X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=functions%2Fstrings.php;h=d03163b0f4ab56b9b61cca66d15e9030eabd9b7d;hb=466abb9c6e2d59218590a4733bde321b6e20c2f8;hp=9e137cab90a1ae271d4803faeb8dfe04cb127a3b;hpb=f72f61d8e1443294a3e103ff6f8e2f99459ae7f4;p=squirrelmail.git
diff --git a/functions/strings.php b/functions/strings.php
index 9e137cab..d03163b0 100644
--- a/functions/strings.php
+++ b/functions/strings.php
@@ -3,34 +3,324 @@
/**
* strings.php
*
- * Copyright (c) 1999-2003 The SquirrelMail Project Team
- * Licensed under the GNU GPL. For full terms see the file COPYING.
- *
* This code provides various string manipulation functions that are
- * used by the rest of the Squirrelmail code.
+ * used by the rest of the SquirrelMail code.
*
- * $Id$
+ * @copyright 1999-2016 The SquirrelMail Project Team
+ * @license http://opensource.org/licenses/gpl-license.php GNU Public License
+ * @version $Id$
+ * @package squirrelmail
*/
/**
- * SquirrelMail version number -- DO NOT CHANGE
+ * Appends citation markers to the string.
+ * Also appends a trailing space.
+ *
+ * @author Justus Pendleton
+ * @param string $str The string to append to
+ * @param int $citeLevel the number of markers to append
+ * @return null
+ * @since 1.5.1
*/
-global $version;
-$version = '1.5.0 [CVS]';
+function sqMakeCite (&$str, $citeLevel) {
+ for ($i = 0; $i < $citeLevel; $i++) {
+ $str .= '>';
+ }
+ if ($citeLevel != 0) {
+ $str .= ' ';
+ }
+}
/**
- * SquirrelMail internal version number -- DO NOT CHANGE
- * $sm_internal_version = array (release, major, minor)
+ * Create a newline in the string, adding citation
+ * markers to the newline as necessary.
+ *
+ * @author Justus Pendleton
+ * @param string $str the string to make a newline in
+ * @param int $citeLevel the citation level the newline is at
+ * @param int $column starting column of the newline
+ * @return null
+ * @since 1.5.1
*/
-global $SQM_INTERNAL_VERSION;
-$SQM_INTERNAL_VERSION = array(1,5,0);
+function sqMakeNewLine (&$str, $citeLevel, &$column) {
+ $str .= "\n";
+ $column = 0;
+ if ($citeLevel > 0) {
+ sqMakeCite ($str, $citeLevel);
+ $column = $citeLevel + 1;
+ } else {
+ $column = 0;
+ }
+}
/**
- * There can be a circular issue with includes, where the $version string is
- * referenced by the include of global.php, etc. before it's defined.
- * For that reason, bring in global.php AFTER we define the version strings.
+ * Checks for spaces in strings - only used if PHP doesn't have native ctype support
+ *
+ * You might be able to rewrite the function by adding short evaluation form.
+ *
+ * possible problems:
+ * - iso-2022-xx charsets - hex 20 might be part of other symbol. I might
+ * be wrong. 0x20 is not used in iso-2022-jp. I haven't checked iso-2022-kr
+ * and iso-2022-cn mappings.
+ *
+ * - no-break space ( ) - it is 8bit symbol, that depends on charset.
+ * there are at least three different charset groups that have nbsp in
+ * different places.
+ *
+ * I don't see any charset/nbsp options in php ctype either.
+ *
+ * @param string $string tested string
+ * @return bool true when only whitespace symbols are present in test string
+ * @since 1.5.1
*/
-require_once(SM_PATH . 'functions/global.php');
+function sm_ctype_space($string) {
+ if ( preg_match('/^[\x09-\x0D]|^\x20/', $string) || $string=='') {
+ return true;
+ } else {
+ return false;
+ }
+}
+
+/**
+ * Wraps text at $wrap characters. While sqWordWrap takes
+ * a single line of text and wraps it, this function works
+ * on the entire corpus at once, this allows it to be a little
+ * bit smarter and when and how to wrap.
