RPC requests should use their own template sets with different content-type.
[squirrelmail.git] / include / init.php
CommitLineData
202bcbcc 1<?php
2
3/**
4 * init.php -- initialisation file
5 *
6 * File should be loaded in every file in src/ or plugins that occupate an entire frame
7 *
8 * @copyright &copy; 2006 The SquirrelMail Project Team
9 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
10 * @version $Id$
11 * @package squirrelmail
12 */
13
202bcbcc 14/**
15 * This is a development version so in order to track programmer mistakes we
16 * set the error reporting to E_ALL
1888b1bf 17FIXME: disabling this for now, because we now have $sm_debug_mode, but the problem with that is that we don't know what it will be until we have loaded the config file, a good 175 lines below after several important files have been included, etc. For now, we'll trust that developers have turned on E_ALL in php.ini anyway, but this can be uncommented if not.
202bcbcc 18 */
1888b1bf 19//error_reporting(E_ALL);
20
202bcbcc 21
22
23/**
c7ebdfcf 24 * Make sure we have a page name
25 *
26 */
27if ( !defined('PAGE_NAME') ) define('PAGE_NAME', NULL);
28
29
30/**
6a2a6e44 31 * If register_globals are on, unregister globals.
a3b99374 32 * Second test covers boolean set as string (php_value register_globals off).
6a2a6e44 33 */
55dd9abf 34if ((bool) ini_get('register_globals') &&
a3b99374 35 strtolower(ini_get('register_globals'))!='off') {
6a2a6e44 36 /**
55dd9abf 37 * Remove all globals that are not reserved by PHP
38 * 'value' and 'key' are used by foreach. Don't unset them inside foreach.
6a2a6e44 39 */
55dd9abf 40 foreach ($GLOBALS as $key => $value) {
41 switch($key) {
42 case 'HTTP_POST_VARS':
43 case '_POST':
44 case 'HTTP_GET_VARS':
45 case '_GET':
46 case 'HTTP_COOKIE_VARS':
47 case '_COOKIE':
48 case 'HTTP_SERVER_VARS':
49 case '_SERVER':
50 case 'HTTP_ENV_VARS':
51 case '_ENV':
52 case 'HTTP_POST_FILES':
53 case '_FILES':
54 case '_REQUEST':
55 case 'HTTP_SESSION_VARS':
56 case '_SESSION':
57 case 'GLOBALS':
58 case 'key':
59 case 'value':
60 break;
55dd9abf 61 default:
62 unset($GLOBALS[$key]);
63 }
6a2a6e44 64 }
55dd9abf 65 // Unset variables used in foreach
66 unset($GLOBALS['key']);
67 unset($GLOBALS['value']);
6a2a6e44 68}
69
71efd1ed 70/**
d849b570 71 * Used as a dummy value, e.g., for passing as an empty
e39d00e9 72 * hook argument (where the value is passed by reference,
73 * and therefore NULL itself is not acceptable).
d849b570 74 */
086ad092 75global $null;
d849b570 76$null = NULL;
77
78/**
71efd1ed 79 * [#1518885] session.use_cookies = off breaks SquirrelMail
80 *
086ad092 81 * When session cookies are not used, all http redirects, meta refreshes,
82 * src/download.php and javascript URLs are broken. Setting must be set
71efd1ed 83 * before session is started.
84 */
85if (!(bool)ini_get('session.use_cookies') ||
86 ini_get('session.use_cookies') == 'off') {
87 ini_set('session.use_cookies','1');
88}
6a2a6e44 89
79dd8c72 90/**
91 * Initialize seed of random number generator.
92 * We use a number of things to randomize input: current time in ms,
93 * info about the remote client, info about the current process, the
94 * randomness of uniqid and stat of the current file.
95 *
96 * We seed this here only once per init, not only to save cycles
97 * but also to make the result of mt_rand more random (it now also
98 * depends on the number of times mt_rand was called before in this
99 * execution.
