#
# $Id$
############################################################
-$conf_pl_version = "x63";
+$conf_pl_version = "x64";
############################################################
# Some people try to run this as a CGI. That's wrong!
print "1. Default Charset : $WHT$default_charset$NRM\n";
print "2. Data Directory : $WHT$data_dir$NRM\n";
print "3. Attachment Directory : $WHT$attachment_dir$NRM\n";
- print "4. Default Left Size : $WHT$default_left_size$NRM\n";
- print "5. Usernames in Lowercase : $WHT$force_username_lowercase$NRM\n";
- print "6. Allow use of priority : $WHT$default_use_priority$NRM\n";
- print "7. Hide SM attributions : $WHT$hide_sm_attributions$NRM\n";
+ print "4. Directory Hash Level : $WHT$dir_hash_level$NRM\n";
+ print "5. Default Left Size : $WHT$default_left_size$NRM\n";
+ print "6. Usernames in Lowercase : $WHT$force_username_lowercase$NRM\n";
+ print "7. Allow use of priority : $WHT$default_use_priority$NRM\n";
+ print "8. Hide SM attributions : $WHT$hide_sm_attributions$NRM\n";
print "\n";
print "R Return to Main Menu\n";
} elsif ($menu == 5) {
elsif ($command == 16) { $auto_create_special = command214(); }
} elsif ($menu == 4) {
if ($command == 1) { $default_charset = command31 (); }
- elsif ($command == 2) { $data_dir = command33 (); }
- elsif ($command == 3) { $attachment_dir = command34 (); }
- elsif ($command == 4) { $default_left_size = command35 (); }
- elsif ($command == 5) { $force_username_lowercase = command36 (); }
- elsif ($command == 6) { $default_use_priority = command37 (); }
- elsif ($command == 7) { $hide_sm_attributions = command38 (); }
+ elsif ($command == 2) { $data_dir = command33a (); }
+ elsif ($command == 3) { $attachment_dir = command33b (); }
+ elsif ($command == 4) { $dir_hash_level = command33c (); }
+ elsif ($command == 5) { $default_left_size = command35 (); }
+ elsif ($command == 6) { $force_username_lowercase = command36 (); }
+ elsif ($command == 7) { $default_use_priority = command37 (); }
+ elsif ($command == 8) { $hide_sm_attributions = command38 (); }
} elsif ($menu == 5) {
if ($command == 1) { command41 (); }
elsif ($command == 2) { $theme_css = command42 (); }
}
# Data directory
-sub command33 {
+sub command33a {
print "It is a possible security hole to have a writable directory\n";
print "under the web server's root directory (ex: /home/httpd/html).\n";
print "For this reason, it is possible to put the data directory\n";
}
# Attachment directory
-sub command34 {
+sub command33b {
print "Path to directory used for storing attachments while a mail is\n";
print "being sent. There are a few security considerations regarding this\n";
print "directory:\n";
return $new_attachment_dir;
}
+sub command33c {
+ print "The directory hash level setting allows you to configure the level\n";
+ print "of hashing that Squirremail employs in your data and attachment\n";
+ print "directories. This value must be an integer ranging from 0 to 4.\n";
+ print "When this value is set to 0, Squirrelmail will simply store all\n";
+ print "files as normal in the data and attachment directories. However,\n";
+ print "when set to a value from 1 to 4, a simple hashing scheme will be\n";
+ print "used to organize the files in this directory. In short, the crc32\n";
+ print "value for a username will be computed. Then, up to the first 4\n";
+ print "digits of the hash, as set by this configuration value, will be\n";
