| | |
| | | <?php |
| | | |
| | | /* |
| | | +-----------------------------------------------------------------------+ |
| | | | RoundCube Webmail IMAP Client | |
| | | | Version 0.1-20051007 | |
| | | | Version 0.1-20060718 | |
| | | | | |
| | | | Copyright (C) 2005, RoundCube Dev. - Switzerland | |
| | | | Licensed under the GNU GPL | |
| | |
| | | |
| | | */ |
| | | |
| | | define('RCMAIL_VERSION', '0.1-20060718'); |
| | | |
| | | // define global vars |
| | | $INSTALL_PATH = './'; |
| | | $CHARSET = 'UTF-8'; |
| | | $OUTPUT_TYPE = 'html'; |
| | | $JS_OBJECT_NAME = 'rcmail'; |
| | | $INSTALL_PATH = dirname(__FILE__); |
| | | $MAIN_TASKS = array('mail','settings','addressbook','logout'); |
| | | |
| | | if (empty($INSTALL_PATH)) |
| | | $INSTALL_PATH = './'; |
| | | else |
| | | $INSTALL_PATH .= '/'; |
| | | |
| | | |
| | | // set environment first |
| | | ini_set('include_path', ini_get('include_path').PATH_SEPARATOR.$INSTALL_PATH.PATH_SEPARATOR.'program'.PATH_SEPARATOR.'program/lib'); |
| | | // make sure path_separator is defined |
| | | if (!defined('PATH_SEPARATOR')) |
| | | define('PATH_SEPARATOR', (eregi('win', PHP_OS) ? ';' : ':')); |
| | | |
| | | |
| | | // RC include folders MUST be included FIRST to avoid other |
| | | // possible not compatible libraries (i.e PEAR) to be included |
| | | // instead the ones provided by RC |
| | | ini_set('include_path', $INSTALL_PATH.PATH_SEPARATOR.$INSTALL_PATH.'program'.PATH_SEPARATOR.$INSTALL_PATH.'program/lib'.PATH_SEPARATOR.ini_get('include_path')); |
| | | |
| | | ini_set('session.name', 'sessid'); |
| | | ini_set('session.use_cookies', 1); |
| | | ini_set('error_reporting', E_ALL&~E_NOTICE); |
| | | |
| | | ini_set('session.gc_maxlifetime', 21600); |
| | | ini_set('session.gc_divisor', 500); |
| | | ini_set('error_reporting', E_ALL&~E_NOTICE); |
| | | |
| | | // increase maximum execution time for php scripts |
| | | set_time_limit('120'); |
| | | |
| | | // (does not work in safe mode) |
| | | @set_time_limit(120); |
| | | |
| | | // include base files |
| | | require_once('include/rcube_shared.inc'); |
| | | require_once('include/rcube_imap.inc'); |
| | | require_once('include/rcube_db.inc'); |
| | | require_once('include/bugs.inc'); |
| | | require_once('include/main.inc'); |
| | | require_once('include/cache.inc'); |
| | | require_once('PEAR.php'); |
| | | |
| | | |
| | | // set PEAR error handling |
| | | // PEAR::setErrorHandling(PEAR_ERROR_TRIGGER, E_USER_NOTICE); |
| | | |
| | | // use gzip compression if supported |
| | | if (function_exists('ob_gzhandler') && !ini_get('zlib.output_compression')) |
| | | ob_start('ob_gzhandler'); |
| | | else |
| | | ob_start(); |
| | | |
| | | |
| | | // catch some url/post parameters |
| | | $_auth = !empty($_POST['_auth']) ? $_POST['_auth'] : $_GET['_auth']; |
| | | $_task = !empty($_POST['_task']) ? $_POST['_task'] : (!empty($_GET['_task']) ? $_GET['_task'] : 'mail'); |
| | | $_action = !empty($_POST['_action']) ? $_POST['_action'] : (!empty($_GET['_action']) ? $_GET['_action'] : ''); |
| | | //$_auth = get_input_value('_auth', RCUBE_INPUT_GPC); |
| | | $_task = get_input_value('_task', RCUBE_INPUT_GPC); |
| | | $_action = get_input_value('_action', RCUBE_INPUT_GPC); |
| | | $_framed = (!empty($_GET['_framed']) || !empty($_POST['_framed'])); |
| | | |
| | | if (empty($_task)) |
| | | $_task = 'mail'; |
| | | |
| | | if (!empty($_GET['_remote'])) |
| | | $REMOTE_REQUEST = TRUE; |
| | | |
| | | |
| | | // start session with requested task |
| | | rcmail_startup($_task); |
| | | |
| | | |
| | | // set session related variables |
| | | $COMM_PATH = sprintf('./?_auth=%s&_task=%s', $sess_auth, $_task); |
| | | $SESS_HIDDEN_FIELD = sprintf('<input type="hidden" name="_auth" value="%s" />', $sess_auth); |
| | | $COMM_PATH = sprintf('./?_task=%s', $_task); |
| | | $SESS_HIDDEN_FIELD = ''; |
| | | |
| | | |
| | | // add framed parameter |
| | | if ($_framed) |
| | | { |
| | | $COMM_PATH .= '&_framed=1'; |
| | | $SESS_HIDDEN_FIELD = "\n".'<input type="hidden" name="_framed" value="1" />'; |
| | | $SESS_HIDDEN_FIELD .= "\n".'<input type="hidden" name="_framed" value="1" />'; |
| | | } |
| | | |
| | | |
| | | // init necessary objects for GUI |
| | | load_gui(); |
| | | |
| | | |
| | | // check DB connections and exit on failure |
| | | if ($err_str = $DB->is_error()) |
| | | { |
| | | raise_error(array('code' => 500, 'type' => 'db', 'line' => __LINE__, 'file' => __FILE__, |
| | | 'message' => $err_str), FALSE, TRUE); |
| | | } |
| | | |
| | | |
| | | // error steps |
| | |
| | | { |
| | | show_message("cookiesdisabled", 'warning'); |
| | | } |
| | | else if (isset($_POST['_user']) && isset($_POST['_pass']) && rcmail_login($_POST['_user'], $_POST['_pass'], $host)) |
| | | else if (isset($_POST['_user']) && isset($_POST['_pass']) && |
| | | rcmail_login(get_input_value('_user', RCUBE_INPUT_POST), $_POST['_pass'], $host)) |
| | | { |
| | | // send redirect |
| | | header("Location: $COMM_PATH"); |
| | |
| | | } |
| | | |
| | | // end session |
| | | else if ($_action=='logout' && $_SESSION['user_id']) |
| | | else if ($_action=='logout' && isset($_SESSION['user_id'])) |
| | | { |
| | | show_message('loggedout'); |
| | | rcmail_kill_session(); |
| | | } |
| | | |
| | | // check session cookie and auth string |
| | | else if ($_action!='login' && $_auth && $sess_auth) |
| | | // check session and auth cookie |
| | | else if ($_action!='login' && $_SESSION['user_id']) |
| | | { |
| | | if ($_auth !== $sess_auth || $_auth != rcmail_auth_hash($_SESSION['client_id'], $_SESSION['auth_time'])) |
| | | if (!rcmail_authenticate_session() || |
| | | ($CONFIG['session_lifetime'] && isset($SESS_CHANGED) && $SESS_CHANGED + $CONFIG['session_lifetime']*60 < mktime())) |
| | | { |
| | | $message = show_message('sessionerror', 'error'); |
| | | rcmail_kill_session(); |
| | |
| | | // log in to imap server |
| | | if (!empty($_SESSION['user_id']) && $_task=='mail') |
| | | { |
| | | $conn = $IMAP->connect($_SESSION['imap_host'], $_SESSION['username'], decrypt_passwd($_SESSION['password'])); |
| | | $conn = $IMAP->connect($_SESSION['imap_host'], $_SESSION['username'], decrypt_passwd($_SESSION['password']), $_SESSION['imap_port'], $_SESSION['imap_ssl']); |
| | | if (!$conn) |
| | | { |
| | | show_message('imaperror', 'error'); |
