/**
* imap_general.php
*
- * Copyright (c) 1999-2002 The SquirrelMail Project Team
+ * Copyright (c) 1999-2003 The SquirrelMail Project Team
* Licensed under the GNU GPL. For full terms see the file COPYING.
*
* This implements all functions that do general imap functions.
*/
require_once(SM_PATH . 'functions/page_header.php');
+require_once(SM_PATH . 'functions/auth.php');
+
global $sqimap_session_id;
$sqimap_session_id = 1;
$read = '';
$buffer = 4096;
$results = '';
- while (strpos($read, "\n") === false) {
+ $offset = 0;
+ while (strpos($results, "\r\n", $offset) === false) {
if (!($read = fgets($imap_stream, $buffer))) {
break;
}
+ if ( $results != '' ) {
+ $offset = strlen($results) - 1;
+ }
$results .= $read;
}
return $results;
$string = "<b><font color=$color[2]>\n" .
_("ERROR : Could not complete request.") .
"</b><br>\n" .
- _("Query:") .
- $query . '<br>' .
+ _("Query:") . ' ' .
+ htmlspecialchars($query) . '<br>' .
_("Reason Given: ") .
- $message . "</font><br>\n";
+ htmlspecialchars($message) . "</font><br>\n";
error_box($string,$color);
exit;
}
$string = "<b><font color=$color[2]>\n" .
_("ERROR : Bad or malformed request.") .
"</b><br>\n" .
- _("Query:") .
- $query . '<br>' .
+ _("Query:") . ' '.
+ htmlspecialchars($query) . '<br>' .
_("Server responded: ") .
- $message . "</font><br>\n";
+ htmlspecialchars($message) . "</font><br>\n";
error_box($string,$color);
exit;
}
* will be displayed. This function returns the imap connection handle.
*/
function sqimap_login ($username, $password, $imap_server_address, $imap_port, $hide) {
- global $color, $squirrelmail_language, $onetimepad;
+ global $color, $squirrelmail_language, $onetimepad, $use_imap_tls, $imap_auth_mech;
+ if (!isset($onetimepad) || empty($onetimepad)) {
+ sqgetglobalvar('onetimepad' , $onetimepad , SQ_SESSION );
+ }
$imap_server_address = sqimap_get_user_server($imap_server_address, $username);
-
+ $host=$imap_server_address;
+
+ if (($use_imap_tls == true) and (check_php_version(4,3)) and (extension_loaded('openssl'))) {
+ /* Use TLS by prefixing "tls://" to the hostname */
+ $imap_server_address = 'tls://' . $imap_server_address;
+ }
+
$imap_stream = fsockopen ( $imap_server_address, $imap_port, $error_number, $error_string, 15);
/* Do some error correction */
/* Decrypt the password */
$password = OneTimePadDecrypt($password, $onetimepad);
- $query = 'LOGIN "' . quoteIMAP($username) . '" "' . quoteIMAP($password) . '"';
- $read = sqimap_run_command ($imap_stream, $query, false, $response, $message);
-
- /* If the connection was not successful, lets see why */
+ if (($imap_auth_mech == 'cram-md5') OR ($imap_auth_mech == 'digest-md5')) {
+ // We're using some sort of authentication OTHER than plain or login
+ $tag=sqimap_session_id(false);
+ if ($imap_auth_mech == 'digest-md5') {
+ $query = $tag . " AUTHENTICATE DIGEST-MD5\r\n";
+ } elseif ($imap_auth_mech == 'cram-md5') {
+ $query = $tag . " AUTHENTICATE CRAM-MD5\r\n";
+ }
+ fputs($imap_stream,$query);
+ $answer=sqimap_fgets($imap_stream);
+ // Trim the "+ " off the front
+ $response=explode(" ",$answer,3);
+ if ($response[0] == '+') {
+ // Got a challenge back
+ $challenge=$response[1];
+ if ($imap_auth_mech == 'digest-md5') {
+ $reply = digest_md5_response($username,$password,$challenge,'imap',$host);
+ } elseif ($imap_auth_mech == 'cram-md5') {
+ $reply = cram_md5_response($username,$password,$challenge);
+ }
+ fputs($imap_stream,$reply);
+ $read=sqimap_fgets($imap_stream);
+ if ($imap_auth_mech == 'digest-md5') {
+ // DIGEST-MD5 has an extra step..
+ if (substr($read,0,1) == '+') { // OK so far..
+ fputs($imap_stream,"\r\n");
+ $read=sqimap_fgets($imap_stream);
+ }
+ }
+ $results=explode(" ",$read,3);
+ $response=$results[1];
+ $message=$results[2];
+ } else {
+ // Fake the response, so the error trap at the bottom will work
+ $response="BAD";
+ $message='IMAP server does not appear to support the authentication method selected.';
+ $message .= ' Please contact your system administrator.';
+ }
+ } elseif ($imap_auth_mech == 'login') {
+ // Original IMAP login code
+ $query = 'LOGIN "' . quoteIMAP($username) . '" "' . quoteIMAP($password) . '"';
+ $read = sqimap_run_command ($imap_stream, $query, false, $response, $message);
+ } elseif ($imap_auth_mech == 'plain') {
+ /* Replace this with SASL PLAIN if it ever gets implemented */
+ $response="BAD";
+ $message='SquirrelMail does not support SASL PLAIN yet. Rerun conf.pl and use login instead.';
+ } else {
+ $response="BAD";
+ $message="Internal SquirrelMail error - unknown IMAP authentication method chosen. Please contact the developers.";
+ }
+
+ /* If the connection was not successful, lets see why */
if ($response != 'OK') {
if (!$hide) {
if ($response != 'NO') {
/* "BAD" and anything else gets reported here. */
+ $message = htmlspecialchars($message);
set_up_language($squirrelmail_language, true);
require_once(SM_PATH . 'functions/display_messages.php');
if ($response == 'BAD') {
} else {
$string = sprintf (_("Unknown error: %s") . "<br>\n", $message);
}
- $string .= '<br>' . _("Read data:") . "<br>\n";
- if (is_array($read)) {
+ if (isset($read) && is_array($read)) {
+ $string .= '<br>' . _("Read data:") . "<br>\n";
foreach ($read as $line) {
$string .= htmlspecialchars($line) . "<br>\n";
}
$string = sqimap_find_email($orig_string);
}
if( $string == '' || $string == ' ' ){
- $string = ' ';
+ $string = ' ';
}
}
elseif ( ereg('\((.*)\)', $string, $regs) ) {
if ( ereg('^(.+) \(', $string, $regs) ) {
$string = ereg_replace( ' \(\)$', '', $string );
} else {
- $string = ' ';
+ $string = ' ';
}
} else {
$string = $regs[1];
* Returns the number of unseen/total messages in this folder
*/
function sqimap_status_messages ($imap_stream, $mailbox) {
- $read_ary = sqimap_run_command ($imap_stream, "STATUS \"$mailbox\" (MESSAGES UNSEEN)", false, $result, $message);
+ $read_ary = sqimap_run_command ($imap_stream, "STATUS \"$mailbox\" (MESSAGES UNSEEN RECENT)", false, $result, $message);
$i = 0;
- $messages = $unseen = false;
+ $messages = $unseen = $recent = false;
$regs = array(false,false);
while (isset($read_ary[$i])) {
if (preg_match('/UNSEEN\s+([0-9]+)/i', $read_ary[$i], $regs)) {
if (preg_match('/MESSAGES\s+([0-9]+)/i', $read_ary[$i], $regs)) {
$messages = $regs[1];
}
+ if (preg_match('/RECENT\s+([0-9]+)/i', $read_ary[$i], $regs)) {
+ $recent = $regs[1];
+ }
$i++;
}
- return array('MESSAGES' => $messages, 'UNSEEN'=>$unseen);
+ return array('MESSAGES' => $messages, 'UNSEEN'=>$unseen, 'RECENT' => $recent);
}