+ print "used to directory hash the files for that user in the data and\n";
+ print "attachment directory. This allows for better performance on\n";
+ print "servers with larger numbers of users.\n";
+ print "\n";
+
+ print "[$WHT$dir_hash_level$NRM]: $WHT";
+ $new_dir_hash_level = <STDIN>;
+ if ($new_dir_hash_level eq "\n") {
+ $new_dir_hash_level = $dir_hash_level;
+ } else {
+ $new_dir_hash_level =~ s/[\r|\n]//g;
+ }
+ if (($new_dir_hash_level < 0) || ($new_dir_hash_level > 4)) {
+ print "Invalid Directory Hash Level.\n";
+ print "Value must be an integer ranging from 0 to 4\n";
+ print "Hit enter to continue.\n";
+ $enter_key = <STDIN>;
+
+ $new_dir_hash_level = $dir_hash_level;
+ }
+
+ return $new_dir_hash_level;
+}
sub command35 {
print "This is the default size (in pixels) of the left folder list.\n";
print FILE "\t\$auto_create_special = $auto_create_special;\n";
print FILE "\n";
- print FILE "\tglobal \$default_charset, \$data_dir, \$attachment_dir;\n";
+ print FILE "\tglobal \$default_charset;\n";
+ print FILE "\tglobal \$data_dir, \$attachment_dir, \$dir_hash_level;\n";
print FILE "\tglobal \$default_left_size, \$force_username_lowercase;\n";
print FILE "\tglobal \$default_use_priority, \$hide_sm_attributions;\n";
print FILE "\t\$default_charset = \"$default_charset\";\n";
print FILE "\t\$data_dir = \"$data_dir\";\n";
print FILE "\t\$attachment_dir = \"$attachment_dir\";\n";
+ print FILE "\t\$dir_hash_level = $dir_hash_level;\n";
print FILE "\t\$default_left_size = $default_left_size;\n";
print FILE "\t\$force_username_lowercase = $force_username_lowercase;\n";
print FILE "\t\$default_use_priority = $default_use_priority;\n";
global $attachment_dir;
$attachment_dir = $data_dir;
+// Hash level used for data directory.
+ global $dir_hash_level;
+ $dir_hash_level = 0;
+
// This is the default size of the folder list. Default is 150,
// but you can set it to whatever you wish.
global $default_left_size;
}
} else {
// File
- $filename = sprintf('%s%s.abook', $data_dir, $username);
+ $filename = getHashedFile($username, $data_dir, "$username.abook");
$r = $abook->add_backend('local_file', Array('filename' => $filename,
'create' => true));
if(!$r && $showerr) {
return;
}
- $filename = $data_dir . $username . '.pref';
+ $filename = getHashedFile($username, $data_dir, "$username.pref");
if (!file_exists($filename)) {
printf (_("Preference file, %s, does not exist. Log out, and log back in to create a default preference file."), $filename);
function savePrefValues($data_dir, $username) {
global $prefs_cache;
- $file = fopen($data_dir . $username . '.pref', 'w');
+ $filename = getHashedFile($username, $data_dir, "$username.pref");
+
+ $file = fopen($filename, 'w');
foreach ($prefs_cache as $Key => $Value) {
if (isset($Value)) {
fwrite($file, $Key . '=' . $Value . "\n");
* Check for a preferences file. If one can not be found, create it.
*/
function checkForPrefs($data_dir, $username) {
- $filename = $data_dir . $username . '.pref';
+ $filename = getHashedFile($username, $data_dir, "$username.pref");
if (!file_exists($filename) ) {
if (!copy($data_dir . 'default_pref', $filename)) {
echo _("Error opening ") . $filename;
* Write the User Signature.
*/
function setSig($data_dir, $username, $value) {
- $file = fopen($data_dir . $username . '.sig', 'w');
+ $filename = getHashedFile($username, $data_dir, "$username.sig");
+ $file = fopen($filename, 'w');
fwrite($file, $value);
fclose($file);
}
* Get the signature.
