function attachSelectedMessages($msg, $imapConnection) { global $username, $attachment_dir, $startMessage, $data_dir, $composesession, $uid_support, $msgs, $thread_sort_messages, $allow_server_sort, $show_num, $compose_messages; if (!isset($compose_messages)) { $compose_messages = array(); sqsession_register($compose_messages, 'compose_messages'); } if (!$composesession) { $composesession = 1; sqsession_register($composesession, 'composesession'); } else { $composesession++; sqsession_register($composesession, 'composesession'); } $hashed_attachment_dir = getHashedDir($username, $attachment_dir, $composesession); if ($thread_sort_messages || $allow_server_sort) { $start_index = 0; } else { $start_index = ($startMessage - 1) * $show_num; } $i = 0; $j = 0; $hashed_attachment_dir = getHashedDir($username, $attachment_dir); $composeMessage = new Message(); $rfc822_header = new Rfc822Header(); $composeMessage->rfc822_header = $rfc822_header; $composeMessage->reply_rfc822_header = ''; while ($j < count($msg)) { if (isset($msg[$i])) { $id = $msg[$i]; $body_a = sqimap_run_command($imapConnection, "FETCH {$id} RFC822", true, $response, $readmessage, $uid_support); if ($response == 'OK') { // fetch the subject for the message with $id from msgs. // is there a more efficient way to do this? foreach ($msgs as $k => $vals) { if ($vals['ID'] == $id) { $subject = $msgs[$k]['SUBJECT']; break; } } array_shift($body_a); array_pop($body_a); $body = implode('', $body_a); $body .= "\r\n"; $localfilename = GenerateRandomString(32, 'FILE', 7); $full_localfilename = "{$hashed_attachment_dir}/{$localfilename}"; $fp = fopen($full_localfilename, 'wb'); fwrite($fp, $body); fclose($fp); $composeMessage->initAttachment('message/rfc822', $subject . '.msg', $full_localfilename); } $j++; } $i++; } $compose_messages[$composesession] = $composeMessage; sqsession_register($compose_messages, 'compose_messages'); session_write_close(); return $composesession; }
/** * Check if user has previously logged in to the SquirrelMail session. If user * has not logged in, execution will stop inside this function. * * @return int A positive value is returned if user has previously logged in * successfully. */ function is_logged_in() { if (sqsession_is_registered('user_is_logged_in')) { return; } else { global $PHP_SELF, $HTTP_POST_VARS, $_POST, $session_expired_post, $session_expired_location, $squirrelmail_language; // First we store some information in the new session to prevent // information-loss. // if (!check_php_version(4, 1)) { $session_expired_post = $HTTP_POST_VARS; } else { $session_expired_post = $_POST; } $session_expired_location = $PHP_SELF; if (!sqsession_is_registered('session_expired_post')) { sqsession_register($session_expired_post, 'session_expired_post'); } if (!sqsession_is_registered('session_expired_location')) { sqsession_register($session_expired_location, 'session_expired_location'); } session_write_close(); // signout page will deal with users who aren't logged // in on its own; don't show error here // if (strpos($PHP_SELF, 'signout.php') !== FALSE) { return; } include_once SM_PATH . 'functions/display_messages.php'; set_up_language($squirrelmail_language, true); logout_error(_("You must be logged in to access this page.")); exit; } }
/** * Does the actual password changing (meaning it calls the hook function * from the backend that does this. If something goes wrong, return error * message(s). If everything ok, change the password in the session so the * user doesn't have to log out, and redirect back to the options screen. */ function cpw_do_change() { global $cpw_backend; sqgetGlobalVar('cpw_curpass', $curpw, SQ_POST); sqgetGlobalVar('cpw_newpass', $newpw, SQ_POST); sqgetGlobalVar('base_uri', $base_uri, SQ_SESSION); sqgetGlobalVar('onetimepad', $onetimepad, SQ_SESSION); sqgetGlobalVar('key', $key, SQ_COOKIE); sqgetGlobalVar('username', $username, SQ_SESSION); require_once SM_PATH . 'plugins/change_password/backend/' . $cpw_backend . '.php'; $msgs = do_hook('change_password_dochange', $temp = array('username' => &$username, 'curpw' => &$curpw, 'newpw' => &$newpw)); /* something bad happened, return */ if (count($msgs) > 0) { return $msgs; } /* update our password stored in the session */ $onetimepad = OneTimePadCreate(strlen($newpw)); sqsession_register($onetimepad, 'onetimepad'); $key = OneTimePadEncrypt($newpw, $onetimepad); sqsetcookie('key', $key, 0, $base_uri); /* make sure we write the session data before we redirect */ session_write_close(); header('Location: ' . SM_PATH . 'src/options.php?optmode=submit&optpage=change_password&plugin_change_password=1&smtoken=' . sm_generate_security_token()); exit; }
function is_logged_in() { if (sqsession_is_registered('user_is_logged_in')) { return; } else { global $PHP_SELF, $session_expired_post, $session_expired_location; /* First we store some information in the new session to prevent * information-loss. */ $session_expired_post = $_POST; $session_expired_location = $PHP_SELF; if (!sqsession_is_registered('session_expired_post')) { sqsession_register($session_expired_post, 'session_expired_post'); } if (!sqsession_is_registered('session_expired_location')) { sqsession_register($session_expired_location, 'session_expired_location'); } include_once SM_PATH . 'functions/display_messages.php'; logout_error(_("You must be logged in to access this page.")); exit; } }
