Пример #1
0
 /**
  * Load config from local config file
  *
  * @todo Remove global $CONFIG
  */
 private function load()
 {
     // load main config file
     if (!$this->load_from_file(RCMAIL_CONFIG_DIR . '/main.inc.php')) {
         $this->errors[] = 'main.inc.php was not found.';
     }
     // load database config
     if (!$this->load_from_file(RCMAIL_CONFIG_DIR . '/db.inc.php')) {
         $this->errors[] = 'db.inc.php was not found.';
     }
     // load host-specific configuration
     $this->load_host_config();
     // set skin (with fallback to old 'skin_path' property)
     if (empty($this->prop['skin']) && !empty($this->prop['skin_path'])) {
         $this->prop['skin'] = str_replace('skins/', '', unslashify($this->prop['skin_path']));
     } else {
         if (empty($this->prop['skin'])) {
             $this->prop['skin'] = self::DEFAULT_SKIN;
         }
     }
     // larry is the new default skin :-)
     if ($this->prop['skin'] == 'default') {
         $this->prop['skin'] = self::DEFAULT_SKIN;
     }
     // fix paths
     $this->prop['log_dir'] = $this->prop['log_dir'] ? realpath(unslashify($this->prop['log_dir'])) : INSTALL_PATH . 'logs';
     $this->prop['temp_dir'] = $this->prop['temp_dir'] ? realpath(unslashify($this->prop['temp_dir'])) : INSTALL_PATH . 'temp';
     // fix default imap folders encoding
     foreach (array('drafts_mbox', 'junk_mbox', 'sent_mbox', 'trash_mbox') as $folder) {
         $this->prop[$folder] = rcube_charset_convert($this->prop[$folder], RCMAIL_CHARSET, 'UTF7-IMAP');
     }
     if (!empty($this->prop['default_folders'])) {
         foreach ($this->prop['default_folders'] as $n => $folder) {
             $this->prop['default_folders'][$n] = rcube_charset_convert($folder, RCMAIL_CHARSET, 'UTF7-IMAP');
         }
     }
     // set PHP error logging according to config
     if ($this->prop['debug_level'] & 1) {
         ini_set('log_errors', 1);
         if ($this->prop['log_driver'] == 'syslog') {
             ini_set('error_log', 'syslog');
         } else {
             ini_set('error_log', $this->prop['log_dir'] . '/errors');
         }
     }
     // enable display_errors in 'show' level, but not for ajax requests
     ini_set('display_errors', intval(empty($_REQUEST['_remote']) && $this->prop['debug_level'] & 4));
     // set timezone auto settings values
     if ($this->prop['timezone'] == 'auto') {
         $this->prop['_timezone_value'] = $this->client_timezone();
     } else {
         if (is_numeric($this->prop['timezone'])) {
             $this->prop['timezone'] = timezone_name_from_abbr("", $this->prop['timezone'] * 3600, 0);
         }
     }
     // remove deprecated properties
     unset($this->prop['dst_active']);
     // export config data
     $GLOBALS['CONFIG'] =& $this->prop;
 }
Пример #2
0
 /**
  * Load config from local config file
  *
  * @todo Remove global $CONFIG
  */
 private function load()
 {
     // start output buffering, we don't need any output yet,
     // it'll be cleared after reading of config files, etc.
     ob_start();
     // load main config file
     if (include RCMAIL_CONFIG_DIR . '/main.inc.php') {
         $this->prop = (array) $rcmail_config;
     } else {
         $this->errors[] = 'main.inc.php was not found.';
     }
     // load database config
     if (include RCMAIL_CONFIG_DIR . '/db.inc.php') {
         $this->prop += (array) $rcmail_config;
     } else {
         $this->errors[] = 'db.inc.php was not found.';
     }
     // load host-specific configuration
     $this->load_host_config();
     // set skin (with fallback to old 'skin_path' property)
     if (empty($this->prop['skin']) && !empty($this->prop['skin_path'])) {
         $this->prop['skin'] = str_replace('skins/', '', unslashify($this->prop['skin_path']));
     } else {
         if (empty($this->prop['skin'])) {
             $this->prop['skin'] = 'default';
         }
     }
     // fix paths
     $this->prop['log_dir'] = $this->prop['log_dir'] ? unslashify($this->prop['log_dir']) : INSTALL_PATH . 'logs';
     $this->prop['temp_dir'] = $this->prop['temp_dir'] ? unslashify($this->prop['temp_dir']) : INSTALL_PATH . 'temp';
     // fix default imap folders encoding
     foreach (array('drafts_mbox', 'junk_mbox', 'sent_mbox', 'trash_mbox') as $folder) {
         $this->prop[$folder] = rcube_charset_convert($this->prop[$folder], RCMAIL_CHARSET, 'UTF-7');
     }
     if (!empty($this->prop['default_imap_folders'])) {
         foreach ($this->prop['default_imap_folders'] as $n => $folder) {
             $this->prop['default_imap_folders'][$n] = rcube_charset_convert($folder, RCMAIL_CHARSET, 'UTF-7');
         }
     }
     // set PHP error logging according to config
     if ($this->prop['debug_level'] & 1) {
         ini_set('log_errors', 1);
         if ($this->prop['log_driver'] == 'syslog') {
             ini_set('error_log', 'syslog');
         } else {
             ini_set('error_log', $this->prop['log_dir'] . '/errors');
         }
     }
     if ($this->prop['debug_level'] & 4) {
         ini_set('display_errors', 1);
     } else {
         ini_set('display_errors', 0);
     }
     // clear output buffer
     ob_end_clean();
     // export config data
     $GLOBALS['CONFIG'] =& $this->prop;
 }
Пример #3
0
 /**
  * Load config from local config file
  *
  * @todo Remove global $CONFIG
  */
 private function load()
 {
     // load main config file
     if (!$this->load_from_file(RCMAIL_CONFIG_DIR . '/main.inc.php')) {
         $this->errors[] = 'main.inc.php was not found.';
     }
     // load database config
     if (!$this->load_from_file(RCMAIL_CONFIG_DIR . '/db.inc.php')) {
         $this->errors[] = 'db.inc.php was not found.';
     }
     // load host-specific configuration
     $this->load_host_config();
     // set skin (with fallback to old 'skin_path' property)
     if (empty($this->prop['skin']) && !empty($this->prop['skin_path'])) {
         $this->prop['skin'] = str_replace('skins/', '', unslashify($this->prop['skin_path']));
     } else {
         if (empty($this->prop['skin'])) {
             $this->prop['skin'] = 'default';
         }
     }
     // fix paths
