public function create_identity($p) { $rcmail = rcmail::get_instance(); // prefs are set in create_user() if ($this->prefs) { if ($this->prefs['full_name']) { $p['record']['name'] = $this->prefs['full_name']; } if (($this->identities_level == 0 || $this->identities_level == 2) && $this->prefs['email_address']) { $p['record']['email'] = $this->prefs['email_address']; } if ($this->prefs['___signature___']) { $p['record']['signature'] = $this->prefs['___signature___']; } if ($this->prefs['reply_to']) { $p['record']['reply-to'] = $this->prefs['reply_to']; } if (($this->identities_level == 0 || $this->identities_level == 1) && isset($this->prefs['identities']) && $this->prefs['identities'] > 1) { for ($i = 1; $i < $this->prefs['identities']; $i++) { unset($ident_data); $ident_data = array('name' => '', 'email' => ''); // required data if ($this->prefs['full_name' . $i]) { $ident_data['name'] = $this->prefs['full_name' . $i]; } if ($this->identities_level == 0 && $this->prefs['email_address' . $i]) { $ident_data['email'] = $this->prefs['email_address' . $i]; } else { $ident_data['email'] = $p['record']['email']; } if ($this->prefs['reply_to' . $i]) { $ident_data['reply-to'] = $this->prefs['reply_to' . $i]; } if ($this->prefs['___sig' . $i . '___']) { $ident_data['signature'] = $this->prefs['___sig' . $i . '___']; } // insert identity $identid = $rcmail->user->insert_identity($ident_data); } } // copy address book $contacts = $rcmail->get_address_book(null, true); if ($contacts && count($this->abook)) { foreach ($this->abook as $rec) { // #1487096 handle multi-address and/or too long items $rec['email'] = array_shift(explode(';', $rec['email'])); if (check_email(rcube_idn_to_ascii($rec['email']))) { $rec['email'] = rcube_idn_to_utf8($rec['email']); $contacts->insert($rec, true); } } } // mark identity as complete for following hooks $p['complete'] = true; } return $p; }
function lookup_user_name($args) { $rcmail = rcmail::get_instance(); if ($this->init_ldap($args['host'])) { $results = $this->ldap->search('*', $args['user'], true); if (count($results->records) == 1) { $user_name = is_array($results->records[0]['name']) ? $results->records[0]['name'][0] : $results->records[0]['name']; $user_email = is_array($results->records[0]['email']) ? $results->records[0]['email'][0] : $results->records[0]['email']; $args['user_name'] = $user_name; if (!$args['user_email'] && strpos($user_email, '@')) { $args['user_email'] = rcube_idn_to_ascii($user_email); } } } return $args; }
function lookup_user_name($args) { $rcmail = rcmail::get_instance(); if ($this->init_ldap($args['host'])) { $results = $this->ldap->search('*', $args['user'], TRUE); if (count($results->records) == 1) { $args['user_name'] = $results->records[0]['name']; if (!$args['user_email'] && strpos($results->records[0]['email'], '@')) { $args['user_email'] = rcube_idn_to_ascii($results->records[0]['email']); } if (($alias_col = $rcmail->config->get('new_user_identity_alias')) && $results->records[0][$alias_col]) { $args['alias'] = $results->records[0][$alias_col]; } } } return $args; }
/** * User > Email */ function user2email($p) { $r = $this->findinvirtual('/\\s' . preg_quote($p['user'], '/') . '\\s*$/'); $result = array(); for ($i = 0; $i < count($r); $i++) { $arr = preg_split('/\\s+/', $r[$i]); if (count($arr) > 0 && strpos($arr[0], '@')) { $result[] = rcube_idn_to_ascii(trim(str_replace('\\@', '@', $arr[0]))); if ($p['first']) { $p['email'] = $result[0]; break; } } } $p['email'] = empty($result) ? NULL : $result; return $p; }
/** * This function cleanup_addr() has been used a large part of function * rcmail_email_input_format() in program/steps/mail/sendmail.inc of * Roundcube core at version 0.9. */ function cleanup_addr($mailto) { global $RCMAIL; // simplified email regexp, supporting quoted local part $email_regexp = '(\\S+|("[^"]+"))@\\S+'; $delim = trim($RCMAIL->config->get('recipients_separator', ',')); $regexp = array("/[,;{$delim}]\\s*[\r\n]+/", '/[\\r\\n]+/', "/[,;{$delim}]\\s*\$/m", '/;/', '/(\\S{1})(<' . $email_regexp . '>)/U'); $replace = array($delim . ' ', ', ', '', $delim, '\\1 \\2'); // replace new lines and strip ending ', ', make address input more valid $mailto = trim(preg_replace($regexp, $replace, $mailto)); $result = array(); $items = rcube_explode_quoted_string($delim, $mailto); foreach ($items as $item) { $item = trim($item); // address in brackets without name (do nothing) if (preg_match('/^<' . $email_regexp . '>$/', $item)) { $item = rcube_idn_to_ascii(trim($item, '<>')); $result[] = $item; // address without brackets and without name (add brackets) } else { if (preg_match('/^' . $email_regexp . '$/', $item)) { $item = rcube_idn_to_ascii($item); $result[] = $item; // address with name (handle name) } else { if (preg_match('/<*' . $email_regexp . '>*$/', $item, $matches)) { $address = $matches[0]; $name = trim(str_replace($address, '', $item)); if ($name[0] == '"' && $name[count($name) - 1] == '"') { $name = substr($name, 1, -1); } $name = stripcslashes($name); $address = rcube_idn_to_ascii(trim($address, '<>')); $result[] = $address; $item = $address; } else { if (trim($item)) { continue; } } } } } return implode(', ', $result); }
/** * User > Email */ function user2email($p) { $dbh = $this->app->get_dbh(); $sql_result = $dbh->query(preg_replace('/%u/', $dbh->escape($p['user']), $this->config['email'])); while ($sql_arr = $dbh->fetch_array($sql_result)) { if (strpos($sql_arr[0], '@')) { if ($p['extended'] && count($sql_arr) > 1) { $result[] = array('email' => rcube_idn_to_ascii($sql_arr[0]), 'name' => $sql_arr[1], 'organization' => $sql_arr[2], 'reply-to' => rcube_idn_to_ascii($sql_arr[3]), 'bcc' => rcube_idn_to_ascii($sql_arr[4]), 'signature' => $sql_arr[5], 'html_signature' => (int) $sql_arr[6]); } else { $result[] = $sql_arr[0]; } if ($p['first']) { break; } } } $p['email'] = $result; return $p; }
/** * Handler for submitted form * * Check fields and save to default identity if valid. * Afterwards the session flag is removed and we're done. */ function save_data() { $rcmail = rcmail::get_instance(); $identity = $rcmail->user->get_identity(); $identities_level = intval($rcmail->config->get('identities_level', 0)); $save_data = array('name' => get_input_value('_name', RCUBE_INPUT_POST), 'email' => get_input_value('_email', RCUBE_INPUT_POST), 'organization' => get_input_value('_organization', RCUBE_INPUT_POST), 'signature' => get_input_value('_signature', RCUBE_INPUT_POST)); // don't let the user alter the e-mail address if disabled by config if ($identities_level == 1 || $identities_level == 3) { $save_data['email'] = $identity['email']; } else { $save_data['email'] = rcube_idn_to_ascii($save_data['email']); } // save data if not empty if (!empty($save_data['name']) && !empty($save_data['email'])) { $rcmail->user->update_identity($identity['identity_id'], $save_data); $rcmail->session->remove('plugin.newuserdialog'); } $rcmail->output->redirect(''); }
function authenticate($args) { // Load plugin's config file $this->load_config(); $host = rcmail::get_instance()->config->get('http_authentication_host'); if (is_string($host) && trim($host) !== '') { $args['host'] = rcube_idn_to_ascii(rcube_parse_host($host)); } // Allow entering other user data in login form, // e.g. after log out (#1487953) if (!empty($args['user'])) { return $args; } if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) { $args['user'] = $_SERVER['PHP_AUTH_USER']; $args['pass'] = $_SERVER['PHP_AUTH_PW']; } $args['cookiecheck'] = false; $args['valid'] = true; return $args; }
function save($curpass, $passwd) { $rcmail = rcmail::get_instance(); if (!($sql = $rcmail->config->get('password_query'))) { $sql = 'SELECT update_passwd(%c, %u)'; } if ($dsn = $rcmail->config->get('password_db_dsn')) { // #1486067: enable new_link option if (is_array($dsn) && empty($dsn['new_link'])) { $dsn['new_link'] = true; } else { if (!is_array($dsn) && !preg_match('/\\?new_link=true/', $dsn)) { $dsn .= '?new_link=true'; } } $db = rcube_db::factory($dsn, '', false); $db->set_debug((bool) $rcmail->config->get('sql_debug')); $db->db_connect('w'); } else { $db = $rcmail->get_dbh(); } if ($err = $db->is_error()) { return PASSWORD_ERROR; } // crypted password if (strpos($sql, '%c') !== FALSE) { $salt = ''; if (!($crypt_hash = $rcmail->config->get('password_crypt_hash'))) { if (CRYPT_MD5) { $crypt_hash = 'md5'; } else { if (CRYPT_STD_DES) { $crypt_hash = 'des'; } } } switch ($crypt_hash) { case 'md5': $len = 8; $salt_hashindicator = '$1$'; break; case 'des': $len = 2; break; case 'blowfish': $len = 22; $salt_hashindicator = '$2a$'; break; case 'sha256': $len = 16; $salt_hashindicator = '$5$'; break; case 'sha512': $len = 16; $salt_hashindicator = '$6$'; break; default: return PASSWORD_CRYPT_ERROR; } //Restrict the character set used as salt (#1488136) $seedchars = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; for ($i = 0; $i < $len; $i++) { $salt .