Context Navigation

source: subversion/trunk/roundcubemail/program/include/rcmail.php @ 3967

Last change on this file since 3967 was 3967, checked in by alec, 3 years ago
Fix: close() method of addressbook object(s) is not called in shutdown function
Property svn:keywords set to `Id`
File size: 35.3 KB

Line
1	<?php
2
3	/*
4	+-----------------------------------------------------------------------+
5	\| program/include/rcmail.php \|
6	\| \|
7	\| This file is part of the RoundCube Webmail client \|
8	\| Copyright (C) 2008-2010, RoundCube Dev. - Switzerland \|
9	\| Licensed under the GNU GPL \|
10	\| \|
11	\| PURPOSE: \|
12	\| Application class providing core functions and holding \|
13	\| instances of all 'global' objects like db- and imap-connections \|
14	+-----------------------------------------------------------------------+
15	\| Author: Thomas Bruederli <roundcube@gmail.com> \|
16	+-----------------------------------------------------------------------+
17
18	$Id$
19
20	*/
21
22
23	/**
24	* Application class of RoundCube Webmail
25	* implemented as singleton
26	*
27	* @package Core
28	*/
29	class rcmail
30	{
31	static public $main_tasks = array('mail','settings','addressbook','login','logout','utils','dummy');
32
33	static private $instance;
34
35	public $config;
36	public $user;
37	public $db;
38	public $session;
39	public $smtp;
40	public $imap;
41	public $output;
42	public $plugins;
43	public $task;
44	public $action = '';
45	public $comm_path = './';
46
47	private $texts;
48	private $books = array();
49
50
51	/**
52	* This implements the 'singleton' design pattern
53	*
54	* @return object rcmail The one and only instance
55	*/
56	static function get_instance()
57	{
58	if (!self::$instance) {
59	self::$instance = new rcmail();
60	self::$instance->startup(); // init AFTER object was linked with self::$instance
61	}
62
63	return self::$instance;
64	}
65
66
67	/**
68	* Private constructor
69	*/
70	private function __construct()
71	{
72	// load configuration
73	$this->config = new rcube_config();
74
75	register_shutdown_function(array($this, 'shutdown'));
76	}
77
78
79	/**
80	* Initial startup function
81	* to register session, create database and imap connections
82	*
83	* @todo Remove global vars $DB, $USER
84	*/
85	private function startup()
86	{
87	// initialize syslog
88	if ($this->config->get('log_driver') == 'syslog') {
89	$syslog_id = $this->config->get('syslog_id', 'roundcube');
90	$syslog_facility = $this->config->get('syslog_facility', LOG_USER);
91	openlog($syslog_id, LOG_ODELAY, $syslog_facility);
92	}
93
94	// connect to database
95	$GLOBALS['DB'] = $this->get_dbh();
96
97	// start session
98	$this->session_init();
99
100	// create user object
101	$this->set_user(new rcube_user($_SESSION['user_id']));
102
103	// configure session (after user config merge!)
104	$this->session_configure();
105
106	// set task and action properties
107	$this->set_task(get_input_value('_task', RCUBE_INPUT_GPC));
108	$this->action = asciiwords(get_input_value('_action', RCUBE_INPUT_GPC));
109
110	// reset some session parameters when changing task
111	if ($this->task != 'utils') {
112	if ($this->session && $_SESSION['task'] != $this->task)
113	$this->session->remove('page');
114	// set current task to session
115	$_SESSION['task'] = $this->task;
116	}
117
118	// init output class
119	if (!empty($_REQUEST['_remote']))
120	$GLOBALS['OUTPUT'] = $this->json_init();
121	else
122	$GLOBALS['OUTPUT'] = $this->load_gui(!empty($_REQUEST['_framed']));
123
124	// create plugin API and load plugins
125	$this->plugins = rcube_plugin_api::get_instance();
126
127	// init plugins
128	$this->plugins->init();
129	}
130
131
132	/**
133	* Setter for application task
134	*
135	* @param string Task to set
136	*/
137	public function set_task($task)
138	{
139	$task = asciiwords($task);
140
141	if ($this->user && $this->user->ID)
142	$task = !$task \|\| $task == 'login' ? 'mail' : $task;
143	else
144	$task = 'login';
145
146	$this->task = $task;
147	$this->comm_path = $this->url(array('task' => $this->task));
148
149	if ($this->output)
150	$this->output->set_env('task', $this->task);
151	}
152
153
154	/**
155	* Setter for system user object
156	*
157	* @param object rcube_user Current user instance
158	*/
159	public function set_user($user)
160	{
161	if (is_object($user)) {
162	$this->user = $user;
163	$GLOBALS['USER'] = $this->user;
164
165	// overwrite config with user preferences
166	$this->config->set_user_prefs((array)$this->user->get_prefs());
167	}
168
169	$_SESSION['language'] = $this->user->language = $this->language_prop($this->config->get('language', $_SESSION['language']));
170
171	// set localization
172	setlocale(LC_ALL, $_SESSION['language'] . '.utf8', 'en_US.utf8');
173
174	// workaround for http://bugs.php.net/bug.php?id=18556
175	if (in_array($_SESSION['language'], array('tr_TR', 'ku', 'az_AZ')))
176	setlocale(LC_CTYPE, 'en_US' . '.utf8');
177	}
178
179
180	/**
181	* Check the given string and return a valid language code
