59177427 |
1 | <?php |
2ba13803 |
2 | |
35586184 |
3 | /** |
4 | * prefs.php |
5 | * |
202bcbcc |
6 | * This contains functions for filebased user prefs locations |
35586184 |
7 | * |
353d074a |
8 | * @copyright 1999-2018 The SquirrelMail Project Team |
4b4abf93 |
9 | * @license http://opensource.org/licenses/gpl-license.php GNU Public License |
31841a9e |
10 | * @version $Id$ |
d6c32258 |
11 | * @package squirrelmail |
ace4c62c |
12 | * @subpackage prefs |
35586184 |
13 | */ |
14 | |
ace4c62c |
15 | |
7b294953 |
16 | |
3499f99f |
17 | /* Hashing functions */ |
fb120846 |
18 | |
8b096f0a |
19 | /** |
20 | * Given a username and datafilename, this will return the path to the |
21 | * hashed location of that datafile. |
22 | * |
23 | * @param string username the username of the current user |
598294a7 |
24 | * @param string dir the SquirrelMail datadir |
8b096f0a |
25 | * @param string datafile the name of the file to open |
26 | * @param bool hash_seach default true |
27 | * @return string the hashed location of datafile |
ace4c62c |
28 | * @since 1.2.0 |
8b096f0a |
29 | */ |
3392dc86 |
30 | function getHashedFile($username, $dir, $datafile, $hash_search = true) { |
3392dc86 |
31 | |
311339a0 |
32 | /* Remove trailing slash from $dir if found */ |
33 | if (substr($dir, -1) == '/') { |
34 | $dir = substr($dir, 0, strlen($dir) - 1); |
35 | } |
62f7daa5 |
36 | |
3392dc86 |
37 | /* Compute the hash for this user and extract the hash directories. */ |
38 | $hash_dirs = computeHashDirs($username); |
39 | |
40 | /* First, get and make sure the full hash directory exists. */ |
41 | $real_hash_dir = getHashedDir($username, $dir, $hash_dirs); |
42 | |
12719a10 |
43 | /* Set the value of our real data file, after we've removed unwanted characters. */ |
44 | $datafile = str_replace('/', '_', $datafile); |
4fc152a6 |
45 | $result = "$real_hash_dir/$datafile"; |
3392dc86 |
46 | |
47 | /* Check for this file in the real hash directory. */ |
3a94810f |
48 | if ($hash_search && !@file_exists($result)) { |
3392dc86 |
49 | /* First check the base directory, the most common location. */ |
3a94810f |
50 | if (@file_exists("$dir/$datafile")) { |
3392dc86 |
51 | rename("$dir/$datafile", $result); |
52 | |
53 | /* Then check the full range of possible hash directories. */ |
54 | } else { |
55 | $check_hash_dir = $dir; |
56 | for ($h = 0; $h < 4; ++$h) { |
57 | $check_hash_dir .= '/' . $hash_dirs[$h]; |
311339a0 |
58 | if (@is_readable("$check_hash_dir/$datafile")) { |
3392dc86 |
59 | rename("$check_hash_dir/$datafile", $result); |
60 | break; |
61 | } |
62 | } |
63 | } |
64 | } |
62f7daa5 |
65 | |
3392dc86 |
66 | /* Return the full hashed datafile path. */ |
67 | return ($result); |
68 | } |
69 | |
8b096f0a |
70 | /** |
71 | * Helper function for getHashedFile, given a username returns the hashed |
72 | * dir for that username. |
73 | * |
74 | * @param string username the username of the current user |
598294a7 |
75 | * @param string dir the SquirrelMail datadir |
8b096f0a |
76 | * @param string hash_dirs default '' |
77 | * @return the path to the hash dir for username |
ace4c62c |
78 | * @since 1.2.0 |
8b096f0a |
79 | */ |
3392dc86 |
80 | function getHashedDir($username, $dir, $hash_dirs = '') { |
81 | global $dir_hash_level; |
82 | |
3a94810f |
83 | /* Remove trailing slash from $dir if found */ |
84 | if (substr($dir, -1) == '/') { |
85 | $dir = substr($dir, 0, strlen($dir) - 1); |
86 | } |
62f7daa5 |
87 | |
3392dc86 |
88 | /* If necessary, populate the hash dir variable. */ |
89 | if ($hash_dirs == '') { |
90 | $hash_dirs = computeHashDirs($username); |
91 | } |
92 | |
93 | /* Make sure the full hash directory exists. */ |
94 | $real_hash_dir = $dir; |
95 | for ($h = 0; $h < $dir_hash_level; ++$h) { |
96 | $real_hash_dir .= '/' . $hash_dirs[$h]; |
3a94810f |
97 | if (!@is_dir($real_hash_dir)) { |
f8cde393 |
98 | //FIXME: When safe_mode is turned on, the error suppression below makes debugging safe_mode UID/GID restrictions tricky... for now, I will add a check in configtest |
3a94810f |
99 | if (!@mkdir($real_hash_dir, 0770)) { |
ae13f72f |
100 | error_box ( sprintf(_("Error creating directory %s."), $real_hash_dir) . "\n" . |
101 | _("Could not create hashed directory structure!") . "\n" . |
102 | _("Please contact your system administrator and report this error.") ); |
3a94810f |
103 | exit; |
104 | } |
3392dc86 |
105 | } |
106 | } |
107 | |
108 | /* And return that directory. */ |
109 | return ($real_hash_dir); |
110 | } |
111 | |
8b096f0a |
112 | /** |
113 | * Helper function for getHashDir which does the actual hash calculation. |
114 | * |
36c59d84 |
115 | * Uses a crc32 algorithm by default, but if you put |
116 | * the following in config/config_local.php, you can |
117 | * force md5 instead: |
118 | * $hash_dirs_use_md5 = TRUE; |
119 | * |
120 | * You may also specify that if usernames are in full |
121 | * email address format, the domain part (beginning |
122 | * with "@") be stripped before calculating the crc |
123 | * or md5. Do that by putting the following in |
124 | * config/config_local.php: |
125 | * $hash_dirs_strip_domain = TRUE; |
126 | * |
8b096f0a |
127 | * @param string username the username to calculate the hash dir for |
36c59d84 |
128 | * |
8b096f0a |
129 | * @return array a list of hash dirs for this username |
36c59d84 |
130 | * |
ace4c62c |
131 | * @since 1.2.0 |
36c59d84 |
132 | * |
8b096f0a |
133 | */ |
3392dc86 |
134 | function computeHashDirs($username) { |
36c59d84 |
135 | |
136 | global $hash_dirs_use_md5, $hash_dirs_strip_domain; |
137 | static $hash_dirs = array(); |
138 | |
139 | |
140 | // strip domain from username |
141 | if ($hash_dirs_strip_domain) |
142 | $user = substr($username, 0, strpos($username, '@')); |
143 | else |
144 | $user = $username; |
145 | |
146 | |
147 | // have we already calculated it? |
148 | if (!empty($hash_dirs[$user])) |
149 | return $hash_dirs[$user]; |
150 | |
151 | |
152 | if ($hash_dirs_use_md5) { |
153 | |
154 | $hash = md5($user); |
155 | //$hash = md5bin($user); |
156 | |
157 | } else { |
158 | |
159 | /* Compute the hash for this user and extract the hash directories. */ |
160 | /* Note that the crc32() function result will be different on 32 and */ |
161 | /* 64 bit systems, thus the hack below. */ |
162 | $crc = crc32($user); |
163 | if ($crc & 0x80000000) { |
164 | $crc ^= 0xffffffff; |
165 | $crc += 1; |
166 | } |
167 | $hash = base_convert($crc, 10, 16); |
4fc07fb0 |
168 | } |
36c59d84 |
169 | |
170 | |
171 | $my_hash_dirs = array(); |
3392dc86 |
172 | for ($h = 0; $h < 4; ++ $h) { |
36c59d84 |
173 | $my_hash_dirs[] = substr($hash, $h, 1); |
3392dc86 |
174 | } |
175 | |
36c59d84 |
176 | // Return our array of hash directories |
177 | $hash_dirs[$user] = $my_hash_dirs; |
178 | return ($my_hash_dirs); |
3392dc86 |
179 | } |
36c59d84 |
180 | |