= $seedchars[rand(0, 63)]; } $sql = str_replace('%c', $db->quote(crypt($passwd, $salt_hashindicator ? $salt_hashindicator . $salt . '$' : $salt)), $sql); } // dovecotpw if (strpos($sql, '%D') !== FALSE) { if (!($dovecotpw = $rcmail->config->get('password_dovecotpw'))) { $dovecotpw = 'dovecotpw'; } if (!($method = $rcmail->config->get('password_dovecotpw_method'))) { $method = 'CRAM-MD5'; } // use common temp dir $tmp_dir = $rcmail->config->get('temp_dir'); $tmpfile = tempnam($tmp_dir, 'roundcube-'); $pipe = popen("{$dovecotpw} -s '{$method}' > '{$tmpfile}'", "w"); if (!$pipe) { unlink($tmpfile); return PASSWORD_CRYPT_ERROR; } else { fwrite($pipe, $passwd . "\n", 1 + strlen($passwd)); usleep(1000); fwrite($pipe, $passwd . "\n", 1 + strlen($passwd)); pclose($pipe); $newpass = trim(file_get_contents($tmpfile), "\n"); if (!preg_match('/^\\{' . $method . '\\}/', $newpass)) { return PASSWORD_CRYPT_ERROR; } if (!$rcmail->config->get('password_dovecotpw_with_method')) { $newpass = trim(str_replace('{' . $method . '}', '', $newpass)); } unlink($tmpfile); } $sql = str_replace('%D', $db->quote($newpass), $sql); } // hashed passwords if (preg_match('/%[n|q]/', $sql)) { if (!extension_loaded('hash')) { raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Password plugin: 'hash' extension not loaded!"), true, false); return PASSWORD_ERROR; } if (!($hash_algo = strtolower($rcmail->config->get('password_hash_algorithm')))) { $hash_algo = 'sha1'; } $hash_passwd = hash($hash_algo, $passwd); $hash_curpass = hash($hash_algo, $curpass); if ($rcmail->config->get('password_hash_base64')) { $hash_passwd = base64_encode(pack('H*', $hash_passwd)); $hash_curpass = base64_encode(pack('H*', $hash_curpass)); } $sql = str_replace('%n', $db->quote($hash_passwd, 'text'), $sql); $sql = str_replace('%q', $db->quote($hash_curpass, 'text'), $sql); } // Handle clear text passwords securely (#1487034) $sql_vars = array(); if (preg_match_all('/%[p|o]/', $sql, $m)) { foreach ($m[0] as $var) { if ($var == '%p') { $sql = preg_replace('/%p/', '?', $sql, 1); $sql_vars[] = (string) $passwd; } else { // %o $sql = preg_replace('/%o/', '?', $sql, 1); $sql_vars[] = (string) $curpass; } } } $local_part = $rcmail->user->get_username('local'); $domain_part = $rcmail->user->get_username('domain'); $username = $_SESSION['username']; $host = $_SESSION['imap_host']; // convert domains to/from punnycode if ($rcmail->config->get('password_idn_ascii')) { $domain_part = rcube_idn_to_ascii($domain_part); $username = rcube_idn_to_ascii($username); $host = rcube_idn_to_ascii($host); } else { $domain_part = rcube_idn_to_utf8($domain_part); $username = rcube_idn_to_utf8($username); $host = rcube_idn_to_utf8($host); } // at least we should always have the local part $sql = str_replace('%l', $db->quote($local_part, 'text'), $sql); $sql = str_replace('%d', $db->quote($domain_part, 'text'), $sql); $sql = str_replace('%u', $db->quote($username, 'text'), $sql); $sql = str_replace('%h', $db->quote($host, 'text'), $sql); $res = $db->query($sql, $sql_vars); if (!$db->is_error()) { if (strtolower(substr(trim($sql), 0, 6)) == 'select') { if ($result = $db->fetch_array($res)) { return PASSWORD_SUCCESS; } } else { // This is the good case: 1 row updated if ($db->affected_rows($res) == 1) { return PASSWORD_SUCCESS; } // @TODO: Some queries don't affect any rows // Should we assume a success if there was no error? } } return PASSWORD_ERROR; }
/** * Loads configuration, initializes plugin (including sieve connection) */ function managesieve_start() { $this->load_config(); // register UI objects $this->rc->output->add_handlers(array('filterslist' => array($this, 'filters_list'), 'filtersetslist' => array($this, 'filtersets_list'), 'filterframe' => array($this, 'filter_frame'), 'filterform' => array($this, 'filter_form'), 'filtersetform' => array($this, 'filterset_form'))); // Add include path for internal classes $include_path = $this->home . '/lib' . PATH_SEPARATOR; $include_path .