+ *
+ * @author Justus Pendleton
+ * @param string $body the entire body of text
+ * @param int $wrap the maximum line length
+ * @return string the wrapped text
+ * @since 1.5.1
+ */
+function &sqBodyWrap (&$body, $wrap) {
+ //check for ctype support, and fake it if it doesn't exist
+ if (!function_exists('ctype_space')) {
+ function ctype_space ($string) {
+ return sm_ctype_space($string);
+ }
+ }
+
+ // the newly wrapped text
+ $outString = '';
+ // current column since the last newline in the outstring
+ $outStringCol = 0;
+ $length = sq_strlen($body);
+ // where we are in the original string
+ $pos = 0;
+ // the number of >>> citation markers we are currently at
+ $citeLevel = 0;
+
+ // the main loop, whenever we start a newline of input text
+ // we start from here
+ while ($pos < $length) {
+ // we're at the beginning of a line, get the new cite level
+ $newCiteLevel = 0;
+
+ while (($pos < $length) && (sq_substr($body,$pos,1) == '>')) {
+ $newCiteLevel++;
+ $pos++;
+
+ // skip over any spaces interleaved among the cite markers
+ while (($pos < $length) && (sq_substr($body,$pos,1) == ' ')) {
+
+ $pos++;
+
+ }
+ if ($pos >= $length) {
+ break;
+ }
+ }
+
+ // special case: if this is a blank line then maintain it
+ // (i.e. try to preserve original paragraph breaks)
+ // unless they occur at the very beginning of the text
+ if ((sq_substr($body,$pos,1) == "\n" ) && (sq_strlen($outString) != 0)) {
+ $outStringLast = $outString{sq_strlen($outString) - 1};
+ if ($outStringLast != "\n") {
+ $outString .= "\n";
+ }
+ sqMakeCite ($outString, $newCiteLevel);
+ $outString .= "\n";
+ $pos++;
+ $outStringCol = 0;
+ continue;
+ }
+
+ // if the cite level has changed, then start a new line
+ // with the new cite level.
+ if (($citeLevel != $newCiteLevel) && ($pos > ($newCiteLevel + 1)) && ($outStringCol != 0)) {
+ sqMakeNewLine ($outString, 0, $outStringCol);
+ }
+
+ $citeLevel = $newCiteLevel;
+
+ // prepend the quote level if necessary
+ if ($outStringCol == 0) {
+ sqMakeCite ($outString, $citeLevel);
+ // if we added a citation then move the column
+ // out by citelevel + 1 (the cite markers + the space)
+ $outStringCol = $citeLevel + ($citeLevel ? 1 : 0);
+ } else if ($outStringCol > $citeLevel) {
+ // not a cite and we're not at the beginning of a line
+ // in the output. add a space to separate the new text
+ // from previous text.
+ $outString .= ' ';
+ $outStringCol++;
+ }
+
+ // find the next newline -- we don't want to go further than that
+ $nextNewline = sq_strpos ($body, "\n", $pos);
+ if ($nextNewline === FALSE) {
+ $nextNewline = $length;
+ }
+
+ // Don't wrap unquoted lines at all. For now the textarea
+ // will work fine for this. Maybe revisit this later though
+ // (for completeness more than anything else, I think)
+ if ($citeLevel == 0) {
+ $outString .= sq_substr ($body, $pos, ($nextNewline - $pos));
+ $outStringCol = $nextNewline - $pos;
+ if ($nextNewline != $length) {
+ sqMakeNewLine ($outString, 0, $outStringCol);
+ }
+ $pos = $nextNewline + 1;
+ continue;
+ }
+ /**
+ * Set this to false to stop appending short strings to previous lines
+ */
+ $smartwrap = true;
+ // inner loop, (obviously) handles wrapping up to
+ // the next newline
+ while ($pos < $nextNewline) {
+ // skip over initial spaces
+ while (($pos < $nextNewline) && (ctype_space (sq_substr($body,$pos,1)))) {
+ $pos++;
+ }
+ // if this is a short line then just append it and continue outer loop
+ if (($outStringCol + $nextNewline - $pos) <= ($wrap - $citeLevel - 1) ) {
+ // if this is the final line in the input string then include
+ // any trailing newlines
+ // echo substr($body,$pos,$wrap). "
";
+ if (($nextNewline + 1 == $length) && (sq_substr($body,$nextNewline,1) == "\n")) {
+ $nextNewline++;
+ }
+
+ // trim trailing spaces
+ $lastRealChar = $nextNewline;
+ while (($lastRealChar > $pos && $lastRealChar < $length) && (ctype_space (sq_substr($body,$lastRealChar,1)))) {
+ $lastRealChar--;
+ }
+ // decide if appending the short string is what we want
+ if (($nextNewline < $length && sq_substr($body,$nextNewline,1) == "\n") &&
+ isset($lastRealChar)) {
+ $mypos = $pos;
+ //check the first word:
+ while (($mypos < $length) && (sq_substr($body,$mypos,1) == '>')) {
+ $mypos++;
+ // skip over any spaces interleaved among the cite markers
+ while (($mypos < $length) && (sq_substr($body,$mypos,1) == ' ')) {
+ $mypos++;
+ }
+ }
+/*
+ $ldnspacecnt = 0;
+ if ($mypos == $nextNewline+1) {
+ while (($mypos < $length) && ($body{$mypos} == ' ')) {
+ $ldnspacecnt++;
+ }
+ }
+*/
+
+ $firstword = sq_substr($body,$mypos,sq_strpos($body,' ',$mypos) - $mypos);
+ //if ($dowrap || $ldnspacecnt > 1 || ($firstword && (
+ if (!$smartwrap || $firstword && (
+ $firstword{0} == '-' ||
+ $firstword{0} == '+' ||
+ $firstword{0} == '*' ||
+ sq_substr($firstword,0,1) == sq_strtoupper(sq_substr($firstword,0,1)) ||
+ strpos($firstword,':'))) {
+ $outString .= sq_substr($body,$pos,($lastRealChar - $pos+1));
+ $outStringCol += ($lastRealChar - $pos);
+ sqMakeNewLine($outString,$citeLevel,$outStringCol);
+ $nextNewline++;
+ $pos = $nextNewline;
+ $outStringCol--;
+ continue;
+ }
+
+ }
+
+ $outString .= sq_substr ($body, $pos, ($lastRealChar - $pos + 1));
+ $outStringCol += ($lastRealChar - $pos);
+ $pos = $nextNewline + 1;
+ continue;
+ }
+
+ $eol = $pos + $wrap - $citeLevel - $outStringCol;
+ // eol is the tentative end of line.
