| | |
|---|
| | | /* |
|---|
| | | +-----------------------------------------------------------------------+ |
|---|
| | | | RoundCube Webmail IMAP Client | |
|---|
| | | | Version 0.1-20070809 | |
|---|
| | | | Version 0.1-20071017 | |
|---|
| | | | | |
|---|
| | | | Copyright (C) 2005-2007, RoundCube Dev. - Switzerland | |
|---|
| | | | Licensed under the GNU GPL | |
|---|
| | |
|---|
| | | */ |
|---|
| | | |
|---|
| | | // application constants |
|---|
| | | define('RCMAIL_VERSION', '0.1-20070809'); |
|---|
| | | define('RCMAIL_VERSION', '0.1-20071017'); |
|---|
| | | define('RCMAIL_CHARSET', 'UTF-8'); |
|---|
| | | define('JS_OBJECT_NAME', 'rcmail'); |
|---|
| | | |
|---|
| | |
|---|
| | | // instead the ones provided by RC |
|---|
| | | ini_set('include_path', $INSTALL_PATH.PATH_SEPARATOR.$INSTALL_PATH.'program'.PATH_SEPARATOR.$INSTALL_PATH.'program/lib'.PATH_SEPARATOR.ini_get('include_path')); |
|---|
| | | |
|---|
| | | ini_set('session.name', 'sessid'); |
|---|
| | | ini_set('session.name', 'roundcube_sessid'); |
|---|
| | | ini_set('session.use_cookies', 1); |
|---|
| | | ini_set('session.gc_maxlifetime', 21600); |
|---|
| | | ini_set('session.gc_divisor', 500); |
|---|
| | | ini_set('error_reporting', E_ALL&~E_NOTICE); |
|---|
| | | set_magic_quotes_runtime(0); |
|---|
| | | |
|---|
| | | // increase maximum execution time for php scripts |
|---|
| | | // (does not work in safe mode) |
|---|
| | |
|---|
| | | } |
|---|
| | | else |
|---|
| | | { |
|---|
| | | $OUTPUT->show_message("loginfailed", 'warning'); |
|---|
| | | $_SESSION['user_id'] = ''; |
|---|
| | | $OUTPUT->show_message($IMAP->error_code == -1 ? 'imaperror' : 'loginfailed', 'warning'); |
|---|
| | | rcmail_kill_session(); |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | |
|---|
| | | $conn = $IMAP->connect($_SESSION['imap_host'], $_SESSION['username'], decrypt_passwd($_SESSION['password']), $_SESSION['imap_port'], $_SESSION['imap_ssl']); |
|---|
| | | if (!$conn) |
|---|
| | | { |
|---|
| | | $OUTPUT->show_message('imaperror', 'error'); |
|---|
| | | $_SESSION['user_id'] = ''; |
|---|
| | | $OUTPUT->show_message($IMAP->error_code == -1 ? 'imaperror' : 'sessionerror', 'error'); |
|---|
| | | rcmail_kill_session(); |
|---|
| | | } |
|---|
| | | else |
|---|
| | | rcmail_set_imap_prop(); |
|---|
| | |
|---|
| | | // check client X-header to verify request origin |
|---|
| | | if ($OUTPUT->ajax_call) |
|---|
| | | { |
|---|
| | | $hdrs = getallheaders(); |
|---|
| | | if (empty($hdrs['X-RoundCube-Referer']) && empty($CONFIG['devel_mode'])) |
|---|
| | | if (empty($CONFIG['devel_mode']) && !rc_request_header('X-RoundCube-Referer')) |
|---|
| | | { |
|---|
| | | header('HTTP/1.1 404 Not Found'); |
|---|
| | | die("Invalid Request"); |
|---|