*/
function getSig($data_dir, $username) {
- $filename = $data_dir . $username . '.sig';
+ #$filename = $data_dir . $username . '.sig';
+ $filename = getHashedFile($username, $data_dir, "$username.sig");
$sig = '';
if (file_exists($filename)) {
$file = fopen($filename, 'r');
return $sig;
}
+function getHashedFile($username, $dir, $datafile, $hash_search = true) {
+ global $dir_hash_level;
+
+ /* Compute the hash for this user and extract the hash directories. */
+ $hash_dirs = computeHashDirs($username);
+
+ /* First, get and make sure the full hash directory exists. */
+ $real_hash_dir = getHashedDir($username, $dir, $hash_dirs);
+
+ /* Set the value of our real data file. */
+ $result = "$real_hash_dir/$datafile";
+
+ /* Check for this file in the real hash directory. */
+ if ($hash_search && !file_exists($result)) {
+ /* First check the base directory, the most common location. */
+ if (file_exists("$dir/$datafile")) {
+ rename("$dir/$datafile", $result);
+
+ /* Then check the full range of possible hash directories. */
+ } else {
+ $check_hash_dir = $dir;
+ for ($h = 0; $h < 4; ++$h) {
+ $check_hash_dir .= '/' . $hash_dirs[$h];
+ if (is_readable("$check_hash_dir/$datafile")) {
+ rename("$check_hash_dir/$datafile", $result);
+ break;
+ }
+ }
+ }
+ }
+
+ /* Return the full hashed datafile path. */
+ return ($result);
+}
+
+function getHashedDir($username, $dir, $hash_dirs = '') {
+ global $dir_hash_level;
+
+ /* If necessary, populate the hash dir variable. */
+ if ($hash_dirs == '') {
+ $hash_dirs = computeHashDirs($username);
+ }
+
+ /* Make sure the full hash directory exists. */
+ $real_hash_dir = $dir;
+ for ($h = 0; $h < $dir_hash_level; ++$h) {
+ $real_hash_dir .= '/' . $hash_dirs[$h];
+ if (!is_dir($real_hash_dir)) {
+ mkdir($real_hash_dir, 0770);
+ }
+ }
+
+ /* And return that directory. */
+ return ($real_hash_dir);
+}
+
+function computeHashDirs($username) {
+ /* Compute the hash for this user and extract the hash directories. */
+ $hash = base_convert(crc32($username), 10, 16);
+ $hash_dirs = array();
+ for ($h = 0; $h < 4; ++ $h) {
+ $hash_dirs[] = substr($hash, $h, 1);
+ }
+
+ /* Return our array of hash directories. */
+ return ($hash_dirs);
+}
+
?>
require_once('../functions/addressbook.php');
require_once('../functions/plugin.php');
+require_once('../functions/prefs.php');
global $username, $popuser, $domain;
// Attach the files that are due to be attached
function attachFiles ($fp) {
- global $attachments, $attachment_dir;
+ global $attachments, $attachment_dir, $username;
$length = 0;
+ $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
if (isMultipart()) {
foreach ($attachments as $info)
{
// Use 'rb' for NT systems -- read binary
// Unix doesn't care -- everything's binary! :-)
- $file = fopen ($attachment_dir . $info['localfilename'], 'rb');
+
+ $filename = $hashed_attachment_dir . '/' . $info['localfilename'];
+ $file = fopen ($filename, 'rb');
if (substr($filetype, 0, 5) == 'text/' ||
$filetype == 'message/rfc822') {
$header .= "\r\n";
function deleteAttachments() {
global $attachments, $attachment_dir;
+ $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
if (isMultipart()) {
reset($attachments);
while (list($localname, $remotename) = each($attachments)) {
if (!ereg ("\\/", $localname)) {
- unlink ($attachment_dir.$localname);
- unlink ($attachment_dir.$localname.'.info');
+ $filename = $hashed_attachment_dir . '/' . $localname;
+ unlink ($filename);
+ unlink ("$filename.info");
}
}
}
$lang_words = sqspell_getLang($words, $sqspell_use_app);
$msg = '<p>'.
sprintf( _("Deleting the following entries from <strong>%s</strong> dictionary:", $sqspell_use_app ) .
- '</p>'.
+ '</p>' .
"<ul>\n";
for ($i=0; $i<sizeof($words_ary); $i++){
// remove word by word...
sqspell_makePage(_("Personal Dictionary"), null, '<p>' . _("No changes requested.") . '</p>');
}
-?>
\ No newline at end of file
+?>
<?php
/**
- ** sqspell_config.php -- SquirrelSpell Configuration file.
- **
- ** Copyright (c) 1999-2001 The SquirrelMail development team
- ** Licensed under the GNU GPL. For full terms see the file COPYING.
- **
- **
- **
- ** $Id$
- **/
+ * sqspell_config.php -- SquirrelSpell Configuration file.
+ *
+ * Copyright (c) 1999-2001 The SquirrelMail Development Team
+ * Licensed under the GNU GPL. For full terms see the file COPYING.