/** * Save the preferences for this user. */ function savePrefValues($data_dir, $username) { global $prefs_cache; $filename = getHashedFile($username, $data_dir, "{$username}.pref"); /* Open the file for writing, or else display an error to the user. */ if (!($file = @fopen($filename . '.tmp', 'w'))) { logout_error(sprintf(_("Preference file, %s, could not be opened. Contact your system administrator to resolve this issue."), $filename . '.tmp')); exit; } foreach ($prefs_cache as $Key => $Value) { if (isset($Value)) { if (sq_fwrite($file, $Key . '=' . $Value . "\n") === FALSE) { logout_error(sprintf(_("Preference file, %s, could not be written. Contact your system administrator to resolve this issue."), $filename . '.tmp')); exit; } } } fclose($file); if (!@copy($filename . '.tmp', $filename)) { logout_error(sprintf(_("Preference file, %s, could not be copied from temporary file, %s. Contact your system administrator to resolve this issue."), $filename, $filename . '.tmp')); exit; } @unlink($filename . '.tmp'); @chmod($filename, 0600); sqsession_register($prefs_cache, 'prefs_cache'); }
function sqauth_save_password($pass) { sqgetGlobalVar('base_uri', $base_uri, SQ_SESSION); $onetimepad = OneTimePadCreate(strlen($pass)); sqsession_register($onetimepad, 'onetimepad'); $key = OneTimePadEncrypt($pass, $onetimepad); sqsetcookie('key', $key, false, $base_uri); return $key; }
function setPref($data_dir, $username, $string, $set_to) { global $prefs_cache; if (isset($prefs_cache[$string]) && $prefs_cache[$string] == $set_to) { return; } if ($set_to === '') { removePref($data_dir, $username, $string); return; } $db = new dbPrefs(); if (isset($db->error)) { $db->failQuery(); } $db->setKey($username, $string, $set_to); $prefs_cache[$string] = $set_to; assert_options(ASSERT_ACTIVE, 1); assert_options(ASSERT_BAIL, 1); assert('$set_to == $prefs_cache[$string]'); sqsession_register($prefs_cache, 'prefs_cache'); return; }
} else { // FIXME DO Check the password policy : /* if (is_callable(array($admin,"checkPolicy")) && !$admin->checkPolicy("pop",$username,$_POST['acp_newpass'])) { $errstr=_("This password is not strong enough for your policy, set a stronger password or call your administrator"); } else { */ // ok, let's change the password $acp_newpass = $_POST['acp_newpass']; $newp = _md5cr($acp_newpass); mysql_query("UPDATE address SET password='******' WHERE id=" . $c["id"] . " ;"); $errstr = _("Your password has been successfully changed. Don't forget to change it in your mail software if you are using one (Outlook, Mozilla, Thunderbird, Eudora ...)"); // Write new cookies for the password $onetimepad = OneTimePadCreate(strlen($acp_newpass)); sqsession_register($onetimepad, 'onetimepad'); $key = OneTimePadEncrypt($acp_newpass, $onetimepad); setcookie("key", $key, 0, $base_uri); // } } } } } // POSTED data ? textdomain("squirrelmail"); displayPageHeader($color, 'None'); textdomain("alternc"); if ($errstr) { echo "<p><b>" . $errstr . "</b></p>"; } ?>
/* dark red Special Folders color */ $color[12] = '#EDEDED'; $color[15] = '#002266'; /* (dark blue) Unselectable folders */ $color[16] = '#ff9933'; /* (orange) Highlight color */ if (isset($chosen_theme) && $found_theme && file_exists($chosen_theme)) { @(include_once $chosen_theme); } else { if (isset($theme) && isset($theme[$theme_default]) && file_exists($theme[$theme_default]['PATH'])) { @(include_once $theme[$theme_default]['PATH']); $chosen_theme = $theme[$theme_default]['PATH']; } } if (!defined('download_php')) { sqsession_register($theme_css, 'theme_css'); } /* Load the user's special folder preferences */ $move_to_sent = getPref($data_dir, $username, 'move_to_sent', $default_move_to_sent); $move_to_trash = getPref($data_dir, $username, 'move_to_trash', $default_move_to_trash); $save_as_draft = getPref($data_dir, $username, 'save_as_draft', $default_save_as_draft); if ($default_unseen_type == '') { $default_unseen_type = 1; } if ($default_unseen_notify == '') { $default_unseen_notify = 2; } $unseen_type = getPref($data_dir, $username, 'unseen_type', $default_unseen_type); $unseen_notify = getPref($data_dir, $username, 'unseen_notify', $default_unseen_notify); $unseen_cum = getPref($data_dir, $username, 'unseen_cum', false); $folder_prefix = getPref($data_dir, $username, 'folder_prefix', $default_folder_prefix);
function attachSelectedMessages($msg, $imapConnection) { global $username, $attachment_dir, $startMessage, $data_dir, $composesession, $uid_support, $mailbox, $msgs, $thread_sort_messages, $allow_server_sort, $show_num, $compose_messages; if (!isset($compose_messages)) { $compose_messages = array(); sqsession_register($compose_messages, 'compose_messages'); } if (!$composesession) { $composesession = 1; sqsession_register($composesession, 'composesession'); } else { $composesession++; sqsession_register($composesession, 'composesession'); } $hashed_attachment_dir = getHashedDir($username, $attachment_dir, $composesession); if ($thread_sort_messages || $allow_server_sort) { $start_index = 0; } else { $start_index = ($startMessage - 1) * $show_num; } $i = 0; $j = 0; $hashed_attachment_dir = getHashedDir($username, $attachment_dir); $composeMessage = new Message(); $rfc822_header = new Rfc822Header(); $composeMessage->rfc822_header = $rfc822_header; $composeMessage->reply_rfc822_header = ''; while ($j < count($msg)) { if (isset($msg[$i])) { $id = $msg[$i]; $body_a = sqimap_run_command($imapConnection, "FETCH {$id} RFC822", true, $response, $readmessage, $uid_support); if ($response == 'OK') { $message = sqimap_get_message($imapConnection, $id, $mailbox); // fetch the subject for the message from the object $filename = $message->rfc822_header->subject; if (empty($filename)) { $filename = "untitled-" . $message->entity_id; } $filename .= '.msg'; $filename = decodeHeader($filename, false, false); array_shift($body_a); array_pop($body_a); $body = implode('', $body_a); $body .= "\r\n"; $localfilename = GenerateRandomString(32, 'FILE', 7); $full_localfilename = "{$hashed_attachment_dir}/{$localfilename}"; while (file_exists($full_localfilename)) { $localfilename = GenerateRandomString(32, 'FILE', 7); $full_localfilename = "{$hashed_attachment_dir}/{$localfilename}"; } $fp = fopen($full_localfilename, 'wb'); fwrite($fp, $body); fclose($fp); $composeMessage->initAttachment('message/rfc822', $filename, $localfilename); } $j++; } $i++; } $compose_messages[$composesession] = $composeMessage; sqsession_register($compose_messages, 'compose_messages'); session_write_close(); return $composesession; }