100 */
101$seed = microtime() . $_SERVER['REMOTE_PORT'] . $_SERVER['REMOTE_ADDR'] . getmypid();
102
103if (function_exists('getrusage')) {
104 /* Avoid warnings with Win32 */
105 $dat = @getrusage();
106 if (isset($dat) && is_array($dat)) { $seed .= implode('', $dat); }
107}
108
109if(!empty($_SERVER['UNIQUE_ID'])) {
110 $seed .= $_SERVER['UNIQUE_ID'];
111}
112
113$seed .= uniqid(mt_rand(),TRUE);
114$seed .= implode( '', stat( __FILE__) );
115
116/** PHP 4.2 and up don't require seeding, but their used seed algorithm
117 * is of questionable quality, so we keep doing it ourselves. */
118mt_srand(hexdec(md5($seed)));
3f081dd0 119
6a2a6e44 120/**
202bcbcc 121 * calculate SM_PATH and calculate the base_uri
122 * assumptions made: init.php is only called from plugins or from the src dir.
123 * files in the plugin directory may not be part of a subdirectory called "src"
124 *
125 */
126if (isset($_SERVER['SCRIPT_NAME'])) {
3f081dd0 127 $a = explode('/', $_SERVER['SCRIPT_NAME']);
202bcbcc 128} elseif (isset($HTTP_SERVER_VARS['SCRIPT_NAME'])) {
3f081dd0 129 $a = explode('/', $HTTP_SERVER_VARS['SCRIPT_NAME']);
b0829edf 130} else {
3f081dd0 131 $error = 'Unable to detect script environment. Please test your PHP '
132 . 'settings and send your PHP core configuration, $_SERVER and '
133 . '$HTTP_SERVER_VARS contents to the SquirrelMail developers.';
b0829edf 134 die($error);
202bcbcc 135}
136$sSM_PATH = '';
3f081dd0 137for($i = count($a) -2; $i > -1; --$i) {
202bcbcc 138 $sSM_PATH .= '../';
139 if ($a[$i] === 'src' || $a[$i] === 'plugins') {
140 break;
141 }
142}
143
3f081dd0 144$base_uri = implode('/', array_slice($a, 0, $i)). '/';
202bcbcc 145
202bcbcc 146define('SM_PATH',$sSM_PATH);
6a2a6e44 147define('SM_BASE_URI', $base_uri);
3f081dd0 148
149
202bcbcc 150/**
151 * global var $bInit is used to check if initialisation took place.
152 * At this moment it's a workarounf for the include of addrbook_search_html
153 * inside compose.php. If we found a better way then remove this. Do only use
154 * this var if you know for sure a page can be called stand alone and be included
155 * in another file.
156 */
157$bInit = true;
158
8e1e2794 159/**
160 * This theme as a failsafe if no themes were found, or if we error
161 * out before anything could be initialised.
162 */
163$color = array();
164$color[0] = '#DCDCDC'; /* light gray TitleBar */
165$color[1] = '#800000'; /* red */
166$color[2] = '#CC0000'; /* light red Warning/Error Messages */
167$color[3] = '#A0B8C8'; /* green-blue Left Bar Background */
168$color[4] = '#FFFFFF'; /* white Normal Background */
169$color[5] = '#FFFFCC'; /* light yellow Table Headers */
170$color[6] = '#000000'; /* black Text on left bar */
171$color[7] = '#0000CC'; /* blue Links */
172$color[8] = '#000000'; /* black Normal text */
173$color[9] = '#ABABAB'; /* mid-gray Darker version of #0 */
174$color[10] = '#666666'; /* dark gray Darker version of #9 */
175$color[11] = '#770000'; /* dark red Special Folders color */
176$color[12] = '#EDEDED';
177$color[13] = '#800000'; /* (dark red) Color for quoted text -- > 1 quote */
178$color[14] = '#ff0000'; /* (red) Color for quoted text -- >> 2 or more */
179$color[15] = '#002266'; /* (dark blue) Unselectable folders */
180$color[16] = '#ff9933'; /* (orange) Highlight color */
181
1888b1bf 182require(SM_PATH . 'include/constants.php');
202bcbcc 183require(SM_PATH . 'functions/global.php');
4ffcf13a 184require(SM_PATH . 'functions/strings.php');
918fcc1d 185require(SM_PATH . 'functions/arrays.php');
5e68a08e 186
187/* load default configuration */
188require(SM_PATH . 'config/config_default.php');
189/* reset arrays in default configuration */
190$ldap_server = array();
191$plugins = array();
192$fontsets = array();
5e68a08e 193$aTemplateSet = array();