+ // look backwards for there for a whitespace to break at.
+ // if it's already less than our current position then
+ // our current line is already too long, break immediately
+ // and restart outer loop
+ if ($eol <= $pos) {
+ sqMakeNewLine ($outString, $citeLevel, $outStringCol);
+ continue;
+ }
+
+ // start looking backwards for whitespace to break at.
+ $breakPoint = $eol;
+ while (($breakPoint > $pos) && (! ctype_space (sq_substr($body,$breakPoint,1)))) {
+ $breakPoint--;
+ }
+
+ // if we didn't find a breakpoint by looking backward then we
+ // need to figure out what to do about that
+ if ($breakPoint == $pos) {
+ // if we are not at the beginning then end this line
+ // and start a new loop
+ if ($outStringCol > ($citeLevel + 1)) {
+ sqMakeNewLine ($outString, $citeLevel, $outStringCol);
+ continue;
+ } else {
+ // just hard break here. most likely we are breaking
+ // a really long URL. could also try searching
+ // forward for a break point, which is what Mozilla
+ // does. don't bother for now.
+ $breakPoint = $eol;
+ }
+ }
+
+ // special case: maybe we should have wrapped last
+ // time. if the first breakpoint here makes the
+ // current line too long and there is already text on
+ // the current line, break and loop again if at
+ // beginning of current line, don't force break
+ $SLOP = 6;
+ if ((($outStringCol + ($breakPoint - $pos)) > ($wrap + $SLOP)) && ($outStringCol > ($citeLevel + 1))) {
+ sqMakeNewLine ($outString, $citeLevel, $outStringCol);
+ continue;
+ }
+
+ // skip newlines or whitespace at the beginning of the string
+ $substring = sq_substr ($body, $pos, ($breakPoint - $pos));
+ $substring = rtrim ($substring); // do rtrim and ctype_space have the same ideas about whitespace?
+ $outString .= $substring;
+ $outStringCol += sq_strlen ($substring);
+ // advance past the whitespace which caused the wrap
+ $pos = $breakPoint;
+ while (($pos < $length) && (ctype_space (sq_substr($body,$pos,1)))) {
+ $pos++;
+ }
+ if ($pos < $length) {
+ sqMakeNewLine ($outString, $citeLevel, $outStringCol);
+ }
+ }
+ }
+
+ return $outString;
+}
/**
* Wraps text at $wrap characters
@@ -38,26 +328,33 @@ require_once(SM_PATH . 'functions/global.php');
* Has a problem with special HTML characters, so call this before
* you do character translation.
*
- * Specifically, ' comes up as 5 characters instead of 1.
+ * Specifically, ' comes up as 5 characters instead of 1.
* This should not add newlines to the end of lines.
+ *
+ * @param string $line the line of text to wrap, by ref
+ * @param int $wrap the maximum line lenth
+ * @param string $charset name of charset used in $line string. Available since v.1.5.1.
