d622d38a |
1 | <?php |
4b4abf93 |
2 | |
4f51df66 |
3 | /** |
4 | * mail_fetch/functions.php |
5 | * |
60683821 |
6 | * Functions for the mail_fetch plugin. |
4f51df66 |
7 | * |
8 | * Original code from LexZEUS <lexzeus@mifinca.com> |
9 | * and josh@superfork.com (extracted from php manual) |
10 | * Adapted for MailFetch by Philippe Mingo <mingo@rotedic.com> |
11 | * |
353d074a |
12 | * @copyright 1999-2018 The SquirrelMail Project Team |
4b4abf93 |
13 | * @license http://opensource.org/licenses/gpl-license.php GNU Public License |
4f51df66 |
14 | * @version $Id$ |
15 | * @package plugins |
16 | * @subpackage mail_fetch |
17 | */ |
d622d38a |
18 | |
60683821 |
19 | |
20 | /** pop3 class */ |
929da10d |
21 | include_once (SM_PATH . 'plugins/mail_fetch/constants.php'); |
22 | include_once (SM_PATH . 'plugins/mail_fetch/class.mail_fetch.php'); |
60683821 |
23 | |
5f438206 |
24 | /** declare plugin globals */ |
b571d899 |
25 | global $mail_fetch_allow_unsubscribed, $mail_fetch_allowable_ports, |
26 | $mail_fetch_block_server_pattern; |
5f438206 |
27 | |
09b143cc |
28 | /** |
29 | * Add link to menu at top of content pane |
30 | * |
31 | * @return void |
32 | * |
33 | */ |
34 | function mail_fetch_link_do() { |
35 | |
551c7b53 |
36 | global $oTemplate, $nbsp; |
09b143cc |
37 | $output = makeInternalLink('plugins/mail_fetch/fetch.php', _("Fetch"), '') |
38 | . $nbsp . $nbsp; |
39 | return array('menuline' => $output); |
40 | |
41 | } |
42 | |
5f438206 |
43 | /** |
44 | * Controls use of unsubscribed folders in plugin |
45 | * @global boolean $mail_fetch_allow_unsubscribed |
5c89bd63 |
46 | * @since 1.5.1 and 1.4.5 |
5f438206 |
47 | */ |
48 | $mail_fetch_allow_unsubscribed = false; |
49 | |
60683821 |
50 | /** load site config */ |
51 | if (file_exists(SM_PATH . 'config/mail_fetch_config.php')) { |
52 | include_once(SM_PATH . 'config/mail_fetch_config.php'); |
53 | } elseif (file_exists(SM_PATH . 'plugins/mail_fetch/config.php')) { |
54 | include_once(SM_PATH . 'plugins/mail_fetch/config.php'); |
55 | } |
56 | |
57 | // hooked functions |
58 | |
60683821 |
59 | /** |
60 | * Internal function used to fetch pop3 mails on login |
61 | * @since 1.5.1 |
62 | * @private |
63 | */ |
64 | function mail_fetch_login_function() { |
202bcbcc |
65 | include_once (SM_PATH . 'functions/imap_general.php'); |
66 | |
a9805897 |
67 | global $username, $data_dir, $imapServerAddress, $imapPort, $imap_stream_options; |
60683821 |
68 | |
69 | $mailfetch_newlog = getPref($data_dir, $username, 'mailfetch_newlog'); |
70 | |
71 | $outMsg = ''; |
72 | |
73 | $mailfetch_server_number = getPref($data_dir, $username, 'mailfetch_server_number'); |
74 | if (!isset($mailfetch_server_number)) $mailfetch_server_number=0; |
75 | $mailfetch_cypher = getPref($data_dir, $username, 'mailfetch_cypher'); |
76 | if ($mailfetch_server_number<1) $mailfetch_server_number=0; |
77 | |
78 | for ($i_loop=0;$i_loop<$mailfetch_server_number;$i_loop++) { |
79 | |
80 | $mailfetch_login_[$i_loop] = getPref($data_dir, $username, "mailfetch_login_$i_loop"); |
81 | $mailfetch_fref_[$i_loop] = getPref($data_dir, $username, "mailfetch_fref_$i_loop"); |
82 | $mailfetch_pass_[$i_loop] = getPref($data_dir, $username, "mailfetch_pass_$i_loop"); |
f54ec17d |
83 | if( $mailfetch_cypher == 'on' ) { |
60683821 |
84 | $mailfetch_pass_[$i_loop] = decrypt( $mailfetch_pass_[$i_loop] ); |
f54ec17d |
85 | } |
60683821 |
86 | |
87 | if( $mailfetch_pass_[$i_loop] <> '' && // Empty passwords no allowed |
88 | ( ( $mailfetch_login_[$i_loop] == 'on' && $mailfetch_newlog == 'on' ) || $mailfetch_fref_[$i_loop] == 'on' ) ) { |
89 | |
929da10d |
90 | // What the heck |
60683821 |
91 | $mailfetch_server_[$i_loop] = getPref($data_dir, $username, "mailfetch_server_$i_loop"); |
92 | $mailfetch_port_[$i_loop] = getPref($data_dir, $username , "mailfetch_port_$i_loop"); |
93 | $mailfetch_alias_[$i_loop] = getPref($data_dir, $username, "mailfetch_alias_$i_loop"); |
94 | $mailfetch_user_[$i_loop] = getPref($data_dir, $username, "mailfetch_user_$i_loop"); |
95 | $mailfetch_lmos_[$i_loop] = getPref($data_dir, $username, "mailfetch_lmos_$i_loop"); |
96 | $mailfetch_uidl_[$i_loop] = getPref($data_dir, $username, "mailfetch_uidl_$i_loop"); |
97 | $mailfetch_subfolder_[$i_loop] = getPref($data_dir, $username, "mailfetch_subfolder_$i_loop"); |
929da10d |
98 | $mailfetch_auth_[$i_loop] = getPref($data_dir, $username, "mailfetch_auth_$i_loop",MAIL_FETCH_AUTH_USER); |
99 | $mailfetch_type_[$i_loop] = getPref($data_dir, $username, "mailfetch_type_$i_loop",MAIL_FETCH_USE_PLAIN); |
60683821 |
100 | |
101 | $mailfetch_server=$mailfetch_server_[$i_loop]; |
102 | $mailfetch_port=$mailfetch_port_[$i_loop]; |
103 | $mailfetch_user=$mailfetch_user_[$i_loop]; |
104 | $mailfetch_alias=$mailfetch_alias_[$i_loop]; |
105 | $mailfetch_pass=$mailfetch_pass_[$i_loop]; |
106 | $mailfetch_lmos=$mailfetch_lmos_[$i_loop]; |
107 | $mailfetch_login=$mailfetch_login_[$i_loop]; |
108 | $mailfetch_uidl=$mailfetch_uidl_[$i_loop]; |
109 | $mailfetch_subfolder=$mailfetch_subfolder_[$i_loop]; |
929da10d |
110 | $mailfetch_auth=$mailfetch_auth_[$i_loop]; |
111 | $mailfetch_type=$mailfetch_type_[$i_loop]; |
112 | // end of what the heck |
113 | |
60683821 |
114 | |
115 | // $outMsg .= "$mailfetch_alias checked<br />"; |
116 | |
117 | // $outMsg .= "$mailfetch_alias_[$i_loop]<br />"; |
118 | |
929da10d |
119 | // FIXME: duplicate code with different output destination. |
120 | |
121 | $pop3 = new mail_fetch(array('host' => $mailfetch_server, |
122 | 'port' => $mailfetch_port, |
123 | 'auth' => $mailfetch_auth, |
124 | 'tls' => $mailfetch_type, |
125 | 'timeout' => 60)); |
60683821 |
126 | |
929da10d |
127 | if (!empty($pop3->error)) { |
128 | $outMsg .= _("Warning:") . ' ' . $pop3->error; |
60683821 |
129 | continue; |
130 | } |
131 | |
a9805897 |
132 | $imap_stream = sqimap_login($username, false, $imapServerAddress, $imapPort, 10, $imap_stream_options); |
60683821 |
133 | |
929da10d |
134 | /* log into pop server*/ |
135 | if (! $pop3->login($mailfetch_user, $mailfetch_pass)) { |
136 | $outMsg .= _("Login Failed:") . ' ' . $pop3->error; |
60683821 |
137 | continue; |
138 | } |
139 | |
929da10d |
140 | $aMsgStat = $pop3->command_stat(); |
141 | if (is_bool($aMsgStat)) { |
3047e291 |
142 | $outMsg .= _("Can't get mailbox status:") . ' ' . sm_encode_html_special_chars($pop3->error); |
929da10d |
143 | continue; |
144 | } |
60683821 |
145 | |
929da10d |
146 | $Count = $aMsgStat['count']; |
60683821 |
147 | |
148 | $i = 1; |
929da10d |
149 | |
150 | if ($Count>0) { |
151 | // If we leave messages on server, try using UIDL |
152 | if ($mailfetch_lmos == 'on') { |
153 | $msglist = $pop3->command_uidl(); |
154 | if (is_bool($msglist)) { |
3047e291 |
155 | $outMsg .= _("Server does not support UIDL.") . ' '.sm_encode_html_special_chars($pop3->error); |
929da10d |
156 | // User asked to leave messages on server, but we can't do that. |
157 | $pop3->command_quit(); |
158 | continue; |
159 | // $mailfetch_lmos = 'off'; |
160 | } else { |
161 | // calculate number of new messages |
162 | for ($j = 1; $j <= sizeof($msglist); $j++) { |
163 | // do strict comparison ('1111.10' should not be equal to '1111.100') |
164 | if ($msglist[$j] === $mailfetch_uidl) { |
165 | $i = $j+1; |
166 | break; |
167 | } |
168 | } |
169 | } |
170 | } |
171 | // fetch list of messages with LIST |
172 | // we can use else control, but we can also set $mailfetch_lmos |
173 | // to off if server does not support UIDL. |
174 | if ($mailfetch_lmos != 'on') { |
175 | $msglist = $pop3->command_list(); |
60683821 |
176 | } |
177 | } |
178 | |
179 | if ($Count < $i) { |
929da10d |
180 | $pop3->command_quit(); |
60683821 |
181 | continue; |
182 | } |
183 | if ($Count == 0) { |
929da10d |
184 | $pop3->command_quit(); |
60683821 |
185 | continue; |
186 | } |
187 | |
60683821 |
188 | for (; $i <= $Count; $i++) { |
189 | if (!ini_get('safe_mode')) |
190 | set_time_limit(20); // 20 seconds per message max |
929da10d |
191 | $Message = $pop3->command_retr($i); |
60683821 |
192 | |
929da10d |
193 | if (is_bool($Message)) { |
3047e291 |
194 | $outMsg .= _("Warning:") . ' ' . sm_encode_html_special_chars($pop3->error); |
929da10d |
195 | continue; |
60683821 |
196 | } |
197 | |
198 | // check if mail folder is not null and subscribed (There is possible issue with /noselect mail folders) |
199 | if ($mailfetch_subfolder=='' || |
200 | ! mail_fetch_check_folder($imap_stream,$mailfetch_subfolder)) { |
201 | fputs($imap_stream, "A3$i APPEND INBOX {" . strlen($Message) . "}\r\n"); |
202 | } else { |
203 | fputs($imap_stream, "A3$i APPEND $mailfetch_subfolder {" . strlen($Message) . "}\r\n"); |
204 | } |
205 | $Line = fgets($imap_stream, 1024); |
206 | if (substr($Line, 0, 1) == '+') { |
207 | fputs($imap_stream, $Message); |
208 | fputs($imap_stream, "\r\n"); |
209 | sqimap_read_data($imap_stream, "A3$i", false, $response, $message); |
210 | |
929da10d |
211 | // Check results of append command |
212 | $response=(implode('',$response)); |
213 | $message=(implode('',$message)); |
214 | if ($response != 'OK') { |
3047e291 |
215 | $outMsg .= _("Error Appending Message!")." ".sm_encode_html_special_chars($message); |
929da10d |
216 | |
217 | if ($mailfetch_lmos == 'on') { |
218 | setPref($data_dir,$username,"mailfetch_uidl_$i_loop", $msglist[$i-1]); |
219 | } |
220 | // Destroy msg list in order to prevent UIDL update |
221 | $msglist = false; |
222 | // if append fails, don't download other messages |
223 | break; |
224 | } |
225 | |
60683821 |
226 | if ($mailfetch_lmos != 'on') { |
929da10d |
227 | $pop3->command_dele($i); |
60683821 |
228 | } |
229 | } else { |
230 | echo "$Line"; |
5fe0662e |
231 | $outMsg .= _("Error Appending Message!"); |
60683821 |
232 | } |
233 | } |
234 | |
929da10d |
235 | $pop3->command_quit(); |
60683821 |
236 | sqimap_logout($imap_stream); |
929da10d |
237 | if ($mailfetch_lmos == 'on' && is_array($msglist)) { |
238 | setPref($data_dir,$username,"mailfetch_uidl_$i_loop", array_pop($msglist)); |
60683821 |
239 | } |
240 | } |
241 | } |
242 | |
243 | if( trim( $outMsg ) <> '' ) { |
244 | echo '<br /><font size="1">' . _("Mail Fetch Result:") . "<br />$outMsg</font>"; |
245 | } |
246 | if( $mailfetch_newlog == 'on' ) { |
247 | setPref($data_dir, $username, 'mailfetch_newlog', 'off'); |
248 | } |
249 | } |
250 | |
251 | /** |
252 | * Internal function used to detect new logins |
253 | */ |
254 | function mail_fetch_setnew_function() { |
2128bbc6 |
255 | global $data_dir, $username; |
60683821 |
256 | |
60683821 |
257 | setPref( $data_dir, $username, 'mailfetch_newlog', 'on' ); |
258 | } |
259 | |
260 | /** |
261 | * Internal function used to register option block |
262 | * @since 1.5.1 |
263 | * @private |
264 | */ |
265 | function mailfetch_optpage_register_block_function() { |
266 | global $optpage_blocks; |
267 | |
268 | $optpage_blocks[] = array( |
269 | 'name' => _("POP3 Fetch Mail"), |
270 | 'url' => '../plugins/mail_fetch/options.php', |
271 | 'desc' => _("This configures settings for downloading email from a POP3 mailbox to your account on this server."), |
272 | 'js' => false |
273 | ); |
274 | } |
275 | |
276 | /** |
202bcbcc |
277 | * Internal function used to update mail_fetch settings |
60683821 |
278 | * when folders are renamed or deleted. |
279 | * @since 1.5.1 |
280 | * @private |
281 | */ |
282 | function mail_fetch_folderact_function($args) { |
283 | global $username, $data_dir; |
284 | |
285 | if (empty($args) || !is_array($args)) { |
286 | return; |
287 | } |
288 | |
289 | /* Should be 3 ars, 1: old folder, 2: action, 3: new folder */ |
290 | if (count($args) != 3) { |
291 | return; |
292 | } |
293 | |
294 | list($old_folder, $action, $new_folder) = $args; |
295 | |
296 | $mailfetch_server_number = getPref($data_dir, $username, 'mailfetch_server_number'); |
297 | |
298 | for ($i = 0; $i < $mailfetch_server_number; $i++) { |
299 | $mailfetch_subfolder = getPref($data_dir, $username, 'mailfetch_subfolder_' . $i); |
300 | |
301 | if ($mailfetch_subfolder != $old_folder) { |
302 | continue; |
303 | } |
304 | |
305 | if ($action == 'delete') { |
306 | setPref($data_dir, $username, 'mailfetch_subfolder_' . $i, 'INBOX'); |
307 | } elseif ($action == 'rename') { |
308 | setPref($data_dir, $username, 'mailfetch_subfolder_' . $i, $new_folder); |
309 | } |
310 | } |
311 | } |
312 | // end of hooked functions |
313 | |
4f51df66 |
314 | /** |
f19ee57d |
315 | * hex2bin - convert a hexadecimal string into binary |
316 | * Exists since PHP 5.4. |
4f51df66 |
317 | */ |
f19ee57d |
318 | if ( ! function_exists('hex2bin') ) { |
319 | function hex2bin( $data ) { |
d622d38a |
320 | |
f19ee57d |
321 | /* Original code by josh@superfork.com */ |
d622d38a |
322 | |
f19ee57d |
323 | $len = strlen($data); |
324 | $newdata = ''; |
325 | for( $i=0; $i < $len; $i += 2 ) { |
326 | $newdata .= pack( "C", hexdec( substr( $data, $i, 2) ) ); |
327 | } |
328 | return $newdata; |
d622d38a |
329 | } |
4f51df66 |
330 | } |
d622d38a |
331 | |
4f51df66 |
332 | function mf_keyED( $txt ) { |
d622d38a |
333 | |
4f51df66 |
334 | global $MF_TIT; |
d622d38a |
335 | |
4f51df66 |
336 | if( !isset( $MF_TIT ) ) { |
337 | $MF_TIT = "MailFetch Secure for SquirrelMail 1.x"; |
338 | } |
d622d38a |
339 | |
4f51df66 |
340 | $encrypt_key = md5( $MF_TIT ); |
341 | $ctr = 0; |
342 | $tmp = ""; |
343 | for( $i = 0; $i < strlen( $txt ); $i++ ) { |
344 | if( $ctr == strlen( $encrypt_key ) ) $ctr=0; |
345 | $tmp.= substr( $txt, $i, 1 ) ^ substr( $encrypt_key, $ctr, 1 ); |
346 | $ctr++; |
d622d38a |
347 | } |
4f51df66 |
348 | return $tmp; |
349 | } |
d622d38a |
350 | |
4f51df66 |
351 | function encrypt( $txt ) { |
d622d38a |
352 | |
4f51df66 |
353 | srand( (double) microtime() * 1000000 ); |
354 | $encrypt_key = md5( rand( 0, 32000 ) ); |
355 | $ctr = 0; |
356 | $tmp = ""; |
357 | for( $i = 0; $i < strlen( $txt ); $i++ ) { |
d622d38a |
358 | if ($ctr==strlen($encrypt_key)) $ctr=0; |
4f51df66 |
359 | $tmp.= substr($encrypt_key,$ctr,1) . |
360 | (substr($txt,$i,1) ^ substr($encrypt_key,$ctr,1)); |
d622d38a |
361 | $ctr++; |
d622d38a |
362 | } |
4f51df66 |
363 | return bin2hex( mf_keyED( $tmp ) ); |
364 | |
365 | } |
d622d38a |
366 | |
4f51df66 |
367 | function decrypt( $txt ) { |
d622d38a |
368 | |
4f51df66 |
369 | $txt = mf_keyED( hex2bin( $txt ) ); |
370 | $tmp = ''; |
371 | for ( $i=0; $i < strlen( $txt ); $i++ ) { |
372 | $md5 = substr( $txt, $i, 1 ); |
373 | $i++; |
374 | $tmp.= ( substr( $txt, $i, 1 ) ^ $md5 ); |
d622d38a |
375 | } |
4f51df66 |
376 | return $tmp; |
377 | } |
d622d38a |
378 | |
5f438206 |
379 | /** |
380 | * check mail folder |
381 | * @param stream $imap_stream imap connection resource |
382 | * @param string $imap_folder imap folder name |
383 | * @return boolean true, when folder can be used to store messages. |
5c89bd63 |
384 | * @since 1.5.1 and 1.4.5 |
5f438206 |
385 | */ |
386 | function mail_fetch_check_folder($imap_stream,$imap_folder) { |
387 | global $mail_fetch_allow_unsubscribed; |
388 | |
389 | // check if folder is subscribed or only exists. |
390 | if (sqimap_mailbox_is_subscribed($imap_stream,$imap_folder)) { |
391 | $ret = true; |
392 | } elseif ($mail_fetch_allow_unsubscribed && sqimap_mailbox_exists($imap_stream,$imap_folder)) { |
393 | $ret = true; |
394 | } else { |
395 | $ret = false; |
396 | } |
397 | |
398 | // make sure that folder can store messages |
399 | if ($ret && mail_fetch_check_noselect($imap_stream,$imap_folder)) { |
400 | $ret = false; |
401 | } |
402 | |
403 | return $ret; |
404 | } |
405 | |
406 | /** |
407 | * Checks if folder is noselect (can't store messages) |
f8a1ed5a |
408 | * |
5f438206 |
409 | * Function does not check if folder subscribed. |
410 | * @param stream $imap_stream imap connection resource |
411 | * @param string $imap_folder imap folder name |
412 | * @return boolean true, when folder has noselect flag. false in any other case. |
5c89bd63 |
413 | * @since 1.5.1 and 1.4.5 |
5f438206 |
414 | */ |
415 | function mail_fetch_check_noselect($imap_stream,$imap_folder) { |
416 | $boxes=sqimap_mailbox_list($imap_stream); |
417 | foreach($boxes as $box) { |
418 | if ($box['unformatted']==$imap_folder) { |
419 | return (bool) check_is_noselect($box['raw']); |
420 | } |
421 | } |
422 | return false; |
423 | } |
b571d899 |
424 | |
425 | /** |
426 | * Validate a requested POP3 port number |
427 | * |
428 | * Allowable port numbers are configured in config.php |
429 | * (see config_example.php for an example and more |
430 | * rules about how the list of allowable port numbers |
431 | * can be specified) |
432 | * |
433 | * @param int $requested_port The port number given by the user |
434 | * |
435 | * @return string An error string is returned if the port |
436 | * number is not allowable, otherwise an |
437 | * empty string is returned. |
438 | * |
439 | */ |
440 | function validate_mail_fetch_port_number($requested_port) { |
441 | global $mail_fetch_allowable_ports; |
442 | if (empty($mail_fetch_allowable_ports)) |
443 | $mail_fetch_allowable_ports = array(110, 995); |
444 | |
445 | if (in_array('ALL', $mail_fetch_allowable_ports)) |
446 | return ''; |
447 | |
448 | if (!in_array($requested_port, $mail_fetch_allowable_ports)) { |
449 | sq_change_text_domain('mail_fetch'); |
450 | $error = _("Sorry, that port number is not allowed"); |
451 | sq_change_text_domain('squirrelmail'); |
452 | return $error; |
453 | } |
454 | |
455 | return ''; |
456 | } |
457 | |
458 | /** |
459 | * Validate a requested POP3 server address |
460 | * |
461 | * Blocked server addresses are configured in config.php |
462 | * (see config_example.php for more details) |
463 | * |
464 | * @param int $requested_address The server address given by the user |
465 | * |
466 | * @return string An error string is returned if the server |
467 | * address is not allowable, otherwise an |
468 | * empty string is returned. |
469 | * |
470 | */ |
471 | function validate_mail_fetch_server_address($requested_address) { |
472 | global $mail_fetch_block_server_pattern; |
473 | if (empty($mail_fetch_block_server_pattern)) |
474 | $mail_fetch_block_server_pattern = '/(^10\.)|(^192\.)|(^127\.)|(^localhost)/'; |
475 | |
476 | if ($mail_fetch_block_server_pattern == 'UNRESTRICTED') |
477 | return ''; |
478 | |
479 | if (preg_match($mail_fetch_block_server_pattern, $requested_address)) { |
480 | sq_change_text_domain('mail_fetch'); |
481 | $error = _("Sorry, that server address is not allowed"); |
482 | sq_change_text_domain('squirrelmail'); |
483 | return $error; |
484 | } |
485 | |
486 | return ''; |
487 | } |
488 | |