28294310 194$aTemplateSet[0]['ID'] = 'default';
195$aTemplateSet[0]['NAME'] = 'Default';
01fd1d1a 196
5e68a08e 197/* load site configuration */
202bcbcc 198require(SM_PATH . 'config/config.php');
5e68a08e 199/* load local configuration overrides */
200if (file_exists(SM_PATH . 'config/config_local.php')) {
201 require(SM_PATH . 'config/config_local.php');
202}
203
1888b1bf 204
205/**
206 * Set PHP error reporting level based on the SquirrelMail debug mode
207 */
208$error_level = 0;
209if ($sm_debug_mode & SM_DEBUG_MODE_SIMPLE)
210 $error_level |= E_ERROR;
211if ($sm_debug_mode & SM_DEBUG_MODE_MODERATE
212 || $sm_debug_mode & SM_DEBUG_MODE_ADVANCED)
213 $error_level |= E_ALL;
214if ($sm_debug_mode & SM_DEBUG_MODE_STRICT)
215 $error_level |= E_STRICT;
216error_reporting($error_level);
217
218
202bcbcc 219require(SM_PATH . 'functions/plugin.php');
202bcbcc 220require(SM_PATH . 'include/languages.php');
42b5e8aa 221require(SM_PATH . 'class/template/Template.class.php');
5ab684a5 222require(SM_PATH . 'class/error.class.php');
202bcbcc 223
224/**
225 * If magic_quotes_runtime is on, SquirrelMail breaks in new and creative ways.
226 * Force magic_quotes_runtime off.
227 * tassium@squirrelmail.org - I put it here in the hopes that all SM code includes this.
228 * If there's a better place, please let me know.
229 */
230ini_set('magic_quotes_runtime','0');
231
232
233/* if running with magic_quotes_gpc then strip the slashes
234 from POST and GET global arrays */
430a19f3 235if (function_exists('get_magic_quotes_gpc') && @get_magic_quotes_gpc()) {
202bcbcc 236 sqstripslashes($_GET);
237 sqstripslashes($_POST);
238}
239
202bcbcc 240
241/* strip any tags added to the url from PHP_SELF.
242This fixes hand crafted url XXS expoits for any
243 page that uses PHP_SELF as the FORM action */
244$_SERVER['PHP_SELF'] = strip_tags($_SERVER['PHP_SELF']);
245
246$PHP_SELF = php_self();
247
248/**
249 * Initialize the session
250 */
251
e8c4e350 252/** set the name of the session cookie */
253if (!isset($session_name) || !$session_name) {
254 $session_name = 'SQMSESSID';
255}
256
257/**
319ad3c0 258 * When session.auto_start is On we want to destroy/close the session
1d537493 259 */
260$sSessionAutostartName = session_name();
bf6140e3 261$sCookiePath = null;
319ad3c0 262if (isset($sSessionAutostartName) && $sSessionAutostartName !== $session_name) {
1d537493 263 $sCookiePath = ini_get('session.cookie_path');
264 $sCookieDomain = ini_get('session.cookie_domain');
e8c4e350 265 // reset the cookie
1d537493 266 setcookie($sSessionAutostartName,'',time() - 604800,$sCookiePath,$sCookieDomain);
e8c4e350 267 @session_destroy();
268 session_write_close();
1d537493 269}
e8c4e350 270
202bcbcc 271/**
272 * includes from classes stored in the session
273 */
274require(SM_PATH . 'class/mime.class.php');
275
202bcbcc 276ini_set('session.name' , $session_name);
277session_set_cookie_params (0, $base_uri);
278sqsession_is_active();
279
202bcbcc 280/**
319ad3c0 281 * When on login page, have to reset the user session, making
282 * sure to save session restore data first
283 */
284if (PAGE_NAME == 'login') {
285 if (!sqGetGlobalVar('session_expired_post', $sep, SQ_SESSION))
286 $sep = '';
287 if (!sqGetGlobalVar('session_expired_location', $sel, SQ_SESSION))
288 $sel = '';
289 sqsession_destroy();
290 session_write_close();
291
292 /**
293 * in some rare instances, the session seems to stick
294 * around even after destroying it (!!), so if it does,
295 * we'll manually flatten the $_SESSION data
296 */
297 if (!empty($_SESSION))
298 $_SESSION = array();
299
bc3acc5a 300 /**
301 * Allow administrators to define custom session handlers
302 * for SquirrelMail without needing to change anything in
303 * php.ini (application-level).
304 *
305 * In config_local.php, admin needs to put:
306 *
307 * $custom_session_handlers = array(
308 * 'my_open_handler',
309 * 'my_close_handler',
310 * 'my_read_handler',
311 * 'my_write_handler',
312 * 'my_destroy_handler',
313 * 'my_gc_handler',
314 * );
315 * session_module_name('user');
316 * session_set_save_handler(
317 * $custom_session_handlers[0],
318 * $custom_session_handlers[1],
319 * $custom_session_handlers[2],
320 * $custom_session_handlers[3],
321 * $custom_session_handlers[4],
322 * $custom_session_handlers[5]
323 * );
324 *
325 * We need to replicate that code once here because PHP has
326 * long had a bug that resets the session handler mechanism
327 * when the session data is also destroyed. Because of this
328 * bug, even administrators who define custom session handlers
329 * via a PHP pre-load defined in php.ini (auto_prepend_file)
330 * will still need to define the $custom_session_handlers array
331 * in config_local.php.
332 */
333 global $custom_session_handlers;
334 if (!empty($custom_session_handlers)) {
335 $open = $custom_session_handlers[0];
336 $close = $custom_session_handlers[1];
337 $read = $custom_session_handlers[2];
338 $write = $custom_session_handlers[3];
339 $destroy = $custom_session_handlers[4];
340 $gc = $custom_session_handlers[5];
341 session_module_name('user');
342 session_set_save_handler($open, $close, $read, $write, $destroy, $gc);
343 }
344
319ad3c0 345 sqsession_is_active();
346 session_regenerate_id();
ef33def6 347
348 // put session restore data back into session if necessary
349 if (!empty($sel)) {
350 sqsession_register($sel, 'session_expired_location');
351 if (!empty($sep))
352 sqsession_register($sep, 'session_expired_post');
353 }
319ad3c0 354}
355
356/**
5aed95be 357 * SquirrelMail internal version number -- DO NOT CHANGE
358 * $sm_internal_version = array (release, major, minor)
359 */
a895042a 360$SQM_INTERNAL_VERSION = explode('.', SM_VERSION, 3);
b37e457f 361$SQM_INTERNAL_VERSION[2] = intval($SQM_INTERNAL_VERSION[2]);
5aed95be 362
93d67e0d 363
6d5775db 364/* load prefs system; even when user not logged in, should be OK to do this here */
365require(SM_PATH . 'functions/prefs.php');
366
6d5775db 367
086ad092 368/* if plugins are disabled only for one user and
93d67e0d 369 * the current user is NOT that user, turn them
370 * back on
371 */
0d56053e 372sqgetGlobalVar('username', $username, SQ_SESSION);
93d67e0d 373if ($disable_plugins && !empty($disable_plugins_user)
374 && $username != $disable_plugins_user) {
375 $disable_plugins = false;
376}
377
4a9f6063 378
93d67e0d 379/* remove all plugins if they are disabled */
380if ($disable_plugins) {
381 $plugins = array();
382}
383
384
5aed95be 385/**
386 * Include Compatibility plugin if available.
387 */
93d67e0d 388if (!$disable_plugins && file_exists(SM_PATH . 'plugins/compatibility/functions.php'))
5aed95be 389 include_once(SM_PATH . 'plugins/compatibility/functions.php');
390
4a9f6063 391
5aed95be 392/**
393 * MAIN PLUGIN LOADING CODE HERE
086ad092 394 * On init, we no longer need to load all plugin setup files.
5aed95be 395 * Now, we load the statically generated hook registrations here
396 * and let the hook calls include only the plugins needed.
