Make login form input fields configurable again (see Password Forget plugin)
[squirrelmail.git] / include / init.php
CommitLineData
202bcbcc 1<?php
2
3/**
4 * init.php -- initialisation file
5 *
6 * File should be loaded in every file in src/ or plugins that occupate an entire frame
7 *
8 * @copyright &copy; 2006 The SquirrelMail Project Team
9 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
10 * @version $Id$
11 * @package squirrelmail
12 */
13
202bcbcc 14/**
15 * This is a development version so in order to track programmer mistakes we
16 * set the error reporting to E_ALL
1888b1bf 17FIXME: disabling this for now, because we now have $sm_debug_mode, but the problem with that is that we don't know what it will be until we have loaded the config file, a good 175 lines below after several important files have been included, etc. For now, we'll trust that developers have turned on E_ALL in php.ini anyway, but this can be uncommented if not.
202bcbcc 18 */
1888b1bf 19//error_reporting(E_ALL);
20
202bcbcc 21
202bcbcc 22/**
c7ebdfcf 23 * Make sure we have a page name
24 *
25 */
26if ( !defined('PAGE_NAME') ) define('PAGE_NAME', NULL);
27
28
29/**
6a2a6e44 30 * If register_globals are on, unregister globals.
a3b99374 31 * Second test covers boolean set as string (php_value register_globals off).
6a2a6e44 32 */
55dd9abf 33if ((bool) ini_get('register_globals') &&
a3b99374 34 strtolower(ini_get('register_globals'))!='off') {
6a2a6e44 35 /**
55dd9abf 36 * Remove all globals that are not reserved by PHP
37 * 'value' and 'key' are used by foreach. Don't unset them inside foreach.
6a2a6e44 38 */
55dd9abf 39 foreach ($GLOBALS as $key => $value) {
40 switch($key) {
41 case 'HTTP_POST_VARS':
42 case '_POST':
43 case 'HTTP_GET_VARS':
44 case '_GET':
45 case 'HTTP_COOKIE_VARS':
46 case '_COOKIE':
47 case 'HTTP_SERVER_VARS':
48 case '_SERVER':
49 case 'HTTP_ENV_VARS':
50 case '_ENV':
51 case 'HTTP_POST_FILES':
52 case '_FILES':
53 case '_REQUEST':
54 case 'HTTP_SESSION_VARS':
55 case '_SESSION':
56 case 'GLOBALS':
57 case 'key':
58 case 'value':
59 break;
55dd9abf 60 default:
61 unset($GLOBALS[$key]);
62 }
6a2a6e44 63 }
55dd9abf 64 // Unset variables used in foreach
65 unset($GLOBALS['key']);
66 unset($GLOBALS['value']);
6a2a6e44 67}
68
71efd1ed 69/**
d849b570 70 * Used as a dummy value, e.g., for passing as an empty
e39d00e9 71 * hook argument (where the value is passed by reference,
72 * and therefore NULL itself is not acceptable).
d849b570 73 */
086ad092 74global $null;
d849b570 75$null = NULL;
76
77/**
71efd1ed 78 * [#1518885] session.use_cookies = off breaks SquirrelMail
79 *
086ad092 80 * When session cookies are not used, all http redirects, meta refreshes,
81 * src/download.php and javascript URLs are broken. Setting must be set
71efd1ed 82 * before session is started.
83 */
84if (!(bool)ini_get('session.use_cookies') ||
85 ini_get('session.use_cookies') == 'off') {
86 ini_set('session.use_cookies','1');
87}
6a2a6e44 88
79dd8c72 89/**
90 * Initialize seed of random number generator.
91 * We use a number of things to randomize input: current time in ms,
92 * info about the remote client, info about the current process, the
93 * randomness of uniqid and stat of the current file.
94 *
95 * We seed this here only once per init, not only to save cycles
96 * but also to make the result of mt_rand more random (it now also
97 * depends on the number of times mt_rand was called before in this
98 * execution.
99 */
100$seed = microtime() . $_SERVER['REMOTE_PORT'] . $_SERVER['REMOTE_ADDR'] . getmypid();
101
102if (function_exists('getrusage')) {
103 /* Avoid warnings with Win32 */
104 $dat = @getrusage();
105 if (isset($dat) && is_array($dat)) { $seed .= implode('', $dat); }
106}
107
108if(!empty($_SERVER['UNIQUE_ID'])) {
109 $seed .= $_SERVER['UNIQUE_ID'];
110}
111
112$seed .= uniqid(mt_rand(),TRUE);
113$seed .= implode( '', stat( __FILE__) );
114
115/** PHP 4.2 and up don't require seeding, but their used seed algorithm
116 * is of questionable quality, so we keep doing it ourselves. */
117mt_srand(hexdec(md5($seed)));
3f081dd0 118
6a2a6e44 119/**
202bcbcc 120 * calculate SM_PATH and calculate the base_uri
121 * assumptions made: init.php is only called from plugins or from the src dir.
122 * files in the plugin directory may not be part of a subdirectory called "src"
123 *
124 */
125if (isset($_SERVER['SCRIPT_NAME'])) {
3f081dd0 126 $a = explode('/', $_SERVER['SCRIPT_NAME']);
202bcbcc 127} elseif (isset($HTTP_SERVER_VARS['SCRIPT_NAME'])) {
3f081dd0 128 $a = explode('/', $HTTP_SERVER_VARS['SCRIPT_NAME']);
b0829edf 129} else {
3f081dd0 130 $error = 'Unable to detect script environment. Please test your PHP '
131 . 'settings and send your PHP core configuration, $_SERVER and '
132 . '$HTTP_SERVER_VARS contents to the SquirrelMail developers.';
b0829edf 133 die($error);
202bcbcc 134}
135$sSM_PATH = '';
3f081dd0 136for($i = count($a) -2; $i > -1; --$i) {
202bcbcc 137 $sSM_PATH .= '../';
138 if ($a[$i] === 'src' || $a[$i] === 'plugins') {
139 break;
140 }
141}
142
3f081dd0 143$base_uri = implode('/', array_slice($a, 0, $i)). '/';
202bcbcc 144
202bcbcc 145define('SM_PATH',$sSM_PATH);
6a2a6e44 146define('SM_BASE_URI', $base_uri);
3f081dd0 147
148
202bcbcc 149/**
150 * global var $bInit is used to check if initialisation took place.
151 * At this moment it's a workarounf for the include of addrbook_search_html
152 * inside compose.php. If we found a better way then remove this. Do only use
153 * this var if you know for sure a page can be called stand alone and be included
154 * in another file.
155 */
156$bInit = true;
157
8e1e2794 158/**
159 * This theme as a failsafe if no themes were found, or if we error
160 * out before anything could be initialised.
161 */
162$color = array();
163$color[0] = '#DCDCDC'; /* light gray TitleBar */
164$color[1] = '#800000'; /* red */
165$color[2] = '#CC0000'; /* light red Warning/Error Messages */
166$color[3] = '#A0B8C8'; /* green-blue Left Bar Background */
167$color[4] = '#FFFFFF'; /* white Normal Background */
168$color[5] = '#FFFFCC'; /* light yellow Table Headers */
169$color[6] = '#000000'; /* black Text on left bar */
170$color[7] = '#0000CC'; /* blue Links */
171$color[8] = '#000000'; /* black Normal text */
172$color[9] = '#ABABAB'; /* mid-gray Darker version of #0 */
173$color[10] = '#666666'; /* dark gray Darker version of #9 */
174$color[11] = '#770000'; /* dark red Special Folders color */
175$color[12] = '#EDEDED';
176$color[13] = '#800000'; /* (dark red) Color for quoted text -- > 1 quote */
177$color[14] = '#ff0000'; /* (red) Color for quoted text -- >> 2 or more */
178$color[15] = '#002266'; /* (dark blue) Unselectable folders */
179$color[16] = '#ff9933'; /* (orange) Highlight color */
180
1888b1bf 181require(SM_PATH . 'include/constants.php');
202bcbcc 182require(SM_PATH . 'functions/global.php');
4ffcf13a 183require(SM_PATH . 'functions/strings.php');
918fcc1d 184require(SM_PATH . 'functions/arrays.php');
5e68a08e 185
186/* load default configuration */
187require(SM_PATH . 'config/config_default.php');
188/* reset arrays in default configuration */
189$ldap_server = array();
190$plugins = array();
191$fontsets = array();
5e68a08e 192$aTemplateSet = array();
28294310 193$aTemplateSet[0]['ID'] = 'default';
194$aTemplateSet[0]['NAME'] = 'Default';
01fd1d1a 195
5e68a08e 196/* load site configuration */
202bcbcc 197require(SM_PATH . 'config/config.php');
5e68a08e 198/* load local configuration overrides */
199if (file_exists(SM_PATH . 'config/config_local.php')) {
200 require(SM_PATH . 'config/config_local.php');
201}
202
1888b1bf 203
204/**
205 * Set PHP error reporting level based on the SquirrelMail debug mode
206 */
207$error_level = 0;
208if ($sm_debug_mode & SM_DEBUG_MODE_SIMPLE)
209 $error_level |= E_ERROR;
210if ($sm_debug_mode & SM_DEBUG_MODE_MODERATE
211 || $sm_debug_mode & SM_DEBUG_MODE_ADVANCED)
212 $error_level |= E_ALL;
213if ($sm_debug_mode & SM_DEBUG_MODE_STRICT)
214 $error_level |= E_STRICT;
215error_reporting($error_level);
216
217
202bcbcc 218require(SM_PATH . 'functions/plugin.php');
202bcbcc 219require(SM_PATH . 'include/languages.php');
42b5e8aa 220require(SM_PATH . 'class/template/Template.class.php');
5ab684a5 221require(SM_PATH . 'class/error.class.php');
202bcbcc 222
223/**
224 * If magic_quotes_runtime is on, SquirrelMail breaks in new and creative ways.
225 * Force magic_quotes_runtime off.
226 * tassium@squirrelmail.org - I put it here in the hopes that all SM code includes this.
227 * If there's a better place, please let me know.
228 */
229ini_set('magic_quotes_runtime','0');
230
231
232/* if running with magic_quotes_gpc then strip the slashes
233 from POST and GET global arrays */
430a19f3 234if (function_exists('get_magic_quotes_gpc') && @get_magic_quotes_gpc()) {
202bcbcc 235 sqstripslashes($_GET);
236 sqstripslashes($_POST);
237}
238
202bcbcc 239
240/* strip any tags added to the url from PHP_SELF.
241This fixes hand crafted url XXS expoits for any
242 page that uses PHP_SELF as the FORM action */
243$_SERVER['PHP_SELF'] = strip_tags($_SERVER['PHP_SELF']);
244
245$PHP_SELF = php_self();
246
247/**
248 * Initialize the session
249 */
250
e8c4e350 251/** set the name of the session cookie */
252if (!isset($session_name) || !$session_name) {
253 $session_name = 'SQMSESSID';
254}
255
256/**
319ad3c0 257 * When session.auto_start is On we want to destroy/close the session
1d537493 258 */
259$sSessionAutostartName = session_name();
ccb5faf0 260$sSessionAutostartID = session_id();
261if (!empty($sSessionAutostartID) && $sSessionAutostartName !== $session_name) {
1d537493 262 $sCookiePath = ini_get('session.cookie_path');
263 $sCookieDomain = ini_get('session.cookie_domain');
e8c4e350 264 // reset the cookie
ccb5faf0 265 sqsetcookie($sSessionAutostartName,'',1,$sCookiePath,$sCookieDomain);
e8c4e350 266 @session_destroy();
267 session_write_close();
1d537493 268}
e8c4e350 269
202bcbcc 270/**
271 * includes from classes stored in the session
272 */
273require(SM_PATH . 'class/mime.class.php');
274
202bcbcc 275ini_set('session.name' , $session_name);
276session_set_cookie_params (0, $base_uri);
277sqsession_is_active();
278
202bcbcc 279/**
319ad3c0 280 * When on login page, have to reset the user session, making
281 * sure to save session restore data first
282 */
283if (PAGE_NAME == 'login') {
284 if (!sqGetGlobalVar('session_expired_post', $sep, SQ_SESSION))
285 $sep = '';
286 if (!sqGetGlobalVar('session_expired_location', $sel, SQ_SESSION))
287 $sel = '';
288 sqsession_destroy();
289 session_write_close();
290
291 /**
292 * in some rare instances, the session seems to stick
293 * around even after destroying it (!!), so if it does,
294 * we'll manually flatten the $_SESSION data
295 */
296 if (!empty($_SESSION))
297 $_SESSION = array();
298
bc3acc5a 299 /**
300 * Allow administrators to define custom session handlers
301 * for SquirrelMail without needing to change anything in
302 * php.ini (application-level).
303 *
304 * In config_local.php, admin needs to put:
305 *
306 * $custom_session_handlers = array(
307 * 'my_open_handler',
308 * 'my_close_handler',
309 * 'my_read_handler',
310 * 'my_write_handler',
311 * 'my_destroy_handler',
312 * 'my_gc_handler',
313 * );
314 * session_module_name('user');
315 * session_set_save_handler(
316 * $custom_session_handlers[0],
317 * $custom_session_handlers[1],
318 * $custom_session_handlers[2],
319 * $custom_session_handlers[3],
320 * $custom_session_handlers[4],
321 * $custom_session_handlers[5]
322 * );
323 *
324 * We need to replicate that code once here because PHP has
325 * long had a bug that resets the session handler mechanism
326 * when the session data is also destroyed. Because of this
327 * bug, even administrators who define custom session handlers
328 * via a PHP pre-load defined in php.ini (auto_prepend_file)
329 * will still need to define the $custom_session_handlers array
330 * in config_local.php.
331 */
332 global $custom_session_handlers;
333 if (!empty($custom_session_handlers)) {
334 $open = $custom_session_handlers[0];
335 $close = $custom_session_handlers[1];
336 $read = $custom_session_handlers[2];
337 $write = $custom_session_handlers[3];
338 $destroy = $custom_session_handlers[4];
339 $gc = $custom_session_handlers[5];
340 session_module_name('user');
341 session_set_save_handler($open, $close, $read, $write, $destroy, $gc);
342 }
343
319ad3c0 344 sqsession_is_active();
345 session_regenerate_id();
ef33def6 346
347 // put session restore data back into session if necessary
348 if (!empty($sel)) {
349 sqsession_register($sel, 'session_expired_location');
350 if (!empty($sep))
351 sqsession_register($sep, 'session_expired_post');
352 }
319ad3c0 353}
354
355/**
5aed95be 356 * SquirrelMail internal version number -- DO NOT CHANGE
357 * $sm_internal_version = array (release, major, minor)
358 */
a895042a 359$SQM_INTERNAL_VERSION = explode('.', SM_VERSION, 3);
b37e457f 360$SQM_INTERNAL_VERSION[2] = intval($SQM_INTERNAL_VERSION[2]);
5aed95be 361
93d67e0d 362
6d5775db 363/* load prefs system; even when user not logged in, should be OK to do this here */
364require(SM_PATH . 'functions/prefs.php');
365
6d5775db 366
086ad092 367/* if plugins are disabled only for one user and
93d67e0d 368 * the current user is NOT that user, turn them
369 * back on
370 */
0d56053e 371sqgetGlobalVar('username', $username, SQ_SESSION);
93d67e0d 372if ($disable_plugins && !empty($disable_plugins_user)
373 && $username != $disable_plugins_user) {
374 $disable_plugins = false;
375}
376
4a9f6063 377
93d67e0d 378/* remove all plugins if they are disabled */
379if ($disable_plugins) {
380 $plugins = array();
381}
382
383
5aed95be 384/**
385 * Include Compatibility plugin if available.
386 */
93d67e0d 387if (!$disable_plugins && file_exists(SM_PATH . 'plugins/compatibility/functions.php'))
5aed95be 388 include_once(SM_PATH . 'plugins/compatibility/functions.php');
389
4a9f6063 390
5aed95be 391/**
392 * MAIN PLUGIN LOADING CODE HERE
086ad092 393 * On init, we no longer need to load all plugin setup files.
5aed95be 394 * Now, we load the statically generated hook registrations here
395 * and let the hook calls include only the plugins needed.
396 */
397$squirrelmail_plugin_hooks = array();
93d67e0d 398if (!$disable_plugins && file_exists(SM_PATH . 'config/plugin_hooks.php')) {
4a9f6063 399//FIXME: if we keep the plugin hooks array static like this, it seems like we should also keep the template files list in a static file too (when a new user session is started or the template set is changed, the code will dynamically iterate through the directory heirarchy of the template directory and catalog all the template files therein (and store the "catalog" in PHP session) -- instead, we could do that once at config-time and keep that static so SM can just include the file just like the line below)
5aed95be 400 require(SM_PATH . 'config/plugin_hooks.php');
401}
402
4a9f6063 403
5aed95be 404/**
4a9f6063 405 * Plugin authors note that the "config_override" hook used to be
406 * executed here, but please adapt your plugin to use this "prefs_backend"
407 * hook instead, making sure that it does NOT return anything, since
408 * doing so will interfere with proper prefs system functionality.
409 * Of course, otherwise, this hook may be used to do any configuration
410 * overrides as needed, as well as set up a custom preferences backend.
5aed95be 411 */
4a9f6063 412$prefs_backend = do_hook('prefs_backend', $null);
413if (isset($prefs_backend) && !empty($prefs_backend) && file_exists(SM_PATH . $prefs_backend)) {
414 require(SM_PATH . $prefs_backend);
415} elseif (isset($prefs_dsn) && !empty($prefs_dsn)) {
416 require(SM_PATH . 'functions/db_prefs.php');
417} else {
418 require(SM_PATH . 'functions/file_prefs.php');
419}
420
421
5aed95be 422
423/**
3464e1f4 424 * DISABLED.
202bcbcc 425 * Remove globalized session data in rg=on setups
086ad092 426 *
3464e1f4 427 * Code can be utilized when session is started, but data is not loaded.
086ad092 428 * We have already loaded configuration and other important vars. Can't
aae60854 429 * clean session globals here, beside, the cleanout of globals at the
430 * top of this file will have removed anything this code would find anyway.
3464e1f4 431if ((bool) @ini_get('register_globals') &&
432 strtolower(ini_get('register_globals'))!='off') {
202bcbcc 433 foreach ($_SESSION as $key => $value) {
434 unset($GLOBALS[$key]);
435 }
436}
3464e1f4 437*/
6a2a6e44 438
826ddd72 439sqsession_register(SM_BASE_URI,'base_uri');
6a2a6e44 440
202bcbcc 441/**
442 * Retrieve the language cookie
443 */
444if (! sqgetGlobalVar('squirrelmail_language',$squirrelmail_language,SQ_COOKIE)) {
445 $squirrelmail_language = '';
446}
447
bf3abdc3 448
202bcbcc 449/**
775a1f52 450 * In some cases, buffering all output allows more complex functionality,
451 * especially for plugins that want to add headers on hooks that are beyond
452 * the point of output having been sent to the browser otherwise.
453 *
454 * Note that we don't turn this on any earlier since we want to allow plugins
455 * to turn it on themselves via a configuration override on the prefs_backend
456 * hook.
457 *
458 */
459if ($buffer_output) ob_start(!empty($buffered_output_handler) ? $buffered_output_handler : NULL);
460
461
462/**
f0d28f44 463 * Do something special for some pages. This is based on the PAGE_NAME constant
9e06a3ea 464 * set at the top of every page.
202bcbcc 465 */
0d56053e 466$set_up_langage_after_template_setup = FALSE;
9e06a3ea 467switch (PAGE_NAME) {
086ad092 468 case 'style':
c4e5f61f 469
2b26084f 470 // need to get the right template set up
28294310 471 //
472 sqGetGlobalVar('templateid', $templateid, SQ_GET);
c4e5f61f 473
2b26084f 474 // sanitize just in case...
28294310 475 //
476 $templateid = preg_replace('/(\.\.\/){1,}/', '', $templateid);
477
478 // make sure given template actually is available
479 //
28294310 480 $found_templateset = false;
481 for ($i = 0; $i < count($aTemplateSet); ++$i) {
482 if ($aTemplateSet[$i]['ID'] == $templateid) {
483 $found_templateset = true;
484 break;
485 }
486 }
c4e5f61f 487
be155e14 488// FIXME: do we need/want to check here for actual (physical) presence of template sets?
28294310 489 // selected template not available, fall back to default template
490 //
491 if (!$found_templateset) {
42b5e8aa 492 $sTemplateID = Template::get_default_template_set();
28294310 493 } else {
494 $sTemplateID = $templateid;
c4e5f61f 495 }
496
2b26084f 497 session_write_close();
c4e5f61f 498 break;
499
f0d28f44 500 case 'mailto':
501 // nothing to do
502 break;
503
202bcbcc 504 case 'redirect':
2e616fa4 505 require(SM_PATH . 'functions/auth.php');
202bcbcc 506 //nobreak;
bf3abdc3 507
202bcbcc 508 case 'login':
509 require(SM_PATH . 'functions/display_messages.php' );
510 require(SM_PATH . 'functions/page_header.php');
511 require(SM_PATH . 'functions/html.php');
42b5e8aa 512
513 // reset template file cache
514 //
515 $sTemplateID = Template::get_default_template_set();
d81572f7 516 Template::cache_template_file_hierarchy($sTemplateID, TRUE);
42b5e8aa 517
1d537493 518 /**
01fd1d1a 519 * Make sure icon variables are setup for the login page.
520 */
521 $icon_theme = $icon_themes[$icon_theme_def]['PATH'];
522 /*
523 * NOTE: The $icon_theme_path var should contain the path to the icon
524 * theme to use. If the admin has disabled icons, or the user has
525 * set the icon theme to "None," no icons will be used.
526 */
527 $icon_theme_path = (!$use_icons || $icon_theme=='none') ? NULL : ($icon_theme == 'template' ? SM_PATH . Template::calculate_template_images_directory($sTemplateID) : $icon_theme);
528
202bcbcc 529 break;
530 default:
531 require(SM_PATH . 'functions/display_messages.php' );
532 require(SM_PATH . 'functions/page_header.php');
533 require(SM_PATH . 'functions/html.php');
202bcbcc 534
535
536 /**
537 * Check if we are logged in
538 */
539 require(SM_PATH . 'functions/auth.php');
540
541 if ( !sqsession_is_registered('user_is_logged_in') ) {
f8eb968d 542
543 // use $message to indicate what logout text the user
544 // will see... if 0, typical "You must be logged in"
545 // if 1, information that the user session was saved
546 // and will be resumed after (re)login
547 //
548 $message = 0;
549
202bcbcc 550 // First we store some information in the new session to prevent
551 // information-loss.
552 //
553 $session_expired_post = $_POST;
f8e68605 554 $session_expired_location = PAGE_NAME;
202bcbcc 555 if (!sqsession_is_registered('session_expired_post')) {
556 sqsession_register($session_expired_post,'session_expired_post');
557 }
558 if (!sqsession_is_registered('session_expired_location')) {
559 sqsession_register($session_expired_location,'session_expired_location');
f8e68605 560 if ($session_expired_location == 'compose')
f8eb968d 561 $message = 1;
202bcbcc 562 }
563 // signout page will deal with users who aren't logged
564 // in on its own; don't show error here
565 //
9e06a3ea 566 if ( PAGE_NAME == 'signout' ) {
a140422a 567 return;
202bcbcc 568 }
569
8efadc6b 570 /**
571 * Initialize the template object (logout_error uses it)
572 */
8efadc6b 573 /*
086ad092 574 * $sTemplateID is not initialized when a user is not logged in, so we
575 * will use the config file defaults here. If the neccesary variables
d81572f7 576 * are not set, force a default value.
8efadc6b 577 */
d81572f7 578 if (PAGE_NAME == 'squirrelmail_rpc') {
579 $sTemplateID = Template::get_rpc_template_set();
580 } else {
581 $sTemplateID = Template::get_default_template_set();
582 }
28294310 583 $oTemplate = Template::construct_template($sTemplateID);
8efadc6b 584
202bcbcc 585 set_up_language($squirrelmail_language, true);
f8eb968d 586 if (!$message)
587 logout_error( _("You must be logged in to access this page.") );
588 else
589 logout_error( _("Your session has expired, but will be resumed after logging in again.") );
202bcbcc 590 exit;
591 }
592
79524620 593 sqgetGlobalVar('authz',$authz,SQ_SESSION);
202bcbcc 594
595 /**
596 * Setting the prefs backend
597 */
598 sqgetGlobalVar('prefs_cache', $prefs_cache, SQ_SESSION );
599 sqgetGlobalVar('prefs_are_cached', $prefs_are_cached, SQ_SESSION );
600
601 if ( !sqsession_is_registered('prefs_are_cached') ||
602 !isset( $prefs_cache) ||
603 !is_array( $prefs_cache)) {
604 $prefs_are_cached = false;
605 $prefs_cache = false; //array();
606 }
607
202bcbcc 608 /**
609 * initializing user settings
610 */
611 require(SM_PATH . 'include/load_prefs.php');
612
202bcbcc 613 /**
614 * We'll need this to later have a noframes version
615 *
616 * Check if the user has a language preference, but no cookie.
617 * Send him a cookie with his language preference, if there is
618 * such discrepancy.
619 */
620 $my_language = getPref($data_dir, $username, 'language');
621 if ($my_language != $squirrelmail_language) {
622 sqsetcookie('squirrelmail_language', $my_language, time()+2592000, $base_uri);
623 }
202bcbcc 624
0d56053e 625 $set_up_langage_after_template_setup = TRUE;
202bcbcc 626
627 $timeZone = getPref($data_dir, $username, 'timezone');
628
629 /* Check to see if we are allowed to set the TZ environment variable.
630 * We are able to do this if ...
631 * safe_mode is disabled OR
632 * safe_mode_allowed_env_vars is empty (you are allowed to set any) OR
633 * safe_mode_allowed_env_vars contains TZ
634 */
635 $tzChangeAllowed = (!ini_get('safe_mode')) ||
636 !strcmp(ini_get('safe_mode_allowed_env_vars'),'') ||
637 preg_match('/^([\w_]+,)*TZ/', ini_get('safe_mode_allowed_env_vars'));
638
639 if ( $timeZone != SMPREF_NONE && ($timeZone != "")
640 && $tzChangeAllowed ) {
641
642 // get time zone key, if strict or custom strict timezones are used
643 if (isset($time_zone_type) &&
644 ($time_zone_type == 1 || $time_zone_type == 3)) {
645 /* load time zone functions */
646 require(SM_PATH . 'include/timezones.php');
647 $realTimeZone = sq_get_tz_key($timeZone);
648 } else {
649 $realTimeZone = $timeZone;
650 }
651
652 // set time zone
653 if ($realTimeZone) {
654 putenv("TZ=".$realTimeZone);
655 }
656 }
867fed37 657
658 /**
659 * php 5.1.0 added time zone functions. Set time zone with them in order
660 * to prevent E_STRICT notices and allow time zone modifications in safe_mode.
661 */
662 if (function_exists('date_default_timezone_set')) {
663 if ($timeZone != SMPREF_NONE && $timeZone != "") {
664 date_default_timezone_set($timeZone);
665 } else {
666 // interface runs on server's time zone. Remove php E_STRICT complains
667 $default_timezone = @date_default_timezone_get();
086ad092 668 date_default_timezone_set($default_timezone);
867fed37 669 }
670 }
202bcbcc 671 break;
672}
673
202bcbcc 674/*
086ad092 675 * $sTemplateID is not initialized when a user is not logged in, so we
676 * will use the config file defaults here. If the neccesary variables
28294310 677 * are not set, force a default value.
086ad092 678 *
679 * If the user is logged in, $sTemplateID will be set in load_prefs.php,
28294310 680 * so we shouldn't change it here.
202bcbcc 681 */
28294310 682if (!isset($sTemplateID)) {
d81572f7 683 if (PAGE_NAME == 'squirrelmail_rpc') {
684 $sTemplateID = Template::get_rpc_template_set();
685 } else {
686 $sTemplateID = Template::get_default_template_set();
687 }
28294310 688 $icon_theme_path = !$use_icons ? NULL : Template::calculate_template_images_directory($sTemplateID);
3aa46abc 689}
be155e14 690
691// template object may have already been constructed in load_prefs.php
692//
693if (empty($oTemplate)) {
694 $oTemplate = Template::construct_template($sTemplateID);
695}
202bcbcc 696
7aae649d 697// We want some variables to always be available to the template
551c7b53 698//
e39d00e9 699$oTemplate->assign('javascript_on',
700 (sqGetGlobalVar('user_is_logged_in', $user_is_logged_in, SQ_SESSION)
701 ? checkForJavascript() : 0));
fe8103c2 702$oTemplate->assign('base_uri', sqm_baseuri());
457e8593 703$always_include = array('sTemplateID', 'icon_theme_path');
7aae649d 704foreach ($always_include as $var) {
705 $oTemplate->assign($var, (isset($$var) ? $$var : NULL));
706}
707
551c7b53 708// A few output elements are used often, so just get them once here
709//
710$nbsp = $oTemplate->fetch('non_breaking_space.tpl');
711$br = $oTemplate->fetch('line_break.tpl');
712
0d56053e 713
714/**
715 * Set up the language.
716 *
717 * This code block corresponds to the *default* block of the switch
718 * statement above, but the language cannot be set up until after the
719 * template is instantiated, so we set $set_up_langage_after_template_setup
720 * above and do the linguistic stuff now.
721 */
722if ($set_up_langage_after_template_setup) {
723 $err=set_up_language(getPref($data_dir, $username, 'language'));
724
725 // Japanese translation used without mbstring support
726 if ($err==2) {
727 $sError = "<p>Your administrator needs to have PHP installed with the multibyte string extension enabled (using configure option --enable-mbstring).</p>\n"
728 . "<p>This system has assumed that you accidently switched to Japanese and has reverted your language preference to English.</p>\n"
729 . "<p>Please refresh this page in order to continue using your webmail.</p>\n";
730 error_box($sError);
731 }
732}
733
734
202bcbcc 735/**
736 * Initialize our custom error handler object
737 */
202bcbcc 738$oErrorHandler = new ErrorHandler($oTemplate,'error_message.tpl');
739
0d56053e 740
202bcbcc 741/**
742 * Activate custom error handling
743 */
744if (version_compare(PHP_VERSION, "4.3.0", ">=")) {
745 $oldErrorHandler = set_error_handler(array($oErrorHandler, 'SquirrelMailErrorhandler'));
746} else {
747 $oldErrorHandler = set_error_handler('SquirrelMailErrorhandler');
748}
749
f0d28f44 750
751// ============================================================================
752// ================= End of Live Code, Beginning of Functions =================
753// ============================================================================
754
755
202bcbcc 756/**
757 * Javascript support detection function
758 * @param boolean $reset recheck javascript support if set to true.
867fed37 759 * @return integer SMPREF_JS_ON or SMPREF_JS_OFF ({@see include/constants.php})
202bcbcc 760 * @since 1.5.1
761 */
202bcbcc 762function checkForJavascript($reset = FALSE) {
763 global $data_dir, $username, $javascript_on, $javascript_setting;
764
765 if ( !$reset && sqGetGlobalVar('javascript_on', $javascript_on, SQ_SESSION) )
766 return $javascript_on;
767
e39d00e9 768 $user_is_logged_in = FALSE;
bf3abdc3 769 if ( $reset || !isset($javascript_setting) )
202bcbcc 770 $javascript_setting = getPref($data_dir, $username, 'javascript_setting', SMPREF_JS_AUTODETECT);
771
772 if ( !sqGetGlobalVar('new_js_autodetect_results', $js_autodetect_results) &&
773 !sqGetGlobalVar('js_autodetect_results', $js_autodetect_results) )
774 $js_autodetect_results = SMPREF_JS_OFF;
775
776 if ( $javascript_setting == SMPREF_JS_AUTODETECT )
777 $javascript_on = $js_autodetect_results;
778 else
779 $javascript_on = $javascript_setting;
780
781 sqsession_register($javascript_on, 'javascript_on');
782 return $javascript_on;
783}
784
785function sqm_baseuri() {
786 global $base_uri;
787 return $base_uri;
8e1e2794 788}