182	*
183	* @param string Language code
184	* @return string Valid language code
185	*/
186	private function language_prop($lang)
187	{
188	static $rcube_languages, $rcube_language_aliases;
189
190	// user HTTP_ACCEPT_LANGUAGE if no language is specified
191	if (empty($lang) \|\| $lang == 'auto') {
192	$accept_langs = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
193	$lang = str_replace('-', '_', $accept_langs[0]);
194	}
195
196	if (empty($rcube_languages)) {
197	@include(INSTALL_PATH . 'program/localization/index.inc');
198	}
199
200	// check if we have an alias for that language
201	if (!isset($rcube_languages[$lang]) && isset($rcube_language_aliases[$lang])) {
202	$lang = $rcube_language_aliases[$lang];
203	}
204	// try the first two chars
205	else if (!isset($rcube_languages[$lang])) {
206	$short = substr($lang, 0, 2);
207
208	// check if we have an alias for the short language code
209	if (!isset($rcube_languages[$short]) && isset($rcube_language_aliases[$short])) {
210	$lang = $rcube_language_aliases[$short];
211	}
212	// expand 'nn' to 'nn_NN'
213	else if (!isset($rcube_languages[$short])) {
214	$lang = $short.'_'.strtoupper($short);
215	}
216	}
217
218	if (!isset($rcube_languages[$lang]) \|\| !is_dir(INSTALL_PATH . 'program/localization/' . $lang)) {
219	$lang = 'en_US';
220	}
221
222	return $lang;
223	}
224
225
226	/**
227	* Get the current database connection
228	*
229	* @return object rcube_mdb2 Database connection object
230	*/
231	public function get_dbh()
232	{
233	if (!$this->db) {
234	$config_all = $this->config->all();
235
236	$this->db = new rcube_mdb2($config_all['db_dsnw'], $config_all['db_dsnr'], $config_all['db_persistent']);
237	$this->db->sqlite_initials = INSTALL_PATH . 'SQL/sqlite.initial.sql';
238	$this->db->set_debug((bool)$config_all['sql_debug']);
239	$this->db->db_connect('w');
240	}
241
242	return $this->db;
243	}
244
245
246	/**
247	* Return instance of the internal address book class
248	*
249	* @param string Address book identifier
250	* @param boolean True if the address book needs to be writeable
251	* @return object rcube_contacts Address book object
252	*/
253	public function get_address_book($id, $writeable = false)
254	{
255	$contacts = null;
256	$ldap_config = (array)$this->config->get('ldap_public');
257	$abook_type = strtolower($this->config->get('address_book_type'));
258
259	$plugin = $this->plugins->exec_hook('addressbook_get', array('id' => $id, 'writeable' => $writeable));
260
261	// plugin returned instance of a rcube_addressbook
262	if ($plugin['instance'] instanceof rcube_addressbook) {
263	$contacts = $plugin['instance'];
264	}
265	else if ($id && $ldap_config[$id]) {
266	$contacts = new rcube_ldap($ldap_config[$id], $this->config->get('ldap_debug'), $this->config->mail_domain($_SESSION['imap_host']));
267	}
268	else if ($id === '0') {
269	$contacts = new rcube_contacts($this->db, $this->user->ID);
270	}
271	else if ($abook_type == 'ldap') {
272	// Use the first writable LDAP address book.
273	foreach ($ldap_config as $id => $prop) {
274	if (!$writeable \|\| $prop['writable']) {
275	$contacts = new rcube_ldap($prop, $this->config->get('ldap_debug'), $this->config->mail_domain($_SESSION['imap_host']));
276	break;
277	}
278	}
279	}
280	else { // $id == 'sql'
281	$contacts = new rcube_contacts($this->db, $this->user->ID);
282	}
283
284	// add to the 'books' array for shutdown function
285	if (!in_array($contacts, $this->books))
286	$this->books[] = $contacts;
287
288	return $contacts;
289	}
290
291
292	/**
293	* Return address books list
294	*
295	* @param boolean True if the address book needs to be writeable
296	* @return array Address books array
297	*/
298	public function get_address_sources($writeable = false)
299	{
300	$abook_type = strtolower($this->config->get('address_book_type'));
301	$ldap_config = $this->config->get('ldap_public');
302	$autocomplete = (array) $this->config->get('autocomplete_addressbooks');
303	$list = array();
304
305	// We are using the DB address book
306	if ($abook_type != 'ldap') {
307	$contacts = new rcube_contacts($this->db, null);
308	$list['0'] = array(
309	'id' => 0,
310	'name' => rcube_label('personaladrbook'),
311	'groups' => $contacts->groups,
312	'readonly' => false,
313	'autocomplete' => in_array('sql', $autocomplete)
314	);
315	}
316
317	if ($ldap_config) {
318	$ldap_config = (array) $ldap_config;
319	foreach ($ldap_config as $id => $prop)
320	$list[$id] = array(
321	'id' => $id,
322	'name' => $prop['name'],
323	'groups' => false,
324	'readonly' => !$prop['writable'],
325	'autocomplete' => in_array('sql', $autocomplete)
326	);
327	}
328
329	$plugin = $this->plugins->exec_hook('addressbooks_list', array('sources' => $list));
330	$list = $plugin['sources'];
331
332	if ($writeable && !empty($list)) {
333	foreach ($list as $idx => $item) {
334	if ($item['readonly']) {
335	unset($list[$idx]);
336	}
337	}
338	}
339
340	return $list;
341	}
342
343
344	/**
345	* Init output object for GUI and add common scripts.
