[squirrelmail.git] / include / init.php

<?php

/**
 * init.php -- initialisation file
 *
 * File should be loaded in every file in src/ or plugins that occupate an entire frame
 *
 * @copyright &copy; 2006 The SquirrelMail Project Team
 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
 * @version $Id$
 * @package squirrelmail
 */

/**
 * This is a development version so in order to track programmer mistakes we
 * set the error reporting to E_ALL
 */
error_reporting(E_ALL);


/**
 * If register_globals are on, unregister globals.
 * Code requires PHP 4.1.0 or newer.
 * Second test covers boolean set as string (php_value register_globals off).
 */
if ((bool) @ini_get('register_globals') &&
    strtolower(ini_get('register_globals'))!='off') {
    /**
     * Remove all globals from $_GET, $_POST, and $_COOKIE.
     */
    foreach ($_REQUEST as $key => $value) {
        unset($GLOBALS[$key]);
    }
    /**
     * Remove globalized $_FILES variables
     * Before 4.3.0 $_FILES are included in $_REQUEST.
     * Unglobalize them in separate call in order to remove dependency
     * on PHP version.
     */
    foreach ($_FILES as $key => $value) {
        unset($GLOBALS[$key]);
        // there are three undocumented $_FILES globals.
        unset($GLOBALS[$key.'_type']);
        unset($GLOBALS[$key.'_name']);
        unset($GLOBALS[$key.'_size']);
    }
    /**
     * Remove globalized environment variables.
     */
    foreach ($_ENV as $key => $value) {
        unset($GLOBALS[$key]);
    }
    /**
     * Remove globalized server variables.
     */
    foreach ($_SERVER as $key => $value) {
        unset($GLOBALS[$key]);
    }
}


/**
 * calculate SM_PATH and calculate the base_uri
 * assumptions made: init.php is only called from plugins or from the src dir.
 * files in the plugin directory may not be part of a subdirectory called "src"
 *
 */
if (isset($_SERVER['SCRIPT_NAME'])) {
    $a = explode('/',$_SERVER['SCRIPT_NAME']);
} elseif (isset($HTTP_SERVER_VARS['SCRIPT_NAME'])) {
    $a = explode('/',$_SERVER['SCRIPT_NAME']);
}
$sSM_PATH = '';
for($i = count($a) -2;$i > -1; --$i) {
    $sSM_PATH .= '../';
    if ($a[$i] === 'src' || $a[$i] === 'plugins') {
        break;
    }
}

$base_uri = implode('/',array_slice($a,0,$i)). '/';

define('SM_PATH',$sSM_PATH);
define('SM_BASE_URI', $base_uri);
/**
 * global var $bInit is used to check if initialisation took place.
 * At this moment it's a workarounf for the include of addrbook_search_html
 * inside compose.php. If we found a better way then remove this. Do only use
 * this var if you know for sure a page can be called stand alone and be included
 * in another file.
 */
$bInit = true;

require(SM_PATH . 'functions/global.php');
require(SM_PATH . 'config/config.php');
require(SM_PATH . 'functions/plugin.php');
require(SM_PATH . 'include/constants.php');
require(SM_PATH . 'include/languages.php');

/**
 * If magic_quotes_runtime is on, SquirrelMail breaks in new and creative ways.
 * Force magic_quotes_runtime off.
 * tassium@squirrelmail.org - I put it here in the hopes that all SM code includes this.
 * If there's a better place, please let me know.
 */
ini_set('magic_quotes_runtime','0');


/* if running with magic_quotes_gpc then strip the slashes
   from POST and GET global arrays */
if (get_magic_quotes_gpc()) {
    sqstripslashes($_GET);
    sqstripslashes($_POST);
}


/* strip any tags added to the url from PHP_SELF.
This fixes hand crafted url XXS expoits for any
   page that uses PHP_SELF as the FORM action */
$_SERVER['PHP_SELF'] = strip_tags($_SERVER['PHP_SELF']);

$PHP_SELF = php_self();

/**
 * Initialize the session
 */

/** set the name of the session cookie */
if (!isset($session_name) || !$session_name) {
    $session_name = 'SQMSESSID';
}

