| | |
|---|
| | | $OUTPUT->show_message('sessionerror', 'error', null, true, -1); |
|---|
| | | } |
|---|
| | | |
|---|
| | | if ($OUTPUT->ajax_call || $OUTPUT->framed) { |
|---|
| | | if ($OUTPUT->ajax_call || $OUTPUT->get_env('framed')) { |
|---|
| | | $OUTPUT->command('session_error', $RCMAIL->url(array('_err' => 'session'))); |
|---|
| | | $OUTPUT->send('iframe'); |
|---|
| | | } |
|---|
| | |
|---|
| | | 'message' => "Referer check failed"), true, true); |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | // check access to disabled actions |
|---|
| | | $disabled_actions = (array) $RCMAIL->config->get('disabled_actions'); |
|---|
| | | if (in_array($RCMAIL->task . '.' . ($RCMAIL->action ?: 'index'), $disabled_actions)) { |
|---|
| | | rcube::raise_error(array( |
|---|
| | | 'code' => 403, 'type' => 'php', |
|---|
| | | 'message' => "Action disabled"), true, true); |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | // we're ready, user is authenticated and the request is safe |
|---|
| | |
|---|
| | | $redirects = 0; $incstep = null; |
|---|
| | | while ($redirects < 5) { |
|---|
| | | // execute a plugin action |
|---|
| | | if ($RCMAIL->plugins->is_plugin_task($RCMAIL->task)) { |
|---|
| | | if (!$RCMAIL->action) $RCMAIL->action = 'index'; |
|---|
| | | $RCMAIL->plugins->exec_action($RCMAIL->task.'.'.$RCMAIL->action); |
|---|
| | | if (preg_match('/^plugin\./', $RCMAIL->action)) { |
|---|
| | | $RCMAIL->plugins->exec_action($RCMAIL->action); |
|---|
| | | break; |
|---|
| | | } |
|---|
| | | else if (preg_match('/^plugin\./', $RCMAIL->action)) { |
|---|
| | | $RCMAIL->plugins->exec_action($RCMAIL->action); |
|---|
| | | // execute action registered to a plugin task |
|---|
| | | else if ($RCMAIL->plugins->is_plugin_task($RCMAIL->task)) { |
|---|
| | | if (!$RCMAIL->action) $RCMAIL->action = 'index'; |
|---|
| | | $RCMAIL->plugins->exec_action($RCMAIL->task.'.'.$RCMAIL->action); |
|---|
| | | break; |
|---|
| | | } |
|---|
| | | // try to include the step file |
|---|
