From f5d2eef55c89b7f1a5549704705c25fd7f0c0185 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Tue, 31 Dec 2013 07:58:29 -0500
Subject: [PATCH] More CS fixes, replace global $CONFIG usage with $RCMAIL->config->get()
---
program/include/rcmail.php | 447 +++++++++++++++++++++++--------------------------------
1 files changed, 185 insertions(+), 262 deletions(-)
diff --git a/program/include/rcmail.php b/program/include/rcmail.php
index a149db1..e85d82c 100644
--- a/program/include/rcmail.php
+++ b/program/include/rcmail.php
@@ -51,6 +51,7 @@
*/
public $action = '';
public $comm_path = './';
+ public $filename = '';
private $address_books = array();
private $action_map = array();
@@ -65,12 +66,13 @@
/**
* This implements the 'singleton' design pattern
*
+ * @param string Environment name to run (e.g. live, dev, test)
* @return rcmail The one and only instance
*/
- static function get_instance()
+ static function get_instance($env = '')
{
if (!self::$instance || !is_a(self::$instance, 'rcmail')) {
- self::$instance = new rcmail();
+ self::$instance = new rcmail($env);
self::$instance->startup(); // init AFTER object was linked with self::$instance
}
@@ -86,6 +88,10 @@
{
$this->init(self::INIT_WITH_DB | self::INIT_WITH_PLUGINS);
+ // set filename if not index.php
+ if (($basename = basename($_SERVER['SCRIPT_FILENAME'])) && $basename != 'index.php')
+ $this->filename = $basename;
+
// start session
$this->session_init();
@@ -98,7 +104,10 @@
// reset some session parameters when changing task
if ($this->task != 'utils') {
- if ($this->session && $_SESSION['task'] != $this->task)
+ // we reset list page when switching to another task
+ // but only to the main task interface - empty action (#1489076)
+ // this will prevent from unintentional page reset on cross-task requests
+ if ($this->session && $_SESSION['task'] != $this->task && empty($this->action))
$this->session->remove('page');
// set current task to session
$_SESSION['task'] = $this->task;
@@ -123,7 +132,7 @@
*/
public function set_task($task)
{
- $task = asciiwords($task);
+ $task = asciiwords($task, true);
if ($this->user && $this->user->ID)
$task = !$task ? 'mail' : $task;
@@ -159,7 +168,7 @@
setlocale(LC_ALL, $lang . '.utf8', $lang . '.UTF-8', 'en_US.utf8', 'en_US.UTF-8');
// workaround for http://bugs.php.net/bug.php?id=18556
- if (in_array($lang, array('tr_TR', 'ku', 'az_AZ'))) {
+ if (version_compare(PHP_VERSION, '5.5.0', '<') && in_array($lang, array('tr_TR', 'ku', 'az_AZ'))) {
setlocale(LC_CTYPE, 'en_US.utf8', 'en_US.UTF-8');
}
}
@@ -225,6 +234,11 @@
}
if (!$contacts) {
+ // there's no default, just return
+ if ($default) {
+ return null;
+ }
+
self::raise_error(array(
'code' => 700, 'type' => 'php',
'file' => __FILE__, 'line' => __LINE__,
@@ -249,6 +263,23 @@
/**
+ * Return identifier of the address book object
+ *
+ * @param rcube_addressbook Addressbook source object
+ *
+ * @return string Source identifier
+ */
+ public function get_address_book_id($object)
+ {
+ foreach ($this->address_books as $index => $book) {
+ if ($book === $object) {
+ return $index;
+ }
+ }
+ }
+
+
+ /**
* Return address books list
*
* @param boolean True if the address book needs to be writeable
@@ -258,13 +289,13 @@
*/
public function get_address_sources($writeable = false, $skip_hidden = false)
{
- $abook_type = strtolower($this->config->get('address_book_type'));
- $ldap_config = $this->config->get('ldap_public');
+ $abook_type = (string) $this->config->get('address_book_type');
+ $ldap_config = (array) $this->config->get('ldap_public');
$autocomplete = (array) $this->config->get('autocomplete_addressbooks');
- $list = array();
+ $list = array();
// We are using the DB address book or a plugin address book
- if ($abook_type != 'ldap' && $abook_type != '') {
+ if (!empty($abook_type) && strtolower($abook_type) != 'ldap') {
if (!isset($this->address_books['0']))
$this->address_books['0'] = new rcube_contacts($this->db, $this->get_user_id());
$list['0'] = array(
@@ -277,8 +308,7 @@
);
}
- if ($ldap_config) {
- $ldap_config = (array) $ldap_config;
+ if (!empty($ldap_config)) {
foreach ($ldap_config as $id => $prop) {
// handle misconfiguration
if (empty($prop) || !is_array($prop)) {
@@ -316,6 +346,44 @@
return $list;
}
+ /**
+ * Getter for compose responses.