346	* This will instantiate a rcmail_template object and set
347	* environment vars according to the current session and configuration
348	*
349	* @param boolean True if this request is loaded in a (i)frame
350	* @return object rcube_template Reference to HTML output object
351	*/
352	public function load_gui($framed = false)
353	{
354	// init output page
355	if (!($this->output instanceof rcube_template))
356	$this->output = new rcube_template($this->task, $framed);
357
358	// set keep-alive/check-recent interval
359	if ($this->session && ($keep_alive = $this->session->get_keep_alive())) {
360	$this->output->set_env('keep_alive', $keep_alive);
361	}
362
363	if ($framed) {
364	$this->comm_path .= '&_framed=1';
365	$this->output->set_env('framed', true);
366	}
367
368	$this->output->set_env('task', $this->task);
369	$this->output->set_env('action', $this->action);
370	$this->output->set_env('comm_path', $this->comm_path);
371	$this->output->set_charset(RCMAIL_CHARSET);
372
373	// add some basic label to client
374	$this->output->add_label('loading', 'servererror');
375
376	return $this->output;
377	}
378
379
380	/**
381	* Create an output object for JSON responses
382	*
383	* @return object rcube_json_output Reference to JSON output object
384	*/
385	public function json_init()
386	{
387	if (!($this->output instanceof rcube_json_output))
388	$this->output = new rcube_json_output($this->task);
389
390	return $this->output;
391	}
392
393
394	/**
395	* Create SMTP object and connect to server
396	*
397	* @param boolean True if connection should be established
398	*/
399	public function smtp_init($connect = false)
400	{
401	$this->smtp = new rcube_smtp();
402
403	if ($connect)
404	$this->smtp->connect();
405	}
406
407
408	/**
409	* Create global IMAP object and connect to server
410	*
411	* @param boolean True if connection should be established
412	* @todo Remove global $IMAP
413	*/
414	public function imap_init($connect = false)
415	{
416	// already initialized
417	if (is_object($this->imap))
418	return;
419
420	$this->imap = new rcube_imap($this->db);
421	$this->imap->debug_level = $this->config->get('debug_level');
422	$this->imap->skip_deleted = $this->config->get('skip_deleted');
423
424	// enable caching of imap data
425	if ($this->config->get('enable_caching')) {
426	$this->imap->set_caching(true);
427	}
428
429	// set pagesize from config
430	$this->imap->set_pagesize($this->config->get('pagesize', 50));
431
432	// Setting root and delimiter before establishing the connection
433	// can save time detecting them using NAMESPACE and LIST
434	$options = array(
435	'auth_method' => $this->config->get('imap_auth_type', 'check'),
436	'delimiter' => isset($_SESSION['imap_delimiter']) ? $_SESSION['imap_delimiter'] : $this->config->get('imap_delimiter'),
437	'rootdir' => isset($_SESSION['imap_root']) ? $_SESSION['imap_root'] : $this->config->get('imap_root'),
438	'debug_mode' => (bool) $this->config->get('imap_debug', 0),
439	'force_caps' => (bool) $this->config->get('imap_force_caps'),
440	'timeout' => (int) $this->config->get('imap_timeout', 0),
441	);
442
443	$this->imap->set_options($options);
444
445	// set global object for backward compatibility
446	$GLOBALS['IMAP'] = $this->imap;
447
448	$hook = $this->plugins->exec_hook('imap_init', array('fetch_headers' => $this->imap->fetch_add_headers));
449	if ($hook['fetch_headers'])
450	$this->imap->fetch_add_headers = $hook['fetch_headers'];
451
452	// support this parameter for backward compatibility but log warning
453	if ($connect) {
454	$this->imap_connect();
455	raise_error(array('code' => 800, 'type' => 'imap', 'file' => __FILE__,
456	'message' => "rcube::imap_init(true) is deprecated, use rcube::imap_connect() instead"), true, false);
457	}
458	}
459
460
461	/**
462	* Connect to IMAP server with stored session data
463	*
464	* @return bool True on success, false on error
465	*/
466	public function imap_connect()
467	{
468	if (!$this->imap)
469	$this->imap_init();
470
471	if ($_SESSION['imap_host'] && !$this->imap->conn->connected()) {
472	if (!$this->imap->connect($_SESSION['imap_host'], $_SESSION['username'], $this->decrypt($_SESSION['password']), $_SESSION['imap_port'], $_SESSION['imap_ssl'])) {
473	if ($this->output)
474	$this->output->show_message($this->imap->error_code == -1 ? 'imaperror' : 'sessionerror', 'error');
475	}
476	else {
477	$this->set_imap_prop();
478	return $this->imap->conn;
479	}
480	}
481
482	return false;
483	}
484
485
486	/**
487	* Create session object and start the session.