+ * @return void
+ * @since 1.0
*/
-function sqWordWrap(&$line, $wrap) {
+function sqWordWrap(&$line, $wrap, $charset='') {
global $languages, $squirrelmail_language;
+ // Use custom wrapping function, if translation provides it
if (isset($languages[$squirrelmail_language]['XTRA_CODE']) &&
- function_exists($languages[$squirrelmail_language]['XTRA_CODE'])) {
+ function_exists($languages[$squirrelmail_language]['XTRA_CODE'] . '_wordwrap')) {
if (mb_detect_encoding($line) != 'ASCII') {
- $line = $languages[$squirrelmail_language]['XTRA_CODE']('wordwrap', $line, $wrap);
+ $line = call_user_func($languages[$squirrelmail_language]['XTRA_CODE'] . '_wordwrap', $line, $wrap);
return;
}
}
- ereg("^([\t >]*)([^\t >].*)?$", $line, $regs);
+ preg_match('/^([\t >]*)([^\t >].*)?$/', $line, $regs);
$beginning_spaces = $regs[1];
if (isset($regs[2])) {
$words = explode(' ', $regs[2]);
} else {
- $words = '';
+ $words = array();
}
$i = 0;
@@ -66,9 +363,9 @@ function sqWordWrap(&$line, $wrap) {
while ($i < count($words)) {
/* Force one word to be on a line (minimum) */
$line .= $words[$i];
- $line_len = strlen($beginning_spaces) + strlen($words[$i]) + 2;
+ $line_len = strlen($beginning_spaces) + sq_strlen($words[$i],$charset) + 2;
if (isset($words[$i + 1]))
- $line_len += strlen($words[$i + 1]);
+ $line_len += sq_strlen($words[$i + 1],$charset);
$i ++;
/* Add more words (as long as they fit) */
@@ -76,7 +373,7 @@ function sqWordWrap(&$line, $wrap) {
$line .= ' ' . $words[$i];
$i++;
if (isset($words[$i]))
- $line_len += strlen($words[$i]) + 1;
+ $line_len += sq_strlen($words[$i],$charset) + 1;
else
$line_len += 1;
}
@@ -95,6 +392,9 @@ function sqWordWrap(&$line, $wrap) {
/**
* Does the opposite of sqWordWrap()
+ * @param string $body the text to un-wordwrap
+ * @return void
+ * @since 1.0
*/
function sqUnWordWrap(&$body) {
global $squirrelmail_language;
@@ -134,6 +434,11 @@ function sqUnWordWrap(&$body) {
/**
* If $haystack is a full mailbox name and $needle is the mailbox
* separator character, returns the last part of the mailbox name.
+ *
+ * @param string haystack full mailbox name to search
+ * @param string needle the mailbox separator character
+ * @return string the last part of the mailbox name
+ * @since 1.0
*/
function readShortMailboxName($haystack, $needle) {
@@ -149,38 +454,24 @@ function readShortMailboxName($haystack, $needle) {
return( $elem );
}
-function php_self () {
- if ( sqgetGlobalVar('REQUEST_URI', $req_uri, SQ_SERVER) && !empty($req_uri) ) {
- return $req_uri;
- }
-
- if ( sqgetGlobalVar('PHP_SELF', $php_self, SQ_SERVER) && !empty($php_self) ) {
-
- // need to add query string to end of PHP_SELF to match REQUEST_URI
- //
- if ( sqgetGlobalVar('QUERY_STRING', $query_string, SQ_SERVER) && !empty($query_string) ) {
- $php_self .= '?' . $query_string;
- }
-
- return $php_self;
- }
-
- return '';
-}
-
/**
- * This determines the location to forward to relative to your server.
- * If this doesnt work correctly for you (although it should), you can
- * remove all this code except the last two lines, and change the header()
- * function to look something like this, customized to the location of
- * SquirrelMail on your server:
+ * get_location
*
- * http://www.myhost.com/squirrelmail/src/login.php
+ * Determines the location to forward to, relative to your server.
+ * This is used in HTTP Location: redirects.
+ *
+ * If set, it uses $config_location_base as the first part of the URL,
+ * specifically, the protocol, hostname and port parts. The path is
+ * always autodetected.
+ *
+ * @return string the base url for this SquirrelMail installation
+ * @since 1.0
*/
function get_location () {
- global $imap_server_type;
+ global $imap_server_type, $config_location_base,
+ $is_secure_connection, $sq_ignore_http_x_forwarded_headers;
/* Get the path, handle virtual directories */
if(strpos(php_self(), '?')) {
@@ -189,152 +480,172 @@ function get_location () {
$path = php_self();
}
$path = substr($path, 0, strrpos($path, '/'));
+
+ // proto+host+port are already set in config:
+ if ( !empty($config_location_base) ) {
+ return $config_location_base . $path ;
+ }
+ // we computed it before, get it from the session:
if ( sqgetGlobalVar('sq_base_url', $full_url, SQ_SESSION) ) {
return $full_url . $path;
}
+ // else: autodetect
/* Check if this is a HTTPS or regular HTTP request. */
$proto = 'http://';
-
- /*
- * If you have 'SSLOptions +StdEnvVars' in your apache config
- * OR if you have HTTPS=on in your HTTP_SERVER_VARS
- * OR if you are on port 443
- */
- $getEnvVar = getenv('HTTPS');
- if ((isset($getEnvVar) && !strcasecmp($getEnvVar, 'on')) ||
- (sqgetGlobalVar('HTTPS', $https_on, SQ_SERVER) && !strcasecmp($https_on, 'on')) ||
- (sqgetGlobalVar('SERVER_PORT', $server_port, SQ_SERVER) && $server_port == 443)) {
+ if ($is_secure_connection)
$proto = 'https://';
- }
/* Get the hostname from the Host header or server config. */
- if ( !sqgetGlobalVar('HTTP_HOST', $host, SQ_SERVER) || empty($host) ) {
- if ( !sqgetGlobalVar('SERVER_NAME', $host, SQ_SERVER) || empty($host) ) {
- $host = '';
- }
+ if ($sq_ignore_http_x_forwarded_headers
+ || !sqgetGlobalVar('HTTP_X_FORWARDED_HOST', $host, SQ_SERVER)
+ || empty($host)) {
+ if ( !sqgetGlobalVar('HTTP_HOST', $host, SQ_SERVER) || empty($host) ) {
+ if ( !sqgetGlobalVar('SERVER_NAME', $host, SQ_SERVER) || empty($host) ) {
+ $host = '';
+ }
+ }
}
$port = '';
if (! strstr($host, ':')) {
+ // Note: HTTP_X_FORWARDED_PROTO could be sent from the client and
+ // therefore possibly spoofed/hackable. Thus, SquirrelMail
+ // ignores such headers by default. The administrator
+ // can tell SM to use such header values by setting
+ // $sq_ignore_http_x_forwarded_headers to boolean FALSE
+ // in config/config.php or by using config/conf.pl.
