Context Navigation

index.php

Revision 806, 13.0 kB (checked in by thomasb, 11 months ago)
Vast renaming of classes and functions; implemented autoload; code cleanup + more
Property svn:executable set to ``*

Line
1	<?php
2	/*
3	+-----------------------------------------------------------------------+
4	\| RoundCube Webmail IMAP Client \|
5	\| Version 0.1-devel-vnext \|
6	\| \|
7	\| Copyright (C) 2005-2007, RoundCube Dev. - Switzerland \|
8	\| Licensed under the GNU GPL \|
9	\| \|
10	\| Redistribution and use in source and binary forms, with or without \|
11	\| modification, are permitted provided that the following conditions \|
12	\| are met: \|
13	\| \|
14	\| o Redistributions of source code must retain the above copyright \|
15	\| notice, this list of conditions and the following disclaimer. \|
16	\| o Redistributions in binary form must reproduce the above copyright \|
17	\| notice, this list of conditions and the following disclaimer in the \|
18	\| documentation and/or other materials provided with the distribution.\|
19	\| o The names of the authors may not be used to endorse or promote \|
20	\| products derived from this software without specific prior written \|
21	\| permission. \|
22	\| \|
23	\| THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS \|
24	\| "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT \|
25	\| LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR \|
26	\| A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT \|
27	\| OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, \|
28	\| SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT \|
29	\| LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, \|
30	\| DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY \|
31	\| THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT \|
32	\| (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE \|
33	\| OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. \|
34	\| \|
35	+-----------------------------------------------------------------------+
36	\| Author: Thomas Bruederli <roundcube@gmail.com> \|
37	+-----------------------------------------------------------------------+
38
39	$Id: index.php 579 2007-05-18 13:11:22Z thomasb $
40
41	*/
42
43	// bootstrap
44	require_once 'program/include/bootstrap.php';
45
46	$BASE_URI = str_replace($_SERVER['QUERY_STRING'], '', $_SERVER['REQUEST_URI']);
47	if (substr($BASE_URI, -1, 1) == '?') {
48	$BASE_URI = substr($BASE_URI, 0, -1);
49	}
50
51	$MAIN_TASKS = array(
52	'mail',
53	'settings',
54	'logout',
55	'plugin',
56	'addressbook',
57	);
58
59	// catch some url/post parameters
60	$_task = strip_quotes(rcube::get_input_value('_task', rcube::INPUT_GPC));
61	$_action = strip_quotes(rcube::get_input_value('_action', rcube::INPUT_GPC));
62	$_framed = (!empty($_GET['_framed']) \|\| !empty($_POST['_framed']));
63
64	// use main task if empty or invalid value
65	if (empty($_task) \|\| !in_array($_task, $MAIN_TASKS)) {
66	$_task = 'mail';
67	}
68
69	// start session with requested task
70	rcube::startup($_task);
71
72	//rcube::tfk_debug('// startup');
73
74	// set session related variables
75	$COMM_PATH = sprintf('%s?_task=%s', $BASE_URI, $_task);
76	$SESS_HIDDEN_FIELD = '';
77
78	// add framed parameter
79	if ($_framed) {
80	$COMM_PATH .= '&_framed=1';
81	$SESS_HIDDEN_FIELD .= "\n" . html::tag('input', array('type' => "hidden", 'name' => "_framed", 'value' => 1));
82	}
83
84	// set some global properties
85	$registry = rcube_registry::get_instance();
86	$registry->set('MAIN_TASKS', $MAIN_TASKS, 'core');
87	$registry->set('BASE_URI', $BASE_URI, 'core');
88	$registry->set('COMM_PATH', $COMM_PATH, 'core');
89	$registry->set('OUTPUT_TYPE', 'html', 'core');
90	$registry->set('OUTPUT_CHARSET', RCMAIL_CHARSET, 'core');
91	$registry->set('SESS_HIDDEN_FIELD', $SESS_HIDDEN_FIELD, 'core');
92
93
94	// init output class
95	if (!empty($_GET['_remote']) \|\| !empty($_POST['_remote'])) {
96	$registry->set('ajax_call', true, 'core');
97	rcube::init_json();
98	}
99	else {
100	$registry->set('ajax_call', false, 'core');
101	rcube::load_gui();
102	}
103
104
105	$OUTPUT = $registry->get('OUTPUT', 'core');
106	$DB = $registry->get('DB', 'core');
107
108
109	$OUTPUT->set_env('comm_path', $COMM_PATH);