488	*/
489	public function session_init()
490	{
491	// session started (Installer?)
492	if (session_id())
493	return;
494
495	$lifetime = $this->config->get('session_lifetime', 0) * 60;
496
497	// set session domain
498	if ($domain = $this->config->get('session_domain')) {
499	ini_set('session.cookie_domain', $domain);
500	}
501	// set session garbage collecting time according to session_lifetime
502	if ($lifetime) {
503	ini_set('session.gc_maxlifetime', $lifetime * 2);
504	}
505
506	ini_set('session.cookie_secure', rcube_https_check());
507	ini_set('session.name', 'roundcube_sessid');
508	ini_set('session.use_cookies', 1);
509	ini_set('session.use_only_cookies', 1);
510	ini_set('session.serialize_handler', 'php');
511
512	// use database for storing session data
513	$this->session = new rcube_session($this->get_dbh(), $lifetime);
514
515	$this->session->register_gc_handler('rcmail_temp_gc');
516	if ($this->config->get('enable_caching'))
517	$this->session->register_gc_handler('rcmail_cache_gc');
518
519	// start PHP session (if not in CLI mode)
520	if ($_SERVER['REMOTE_ADDR'])
521	session_start();
522
523	// set initial session vars
524	if (!isset($_SESSION['auth_time'])) {
525	$_SESSION['auth_time'] = time();
526	$_SESSION['temp'] = true;
527	}
528	}
529
530
531	/**
532	* Configure session object internals
533	*/
534	public function session_configure()
535	{
536	if (!$this->session)
537	return;
538
539	$lifetime = $this->config->get('session_lifetime', 0) * 60;
540
541	// set keep-alive/check-recent interval
542	if ($keep_alive = $this->config->get('keep_alive')) {
543	// be sure that it's less than session lifetime
544	if ($lifetime)
545	$keep_alive = min($keep_alive, $lifetime - 30);
546	$keep_alive = max(60, $keep_alive);
547	$this->session->set_keep_alive($keep_alive);
548	}
549	}
550
551
552	/**
553	* Perfom login to the IMAP server and to the webmail service.
554	* This will also create a new user entry if auto_create_user is configured.
555	*
556	* @param string IMAP user name
557	* @param string IMAP password
558	* @param string IMAP host
559	* @return boolean True on success, False on failure
560	*/
561	function login($username, $pass, $host=NULL)
562	{
563	$user = NULL;
564	$config = $this->config->all();
565
566	if (!$host)
567	$host = $config['default_host'];
568
569	// Validate that selected host is in the list of configured hosts
570	if (is_array($config['default_host'])) {
571	$allowed = false;
572	foreach ($config['default_host'] as $key => $host_allowed) {
573	if (!is_numeric($key))
574	$host_allowed = $key;
575	if ($host == $host_allowed) {
576	$allowed = true;
577	break;
578	}
579	}
580	if (!$allowed)
581	return false;
582	}
583	else if (!empty($config['default_host']) && $host != rcube_parse_host($config['default_host']))
584	return false;
585
586	// parse $host URL
587	$a_host = parse_url($host);
588	if ($a_host['host']) {
589	$host = $a_host['host'];
590	$imap_ssl = (isset($a_host['scheme']) && in_array($a_host['scheme'], array('ssl','imaps','tls'))) ? $a_host['scheme'] : null;
591	if(!empty($a_host['port']))
592	$imap_port = $a_host['port'];
593	else if ($imap_ssl && $imap_ssl != 'tls' && (!$config['default_port'] \|\| $config['default_port'] == 143))
594	$imap_port = 993;
595	}
596
597	$imap_port = $imap_port ? $imap_port : $config['default_port'];
598
599	/* Modify username with domain if required
600	Inspired by Marco <P0L0_notspam_binware.org>
601	*/
602	// Check if we need to add domain
603	if (!empty($config['username_domain']) && strpos($username, '@') === false) {
604	if (is_array($config['username_domain']) && isset($config['username_domain'][$host]))
605	$username .= '@'.rcube_parse_host($config['username_domain'][$host]);
606	else if (is_string($config['username_domain']))
607	$username .= '@'.rcube_parse_host($config['username_domain']);
608	}
609
610	// try to resolve email address from virtuser table
611	if (strpos($username, '@'))
612	if ($virtuser = rcube_user::email2user($username))
613	$username = $virtuser;
614
615	// lowercase username if it's an e-mail address (#1484473)
616	if (strpos($username, '@'))
617	$username = mb_strtolower($username);
618
619	// user already registered -> overwrite username
620	if ($user = rcube_user::query($username, $host))
621	$username = $user->data['username'];
622
623	if (!$this->imap)
624	$this->imap_init();
625
626	// exit if IMAP login failed
627	if (!($imap_login = $this->imap->connect($host, $username, $pass, $imap_port, $imap_ssl)))
628	return false;
629
630	$this->set_imap_prop();
631
632	// user already registered -> update user's record
633	if (is_object($user)) {
634	// create default folders on first login
635	if (!$user->data['last_login'] && $config['create_default_folders'])
636	$this->imap->create_default_folders();
637	$user->touch();
638	}
639	// create new system user
640	else if ($config['auto_create_user']) {
641	if ($created = rcube_user::create($username, $host)) {
642	$user = $created;
643	// create default folders on first login
644	if ($config['create_default_folders'])
645	$this->imap->create_default_folders();
646	}
647	else {
648	raise_error(array(
649	'code' => 600, 'type' => 'php',
650	'file' => __FILE__, 'line' => __LINE__,
651	'message' => "Failed to create a user record. Maybe aborted by a plugin?"