/** * Attach messages to a compose session * * @param resource $imapConnection imap connection * @param array $aMsgHeaders * @return int $composesession unique compose_session_id where the attached messages belong to * @author Marc Groot Koerkamp */ function attachSelectedMessages($imapConnection, $aMsgHeaders) { sqgetGlobalVar('composesession', $composesession, SQ_SESSION); sqgetGlobalVar('compose_messages', $compose_messages, SQ_SESSION); if (!isset($compose_messages) || is_null($compose_messages)) { $compose_messages = array(); sqsession_register($compose_messages, 'compose_messages'); } if (!$composesession) { $composesession = 1; sqsession_register($composesession, 'composesession'); } else { $composesession++; sqsession_register($composesession, 'composesession'); } $composeMessage = new Message(); $rfc822_header = new Rfc822Header(); $composeMessage->rfc822_header = $rfc822_header; $composeMessage->reply_rfc822_header = ''; foreach ($aMsgHeaders as $iUid => $aMsgHeader) { /** * Retrieve the full message */ $body_a = sqimap_run_command($imapConnection, "FETCH {$iUid} RFC822", true, $response, $readmessage, TRUE); if ($response == 'OK') { $subject = isset($aMsgHeader['subject']) ? $aMsgHeader['subject'] : $iUid; array_shift($body_a); array_pop($body_a); $body = implode('', $body_a); $body .= "\r\n"; global $username, $attachment_dir; $filename = sq_get_attach_tempfile(); $fullpath = getHashedDir($username, $attachment_dir) . '/' . $filename; $fp = fopen($fullpath, 'wb'); fwrite($fp, $body); fclose($fp); $composeMessage->initAttachment('message/rfc822', $subject . '.eml', $filename); // create subject for new message // $subject = decodeHeader($subject, false, false, true); $subject = str_replace('"', "'", $subject); $subject = trim($subject); if (substr(strtolower($subject), 0, 4) != 'fwd:') { $subject = 'Fwd: ' . $subject; } $composeMessage->rfc822_header->subject = $subject; } } $compose_messages[$composesession] = $composeMessage; sqsession_register($compose_messages, 'compose_messages'); return $composesession; }
function checkForJavascript($reset = FALSE) { global $data_dir, $username, $javascript_on, $javascript_setting; if (!$reset && sqGetGlobalVar('javascript_on', $javascript_on, SQ_SESSION)) { return $javascript_on; } if (($reset || !isset($javascript_setting)) && (sqGetGlobalVar('user_is_logged_in', $user_is_logged_in, SQ_SESSION) && $user_is_logged_in)) { $javascript_setting = getPref($data_dir, $username, 'javascript_setting', SMPREF_JS_AUTODETECT); } if (!sqGetGlobalVar('new_js_autodetect_results', $js_autodetect_results) && !sqGetGlobalVar('js_autodetect_results', $js_autodetect_results)) { $js_autodetect_results = SMPREF_JS_OFF; } if ($javascript_setting == SMPREF_JS_AUTODETECT) { $javascript_on = $js_autodetect_results; } else { $javascript_on = $javascript_setting; } sqsession_register($javascript_on, 'javascript_on'); return $javascript_on; }
/** * Returns sorted mailbox lists in several different ways. * See comment on sqimap_mailbox_parse() for info about the returned array. */ function sqimap_mailbox_list($imap_stream, $force = false) { global $default_folder_prefix; if (!sqgetGlobalVar('boxesnew', $boxesnew, SQ_SESSION) || $force) { global $data_dir, $username, $list_special_folders_first, $folder_prefix, $trash_folder, $sent_folder, $draft_folder, $move_to_trash, $move_to_sent, $save_as_draft, $delimiter, $noselect_fix_enable; $inbox_in_list = false; $inbox_subscribed = false; require_once SM_PATH . 'include/load_prefs.php'; if ($noselect_fix_enable) { $lsub_args = "LSUB \"{$folder_prefix}\" \"*%\""; } else { $lsub_args = "LSUB \"{$folder_prefix}\" \"*\""; } /* LSUB array */ $lsub_ary = sqimap_run_command($imap_stream, $lsub_args, true, $response, $message); $sorted_lsub_ary = array(); for ($i = 0, $cnt = count($lsub_ary); $i < $cnt; $i++) { /* * Workaround for mailboxes returned as literal * Doesn't work if the mailbox name is multiple lines * (larger then fgets buffer) */ if (isset($lsub_ary[$i + 1]) && substr($lsub_ary[$i], -3) == "}\r\n") { if (ereg("^(\\* [A-Z]+.*)\\{[0-9]+\\}([ \n\r\t]*)\$", $lsub_ary[$i], $regs)) { $i++; $lsub_ary[$i] = $regs[1] . '"' . addslashes(trim($lsub_ary[$i])) . '"' . $regs[2]; } } $temp_mailbox_name = find_mailbox_name($lsub_ary[$i]); $sorted_lsub_ary[] = $temp_mailbox_name; if (!$inbox_subscribed && strtoupper($temp_mailbox_name) == 'INBOX') { $inbox_subscribed = true; } } /* remove duplicates */ $sorted_lsub_ary = array_unique($sorted_lsub_ary); /* natural sort mailboxes */ if (isset($sorted_lsub_ary)) { mailtree_sort($sorted_lsub_ary); } /* * The LSUB response doesn't provide us information about \Noselect * mail boxes. The LIST response does, that's why we need to do a LIST * call to retrieve the flags for the mailbox * Note: according RFC2060 an imap server may provide \NoSelect flags in the LSUB response. * in other words, we cannot rely on it. */ $sorted_list_ary = array(); for ($i = 0; $i < count($sorted_lsub_ary); $i++) { if (substr($sorted_lsub_ary[$i], -1) == $delimiter) { $mbx = substr($sorted_lsub_ary[$i], 0, strlen($sorted_lsub_ary[$i]) - 1); } else { $mbx = $sorted_lsub_ary[$i]; } $read = sqimap_run_command($imap_stream, "LIST \"\" \"{$mbx}\"", true, $response, $message); /* Another workaround for literals */ if (isset($read[1]) && substr($read[1], -3) == "}\r\n") { if (ereg("^(\\* [A-Z]+.*)\\{[0-9]+\\}([ \n\r\t]*)\$", $read[0], $regs)) { $read[0] = $regs[1] . '"' . addslashes(trim($read[1])) . '"' . $regs[2]; } } if (isset($read[0])) { $sorted_list_ary[$i] = $read[0]; } else { $sorted_list_ary[$i] = ''; } } /* * Just in case they're not subscribed to their inbox, * we'll get it for them anyway */ if (!$inbox_subscribed) { $inbox_ary = sqimap_run_command($imap_stream, "LIST \"\" \"INBOX\"", true, $response, $message); /* Another workaround for literals */ if (isset($inbox_ary[1]) && substr($inbox_ary[0], -3) == "}\r\n") { if (ereg("^(\\* [A-Z]+.