= ini_get('include_path'); set_include_path($include_path); $host = rcube_parse_host($this->rc->config->get('managesieve_host', 'localhost')); $port = $this->rc->config->get('managesieve_port', 2000); $host = rcube_idn_to_ascii($host); $plugin = $this->rc->plugins->exec_hook('managesieve_connect', array('user' => $_SESSION['username'], 'password' => $this->rc->decrypt($_SESSION['password']), 'host' => $host, 'port' => $port, 'auth_type' => $this->rc->config->get('managesieve_auth_type'), 'usetls' => $this->rc->config->get('managesieve_usetls', false), 'disabled' => $this->rc->config->get('managesieve_disabled_extensions'), 'debug' => $this->rc->config->get('managesieve_debug', false), 'auth_cid' => $this->rc->config->get('managesieve_auth_cid'), 'auth_pw' => $this->rc->config->get('managesieve_auth_pw'))); // try to connect to managesieve server and to fetch the script $this->sieve = new rcube_sieve($plugin['user'], $plugin['password'], $plugin['host'], $plugin['port'], $plugin['auth_type'], $plugin['usetls'], $plugin['disabled'], $plugin['debug'], $plugin['auth_cid'], $plugin['auth_pw']); if (!($error = $this->sieve->error())) { // Get list of scripts $list = $this->list_scripts(); if (!empty($_GET['_set']) || !empty($_POST['_set'])) { $script_name = get_input_value('_set', RCUBE_INPUT_GPC, true); } else { if (!empty($_SESSION['managesieve_current'])) { $script_name = $_SESSION['managesieve_current']; } else { // get (first) active script if (!empty($this->active[0])) { $script_name = $this->active[0]; } else { if ($list) { $script_name = $list[0]; } else { // if script not exists build default script contents $script_file = $this->rc->config->get('managesieve_default'); $script_name = $this->rc->config->get('managesieve_script_name'); if (empty($script_name)) { $script_name = 'roundcube'; } if ($script_file && is_readable($script_file)) { $content = file_get_contents($script_file); } // add script and set it active if ($this->sieve->save_script($script_name, $content)) { $this->activate_script($script_name); $this->list[] = $script_name; } } } } } if ($script_name) { $this->sieve->load($script_name); } $error = $this->sieve->error(); } // finally set script objects if ($error) { switch ($error) { case SIEVE_ERROR_CONNECTION: case SIEVE_ERROR_LOGIN: $this->rc->output->show_message('managesieve.filterconnerror', 'error'); break; default: $this->rc->output->show_message('managesieve.filterunknownerror', 'error'); break; } raise_error(array('code' => 403, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Unable to connect to managesieve on {$host}:{$port}"), true, false); // to disable 'Add filter' button set env variable $this->rc->output->set_env('filterconnerror', true); $this->script = array(); } else { $this->exts = $this->sieve->get_extensions(); $this->script = $this->sieve->script->as_array(); $this->rc->output->set_env('currentset', $this->sieve->current); $_SESSION['managesieve_current'] = $this->sieve->current; } return $error; }
/** * Return the mail domain configured for the given host * * @param string $host IMAP host * @param boolean $encode If true, domain name will be converted to IDN ASCII * @return string Resolved SMTP host */ public function mail_domain($host, $encode = true) { $domain = $host; if (is_array($this->prop['mail_domain'])) { if (isset($this->prop['mail_domain'][$host])) { $domain = $this->prop['mail_domain'][$host]; } } else { if (!empty($this->prop['mail_domain'])) { $domain = rcube_parse_host($this->prop['mail_domain']); } } if ($encode) { $domain = rcube_idn_to_ascii($domain); } return $domain; }
/** * Helper function to build a Mail_mime object to send an iTip message * * @param array Event object to send * @param string iTip method (REQUEST|REPLY|CANCEL) * @return object Mail_mime object with message data */ public function compose_itip_message($event, $method) { $from = rcube_idn_to_ascii($this->sender['email']); $from_utf = rcube_idn_to_utf8($from); $sender = format_email_recipient($from, $this->sender['name']); // truncate list attendees down to the recipient of the iTip Reply. // constraints for a METHOD:REPLY according to RFC 5546 if ($method == 'REPLY') { $replying_attendee = null; $reply_attendees = array(); foreach ($event['attendees'] as $attendee) { if ($attendee['role'] == 'ORGANIZER') { $reply_attendees[] = $attendee; } else { if (strcasecmp($attedee['email'], $from) == 0 || strcasecmp($attendee['email'], $from_utf) == 0) { $replying_attendee = $attendee; } } } if ($replying_attendee) { $reply_attendees[] = $replying_attendee; $event['attendees'] = $reply_attendees; } } // compose multipart message using PEAR:Mail_Mime $message = new Mail_mime("\r\n"); $message->setParam('text_encoding', 'quoted-printable'); $message->setParam('head_encoding', 'quoted-printable'); $message->setParam('head_charset', RCMAIL_CHARSET); $message->setParam('text_charset', RCMAIL_CHARSET . ";\r\n format=flowed"); $message->setContentType('multipart/alternative'); // compose common headers array $headers = array('From' => $sender, 'Date' => $this->rc->user_date(), 'Message-ID' => $this->rc->gen_message_id(), 'X-Sender' => $from); if ($agent = $this->rc->config->get('useragent')) { $headers['User-Agent'] = $agent; } $message->headers($headers); // attach ics file for this event $ical = $this->cal->get_ical(); $ics = $ical->export(array($event), $method, false, $method == 'REQUEST' ? array($this->cal->driver, 'get_attachment_body') : false); $message->addAttachment($ics, 'text/calendar', 'event.ics', false, '8bit', '', RCMAIL_CHARSET . "; method=" . $method); return $message; }
/** * Handler for ACL update/create action */ private function action_save() { $mbox = trim(get_input_value('_mbox', RCUBE_INPUT_GPC, true)); // UTF7-IMAP $user = trim(get_input_value('_user', RCUBE_INPUT_GPC)); $acl = trim(get_input_value('_acl', RCUBE_INPUT_GPC)); $oldid = trim(get_input_value('_old', RCUBE_INPUT_GPC)); $acl = array_intersect(str_split($acl), $this->rights_supported()); $users = $oldid ? array($user) : explode(',', $user); foreach ($users as $user) { $user = trim($user); if (!empty($this->specials) && in_array($user, $this->specials)) { $username = $this->gettext($user); } else { if (!strpos($user, '@') && ($realm = $this->get_realm())) { $user .= '@' . rcube_idn_to_ascii(preg_replace('/^@/', '', $realm)); } $username = $user; } if (!$acl || !$user || !strlen($mbox)) { continue; } if ($user != $_SESSION['username'] && $username != $_SESSION['username']) { if ($this->rc->storage->set_acl($mbox, $user, $acl)) { $ret = array('id' => html_identifier($user), 'username' => $username, 'acl' => implode($acl), 'old' => $oldid); $this->rc->output->command('acl_update', $ret); $result++; } } } if ($result) { $this->rc->output->show_message($oldid ? 'acl.updatesuccess' : 'acl.createsuccess', 'confirmation'); } else { $this->rc->output->show_message($oldid ? 'acl.updateerror' : 'acl.createerror', 'error'); } }
/** * SMTP Connection and authentication * * @param string Server host * @param string Server port * @param string User name * @param string Password * * @return bool Returns true on success, or false on error */ public function connect($host = null, $port = null, $user = null, $pass = null) { $RCMAIL = rcmail::get_instance(); // disconnect/destroy $this->conn $this->disconnect(); // reset error/response var $this->error = $this->response = null; // let plugins alter smtp connection config $CONFIG = $RCMAIL->plugins->exec_hook('smtp_connect', array('smtp_server' => $host ? $host : $RCMAIL->config->get('smtp_server'), 'smtp_port' => $port ? $port : $RCMAIL->config->get('smtp_port', 25), 'smtp_user' => $user ? $user : $RCMAIL->config->get('smtp_user'), 'smtp_pass' => $pass ? $pass : $RCMAIL->config->get('smtp_pass'), 'smtp_auth_cid' => $RCMAIL->config->get('smtp_auth_cid'), 'smtp_auth_pw' => $RCMAIL->config->get('smtp_auth_pw'), 'smtp_auth_type' => $RCMAIL->config->get('smtp_auth_type'), 'smtp_helo_host' => $RCMAIL->config->get('smtp_helo_host'), 'smtp_timeout' => $RCMAIL->config->get('smtp_timeout'), 'smtp_auth_callbacks' => array())); $smtp_host = rcube_parse_host($CONFIG['smtp_server']); // when called from Installer it's possible to have empty $smtp_host here if (!$smtp_host) { $smtp_host = 'localhost'; } $smtp_port = is_numeric($CONFIG['smtp_port']) ? $CONFIG['smtp_port'] : 25; $smtp_host_url = parse_url($smtp_host); // overwrite port if (isset($smtp_host_url['host']) && isset($smtp_host_url['port'])) { $smtp_host = $smtp_host_url['host']; $smtp_port = $smtp_host_url['port']; } // re-write smtp host if (isset($smtp_host_url['host']) && isset($smtp_host_url['scheme'])) { $smtp_host = sprintf('%s://%s', $smtp_host_url['scheme'], $smtp_host_url['host']); } // remove TLS prefix and set flag for use in Net_SMTP::auth() if (preg_match('#^tls://#i', $smtp_host)) { $smtp_host = preg_replace('#^tls://#i', '', $smtp_host); $use_tls = true; } if (!empty($CONFIG['smtp_helo_host'])) { $helo_host = $CONFIG['smtp_helo_host']; } else { if (!empty($_SERVER['SERVER_NAME'])) { $helo_host = preg_replace('/:\\d+$/', '', $_SERVER['SERVER_NAME']); } else { $helo_host = 'localhost'; } } // IDNA Support $smtp_host = rcube_idn_to_ascii($smtp_host); $this->conn = new Net_SMTP($smtp_host, $smtp_port, $helo_host); if ($RCMAIL->config->get('smtp_debug')) { $this->conn->setDebug(true, array($this, 'debug_handler')); } // register authentication methods if (!empty($CONFIG['smtp_auth_callbacks']) && method_exists($this->conn, 'setAuthMethod')) { foreach ($CONFIG['smtp_auth_callbacks'] as $callback) { $this->conn->setAuthMethod($callback['name'], $callback['function'], isset($callback['prepend']) ? $callback['prepend'] : true); } } // try to connect to server and exit on failure $result = $this->conn->connect($smtp_timeout); if (PEAR::isError($result)) { $this->response[] = "Connection failed: " . $result->getMessage(); $this->error = array('label' => 'smtpconnerror', 'vars' => array('code' => $this->conn->_code)); $this->conn = null; return false; } // workaround for timeout bug in Net_SMTP 1.5.[0-1] (#1487843) if (method_exists($this->conn, 'setTimeout') && ($timeout = ini_get('default_socket_timeout'))) { $this->conn->setTimeout($timeout); } $smtp_user = str_replace('%u', $_SESSION['username'], $CONFIG['smtp_user']); $smtp_pass = str_replace('%p', $RCMAIL->decrypt($_SESSION['password']), $CONFIG['smtp_pass']); $smtp_auth_type = empty($CONFIG['smtp_auth_type']) ? NULL : $CONFIG['smtp_auth_type']; if (!empty($CONFIG['smtp_auth_cid'])) { $smtp_authz = $smtp_user; $smtp_user = $CONFIG['smtp_auth_cid']; $smtp_pass = $CONFIG['smtp_auth_pw']; } // attempt to authenticate to the SMTP server if ($smtp_user && $smtp_pass) { // IDNA Support if (strpos($smtp_user, '@')) { $smtp_user = rcube_idn_to_ascii($smtp_user); } $result = $this->conn->auth($smtp_user, $smtp_pass, $smtp_auth_type, $use_tls, $smtp_authz); if (PEAR::isError($result)) { $this->error = array('label' => 'smtpautherror', 'vars' => array('code' => $this->conn->_code)); $this->response[] .= 'Authentication failure: ' . $result->getMessage() . ' (Code: ' . $result->getCode() . ')'; $this->reset(); $this->disconnect(); return false; } } return true; }
/** * Perfom login to the IMAP server and to the webmail service. * This will also create a new user entry if auto_create_user is configured. * * @param string IMAP user name * @param string IMAP password * @param string IMAP host * @return boolean True on success, False on failure */ function login($username, $pass, $host = NULL) { $user = NULL; $config = $this->config->all(); if (!$host) { $host = $config['default_host']; } // Validate that selected host is in the list of configured hosts if (is_array($config['default_host'])) { $allowed = false; foreach ($config['default_host'] as $key => $host_allowed) { if (!is_numeric($key)) { $host_allowed = $key; } if ($host == $host_allowed) { $allowed = true; break; } } if (!$allowed) { return false; } } else { if (!empty($config['default_host']) && $host != rcube_parse_host($config['default_host'])) { return false; } } // parse $host URL $a_host = parse_url($host); if ($a_host['host']) { $host = $a_host['host']; $imap_ssl = isset($a_host['scheme']) && in_array($a_host['scheme'], array('ssl', 'imaps', 'tls')) ? $a_host['scheme'] : null; if (!empty($a_host['port'])) { $imap_port = $a_host['port']; } else { if ($imap_ssl && $imap_ssl != 'tls' && (!$config['default_port'] || $config['default_port'] == 143)) { $imap_port = 993; } } } $imap_port = $imap_port ? $imap_port : $config['default_port']; /* Modify username with domain if required Inspired by Marco <P0L0_notspam_binware.org> */ // Check if we need to add domain if (!empty($config['username_domain']) && strpos($username, '@') === false) { if (is_array($config['username_domain']) && isset($config['username_domain'][$host])) { $username .= '@' . rcube_parse_host($config['username_domain'][$host], $host); } else { if (is_string($config['username_domain'])) { $username .= '@' . rcube_parse_host($config['username_domain'], $host); } } } // Convert username to lowercase. If IMAP backend // is case-insensitive we need to store always the same username (#1487113) if ($config['login_lc']) { $username = mb_strtolower($username); } // try to resolve email address from virtuser table if (strpos($username, '@') && ($virtuser = rcube_user::email2user($username))) { $username = $virtuser; } // Here we need IDNA ASCII // Only rcube_contacts class is using domain names in Unicode $host = rcube_idn_to_ascii($host); if (strpos($username, '@')) { // lowercase domain name list($local, $domain) = explode('@', $username); $username = $local . '@' . mb_strtolower($domain); $username = rcube_idn_to_ascii($username); } // user already registered -> overwrite username if ($user = rcube_user::query($username, $host)) { $username = $user->data['username']; } if (!