githubFork/roundcubemail.git

			@@ -2,22 +2,33 @@
			/*
			+-------------------------------------------------------------------------+
			\| Roundcube Webmail IMAP Client \|
			\| Version 0.6-svn \|
			\| Version 0.8-rc \|
			\| \|
			\| Copyright (C) 2005-2011, The Roundcube Dev Team \|
			\| Copyright (C) 2005-2012, The Roundcube Dev Team \|
			\| \|
			\| This program is free software; you can redistribute it and/or modify \|
			\| it under the terms of the GNU General Public License version 2 \|
			\| as published by the Free Software Foundation. \|
			\| This program is free software: you can redistribute it and/or modify \|
			\| it under the terms of the GNU General Public License (with exceptions \|
			\| for skins & plugins) as published by the Free Software Foundation, \|
			\| either version 3 of the License, or (at your option) any later version. \|
			\| \|
			\| This file forms part of the Roundcube Webmail Software for which the \|
			\| following exception is added: Plugins and Skins which merely make \|
			\| function calls to the Roundcube Webmail Software, and for that purpose \|
			\| include it by reference shall not be considered modifications of \|
			\| the software. \|
			\| \|
			\| If you wish to use this file in another project or create a modified \|
			\| version that will not be part of the Roundcube Webmail Software, you \|
			\| may remove the exception above and use this source code under the \|
			\| original version of the license. \|
			\| \|
			\| This program is distributed in the hope that it will be useful, \|
			\| but WITHOUT ANY WARRANTY; without even the implied warranty of \|
			\| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the \|
			\| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the \|
			\| GNU General Public License for more details. \|
			\| \|
			\| You should have received a copy of the GNU General Public License along \|
			\| with this program; if not, write to the Free Software Foundation, Inc., \|
			\| 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. \|
			\| You should have received a copy of the GNU General Public License \|
			\| along with this program. If not, see http://www.gnu.org/licenses/. \|
			\| \|
			+-------------------------------------------------------------------------+
			\| Author: Thomas Bruederli <roundcube@gmail.com> \|
			@@ -48,7 +59,7 @@
			}

			// check DB connections and exit on failure
			if ($err_str = $DB->is_error()) {
			if ($err_str = $RCMAIL->db->is_error()) {
			raise_error(array(
			'code' => 603,
			'type' => 'db',
			@@ -97,8 +108,7 @@
			$OUTPUT->show_message("cookiesdisabled", 'warning');
			}
			else if ($auth['valid'] && !$auth['abort'] &&
			!empty($auth['host']) && !empty($auth['user']) &&
			$RCMAIL->login($auth['user'], $auth['pass'], $auth['host'])
			$RCMAIL->login($auth['user'], $auth['pass'], $auth['host'])
			) {
			// create new session ID, don't destroy the current session
			// it was destroyed already by $RCMAIL->kill_session() above
			@@ -119,6 +129,10 @@
			// prevent endless looping on login page
			if ($query['_task'] == 'login')
			unset($query['_task']);

			// prevent redirect to compose with specified ID (#1488226)
			if ($query['_action'] == 'compose' && !empty($query['_id']))
			$query = array();
			}

			// allow plugins to control the redirect url after login success
			@@ -129,9 +143,9 @@
			$OUTPUT->redirect($redir);
			}
			else {
			$error_code = is_object($IMAP) ? $IMAP->get_error_code() : -1;
			$error_code = is_object($RCMAIL->storage) ? $RCMAIL->storage->get_error_code() : 1;

			$OUTPUT->show_message($error_code < -1 ? 'imaperror' : (!$auth['valid'] ? 'invalidrequest' : 'loginfailed'), 'warning');
			$OUTPUT->show_message($error_code < -1 ? 'storageerror' : (!$auth['valid'] ? 'invalidrequest' : 'loginfailed'), 'warning');
			$RCMAIL->plugins->exec_hook('login_failed', array(
			'code' => $error_code, 'host' => $auth['host'], 'user' => $auth['user']));
			$RCMAIL->kill_session();
			@@ -140,7 +154,11 @@

			// end session (after optional referer check)
			else if ($RCMAIL->task == 'logout' && isset($_SESSION['user_id']) && (!$RCMAIL->config->get('referer_check') \|\| rcube_check_referer())) {
			$userdata = array('user' => $_SESSION['username'], 'host' => $_SESSION['imap_host'], 'lang' => $RCMAIL->user->language);
			$userdata = array(
			'user' => $_SESSION['username'],
			'host' => $_SESSION['storage_host'],
			'lang' => $RCMAIL->user->language,
			);
			$OUTPUT->show_message('loggedout');
			$RCMAIL->logout_actions();
			$RCMAIL->kill_session();
			@@ -195,7 +213,7 @@
			// check client X-header to verify request origin
			if ($OUTPUT->ajax_call) {
			if (rc_request_header('X-Roundcube-Request') != $RCMAIL->get_request_token() && !$RCMAIL->config->get('devel_mode')) {
			header('HTTP/1.1 404 Not Found');
			header('HTTP/1.1 403 Forbidden');
			die("Invalid Request");
			}
			}
			@@ -214,6 +232,12 @@
			}
			}

			// we're ready, user is authenticated and the request is safe
			$plugin = $RCMAIL->plugins->exec_hook('ready', array('task' => $RCMAIL->task, 'action' => $RCMAIL->action));
			$RCMAIL->set_task($plugin['task']);
			$RCMAIL->action = $plugin['action'];


			// handle special actions
			if ($RCMAIL->action == 'keep-alive') {
			$OUTPUT->reset();