652	), true, false);
653	}
654	}
655	else {
656	raise_error(array(
657	'code' => 600, 'type' => 'php',
658	'file' => __FILE__, 'line' => __LINE__,
659	'message' => "Acces denied for new user $username. 'auto_create_user' is disabled"
660	), true, false);
661	}
662
663	// login succeeded
664	if (is_object($user) && $user->ID) {
665	$this->set_user($user);
666
667	// set session vars
668	$_SESSION['user_id'] = $user->ID;
669	$_SESSION['username'] = $user->data['username'];
670	$_SESSION['imap_host'] = $host;
671	$_SESSION['imap_port'] = $imap_port;
672	$_SESSION['imap_ssl'] = $imap_ssl;
673	$_SESSION['password'] = $this->encrypt($pass);
674	$_SESSION['login_time'] = mktime();
675
676	if (isset($_REQUEST['_timezone']) && $_REQUEST['_timezone'] != '_default_')
677	$_SESSION['timezone'] = floatval($_REQUEST['_timezone']);
678
679	// force reloading complete list of subscribed mailboxes
680	$this->imap->clear_cache('mailboxes');
681
682	return true;
683	}
684
685	return false;
686	}
687
688
689	/**
690	* Set root dir and last stored mailbox
691	* This must be done AFTER connecting to the server!
692	*/
693	public function set_imap_prop()
694	{
695	$this->imap->set_charset($this->config->get('default_charset', RCMAIL_CHARSET));
696
697	if ($default_folders = $this->config->get('default_imap_folders')) {
698	$this->imap->set_default_mailboxes($default_folders);
699	}
700	if (!empty($_SESSION['mbox'])) {
701	$this->imap->set_mailbox($_SESSION['mbox']);
702	}
703	if (isset($_SESSION['page'])) {
704	$this->imap->set_page($_SESSION['page']);
705	}
706
707	// cache IMAP root and delimiter in session for performance reasons
708	$_SESSION['imap_root'] = $this->imap->root_dir;
709	$_SESSION['imap_delimiter'] = $this->imap->delimiter;
710	}
711
712
713	/**
714	* Auto-select IMAP host based on the posted login information
715	*
716	* @return string Selected IMAP host
717	*/
718	public function autoselect_host()
719	{
720	$default_host = $this->config->get('default_host');
721	$host = null;
722
723	if (is_array($default_host)) {
724	$post_host = get_input_value('_host', RCUBE_INPUT_POST);
725
726	// direct match in default_host array
727	if ($default_host[$post_host] \|\| in_array($post_host, array_values($default_host))) {
728	$host = $post_host;
729	}
730
731	// try to select host by mail domain
732	list($user, $domain) = explode('@', get_input_value('_user', RCUBE_INPUT_POST));
733	if (!empty($domain)) {
734	foreach ($default_host as $imap_host => $mail_domains) {
735	if (is_array($mail_domains) && in_array($domain, $mail_domains)) {
736	$host = $imap_host;
737	break;
738	}
739	}
740	}
741
742	// take the first entry if $host is still an array
743	if (empty($host)) {
744	$host = array_shift($default_host);
745	}
746	}
747	else if (empty($default_host)) {
748	$host = get_input_value('_host', RCUBE_INPUT_POST);
749	}
750	else
751	$host = rcube_parse_host($default_host);
752
753	return $host;
754	}
755
756
757	/**
758	* Get localized text in the desired language
759	*
760	* @param mixed Named parameters array or label name
761	* @return string Localized text
762	*/
763	public function gettext($attrib, $domain=null)
764	{
765	// load localization files if not done yet
766	if (empty($this->texts))
767	$this->load_language();
768
769	// extract attributes
770	if (is_string($attrib))
771	$attrib = array('name' => $attrib);
772
773	$nr = is_numeric($attrib['nr']) ? $attrib['nr'] : 1;
774	$name = $attrib['name'] ? $attrib['name'] : '';
775
776	// check for text with domain
777	if ($domain && ($text_item = $this->texts[$domain.'.'.$name]))
778	;
779	// text does not exist
780	else if (!($text_item = $this->texts[$name])) {
781	return "[$name]";
782	}
783
784	// make text item array
785	$a_text_item = is_array($text_item) ? $text_item : array('single' => $text_item);
786
787	// decide which text to use
788	if ($nr == 1) {
789	$text = $a_text_item['single'];
790	}
791	else if ($nr > 0) {
792	$text = $a_text_item['multiple'];
793	}
794	else if ($nr == 0) {
795	if ($a_text_item['none'])
796	$text = $a_text_item['none'];
797	else if ($a_text_item['single'])
798	$text = $a_text_item['single'];
799	else if ($a_text_item['multiple'])