| | | $_SESSION['user_id'] = ''; |
| | | } |
| | | else |
| | | rcmail_set_imap_prop(); |
| | | } |
| | | |
| | | |
| | |
| | | } |
| | | |
| | | |
| | | // handle keep-alive signal |
| | | if ($_action=='keep-alive') |
| | | { |
| | | rcube_remote_response(''); |
| | | exit; |
| | | } |
| | | |
| | | |
| | | // include task specific files |
| | | if ($_task=='mail') |
| | | { |
| | | include_once('program/steps/mail/func.inc'); |
| | | |
| | | |
| | | if ($_action=='show' || $_action=='print') |
| | | include('program/steps/mail/show.inc'); |
| | | |
| | |
| | | if ($_action=='upload') |
| | | include('program/steps/mail/upload.inc'); |
| | | |
| | | if ($_action=='compose') |
| | | if ($_action=='compose' || $_action=='remove-attachment') |
| | | include('program/steps/mail/compose.inc'); |
| | | |
| | | if ($_action=='addcontact') |
| | | include('program/steps/mail/addcontact.inc'); |
| | | |
| | | if ($_action=='expunge' || $_action=='purge') |
| | | include('program/steps/mail/folders.inc'); |
| | | |
| | | if ($_action=='check-recent') |
| | | include('program/steps/mail/check_recent.inc'); |
| | | |
| | | if ($_action=='getunread') |
| | | include('program/steps/mail/getunread.inc'); |
| | | |
| | | if ($_action=='list' && $_GET['_remote']) |
| | | if ($_action=='list' && isset($_GET['_remote'])) |
| | | include('program/steps/mail/list.inc'); |
| | | |
| | | if ($_action=='search') |
| | | include('program/steps/mail/search.inc'); |
| | | |
| | | if ($_action=='spell') |
| | | include('program/steps/mail/spell.inc'); |
| | | |
| | | if ($_action=='rss') |
| | | include('program/steps/mail/rss.inc'); |
| | | |
| | | // kill compose entry from session |
| | | if (isset($_SESSION['compose'])) |
| | | rcmail_compose_cleanup(); |
| | | |
| | | // make sure the message count is refreshed |
| | | $IMAP->messagecount($_SESSION['mbox'], 'ALL', TRUE); |
| | | } |
| | | |
| | | |
| | |
| | | |
| | | if ($_action=='list' && $_GET['_remote']) |
| | | include('program/steps/addressbook/list.inc'); |
| | | |
| | | if ($_action=='ldappublicsearch') |
| | | include('program/steps/addressbook/ldapsearchform.inc'); |
| | | } |
| | | |
| | | |
| | |
| | | if ($_action=='save-prefs') |
| | | include('program/steps/settings/save_prefs.inc'); |
| | | |
| | | if ($_action=='folders' || $_action=='subscribe' || $_action=='unsubscribe' || $_action=='create-folder' || $_action=='delete-folder') |
| | | if ($_action=='folders' || $_action=='subscribe' || $_action=='unsubscribe' || $_action=='create-folder' || $_action=='rename-folder' || $_action=='delete-folder') |
| | | include('program/steps/settings/manage_folders.inc'); |
| | | |
| | | } |
| | | |
| | | |
| | | // only allow these templates to be included |
| | | $valid_tasks = array('mail','settings','addressbook'); |
| | | |
| | | // parse main template |
| | | if (in_array($_task, $valid_tasks)) |
| | | // only allow these templates to be included |
| | | if (in_array($_task, $MAIN_TASKS)) |
| | | parse_template($_task); |
| | | |
| | | |
| | |
| | | 'file' => __FILE__, |
| | | 'message' => "Invalid request"), TRUE, TRUE); |
| | | |
| | | ?> |
| | | ?> |