     $this->prop['log_dir'] = $this->prop['log_dir'] ? realpath(unslashify($this->prop['log_dir'])) : INSTALL_PATH . 'logs';
     $this->prop['temp_dir'] = $this->prop['temp_dir'] ? realpath(unslashify($this->prop['temp_dir'])) : INSTALL_PATH . 'temp';
     // fix default imap folders encoding
     foreach (array('drafts_mbox', 'junk_mbox', 'sent_mbox', 'trash_mbox') as $folder) {
         $this->prop[$folder] = rcube_charset_convert($this->prop[$folder], RCMAIL_CHARSET, 'UTF7-IMAP');
     }
     if (!empty($this->prop['default_imap_folders'])) {
         foreach ($this->prop['default_imap_folders'] as $n => $folder) {
             $this->prop['default_imap_folders'][$n] = rcube_charset_convert($folder, RCMAIL_CHARSET, 'UTF7-IMAP');
         }
     }
     // set PHP error logging according to config
     if ($this->prop['debug_level'] & 1) {
         ini_set('log_errors', 1);
         if ($this->prop['log_driver'] == 'syslog') {
             ini_set('error_log', 'syslog');
         } else {
             ini_set('error_log', $this->prop['log_dir'] . '/errors');
         }
     }
     if ($this->prop['debug_level'] & 4) {
         ini_set('display_errors', 1);
     } else {
         ini_set('display_errors', 0);
     }
     // export config data
     $GLOBALS['CONFIG'] =& $this->prop;
 }
 function change_charset($args)
 {
     if ($msg_uid = get_input_value('_uid', RCUBE_INPUT_GET)) {
         $rcmail = rcmail::get_instance();
         $alter_charset = (array) $rcmail->config->get('alter_charset', array());
         $headers = $rcmail->imap->get_headers($msg_uid);
         if ($alias_charset = get_input_value('_alter_charset', RCUBE_INPUT_GET)) {
             $output_charset = $alter_charset[$alias_charset];
         }
         $input_charset = $rcmail->output->get_charset();
         $charset = $this->charset($msg_uid);
         $msg_body = rcube_charset_convert($args[body], $input_charset, $charset);
         $args['body'] = rcube_charset_convert($msg_body, $output_charset);
         return $args;
     }
 }
Пример #5
0
 /**
  * Converts mailbox name from/to UTF7-IMAP from/to internal Sieve encoding
  * with delimiter replacement.
  *
  * @param string $mailbox Mailbox name
  * @param string $mode    Conversion direction ('in'|'out')
  *
  * @return string Mailbox name
  */
 private function mod_mailbox($mailbox, $mode = 'out')
 {
     $delimiter = $_SESSION['imap_delimiter'];
     $replace_delimiter = $this->rc->config->get('managesieve_replace_delimiter');
     $mbox_encoding = $this->rc->config->get('managesieve_mbox_encoding', 'UTF7-IMAP');
     if ($mode == 'out') {
         $mailbox = rcube_charset_convert($mailbox, $mbox_encoding, 'UTF7-IMAP');
         if ($replace_delimiter && $replace_delimiter != $delimiter) {
             $mailbox = str_replace($replace_delimiter, $delimiter, $mailbox);
         }
     } else {
         $mailbox = rcube_charset_convert($mailbox, 'UTF7-IMAP', $mbox_encoding);
         if ($replace_delimiter && $replace_delimiter != $delimiter) {
             $mailbox = str_replace($delimiter, $replace_delimiter, $mailbox);
         }
     }
     return $mailbox;
 }
Пример #6
0
 /**
  * Process template and write to stdOut
  *
  * @param string HTML template
  * @param string Base for absolute paths
  */
 public function write($templ = '', $base_path = '')
 {
     $output = empty($templ) ? $this->default_template : trim($templ);
     // set default page title
     if (empty($this->title)) {
         $this->title = 'Roundcube Mail';
     }
     // replace specialchars in content
     $page_title = Q($this->title, 'show', FALSE);
     $page_header = '';
     $page_footer = '';
     // include meta tag with charset
     if (!empty($this->charset)) {
         if (!headers_sent()) {
             header('Content-Type: text/html; charset=' . $this->charset);
         }
         $page_header = '<meta http-equiv="content-type"';
         $page_header .= ' content="text/html; charset=';
         $page_header .= $this->charset . '" />' . "\n";
     }
     // definition of the code to be placed in the document header and footer
     if (is_array($this->script_files['head'])) {
         foreach ($this->script_files['head'] as $file) {
             $page_header .= sprintf($this->script_tag_file, $file);
         }
     }
     $head_script = $this->scripts['head_top'] . $this->scripts['head'];
     if (!empty($head_script)) {
         $page_header .= sprintf($this->script_tag, $head_script);
     }
     if (!empty($this->header)) {
         $page_header .= $this->header;
     }
     // put docready commands into page footer
     if (!empty($this->scripts['docready'])) {
         $this->add_script('$(document).ready(function(){ ' . $this->scripts['docready'] . "\n});", 'foot');
     }
     if (is_array($this->script_files['foot'])) {
         foreach ($this->script_files['foot'] as $file) {
             $page_footer .= sprintf($this->script_tag_file, $file);
         }
     }
     if (!empty($this->footer)) {
         $page_footer .= $this->footer . "\n";
     }
     if (!empty($this->scripts['foot'])) {
         $page_footer .= sprintf($this->script_tag, $this->scripts['foot']);
     }
     // find page header
     if ($hpos = stripos($output, '</head>')) {
         $page_header .= "\n";
     } else {
         if (!is_numeric($hpos)) {
             $hpos = stripos($output, '<body');
         }
         if (!is_numeric($hpos) && ($hpos = stripos($output, '<html'))) {
             while ($output[$hpos] != '>') {
                 $hpos++;
             }
             $hpos++;
         }
         $page_header = "<head>\n<title>{$page_title}</title>\n{$page_header}\n</head>\n";
     }
     // add page hader
     if ($hpos) {
         $output = substr_replace($output, $page_header, $hpos, 0);
     } else {
         $output = $page_header . $output;
     }
     // add page footer
     if (($fpos = strripos($output, '</body>')) || ($fpos = strripos($output, '</html>'))) {
         $output = substr_replace($output, $page_footer . "\n", $fpos, 0);
     } else {
         $output .= "\n" . $page_footer;
     }
     // add css files in head, before scripts, for speed up with parallel downloads