/**
 * if session.auto_start is On then close the session
 */
$sSessionAutostartName = session_name();
if ((isset($sSessionAutostartName) || $sSessionAutostartName == '') &&
     $sSessionAutostartName !== $session_name) {
    $sCookiePath = ini_get('session.cookie_path');
    $sCookieDomain = ini_get('session.cookie_domain');
    // reset the cookie
    setcookie($sSessionAutostartName,'',time() - 604800,$sCookiePath,$sCookieDomain);
    @session_destroy();
    session_write_close();
}

/**
 * includes from classes stored in the session
 */
require(SM_PATH . 'class/mime.class.php');

ini_set('session.name' , $session_name);
session_set_cookie_params (0, $base_uri);
sqsession_is_active();

/**
 * Remove globalized session data in rg=on setups
 */
if ((bool) @ini_get('register_globals')) {
    foreach ($_SESSION as $key => $value) {
        unset($GLOBALS[$key]);
    }
}

sqsession_register(SM_BASE_URI,'base_uri');

/**
 * SquirrelMail version number -- DO NOT CHANGE
 */
$version = '1.5.2 [CVS]';

/**
 * SquirrelMail internal version number -- DO NOT CHANGE
 * $sm_internal_version = array (release, major, minor)
 */
$SQM_INTERNAL_VERSION = array(1,5,2);

/**
 * Retrieve the language cookie
 */
if (! sqgetGlobalVar('squirrelmail_language',$squirrelmail_language,SQ_COOKIE)) {
    $squirrelmail_language = '';
}


/**
 * @var $sInitlocation From where do we include.
 */
if (!isset($sInitLocation)) {
    $sInitLocation=NULL;
}

/**
 * MAIN PLUGIN LOADING CODE HERE
 */

/**
 * Include Compatibility plugin if available.
 */
if (file_exists(SM_PATH . 'plugins/compatibility/functions.php'))
    include_once(SM_PATH . 'plugins/compatibility/functions.php');
$squirrelmail_plugin_hooks = array();

/* On init, register all plugins configured for use. */
if (isset($plugins) && is_array($plugins)) {
    // turn on output buffering in order to prevent output of new lines
    ob_start();
    foreach ($plugins as $name) {
        use_plugin($name);
    }
    // get output and remove whitespace
    $output = trim(ob_get_contents());
    ob_end_clean();
    // if plugins output more than newlines and spacing, stop script execution.
    if (!empty($output)) {
        die($output);
    }
}


switch ($sInitLocation) {
    case 'style': session_write_close(); sqsetcookieflush(); break;
    case 'redirect':
        /**
         * directory hashing functions are needed for all setups in case
         * plugins use own pref files.
         */
        require(SM_PATH . 'functions/prefs.php');
        /* hook loads custom prefs backend plugins */
        $prefs_backend = do_hook_function('prefs_backend');
        if (isset($prefs_backend) && !empty($prefs_backend) && file_exists(SM_PATH . $prefs_backend)) {
            require(SM_PATH . $prefs_backend);
        } elseif (isset($prefs_dsn) && !empty($prefs_dsn)) {
            require(SM_PATH . 'functions/db_prefs.php');
        } else {
            require(SM_PATH . 'functions/file_prefs.php');
        }
        //nobreak;
    case 'login':
        require(SM_PATH . 'functions/display_messages.php' );
        require(SM_PATH . 'functions/page_header.php');
        require(SM_PATH . 'functions/html.php');
        /**
         * cleanup old cookies with a cookie path the same as the standard php.ini
         * cookie path. All previous SquirrelMail version used the standard php.ini
         * cookie path for storing the session name. That behaviour changed.
         */
        if ($sCookiePath !== SM_BASE_URI) {
            /**
             * do not delete the standard sessions with session.name is i.e. PHPSESSID
             * because they probably belong to other php apps
             */
            if (ini_get('session.name') !== $sSessionAutostartName) {
                sqsetcookie(ini_get('session.name'),'',0,$sCookiePath);
            }
        }
        break;
    default:
        require(SM_PATH . 'functions/display_messages.php' );
        require(SM_PATH . 'functions/page_header.php');
        require(SM_PATH . 'functions/html.php');
        require(SM_PATH . 'functions/strings.php');


