/**
* Fetch a cached value from the list
* @param string $key key name of the data to fetch
* @return mixed string value on success, bool false on failure
*/
public static function get($key)
{
if (array_key_exists($key, self::$pages)) {
Hm_Debug::add(sprintf("PAGE CACHE: %s", $key));
return self::$pages[$key][0];
}
return false;
}
/**
* Check HTTP header "fingerprint" against the session value
* @param object $request request details
* @return void
*/
public function check_fingerprint($request)
{
$id = $this->build_fingerprint($request);
$fingerprint = $this->get('fingerprint', false);
if (!$fingerprint || $fingerprint !== $id) {
$this->destroy($request);
Hm_Debug::add('HTTP header fingerprint check failed');
}
}
/**
* Process request details
* @param array $filters list of input filters from module sets
* @return void
*/
public function __construct($filters)
{
$this->filter_request_input($filters);
$this->get_other_request_details($filters);
$this->empty_super_globals();
Hm_Debug::add('Using sapi: ' . $this->sapi);
Hm_Debug::add('Request type: ' . $this->type);
Hm_Debug::add('Request path: ' . $this->path);
Hm_Debug::add('TLS request: ' . intval($this->tls));
Hm_Debug::add('Mobile request: ' . intval($this->mobile));
}
/**
* Connect to a DB server
* @param object $site_config site settings
* @return object database connection on success
*/
public static function connect($site_config)
{
self::parse_config($site_config);
$key = self::db_key();
if (array_key_exists($key, self::$dbh) && self::$dbh[$key]) {
return self::$dbh[$key];
}
$dsn = sprintf('%s:host=%s;dbname=%s', self::$config['db_driver'], self::$config['db_host'], self::$config['db_name']);
try {
self::$dbh[$key] = new PDO($dsn, self::$config['db_user'], self::$config['db_pass']);
Hm_Debug::add(sprintf('Connecting to dsn: %s', $dsn));
return self::$dbh[$key];
} catch (Exception $oops) {
Hm_Debug::add($oops->getMessage());
Hm_Msgs::add("An error occurred communicating with the database");
self::$dbh[$key] = false;
return false;
}
}
/**
* @subpackage contacts/functions
*/
function fetch_gmail_contacts($config, $contact_store)
{
foreach (Hm_IMAP_List::dump(false, true) as $id => $server) {
if ($server['server'] == 'imap.gmail.com' && array_key_exists('auth', $server) && $server['auth'] == 'xoauth2') {
$results = imap_refresh_oauth2_token($server, $config);
if (!empty($results)) {
if (Hm_IMAP_List::update_oauth2_token($server_id, $results[1], $results[0])) {
Hm_Debug::add(sprintf('Oauth2 token refreshed for IMAP server id %d', $server_id));
$updated++;
$server = Hm_IMAP_List::dump($id);
}
}
$url = 'https://www.google.com/m8/feeds/contacts/' . $server['user'] . '/full';
$contacts = parse_contact_xml(gmail_contacts_request($server['pass'], $url), $server['name']);
if (!empty($contacts)) {
$contact_store->import($contacts);
}
}
}
return $contact_store;
}
/**
* Add a module to a single page
* @param string $page the page to assign the module to
* @param string $module the module to add
* @param bool $logged_in true if the module requires the user to be logged in
* @param string $marker the module to insert before or after
* @param string $placement "before" or "after" the $marker module
* @param bool $queue true to attempt to re-insert the module later on failure
* @param string $source the module set containing this module
* @return bool true if the module was added or was already registered
*/
public static function add($page, $module, $logged_in, $marker = false, $placement = 'after', $queue = true, $source = false)
{
$inserted = false;
if (!array_key_exists($page, self::$module_list)) {
self::$module_list[$page] = array();
}
if (array_key_exists($page, self::$module_list) && array_key_exists($module, self::$module_list[$page])) {
Hm_Debug::add(sprintf("Already registered module for %s re-attempted: %s", $page, $module));
return true;
}
if (!$source) {