+ * These are stored in local config and user preferences.
+ *
+ * @param boolean True to sort the list alphabetically
+ * @param boolean True if only this user's responses shall be listed
+ * @return array List of the current user's stored responses
+ */
+ public function get_compose_responses($sorted = false, $user_only = false)
+ {
+ $responses = array();
+
+ if (!$user_only) {
+ foreach ($this->config->get('compose_responses_static', array()) as $response) {
+ if (empty($response['key']))
+ $response['key'] = substr(md5($response['name']), 0, 16);
+ $response['static'] = true;
+ $response['class'] = 'readonly';
+ $k = $sorted ? '0000-' . strtolower($response['name']) : $response['key'];
+ $responses[$k] = $response;
+ }
+ }
+
+ foreach ($this->config->get('compose_responses', array()) as $response) {
+ if (empty($response['key']))
+ $response['key'] = substr(md5($response['name']), 0, 16);
+ $k = $sorted ? strtolower($response['name']) : $response['key'];
+ $responses[$k] = $response;
+ }
+
+ // sort list by name
+ if ($sorted) {
+ ksort($responses, SORT_LOCALE_STRING);
+ }
+
+ return array_values($responses);
+ }
+
/**
* Init output object for GUI and add common scripts.
@@ -344,6 +412,9 @@
$this->output->set_env('action', $this->action);
$this->output->set_env('comm_path', $this->comm_path);
$this->output->set_charset(RCUBE_CHARSET);
+
+ if ($this->user && $this->user->ID)
+ $this->output->set_env('user_id', $this->user->get_hash());
// add some basic labels to client
$this->output->add_label('loading', 'servererror', 'requesttimedout', 'refreshing');
@@ -451,15 +522,22 @@
$port = $config['default_port'];
}
- /* Modify username with domain if required
- Inspired by Marco <P0L0_notspam_binware.org>
- */
- // Check if we need to add domain
- if (!empty($config['username_domain']) && strpos($username, '@') === false) {
- if (is_array($config['username_domain']) && isset($config['username_domain'][$host]))
- $username .= '@'.rcube_utils::parse_host($config['username_domain'][$host], $host);
- else if (is_string($config['username_domain']))
- $username .= '@'.rcube_utils::parse_host($config['username_domain'], $host);
+ // Check if we need to add/force domain to username
+ if (!empty($config['username_domain'])) {
+ $domain = is_array($config['username_domain']) ? $config['username_domain'][$host] : $config['username_domain'];
+
+ if ($domain = rcube_utils::parse_host((string)$domain, $host)) {
+ $pos = strpos($username, '@');
+
+ // force configured domains
+ if (!empty($config['username_domain_forced']) && $pos !== false) {
+ $username = substr($username, 0, $pos) . '@' . $domain;
+ }
+ // just add domain if not specified
+ else if ($pos === false) {
+ $username .= '@' . $domain;
+ }
+ }
}
if (!isset($config['login_lc'])) {
@@ -594,7 +672,7 @@
$post_host = rcube_utils::get_input_value('_host', rcube_utils::INPUT_POST);
$post_user = rcube_utils::get_input_value('_user', rcube_utils::INPUT_POST);
- list($user, $domain) = explode('@', $post_user);
+ list(, $domain) = explode('@', $post_user);
// direct match in default_host array
if ($default_host[$post_host] || in_array($post_host, array_values($default_host))) {
@@ -698,28 +776,6 @@
/**
- * Create unique authorization hash
- *
- * @param string Session ID
- * @param int Timestamp
- * @return string The generated auth hash
- */
- private function get_auth_hash($sess_id, $ts)
- {
- $auth_string = sprintf('rcmail*sess%sR%s*Chk:%s;%s',
- $sess_id,
- $ts,
- $this->config->get('ip_check') ? $_SERVER['REMOTE_ADDR'] : '***.***.***.***',
- $_SERVER['HTTP_USER_AGENT']);
-
- if (function_exists('sha1'))
- return sha1($auth_string);
- else
- return md5($auth_string);
- }
-
-
- /**
* Build a valid URL to this instance of Roundcube
*
* @param mixed Either a string with the action or url parameters as key-value pairs
@@ -739,7 +795,7 @@
$p['_task'] = $task;
unset($p['task']);
- $url = './';
+ $url = './' . $this->filename;
$delm = '?';
foreach (array_reverse($p) as $key => $val) {
if ($val !== '' && $val !== null) {
@@ -762,11 +818,6 @@
foreach ($this->address_books as $book) {
if (is_object($book) && is_a($book, 'rcube_addressbook'))
$book->close();
- }
-
- // before closing the database connection, write session data
- if ($_SERVER['REMOTE_ADDR'] && is_object($this->session)) {
- session_write_close();
}
// write performance stats to logs/console
@@ -929,185 +980,15 @@
/**
- * Send the given message using the configured method.