        /**
         * Check if we are logged in
         */
        require(SM_PATH . 'functions/auth.php');

        if ( !sqsession_is_registered('user_is_logged_in') ) {
            //  First we store some information in the new session to prevent
            //  information-loss.
            //
            $session_expired_post = $_POST;
            $session_expired_location = $PHP_SELF;
            if (!sqsession_is_registered('session_expired_post')) {
                sqsession_register($session_expired_post,'session_expired_post');
            }
            if (!sqsession_is_registered('session_expired_location')) {
                sqsession_register($session_expired_location,'session_expired_location');
            }
            // signout page will deal with users who aren't logged
            // in on its own; don't show error here
            //
            if (strpos($PHP_SELF, 'signout.php') !== FALSE) {
            return;
            }

            set_up_language($squirrelmail_language, true);
            logout_error( _("You must be logged in to access this page.") );
            exit;
        }

        sqgetGlobalVar('username',$username,SQ_SESSION);

        /**
         * Setting the prefs backend
         */
        sqgetGlobalVar('prefs_cache', $prefs_cache, SQ_SESSION );
        sqgetGlobalVar('prefs_are_cached', $prefs_are_cached, SQ_SESSION );

        if ( !sqsession_is_registered('prefs_are_cached') ||
            !isset( $prefs_cache) ||
            !is_array( $prefs_cache)) {
            $prefs_are_cached = false;
            $prefs_cache = false; //array();
        }

        /* see 'redirect' switch */
        require(SM_PATH . 'functions/prefs.php');

        $prefs_backend = do_hook_function('prefs_backend');
        if (isset($prefs_backend) && !empty($prefs_backend) && file_exists(SM_PATH . $prefs_backend)) {
            require(SM_PATH . $prefs_backend);
        } elseif (isset($prefs_dsn) && !empty($prefs_dsn)) {
            require(SM_PATH . 'functions/db_prefs.php');
        } else {
            require(SM_PATH . 'functions/file_prefs.php');
        }

        /**
         * initializing user settings
         */
        require(SM_PATH . 'include/load_prefs.php');


// i do not understand the frames language cookie story
        /**
         * We'll need this to later have a noframes version
         *
         * Check if the user has a language preference, but no cookie.
         * Send him a cookie with his language preference, if there is
         * such discrepancy.
         */
         $my_language = getPref($data_dir, $username, 'language');
         if ($my_language != $squirrelmail_language) {
             sqsetcookie('squirrelmail_language', $my_language, time()+2592000, $base_uri);
         }
// /dont understand

        /**
         * Set up the language.
         */
        $err=set_up_language(getPref($data_dir, $username, 'language'));
        /* this is the last cookie we set so flush it. */
        sqsetcookieflush();

        // Japanese translation used without mbstring support
        if ($err==2) {
            $sError =
                "<p>You need to have PHP installed with the multibyte string function \n".
                "enabled (using configure option --enable-mbstring).</p>\n".
                "<p>System assumed that you accidently switched to Japanese translation \n".
                "and reverted your language preference to English.</p>\n".
                "<p>Please refresh this page in order to use webmail.</p>\n";
            error_box($sError);
        }

        $timeZone = getPref($data_dir, $username, 'timezone');

        /* Check to see if we are allowed to set the TZ environment variable.
         * We are able to do this if ...
         *   safe_mode is disabled OR
         *   safe_mode_allowed_env_vars is empty (you are allowed to set any) OR
         *   safe_mode_allowed_env_vars contains TZ
         */
        $tzChangeAllowed = (!ini_get('safe_mode')) ||
                            !strcmp(ini_get('safe_mode_allowed_env_vars'),'') ||
                            preg_match('/^([\w_]+,)*TZ/', ini_get('safe_mode_allowed_env_vars'));

        if ( $timeZone != SMPREF_NONE && ($timeZone != "")
            && $tzChangeAllowed ) {

            // get time zone key, if strict or custom strict timezones are used
            if (isset($time_zone_type) &&
                ($time_zone_type == 1 || $time_zone_type == 3)) {
                /* load time zone functions */
                require(SM_PATH . 'include/timezones.php');
                $realTimeZone = sq_get_tz_key($timeZone);
            } else {
                $realTimeZone = $timeZone;
            }

            // set time zone
            if ($realTimeZone) {
                putenv("TZ=".$realTimeZone);
            }
        }
        break;
}

/**
 * Initialize the template object
 */
require(SM_PATH . 'class/template/template.class.php');
/*
 * $sTplDir is not initialized when a user is not logged in, so we will use
 * the config file defaults here.  If the neccesary variables are net set,
 * force a default value.
 */
$aTemplateSet = ( !isset($aTemplateSet) ? array() : $aTemplateSet );
$templateset_default = ( !isset($templateset_default) ? 0 : $templateset_default );

$sTplDir = ( !isset($aTemplateSet[$templateset_default]['PATH']) ?
             SM_PATH . 'templates/default/' :
             $aTemplateSet[$templateset_default]['PATH'] );
$oTemplate = new Template($sTplDir);

/**
 * Initialize our custom error handler object
 */
require(SM_PATH . 'class/error.class.php');
$oErrorHandler = new ErrorHandler($oTemplate,'error_message.tpl');

/**
 * Activate custom error handling
 */
if (version_compare(PHP_VERSION, "4.3.0", ">=")) {
    $oldErrorHandler = set_error_handler(array($oErrorHandler, 'SquirrelMailErrorhandler'));
} else {
    $oldErrorHandler = set_error_handler('SquirrelMailErrorhandler');
}

/**
 * Javascript support detection function
 * @param boolean $reset recheck javascript support if set to true.
 * @return integer SMPREF_JS_ON or SMPREF_JS_OFF ({@see functions/constants.php})
 * @since 1.5.1
 */
function checkForJavascript($reset = FALSE) {
  global $data_dir, $username, $javascript_on, $javascript_setting;

  if ( !$reset && sqGetGlobalVar('javascript_on', $javascript_on, SQ_SESSION) )
    return $javascript_on;

  if ( $reset || !isset($javascript_setting) )
    $javascript_setting = getPref($data_dir, $username, 'javascript_setting', SMPREF_JS_AUTODETECT);

  if ( !sqGetGlobalVar('new_js_autodetect_results', $js_autodetect_results) &&
       !sqGetGlobalVar('js_autodetect_results', $js_autodetect_results) )
    $js_autodetect_results = SMPREF_JS_OFF;

  if ( $javascript_setting == SMPREF_JS_AUTODETECT )
    $javascript_on = $js_autodetect_results;
  else
    $javascript_on = $javascript_setting;