110
111
112	// check DB connections and exit on failure
113	if (is_null($DB)) {
114	rcube_error::raise(array(
115	'code' => 603,
116	'type' => 'db',
117	'message' => 'No connection.'), false, true
118	);
119	}
120	if ($err_str = $DB->is_error()) {
121	rcube_error::raise(array(
122	'code' => 603,
123	'type' => 'db',
124	'message' => $err_str), false, true
125	);
126	}
127
128	//rcube::tfk_debug('// NO DB ERROR');
129
130	// error steps
131	if ($_action=='error' && !empty($_GET['_code'])) {
132	rcube_error::raise(array('code' => hexdec($_GET['_code'])), false, true);
133	}
134
135	//rcube::tfk_debug('// going');
136
137	//rcube::tfk_debug("task {$_task} / action {$_action}");
138
139	// try to log in
140	if ($_action=='login' && $_task=='mail') {
141
142	//rcube::tfk_debug('Here we go, a login.');
143
144	$host = rcube::autoselect_host();
145
146	//rcube::tfk_debug('Selected host: ' . $host);
147
148	// check if client supports cookies
149	if (empty($_COOKIE)) {
150	$OUTPUT->show_message("cookiesdisabled", 'warning');
151	}
152	else if (
153	$_SESSION['temp']
154	&& !empty($_POST['_user'])
155	&& isset($_POST['_pass'])
156	&& rcube::login(
157	rcube::get_input_value('_user', rcube::INPUT_POST),
158	rcube::get_input_value('_pass', rcube::INPUT_POST, true, 'ISO-8859-1'),
159	$host
160	)
161	) {
162	// create new session ID
163	unset($_SESSION['temp']);
164	sess_regenerate_id();
165
166	//rcube::tfk_debug('Yay, we log in.');
167
168	// send auth cookie if necessary
169	rcube::authenticate_session();
170
171	// send redirect
172	header("Location: $COMM_PATH");
173	exit;
174	}
175	else {
176
177	//rcube::tfk_debug('Oops, failed.');
178	if (empty($_POST['_user']) === true) {
179	//rcube::tfk_debug('Login: no _user');
180	}
181	if (isset($_POST['_pass']) === false) {
182	//rcube::tfk_debug('Login: no _pass');
183	}
184	$status = rcube::login(
185	rcube::get_input_value('_user', rcube::INPUT_POST),
186	rcube::get_input_value('_pass', rcube::INPUT_POST, true, 'ISO-8859-1'),
187	$host
188	);
189	//rcube::tfk_debug('Login: status: ' . $status);
190
191	//rcube::tfk_debug(var_export($_SESSION['temp'], true));
192	//rcube::tfk_debug(date('Y-m-d H:i:s', $_SESSION['auth_time']));
193
194	$OUTPUT->show_message("loginfailed", 'warning');
195	$_SESSION['user_id'] = '';
196	}
197	}
198
199	// end session
200	else if (($_task=='logout' \|\| $_action=='logout') && isset($_SESSION['user_id'])) {
201	$external_logout = $registry->get('external_logout', 'config');
202	if (empty($external_logout) === false) {
203	rcube::kill_session();
204	header('Location:' . $external_logout);
205	exit;
206	}
207
208	$OUTPUT->show_message('loggedout');
209	rcube::kill_session();
210	}
211
212	// check session and auth cookie
213	else if ($_action != 'login' && $_SESSION['user_id'] && $_action != 'send') {
214	if (!rcube::authenticate_session()) {
215	$OUTPUT->show_message('sessionerror', 'error');
216	rcube::kill_session();
217	}
218	}
219
220	//rcube::tfk_debug('// going #2');
221
222	$IMAP = $registry->get('IMAP', 'core');
223	//rcube::tfk_debug(var_export($IMAP, true) . "\n\nIMAP LOADED.");
224
225	// log in to imap server
226	if (!empty($_SESSION['user_id']) && $_task == 'mail') {
227
228	//rcube::tfk_debug('// trying to login');
229
230	$conn = $IMAP->connect(
231	$_SESSION['imap_host'],
232	$_SESSION['username'],
233	rcube::decrypt_passwd($_SESSION['password']),
234	$_SESSION['imap_port'],
235	$_SESSION['imap_ssl']
236	);
237	if (!$conn) {
238	$OUTPUT->show_message('imaperror', 'error');
239	$_SESSION['user_id'] = '';
240	}
241	else {
242	rcube::set_imap_prop();
243	}
244	}
245
246
247	// not logged in -> set task to 'login
248	if (empty($_SESSION['user_id'])) {
249
250	//rcube::tfk_debug('// we need a login');
251
252	if ($OUTPUT->ajax_call){
253	$OUTPUT->reset();
254	$OUTPUT->remote_response("setTimeout(\"location.href='\"+this.env.comm_path+\"'\", 2000);");
255	}
256	$_task = 'login';
257	}
258
259	//rcube::tfk_debug("// task {$_task} action {$_action}");
260
261	// check client X-header to verify request origin
262	if ($OUTPUT->ajax_call) {
263	if (!$registry->get('devel_mode', 'config') && !rcube::get_request_header('X-RoundCube-Referer')) {
264	header('HTTP/1.1 404 Not Found');