397 */
398$squirrelmail_plugin_hooks = array();
93d67e0d 399if (!$disable_plugins && file_exists(SM_PATH . 'config/plugin_hooks.php')) {
4a9f6063 400//FIXME: if we keep the plugin hooks array static like this, it seems like we should also keep the template files list in a static file too (when a new user session is started or the template set is changed, the code will dynamically iterate through the directory heirarchy of the template directory and catalog all the template files therein (and store the "catalog" in PHP session) -- instead, we could do that once at config-time and keep that static so SM can just include the file just like the line below)
5aed95be 401 require(SM_PATH . 'config/plugin_hooks.php');
402}
403
4a9f6063 404
5aed95be 405/**
4a9f6063 406 * Plugin authors note that the "config_override" hook used to be
407 * executed here, but please adapt your plugin to use this "prefs_backend"
408 * hook instead, making sure that it does NOT return anything, since
409 * doing so will interfere with proper prefs system functionality.
410 * Of course, otherwise, this hook may be used to do any configuration
411 * overrides as needed, as well as set up a custom preferences backend.
5aed95be 412 */
4a9f6063 413$prefs_backend = do_hook('prefs_backend', $null);
414if (isset($prefs_backend) && !empty($prefs_backend) && file_exists(SM_PATH . $prefs_backend)) {
415 require(SM_PATH . $prefs_backend);
416} elseif (isset($prefs_dsn) && !empty($prefs_dsn)) {
417 require(SM_PATH . 'functions/db_prefs.php');
418} else {
419 require(SM_PATH . 'functions/file_prefs.php');
420}
421
422
5aed95be 423
424/**
3464e1f4 425 * DISABLED.
202bcbcc 426 * Remove globalized session data in rg=on setups
086ad092 427 *
3464e1f4 428 * Code can be utilized when session is started, but data is not loaded.
086ad092 429 * We have already loaded configuration and other important vars. Can't
aae60854 430 * clean session globals here, beside, the cleanout of globals at the
431 * top of this file will have removed anything this code would find anyway.
3464e1f4 432if ((bool) @ini_get('register_globals') &&
433 strtolower(ini_get('register_globals'))!='off') {
202bcbcc 434 foreach ($_SESSION as $key => $value) {
435 unset($GLOBALS[$key]);
436 }
437}
3464e1f4 438*/
6a2a6e44 439
826ddd72 440sqsession_register(SM_BASE_URI,'base_uri');
6a2a6e44 441
202bcbcc 442/**
443 * Retrieve the language cookie
444 */
445if (! sqgetGlobalVar('squirrelmail_language',$squirrelmail_language,SQ_COOKIE)) {
446 $squirrelmail_language = '';
447}
448
bf3abdc3 449
202bcbcc 450/**
f0d28f44 451 * Do something special for some pages. This is based on the PAGE_NAME constant
9e06a3ea 452 * set at the top of every page.
202bcbcc 453 */
0d56053e 454$set_up_langage_after_template_setup = FALSE;
9e06a3ea 455switch (PAGE_NAME) {
086ad092 456 case 'style':
c4e5f61f 457
2b26084f 458 // need to get the right template set up
28294310 459 //
460 sqGetGlobalVar('templateid', $templateid, SQ_GET);
c4e5f61f 461
2b26084f 462 // sanitize just in case...
28294310 463 //
464 $templateid = preg_replace('/(\.\.\/){1,}/', '', $templateid);
465
466 // make sure given template actually is available
467 //
28294310 468 $found_templateset = false;
469 for ($i = 0; $i < count($aTemplateSet); ++$i) {
470 if ($aTemplateSet[$i]['ID'] == $templateid) {
471 $found_templateset = true;
472 break;
473 }
474 }
c4e5f61f 475
be155e14 476// FIXME: do we need/want to check here for actual (physical) presence of template sets?