- *
- * @param object $message Reference to Mail_MIME object
- * @param string $from Sender address string
- * @param array $mailto Array of recipient address strings
- * @param array $error SMTP error array (reference)
- * @param string $body_file Location of file with saved message body (reference),
- * used when delay_file_io is enabled
- * @param array $options SMTP options (e.g. DSN request)
- *
- * @return boolean Send status.
+ * Set environment variables for specified config options
*/
- public function deliver_message(&$message, $from, $mailto, &$error, &$body_file = null, $options = null)
+ public function set_env_config($options)
{
- $plugin = $this->plugins->exec_hook('message_before_send', array(
- 'message' => $message,
- 'from' => $from,
- 'mailto' => $mailto,
- 'options' => $options,
- ));
-
- $from = $plugin['from'];
- $mailto = $plugin['mailto'];
- $options = $plugin['options'];
- $message = $plugin['message'];
- $headers = $message->headers();
-
- // send thru SMTP server using custom SMTP library
- if ($this->config->get('smtp_server')) {
- // generate list of recipients
- $a_recipients = array($mailto);
-
- if (strlen($headers['Cc']))
- $a_recipients[] = $headers['Cc'];
- if (strlen($headers['Bcc']))
- $a_recipients[] = $headers['Bcc'];
-
- // clean Bcc from header for recipients
- $send_headers = $headers;
- unset($send_headers['Bcc']);
- // here too, it because txtHeaders() below use $message->_headers not only $send_headers
- unset($message->_headers['Bcc']);
-
- $smtp_headers = $message->txtHeaders($send_headers, true);
-
- if ($message->getParam('delay_file_io')) {
- // use common temp dir
- $temp_dir = $this->config->get('temp_dir');
- $body_file = tempnam($temp_dir, 'rcmMsg');
- if (PEAR::isError($mime_result = $message->saveMessageBody($body_file))) {
- self::raise_error(array('code' => 650, 'type' => 'php',
- 'file' => __FILE__, 'line' => __LINE__,
- 'message' => "Could not create message: ".$mime_result->getMessage()),
- TRUE, FALSE);
- return false;
- }
- $msg_body = fopen($body_file, 'r');
- }
- else {
- $msg_body = $message->get();
- }
-
- // send message
- if (!is_object($this->smtp)) {
- $this->smtp_init(true);
- }
-
- $sent = $this->smtp->send_mail($from, $a_recipients, $smtp_headers, $msg_body, $options);
- $response = $this->smtp->get_response();
- $error = $this->smtp->get_error();
-
- // log error
- if (!$sent) {
- self::raise_error(array('code' => 800, 'type' => 'smtp',
- 'line' => __LINE__, 'file' => __FILE__,
- 'message' => "SMTP error: ".join("\n", $response)), TRUE, FALSE);
+ foreach ((array) $options as $option) {
+ if ($this->config->get($option)) {
+ $this->output->set_env($option, true);
}
}
- // send mail using PHP's mail() function
- else {
- // unset some headers because they will be added by the mail() function
- $headers_enc = $message->headers($headers);
- $headers_php = $message->_headers;
- unset($headers_php['To'], $headers_php['Subject']);
-
- // reset stored headers and overwrite
- $message->_headers = array();
- $header_str = $message->txtHeaders($headers_php);
-
- // #1485779
- if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
- if (preg_match_all('/<([^@]+@[^>]+)>/', $headers_enc['To'], $m)) {
- $headers_enc['To'] = implode(', ', $m[1]);
- }
- }
-
- $msg_body = $message->get();
-
- if (PEAR::isError($msg_body)) {
- self::raise_error(array('code' => 650, 'type' => 'php',
- 'file' => __FILE__, 'line' => __LINE__,
- 'message' => "Could not create message: ".$msg_body->getMessage()),
- TRUE, FALSE);
- }
- else {
- $delim = $this->config->header_delimiter();
- $to = $headers_enc['To'];
- $subject = $headers_enc['Subject'];
- $header_str = rtrim($header_str);
-
- if ($delim != "\r\n") {
- $header_str = str_replace("\r\n", $delim, $header_str);
- $msg_body = str_replace("\r\n", $delim, $msg_body);
- $to = str_replace("\r\n", $delim, $to);
- $subject = str_replace("\r\n", $delim, $subject);
- }
-
- if (ini_get('safe_mode'))
- $sent = mail($to, $subject, $msg_body, $header_str);
- else
- $sent = mail($to, $subject, $msg_body, $header_str, "-f$from");
- }
- }
-
- if ($sent) {
- $this->plugins->exec_hook('message_sent', array('headers' => $headers, 'body' => $msg_body));
-
- // remove MDN headers after sending
- unset($headers['Return-Receipt-To'], $headers['Disposition-Notification-To']);
-
- // get all recipients
- if ($headers['Cc'])
- $mailto .= $headers['Cc'];
- if ($headers['Bcc'])
- $mailto .= $headers['Bcc'];
- if (preg_match_all('/<([^@]+@[^>]+)>/', $mailto, $m))
- $mailto = implode(', ', array_unique($m[1]));
-
- if ($this->config->get('smtp_log')) {
- self::write_log('sendmail', sprintf("User %s [%s]; Message for %s; %s",
- $this->user->get_username(),
- $_SERVER['REMOTE_ADDR'],
- $mailto,
- !empty($response) ? join('; ', $response) : ''));
- }
- }
-
- if (is_resource($msg_body)) {
- fclose($msg_body);
- }
-
- $message->_headers = array();
- $message->headers($headers);
-
- return $sent;
- }
-
-
- /**
- * Unique Message-ID generator.
- *
- * @return string Message-ID
- */
- public function gen_message_id()
- {
- $local_part = md5(uniqid('rcmail'.mt_rand(),true));
- $domain_part = $this->user->get_username('domain');
-
- // Try to find FQDN, some spamfilters doesn't like 'localhost' (#1486924)
- if (!preg_match('/\.[a-z]+$/i', $domain_part)) {
- foreach (array($_SERVER['HTTP_HOST'], $_SERVER['SERVER_NAME']) as $host) {
- $host = preg_replace('/:[0-9]+$/', '', $host);
- if ($host && preg_match('/\.[a-z]+$/i', $host)) {
- $domain_part = $host;
- }
- }
- }
-
- return sprintf('<%s@%s>', $local_part, $domain_part);
}
@@ -1134,22 +1015,32 @@
/**
* Write login data (name, ID, IP address) to the 'userlogins' log file.