+ *
+ *
+ *
+ * $Id$
+ */
+
+ require_once('../functions/prefs.php');
/* Just for poor wretched souls with E_ALL. :) */
global $username, $data_dir;
-
$SQSPELL_APP = array( 'English' => 'ispell -a',
'Spanish' => 'ispell -d spanish -a' );
$SQSPELL_APP_DEFAULT = 'English';
- $SQSPELL_WORDS_FILE = "$data_dir/$username.words";
+ $SQSPELL_WORDS_FILE =
+ getHashedFile($username, $data_dir, "$username.words");
$SQSPELL_EREG = 'ereg';
$SQSPELL_SOUP_NAZI = 'Mozilla/3, Mozilla/2, Opera 4, Opera/4, Macintosh';
-?>
\ No newline at end of file
+?>
function getAttachments($message) {
global $mailbox, $attachments, $attachment_dir, $imapConnection,
- $ent_num, $forward_id, $draft_id;
+ $ent_num, $forward_id, $draft_id, $username;
if (isset($draft_id))
$id = $draft_id;
$mailbox);
}
+ $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
if (count($message->entities) == 0) {
if ($message->header->entity_id != $ent_num) {
$filename = decodeHeader($message->header->filename);
$filename = "untitled-".$message->header->entity_id;
$localfilename = GenerateRandomString(32, '', 7);
- while (file_exists($attachment_dir . $localfilename))
+ $full_localfilename = "$hashed_attachment_dir/$localfilename";
+ while (file_exists($full_localfilename)) {
$localfilename = GenerateRandomString(32, '', 7);
+ $full_localfilename = "$hashed_attachment_dir/$localfilename";
+ }
$newAttachment = array();
$newAttachment['localfilename'] = $localfilename;
'/' . $message->header->type1);
// Write Attachment to file
- $fp = fopen ($attachment_dir.$localfilename, 'w');
+ $fp = fopen ("$hashed_attachment_dir/$localfilename", 'w');
fputs ($fp, decodeBody(mime_fetch_body($imapConnection,
$id, $message->header->entity_id),
$message->header->encoding));
echo " value=\"" . _("Add") ."\">\n";
echo " </td>\n";
echo " </tr>\n";
- if (count($attachments))
- {
+ if (count($attachments)) {
+ $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
echo "<tr><td bgcolor=\"$color[0]\" align=right>\n";
echo " ";
echo "</td><td align=left bgcolor=\"$color[0]\">";
foreach ($attachments as $key => $info) {
+ $attached_file = "$hashed_attachment_dir/$info[localfilename]";
echo "<input type=\"checkbox\" name=\"delete[]\" value=\"$key\">\n";
echo $info['remotefilename'] . " - " . $info['type'] . " (";
- echo show_readable_size(filesize($attachment_dir .
- $info['localfilename'])) . ")<br>\n";
+ echo show_readable_size(filesize($attached_file)) . ")<br>\n";
}
echo "<input type=\"submit\" name=\"do_delete\" value=\""._("Delete selected attachments")."\">\n";
// True if FAILURE
function saveAttachedFiles() {
- global $HTTP_POST_FILES, $attachment_dir, $attachments;
+ global $HTTP_POST_FILES, $attachment_dir, $attachments, $username;
+ $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
$localfilename = GenerateRandomString(32, '', 7);
- while (file_exists($attachment_dir . $localfilename))
+ $full_localfilename = "$hashed_attachment_dir/$localfilename";
+ while (file_exists($full_localfilename)) {
$localfilename = GenerateRandomString(32, '', 7);
+ $full_localfilename = "$hashed_attachment_dir/$localfilename";
+ }
- if (!@rename($HTTP_POST_FILES['attachfile']['tmp_name'], $attachment_dir.$localfilename)) {
- if (!@copy($HTTP_POST_FILES['attachfile']['tmp_name'], $attachment_dir.$localfilename)) {
+ if (!@rename($HTTP_POST_FILES['attachfile']['tmp_name'], $full_localfilename)) {
+ if (!@copy($HTTP_POST_FILES['attachfile']['tmp_name'], $full_localfilename)) {
return true;
}
}
} else if (isset($do_delete)) {
displayPageHeader($color, $mailbox);
- if (isset($delete) && is_array($delete))
- {
- foreach($delete as $index)
- {
- unlink ($attachment_dir.$attachments[$index]['localfilename']);
+ $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
+ if (isset($delete) && is_array($delete)) {
+ foreach($delete as $index) {
+ $attached_file = $hashed_attachment_dir . '/'
+ . $attachments[$index]['localfilename'];
+ unlink ($attached_file);
unset ($attachments[$index]);
}
}
}
function ClearAttachments() {