*)\\{[0-9]+\\}([ \n\r\t]*)\$", $inbox_ary[0], $regs)) { $inbox_ary[0] = $regs[1] . '"' . addslashes(trim($inbox_ary[1])) . '"' . $regs[2]; } } $sorted_list_ary[] = $inbox_ary[0]; $sorted_lsub_ary[] = find_mailbox_name($inbox_ary[0]); } $boxesall = sqimap_mailbox_parse($sorted_list_ary, $sorted_lsub_ary); /* Now, lets sort for special folders */ $boxesnew = $used = array(); /* Find INBOX */ $cnt = count($boxesall); $used = array_pad($used, $cnt, false); for ($k = 0; $k < $cnt; ++$k) { if (strtolower($boxesall[$k]['unformatted']) == 'inbox') { $boxesnew[] = $boxesall[$k]; $used[$k] = true; break; } } /* List special folders and their subfolders, if requested. */ if ($list_special_folders_first) { for ($k = 0; $k < $cnt; ++$k) { if (!$used[$k] && isSpecialMailbox($boxesall[$k]['unformatted'])) { $boxesnew[] = $boxesall[$k]; $used[$k] = true; } } } /* Find INBOX's children */ for ($k = 0; $k < $cnt; ++$k) { if (!$used[$k] && isBoxBelow(strtolower($boxesall[$k]['unformatted']), 'inbox') && strtolower($boxesall[$k]['unformatted']) != 'inbox') { $boxesnew[] = $boxesall[$k]; $used[$k] = true; } } /* Rest of the folders */ for ($k = 0; $k < $cnt; $k++) { if (!$used[$k]) { $boxesnew[] = $boxesall[$k]; } } sqsession_register($boxesnew, 'boxesnew'); } return $boxesnew; }
function delete_move_next_move() { global $imapConnection, $mailbox, $auto_expunge, $lastTargetMailbox; sqgetGlobalVar('move_id', $move_id, SQ_POST); sqgetGlobalVar('mailbox', $mailbox, SQ_FORM); sqgetGlobalVar('targetMailbox', $targetMailbox, SQ_POST); // Move message sqimap_msgs_list_move($imapConnection, $move_id, $targetMailbox); if ($auto_expunge) { delete_move_expunge_from_all($move_id); // sqimap_mailbox_expunge($imapConnection, $mailbox, true); } if ($targetMailbox != $lastTargetMailbox) { $lastTargetMailbox = $targetMailbox; sqsession_register($lastTargetMailbox, 'lastTargetMailbox'); } }
function compatibility_sqsession_register($var, $name) { sqsession_register($var, $name); }
function attachment_common_parse($str) { global $attachment_common_types, $attachment_common_types_parsed; $attachment_common_types_parsed[$str] = true; /* * Replace ", " with "," and explode on that as Mozilla 1.x seems to * use "," to seperate whilst IE, and earlier versions of Mozilla use * ", " to seperate */ $str = str_replace(', ', ',', $str); $types = explode(',', $str); foreach ($types as $val) { // Ignore the ";q=1.0" stuff if (strpos($val, ';') !== false) { $val = substr($val, 0, strpos($val, ';')); } if (!isset($attachment_common_types[$val])) { $attachment_common_types[$val] = true; } } sqsession_register($attachment_common_types, 'attachment_common_types'); }
if ($auto_create_special && !$auto_create_done) { $autocreate = array($sent_folder, $trash_folder, $draft_folder); foreach ($autocreate as $folder) { if ($folder != '' && $folder != 'none') { if (!sqimap_mailbox_exists($imapConnection, $folder)) { sqimap_mailbox_create($imapConnection, $folder, ''); } else { if (!sqimap_mailbox_is_subscribed($imapConnection, $folder)) { sqimap_subscribe($imapConnection, $folder); } } } } /* Let the world know that autocreation is complete! Hurrah! */ $auto_create_done = TRUE; sqsession_register($auto_create_done, 'auto_create_done'); /* retrieve the mailboxlist. We do this at a later stage again but if the right_frame loads faster then the second call retrieves a cached version of the mailboxlist without the newly created folders. The second parameter forces a non cached mailboxlist return. */ $boxes = sqimap_mailbox_list($imapConnection, true); } echo "\n<body bgcolor=\"{$color['3']}\" text=\"{$color['6']}\" link=\"{$color['6']}\" vlink=\"{$color['6']}\" alink=\"{$color['6']}\">\n"; do_hook('left_main_before'); echo "\n\n" . html_tag('table', '', 'left', '', 'border="0" cellspacing="0" cellpadding="0" width="99%"') . html_tag('tr') . html_tag('td', '', 'left') . html_tag('table', '', '', '', 'border="0" cellspacing="0" cellpadding="0"') . html_tag('tr') . html_tag('td', '', 'center') . '<font size="4"><b>' . _("Folders") . "</b><br /></font>\n\n"; if ($date_format != 6) { /* First, display the clock. */ if ($hour_format == 1) { $hr = 'H:i'; if ($date_format == 4) {
if ($filename == '') { $filename = 'untitled' . strip_tags($ent_id); } $filename = $filename . '.' . $suffix; } /* * Note: * The following sections display the attachment in different * ways depending on how they choose. The first way will download * under any circumstance. This sets the Content-type to be * applicatin/octet-stream, which should be interpreted by the * browser as "download me". * The second method (view) is used for images or other formats * that should be able to be handled by the browser. It will * most likely display the attachment inline inside the browser. * And finally, the third one will be used by default. If it * is displayable (text or html), it will load them up in a text * viewer (built in to squirrelmail). Otherwise, it sets the * content-type as application/octet-stream */ if (isset($absolute_dl) && $absolute_dl) { SendDownloadHeaders($type0, $type1, $filename, 1); } else { SendDownloadHeaders($type0, $type1, $filename, 0); } /* be aware that any warning caused by download.php will corrupt the * attachment in case of ERROR reporting = E_ALL and the output is the screen */ mime_print_body_lines($imapConnection, $passed_id, $ent_id, $encoding); $mailbox_cache[$aMailbox['NAME']] = $aMailbox; sqsession_register($mailbox_cache, 'mailbox_cache');