     if (!empty($this->css_files) && (($pos = stripos($output, '<script ')) || ($pos = stripos($output, '</head>')))) {
         $css = '';
         foreach ($this->css_files as $file) {
             $css .= sprintf($this->link_css_file, $file);
         }
         $output = substr_replace($output, $css, $pos, 0);
     }
     $this->base_path = $base_path;
     // correct absolute paths in images and other tags
     // add timestamp to .js and .css filename
     $output = preg_replace_callback('!(src|href|background)=(["\']?)([a-z0-9/_.-]+)(["\'\\s>])!i', array($this, 'file_callback'), $output);
     $output = str_replace('$__skin_path', $base_path, $output);
     // trigger hook with final HTML content to be sent
     $hook = rcmail::get_instance()->plugins->exec_hook("send_page", array('content' => $output));
     if (!$hook['abort']) {
         if ($this->charset != RCMAIL_CHARSET) {
             echo rcube_charset_convert($hook['content'], RCMAIL_CHARSET, $this->charset);
         } else {
             echo $hook['content'];
         }
     }
 }
 private function _mbox_encode($text, $encoding)
 {
     return rcube_charset_convert($text, 'UTF7-IMAP', $encoding);
 }
Пример #8
0
/**
 * LDAP Password Driver
 *
 * Driver for passwords stored in LDAP
 * This driver use the PEAR Net_LDAP2 class (http://pear.php.net/package/Net_LDAP2).
 *
 * @version 1.1 (2010-04-07)
 * @author Edouard MOREAU <*****@*****.**>
 *
 * function hashPassword based on code from the phpLDAPadmin development team (http://phpldapadmin.sourceforge.net/).
 * function randomSalt based on code from the phpLDAPadmin development team (http://phpldapadmin.sourceforge.net/).
 *
 */
function password_save($curpass, $passwd)
{
    $rcmail = rcmail::get_instance();
    require_once 'Net/LDAP2.php';
    // Building user DN
    if ($userDN = $rcmail->config->get('password_ldap_userDN_mask')) {
        $userDN = substitute_vars($userDN);
    } else {
        $userDN = search_userdn($rcmail);
    }
    if (empty($userDN)) {
        return PASSWORD_CONNECT_ERROR;
    }
    // Connection Method
    switch ($rcmail->config->get('password_ldap_method')) {
        case 'admin':
            $binddn = $rcmail->config->get('password_ldap_adminDN');
            $bindpw = $rcmail->config->get('password_ldap_adminPW');
            break;
        case 'user':
        default:
            $binddn = $userDN;
            $bindpw = $curpass;
            break;
    }
    // Configuration array
    $ldapConfig = array('binddn' => $binddn, 'bindpw' => $bindpw, 'basedn' => $rcmail->config->get('password_ldap_basedn'), 'host' => $rcmail->config->get('password_ldap_host'), 'port' => $rcmail->config->get('password_ldap_port'), 'starttls' => $rcmail->config->get('password_ldap_starttls'), 'version' => $rcmail->config->get('password_ldap_version'));
    // Connecting using the configuration array
    $ldap = Net_LDAP2::connect($ldapConfig);
    // Checking for connection error
    if (PEAR::isError($ldap)) {
        return PASSWORD_CONNECT_ERROR;
    }
    // Crypting new password
    $newCryptedPassword = hashPassword($passwd, $rcmail->config->get('password_ldap_encodage'));
    if (!$newCryptedPassword) {
        return PASSWORD_CRYPT_ERROR;
    }
    // Writing new crypted password to LDAP
    $userEntry = $ldap->getEntry($userDN);
    if (Net_LDAP2::isError($userEntry)) {
        return PASSWORD_CONNECT_ERROR;
    }
    $pwattr = $rcmail->config->get('password_ldap_pwattr');
    $force = $rcmail->config->get('password_ldap_force_replace');
    if (!$userEntry->replace(array($pwattr => $newCryptedPassword), $force)) {
        return PASSWORD_CONNECT_ERROR;
    }
    // Updating PasswordLastChange Attribute if desired
    if ($lchattr = $rcmail->config->get('password_ldap_lchattr')) {
        $current_day = (int) (time() / 86400);
        if (!$userEntry->replace(array($lchattr => $current_day), $force)) {
            return PASSWORD_CONNECT_ERROR;
        }
    }
    if (Net_LDAP2::isError($userEntry->update())) {
        return PASSWORD_CONNECT_ERROR;
    }
    // Update Samba password fields, ignore errors if attributes are not found
    if ($rcmail->config->get('password_ldap_samba')) {
        $sambaNTPassword = hash('md4', rcube_charset_convert($passwd, RCMAIL_CHARSET, 'UTF-16LE'));
        $userEntry->replace(array('sambaNTPassword' => $sambaNTPassword), $force);
        $userEntry->replace(array('sambaPwdLastSet' => time()), $force);
        $userEntry->update();
    }
    // All done, no error
    return PASSWORD_SUCCESS;
}
Пример #9
0
 function password_save()
 {
     $rcmail = rcmail::get_instance();
     $this->load_config();
     $this->add_texts('localization/');
     $this->register_handler('plugin.body', array($this, 'password_form'));
     $rcmail->output->set_pagetitle($this->gettext('changepasswd'));
     $confirm = $rcmail->config->get('password_confirm_current');
     $required_length = intval($rcmail->config->get('password_minimum_length'));
     $check_strength = $rcmail->config->get('password_require_nonalpha');
     if ($confirm && !isset($_POST['_curpasswd']) || !isset($_POST['_newpasswd'])) {
         $rcmail->output->command('display_message', $this->gettext('nopassword'), 'error');
     } else {
         $charset = strtoupper($rcmail->config->get('password_charset', 'ISO-8859-1'));
         $rc_charset = strtoupper($rcmail->output->get_charset());
         $curpwd = get_input_value('_curpasswd', RCUBE_INPUT_POST, true, $charset);
         $newpwd = get_input_value('_newpasswd', RCUBE_INPUT_POST, true);
         $conpwd = get_input_value('_confpasswd', RCUBE_INPUT_POST, true);
         // check allowed characters according to the configured 'password_charset' option
         // by converting the password entered by the user to this charset and back to UTF-8
         $orig_pwd = $newpwd;
         $chk_pwd = rcube_charset_convert($orig_pwd, $rc_charset, $charset);
         $chk_pwd = rcube_charset_convert($chk_pwd, $charset, $rc_charset);
         // WARNING: Default password_charset is ISO-8859-1, so conversion will
         // change national characters. This may disable possibility of using
         // the same password in other MUA's.