28294310 477 // selected template not available, fall back to default template
478 //
479 if (!$found_templateset) {
42b5e8aa 480 $sTemplateID = Template::get_default_template_set();
28294310 481 } else {
482 $sTemplateID = $templateid;
c4e5f61f 483 }
484
2b26084f 485 session_write_close();
c4e5f61f 486 break;
487
f0d28f44 488 case 'mailto':
489 // nothing to do
490 break;
491
202bcbcc 492 case 'redirect':
2e616fa4 493 require(SM_PATH . 'functions/auth.php');
202bcbcc 494 //nobreak;
bf3abdc3 495
202bcbcc 496 case 'login':
497 require(SM_PATH . 'functions/display_messages.php' );
498 require(SM_PATH . 'functions/page_header.php');
499 require(SM_PATH . 'functions/html.php');
42b5e8aa 500
501 // reset template file cache
502 //
503 $sTemplateID = Template::get_default_template_set();
504 Template::cache_template_file_hierarchy(TRUE);
505
1d537493 506 /**
01fd1d1a 507 * Make sure icon variables are setup for the login page.
508 */
509 $icon_theme = $icon_themes[$icon_theme_def]['PATH'];
510 /*
511 * NOTE: The $icon_theme_path var should contain the path to the icon
512 * theme to use. If the admin has disabled icons, or the user has
513 * set the icon theme to "None," no icons will be used.
514 */
515 $icon_theme_path = (!$use_icons || $icon_theme=='none') ? NULL : ($icon_theme == 'template' ? SM_PATH . Template::calculate_template_images_directory($sTemplateID) : $icon_theme);
516
517 /**
1d537493 518 * cleanup old cookies with a cookie path the same as the standard php.ini
519 * cookie path. All previous SquirrelMail version used the standard php.ini
520 * cookie path for storing the session name. That behaviour changed.
521 */
522 if ($sCookiePath !== SM_BASE_URI) {
523 /**
524 * do not delete the standard sessions with session.name is i.e. PHPSESSID
525 * because they probably belong to other php apps
526 */
527 if (ini_get('session.name') !== $sSessionAutostartName) {
30a428c6 528 // This does not work. Sometimes the cookie with SQSESSID=deleted and path /
529 // is picked up in webmail.php => login will fail
530 //sqsetcookie(ini_get('session.name'),'',0,$sCookiePath);
1d537493 531 }
532 }
202bcbcc 533 break;
534 default:
535 require(SM_PATH . 'functions/display_messages.php' );
536 require(SM_PATH . 'functions/page_header.php');
537 require(SM_PATH . 'functions/html.php');
202bcbcc 538
539
540 /**
541 * Check if we are logged in
542 */
543 require(SM_PATH . 'functions/auth.php');
544
545 if ( !sqsession_is_registered('user_is_logged_in') ) {
f8eb968d 546
547 // use $message to indicate what logout text the user
548 // will see... if 0, typical "You must be logged in"
549 // if 1, information that the user session was saved
550 // and will be resumed after (re)login
551 //
552 $message = 0;
553
202bcbcc 554 // First we store some information in the new session to prevent
555 // information-loss.
556 //
557 $session_expired_post = $_POST;
f8e68605 558 $session_expired_location = PAGE_NAME;
202bcbcc 559 if (!sqsession_is_registered('session_expired_post')) {
560 sqsession_register($session_expired_post,'session_expired_post');
561 }
562 if (!sqsession_is_registered('session_expired_location')) {
563 sqsession_register($session_expired_location,'session_expired_location');
f8e68605 564 if ($session_expired_location == 'compose')
f8eb968d 565 $message = 1;
202bcbcc 566 }
567 // signout page will deal with users who aren't logged
568 // in on its own; don't show error here
569 //
9e06a3ea 570 if ( PAGE_NAME == 'signout' ) {
a140422a 571 return;
202bcbcc 572 }
573
8efadc6b 574 /**
575 * Initialize the template object (logout_error uses it)
576 */
8efadc6b 577 /*
086ad092 578 * $sTemplateID is not initialized when a user is not logged in, so we
579 * will use the config file defaults here. If the neccesary variables
28294310 580 * are net set, force a default value.