  sqsession_register($javascript_on, 'javascript_on');
  return $javascript_on;
}

function sqm_baseuri() {
    global $base_uri;
    return $base_uri;
}
Commit	Line	Data
202bcbcc	1	<?php
	2
	3	/**
	4	* init.php -- initialisation file
	5	*
	6	* File should be loaded in every file in src/ or plugins that occupate an entire frame
	7	*
	8	* @copyright © 2006 The SquirrelMail Project Team
	9	* @license http://opensource.org/licenses/gpl-license.php GNU Public License
	10	* @version $Id$
	11	* @package squirrelmail
	12	*/
	13
202bcbcc	14	/**
	15	* This is a development version so in order to track programmer mistakes we
	16	* set the error reporting to E_ALL
	17	*/
202bcbcc	18	error_reporting(E_ALL);
	19
	20
6a2a6e44	21	/**
	22	* If register_globals are on, unregister globals.
	23	* Code requires PHP 4.1.0 or newer.
a3b99374	24	* Second test covers boolean set as string (php_value register_globals off).
6a2a6e44	25	*/
826ddd72	26	if ((bool) @ini_get('register_globals') &&
a3b99374	27	strtolower(ini_get('register_globals'))!='off') {
6a2a6e44	28	/**
	29	* Remove all globals from $_GET, $_POST, and $_COOKIE.
	30	*/
	31	foreach ($_REQUEST as $key => $value) {
	32	unset($GLOBALS[$key]);
	33	}
	34	/**
	35	* Remove globalized $_FILES variables
	36	* Before 4.3.0 $_FILES are included in $_REQUEST.
	37	* Unglobalize them in separate call in order to remove dependency
	38	* on PHP version.
	39	*/
	40	foreach ($_FILES as $key => $value) {
	41	unset($GLOBALS[$key]);
	42	// there are three undocumented $_FILES globals.
	43	unset($GLOBALS[$key.'_type']);
	44	unset($GLOBALS[$key.'_name']);
	45	unset($GLOBALS[$key.'_size']);
	46	}
	47	/**
	48	* Remove globalized environment variables.
	49	*/
	50	foreach ($_ENV as $key => $value) {
	51	unset($GLOBALS[$key]);
	52	}
	53	/**
	54	* Remove globalized server variables.
	55	*/
	56	foreach ($_SERVER as $key => $value) {
	57	unset($GLOBALS[$key]);
	58	}
	59	}
	60
	61
202bcbcc	62	/**
	63	* calculate SM_PATH and calculate the base_uri
	64	* assumptions made: init.php is only called from plugins or from the src dir.
	65	* files in the plugin directory may not be part of a subdirectory called "src"
	66	*
	67	*/
	68	if (isset($_SERVER['SCRIPT_NAME'])) {
	69	$a = explode('/',$_SERVER['SCRIPT_NAME']);
	70	} elseif (isset($HTTP_SERVER_VARS['SCRIPT_NAME'])) {
	71	$a = explode('/',$_SERVER['SCRIPT_NAME']);
	72	}
	73	$sSM_PATH = '';
	74	for($i = count($a) -2;$i > -1; --$i) {
	75	$sSM_PATH .= '../';
	76	if ($a[$i] === 'src' \|\| $a[$i] === 'plugins') {
	77	break;
	78	}
	79	}
	80
	81	$base_uri = implode('/',array_slice($a,0,$i)). '/';
	82
202bcbcc	83	define('SM_PATH',$sSM_PATH);
6a2a6e44	84	define('SM_BASE_URI', $base_uri);
202bcbcc	85	/**
	86	* global var $bInit is used to check if initialisation took place.
	87	* At this moment it's a workarounf for the include of addrbook_search_html
	88	* inside compose.php. If we found a better way then remove this. Do only use
	89	* this var if you know for sure a page can be called stand alone and be included
	90	* in another file.
	91	*/
	92	$bInit = true;
	93
	94	require(SM_PATH . 'functions/global.php');
	95	require(SM_PATH . 'config/config.php');
	96	require(SM_PATH . 'functions/plugin.php');
	97	require(SM_PATH . 'include/constants.php');
	98	require(SM_PATH . 'include/languages.php');
	99
	100	/**
	101	* If magic_quotes_runtime is on, SquirrelMail breaks in new and creative ways.
	102	* Force magic_quotes_runtime off.
	103	* tassium@squirrelmail.org - I put it here in the hopes that all SM code includes this.
	104	* If there's a better place, please let me know.
	105	*/
	106	ini_set('magic_quotes_runtime','0');
	107
	108
	109	/* if running with magic_quotes_gpc then strip the slashes
	110	from POST and GET global arrays */
	111	if (get_magic_quotes_gpc()) {
	112	sqstripslashes($_GET);
	113	sqstripslashes($_POST);
	114	}
	115
202bcbcc	116