- global $attachments, $attachment_dir;
+ global $username, $attachments, $attachment_dir;
+ $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
foreach ($attachments as $info) {
- if (file_exists($attachment_dir . $info['localfilename'])) {
- unlink($attachment_dir . $info['localfilename']);
+ $attached_file = "$hashed_attachment_dir/$info[localfilename]";
+ if (file_exists($attached_file)) {
+ unlink($attached_file);
}
}
function saveMessageAsDraft($t, $c, $b, $subject, $body, $reply_id) {
- global $useSendmail, $msg_id, $is_reply, $mailbox, $onetimepad;
- global $data_dir, $username, $domain, $key, $version, $sent_folder, $imapServerAddress, $imapPort;
- global $draft_folder, $attachment_dir;
+ global $useSendmail, $msg_id, $is_reply, $mailbox, $onetimepad,
+ $data_dir, $username, $domain, $key, $version, $sent_folder,
+ $imapServerAddress, $imapPort, $draft_folder, $attachment_dir;
$more_headers = Array();
$imap_stream = sqimap_login($username, $key, $imapServerAddress, $imapPort, 1);
+ $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
+
$tmpDraftFile = "draft-" . GenerateRandomString(32, '', 7);
- while ( file_exists($attachment_dir .$tmpDraftFile)){
+ $full_tmpDraftFile = "$hashed_attachment_dir/$tmpDraftFile";
+ while (file_exists($full_tmpDraftFile)){
$tmpDraftFile = "draft-" . GenerateRandomString(32, '', 7);
+ $full_tmpDraftFile = "$hashed_attachment_dir/$tmpDraftFile";
}
- $fp = fopen($attachment_dir . $tmpDraftFile, 'w');
+ $fp = fopen($full_tmpDraftFile, 'w');
- $headerlength = write822HeaderForDraft ($fp, $t, $c, $b, $subject, $more_headers, FALSE);
+ $headerlength = write822HeaderForDraft
+ ($fp, $t, $c, $b, $subject, $more_headers, FALSE);
$bodylength = writeBodyForDraft ($fp, $body, FALSE);
fclose($fp);
if (sqimap_mailbox_exists ($imap_stream, $draft_folder)) {
sqimap_append ($imap_stream, $draft_folder, $length);
- write822HeaderForDraft ($imap_stream, $t, $c, $b, $subject, $more_headers, TRUE);
+ write822HeaderForDraft
+ ($imap_stream, $t, $c, $b, $subject, $more_headers, TRUE);
writeBodyForDraft ($imap_stream, $body, TRUE);
sqimap_append_done ($imap_stream);
}
if ($length){
ClearAttachments();
}
- if (file_exists($attachment_dir . $tmpDraftFile)){
- unlink ($attachment_dir . $tmpDraftFile);
+ if (file_exists($full_tmpDraftFile)){
+ unlink ($full_tmpDraftFile);
}
return $length;
}
function ClearAttachments() {
- global $attachments, $attachment_dir;
+ global $attachments, $attachment_dir, $username;
+ $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
foreach ($attachments as $info) {
- if (file_exists($attachment_dir . $info['localfilename'])) {
- unlink($attachment_dir . $info['localfilename']);
+ $attached_file = "$hashed_attachment_dir/$info[localfilename]";
+ if (file_exists($attached_file)) {
+ unlink($attached_file);
}
}
$thebastard = implode('', $data);
-
+ $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
$localfilename = GenerateRandomString(32, '', 7);
- while (file_exists($attachment_dir . $localfilename))
+ $full_localfilename = "$hashed_attachment_dir/$localfilename";
+ while (file_exists($full_localfilename)) {
$localfilename = GenerateRandomString(32, '', 7);
+ $full_localfilename = "$hashed_attachment_dir/$localfilename";
+ }
+
// Write Attachment to file
- $fp = fopen ($attachment_dir.$localfilename, 'w');
+ $fp = fopen ($full_localfilename, 'w');
fputs ($fp, $thebastard);
fclose ($fp);
* $key pass *
***********************************************************/
+$bob = getHashedFile($username, $data_dir, "username.pref");
+
/* Open a connection on the imap port (143) */
$imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
if (! isset($attachments)) {
$attachments = array();
}
+ $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
foreach ($attachments as $info) {
- if (file_exists($attachment_dir . $info['localfilename'])) {
- unlink($attachment_dir . $info['localfilename']);
+ $attached_file = "$hashed_attachment_dir/$info[localfilename]";
+ if (file_exists($attached_file)) {
+ unlink($attached_file);
}
}