/** Push a recent search into the prefs */ function asearch_push_recent(&$mailbox_array, &$biop_array, &$unop_array, &$where_array, &$what_array, &$exclude_array, &$sub_array) { global $recent_prefkeys, $search_memory; //global $what; // Hack to access issued search from read_body.php $what = 1; /** * Update search history and store it in the session so we can retrieve the * issued search when returning from an external page like read_body.php */ $criteria[$what] = array($mailbox_array, $biop_array, $unop_array, $where_array, $what_array, $exclude_array, $sub_array); sqsession_register($criteria, ASEARCH_CRITERIA); if ($search_memory > 0) { $recent_array = asearch_read_recent(); $recent_found = asearch_find_recent($recent_array, $mailbox_array, $biop_array, $unop_array, $where_array, $what_array, $exclude_array, $sub_array); if ($recent_found >= 0) { // Remove identical recent foreach ($recent_prefkeys as $key) { array_splice($recent_array[$key], $recent_found, 1); } } $input = array($where_array, $mailbox_array, $what_array, $unop_array, $biop_array, $exclude_array, $sub_array); $i = 0; foreach ($recent_prefkeys as $key) { array_unshift($recent_array[$key], asearch_serialize($input[$i])); $i++; } asearch_write_recent($recent_array); } }
function saveAttachedFiles($session) { global $_FILES, $attachment_dir, $attachments, $username, $data_dir, $compose_messages; /* get out of here if no file was attached at all */ if (!is_uploaded_file($_FILES['attachfile']['tmp_name'])) { return true; } $hashed_attachment_dir = getHashedDir($username, $attachment_dir); $localfilename = GenerateRandomString(32, '', 7); $full_localfilename = "{$hashed_attachment_dir}/{$localfilename}"; while (file_exists($full_localfilename)) { $localfilename = GenerateRandomString(32, '', 7); $full_localfilename = "{$hashed_attachment_dir}/{$localfilename}"; } // FIXME: we SHOULD prefer move_uploaded_file over rename because // m_u_f works better with restricted PHP installes (safe_mode, open_basedir) if (!@rename($_FILES['attachfile']['tmp_name'], $full_localfilename)) { if (!@move_uploaded_file($_FILES['attachfile']['tmp_name'], $full_localfilename)) { return true; } } $message = $compose_messages[$session]; $type = strtolower($_FILES['attachfile']['type']); $name = $_FILES['attachfile']['name']; $message->initAttachment($type, $name, $full_localfilename); $compose_messages[$session] = $message; sqsession_register($compose_messages, 'compose_messages'); }
/** * FIXME: Undocumented function * @access private */ function spam_filters($imap_stream) { global $data_dir, $username, $uid_support; global $SpamFilters_YourHop; global $SpamFilters_DNScache; global $SpamFilters_SharedCache; global $SpamFilters_BulkQuery; $filters_spam_scan = getPref($data_dir, $username, 'filters_spam_scan'); $filters_spam_folder = getPref($data_dir, $username, 'filters_spam_folder'); $filters = load_spam_filters(); if ($SpamFilters_SharedCache) { filters_LoadCache(); } $run = false; foreach ($filters as $Key => $Value) { if ($Value['enabled']) { $run = true; break; } } // short-circuit if (!$run) { return; } sqimap_mailbox_select($imap_stream, 'INBOX'); $search_array = array(); if ($filters_spam_scan == 'new') { $read = sqimap_run_command($imap_stream, 'SEARCH UNSEEN', true, $response, $message, $uid_support); if (isset($read[0])) { for ($i = 0, $iCnt = count($read); $i < $iCnt; ++$i) { if (preg_match("/^\\* SEARCH (.+)\$/", $read[$i], $regs)) { $search_array = explode(' ', trim($regs[1])); break; } } } } if ($filters_spam_scan == 'new' && count($search_array)) { $msg_str = sqimap_message_list_squisher($search_array); $imap_query = 'FETCH ' . $msg_str . ' (FLAGS BODY.PEEK[HEADER.FIELDS (RECEIVED)])'; } else { if ($filters_spam_scan != 'new') { $imap_query = 'FETCH 1:* (FLAGS BODY.PEEK[HEADER.FIELDS (RECEIVED)])'; } else { return; } } $read = sqimap_run_command_list($imap_stream, $imap_query, true, $response, $message, $uid_support); if (isset($response) && $response != 'OK') { return; } $messages = parseFetch($read); $bulkquery = strlen($SpamFilters_BulkQuery) > 0 ? true : false; $aSpamIds = array(); foreach ($messages as $id => $message) { if (isset($message['UID'])) { $MsgNum = $message['UID']; } else { $MsgNum = $id; } if (isset($message['received'])) { foreach ($message['received'] as $received) { if (is_int(strpos($received, $SpamFilters_YourHop))) { if (preg_match('/([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})/', $received, $matches)) { $IsSpam = false; if (filters_spam_check_site($matches[1], $matches[2], $matches[3], $matches[4], $filters)) { $aSpamIds[] = $MsgNum; $IsSpam = true; } if ($bulkquery) { array_shift($matches); $IP = explode('.', $matches); foreach ($filters as $key => $value) { if ($filters[$key]['enabled'] && $filters[$key]['dns']) { if (strlen($SpamFilters_DNScache[$IP . '.' . $filters[$key]['dns']]) == 0) { $IPs[$IP] = true; break; } } } } if ($SpamFilters_YourHop == ' ' || $IsSpam) { break; } } } } } } if (count($aSpamIds) && sqimap_mailbox_exists($imap_stream, $filters_spam_folder)) { sqimap_msgs_list_move($imap_stream, $aSpamIds, $filters_spam_folder); sqimap_mailbox_expunge($imap_stream, 'INBOX', true, $aSpamIds); } if ($bulkquery && count($IPs)) { filters_bulkquery($filters, $IPs); } if ($SpamFilters_SharedCache) { filters_SaveCache(); } else { sqsession_register($SpamFilters_DNScache, 'SpamFilters_DNScache'); } }
$compose_messages = array(); } if (!isset($compose_messages[$session]) || $compose_messages[$session] == NULL) { $composeMessage = new Message(); $rfc822_header = new Rfc822Header(); $composeMessage->rfc822_header = $rfc822_header; $composeMessage->reply_rfc822_header = ''; $compose_messages[$session] = $composeMessage; sqsession_register($compose_messages, 'compose_messages'); } else { $composeMessage = $compose_messages[$session]; } $message = sqimap_get_message($imap_stream, $passed_id, $mailbox); $composeMessage = getMessage_RFC822_Attachment($message, $composeMessage, $passed_id, $passed_ent_id, $imap_stream); $compose_messages[$session] = $composeMessage; sqsession_register($compose_messages, 'compose_messages'); $fn = getPref($data_dir, $username, 'full_name'); $em = getPref($data_dir, $username, 'email_address'); $HowItLooks = $fn . ' '; if ($em != '') { $HowItLooks .= '<' . $em . '>'; } } echo "<p>"; echo _("Sending this spam report will give you back a reply with URLs that you can click on to properly report this spam message to the proper authorities. This is a free service. By pressing the \"Send Spam Report\" button, you agree to follow SpamCop's rules/terms of service/etc."); echo "</p>"; ?> <table align="center" width="75%" border="0" cellpadding="0" cellspacing="0"> <tr> <td align="left" valign="top">