+ global $sq_ignore_http_x_forwarded_headers;
+ if ($sq_ignore_http_x_forwarded_headers
+ || !sqgetGlobalVar('HTTP_X_FORWARDED_PROTO', $forwarded_proto, SQ_SERVER))
+ $forwarded_proto = '';
if (sqgetGlobalVar('SERVER_PORT', $server_port, SQ_SERVER)) {
if (($server_port != 80 && $proto == 'http://') ||
- ($server_port != 443 && $proto == 'https://')) {
+ ($server_port != 443 && $proto == 'https://' &&
+ strcasecmp($forwarded_proto, 'https') !== 0)) {
$port = sprintf(':%d', $server_port);
}
}
}
- /* this is a workaround for the weird macosx caching that
- causes Apache to return 16080 as the port number, which causes
- SM to bail */
+ /* this is a workaround for the weird macosx caching that
+ * causes Apache to return 16080 as the port number, which causes
+ * SM to bail */
- if ($imap_server_type == 'macosx' && $port == ':16080') {
+ if ($imap_server_type == 'macosx' && $port == ':16080') {
$port = '';
- }
+ }
- /* Fallback is to omit the server name and use a relative */
- /* URI, although this is not RFC 2616 compliant. */
- $full_url = ($host ? $proto . $host . $port : '');
- sqsession_register($full_url, 'sq_base_url');
- return $full_url . $path;
+ /* Fallback is to omit the server name and use a relative */
+ /* URI, although this is not RFC 2616 compliant. */
+ $full_url = ($host ? $proto . $host . $port : '');
+ sqsession_register($full_url, 'sq_base_url');
+ return $full_url . $path;
}
/**
- * These functions are used to encrypt the passowrd before it is
- * stored in a cookie.
+ * Get Message List URI
+ *
+ * @param string $mailbox Current mailbox name (unencoded/raw)
+ * @param string $startMessage The mailbox page offset
+ * @param string $what Any current search parameters (OPTIONAL;
+ * default empty string)
+ *
+ * @return string The message list URI
+ *
+ * @since 1.5.2
+ *
*/
-function OneTimePadEncrypt ($string, $epad) {
- $pad = base64_decode($epad);
- $encrypted = '';
- for ($i = 0; $i < strlen ($string); $i++) {
- $encrypted .= chr (ord($string[$i]) ^ ord($pad[$i]));
- }
+function get_message_list_uri($mailbox, $startMessage, $what='') {
- return base64_encode($encrypted);
-}
+ global $base_uri;
-function OneTimePadDecrypt ($string, $epad) {
- $pad = base64_decode($epad);
- $encrypted = base64_decode ($string);
- $decrypted = '';
- for ($i = 0; $i < strlen ($encrypted); $i++) {
- $decrypted .= chr (ord($encrypted[$i]) ^ ord($pad[$i]));
- }
+ $urlMailbox = urlencode($mailbox);
- return $decrypted;
+ $list_xtra = "?where=read_body.php&what=$what&mailbox=" . $urlMailbox.
+ "&startMessage=$startMessage";
+
+ return $base_uri .'src/right_main.php'. $list_xtra;
}
/**
- * Randomize the mt_rand() function. Toss this in strings or integers
- * and it will seed the generator appropriately. With strings, it is
- * better to get them long. Use md5() to lengthen smaller strings.
+ * Encrypts password
+ *
+ * These functions are used to encrypt the password before it is
+ * stored in a cookie. The encryption key is generated by
+ * OneTimePadCreate();
+ *
+ * @param string $string the (password)string to encrypt
+ * @param string $epad the encryption key
+ * @return string the base64-encoded encrypted password
+ * @since 1.0
*/
-function sq_mt_seed($Val) {
- /* if mt_getrandmax() does not return a 2^n - 1 number,
- this might not work well. This uses $Max as a bitmask. */
- $Max = mt_getrandmax();
-
- if (! is_int($Val)) {
- $Val = crc32($Val);
- }
+function OneTimePadEncrypt ($string, $epad) {
+ $pad = base64_decode($epad);
- if ($Val < 0) {
- $Val *= -1;
+ if (strlen($pad)>0) {
+ // make sure that pad is longer than string
+ while (strlen($string)>strlen($pad)) {
+ $pad.=$pad;
+ }
+ } else {
+ // FIXME: what should we do when $epad is not base64 encoded or empty.
