X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=functions%2Fimap_mailbox.php;h=b6a36c0fe6eb07cdae63ed9a6e341173d800b087;hb=88f6f618ecbe146746c174660942131badc5aa39;hp=e9f9d6a48cd3a5684be0882934bdbb49d0d36478;hpb=ceb7ad3c6c336213e89b7144a025b752c29a2f6c;p=squirrelmail.git
diff --git a/functions/imap_mailbox.php b/functions/imap_mailbox.php
index e9f9d6a4..b6a36c0f 100755
--- a/functions/imap_mailbox.php
+++ b/functions/imap_mailbox.php
@@ -364,8 +364,27 @@ function sqimap_mailbox_select ($imap_stream, $mailbox) {
if ($mailbox == 'None') {
return;
}
+
// cleanup $mailbox in order to prevent IMAP injection attacks
$mailbox = str_replace(array("\r","\n"), array("",""),$mailbox);
+
+ /**
+ * Default UW IMAP server configuration allows to access other files
+ * on server. $imap_server_type is not checked because interface can
+ * be used with 'other' or any other server type setting. $mailbox
+ * variable can be modified in any script that uses variable from GET
+ * or POST. This code blocks all standard SquirrelMail IMAP API requests
+ * that use mailbox with full path (/etc/passwd) or with ../ characters
+ * in path (../../etc/passwd)
+ */
+ if (strstr($mailbox, '../') || substr($mailbox, 0, 1) == '/') {
+ global $oTemplate;
+ error_box(sprintf(_("Invalid mailbox name: %s"),htmlspecialchars($mailbox)));
+ sqimap_logout($imap_stream);
+ $oTemplate->display('footer.tpl');
+ die();
+ }
+
$read = sqimap_run_command($imap_stream, 'SELECT ' . sqimap_encode_mailbox_name($mailbox),
true, $response, $message);
$result = array();
@@ -651,26 +670,13 @@ function sqimap_mailbox_parse ($line) {
}
/**
- * Returns list of options (to be echoed into select statement
- * based on available mailboxes and separators
- * Caller should surround options with and
- * any formatting.
- * @param stream $imap_stream imap connection resource to query for mailboxes
- * @param array $show_selected array containing list of mailboxes to pre-select (0 if none)
- * @param array $folder_skip array of folders to keep out of option list (compared in lower)
- * @param $boxes list of already fetched boxes (for places like folder panel, where
- * you know these options will be shown 3 times in a row.. (most often unset).
- * @param string $flag (since 1.4.1) flag to check for in mailbox flags, used to filter out mailboxes.
- * 'noselect' by default to remove unselectable mailboxes.
- * 'noinferiors' used to filter out folders that can not contain subfolders.
- * NULL to avoid flag check entirely.
- * NOTE: noselect and noiferiors are used internally. The IMAP representation is
- * \NoSelect and \NoInferiors
- * @param boolean $use_long_format (since 1.4.1) override folder display preference and always show full folder name.
- * @return string html formated mailbox selection options
- * @since 1.3.2
+ * Returns an array of mailboxes available. Separated from sqimap_mailbox_option_list()
+ * below for template development.
+ *
+ * @author Steve Brown
+ * @since 1.5.2
*/
-function sqimap_mailbox_option_list($imap_stream, $show_selected = 0, $folder_skip = 0, $boxes = 0,
+function sqimap_mailbox_option_array($imap_stream, $folder_skip = 0, $boxes = 0,
$flag = 'noselect', $use_long_format = false ) {
global $username, $data_dir, $translate_special_folders, $sent_folder,
$trash_folder, $draft_folder;
@@ -688,6 +694,7 @@ function sqimap_mailbox_option_list($imap_stream, $show_selected = 0, $folder_sk
$boxes = sqimap_mailbox_list($imap_stream);
}
+ $a = array();
foreach ($boxes as $boxes_part) {
if ($flag == NULL || (is_array($boxes_part['flags'])
&& !in_array($flag, $boxes_part['flags']))) {
@@ -745,14 +752,58 @@ function sqimap_mailbox_option_list($imap_stream, $show_selected = 0, $folder_sk
break;
}
}
- if ($show_selected != 0 && in_array($lowerbox, $show_selected) ) {
- $mbox_options .= '' . "\n";
- } else {
- $mbox_options .= '' . "\n";
+
+ $a[htmlspecialchars($box)] = $box2;
+ }
+ }
+
+ return $a;
+}
+
+/**
+ * Returns list of options (to be echoed into select statement
+ * based on available mailboxes and separators
+ * Caller should surround options with and
+ * any formatting.
+ * @param stream $imap_stream imap connection resource to query for mailboxes
+ * @param array $show_selected array containing list of mailboxes to pre-select (0 if none)
+ * @param array $folder_skip array of folders to keep out of option list (compared in lower)
+ * @param $boxes list of already fetched boxes (for places like folder panel, where
+ * you know these options will be shown 3 times in a row.. (most often unset).
+ * @param string $flag (since 1.4.1) flag to check for in mailbox flags, used to filter out mailboxes.
+ * 'noselect' by default to remove unselectable mailboxes.
+ * 'noinferiors' used to filter out folders that can not contain subfolders.
+ * NULL to avoid flag check entirely.
+ * NOTE: noselect and noiferiors are used internally. The IMAP representation is
+ * \NoSelect and \NoInferiors
+ * @param boolean $use_long_format (since 1.4.1) override folder display preference and always show full folder name.
+ * @return string html formated mailbox selection options
+ * @since 1.3.2
+ */
+function sqimap_mailbox_option_list($imap_stream, $show_selected = 0, $folder_skip = 0, $boxes = 0,
+ $flag = 'noselect', $use_long_format = false ) {
+ global $username, $data_dir, $translate_special_folders, $sent_folder,
+ $trash_folder, $draft_folder;
+
+ $boxes = sqimap_mailbox_option_array($imap_stream, $folder_skip, $boxes, $flag, $use_long_format);
+
+ $str = '';
+ foreach ($boxes as $value=>$option) {
+ $lowerbox = strtolower(htmlspecialchars($value));
+ $sel = false;
+ if ($show_selected != 0) {
+ reset($show_selected);
+ while (!$sel && (list($x, $val) = each($show_selected))) {
+ if (strtolower($value) == strtolower(htmlspecialchars($val))) {
+ $sel = true;
+ }
}
}
+
+ $str .= '\n";
}
- return $mbox_options;
+
+ return $str;
}
/**