	117	/* strip any tags added to the url from PHP_SELF.
	118	This fixes hand crafted url XXS expoits for any
	119	page that uses PHP_SELF as the FORM action */
	120	$_SERVER['PHP_SELF'] = strip_tags($_SERVER['PHP_SELF']);
	121
	122	$PHP_SELF = php_self();
	123
	124	/**
	125	* Initialize the session
	126	*/
	127
e8c4e350	128	/** set the name of the session cookie */
	129	if (!isset($session_name) \|\| !$session_name) {
	130	$session_name = 'SQMSESSID';
	131	}
	132
	133	/**
	134	* if session.auto_start is On then close the session
1d537493	135	*/
	136	$sSessionAutostartName = session_name();
	137	if ((isset($sSessionAutostartName) \|\| $sSessionAutostartName == '') &&
	138	$sSessionAutostartName !== $session_name) {
	139	$sCookiePath = ini_get('session.cookie_path');
	140	$sCookieDomain = ini_get('session.cookie_domain');
e8c4e350	141	// reset the cookie
1d537493	142	setcookie($sSessionAutostartName,'',time() - 604800,$sCookiePath,$sCookieDomain);
e8c4e350	143	@session_destroy();
e8c4e350	144	session_write_close();
1d537493	145	}
e8c4e350	146
202bcbcc	147	/**
	148	* includes from classes stored in the session
	149	*/
	150	require(SM_PATH . 'class/mime.class.php');
	151
202bcbcc	152	ini_set('session.name' , $session_name);
	153	session_set_cookie_params (0, $base_uri);
	154	sqsession_is_active();
	155
202bcbcc	156	/**
	157	* Remove globalized session data in rg=on setups
	158	*/
	159	if ((bool) @ini_get('register_globals')) {
	160	foreach ($_SESSION as $key => $value) {
	161	unset($GLOBALS[$key]);
	162	}
	163	}
6a2a6e44	164
826ddd72	165	sqsession_register(SM_BASE_URI,'base_uri');
6a2a6e44	166
e8c4e350	167	/**
	168	* SquirrelMail version number -- DO NOT CHANGE
	169	*/
	170	$version = '1.5.2 [CVS]';
	171
1d537493	172	/**
	173	* SquirrelMail internal version number -- DO NOT CHANGE
	174	* $sm_internal_version = array (release, major, minor)
	175	*/
	176	$SQM_INTERNAL_VERSION = array(1,5,2);
	177
202bcbcc	178	/**
	179	* Retrieve the language cookie
	180	*/
	181	if (! sqgetGlobalVar('squirrelmail_language',$squirrelmail_language,SQ_COOKIE)) {
	182	$squirrelmail_language = '';
	183	}
	184
	185
	186	/**
	187	* @var $sInitlocation From where do we include.
	188	*/
	189	if (!isset($sInitLocation)) {
	190	$sInitLocation=NULL;
	191	}
	192
	193	/**
	194	* MAIN PLUGIN LOADING CODE HERE
	195	*/
	196
	197	/**
	198	* Include Compatibility plugin if available.
	199	*/
	200	if (file_exists(SM_PATH . 'plugins/compatibility/functions.php'))
	201	include_once(SM_PATH . 'plugins/compatibility/functions.php');
	202	$squirrelmail_plugin_hooks = array();
	203
	204	/* On init, register all plugins configured for use. */
	205	if (isset($plugins) && is_array($plugins)) {
	206	// turn on output buffering in order to prevent output of new lines
	207	ob_start();
	208	foreach ($plugins as $name) {
	209	use_plugin($name);
	210	}
	211	// get output and remove whitespace
	212	$output = trim(ob_get_contents());
	213	ob_end_clean();
	214	// if plugins output more than newlines and spacing, stop script execution.
	215	if (!empty($output)) {
	216	die($output);
	217	}
	218	}
	219
	220
	221	switch ($sInitLocation) {
	222	case 'style': session_write_close(); sqsetcookieflush(); break;
	223	case 'redirect':
4d2f7565	224	/**
826ddd72	225	* directory hashing functions are needed for all setups in case
4d2f7565	226	* plugins use own pref files.
	227	*/
	228	require(SM_PATH . 'functions/prefs.php');
	229	/* hook loads custom prefs backend plugins */
202bcbcc	230	$prefs_backend = do_hook_function('prefs_backend');
	231	if (isset($prefs_backend) && !empty($prefs_backend) && file_exists(SM_PATH . $prefs_backend)) {
	232	require(SM_PATH . $prefs_backend);
	233	} elseif (isset($prefs_dsn) && !empty($prefs_dsn)) {
	234	require(SM_PATH . 'functions/db_prefs.php');
	235	} else {
202bcbcc	236	require(SM_PATH . 'functions/file_prefs.php');
	237	}