}
- if ($Val = 0) {
- return;
+ $encrypted = '';
+ for ($i = 0; $i < strlen ($string); $i++) {
+ $encrypted .= chr (ord($string[$i]) ^ ord($pad[$i]));
}
- mt_srand(($Val ^ mt_rand(0, $Max)) & $Max);
+ return base64_encode($encrypted);
}
-
/**
- * This function initializes the random number generator fairly well.
- * It also only initializes it once, so you don't accidentally get
- * the same 'random' numbers twice in one session.
+ * Decrypts a password from the cookie
+ *
+ * Decrypts a password from the cookie, encrypted by OneTimePadEncrypt.
+ * This uses the encryption key that is stored in the session.
+ *
+ * @param string $string the string to decrypt
+ * @param string $epad the encryption key from the session
+ * @return string the decrypted password
+ * @since 1.0
*/
-function sq_mt_randomize() {
- static $randomized;
-
- if ($randomized) {
- return;
- }
+function OneTimePadDecrypt ($string, $epad) {
+ $pad = base64_decode($epad);
- /* Global. */
- sqgetGlobalVar('REMOTE_PORT', $remote_port, SQ_SERVER);
- sqgetGlobalVar('REMOTE_ADDR', $remote_addr, SQ_SERVER);
- sq_mt_seed((int)((double) microtime() * 1000000));
- sq_mt_seed(md5($remote_port . $remote_addr . getmypid()));
-
- /* getrusage */
- if (function_exists('getrusage')) {
- /* Avoid warnings with Win32 */
- $dat = @getrusage();
- if (isset($dat) && is_array($dat)) {
- $Str = '';
- foreach ($dat as $k => $v)
- {
- $Str .= $k . $v;
- }
- sq_mt_seed(md5($Str));
+ if (strlen($pad)>0) {
+ // make sure that pad is longer than string
+ while (strlen($string)>strlen($pad)) {
+ $pad.=$pad;
}
+ } else {
+ // FIXME: what should we do when $epad is not base64 encoded or empty.
}
- if(sqgetGlobalVar('UNIQUE_ID', $unique_id, SQ_SERVER)) {
- sq_mt_seed(md5($unique_id));
+ $encrypted = base64_decode ($string);
+ $decrypted = '';
+ for ($i = 0; $i < strlen ($encrypted); $i++) {
+ $decrypted .= chr (ord($encrypted[$i]) ^ ord($pad[$i]));
}
- $randomized = 1;
+ return $decrypted;
}
+/**
+ * Creates encryption key
+ *
+ * Creates an encryption key for encrypting the password stored in the cookie.
+ * The encryption key itself is stored in the session.
+ *
+ * Pad must be longer or equal to encoded string length in 1.4.4/1.5.0 and older.
+ * @param int $length optional, length of the string to generate
+ * @return string the encryption key
+ * @since 1.0
+ */
function OneTimePadCreate ($length=100) {
- sq_mt_randomize();
-
$pad = '';
for ($i = 0; $i < $length; $i++) {
$pad .= chr(mt_rand(0,255));
@@ -344,15 +655,23 @@ function OneTimePadCreate ($length=100) {
}
/**
- * Returns a string showing the size of the message/attachment.
- */
+ * Returns a string showing a byte size figure in
+ * a more easily digested (readable) format
+ *
+ * @param int $bytes the size in bytes
+ *
+ * @return string The size in human readable format
+ *
+ * @since 1.0
+ *
+ */
function show_readable_size($bytes) {
$bytes /= 1024;
- $type = 'k';
+ $type = _("KiB");
if ($bytes / 1024 > 1) {
$bytes /= 1024;
- $type = 'M';
+ $type = _("MiB");
}
if ($bytes < 10) {
@@ -363,18 +682,23 @@ function show_readable_size($bytes) {
settype($bytes, 'integer');
}
- return $bytes . ' ' . $type . '';
+ global $nbsp;
+ return $bytes . $nbsp . $type;
}
/**
- * Generates a random string from the caracter set you pass in
+ * Generates a random string from the character set you pass in
*
- * Flags:
- * 1 = add lowercase a-z to $chars
- * 2 = add uppercase A-Z to $chars
- * 4 = add numbers 0-9 to $chars
+ * @param int $size the length of the string to generate
+ * @param string $chars a string containing the characters to use
+ * @param int $flags a flag to add a specific set to the characters to use:
+ * Flags:
+ * 1 = add lowercase a-z to $chars
+ * 2 = add uppercase A-Z to $chars
+ * 4 = add numbers 0-9 to $chars
+ * @return string the random string
+ * @since 1.0
*/
-
function GenerateRandomString($size, $chars, $flags = 0) {
if ($flags & 0x1) {
$chars .= 'abcdefghijklmnopqrstuvwxyz';
@@ -390,8 +714,6 @@ function GenerateRandomString($size, $chars, $flags = 0) {
return '';
}
- sq_mt_randomize(); /* Initialize the random number generator */
-
$String = '';
$j = strlen( $chars ) - 1;
while (strlen($String) < $size) {
@@ -401,88 +723,998 @@ function GenerateRandomString($size, $chars, $flags = 0) {
return $String;
}
+/**
+ * Escapes special characters for use in IMAP commands.