8efadc6b 581 */
42b5e8aa 582 $sTemplateID = Template::get_default_template_set();
28294310 583 $oTemplate = Template::construct_template($sTemplateID);
8efadc6b 584
202bcbcc 585 set_up_language($squirrelmail_language, true);
f8eb968d 586 if (!$message)
587 logout_error( _("You must be logged in to access this page.") );
588 else
589 logout_error( _("Your session has expired, but will be resumed after logging in again.") );
202bcbcc 590 exit;
591 }
592
79524620 593 sqgetGlobalVar('authz',$authz,SQ_SESSION);
202bcbcc 594
595 /**
596 * Setting the prefs backend
597 */
598 sqgetGlobalVar('prefs_cache', $prefs_cache, SQ_SESSION );
599 sqgetGlobalVar('prefs_are_cached', $prefs_are_cached, SQ_SESSION );
600
601 if ( !sqsession_is_registered('prefs_are_cached') ||
602 !isset( $prefs_cache) ||
603 !is_array( $prefs_cache)) {
604 $prefs_are_cached = false;
605 $prefs_cache = false; //array();
606 }
607
202bcbcc 608 /**
609 * initializing user settings
610 */
611 require(SM_PATH . 'include/load_prefs.php');
612
202bcbcc 613// i do not understand the frames language cookie story
614 /**
615 * We'll need this to later have a noframes version
616 *
617 * Check if the user has a language preference, but no cookie.
618 * Send him a cookie with his language preference, if there is
619 * such discrepancy.
620 */
621 $my_language = getPref($data_dir, $username, 'language');
622 if ($my_language != $squirrelmail_language) {
623 sqsetcookie('squirrelmail_language', $my_language, time()+2592000, $base_uri);
624 }
625// /dont understand
626
0d56053e 627 $set_up_langage_after_template_setup = TRUE;
202bcbcc 628
629 $timeZone = getPref($data_dir, $username, 'timezone');
630
631 /* Check to see if we are allowed to set the TZ environment variable.
632 * We are able to do this if ...
633 * safe_mode is disabled OR
634 * safe_mode_allowed_env_vars is empty (you are allowed to set any) OR
635 * safe_mode_allowed_env_vars contains TZ
636 */
637 $tzChangeAllowed = (!ini_get('safe_mode')) ||
638 !strcmp(ini_get('safe_mode_allowed_env_vars'),'') ||
639 preg_match('/^([\w_]+,)*TZ/', ini_get('safe_mode_allowed_env_vars'));
640
641 if ( $timeZone != SMPREF_NONE && ($timeZone != "")
642 && $tzChangeAllowed ) {
643
644 // get time zone key, if strict or custom strict timezones are used
645 if (isset($time_zone_type) &&
646 ($time_zone_type == 1 || $time_zone_type == 3)) {
647 /* load time zone functions */
648 require(SM_PATH . 'include/timezones.php');
649 $realTimeZone = sq_get_tz_key($timeZone);
650 } else {
651 $realTimeZone = $timeZone;
652 }
653
654 // set time zone
655 if ($realTimeZone) {
656 putenv("TZ=".$realTimeZone);
657 }
658 }
867fed37 659
660 /**
661 * php 5.1.0 added time zone functions. Set time zone with them in order
662 * to prevent E_STRICT notices and allow time zone modifications in safe_mode.
663 */
664 if (function_exists('date_default_timezone_set')) {
665 if ($timeZone != SMPREF_NONE && $timeZone != "") {
666 date_default_timezone_set($timeZone);
667 } else {
668 // interface runs on server's time zone. Remove php E_STRICT complains
669 $default_timezone = @date_default_timezone_get();
086ad092 670 date_default_timezone_set($default_timezone);
867fed37 671 }
672 }
202bcbcc 673 break;
674}
675
202bcbcc 676/*
086ad092 677 * $sTemplateID is not initialized when a user is not logged in, so we
678 * will use the config file defaults here. If the neccesary variables
28294310 679 * are not set, force a default value.
086ad092 680 *
681 * If the user is logged in, $sTemplateID will be set in load_prefs.php,
28294310 682 * so we shouldn't change it here.