function get_thread_sort($imap_stream) { global $thread_new, $sort_by_ref, $default_charset, $server_sort_array, $uid_support; if (sqsession_is_registered('thread_new')) { sqsession_unregister('thread_new'); } if (sqsession_is_registered('server_sort_array')) { sqsession_unregister('server_sort_array'); } $sid = sqimap_session_id($uid_support); $thread_temp = array(); if ($sort_by_ref == 1) { $sort_type = 'REFERENCES'; } else { $sort_type = 'ORDEREDSUBJECT'; } $thread_query = "{$sid} THREAD {$sort_type} " . strtoupper($default_charset) . " ALL\r\n"; fputs($imap_stream, $thread_query); $thread_test = sqimap_read_data($imap_stream, $sid, false, $response, $message); if (isset($thread_test[0])) { if (preg_match("/^\\* THREAD (.+)\$/", $thread_test[0], $regs)) { $thread_list = trim($regs[1]); } } else { $thread_list = ""; } if (!preg_match("/OK/", $response)) { $server_sort_array = 'no'; return $server_sort_array; } if (isset($thread_list)) { $thread_temp = preg_split("//", $thread_list, -1, PREG_SPLIT_NO_EMPTY); } $char_count = count($thread_temp); $counter = 0; $thread_new = array(); $k = 0; $thread_new[0] = ""; for ($i = 0; $i < $char_count; $i++) { if ($thread_temp[$i] != ')' && $thread_temp[$i] != '(') { $thread_new[$k] = $thread_new[$k] . $thread_temp[$i]; } elseif ($thread_temp[$i] == '(') { $thread_new[$k] .= $thread_temp[$i]; $counter++; } elseif ($thread_temp[$i] == ')') { if ($counter > 1) { $thread_new[$k] .= $thread_temp[$i]; $counter = $counter - 1; } else { $thread_new[$k] .= $thread_temp[$i]; $k++; $thread_new[$k] = ""; $counter = $counter - 1; } } } sqsession_register($thread_new, 'thread_new'); $thread_new = array_reverse($thread_new); $thread_list = implode(" ", $thread_new); $thread_list = str_replace("(", " ", $thread_list); $thread_list = str_replace(")", " ", $thread_list); $thread_list = preg_split("/\\s/", $thread_list, -1, PREG_SPLIT_NO_EMPTY); $server_sort_array = $thread_list; sqsession_register($server_sort_array, 'server_sort_array'); return $thread_list; }
echo ' <table width="100%" cellpadding="0" cellspacing="0" align="center" border="0" bgcolor="' . $color[4] . '">'; echo ' <tr>' . html_tag('td', '', 'left', $color[9]); echo ' <b>' . _("Attachments") . ':</b>'; echo ' </td></tr>'; echo ' <tr><td>'; echo ' <table width="100%" cellpadding="2" cellspacing="2" align="center"' . ' border="0" bgcolor="' . $color[0] . '"><tr><td>'; echo $attachmentsdisplay; echo ' </td></tr></table>'; echo ' </td></tr></table>'; echo ' </td></tr></table>'; echo ' </td></tr>'; echo '<tr><td height="5" colspan="2" bgcolor="' . $color[4] . '"></td></tr>'; } echo '</table>'; /* show attached images inline -- if pref'fed so */ if ($attachment_common_show_images && is_array($attachment_common_show_images_list)) { foreach ($attachment_common_show_images_list as $img) { $imgurl = SM_PATH . 'src/download.php' . '?' . 'passed_id=' . urlencode($img['passed_id']) . '&mailbox=' . urlencode($mailbox) . '&ent_id=' . urlencode($img['ent_id']) . '&absolute_dl=true'; echo html_tag('table', "\n" . html_tag('tr', "\n" . html_tag('td', '<img src="' . $imgurl . '" />' . "\n", 'left')), 'center', '', 'cellspacing="0" border="0" cellpadding="2"'); } } //FIXME: one of these hooks should be removed if we can verify disuse (html_bottom?) do_hook('read_body_bottom'); do_hook('html_bottom'); sqimap_logout($imapConnection); /* sessions are written at the end of the script. it's better to register them at the end so we avoid double session_register calls */ sqsession_register($messages, 'messages'); ?> </body></html>
/** * Replacement of mb_list_encodings function * * This function provides replacement for function that is available only * in php 5.x. Function does not test all mbstring encodings. Only the ones * that might be used in SM translations. * * Supported strings are stored in session in order to reduce number of * mb_internal_encoding function calls. * * If mb_list_encodings() function is present, code uses it. Main difference * from original function behaviour - array values are lowercased in order to * simplify use of returned array in in_array() checks. * * If you want to test all mbstring encodings - fill $list_of_encodings * array. * @return array list of encodings supported by php mbstring extension * @since 1.5.1 and 1.4.6 */ function sq_mb_list_encodings() { // check if mbstring extension is present if (!function_exists('mb_internal_encoding')) { return array(); } // php 5+ function if (function_exists('mb_list_encodings')) { $ret = mb_list_encodings(); array_walk($ret, 'sq_lowercase_array_vals'); return $ret; } // don't try to test encodings, if they are already stored in session if (sqgetGlobalVar('mb_supported_encodings', $mb_supported_encodings, SQ_SESSION)) { return $mb_supported_encodings; } // save original encoding $orig_encoding = mb_internal_encoding(); $list_of_encoding = array('pass', 'auto', 'ascii', 'jis', 'utf-8', 'sjis', 'euc-jp', 'iso-8859-1', 'iso-8859-2', 'iso-8859-7', 'iso-8859-9', 'iso-8859-15', 'koi8-r', 'koi8-u', 'big5', 'gb2312', 'gb18030', 'windows-1251', 'windows-1255', 'windows-1256', 'tis-620', 'iso-2022-jp', 'euc-cn', 'euc-kr', 'euc-tw', 'uhc', 'utf7-imap'); $supported_encodings = array(); foreach ($list_of_encoding as $encoding) { // try setting encodings. suppress warning messages if (@mb_internal_encoding($encoding)) { $supported_encodings[] = $encoding; } } // restore original encoding mb_internal_encoding($orig_encoding); // register list in session sqsession_register($supported_encodings, 'mb_supported_encodings'); return $supported_encodings; }
function showMessagesForMailbox($imapConnection, $mailbox, $num_msgs, $start_msg, $sort, $color, $show_num, $use_cache, $mode = '') { global $msgs, $msort, $auto_expunge, $thread_sort_messages, $allow_server_sort, $server_sort_order; /* * For some reason, on PHP 4.3+, this being unset, and set in the session causes havoc * so setting it to an empty array beforehand seems to clean up the issue, and stopping the * "Your script possibly relies on a session side-effect which existed until PHP 4.2.3" error */ if (!isset($msort)) { $msort = array(); } if (!isset($msgs)) { $msgs = array(); } //$start = microtime(); /* If autoexpunge is turned on, then do it now. */ $mbxresponse = sqimap_mailbox_select($imapConnection, $mailbox); $srt = $sort; /* If autoexpunge is turned on, then do it now. */ if ($auto_expunge == true) { $exp_cnt = sqimap_mailbox_expunge($imapConnection, $mailbox, false, ''); $mbxresponse['EXISTS'] = $mbxresponse['EXISTS'] - $exp_cnt; $num_msgs = $mbxresponse['EXISTS']; } if ($mbxresponse['EXISTS'] > 0) { /* if $start_msg is lower than $num_msgs, we probably deleted all messages * in the last page. We need to re-adjust the start_msg */ if ($start_msg > $num_msgs) { $start_msg -= $show_num; if ($start_msg < 1) { $start_msg = 1; } } /* This code and the next if() block check for * server-side sorting methods. The $id array is * formatted and $sort is set to 6 to disable * SM internal sorting */ if ($thread_sort_messages == 1) { $mode = 'thread'; } elseif ($allow_server_sort == 1) { $mode = 'serversort'; } else { $mode = ''; } if ($use_cache) { sqgetGlobalVar('msgs', $msgs, SQ_SESSION); sqgetGlobalVar('msort', $msort, SQ_SESSION); } else { sqsession_unregister('msort'); sqsession_unregister('msgs'); } switch ($mode) { case 'thread': $id = get_thread_sort($imapConnection); $msgs = getServerMessages($imapConnection, $start_msg, $show_num, $num_msgs, $id); if ($msgs === false) { echo '<b><small><center><font color="red">' . _("Thread sorting is not supported by your IMAP server.") . '<br />' . _("Please contact your system administrator and report this error.") . '</font></center></small></b>'; $thread_sort_messages = 0; $msort = $msgs = array(); } else { $msort = $msgs; $sort = 6; } break; case 'serversort': $id = sqimap_get_sort_order($imapConnection, $sort, $mbxresponse); $msgs = getServerMessages($imapConnection, $start_msg, $show_num, $num_msgs, $id); if ($msgs === false) { echo '<b><small><center><font color="red">' . _("Server-side sorting is not supported by your IMAP server.") . '<br />' . _("Please contact your system administrator and report this error.") . '</font></center></small></b>'; $sort = $server_sort_order; $allow_server_sort = FALSE; $msort = $msgs = array(); $id = array(); } else { $msort = $msgs; $sort = 6; } break; default: if (!$use_cache) { $msgs = getSelfSortMessages($imapConnection, $start_msg, $show_num, $num_msgs, $sort, $mbxresponse); $msort = calc_msort($msgs, $sort); } /* !use cache */ break; } // switch sqsession_register($msort, 'msort'); sqsession_register($msgs, 'msgs'); } /* if exists > 0 */ $res = getEndMessage($start_msg, $show_num, $num_msgs); $start_msg = $res[0]; $end_msg = $res[1]; if ($num_msgs > 0) { $paginator_str = get_paginator_str($mailbox, $start_msg, $end_msg, $num_msgs, $show_num, $sort); } else { $paginator_str = ''; } $msg_cnt_str = get_msgcnt_str($start_msg, $end_msg, $num_msgs); do_hook('mailbox_index_before'); $safe_name = preg_replace("/[^0-9A-Za-z_]/", '_', $mailbox); $form_name = "FormMsgs" . $safe_name; echo '<form name="' . $form_name . '" method="post" action="move_messages.php">' . "\n" . '<input type="hidden" name="mailbox" value="' . htmlspecialchars($mailbox) . '">' . "\n" . '<input type="hidden" name="startMessage" value="' . htmlspecialchars($start_msg) . '">' . "\n"; echo '<table border="0" width="100%" cellpadding="0" cellspacing="0">'; echo '<tr><td>'; mail_message_listing_beginning($imapConnection, $mailbox, $sort, $msg_cnt_str, $paginator_str, $start_msg); /* line between the button area and the list */ echo '<tr><td height="5" bgcolor="' . $color[4] . '"></td></tr>'; echo '<tr><td>'; echo ' <table width="100%" cellpadding="1" cellspacing="0" align="center"' . ' border="0" bgcolor="' . $color[9] . '">'; echo ' <tr><td>'; echo ' <table width="100%" cellpadding="1" cellspacing="0" align="center" border="0" bgcolor="' . $color[5] . '">'; printHeader($mailbox, $srt, $color, !$thread_sort_messages); displayMessageArray($imapConnection, $num_msgs, $start_msg, $msort, $mailbox, $sort, $color, $show_num, 0, 0); echo '</table></td></tr></table>'; mail_message_listing_end($num_msgs, $paginator_str, $msg_cnt_str, $color); echo '</table>'; echo "\n</form>\n\n"; //$t = elapsed($start); //echo("elapsed time = $t seconds\n"); }
} if (!isset($gettext_php_dir)) { $gettext_php_dir = ''; sqsession_register($gettext_php_dir, 'gettext_php_dir'); } if (!isset($gettext_php_translateStrings)) { $gettext_php_translateStrings = array(); sqsession_register($gettext_php_translateStrings, 'gettext_php_translateStrings'); } if (!isset($gettext_php_loaded_language)) { $gettext_php_loaded_language = ''; sqsession_register($gettext_php_loaded_language, 'gettext_php_loaded_language'); } if (!isset($gettext_php_short_circuit)) { $gettext_php_short_circuit = false; sqsession_register($gettext_php_short_circuit, 'gettext_php_short_circuit'); } /** * Converts .po file into array and stores it in session. * * Used internally by _($str) function * * @internal function is used internally by functions/gettext.php code */ function gettext_php_load_strings() { global $squirrelmail_language, $gettext_php_translateStrings, $gettext_php_domain, $gettext_php_dir, $gettext_php_loaded, $gettext_php_loaded_language, $gettext_php_short_circuit; /* * $squirrelmail_language gives 'en' for English, 'de' for German, * etc. I didn't wanna use getenv or similar, but you easily could * change my code to do that.