$this->imap) { $this->imap_init(); } // try IMAP login if (!($imap_login = $this->imap->connect($host, $username, $pass, $imap_port, $imap_ssl))) { // try with lowercase $username_lc = mb_strtolower($username); if ($username_lc != $username) { // try to find user record again -> overwrite username if (!$user && ($user = rcube_user::query($username_lc, $host))) { $username_lc = $user->data['username']; } if ($imap_login = $this->imap->connect($host, $username_lc, $pass, $imap_port, $imap_ssl)) { $username = $username_lc; } } } // exit if IMAP login failed if (!$imap_login) { return false; } $this->set_imap_prop(); // user already registered -> update user's record if (is_object($user)) { // create default folders on first login if (!$user->data['last_login'] && $config['create_default_folders']) { $this->imap->create_default_folders(); } $user->touch(); } else { if ($config['auto_create_user']) { if ($created = rcube_user::create($username, $host)) { $user = $created; // create default folders on first login if ($config['create_default_folders']) { $this->imap->create_default_folders(); } } else { raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Failed to create a user record. Maybe aborted by a plugin?"), true, false); } } else { raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Acces denied for new user {$username}. 'auto_create_user' is disabled"), true, false); } } // login succeeded if (is_object($user) && $user->ID) { $this->set_user($user); // set session vars $_SESSION['user_id'] = $user->ID; $_SESSION['username'] = $user->data['username']; $_SESSION['imap_host'] = $host; $_SESSION['imap_port'] = $imap_port; $_SESSION['imap_ssl'] = $imap_ssl; $_SESSION['password'] = $this->encrypt($pass); $_SESSION['login_time'] = mktime(); if (isset($_REQUEST['_timezone']) && $_REQUEST['_timezone'] != '_default_') { $_SESSION['timezone'] = floatval($_REQUEST['_timezone']); } // force reloading complete list of subscribed mailboxes $this->imap->clear_cache('mailboxes'); return true; } return false; }
/** * Check the given data before saving. * If input isn't valid, the message to display can be fetched using get_error() * * @param array Assoziative array with data to save * @param boolean Attempt to fix/complete record automatically * @return boolean True if input is valid, False if not. */ public function validate(&$save_data, $autofix = false) { // check validity of email addresses foreach ($this->get_col_values('email', $save_data, true) as $email) { if (strlen($email)) { if (!check_email(rcube_idn_to_ascii($email))) { $this->set_error(self::ERROR_VALIDATE, rcube_label(array('name' => 'emailformaterror', 'vars' => array('email' => $email)))); return false; } } } return true; }
private function _startup() { $rcmail = rcmail::get_instance(); if (!$this->sieve) { include 'lib/Net/Sieve.php'; include 'include/rcube_sieve.php'; include 'include/rcube_sieve_script.php'; $rcmail = rcmail::get_instance(); // try to connect to managesieve server and to fetch the script $this->sieve = new rcube_sieve($_SESSION['username'], $rcmail->decrypt($_SESSION['password']), rcube_idn_to_ascii(rcube_parse_host($rcmail->config->get('sieverules_host'))), $rcmail->config->get('sieverules_port'), $rcmail->config->get('sieverules_auth_type', NULL), $rcmail->config->get('sieverules_usetls'), $this->current_ruleset, $this->home, $rcmail->config->get('sieverules_use_elsif', true), $rcmail->config->get('sieverules_auth_cid', NULL), $rcmail->config->get('sieverules_auth_pw', NULL)); if ($rcmail->config->get('sieverules_debug', false)) { $this->sieve->set_debug(true); } $this->sieve_error = $this->sieve->error(); if ($this->sieve_error == SIEVE_ERROR_NOT_EXISTS) { // load default rule set if ($rcmail->config->get('sieverules_default_file', false) && is_readable($rcmail->config->get('sieverules_default_file')) || sizeof($this->sieve->list) > 0) { rcmail_overwrite_action('plugin.sieverules.setup'); $this->action = 'plugin.sieverules.setup'; } elseif ($rcmail->config->get('sieverules_default_file', false) && !is_readable($rcmail->config->get('sieverules_default_file'))) { raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "SieveRules plugin: Unable to open default rule file"), true, false); } // that's not exactly an error $this->sieve_error = false; } elseif ($this->sieve_error) { switch ($this->sieve_error) { case SIEVE_ERROR_CONNECTION: case SIEVE_ERROR_LOGIN: $this->api->output->command('display_message', $this->gettext('filterconnerror'), 'error'); break; default: $this->api->output->command('display_message', $this->gettext('filterunknownerror'), 'error'); break; } $this->api->output->set_env('sieveruleserror', true); } // finally set script objects if ($this->sieve_error) { $this->script = array(); } else { $this->script = $this->sieve->script->as_array(); // load example filters if ($rcmail->config->get('sieverules_example_file', false) && is_readable($rcmail->config->get('sieverules_example_file'))) { $this->examples = $this->sieve->script->parse_text(file_get_contents($rcmail->config->get('sieverules_example_file'))); } elseif ($rcmail->config->get('sieverules_example_file', false) && !is_readable($rcmail->config->get('sieverules_example_file'))) { raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "SieveRules plugin: Unable to open example rule file"), true, false); } } } else { $this->sieve->set_ruleset($this->current_ruleset); $this->script = $this->sieve->script->as_array(); } }
/** * Establish a connection to the LDAP server */ function connect() { global $RCMAIL; if (!function_exists('ldap_connect')) { raise_error(array('code' => 100, 'type' => 'ldap', 'file' => __FILE__, 'line' => __LINE__, 'message' => "No ldap support in this installation of PHP"), true); } if (is_resource($this->conn)) { return true; } if (!is_array($this->prop['hosts'])) { $this->prop['hosts'] = array($this->prop['hosts']); } if (empty($this->prop['ldap_version'])) { $this->prop['ldap_version'] = 3; } foreach ($this->prop['hosts'] as $host) { $host = rcube_idn_to_ascii(rcube_parse_host($host)); $this->_debug("C: Connect [{$host}" . ($this->prop['port'] ? ':' . $this->prop['port'] : '') . "]"); if ($lc = @ldap_connect($host, $this->prop['port'])) { if ($this->prop['use_tls'] === true) { if (!ldap_start_tls($lc)) { continue; } } $this->_debug("S: OK"); ldap_set_option($lc, LDAP_OPT_PROTOCOL_VERSION, $this->prop['ldap_version']); $this->prop['host'] = $host; $this->conn = $lc; break; } $this->_debug("S: NOT OK"); } if (is_resource($this->conn)) { $this->ready = true; // User specific access, generate the proper values to use. if ($this->prop['user_specific']) { // No password set, use the session password if (empty($this->prop['bind_pass'])) { $this->prop['bind_pass'] = $RCMAIL->decrypt($_SESSION['password']); } // Get the pieces needed for variable replacement. $fu = $RCMAIL->user->get_username(); list($u, $d) = explode('@', $fu); $dc = 'dc=' . strtr($d, array('.' => ',dc=')); // hierarchal domain string $replaces = array('%dc' => $dc, '%d' => $d, '%fu' => $fu, '%u' => $u); if ($this->prop['search_base_dn'] && $this->prop['search_filter']) { // Search for the dn to use to authenticate $this->prop['search_base_dn'] = strtr($this->prop['search_base_dn'], $replaces); $this->prop['search_filter'] = strtr($this->prop['search_filter'], $replaces); $this->_debug("S: searching with base {$this->prop['search_base_dn']} for {$this->prop['search_filter']}"); $res = ldap_search($this->conn, $this->prop['search_base_dn'], $this->prop['search_filter'], array('uid')); if ($res && ($entry = ldap_first_entry($this->conn, $res))) { $bind_dn = ldap_get_dn($this->conn, $entry); $this->_debug("S: search returned dn: {$bind_dn}"); if ($bind_dn) { $this->prop['bind_dn'] = $bind_dn; $dn = ldap_explode_dn($bind_dn, 1); $replaces['%dn'] = $dn[0]; } } } // Replace the bind_dn and base_dn variables. $this->prop['bind_dn'] = strtr($this->prop['bind_dn'], $replaces); $this->prop['base_dn'] = strtr($this->prop['base_dn'], $replaces); } if (!empty($this->prop['bind_dn']) && !empty($this->prop['bind_pass'])) { $this->ready = $this->bind($this->prop['bind_dn'], $this->prop['bind_pass']); } } else { raise_error(array('code' => 100, 'type' => 'ldap', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Could not connect to any LDAP server, last tried {$host}:{$this->prop[port]}"), true); } // See if the directory is writeable. if ($this->prop['writable']) { $this->readonly = false; } // end if }