+ *
+ * @param string $str the string to escape
+ * @return string the escaped string
+ * @since 1.0.3
+ */
function quoteimap($str) {
- return ereg_replace('(["\\])', '\\\\1', $str);
+ return str_replace(array('\\', '"'), array('\\\\', '\\"'), $str);
}
/**
- * Trims every element in the array
+ * Create compose link
+ *
+ * Returns a link to the compose-page, taking in consideration
+ * the compose_in_new and javascript settings.
+ *
+ * @param string $url The URL to the compose page
+ * @param string $text The link text, default "Compose"
+ * @param string $target URL target, if any (since 1.4.3)
+ * @param string $accesskey The access key to be used, if any
+ *
+ * @return string a link to the compose page
+ *
+ * @since 1.4.2
*/
-function TrimArray(&$array) {
- foreach ($array as $k => $v) {
- global $$k;
- if (is_array($$k)) {
- foreach ($$k as $k2 => $v2) {
- $$k[$k2] = substr($v2, 1);
- }
- } else {
- $$k = substr($v, 1);
+function makeComposeLink($url, $text = null, $target='', $accesskey='NONE') {
+ global $compose_new_win, $compose_width,
+ $compose_height, $oTemplate;
+
+ if(!$text) {
+ $text = _("Compose");
+ }
+
+ // if not using "compose in new window", make
+ // regular link and be done with it
+ if($compose_new_win != '1') {
+ return makeInternalLink($url, $text, $target, $accesskey);
+ }
+
+ // build the compose in new window link...
+
+
+ // if javascript is on, use onclick event to handle it
+ if(checkForJavascript()) {
+ sqgetGlobalVar('base_uri', $base_uri, SQ_SESSION);
+ $compuri = SM_BASE_URI.$url;
+
+ return create_hyperlink('javascript:void(0)', $text, '',
+ "comp_in_new('$compuri','$compose_width','$compose_height')",
+ '', '', '',
+ ($accesskey == 'NONE'
+ ? array()
+ : array('accesskey' => $accesskey)));
+ }
+
+ // otherwise, just open new window using regular HTML
+ return makeInternalLink($url, $text, '_blank', $accesskey);
+}
+
+/**
+ * version of fwrite which checks for failure
+ * @param resource $fp
+ * @param string $string
+ * @return number of written bytes. false on failure
+ * @since 1.4.3
+ */
+function sq_fwrite($fp, $string) {
+ // write to file
+ $count = @fwrite($fp,$string);
+ // the number of bytes written should be the length of the string
+ if($count != strlen($string)) {
+ return FALSE;
}
- /* Re-assign back to array. */
- $array[$k] = $$k;
+ return $count;
+}
+
+/**
+ * sq_get_html_translation_table
+ *
+ * Returns the translation table used by sq_htmlentities()
+ *
+ * @param integer $table html translation table. Possible values (without quotes):
+ *
andtags. -*/ -function sm_print_r() { - ob_start(); // Buffer output - foreach(func_get_args() as $var) { - print_r($var); - echo "\n"; + * This is a replacement for PHP's substr_replace() that is + * multibyte-aware. + * + * @param string $string The string to operate upon + * @param string $replacement The string to be inserted + * @param int $start The offset at which to begin substring replacement + * @param int $length The number of characters after $start to remove + * NOTE that if you need to specify a charset but + * want to achieve normal substr_replace() behavior + * where $length is not specified, use NULL (OPTIONAL; + * default from $start to end of string) + * @param string $charset The charset of the given string. A value of NULL + * here will force the use of PHP's standard substr(). + * (OPTIONAL; default is "auto", which indicates that + * the user's current charset should be used). + * + * @return string The manipulated string + * + * Of course, you can use more advanced (e.g., negative) values + * for $start and $length as needed - see the PHP manual for more + * information: http://www.php.net/manual/function.substr-replace.php + * + */ +function sq_substr_replace($string, $replacement, $start, $length=NULL, + $charset='auto') +{ + + // NULL charset? Just use substr_replace() + // + if (is_null($charset)) + return is_null($length) ? substr_replace($string, $replacement, $start) + : substr_replace($string, $replacement, $start, $length); + + + // use current character set? + // + if ($charset == 'auto') + { +//FIXME: is there any reason why this cannot be a global flag used by all string wrapper functions? + static $auto_charset; + if (!isset($auto_charset)) + { + global $default_charset; +//FIXME - do we need this? +global $squirrelmail_language; + set_my_charset(); + $auto_charset = $default_charset; +//FIXME - do we need this? +if ($squirrelmail_language == 'ja_JP') $auto_charset = 'euc-jp'; + } + $charset = $auto_charset; + } + + + // standardize character set name + // + $charset = strtolower($charset); + + +/* ===== FIXME: this list is not used in 1.5.x, but if we need it, unless this differs between all our string function wrappers, we should store this info in the session + // only use mbstring with the following character sets + // + $sq_substr_replace_mb_charsets = array( + 'utf-8', + 'big5', + 'gb2312', + 'gb18030', + 'euc-jp', + 'euc-cn', + 'euc-tw', + 'euc-kr' + ); + + + // now we can use our own implementation using + // mb_substr() and mb_strlen() if needed + // + if (in_array($charset, $sq_substr_replace_mb_charsets) + && in_array($charset, sq_mb_list_encodings())) +===== */ +//FIXME: is there any reason why this cannot be a global array used by all string wrapper functions? + if (in_array($charset, sq_mb_list_encodings())) + { + + $string_length = mb_strlen($string, $charset); + + if ($start < 0) + $start = max(0, $string_length + $start); + + else if ($start > $string_length) + $start = $string_length; + + if ($length < 0) + $length = max(0, $string_length - $start + $length); + + else if (is_null($length) || $length > $string_length) + $length = $string_length; + + if ($start + $length > $string_length) + $length = $string_length - $start; + + return mb_substr($string, 0, $start, $charset) + . $replacement + . mb_substr($string, + $start + $length, + $string_length, // FIXME: I can't see why this is needed: - $start - $length, + $charset); + + } + + + // else use normal substr_replace() + // + return is_null($length) ? substr_replace($string, $replacement, $start) + : substr_replace($string, $replacement, $start, $length); + +} + +/** + * Wrapper that is used to switch between vanilla and multibyte strpos + * functions. + * @param string $haystack + * @param mixed $needle + * @param integer $offset + * @param string $charset + * @return string + * @since 1.5.1 + * @link http://www.php.net/strpos + * @link http://www.php.net/mb_strpos + */ +function sq_strpos($haystack,$needle,$offset,$charset='auto') { + // use automatic charset detection, if function call asks for it + static $charset_auto, $bUse_mb; + + if ($charset=='auto') { + if (!isset($charset_auto)) { + global $default_charset, $squirrelmail_language; + set_my_charset(); + $charset=$default_charset; + if ($squirrelmail_language=='ja_JP') $charset='euc-jp'; + $charset_auto = $charset; + } else { + $charset = $charset_auto; + } + } + $charset = strtolower($charset); + + // in_array call is expensive => do it once and use a static var for + // storing the results + if (!isset($bUse_mb)) { + if (in_array($charset,sq_mb_list_encodings())) { + $bUse_mb = true; + } else { + $bUse_mb = false; + } + } + if ($bUse_mb) { + return mb_strpos($haystack,$needle,$offset,$charset); } - $buffer = ob_get_contents(); // Grab the print_r output - ob_end_clean(); // Silently discard the output & stop buffering - print '
'; - print htmlentities($buffer); - print ''; + // TODO: add mbstring independent code + + // use vanilla string functions as last option + return strpos($haystack,$needle,$offset); +} + +/** + * Wrapper that is used to switch between vanilla and multibyte strtoupper + * functions. + * @param string $string + * @param string $charset + * @return string + * @since 1.5.1 + * @link http://www.php.net/strtoupper + * @link http://www.php.net/mb_strtoupper + */ +function sq_strtoupper($string,$charset='auto') { + // use automatic charset detection, if function call asks for it + static $charset_auto, $bUse_mb; + + if ($charset=='auto') { + if (!isset($charset_auto)) { + global $default_charset, $squirrelmail_language; + set_my_charset(); + $charset=$default_charset; + if ($squirrelmail_language=='ja_JP') $charset='euc-jp'; + $charset_auto = $charset; + } else { + $charset = $charset_auto; + } + } + $charset = strtolower($charset); + + // in_array call is expensive => do it once and use a static var for + // storing the results + if (!isset($bUse_mb)) { + if (function_exists('mb_strtoupper') && + in_array($charset,sq_mb_list_encodings())) { + $bUse_mb = true; + } else { + $bUse_mb = false; + } + } + + if ($bUse_mb) { + return mb_strtoupper($string,$charset); + } + // TODO: add mbstring independent code + + // use vanilla string functions as last option + return strtoupper($string); +} + +/** + * Counts 8bit bytes in string + * @param string $string tested string + * @return integer number of 8bit bytes + */ +function sq_count8bit($string) { + $count=0; + for ($i=0; $i