/** * Obtain template file hierarchy from cache. * * If the file hierarchy does not exist in session, it is * constructed and stored in session before being returned * to the caller. * * @param string $template_set_id The template set for which * the cache should be built. * This function will save more * than one set's files, so it * may be called multiple times * with different values for this * argument. When regenerating, * all set caches are dumped. * @param boolean $regenerate_cache When TRUE, the file hierarchy * is reloaded and stored fresh * (optional; default FALSE). * @param array $additional_files Must be in same form as the * files in the file hierarchy * cache. These are then added * to the cache (optional; default * empty - no additional files). * * @return array Template file hierarchy array, whose keys * are all the template file names for the given * template set ID (with path information relative * to the template set's base directory, e.g., * "css/style.css") found in all parent template * sets including the ultimate fall-back template * set. Array values are sub-arrays with the * following key-value pairs: * * PATH -- file path, relative to SM_PATH * SET_ID -- the ID of the template set that this file belongs to * ENGINE -- the engine needed to render this template file * * @static * */ function cache_template_file_hierarchy($template_set_id, $regenerate_cache = FALSE, $additional_files = array()) { sqGetGlobalVar('template_file_hierarchy', $template_file_hierarchy, SQ_SESSION, array()); if ($regenerate_cache) { unset($template_file_hierarchy); } if (!empty($template_file_hierarchy[$template_set_id])) { // have to add additional files if given before returning // if (!empty($additional_files)) { $template_file_hierarchy[$template_set_id] = array_merge($template_file_hierarchy[$template_set_id], $additional_files); sqsession_register($template_file_hierarchy, 'template_file_hierarchy'); } return $template_file_hierarchy[$template_set_id]; } // nothing in cache apparently, so go build it now // $template_file_hierarchy[$template_set_id] = Template::catalog_template_files($template_set_id); // additional files, if any // if (!empty($additional_files)) { $template_file_hierarchy[$template_set_id] = array_merge($template_file_hierarchy[$template_set_id], $additional_files); } sqsession_register($template_file_hierarchy, 'template_file_hierarchy'); return $template_file_hierarchy[$template_set_id]; }
* @subpackage themes */ /** Prevent direct script loading */ if (isset($_SERVER['SCRIPT_FILENAME']) && $_SERVER['SCRIPT_FILENAME'] == __FILE__) { die; } /** load required functions */ include_once SM_PATH . 'functions/global.php'; global $theme; if (!sqsession_is_registered('random_theme_good_theme')) { $good_themes = array(); foreach ($theme as $data) { if (substr($data['PATH'], -18) != '/themes/random.php') { $good_themes[] = $data['PATH']; } } if (count($good_themes) == 0) { $good_themes[] = '../themes/default.php'; } $which = mt_rand(0, count($good_themes)); $random_theme_good_theme = $good_themes[$which]; // remove current sm_path from theme name $path = preg_quote(SM_PATH, '/'); $random_theme_good_theme = preg_replace("/^{$path}/", '', $random_theme_good_theme); // store it in session sqsession_register($random_theme_good_theme, 'random_theme_good_theme'); } else { // get random theme stored in session sqgetGlobalVar('random_theme_good_theme', $random_theme_good_theme); } @(include_once SM_PATH . $random_theme_good_theme);
function attachSelectedMessages($imapConnection, $aMsgHeaders) { global $username, $attachment_dir, $data_dir, $composesession, $compose_messages; if (!isset($compose_messages)) { $compose_messages = array(); sqsession_register($compose_messages, 'compose_messages'); } if (!$composesession) { $composesession = 1; sqsession_register($composesession, 'composesession'); } else { $composesession++; sqsession_register($composesession, 'composesession'); } $hashed_attachment_dir = getHashedDir($username, $attachment_dir); $composeMessage = new Message(); $rfc822_header = new Rfc822Header(); $composeMessage->rfc822_header = $rfc822_header; $composeMessage->reply_rfc822_header = ''; foreach ($aMsgHeaders as $iUid => $aMsgHeader) { /** * Retrieve the full message */ $body_a = sqimap_run_command($imapConnection, "FETCH {$iUid} RFC822", true, $response, $readmessage, TRUE); if ($response == 'OK') { $subject = isset($aMsgHeader['SUBJECT']) ? $aMsgHeader['SUBJECT'] : $iUid; array_shift($body_a); array_pop($body_a); $body = implode('', $body_a); $body .= "\r\n"; $localfilename = GenerateRandomString(32, 'FILE', 7); $full_localfilename = "{$hashed_attachment_dir}/{$localfilename}"; $fp = fopen($full_localfilename, 'wb'); fwrite($fp, $body); fclose($fp); $composeMessage->initAttachment('message/rfc822', $subject . '.msg', $full_localfilename); } } $compose_messages[$composesession] = $composeMessage; sqsession_register($compose_messages, 'compose_messages'); return $composesession; }