202bcbcc 683 */
28294310 684if (!isset($sTemplateID)) {
42b5e8aa 685 $sTemplateID = Template::get_default_template_set();
28294310 686 $icon_theme_path = !$use_icons ? NULL : Template::calculate_template_images_directory($sTemplateID);
3aa46abc 687}
be155e14 688
689// template object may have already been constructed in load_prefs.php
690//
691if (empty($oTemplate)) {
692 $oTemplate = Template::construct_template($sTemplateID);
693}
202bcbcc 694
7aae649d 695// We want some variables to always be available to the template
551c7b53 696//
e39d00e9 697$oTemplate->assign('javascript_on',
698 (sqGetGlobalVar('user_is_logged_in', $user_is_logged_in, SQ_SESSION)
699 ? checkForJavascript() : 0));
fe8103c2 700$oTemplate->assign('base_uri', sqm_baseuri());
457e8593 701$always_include = array('sTemplateID', 'icon_theme_path');
7aae649d 702foreach ($always_include as $var) {
703 $oTemplate->assign($var, (isset($$var) ? $$var : NULL));
704}
705
551c7b53 706// A few output elements are used often, so just get them once here
707//
708$nbsp = $oTemplate->fetch('non_breaking_space.tpl');
709$br = $oTemplate->fetch('line_break.tpl');
710
0d56053e 711
712/**
713 * Set up the language.
714 *
715 * This code block corresponds to the *default* block of the switch
716 * statement above, but the language cannot be set up until after the
717 * template is instantiated, so we set $set_up_langage_after_template_setup
718 * above and do the linguistic stuff now.
719 */
720if ($set_up_langage_after_template_setup) {
721 $err=set_up_language(getPref($data_dir, $username, 'language'));
722
723 // Japanese translation used without mbstring support
724 if ($err==2) {
725 $sError = "<p>Your administrator needs to have PHP installed with the multibyte string extension enabled (using configure option --enable-mbstring).</p>\n"
726 . "<p>This system has assumed that you accidently switched to Japanese and has reverted your language preference to English.</p>\n"
727 . "<p>Please refresh this page in order to continue using your webmail.</p>\n";
728 error_box($sError);
729 }
730}
731
732
202bcbcc 733/**
734 * Initialize our custom error handler object
735 */
202bcbcc 736$oErrorHandler = new ErrorHandler($oTemplate,'error_message.tpl');
737
0d56053e 738
202bcbcc 739/**
740 * Activate custom error handling
741 */
742if (version_compare(PHP_VERSION, "4.3.0", ">=")) {
743 $oldErrorHandler = set_error_handler(array($oErrorHandler, 'SquirrelMailErrorhandler'));
744} else {
745 $oldErrorHandler = set_error_handler('SquirrelMailErrorhandler');
746}
747
f0d28f44 748
749// ============================================================================
750// ================= End of Live Code, Beginning of Functions =================
751// ============================================================================
752
753
202bcbcc 754/**
755 * Javascript support detection function
756 * @param boolean $reset recheck javascript support if set to true.
867fed37 757 * @return integer SMPREF_JS_ON or SMPREF_JS_OFF ({@see include/constants.php})
202bcbcc 758 * @since 1.5.1
759 */
202bcbcc 760function checkForJavascript($reset = FALSE) {
761 global $data_dir, $username, $javascript_on, $javascript_setting;
762
763 if ( !$reset && sqGetGlobalVar('javascript_on', $javascript_on, SQ_SESSION) )
764 return $javascript_on;
765
e39d00e9 766 $user_is_logged_in = FALSE;
bf3abdc3 767 if ( $reset || !isset($javascript_setting) )
202bcbcc 768 $javascript_setting = getPref($data_dir, $username, 'javascript_setting', SMPREF_JS_AUTODETECT);
769
770 if ( !sqGetGlobalVar('new_js_autodetect_results', $js_autodetect_results) &&
771 !sqGetGlobalVar('js_autodetect_results', $js_autodetect_results) )
772 $js_autodetect_results = SMPREF_JS_OFF;
773
774 if ( $javascript_setting == SMPREF_JS_AUTODETECT )
775 $javascript_on = $js_autodetect_results;
776 else
777 $javascript_on = $javascript_setting;
778
779 sqsession_register($javascript_on, 'javascript_on');
780 return $javascript_on;
781}
782
783function sqm_baseuri() {
784 global $base_uri;
785 return $base_uri;
8e1e2794 786}