*/
- public function log_login()
+ public function log_login($user = null, $failed_login = false, $error_code = 0)
{
if (!$this->config->get('log_logins')) {
return;
}
- $user_name = $this->get_user_name();
- $user_id = $this->get_user_id();
+ // failed login
+ if ($failed_login) {
+ $message = sprintf('Failed login for %s from %s in session %s (error: %d)',
+ $user, rcube_utils::remote_ip(), session_id(), $error_code);
+ }
+ // successful login
+ else {
+ $user_name = $this->get_user_name();
+ $user_id = $this->get_user_id();
- if (!$user_id) {
- return;
+ if (!$user_id) {
+ return;
+ }
+
+ $message = sprintf('Successful login for %s (ID: %d) from %s in session %s',
+ $user_name, $user_id, rcube_utils::remote_ip(), session_id());
}
- self::write_log('userlogins',
- sprintf('Successful login for %s (ID: %d) from %s in session %s',
- $user_name, $user_id, rcube_utils::remote_ip(), session_id()));
+ // log login
+ self::write_log('userlogins', $message);
}
@@ -1165,7 +1056,7 @@
*/
public function table_output($attrib, $table_data, $a_show_cols, $id_col)
{
- $table = new html_table(/*array('cols' => count($a_show_cols))*/);
+ $table = new html_table($attrib);
// add table header
if (!$attrib['noheader']) {
@@ -1404,13 +1295,22 @@
}
else {
$js_mailboxlist = array();
- $out = html::tag('ul', $attrib, $rcmail->render_folder_tree_html($a_mailboxes, $mbox_name, $js_mailboxlist, $attrib), html::$common_attrib);
+ $tree = $rcmail->render_folder_tree_html($a_mailboxes, $mbox_name, $js_mailboxlist, $attrib);
- $rcmail->output->include_script('treelist.js');
- $rcmail->output->add_gui_object('mailboxlist', $attrib['id']);
+ if ($type != 'js') {
+ $out = html::tag('ul', $attrib, $tree, html::$common_attrib);
+
+ $rcmail->output->include_script('treelist.js');
+ $rcmail->output->add_gui_object('mailboxlist', $attrib['id']);
+ $rcmail->output->set_env('unreadwrap', $attrib['unreadwrap']);
+ $rcmail->output->set_env('collapsed_folders', (string)$rcmail->config->get('collapsed_folders'));
+ }
+
$rcmail->output->set_env('mailboxes', $js_mailboxlist);
- $rcmail->output->set_env('unreadwrap', $attrib['unreadwrap']);
- $rcmail->output->set_env('collapsed_folders', (string)$rcmail->config->get('collapsed_folders'));
+
+ // we can't use object keys in javascript because they are unordered
+ // we need sorted folders list for folder-selector widget
+ $rcmail->output->set_env('mailboxes_list', array_keys($js_mailboxlist));
}
return $out;
@@ -1528,9 +1428,10 @@
$realnames = (bool)$attrib['realnames'];
$msgcounts = $this->storage->get_cache('messagecount');
$collapsed = $this->config->get('collapsed_folders');
+ $realnames = $this->config->get('show_real_foldernames');
$out = '';
- foreach ($arrFolders as $key => $folder) {
+ foreach ($arrFolders as $folder) {
$title = null;
$folder_class = $this->folder_classname($folder['id']);
$is_collapsed = strpos($collapsed, '&'.rawurlencode($folder['id']).'&') !== false;
@@ -1594,8 +1495,12 @@
$jslist[$folder['id']] = array(
'id' => $folder['id'],
'name' => $foldername,
- 'virtual' => $folder['virtual']
+ 'virtual' => $folder['virtual'],
);
+
+ if (!empty($folder_class)) {
+ $jslist[$folder['id']]['class'] = $folder_class;
+ }
if (!empty($folder['folders'])) {
$out .= html::tag('ul', array('style' => ($is_collapsed ? "display:none;" : null)),
@@ -1616,7 +1521,7 @@
{
$out = '';
- foreach ($arrFolders as $key => $folder) {
+ foreach ($arrFolders as $folder) {
// skip exceptions (and its subfolders)
if (!empty($opts['exceptions']) && in_array($folder['id'], $opts['exceptions'])) {
continue;
@@ -1684,8 +1589,10 @@
*/
public function localize_foldername($name, $with_path = true)
{
+ $realnames = $this->config->get('show_real_foldernames');
+
// try to localize path of the folder
- if ($with_path) {
+ if ($with_path && !$realnames) {
$storage = $this->get_storage();
$delimiter = $storage->get_hierarchy_delimiter();
$path = explode($delimiter, $name);
@@ -1702,12 +1609,11 @@
}
}