265	die("Invalid Request");
266	}
267	}
268
269	// set task and action to client
270	$OUTPUT->set_env('task', $_task);
271	if (empty($_action) === FALSE) {
272	$OUTPUT->set_env('action', $_action);
273	}
274
275	// not logged in -> show login page
276	if (!$_SESSION['user_id']) {
277
278	rcube::tfk_debug('// finally: login');
279
280	$OUTPUT->task = 'login';
281	$OUTPUT->send('login');
282	exit;
283	}
284
285
286	// handle keep-alive signal
287	if ($_action=='keep-alive') {
288	$OUTPUT->reset();
289	$OUTPUT->send('');
290	exit;
291	}
292
293	/**
294	* $_name
295	*
296	* Used to build the filename for the include.
297	* @var string
298	*/
299	$_name = '';
300
301	//rcube::tfk_debug("testing: $_task / $_action");
302
303	// include task specific files
304	if ($_task == 'mail') {
305	include_once 'program/steps/mail/func.inc';
306
307	switch($_action) {
308	default:
309	$_name.= $_action;
310	break;
311
312	case 'check-recent':
313	$_name.= 'check_recent';
314	//rcube::tfk_debug('We check recent!');
315	break;
316
317	case 'preview':
318	case 'print':
319	$_name.= 'show';
320	break;
321
322	case 'moveto':
323	case 'delete':
324	$_name.= 'move_del';
325	break;
326
327	case 'send':
328	$_name.= 'sendmail';
329	break;
330
331	case 'remove-attachment':
332	$_name.= 'compose';
333	break;
334
335	case 'expunge':
336	case 'purge':
337	$_name.= 'folders';
338	break;
339	case 'list':
340	if (isset($_REQUEST['_remote']) === true) {
341	$_name.= 'list';
342	}
343	break;
344	}
345
346	//rcube::tfk_debug('Mail: ' . $_name);
347
348	// make sure the message count is refreshed
349	$IMAP->messagecount($_SESSION['mbox'], 'ALL', TRUE);
350	}
351
352	// include task specific files
353	if ($_task == 'addressbook') {
354	include_once 'program/steps/addressbook/func.inc';
355
356	switch($_action) {
357	default:
358	$_name.= $_action;
359	break;
360	case 'edit':
361	case 'add':
362	$_name.= 'edit';
363	break;
364
365	case 'list':
366	if (isset($_REQUEST['_remote']) === true) {
367	$_name.= $_action;
368	}
369	break;
370	}
371	}
372
373	// include task specific files
374	if ($_task == 'settings') {
375	include_once 'program/steps/settings/func.inc';
376
377	$_name = '';
378	switch($_action) {
379	default:
380	$_name.= $_action;
381	break;
382
383	case 'add-identity':
384	$_name.= 'edit_identity';
385	break;
386
387	case 'folders':
388	case 'subscribe':
389	case 'unsubscribe':
390	case 'create-folder':
391	case 'rename-folder':
392	case 'delete-folder':
393	$_name.= 'manage_folders';
394	break;
395
396	}
397	$_name = str_replace('-', '_', $_name);
398	}
399
400	//rcube::tfk_debug($_task);
401
402	/**
403	* plugin hook
404	*/
405	if ($_task == 'plugin') {
406	$_name = '';
407	$_plugin = dirname(__FILE__) . '/plugins/' . $_action;
408	if (file_exists($_plugin) !== TRUE) {
409	//rcube::tfk_debug("$_plugin does not exist.");
410	$_plugin = '';
411	}
412	else {
413	$_plugin = realpath($_plugin);
414	$path_len = strlen(dirname(__FILE__) . '/plugins/');
415	if (substr($_plugin, 0, $path_len) != dirname(__FILE__). '/plugins/') {
416	rcube_error::raise(
417	array(
418	'code' => 500,
419	'type' => 'php',
420	'line' => __LINE__,
421	'file' => __FILE__,
422	'message' => 'Plugin request not within webmail directory.'
423	),
424	TRUE,
425	TRUE
426	);
427	//rcube::tfk_debug('Possible hack.');
428	exit;
429	}
430	$status = @include $_plugin;
431	if ($status === FALSE) {
432	//rcube::tfk_debug("Could not include: $_plugin");
433	}
434	exit;
435	}
436	}
437
438	if (empty($_name) === false) {
439	$_file = dirname(__FILE__) . '/program/steps/';
440	$_file.= $_task . '/';
441	$_file.= $_name . '.inc';
442	if (file_exists($_file) === true) {
443	include $_file;
444	}
445	else {
446	//rcube::tfk_debug('Does not exist: ' . $_file);
447	}
448	}
449
450	// parse main template
451	$OUTPUT->send($_task);
452
453	// if we arrive here, something went wrong
454	rcube_error::raise(
455	array(
456	'code' => 404,
457	'type' => 'php',
458	'line' => __LINE__,
459	'file' => __FILE__,
460	'message' => "Invalid request"
461	),
462	TRUE,
463	TRUE
464	);
465	?>

Note: See TracBrowser for help on using the browser.

RoundCube Webmail

Context Navigation

root/branches/devel-vnext/index.php

Download in other formats: