['year']); |
| | | $week_limit = mktime(0, 0, 0, $now_date['mon'], $now_date['mday']-6, $now_date['year']); |
| | |
| | | $select_host = new select(array('name' => '_host', 'id' => 'rcmloginhost')); |
| | | |
| | | foreach ($CONFIG['default_host'] as $key => $value) |
| | | $select_host->add($value, (is_numeric($key) ? $value : $key)); |
| | | { |
| | | if (!is_array($value)) |
| | | $select_host->add($value, (is_numeric($key) ? $value : $key)); |
| | | else |
| | | { |
| | | unset($select_host); |
| | | break; |
| | | } |
| | | } |
| | | |
| | | $fields['host'] = $select_host->show($_POST['_host']); |
| | | $fields['host'] = isset($select_host) ? $select_host->show($_POST['_host']) : null; |
| | | } |
| | | else if (!strlen($CONFIG['default_host'])) |
| | | { |
| | | $input_host = new textfield(array('name' => '_host', 'id' => 'rcmloginhost', 'size' => 30)); |
| | | $fields['host'] = $input_host->show($_POST['_host']); |
| | | $input_host = new textfield(array('name' => '_host', 'id' => 'rcmloginhost', 'size' => 30)); |
| | | $fields['host'] = $input_host->show($_POST['_host']); |
| | | } |
| | | |
| | | $form_name = strlen($attrib['form']) ? $attrib['form'] : 'form'; |
| | |
| | | function write_log($name, $line) |
| | | { |
| | | global $CONFIG; |
| | | |
| | | if (!is_string($line)) |
| | | $line = var_export($line, true); |
| | | |
| | | $log_entry = sprintf("[%s]: %s\n", |
| | | date("d-M-Y H:i:s O", mktime()), |