- if ($folder_class = $this->folder_classname($name)) {
+ if (!$realnames && ($folder_class = $this->folder_classname($name))) {
return $this->gettext($folder_class);
}
- else {
- return rcube_charset::convert($name, 'UTF7-IMAP');
- }
+
+ return rcube_charset::convert($name, 'UTF7-IMAP');
}
@@ -1750,7 +1656,7 @@
$rcmail->output->add_script('rcmail.set_quota('.rcube_output::json_serialize($quota).');', 'docready');
- return html::span($attrib, '');
+ return html::span($attrib, ' ');
}
@@ -1762,11 +1668,7 @@
$quota_result = (array) $quota;
$quota_result['type'] = isset($_SESSION['quota_display']) ? $_SESSION['quota_display'] : '';
- if (!$quota['total'] && $this->config->get('quota_zero_as_unlimited')) {
- $quota_result['title'] = $this->gettext('unlimited');
- $quota_result['percent'] = 0;
- }
- else if ($quota['total']) {
+ if ($quota['total'] > 0) {
if (!isset($quota['percent'])) {
$quota_result['percent'] = min(100, round(($quota['used']/max(1,$quota['total']))*100));
}
@@ -1785,7 +1687,8 @@
}
}
else {
- $quota_result['title'] = $this->gettext('unknown');
+ $unlimited = $this->config->get('quota_zero_as_unlimited');
+ $quota_result['title'] = $this->gettext($unlimited ? 'unlimited' : 'unknown');
$quota_result['percent'] = 0;
}
@@ -1798,32 +1701,51 @@
*
* @param string $fallback Fallback message label
* @param array $fallback_args Fallback message label arguments
+ * @param string $suffix Message label suffix
*/
- public function display_server_error($fallback = null, $fallback_args = null)
+ public function display_server_error($fallback = null, $fallback_args = null, $suffix = '')
{
$err_code = $this->storage->get_error_code();
$res_code = $this->storage->get_response_code();
+ $args = array();
if ($res_code == rcube_storage::NOPERM) {
- $this->output->show_message('errornoperm', 'error');
+ $error = 'errornoperm';
}
else if ($res_code == rcube_storage::READONLY) {
- $this->output->show_message('errorreadonly', 'error');
+ $error = 'errorreadonly';
+ }
+ else if ($res_code == rcube_storage::OVERQUOTA) {
+ $error = 'errorroverquota';
}
else if ($err_code && ($err_str = $this->storage->get_error_str())) {
// try to detect access rights problem and display appropriate message
if (stripos($err_str, 'Permission denied') !== false) {
- $this->output->show_message('errornoperm', 'error');
+ $error = 'errornoperm';
+ }
+ // try to detect full mailbox problem and display appropriate message
+ // there can be e.g. "Quota exceeded" or "quotum would exceed"
+ else if (stripos($err_str, 'quot') !== false && stripos($err_str, 'exceed') !== false) {
+ $error = 'erroroverquota';
}
else {
- $this->output->show_message('servererrormsg', 'error', array('msg' => $err_str));
+ $error = 'servererrormsg';
+ $args = array('msg' => $err_str);
}
}
else if ($err_code < 0) {
- $this->output->show_message('storageerror', 'error');
+ $error = 'storageerror';
}
else if ($fallback) {
- $this->output->show_message($fallback, 'error', $fallback_args);
+ $error = $fallback;
+ $args = $fallback_args;
+ }
+
+ if ($error) {
+ if ($suffix && $this->text_exists($error . $suffix)) {
+ $error .= $suffix;
+ }
+ $this->output->show_message($error, 'error', $args);
}
}
@@ -1945,7 +1867,8 @@
public function upload_init()
{
// Enable upload progress bar
- if (($seconds = $this->config->get('upload_progress')) && ini_get('apc.rfc1867')) {
+ $rfc1867 = filter_var(ini_get('apc.rfc1867'), FILTER_VALIDATE_BOOLEAN);
+ if ($rfc1867 && ($seconds = $this->config->get('upload_progress'))) {
if ($field_name = ini_get('apc.rfc1867_name')) {
$this->output->set_env('upload_progress_name', $field_name);
$this->output->set_env('upload_progress_time', (int) $seconds);
@@ -1960,7 +1883,7 @@
}
$this->output->set_env('max_filesize', $max_filesize);
- $max_filesize = self::show_bytes($max_filesize);
+ $max_filesize = $this->show_bytes($max_filesize);
$this->output->set_env('filesizeerror', $this->gettext(array(
'name' => 'filesizeerror', 'vars' => array('size' => $max_filesize))));
--
Gitblit v1.9.1