$source = self::$source;
}
if ($marker) {
$inserted = self::insert_at_marker($marker, $page, $module, $logged_in, $placement, $source);
} else {
self::$module_list[$page][$module] = array($source, $logged_in);
$inserted = true;
}
if (!$inserted) {
if ($queue) {
self::$module_queue[] = array($page, $module, $logged_in, $marker, $placement, $source);
} else {
Hm_Debug::add(sprintf('failed to insert module %s on %s', $module, $page));
}
}
return $inserted;
}
* DEBUG_MODE flag to enable easier debugging and development
* CACHE_ID unique string to bust js/css browser caching for a new build
* SITE_ID random site id used for page keys
*/
define('APP_PATH', '');
define('DEBUG_MODE', true);
define('CACHE_ID', '');
define('SITE_ID', '');
/* show all warnings in debug mode */
if (DEBUG_MODE) {
error_reporting(E_ALL | E_STRICT);
}
/* config file location */
define('CONFIG_FILE', APP_PATH . 'hm3.rc');
/* don't let anything output content until we are ready */
ob_start();
/* set default TZ */
date_default_timezone_set('UTC');
/* get includes */
require APP_PATH . 'lib/framework.php';
/* get configuration */
$config = new Hm_Site_Config_File(CONFIG_FILE);
/* setup ini settings */
require APP_PATH . 'lib/ini_set.php';
/* process the request */
new Hm_Dispatch($config);
/* log some debug stats about the page */
if (DEBUG_MODE) {
Hm_Debug::load_page_stats();
Hm_Debug::show('log');
}
/**
* Run a single handler and return the results
* @param array $input handler output so far for this page
* @param array $protected list of protected output
* @param string $name handler module name
* @param array $args module arguments
* @param object $session session interface
*/
public function run_handler_module($input, $protected, $name, $args, $session)
{
$name = "Hm_Handler_{$name}";
if (class_exists($name)) {
if (!$args[1] || $args[1] && $session->is_active()) {
$mod = new $name($this, $args[1], $this->page, $input, $protected);
$mod->process($input);
$input = $mod->module_output();
$protected = $mod->output_protected();
}
} else {
Hm_Debug::add(sprintf('Handler module %s activated but not found', $name));
}
return array($input, $protected);
}
/**
* Save user settings to the DB
* @param string $username username
* @param string $key encryption key
* @return void
*/
public function save($username, $key)
{
$config = Hm_Crypt::ciphertext(serialize($this->config), $key);
if (!$this->connect()) {
return false;
}
$sql = $this->dbh->prepare("update hm_user_settings set settings=? where username=?");
if ($sql->execute(array($config, $username)) && $sql->rowCount() == 1) {
Hm_Debug::add(sprintf("Saved user data to DB for %s", $username));
return true;
}
$sql = $this->dbh->prepare("insert into hm_user_settings values(?,?)");
if ($sql->execute(array($username, $config))) {
return true;
}
return false;
}
/**
* Perform an HTTP redirect
* @param string $url url to redirect to
* @param int $status current HTTP status
* @return void
*/
public static function page_redirect($url, $status = false)
{
if (DEBUG_MODE) {
Hm_Debug::add(sprintf('Redirecting to %s', $url));
Hm_Debug::load_page_stats();
Hm_Debug::show('log');
}
if ($status == 303) {
Hm_Debug::add('Redirect loop found');
Hm_Functions::cease('Redirect loop discovered');
}
Hm_Functions::header('HTTP/1.1 303 Found');
Hm_Functions::header('Location: ' . $url);
return Hm_Functions::cease();
}
/**
* Start the session. This could be an existing session or a new login
* @param object $request request details
* @return void
*/
public function start($request)
{
if (array_key_exists($this->cname, $request->cookie)) {
session_id($request->cookie[$this->cname]);
}
list($secure, $path, $domain) = $this->set_session_params($request);
session_set_cookie_params(0, $path, $domain, $secure);
Hm_Functions::session_start();
if ($request->type == 'HTTP' && !array_key_exists('logout', $request->post)) {
session_regenerate_id(true);
$this->cname = session_id();
}
if (array_key_exists('data', $_SESSION)) {
$data = $this->plaintext($_SESSION['data']);
if (is_array($data)) {
$this->data = $data;
} elseif (!$this->loaded) {
$this->destroy($request);
Hm_Debug::add('Mismatched session level encryption key');
}
}
$this->active = true;
}
/**
* Return a translated string if possible
* @param string $string the string to be translated
* @return string translated string
*/
public function trans($string)
{
if (array_key_exists($string, $this->lstr)) {
if ($this->lstr[$string] === false) {
return $this->html_safe($string);
} else {
return $this->html_safe($this->lstr[$string]);
}
} else {
Hm_Debug::add(sprintf('TRANSLATION NOT FOUND :%s:', $string));
}
return $this->html_safe($string);
}
/**
* @preserveGlobalState disabled
* @runInSeparateProcess
*/
public function test_load_page_stats()
{
Hm_Debug::load_page_stats();
$this->assertTrue(count(Hm_Debug::get()) > 4);
}
public function process()
{
$active = array();
if (array_key_exists('imap_server_ids', $this->request->post)) {
$active = explode(',', $this->request->post['imap_server_ids']);
}
if (array_key_exists('imap_server_id', $this->request->post)) {
$active[] = $this->request->post['imap_server_id'];
}
$updated = 0;
foreach ($active as $server_id) {
$server = Hm_IMAP_List::dump($server_id, true);
if (array_key_exists('auth', $server) && $server['auth'] == 'xoauth2') {
$results = imap_refresh_oauth2_token($server, $this->config);
if (!empty($results)) {
if (Hm_IMAP_List::update_oauth2_token($server_id, $results[1], $results[0])) {
Hm_Debug::add(sprintf('Oauth2 token refreshed for IMAP server id %d', $server_id));
$updated++;
}
}
}
}
if ($updated > 0) {
$servers = Hm_IMAP_List::dump(false, true);
$this->user_config->set('imap_servers', $servers);
$this->session->set('user_data', $this->user_config->dump());
}
}
/**
* Easy to use error logging
* @param mixed $mixed vaule to send to the log
* @return void
*/
function elog($mixed)
{
if (DEBUG_MODE) {
$bt = debug_backtrace();
$caller = array_shift($bt);
Hm_Debug::add(sprintf('ELOG called in %s at line %d', $caller['file'], $caller['line']));
return Hm_Functions::error_log(Hm_Debug::str($mixed));
}
}
/**
* determine if the current command can be served from cache
* @param string $command IMAP command to check
* @param bool $check_only flag to avoid double logging
* @return mixed cached result or false if there is no cached data to use
*/
protected function check_cache($command, $check_only = false)
{
if (!$this->use_cache) {
return false;
}
$command = str_replace(array("\r", "\n"), array(''), preg_replace("/^A\\d+ /", '', $command));
$res = false;
$msg = '';
if (preg_match("/^SELECT/", $command) && isset($this->cache_data['SELECT'][$command])) {
$res = $this->cache_data['SELECT'][$command];
$msg = 'Found cached mailbox state: ' . $command;
} elseif (preg_match("/^EXAMINE/", $command) && isset($this->cache_data['EXAMINE'][$command])) {
$res = $this->cache_data['EXAMINE'][$command];
$msg = 'Found cached mailbox state: ' . $command;
} elseif (preg_match("/^LIST/ ", $command) && isset($this->cache_data['LIST'][$command])) {
$msg = 'Cache hit for: ' . $command;
$res = $this->cache_data['LIST'][$command];
} elseif (preg_match("/^LSUB /", $command) && isset($this->cache_data['LSUB'][$command])) {
$msg = 'Cache hit for: ' . $command;
$res = $this->cache_data['LSUB'][$command];
} elseif (preg_match("/^NAMESPACE/", $command) && isset($this->cache_data['NAMESPACE'])) {
$msg = 'Cache hit for: ' . $command;
$res = $this->cache_data['NAMESPACE'];
} elseif ($this->selected_mailbox) {
$box = $this->selected_mailbox['name'];
if (isset($this->cache_data[$box][$command])) {
$msg = 'Cache hit for: ' . $box . ' with: ' . $command;
$res = $this->cache_data[$box][$command];
}
}
if ($msg) {
Hm_Debug::add($msg);
$this->cached_response = true;