	238	//nobreak;
	239	case 'login':
	240	require(SM_PATH . 'functions/display_messages.php' );
	241	require(SM_PATH . 'functions/page_header.php');
	242	require(SM_PATH . 'functions/html.php');
1d537493	243	/**
	244	* cleanup old cookies with a cookie path the same as the standard php.ini
	245	* cookie path. All previous SquirrelMail version used the standard php.ini
	246	* cookie path for storing the session name. That behaviour changed.
	247	*/
	248	if ($sCookiePath !== SM_BASE_URI) {
	249	/**
	250	* do not delete the standard sessions with session.name is i.e. PHPSESSID
	251	* because they probably belong to other php apps
	252	*/
	253	if (ini_get('session.name') !== $sSessionAutostartName) {
	254	sqsetcookie(ini_get('session.name'),'',0,$sCookiePath);
	255	}
	256	}
202bcbcc	257	break;
	258	default:
	259	require(SM_PATH . 'functions/display_messages.php' );
	260	require(SM_PATH . 'functions/page_header.php');
	261	require(SM_PATH . 'functions/html.php');
	262	require(SM_PATH . 'functions/strings.php');
	263
	264
	265	/**
	266	* Check if we are logged in
	267	*/
	268	require(SM_PATH . 'functions/auth.php');
	269
	270	if ( !sqsession_is_registered('user_is_logged_in') ) {
	271	// First we store some information in the new session to prevent
	272	// information-loss.
	273	//
	274	$session_expired_post = $_POST;
	275	$session_expired_location = $PHP_SELF;
	276	if (!sqsession_is_registered('session_expired_post')) {
	277	sqsession_register($session_expired_post,'session_expired_post');
	278	}
	279	if (!sqsession_is_registered('session_expired_location')) {
	280	sqsession_register($session_expired_location,'session_expired_location');
	281	}
	282	// signout page will deal with users who aren't logged
	283	// in on its own; don't show error here
	284	//
	285	if (strpos($PHP_SELF, 'signout.php') !== FALSE) {
	286	return;
	287	}
	288
	289	set_up_language($squirrelmail_language, true);
	290	logout_error( _("You must be logged in to access this page.") );
	291	exit;
	292	}
	293
	294	sqgetGlobalVar('username',$username,SQ_SESSION);
	295
	296	/**
	297	* Setting the prefs backend
	298	*/
	299	sqgetGlobalVar('prefs_cache', $prefs_cache, SQ_SESSION );
	300	sqgetGlobalVar('prefs_are_cached', $prefs_are_cached, SQ_SESSION );
	301
	302	if ( !sqsession_is_registered('prefs_are_cached') \|\|
	303	!isset( $prefs_cache) \|\|
	304	!is_array( $prefs_cache)) {
	305	$prefs_are_cached = false;
	306	$prefs_cache = false; //array();
	307	}
	308
4d2f7565	309	/* see 'redirect' switch */
	310	require(SM_PATH . 'functions/prefs.php');
	311
202bcbcc	312	$prefs_backend = do_hook_function('prefs_backend');
	313	if (isset($prefs_backend) && !empty($prefs_backend) && file_exists(SM_PATH . $prefs_backend)) {
	314	require(SM_PATH . $prefs_backend);
	315	} elseif (isset($prefs_dsn) && !empty($prefs_dsn)) {
	316	require(SM_PATH . 'functions/db_prefs.php');
	317	} else {
202bcbcc	318	require(SM_PATH . 'functions/file_prefs.php');
	319	}
	320
	321	/**
	322	* initializing user settings
	323	*/
	324	require(SM_PATH . 'include/load_prefs.php');
	325
	326
	327	// i do not understand the frames language cookie story
	328	/**
	329	* We'll need this to later have a noframes version
	330	*
	331	* Check if the user has a language preference, but no cookie.
	332	* Send him a cookie with his language preference, if there is
	333	* such discrepancy.
	334	*/
	335	$my_language = getPref($data_dir, $username, 'language');
	336	if ($my_language != $squirrelmail_language) {
	337	sqsetcookie('squirrelmail_language', $my_language, time()+2592000, $base_uri);
	338	}
	339	// /dont understand
	340
	341	/**
	342	* Set up the language.
	343	*/
	344	$err=set_up_language(getPref($data_dir, $username, 'language'));
	345	/* this is the last cookie we set so flush it. */
	346	sqsetcookieflush();
	347
	348	// Japanese translation used without mbstring support
	349	if ($err==2) {
	350	$sError =
	351	"<p>You need to have PHP installed with the multibyte string function \n".
	352	"enabled (using configure option --enable-mbstring).</p>\n".
	353	"<p>System assumed that you accidently switched to Japanese translation \n".
	354	"and reverted your language preference to English.</p>\n".
	355	"<p>Please refresh this page in order to use webmail.</p>\n";
	356	error_box($sError);
	357	}
	358
	359	$timeZone = getPref($data_dir, $username, 'timezone');
	360
	361	/* Check to see if we are allowed to set the TZ environment variable.
	362	* We are able to do this if ...
	363	* safe_mode is disabled OR
	364	* safe_mode_allowed_env_vars is empty (you are allowed to set any) OR
	365	* safe_mode_allowed_env_vars contains TZ
	366	*/
	367	$tzChangeAllowed = (!ini_get('safe_mode')) \|\|
	368	!strcmp(ini_get('safe_mode_allowed_env_vars'),'') \|\|
	369	preg_match('/^([\w_]+,)*TZ/', ini_get('safe_mode_allowed_env_vars'));
	370
	371	if ( $timeZone != SMPREF_NONE && ($timeZone != "")
	372	&& $tzChangeAllowed ) {
	373
	374	// get time zone key, if strict or custom strict timezones are used
	375	if (isset($time_zone_type) &&
	376	($time_zone_type == 1 \|\| $time_zone_type == 3)) {
	377	/* load time zone functions */
	378	require(SM_PATH . 'include/timezones.php');
	379	$realTimeZone = sq_get_tz_key($timeZone);
	380	} else {
	381	$realTimeZone = $timeZone;
382	}
383
384	// set time zone
385	if ($realTimeZone) {
386	putenv("TZ=".$realTimeZone);
387	}
388	}
389	break;
390	}
391
392	/**
393	* Initialize the template object
394	*/
395	require(SM_PATH . 'class/template/template.class.php');
396	/*
397	* $sTplDir is not initialized when a user is not logged in, so we will use
398	* the config file defaults here. If the neccesary variables are net set,
399	* force a default value.
400	*/
401	$aTemplateSet = ( !isset($aTemplateSet) ? array() : $aTemplateSet );
402	$templateset_default = ( !isset($templateset_default) ? 0 : $templateset_default );
403
404	$sTplDir = ( !isset($aTemplateSet[$templateset_default]['PATH']) ?
405	SM_PATH . 'templates/default/' :
406	$aTemplateSet[$templateset_default]['PATH'] );
407	$oTemplate = new Template($sTplDir);
408
409	/**
410	* Initialize our custom error handler object
411	*/
412	require(SM_PATH . 'class/error.class.php');
413	$oErrorHandler = new ErrorHandler($oTemplate,'error_message.tpl');
414
415	/**
416	* Activate custom error handling
417	*/
418	if (version_compare(PHP_VERSION, "4.3.0", ">=")) {
419	$oldErrorHandler = set_error_handler(array($oErrorHandler, 'SquirrelMailErrorhandler'));
420	} else {
421	$oldErrorHandler = set_error_handler('SquirrelMailErrorhandler');
422	}
423
424	/**
425	* Javascript support detection function
426	* @param boolean $reset recheck javascript support if set to true.
427	* @return integer SMPREF_JS_ON or SMPREF_JS_OFF ({@see functions/constants.php})
428	* @since 1.5.1
429	*/
202bcbcc	430	function checkForJavascript($reset = FALSE) {
	431	global $data_dir, $username, $javascript_on, $javascript_setting;
	432
	433	if ( !$reset && sqGetGlobalVar('javascript_on', $javascript_on, SQ_SESSION) )
	434	return $javascript_on;
	435
	436	if ( $reset \|\| !isset($javascript_setting) )
	437	$javascript_setting = getPref($data_dir, $username, 'javascript_setting', SMPREF_JS_AUTODETECT);
	438
	439	if ( !sqGetGlobalVar('new_js_autodetect_results', $js_autodetect_results) &&
	440	!sqGetGlobalVar('js_autodetect_results', $js_autodetect_results) )
	441	$js_autodetect_results = SMPREF_JS_OFF;
	442
	443	if ( $javascript_setting == SMPREF_JS_AUTODETECT )
	444	$javascript_on = $js_autodetect_results;
	445	else
	446	$javascript_on = $javascript_setting;
	447
	448	sqsession_register($javascript_on, 'javascript_on');
	449	return $javascript_on;
	450	}
	451
	452	function sqm_baseuri() {
	453	global $base_uri;
	454	return $base_uri;
	455	}