From bd0551b22076b82a6d49e9f7a2b2e0c90a1b2326 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 05 Feb 2016 07:25:27 -0500
Subject: [PATCH] Secure also downloads of addressbook exports, managesieve script exports and Enigma keys exports

---
 bin/msgimport.sh |   58 +++++++++++-----------------------------------------------
 1 files changed, 11 insertions(+), 47 deletions(-)

diff --git a/bin/msgimport.sh b/bin/msgimport.sh
index 9bd97c6..0c72622 100755
--- a/bin/msgimport.sh
+++ b/bin/msgimport.sh
@@ -1,42 +1,10 @@
-#!/usr/bin/php
+#!/usr/bin/env php
 <?php
 
-define('INSTALL_PATH', preg_replace('/bin\/$/', '', getcwd()) . '/');
+define('INSTALL_PATH', realpath(__DIR__ . '/..') . '/' );
 ini_set('memory_limit', -1);
 
-require_once INSTALL_PATH.'program/include/iniset.php';
-
-/**
- * Parse commandline arguments into a hash array
- */
-function get_opt($aliases=array())
-{
-	$args = array();
-	for ($i=1; $i<count($_SERVER['argv']); $i++)
-	{
-		$arg = $_SERVER['argv'][$i];
-		if (substr($arg, 0, 2) == '--')
-		{
-			$sp = strpos($arg, '=');
-			$key = substr($arg, 2, $sp - 2);
-			$value = substr($arg, $sp+1);
-		}
-		else if ($arg{0} == '-')
-		{
-			$key = substr($arg, 1);
-			$value = $_SERVER['argv'][++$i];
-		}
-		else
-			continue;
-
-		$args[$key] = preg_replace(array('/^["\']/', '/["\']$/'), '', $value);
-		
-		if ($alias = $aliases[$key])
-			$args[$alias] = $args[$key];
-	}
-
-	return $args;
-}
+require_once INSTALL_PATH.'program/include/clisetup.php';
 
 function print_usage()
 {
@@ -49,7 +17,8 @@
 
 
 // get arguments
-$args = get_opt(array('h' => 'host', 'u' => 'user', 'p' => 'pass', 'm' => 'mbox', 'f' => 'file')) + array('host' => 'localhost', 'mbox' => 'INBOX');
+$opts = array('h' => 'host', 'u' => 'user', 'p' => 'pass', 'm' => 'mbox', 'f' => 'file');
+$args = rcube_utils::get_opt($opts) + array('host' => 'localhost', 'mbox' => 'INBOX');
 
 if ($_SERVER['argv'][1] == 'help')
 {
@@ -64,8 +33,7 @@
 }
 else if (!is_file($args['file']))
 {
-	print "Cannot read message file\n";
-	exit;
+	rcube::raise_error("Cannot read message file.", false, true);
 }
 
 // prompt for username if not set
@@ -79,11 +47,7 @@
 // prompt for password
 if (empty($args['pass']))
 {
-	echo "Password: ";
-	$args['pass'] = trim(fgets(STDIN));
-
-	// clear password input
-	echo chr(8)."\rPassword: ".str_repeat("*", strlen($args['pass']))."\n";
+	$args['pass'] = rcube_utils::prompt_silent("Password: ");
 }
 
 // parse $host URL
@@ -115,14 +79,14 @@
 	$fp = fopen($args['file'], 'r');
 	while (($line = fgets($fp)) !== false)
 	{
-		if (preg_match('/^From\s+/', $line) && $lastline == '')
+		if (preg_match('/^From\s+-/', $line) && $lastline == '')
 		{
 			if (!empty($message))
 			{
 				if ($IMAP->save_message($args['mbox'], rtrim($message)))
 					$count++;
 				else
-					die("Failed to save message to {$args['mbox']}\n");
+					rcube::raise_error("Failed to save message to {$args['mbox']}", false, true);
 				$message = '';
 			}
 			continue;
@@ -143,7 +107,7 @@
 }
 else
 {
-	print "IMAP login failed.\n";
+	rcube::raise_error("IMAP login failed.", false, true);
 }
 
-?>
\ No newline at end of file
+?>

--
Gitblit v1.9.1