$this->debug[] = $msg;
}
if ($check_only) {
return $res ? true : false;
}
return $res;
}
public function process()
{
if (array_key_exists('smtp_send', $this->request->post)) {
list($success, $form) = $this->process_form(array('compose_to', 'compose_subject', 'smtp_server_id'));
if ($success) {
$draft = array('draft_to' => $form['compose_to'], 'draft_body' => '', 'draft_subject' => $form['compose_subject']);
$to = $form['compose_to'];
$subject = $form['compose_subject'];
$body = '';
$from = '';
$cc = '';
$bcc = '';
$in_reply_to = '';
if (array_key_exists('compose_body', $this->request->post)) {
$body = $this->request->post['compose_body'];
$draft['draft_body'] = $this->request->post['compose_body'];
}
if (array_key_exists('compose_cc', $this->request->post)) {
$cc = $this->request->post['compose_cc'];
$draft['draft_cc'] = $this->request->post['compose_cc'];
}
if (array_key_exists('compose_bcc', $this->request->post)) {
$bcc = $this->request->post['compose_bcc'];
$draft['draft_bcc'] = $this->request->post['compose_bcc'];
}
if (array_key_exists('compose_in_reply_to', $this->request->post)) {
$in_reply_to = $this->request->post['compose_in_reply_to'];
$draft['draft_in_reply_to'] = $this->request->post['compose_in_reply_to'];
}
$smtp_details = Hm_SMTP_List::dump($form['smtp_server_id'], true);
if ($smtp_details) {
$from = $smtp_details['user'];
if (array_key_exists('auth', $smtp_details) && $smtp_details['auth'] == 'xoauth2') {
$results = smtp_refresh_oauth2_token($smtp_details, $this->config);
if (!empty($results)) {
if (Hm_SMTP_List::update_oauth2_token($form['smtp_server_id'], $results[1], $results[0])) {
Hm_Debug::add(sprintf('Oauth2 token refreshed for SMTP server id %d', $form['smtp_server_id']));
$servers = Hm_SMTP_List::dump(false, true);
$this->user_config->set('smtp_servers', $servers);
$this->session->set('user_data', $this->user_config->dump());
}
}
}
$smtp = Hm_SMTP_List::connect($form['smtp_server_id'], false);
if ($smtp && $smtp->state == 'authed') {
$mime = new Hm_MIME_Msg($to, $subject, $body, $from, $this->get('smtp_compose_type', 0), $cc, $bcc, $in_reply_to);
$mime->add_attachments($this->session->get('uploaded_files', array()));
$recipients = $mime->get_recipient_addresses();
if (empty($recipients)) {
Hm_Msgs::add("ERRNo valid receipts found");
} else {
$err_msg = $smtp->send_message($from, $recipients, $mime->get_mime_msg());
if ($err_msg) {
Hm_Msgs::add(sprintf("ERR%s", $err_msg));
} else {
$draft = array();
delete_uploaded_files($this->session);
Hm_Msgs::add("Message Sent");
}
}
} else {
Hm_Msgs::add("ERRFailed to authenticate to the SMTP server");
}
}
$this->session->set('compose_draft', $draft);
} else {
Hm_Msgs::add('ERRRequired field missing');
}
}
}
/**
* Output a debug message if openssl_random_pseudo_bytes is borked
* @return bool
*/
public static function random_bytes_check()
{
if (!self::$strong) {
Hm_Debug::add('WARNING: openssl_random_pseudo_bytes not cryptographically strong');
}
return self::$strong;
}
/**
* Parse feed content
* @param string $url feed location
* @return bool
*/
function parse_feed($url)
{
$this->get_feed_data($url);
if (!empty($this->parsed_data)) {
return true;
}
if (preg_match('/<feed .+atom/i', $this->xml_data)) {
$this->feed_type = 'atom';
}
$xml_parser = xml_parser_create('UTF-8');
xml_set_object($xml_parser, $this);
if ($this->feed_type == 'atom' || $this->feed_type == 'rss') {
xml_set_element_handler($xml_parser, $this->feed_type . '_start_element', $this->feed_type . '_end_element');
xml_set_character_data_handler($xml_parser, $this->feed_type . '_character_data');
if (xml_parse($xml_parser, $this->xml_data)) {
xml_parser_free($xml_parser);
if ($this->sort) {
$this->sort_parsed_data();
}
return true;
} else {
Hm_Debug::add(sprintf('XML Parse error: %s', xml_error_string(xml_get_error_code($xml_parser))));
return false;
}
} else {
return false;
}
}