800	$text = $a_text_item['multiple'];
801	}
802
803	// default text is single
804	if ($text == '') {
805	$text = $a_text_item['single'];
806	}
807
808	// replace vars in text
809	if (is_array($attrib['vars'])) {
810	foreach ($attrib['vars'] as $var_key => $var_value)
811	$text = str_replace($var_key[0]!='$' ? '$'.$var_key : $var_key, $var_value, $text);
812	}
813
814	// format output
815	if (($attrib['uppercase'] && strtolower($attrib['uppercase']=='first')) \|\| $attrib['ucfirst'])
816	return ucfirst($text);
817	else if ($attrib['uppercase'])
818	return mb_strtoupper($text);
819	else if ($attrib['lowercase'])
820	return mb_strtolower($text);
821
822	return $text;
823	}
824
825
826	/**
827	* Load a localization package
828	*
829	* @param string Language ID
830	*/
831	public function load_language($lang = null, $add = array())
832	{
833	$lang = $this->language_prop(($lang ? $lang : $_SESSION['language']));
834
835	// load localized texts
836	if (empty($this->texts) \|\| $lang != $_SESSION['language']) {
837	$this->texts = array();
838
839	// get english labels (these should be complete)
840	@include(INSTALL_PATH . 'program/localization/en_US/labels.inc');
841	@include(INSTALL_PATH . 'program/localization/en_US/messages.inc');
842
843	if (is_array($labels))
844	$this->texts = $labels;
845	if (is_array($messages))
846	$this->texts = array_merge($this->texts, $messages);
847
848	// include user language files
849	if ($lang != 'en' && is_dir(INSTALL_PATH . 'program/localization/' . $lang)) {
850	include_once(INSTALL_PATH . 'program/localization/' . $lang . '/labels.inc');
851	include_once(INSTALL_PATH . 'program/localization/' . $lang . '/messages.inc');
852
853	if (is_array($labels))
854	$this->texts = array_merge($this->texts, $labels);
855	if (is_array($messages))
856	$this->texts = array_merge($this->texts, $messages);
857	}
858
859	$_SESSION['language'] = $lang;
860	}
861
862	// append additional texts (from plugin)
863	if (is_array($add) && !empty($add))
864	$this->texts += $add;
865	}
866
867
868	/**
869	* Read directory program/localization and return a list of available languages
870	*
871	* @return array List of available localizations
872	*/
873	public function list_languages()
874	{
875	static $sa_languages = array();
876
877	if (!sizeof($sa_languages)) {
878	@include(INSTALL_PATH . 'program/localization/index.inc');
879
880	if ($dh = @opendir(INSTALL_PATH . 'program/localization')) {
881	while (($name = readdir($dh)) !== false) {
882	if ($name[0] == '.' \|\| !is_dir(INSTALL_PATH . 'program/localization/' . $name))
883	continue;
884
885	if ($label = $rcube_languages[$name])
886	$sa_languages[$name] = $label;
887	}
888	closedir($dh);
889	}
890	}
891
892	return $sa_languages;
893	}
894
895
896	/**
897	* Check the auth hash sent by the client against the local session credentials
898	*
899	* @return boolean True if valid, False if not
900	*/
901	function authenticate_session()
902	{
903	// advanced session authentication
904	if ($this->config->get('double_auth')) {
905	$now = time();
906	$valid = ($_COOKIE['sessauth'] == $this->get_auth_hash(session_id(), $_SESSION['auth_time']) \|\|
907	$_COOKIE['sessauth'] == $this->get_auth_hash(session_id(), $_SESSION['last_auth']));
908
909	// renew auth cookie every 5 minutes (only for GET requests)
910	if (!$valid \|\| ($_SERVER['REQUEST_METHOD']!='POST' && $now - $_SESSION['auth_time'] > 300)) {
911	$_SESSION['last_auth'] = $_SESSION['auth_time'];
912	$_SESSION['auth_time'] = $now;
913	rcmail::setcookie('sessauth', $this->get_auth_hash(session_id(), $now), 0);
914	}
915	}
916	else {
917	$valid = $this->config->get('ip_check') ? $_SERVER['REMOTE_ADDR'] == $this->session->get_ip() : true;
918	}
919
920	// check session filetime
921	$lifetime = $this->config->get('session_lifetime');
922	$sess_ts = $this->session->get_ts();
923	if (!empty($lifetime) && !empty($sess_ts) && $sess_ts + $lifetime*60 < time()) {
924	$valid = false;
925	}
926
927	return $valid;
928	}
929
930
931	/**
932	* Destroy session data and remove cookie
933	*/
934	public function kill_session()
935	{
936	$this->plugins->exec_hook('session_destroy');
937