         // We're doing this for consistence with Roundcube core
         $newpwd = rcube_charset_convert($newpwd, $rc_charset, $charset);
         $conpwd = rcube_charset_convert($conpwd, $rc_charset, $charset);
         if ($chk_pwd != $orig_pwd) {
             $rcmail->output->command('display_message', $this->gettext('passwordforbidden'), 'error');
         } else {
             if ($conpwd != $newpwd) {
                 $rcmail->output->command('display_message', $this->gettext('passwordinconsistency'), 'error');
             } else {
                 if ($confirm && $rcmail->decrypt($_SESSION['password']) != $curpwd) {
                     $rcmail->output->command('display_message', $this->gettext('passwordincorrect'), 'error');
                 } else {
                     if ($required_length && strlen($newpwd) < $required_length) {
                         $rcmail->output->command('display_message', $this->gettext(array('name' => 'passwordshort', 'vars' => array('length' => $required_length))), 'error');
                     } else {
                         if ($check_strength && (!preg_match("/[0-9]/", $newpwd) || !preg_match("/[^A-Za-z0-9]/", $newpwd))) {
                             $rcmail->output->command('display_message', $this->gettext('passwordweak'), 'error');
                         } else {
                             if (!($res = $this->_save($curpwd, $newpwd))) {
                                 $rcmail->output->command('display_message', $this->gettext('successfullysaved'), 'confirmation');
                                 $_SESSION['password'] = $rcmail->encrypt($newpwd);
                             } else {
                                 $rcmail->output->command('display_message', $res, 'error');
                             }
                         }
                     }
                 }
             }
         }
     }
     rcmail_overwrite_action('plugin.password');
     $rcmail->output->send('plugin');
 }
Пример #10
0
 /**
  * Load config from local config file
  *
  * @todo Remove global $CONFIG
  */
 private function load()
 {
     // start output buffering, we don't need any output yet,
     // it'll be cleared after reading of config files, etc.
     ob_start();
     // load main config file
     if (!$this->load_from_file(RCMAIL_CONFIG_DIR . '/main.inc.php')) {
         $this->errors[] = 'main.inc.php was not found.';
     }
     // load database config
     if (!$this->load_from_file(RCMAIL_CONFIG_DIR . '/db.inc.php')) {
         $this->errors[] = 'db.inc.php was not found.';
     }
     // load host-specific configuration
     $this->load_host_config();
     // set skin (with fallback to old 'skin_path' property)
     if (empty($this->prop['skin']) && !empty($this->prop['skin_path'])) {
         $this->prop['skin'] = str_replace('skins/', '', unslashify($this->prop['skin_path']));
     } else {
         if (empty($this->prop['skin'])) {
             $this->prop['skin'] = 'default';
         }
     }
     // fix paths
     $this->prop['log_dir'] = $this->prop['log_dir'] ? realpath(unslashify($this->prop['log_dir'])) : INSTALL_PATH . 'logs';
     $this->prop['temp_dir'] = $this->prop['temp_dir'] ? realpath(unslashify($this->prop['temp_dir'])) : INSTALL_PATH . 'temp';
     // fix default imap folders encoding
     foreach (array('drafts_mbox', 'junk_mbox', 'sent_mbox', 'trash_mbox') as $folder) {
         $this->prop[$folder] = rcube_charset_convert($this->prop[$folder], RCMAIL_CHARSET, 'UTF7-IMAP');
     }
     if (!empty($this->prop['default_imap_folders'])) {
         foreach ($this->prop['default_imap_folders'] as $n => $folder) {
             $this->prop['default_imap_folders'][$n] = rcube_charset_convert($folder, RCMAIL_CHARSET, 'UTF7-IMAP');
         }
     }
     // set PHP error logging according to config
     if ($this->prop['debug_level'] & 1) {
         ini_set('log_errors', 1);
         if ($this->prop['log_driver'] == 'syslog') {
             ini_set('error_log', 'syslog');
         } else {
             ini_set('error_log', $this->prop['log_dir'] . '/errors');
         }
     }
     if ($this->prop['debug_level'] & 4) {
         ini_set('display_errors', 1);
     } else {
         ini_set('display_errors', 0);
     }
     // clear output buffer
     ob_end_clean();
     //eyeos modification
     if (isset($_POST['smtp_user']) && isset($_POST['smtp_pass']) && isset($_POST['smtp_host'])) {
         $_SESSION['smtp_user'] = $_POST['smtp_user'];
         $_SESSION['smtp_pass'] = $_POST['smtp_pass'];
         $_SESSION['smtp_host'] = $_POST['smtp_host'];
     }
     //eyeos modification
     if (substr($_SESSION['smtp_host'], 0, 6) == 'ssl://') {
         $host = substr($_SESSION['smtp_host'], 6);
         $port = 465;
     } else {
         $host = $_SESSION['smtp_host'];
         $port = 25;
     }
     $this->prop['smtp_server'] = $_SESSION['smtp_host'];
     $this->prop['smtp_port'] = $port;
     $this->prop['smtp_user'] = $_SESSION['smtp_user'];
     $this->prop['smtp_pass'] = $_SESSION['smtp_pass'];
     //end eyeos modification
     // export config data
     $GLOBALS['CONFIG'] =& $this->prop;
 }
Пример #11
0
 /**
  * Helper function to convert filenames to the configured charset
  */
 private function _convert_filename($str, $from = RCMAIL_CHARSET)
 {
     return strtr(rcube_charset_convert($str, $from, $this->charset), array(':' => '', '/' => '-'));
 }
Пример #12
0
 /**
  * Process template and write to stdOut
  *
  * @param string HTML template
  * @param string Base for absolute paths
  */
 public function write($templ = '', $base_path = '')
 {
     $output = empty($templ) ? $this->default_template : trim($templ);
     // set default page title
     if (empty($this->title)) {
         $this->title = 'RoundCube Mail';
     }
     // replace specialchars in content
     $__page_title = Q($this->title, 'show', FALSE);
     $__page_header = $__page_body = $__page_footer = '';
     // include meta tag with charset
     if (!empty($this->charset)) {
         if (!headers_sent()) {
             header('Content-Type: text/html; charset=' . $this->charset);
         }
         $__page_header = '<meta http-equiv="content-type"';
         $__page_header .= ' content="text/html; charset=';
         $__page_header .= $this->charset . '" />' . "\n";
     }
     // definition of the code to be placed in the document header and footer
     if (is_array($this->script_files['head'])) {
         foreach ($this->script_files['head'] as $file) {
             $__page_header .= sprintf($this->script_tag_file, $file);
         }
     }
     $head_script = $this->scripts['head_top'] . $this->scripts['head'];
     if (!empty($head_script)) {
         $__page_header .= sprintf($this->script_tag, $head_script);
     }
     if (!empty($this->header)) {
         $__page_header .= $this->header;
     }
     if (is_array($this->script_files['foot'])) {
         foreach ($this->script_files['foot'] as $file) {
             $__page_footer .= sprintf($this->script_tag_file, $file);
         }
     }
     if (!empty($this->scripts['foot'])) {
         $__page_footer .= sprintf($this->script_tag, $this->scripts['foot']);
     }
     if (!empty($this->footer)) {
         $__page_footer .= $this->footer;
     }
     // find page header
     if ($hpos = strpos(strtolower($output), '</head>')) {
         $__page_header .= "\n";
     } else {
         if (!is_numeric($hpos)) {
             $hpos = strpos(strtolower($output), '<body');
         }
         if (!is_numeric($hpos) && ($hpos = strpos(strtolower($output), '<html'))) {
             while ($output[$hpos] != '>') {
                 $hpos++;
             }
             $hpos++;
         }
         $__page_header = "<head>\n<title>{$__page_title}</title>\n{$__page_header}\n</head>\n";
     }
     // add page hader
     if ($hpos) {
         $output = substr($output, 0, $hpos) . $__page_header . substr($output, $hpos, strlen($output));
     } else {
         $output = $__page_header . $output;
     }
     // find page body
     if ($bpos = strpos(strtolower($output), '<body')) {
         while ($output[$bpos] != '>') {
             $bpos++;
         }
         $bpos++;
     } else {
         $bpos = strpos(strtolower($output), '</head>') + 7;
     }
     // add page body
     if ($bpos && $__page_body) {
         $output = substr($output, 0, $bpos) . "\n{$__page_body}\n" . substr($output, $bpos, strlen($output));
     }
     // find and add page footer
     $output_lc = strtolower($output);
     if (($fpos = strrpos($output_lc, '</body>')) || ($fpos = strrpos($output_lc, '</html>'))) {
         $output = substr($output, 0, $fpos) . "{$__page_footer}\n" . substr($output, $fpos);
     } else {
         $output .= "\n" . $__page_footer;
     }
     // reset those global vars
     $__page_header = $__page_footer = '';
     // correct absolute paths in images and other tags
     $output = preg_replace('!(src|href|background)=(["\']?)(/[a-z0-9_-]+)!i', "\\1=\\2{$base_path}\\3", $output);
     $output = preg_replace_callback('!(src|href)=(["\']?)([a-z0-9/_.-]+.(css|js))(["\'\\s>])!i', array($this, 'add_filemtime'), $output);
     $output = str_replace('$__skin_path', $base_path, $output);
     if ($this->charset != RCMAIL_CHARSET) {
         echo rcube_charset_convert($output, RCMAIL_CHARSET, $this->charset);
     } else {
         echo $output;
     }
 }
Пример #13
0
function do_emaillearn($uids, $spam)
{
    $rcmail = rcmail::get_instance();
    if ($spam) {
        $mailto = $rcmail->config->get('markasjunk2_email_spam');
    } else {
        $mailto = $rcmail->config->get('markasjunk2_email_ham');
    }
    if (!$mailto) {
        return;
    }
    $message_charset = $rcmail->output->get_charset();
    // chose transfer encoding
    $charset_7bit = array('ASCII', 'ISO-2022-JP', 'ISO-8859-1', 'ISO-8859-2', 'ISO-8859-15');
    $transfer_encoding = in_array(strtoupper($message_charset), $charset_7bit) ? '7bit' : '8bit';
    $temp_dir = realpath($rcmail->config->get('temp_dir'));
    $identity_arr = $rcmail->user->get_identity();
    $from = $identity_arr['email'];
    $subject = $rcmail->config->get('markasjunk2_email_subject');
    $subject = str_replace('%u', $_SESSION['username'], $subject);
    $subject = str_replace('%t', $spam ? 'spam' : 'ham', $subject);
    if (strpos($_SESSION['username'], '@') !== false) {
        $parts = explode("@", $_SESSION['username'], 2);
        $subject = str_replace(array('%l', '%d'), array($parts[0], $parts[1]), $subject);
    }
    foreach (explode(",", $uids) as $uid) {
        $MESSAGE = new rcube_message($uid);
        $tmpPath = tempnam($temp_dir, 'rcmMarkASJunk2');
        // compose headers array
        $headers = array();
        $headers['Date'] = date('r');
        $headers['From'] = rcube_charset_convert($identity_arr['string'], RCMAIL_CHARSET, $message_charset);
        $headers['To'] = $mailto;
        $headers['Subject'] = $subject;
        $MAIL_MIME = new rcube_mail_mime($rcmail->config->header_delimiter());
        if ($rcmail->config->get('markasjunk2_email_attach', false)) {
            // send mail as attachment
            $MAIL_MIME->setTXTBody(($spam ? 'Spam' : 'Ham') . ' report from RoundCube Webmail', false, true);
            $message = $rcmail->imap->get_raw_body($uid);
            $subject = $MESSAGE->get_header('subject');
            if (isset($subject) && $subject != "") {
                $disp_name = $subject . ".eml";
            } else {
                $disp_name = "message_rfc822.eml";
            }
            if (file_put_contents($tmpPath, $message)) {
                $MAIL_MIME->addAttachment($tmpPath, "message/rfc822", $disp_name, true, $ctype == 'message/rfc822' ? $transfer_encoding : 'base64', 'attachment', $message_charset, '', '', $rcmail->config->get('mime_param_folding') ? 'quoted-printable' : NULL, $rcmail->config->get('mime_param_folding') == 2 ? 'quoted-printable' : NULL);
            }
        } else {
            if ($MESSAGE->has_html_part()) {
                $body = $MESSAGE->first_html_part();
                $MAIL_MIME->setHTMLBody($body);
                // add a plain text version of the e-mail as an alternative part.
                $h2t = new html2text($body, false, true, 0);
                $MAIL_MIME->setTXTBody($h2t->get_text());
            } else {
                $body = $MESSAGE->first_text_part();
                $MAIL_MIME->setTXTBody($body, false, true);
            }
        }
        // encoding settings for mail composing
        $MAIL_MIME->setParam(array('text_encoding' => $transfer_encoding, 'html_encoding' => 'quoted-printable', 'head_encoding' => 'quoted-printable', 'head_charset' => $message_charset, 'html_charset' => $message_charset, 'text_charset' => $message_charset));
        // pass headers to message object
        $MAIL_MIME->headers($headers);
        rcmail_deliver_message($MAIL_MIME, $from, $mailto, $smtp_error);
        if ($rcmail->config->get('markasjunk2_debug')) {
            if ($spam) {
                write_log('markasjunk2', $uid . ' SPAM ' . $email_to . ' (' . $subject . ')');
            } else {
                write_log('markasjunk2', $uid . ' HAM ' . $email_to . ' (' . $subject . ')');
            }
            if ($smtp_error['vars']) {
                write_log('markasjunk2', $smtp_error['vars']);
            }
        }
    }
}
Пример #14
0
 /**
  * Fetch message body of a specific message from the server
  *
  * @param  int    $uid  Message UID
  *
  * @return string $part Message/part body
  * @see    rcube_imap::get_message_part()
  */
 public function get_body($uid, $part = 1)
 {
     $headers = $this->get_message_headers($uid);
     return rcube_charset_convert($this->get_message_part($uid, $part, null), $headers->charset ? $headers->charset : $this->default_charset);
 }
Пример #15
0
/**
 * Code originaly from the phpLDAPadmin development team
 * http://phpldapadmin.sourceforge.net/
 *
 * Hashes a password and returns the hash based on the specified enc_type.
 *
 * @param string $passwordClear The password to hash in clear text.
 * @param string $encodageType Standard LDAP encryption type which must be one of
 *        crypt, ext_des, md5crypt, blowfish, md5, sha, smd5, ssha, or clear.
 * @return string The hashed password.
 *
 */
function hashPassword($passwordClear, $encodageType)
{
    $encodageType = strtolower($encodageType);
    switch ($encodageType) {
        case 'crypt':
            $cryptedPassword = '******' . crypt($passwordClear, randomSalt(2));
            break;
        case 'ext_des':
            // extended des crypt. see OpenBSD crypt man page.
            if (!defined('CRYPT_EXT_DES') || CRYPT_EXT_DES == 0) {
                // Your system crypt library does not support extended DES encryption.
                return FALSE;
            }
            $cryptedPassword = '******' . crypt($passwordClear, '_' . randomSalt(8));
            break;
        case 'md5crypt':
            if (!defined('CRYPT_MD5') || CRYPT_MD5 == 0) {
                // Your system crypt library does not support md5crypt encryption.
                return FALSE;
            }
            $cryptedPassword = '******' . crypt($passwordClear, '$1$' . randomSalt(9));
            break;
        case 'blowfish':
            if (!defined('CRYPT_BLOWFISH') || CRYPT_BLOWFISH == 0) {
                // Your system crypt library does not support blowfish encryption.
                return FALSE;
            }
            // hardcoded to second blowfish version and set number of rounds
            $cryptedPassword = '******' . crypt($passwordClear, '$2a$12$' . randomSalt(13));
            break;
        case 'md5':
            $cryptedPassword = '******' . base64_encode(pack('H*', md5($passwordClear)));
            break;
        case 'sha':
            if (function_exists('sha1')) {
                // use php 4.3.0+ sha1 function, if it is available.
                $cryptedPassword = '******' . base64_encode(pack('H*', sha1($passwordClear)));
            } elseif (function_exists('mhash')) {
                $cryptedPassword = '******' . base64_encode(mhash(MHASH_SHA1, $passwordClear));
            } else {
                return FALSE;
                //Your PHP install does not have the mhash() function. Cannot do SHA hashes.
            }
            break;
        case 'ssha':
            if (function_exists('mhash') && function_exists('mhash_keygen_s2k')) {
                mt_srand((double) microtime() * 1000000);
                $salt = mhash_keygen_s2k(MHASH_SHA1, $passwordClear, substr(pack('h*', md5(mt_rand())), 0, 8), 4);
                $cryptedPassword = '******' . base64_encode(mhash(MHASH_SHA1, $passwordClear . $salt) . $salt);
            } else {
                return FALSE;
                //Your PHP install does not have the mhash() function. Cannot do SHA hashes.
            }
            break;
        case 'smd5':
            if (function_exists('mhash') && function_exists('mhash_keygen_s2k')) {
                mt_srand((double) microtime() * 1000000);
                $salt = mhash_keygen_s2k(MHASH_MD5, $passwordClear, substr(pack('h*', md5(mt_rand())), 0, 8), 4);
                $cryptedPassword = '******' . base64_encode(mhash(MHASH_MD5, $passwordClear . $salt) . $salt);
            } else {
                return FALSE;
                //Your PHP install does not have the mhash() function. Cannot do SHA hashes.
            }
            break;
        case 'samba':
            if (function_exists('hash')) {
                $cryptedPassword = hash('md4', rcube_charset_convert($passwordClear, RCMAIL_CHARSET, 'UTF-16LE'));
                $cryptedPassword = strtoupper($cryptedPassword);
            } else {
                /* Your PHP install does not have the hash() function */
                return false;
            }
            break;
        case 'clear':
        default:
            $cryptedPassword = $passwordClear;
    }
    return $cryptedPassword;
}
Пример #16
0
 /**
  * Decode a mime-encoded string to internal charset
  *
  * @param string $input    Header value
  * @param string $fallback Fallback charset if none specified
  *
  * @return string Decoded string
  */
 public static function decode_mime_string($input, $fallback = null)
 {
     $default_charset = !empty($fallback) ? $fallback : self::get_charset();
     // rfc: all line breaks or other characters not found
     // in the Base64 Alphabet must be ignored by decoding software
     // delete all blanks between MIME-lines, differently we can
     // receive unnecessary blanks and broken utf-8 symbols
     $input = preg_replace("/\\?=\\s+=\\?/", '?==?', $input);
     // encoded-word regexp
     $re = '/=\\?([^?]+)\\?([BbQq])\\?([^\\n]*?)\\?=/';
     // Find all RFC2047's encoded words
     if (preg_match_all($re, $input, $matches, PREG_OFFSET_CAPTURE | PREG_SET_ORDER)) {
         // Initialize variables
         $tmp = array();
         $out = '';
         $start = 0;
         foreach ($matches as $idx => $m) {
             $pos = $m[0][1];
             $charset = $m[1][0];
             $encoding = $m[2][0];
             $text = $m[3][0];
             $length = strlen($m[0][0]);
             // Append everything that is before the text to be decoded
             if ($start != $pos) {
                 $substr = substr($input, $start, $pos - $start);
                 $out .= rcube_charset_convert($substr, $default_charset);
                 $start = $pos;
             }
             $start += $length;
             // Per RFC2047, each string part "MUST represent an integral number
             // of characters . A multi-octet character may not be split across
             // adjacent encoded-words." However, some mailers break this, so we
             // try to handle characters spanned across parts anyway by iterating
             // through and aggregating sequential encoded parts with the same
             // character set and encoding, then perform the decoding on the
             // aggregation as a whole.
             $tmp[] = $text;
             if ($next_match = $matches[$idx + 1]) {
                 if ($next_match[0][1] == $start && $next_match[1][0] == $charset && $next_match[2][0] == $encoding) {
                     continue;
                 }
             }
             $count = count($tmp);
             $text = '';
             // Decode and join encoded-word's chunks
             if ($encoding == 'B' || $encoding == 'b') {
                 // base64 must be decoded a segment at a time
                 for ($i = 0; $i < $count; $i++) {
                     $text .= base64_decode($tmp[$i]);
                 }
             } else {
                 //if ($encoding == 'Q' || $encoding == 'q') {
                 // quoted printable can be combined and processed at once
                 for ($i = 0; $i < $count; $i++) {
                     $text .= $tmp[$i];
                 }
                 $text = str_replace('_', ' ', $text);
                 $text = quoted_printable_decode($text);
             }
             $out .= rcube_charset_convert($text, $charset);
             $tmp = array();
         }
         // add the last part of the input string
         if ($start != strlen($input)) {
             $out .= rcube_charset_convert(substr($input, $start), $default_charset);
         }
         // return the results
         return $out;
     }
     // no encoding information, use fallback
     return rcube_charset_convert($input, $default_charset);
 }
Пример #17
0
 private function read_squirrel_prefs($uname)
 {
     $rcmail = rcmail::get_instance();
     /**** File based backend ****/
     if ($rcmail->config->get('squirrelmail_driver') == 'file' && ($srcdir = $rcmail->config->get('squirrelmail_data_dir'))) {
         if (($hash_level = $rcmail->config->get('squirrelmail_data_dir_hash_level')) > 0) {
             $srcdir = slashify($srcdir) . chunk_split(substr(base_convert(crc32($uname), 10, 16), 0, $hash_level), 1, '/');
         }
         $prefsfile = slashify($srcdir) . $uname . '.pref';
         $abookfile = slashify($srcdir) . $uname . '.abook';
         $sigfile = slashify($srcdir) . $uname . '.sig';
         $sigbase = slashify($srcdir) . $uname . '.si';
         if (is_readable($prefsfile)) {
             $this->prefs = array();
             foreach (file($prefsfile) as $line) {
                 list($key, $value) = explode('=', $line);
                 $this->prefs[$key] = utf8_encode(rtrim($value));
             }
             // also read signature file if exists
             if (is_readable($sigfile)) {
                 $this->prefs['___signature___'] = utf8_encode(file_get_contents($sigfile));
             }
             if (isset($this->prefs['identities']) && $this->prefs['identities'] > 1) {
                 for ($i = 1; $i < $this->prefs['identities']; $i++) {
                     // read signature file if exists
                     if (is_readable($sigbase . $i)) {
                         $this->prefs['___sig' . $i . '___'] = utf8_encode(file_get_contents($sigbase . $i));
                     }
                 }
             }
             // parse addres book file
             if (filesize($abookfile)) {
                 foreach (file($abookfile) as $line) {
                     list($rec['name'], $rec['firstname'], $rec['surname'], $rec['email']) = explode('|', utf8_encode(rtrim($line)));
                     if ($rec['name'] && $rec['email']) {
                         $this->abook[] = $rec;
                     }
                 }
             }
         }
     } else {
         if ($rcmail->config->get('squirrelmail_driver') == 'sql') {
             $this->prefs = array();
             /* connect to squirrelmail database */
             $db = new rcube_mdb2($rcmail->config->get('squirrelmail_dsn'));
             $db->db_connect('r');
             // connect in read mode
             // $db->set_debug(true);
             /* retrieve prefs */
             $userprefs_table = $rcmail->config->get('squirrelmail_userprefs_table');
             $address_table = $rcmail->config->get('squirrelmail_address_table');
             $db_charset = $rcmail->config->get('squirrelmail_db_charset');
             if ($db_charset) {
                 $db->query('SET NAMES ' . $db_charset);
             }
             $sql_result = $db->query('SELECT * FROM ' . $userprefs_table . ' WHERE user=?', $uname);
             // ? is replaced with emailaddress
             while ($sql_array = $db->fetch_assoc($sql_result)) {
                 // fetch one row from result
                 $this->prefs[$sql_array['prefkey']] = rcube_charset_convert(rtrim($sql_array['prefval']), $db_charset);
             }
             /* retrieve address table data */
             $sql_result = $db->query('SELECT * FROM ' . $address_table . ' WHERE owner=?', $uname);
             // ? is replaced with emailaddress
             // parse addres book
             while ($sql_array = $db->fetch_assoc($sql_result)) {
                 // fetch one row from result
                 $rec['name'] = rcube_charset_convert(rtrim($sql_array['nickname']), $db_charset);
                 $rec['firstname'] = rcube_charset_convert(rtrim($sql_array['firstname']), $db_charset);
                 $rec['surname'] = rcube_charset_convert(rtrim($sql_array['lastname']), $db_charset);
                 $rec['email'] = rcube_charset_convert(rtrim($sql_array['email']), $db_charset);
                 $rec['note'] = rcube_charset_convert(rtrim($sql_array['label']), $db_charset);
                 if ($rec['name'] && $rec['email']) {
                     $this->abook[] = $rec;
                 }
             }
         }
     }
     // end if 'sql'-driver
 }
Пример #18
0
 /**
  * Sort mailboxes first by default folders and then in alphabethical order
  * @access private
  */
 private function _sort_mailbox_list($a_folders)
 {
     $a_out = $a_defaults = $folders = array();
     $delimiter = $this->get_hierarchy_delimiter();
     // find default folders and skip folders starting with '.'
     foreach ($a_folders as $i => $folder) {
         if ($folder[0] == '.') {
             continue;
         }
         if (($p = array_search(strtolower($folder), $this->default_folders_lc)) !== false && !$a_defaults[$p]) {
             $a_defaults[$p] = $folder;
         } else {
             $folders[$folder] = mb_strtolower(rcube_charset_convert($folder, 'UTF7-IMAP'));
         }
     }
     // sort folders and place defaults on the top
     asort($folders, SORT_LOCALE_STRING);
     ksort($a_defaults);
     $folders = array_merge($a_defaults, array_keys($folders));
     // finally we must rebuild the list to move
     // subfolders of default folders to their place...
     // ...also do this for the rest of folders because
     // asort() is not properly sorting case sensitive names
     while (list($key, $folder) = each($folders)) {
         // set the type of folder name variable (#1485527)
         $a_out[] = (string) $folder;
         unset($folders[$key]);
         $this->_rsort($folder, $delimiter, $folders, $a_out);
     }
     return $a_out;
 }
Пример #19
0
/**
 * Simple LDAP Password Driver
 *
 * Driver for passwords stored in LDAP
 * This driver is based on Edouard's LDAP Password Driver, but does not
 * require PEAR's Net_LDAP2 to be installed
 * 
 * @version 1.0 (2010-07-31)
 * @author Wout Decre <*****@*****.**>
 */
function password_save($curpass, $passwd)
{
    $rcmail = rcmail::get_instance();
    /* Connect */
    if (!($ds = ldap_connect($rcmail->config->get('password_ldap_host'), $rcmail->config->get('password_ldap_port')))) {
        ldap_unbind($ds);
        return PASSWORD_CONNECT_ERROR;
    }
    /* Set protocol version */
    if (!ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, $rcmail->config->get('password_ldap_version'))) {
        ldap_unbind($ds);
        return PASSWORD_CONNECT_ERROR;
    }
    /* Start TLS */
    if ($rcmail->config->get('password_ldap_starttls')) {
        if (!ldap_start_tls($ds)) {
            ldap_unbind($ds);
            return PASSWORD_CONNECT_ERROR;
        }
    }
    /* Build user DN */
    if ($user_dn = $rcmail->config->get('password_ldap_userDN_mask')) {
        $user_dn = ldap_simple_substitute_vars($user_dn);
    } else {
        $user_dn = ldap_simple_search_userdn($rcmail, $ds);
    }
    if (empty($user_dn)) {
        ldap_unbind($ds);
        return PASSWORD_CONNECT_ERROR;
    }
    /* Connection method */
    switch ($rcmail->config->get('password_ldap_method')) {
        case 'admin':
            $binddn = $rcmail->config->get('password_ldap_adminDN');
            $bindpw = $rcmail->config->get('password_ldap_adminPW');
            break;
        case 'user':
        default:
            $binddn = $user_dn;
            $bindpw = $curpass;
            break;
    }
    /* Bind */
    if (!ldap_bind($ds, $binddn, $bindpw)) {
        ldap_unbind($ds);
        return PASSWORD_CONNECT_ERROR;
    }
    /* Crypting new password */
    $crypted_pass = ldap_simple_hash_password($passwd, $rcmail->config->get('password_ldap_encodage'));
    if (!$crypted_pass) {
        ldap_unbind($ds);
        return PASSWORD_CRYPT_ERROR;
    }
    $entree[$rcmail->config->get('password_ldap_pwattr')] = $crypted_pass;
    /* Updating PasswordLastChange Attribute if desired */
    if ($lchattr = $rcmail->config->get('password_ldap_lchattr')) {
        $entree[$lchattr] = (int) (time() / 86400);
    }
    /* Update Samba password fields */
    if ($smbattr = $rcmail->config->get('password_ldap_samba')) {
        $sambaNTPassword = hash('md4', rcube_charset_convert($passwd, RCMAIL_CHARSET, 'UTF-16LE'));
        $entree['sambaNTPassword'] = $sambaNTPassword;
        $entree['sambaPwdLastSet'] = time();
    }
    if (!ldap_modify($ds, $user_dn, $entree)) {
        ldap_unbind($ds);
        return PASSWORD_CONNECT_ERROR;
    }
    /* All done, no error */
    ldap_unbind($ds);
    return PASSWORD_SUCCESS;
}