938	$this->session->remove();
939	$_SESSION = array('language' => $this->user->language, 'auth_time' => time(), 'temp' => true);
940	rcmail::setcookie('sessauth', '-del-', time() - 60);
941	$this->user->reset();
942	}
943
944
945	/**
946	* Do server side actions on logout
947	*/
948	public function logout_actions()
949	{
950	$config = $this->config->all();
951
952	// on logout action we're not connected to imap server
953	if (($config['logout_purge'] && !empty($config['trash_mbox'])) \|\| $config['logout_expunge']) {
954	if (!$this->authenticate_session())
955	return;
956
957	$this->imap_connect();
958	}
959
960	if ($config['logout_purge'] && !empty($config['trash_mbox'])) {
961	$this->imap->clear_mailbox($config['trash_mbox']);
962	}
963
964	if ($config['logout_expunge']) {
965	$this->imap->expunge('INBOX');
966	}
967	}
968
969
970	/**
971	* Function to be executed in script shutdown
972	* Registered with register_shutdown_function()
973	*/
974	public function shutdown()
975	{
976	if (is_object($this->imap))
977	$this->imap->close();
978
979	if (is_object($this->smtp))
980	$this->smtp->disconnect();
981
982	foreach ($this->books as $book)
983	if (is_object($book))
984	$book->close();
985
986	// before closing the database connection, write session data
987	if ($_SERVER['REMOTE_ADDR'])
988	session_write_close();
989
990	// write performance stats to logs/console
991	if ($this->config->get('devel_mode')) {
992	if (function_exists('memory_get_usage'))
993	$mem = show_bytes(memory_get_usage());
994	if (function_exists('memory_get_peak_usage'))
995	$mem .= '/'.show_bytes(memory_get_peak_usage());
996
997	$log = $this->task . ($this->action ? '/'.$this->action : '') . ($mem ? " [$mem]" : '');
998	if (defined('RCMAIL_START'))
999	rcube_print_time(RCMAIL_START, $log);
1000	else
1001	console($log);
1002	}
1003	}
1004
1005
1006	/**
1007	* Generate a unique token to be used in a form request
1008	*
1009	* @return string The request token
1010	*/
1011	public function get_request_token()
1012	{
1013	$key = $this->task;
1014
1015	if (!$_SESSION['request_tokens'][$key])
1016	$_SESSION['request_tokens'][$key] = md5(uniqid($key . mt_rand(), true));
1017
1018	return $_SESSION['request_tokens'][$key];
1019	}
1020
1021
1022	/**
1023	* Check if the current request contains a valid token
1024	*
1025	* @param int Request method
1026	* @return boolean True if request token is valid false if not
1027	*/
1028	public function check_request($mode = RCUBE_INPUT_POST)
1029	{
1030	$token = get_input_value('_token', $mode);
1031	return !empty($token) && $_SESSION['request_tokens'][$this->task] == $token;
1032	}
1033
1034
1035	/**
1036	* Create unique authorization hash
1037	*
1038	* @param string Session ID
1039	* @param int Timestamp
1040	* @return string The generated auth hash
1041	*/
1042	private function get_auth_hash($sess_id, $ts)
1043	{
1044	$auth_string = sprintf('rcmailsess%sR%sChk:%s;%s',
1045	$sess_id,
1046	$ts,
1047	$this->config->get('ip_check') ? $_SERVER['REMOTE_ADDR'] : '*...*',
1048	$_SERVER['HTTP_USER_AGENT']);
1049
1050	if (function_exists('sha1'))
1051	return sha1($auth_string);
1052	else
1053	return md5($auth_string);
1054	}
1055
1056
1057	/**
1058	* Encrypt using 3DES
1059	*
1060	* @param string $clear clear text input
1061	* @param string $key encryption key to retrieve from the configuration, defaults to 'des_key'
1062	* @param boolean $base64 whether or not to base64_encode() the result before returning
1063	*
1064	* @return string encrypted text
1065	*/
1066	public function encrypt($clear, $key = 'des_key', $base64 = true)
1067	{
1068	if (!$clear)
1069	return '';
1070	/*-
1071	* Add a single canary byte to the end of the clear text, which
1072	* will help find out how much of padding will need to be removed
1073	* upon decryption; see http://php.net/mcrypt_generic#68082
1074	*/
1075	$clear = pack("a*H2", $clear, "80");
1076
1077	if (function_exists('mcrypt_module_open') &&
1078	($td = mcrypt_module_open(MCRYPT_TripleDES, "", MCRYPT_MODE_CBC, "")))
1079	{
1080	$iv = $this->create_iv(mcrypt_enc_get_iv_size($td));
1081	mcrypt_generic_init($td, $this->config->get_crypto_key($key), $iv);
1082	$cipher = $iv . mcrypt_generic($td, $clear);
1083	mcrypt_generic_deinit($td);
1084	mcrypt_module_close($td);
1085	}
1086	else {
1087	@include_once('lib/des.inc');
1088
1089	if (function_exists('des')) {
1090	$des_iv_size = 8;
1091	$iv = $this->create_iv($des_iv_size);
1092	$cipher = $iv . des($this->config->get_crypto_key($key), $clear, 1, 1, $iv);
1093	}
1094	else {
1095	raise_error(array(
1096	'code' => 500, 'type' => 'php',
1097	'file' => __FILE__, 'line' => __LINE__,
1098	'message' => "Could not perform encryption; make sure Mcrypt is installed or lib/des.inc is available"
1099	), true, true);
1100	}
1101	}
1102
1103	return $base64 ? base64_encode($cipher) : $cipher;
1104	}
1105
1106	/**
1107	* Decrypt 3DES-encrypted string
1108	*
1109	* @param string $cipher encrypted text
1110	* @param string $key encryption key to retrieve from the configuration, defaults to 'des_key'
1111	* @param boolean $base64 whether or not input is base64-encoded
1112	*
1113	* @return string decrypted text
1114	*/
1115	public function decrypt($cipher, $key = 'des_key', $base64 = true)
1116	{
1117	if (!$cipher)
1118	return '';
1119
1120	$cipher = $base64 ? base64_decode($cipher) : $cipher;
1121
1122	if (function_exists('mcrypt_module_open') &&
1123	($td = mcrypt_module_open(MCRYPT_TripleDES, "", MCRYPT_MODE_CBC, "")))
1124	{
1125	$iv = substr($cipher, 0, mcrypt_enc_get_iv_size($td));
1126	$cipher = substr($cipher, mcrypt_enc_get_iv_size($td));
1127	mcrypt_generic_init($td, $this->config->get_crypto_key($key), $iv);
1128	$clear = mdecrypt_generic($td, $cipher);
1129	mcrypt_generic_deinit($td);
1130	mcrypt_module_close($td);
1131	}
1132	else {
1133	@include_once('lib/des.inc');
1134
1135	if (function_exists('des')) {
1136	$des_iv_size = 8;
1137	$iv = substr($cipher, 0, $des_iv_size);
1138	$cipher = substr($cipher, $des_iv_size);
1139	$clear = des($this->config->get_crypto_key($key), $cipher, 0, 1, $iv);
1140	}
1141	else {
1142	raise_error(array(
1143	'code' => 500, 'type' => 'php',
1144	'file' => __FILE__, 'line' => __LINE__,
1145	'message' => "Could not perform decryption; make sure Mcrypt is installed or lib/des.inc is available"
1146	), true, true);
1147	}
1148	}
1149
1150	/*-
1151	* Trim PHP's padding and the canary byte; see note in
1152	* rcmail::encrypt() and http://php.net/mcrypt_generic#68082
1153	*/
1154	$clear = substr(rtrim($clear, "\0"), 0, -1);
1155
1156	return $clear;
1157	}
1158
1159	/**
1160	* Generates encryption initialization vector (IV)
1161	*
1162	* @param int Vector size
1163	* @return string Vector string
1164	*/
1165	private function create_iv($size)
1166	{
1167	// mcrypt_create_iv() can be slow when system lacks entrophy
1168	// we'll generate IV vector manually
1169	$iv = '';
1170	for ($i = 0; $i < $size; $i++)
1171	$iv .= chr(mt_rand(0, 255));
1172	return $iv;
1173	}
1174
1175	/**
1176	* Build a valid URL to this instance of RoundCube
1177	*
1178	* @param mixed Either a string with the action or url parameters as key-value pairs
1179	* @return string Valid application URL
1180	*/
1181	public function url($p)
1182	{
1183	if (!is_array($p))
1184	$p = array('_action' => @func_get_arg(0));
1185
1186	$task = $p['_task'] ? $p['_task'] : ($p['task'] ? $p['task'] : $this->task);
1187	$p['_task'] = $task;
1188	unset($p['task']);
1189
1190	$url = './';
1191	$delm = '?';
1192	foreach (array_reverse($p) as $key => $val)
1193	{
1194	if (!empty($val)) {
1195	$par = $key[0] == '_' ? $key : '_'.$key;
1196	$url .= $delm.urlencode($par).'='.urlencode($val);
1197	$delm = '&';
1198	}
1199	}
1200	return $url;
1201	}
1202
1203
1204	/**
1205	* Helper method to set a cookie with the current path and host settings
1206	*
1207	* @param string Cookie name
1208	* @param string Cookie value
1209	* @param string Expiration time
1210	*/
1211	public static function setcookie($name, $value, $exp = 0)
1212	{
1213	if (headers_sent())
1214	return;
1215
1216	$cookie = session_get_cookie_params();
1217
1218	setcookie($name, $value, $exp, $cookie['path'], $cookie['domain'],
1219	rcube_https_check(), true);
1220	}
1221	}
1222
1223

Note: See TracBrowser for help on using the repository browser.

Download in other formats: