[squirrelmail.git] / plugins / mail_fetch / functions.php

<?php

/**
 * mail_fetch/functions.php
 *
 * Functions for the mail_fetch plugin.
 *
 * Original code from LexZEUS <lexzeus@mifinca.com>
 * and josh@superfork.com (extracted from php manual)
 * Adapted for MailFetch by Philippe Mingo <mingo@rotedic.com>
 *
 * @copyright 1999-2020 The SquirrelMail Project Team
 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
 * @version $Id$
 * @package plugins
 * @subpackage mail_fetch
 */


/** pop3 class */
include_once (SM_PATH . 'plugins/mail_fetch/constants.php');
include_once (SM_PATH . 'plugins/mail_fetch/class.mail_fetch.php');

/** declare plugin globals */
global $mail_fetch_allow_unsubscribed, $mail_fetch_allowable_ports,
       $mail_fetch_block_server_pattern;

/**
  * Add link to menu at top of content pane
  *
  * @return void
  *
  */
function mail_fetch_link_do() {

    global $oTemplate, $nbsp;
    $output = makeInternalLink('plugins/mail_fetch/fetch.php', _("Fetch"), '')
            . $nbsp . $nbsp;
    return array('menuline' => $output);

}

/**
 * Controls use of unsubscribed folders in plugin
 * @global boolean $mail_fetch_allow_unsubscribed
 * @since 1.5.1 and 1.4.5
 */
$mail_fetch_allow_unsubscribed = false;

/** load site config */
if (file_exists(SM_PATH . 'config/mail_fetch_config.php')) {
    include_once(SM_PATH . 'config/mail_fetch_config.php');
} elseif (file_exists(SM_PATH . 'plugins/mail_fetch/config.php')) {
    include_once(SM_PATH . 'plugins/mail_fetch/config.php');
}

// hooked functions

/**
 * Internal function used to fetch pop3 mails on login
 * @since 1.5.1
 * @private
 */
function mail_fetch_login_function() {
    include_once (SM_PATH . 'functions/imap_general.php');

    global $username, $data_dir, $imapServerAddress, $imapPort, $imap_stream_options;

    $mailfetch_newlog = getPref($data_dir, $username, 'mailfetch_newlog');

    $outMsg = '';

    $mailfetch_server_number = getPref($data_dir, $username, 'mailfetch_server_number');
    if (!isset($mailfetch_server_number)) $mailfetch_server_number=0;
    $mailfetch_cypher = getPref($data_dir, $username, 'mailfetch_cypher');
    if ($mailfetch_server_number<1) $mailfetch_server_number=0;

    for ($i_loop=0;$i_loop<$mailfetch_server_number;$i_loop++) {

        $mailfetch_login_[$i_loop] = getPref($data_dir, $username, "mailfetch_login_$i_loop");
        $mailfetch_fref_[$i_loop] = getPref($data_dir, $username, "mailfetch_fref_$i_loop");
        $mailfetch_pass_[$i_loop] = getPref($data_dir, $username, "mailfetch_pass_$i_loop");
        if( $mailfetch_cypher == 'on' ) {
            $mailfetch_pass_[$i_loop] = decrypt( $mailfetch_pass_[$i_loop] );
        }

        if( $mailfetch_pass_[$i_loop] <> '' &&          // Empty passwords no allowed
                ( ( $mailfetch_login_[$i_loop] == 'on' &&  $mailfetch_newlog == 'on' ) || $mailfetch_fref_[$i_loop] == 'on' ) ) {

            // What the heck
            $mailfetch_server_[$i_loop] = getPref($data_dir, $username, "mailfetch_server_$i_loop");
            $mailfetch_port_[$i_loop] = getPref($data_dir, $username , "mailfetch_port_$i_loop");
            $mailfetch_alias_[$i_loop] = getPref($data_dir, $username, "mailfetch_alias_$i_loop");
            $mailfetch_user_[$i_loop] = getPref($data_dir, $username, "mailfetch_user_$i_loop");
            $mailfetch_lmos_[$i_loop] = getPref($data_dir, $username, "mailfetch_lmos_$i_loop");
            $mailfetch_uidl_[$i_loop] = getPref($data_dir, $username, "mailfetch_uidl_$i_loop");
            $mailfetch_subfolder_[$i_loop] = getPref($data_dir, $username, "mailfetch_subfolder_$i_loop");
            $mailfetch_auth_[$i_loop] = getPref($data_dir, $username, "mailfetch_auth_$i_loop",MAIL_FETCH_AUTH_USER);
            $mailfetch_type_[$i_loop] = getPref($data_dir, $username, "mailfetch_type_$i_loop",MAIL_FETCH_USE_PLAIN);

            $mailfetch_server=$mailfetch_server_[$i_loop];
            $mailfetch_port=$mailfetch_port_[$i_loop];
            $mailfetch_user=$mailfetch_user_[$i_loop];
            $mailfetch_alias=$mailfetch_alias_[$i_loop];
            $mailfetch_pass=$mailfetch_pass_[$i_loop];
            $mailfetch_lmos=$mailfetch_lmos_[$i_loop];
            $mailfetch_login=$mailfetch_login_[$i_loop];
            $mailfetch_uidl=$mailfetch_uidl_[$i_loop];
            $mailfetch_subfolder=$mailfetch_subfolder_[$i_loop];
            $mailfetch_auth=$mailfetch_auth_[$i_loop];
            $mailfetch_type=$mailfetch_type_[$i_loop];
            // end of what the heck


            // $outMsg .= "$mailfetch_alias checked<br />";

            // $outMsg .= "$mailfetch_alias_[$i_loop]<br />";

            // FIXME: duplicate code with different output destination.

            $pop3 = new mail_fetch(array('host'    => $mailfetch_server,
                                         'port'    => $mailfetch_port,
                                         'auth'    => $mailfetch_auth,
                                         'tls'     => $mailfetch_type,
                                         'timeout' => 60));

            if (!empty($pop3->error)) {
                $outMsg .= _("Warning:") . ' ' . $pop3->error;
                continue;
            }

            $imap_stream = sqimap_login($username, false, $imapServerAddress, $imapPort, 10, $imap_stream_options);

            /* log into pop server*/
            if (! $pop3->login($mailfetch_user, $mailfetch_pass)) {
                $outMsg .= _("Login Failed:") . ' ' . $pop3->error;
                continue;
            }

            $aMsgStat = $pop3->command_stat();
            if (is_bool($aMsgStat)) {
                $outMsg .= _("Can't get mailbox status:") . ' ' . sm_encode_html_special_chars($pop3->error);
                continue;
            }

            $Count = $aMsgStat['count'];

            $i = 1;

            if ($Count>0) {
                // If we leave messages on server, try using UIDL
                if ($mailfetch_lmos == 'on') {
                    $msglist = $pop3->command_uidl();
                    if (is_bool($msglist)) {
                        $outMsg .= _("Server does not support UIDL.") . ' '.sm_encode_html_special_chars($pop3->error);
                        // User asked to leave messages on server, but we can't do that.
                        $pop3->command_quit();
                        continue;
                        // $mailfetch_lmos = 'off';
                    } else {
                        // calculate number of new messages
                        for ($j = 1; $j <= sizeof($msglist); $j++) {
                            // do strict comparison ('1111.10' should not be equal to '1111.100')
                            if ($msglist[$j] === $mailfetch_uidl) {
                                $i = $j+1;
                                break;
                            }
                        }
                    }
                }
                // fetch list of messages with LIST
                // we can use else control, but we can also set $mailfetch_lmos 
                // to off if server does not support UIDL.
                if ($mailfetch_lmos != 'on') {
                    $msglist = $pop3->command_list();
                }
            }

            if ($Count < $i) {
                $pop3->command_quit();
                continue;
            }
            if ($Count == 0) {
                $pop3->command_quit();
                continue;
            }

            for (; $i <= $Count; $i++) {
                if (!ini_get('safe_mode'))
                    set_time_limit(20); // 20 seconds per message max
                $Message = $pop3->command_retr($i);

                if (is_bool($Message)) {
                    $outMsg .= _("Warning:") . ' ' . sm_encode_html_special_chars($pop3->error);
                    continue;
                }

                // check if mail folder is not null and subscribed (There is possible issue with /noselect mail folders)
                if ($mailfetch_subfolder=='' ||
                    ! mail_fetch_check_folder($imap_stream,$mailfetch_subfolder)) {
                    fputs($imap_stream, "A3$i APPEND INBOX {" . strlen($Message) . "}\r\n");
                } else {
                    fputs($imap_stream, "A3$i APPEND $mailfetch_subfolder {" . strlen($Message) . "}\r\n");
                }
                $Line = fgets($imap_stream, 1024);
                if (substr($Line, 0, 1) == '+') {
                    fputs($imap_stream, $Message);
                    fputs($imap_stream, "\r\n");
                    sqimap_read_data($imap_stream, "A3$i", false, $response, $message);

                    // Check results of append command
                    $response=(implode('',$response));
                    $message=(implode('',$message));
                    if ($response != 'OK') {
                        $outMsg .= _("Error Appending Message!")." ".sm_encode_html_special_chars($message);

                        if ($mailfetch_lmos == 'on') {
                            setPref($data_dir,$username,"mailfetch_uidl_$i_loop", $msglist[$i-1]);
                        }
                        // Destroy msg list in order to prevent UIDL update
                        $msglist = false;
                        // if append fails, don't download other messages
                        break;
                    }

                    if ($mailfetch_lmos != 'on') {
                        $pop3->command_dele($i);
                    }
                } else {
                    echo "$Line";
                    $outMsg .= _("Error Appending Message!");
                }
            }

            $pop3->command_quit();
            sqimap_logout($imap_stream);
            if ($mailfetch_lmos == 'on' && is_array($msglist)) {
                setPref($data_dir,$username,"mailfetch_uidl_$i_loop", array_pop($msglist));
            }
        }
    }

    if( trim( $outMsg ) <> '' ) {
        echo '<br /><font size="1">' . _("Mail Fetch Result:") . "<br />$outMsg</font>";
    }
    if( $mailfetch_newlog == 'on' ) {
        setPref($data_dir, $username, 'mailfetch_newlog', 'off');
    }
}

/**
 * Internal function used to detect new logins
 */
function mail_fetch_setnew_function() {
    global $data_dir, $username;

    setPref( $data_dir, $username, 'mailfetch_newlog', 'on' );
}

/**
 * Internal function used to register option block
 * @since 1.5.1
 * @private
 */
function mailfetch_optpage_register_block_function() {
    global $optpage_blocks;

    $optpage_blocks[] = array(
            'name' => _("POP3 Fetch Mail"),
            'url'  => '../plugins/mail_fetch/options.php',
            'desc' => _("This configures settings for downloading email from a POP3 mailbox to your account on this server."),
            'js'   => false
            );
}

/**
 * Internal function used to update mail_fetch settings
 * when folders are renamed or deleted.
 * @since 1.5.1
 * @private
 */
function mail_fetch_folderact_function($args) {
    global $username, $data_dir;

    if (empty($args) || !is_array($args)) {
        return;
    }

    /* Should be 3 ars, 1: old folder, 2: action, 3: new folder */
    if (count($args) != 3) {
        return;
    }

    list($old_folder, $action, $new_folder) = $args;

    $mailfetch_server_number = getPref($data_dir, $username, 'mailfetch_server_number');

    for ($i = 0; $i < $mailfetch_server_number; $i++) {
        $mailfetch_subfolder = getPref($data_dir, $username, 'mailfetch_subfolder_' . $i);

        if ($mailfetch_subfolder != $old_folder) {
            continue;
        }

        if ($action == 'delete') {
            setPref($data_dir, $username, 'mailfetch_subfolder_' . $i, 'INBOX');
        } elseif ($action == 'rename') {
            setPref($data_dir, $username, 'mailfetch_subfolder_' . $i, $new_folder);
        }
    }
}
// end of hooked functions

/**
 * hex2bin - convert a hexadecimal string into binary
 * Exists since PHP 5.4.
 */
if ( ! function_exists('hex2bin') ) {
    function hex2bin( $data ) {

        /* Original code by josh@superfork.com */

        $len = strlen($data);
        $newdata = '';
        for( $i=0; $i < $len; $i += 2 ) {
            $newdata .= pack( "C", hexdec( substr( $data, $i, 2) ) );
        }
        return $newdata;
    }
}

function mf_keyED( $txt ) {

    global $MF_TIT;

    if( !isset( $MF_TIT ) ) {
        $MF_TIT = "MailFetch Secure for SquirrelMail 1.x";
    }

    $encrypt_key = md5( $MF_TIT );
    $ctr = 0;
    $tmp = "";
    for( $i = 0; $i < strlen( $txt ); $i++ ) {
        if( $ctr == strlen( $encrypt_key ) ) $ctr=0;
        $tmp.= substr( $txt, $i, 1 ) ^ substr( $encrypt_key, $ctr, 1 );
        $ctr++;
    }
    return $tmp;
}

function encrypt( $txt ) {

    srand( (double) microtime() * 1000000 );
    $encrypt_key = md5( rand( 0, 32000 ) );
    $ctr = 0;
    $tmp = "";
    for( $i = 0; $i < strlen( $txt ); $i++ ) {
        if ($ctr==strlen($encrypt_key)) $ctr=0;
        $tmp.= substr($encrypt_key,$ctr,1) .
            (substr($txt,$i,1) ^ substr($encrypt_key,$ctr,1));
        $ctr++;
    }
    return bin2hex( mf_keyED( $tmp ) );

}

function decrypt( $txt ) {

    $txt = mf_keyED( hex2bin( $txt ) );
    $tmp = '';
    for ( $i=0; $i < strlen( $txt ); $i++ ) {
        $md5 = substr( $txt, $i, 1 );
        $i++;
        $tmp.= ( substr( $txt, $i, 1 ) ^ $md5 );
    }
    return $tmp;
}

/**
 * check mail folder
 * @param stream $imap_stream imap connection resource
 * @param string $imap_folder imap folder name
 * @return boolean true, when folder can be used to store messages.
 * @since 1.5.1 and 1.4.5
 */
function mail_fetch_check_folder($imap_stream,$imap_folder) {
    global $mail_fetch_allow_unsubscribed;

    // check if folder is subscribed or only exists.
    if (sqimap_mailbox_is_subscribed($imap_stream,$imap_folder)) {
        $ret = true;
    } elseif ($mail_fetch_allow_unsubscribed && sqimap_mailbox_exists($imap_stream,$imap_folder)) {
        $ret = true;
    } else {
        $ret = false;
    }

    // make sure that folder can store messages
    if ($ret && mail_fetch_check_noselect($imap_stream,$imap_folder)) {
        $ret = false;
    }

    return $ret;
}

/**
 * Checks if folder is noselect (can't store messages)
 *
 * Function does not check if folder subscribed.
 * @param stream $imap_stream imap connection resource
 * @param string $imap_folder imap folder name
 * @return boolean true, when folder has noselect flag. false in any other case.
 * @since 1.5.1 and 1.4.5
 */
function mail_fetch_check_noselect($imap_stream,$imap_folder) {
    $boxes=sqimap_mailbox_list($imap_stream);
    foreach($boxes as $box) {
        if ($box['unformatted']==$imap_folder) {
            return (bool) check_is_noselect($box['raw']);
        }
    }
    return false;
}

/**
  * Validate a requested POP3 port number
  *
  * Allowable port numbers are configured in config.php
  * (see config_example.php for an example and more
  * rules about how the list of allowable port numbers
  * can be specified)
  *
  * @param int $requested_port The port number given by the user
  *
  * @return string An error string is returned if the port
  *                number is not allowable, otherwise an
  *                empty string is returned.
  *
  */
function validate_mail_fetch_port_number($requested_port) {
    global $mail_fetch_allowable_ports;
    if (empty($mail_fetch_allowable_ports))
        $mail_fetch_allowable_ports = array(110, 995);

    if (in_array('ALL', $mail_fetch_allowable_ports))
        return '';

    if (!in_array($requested_port, $mail_fetch_allowable_ports)) {
        sq_change_text_domain('mail_fetch');
        $error = _("Sorry, that port number is not allowed");
        sq_change_text_domain('squirrelmail');
        return $error;
    }

    return '';
}

/**
  * Validate a requested POP3 server address
  *
  * Blocked server addresses are configured in config.php
  * (see config_example.php for more details)
  *
  * @param int $requested_address The server address given by the user
  *
  * @return string An error string is returned if the server
  *                address is not allowable, otherwise an
  *                empty string is returned.
  *
  */
function validate_mail_fetch_server_address($requested_address) {
    global $mail_fetch_block_server_pattern;
    if (empty($mail_fetch_block_server_pattern))
        $mail_fetch_block_server_pattern = '/(^10\.)|(^192\.)|(^127\.)|(^localhost)/';

    if ($mail_fetch_block_server_pattern == 'UNRESTRICTED')
        return '';

    if (preg_match($mail_fetch_block_server_pattern, $requested_address)) {
        sq_change_text_domain('mail_fetch');
        $error = _("Sorry, that server address is not allowed");
        sq_change_text_domain('squirrelmail');
        return $error;
    }

    return '';
}
Commit	Line	Data
d622d38a	1	<?php
4b4abf93	2
4f51df66	3	/**
	4	* mail_fetch/functions.php
	5	*
60683821	6	* Functions for the mail_fetch plugin.
4f51df66	7	*
	8	* Original code from LexZEUS <lexzeus@mifinca.com>
	9	* and josh@superfork.com (extracted from php manual)
	10	* Adapted for MailFetch by Philippe Mingo <mingo@rotedic.com>
	11	*
c4faef33	12	* @copyright 1999-2020 The SquirrelMail Project Team
4b4abf93	13	* @license http://opensource.org/licenses/gpl-license.php GNU Public License
4f51df66	14	* @version $Id$
	15	* @package plugins
	16	* @subpackage mail_fetch
	17	*/
d622d38a	18
60683821	19
60683821	20	/** pop3 class */
929da10d	21	include_once (SM_PATH . 'plugins/mail_fetch/constants.php');
929da10d	22	include_once (SM_PATH . 'plugins/mail_fetch/class.mail_fetch.php');
60683821	23
5f438206	24	/** declare plugin globals */
b571d899	25	global $mail_fetch_allow_unsubscribed, $mail_fetch_allowable_ports,
b571d899	26	$mail_fetch_block_server_pattern;
5f438206	27
09b143cc	28	/**
	29	* Add link to menu at top of content pane
	30	*
	31	* @return void
	32	*
	33	*/
	34	function mail_fetch_link_do() {
	35
551c7b53	36	global $oTemplate, $nbsp;
09b143cc	37	$output = makeInternalLink('plugins/mail_fetch/fetch.php', _("Fetch"), '')
	38	. $nbsp . $nbsp;
	39	return array('menuline' => $output);
	40
	41	}
	42
5f438206	43	/**
	44	* Controls use of unsubscribed folders in plugin
	45	* @global boolean $mail_fetch_allow_unsubscribed
5c89bd63	46	* @since 1.5.1 and 1.4.5
5f438206	47	*/
	48	$mail_fetch_allow_unsubscribed = false;
	49
60683821	50	/** load site config */
	51	if (file_exists(SM_PATH . 'config/mail_fetch_config.php')) {
	52	include_once(SM_PATH . 'config/mail_fetch_config.php');
	53	} elseif (file_exists(SM_PATH . 'plugins/mail_fetch/config.php')) {
	54	include_once(SM_PATH . 'plugins/mail_fetch/config.php');
	55	}
	56
	57	// hooked functions
	58
60683821	59	/**
	60	* Internal function used to fetch pop3 mails on login
	61	* @since 1.5.1
	62	* @private
	63	*/
	64	function mail_fetch_login_function() {
202bcbcc	65	include_once (SM_PATH . 'functions/imap_general.php');
202bcbcc	66
a9805897	67	global $username, $data_dir, $imapServerAddress, $imapPort, $imap_stream_options;
60683821	68
	69	$mailfetch_newlog = getPref($data_dir, $username, 'mailfetch_newlog');
	70
	71	$outMsg = '';
	72
	73	$mailfetch_server_number = getPref($data_dir, $username, 'mailfetch_server_number');
	74	if (!isset($mailfetch_server_number)) $mailfetch_server_number=0;
	75	$mailfetch_cypher = getPref($data_dir, $username, 'mailfetch_cypher');
	76	if ($mailfetch_server_number<1) $mailfetch_server_number=0;
	77
	78	for ($i_loop=0;$i_loop<$mailfetch_server_number;$i_loop++) {
	79
	80	$mailfetch_login_[$i_loop] = getPref($data_dir, $username, "mailfetch_login_$i_loop");
	81	$mailfetch_fref_[$i_loop] = getPref($data_dir, $username, "mailfetch_fref_$i_loop");
	82	$mailfetch_pass_[$i_loop] = getPref($data_dir, $username, "mailfetch_pass_$i_loop");
f54ec17d	83	if( $mailfetch_cypher == 'on' ) {
60683821	84	$mailfetch_pass_[$i_loop] = decrypt( $mailfetch_pass_[$i_loop] );
f54ec17d	85	}
60683821	86
	87	if( $mailfetch_pass_[$i_loop] <> '' && // Empty passwords no allowed
	88	( ( $mailfetch_login_[$i_loop] == 'on' && $mailfetch_newlog == 'on' ) \|\| $mailfetch_fref_[$i_loop] == 'on' ) ) {
	89
929da10d	90	// What the heck
60683821	91	$mailfetch_server_[$i_loop] = getPref($data_dir, $username, "mailfetch_server_$i_loop");
	92	$mailfetch_port_[$i_loop] = getPref($data_dir, $username , "mailfetch_port_$i_loop");
	93	$mailfetch_alias_[$i_loop] = getPref($data_dir, $username, "mailfetch_alias_$i_loop");
	94	$mailfetch_user_[$i_loop] = getPref($data_dir, $username, "mailfetch_user_$i_loop");
	95	$mailfetch_lmos_[$i_loop] = getPref($data_dir, $username, "mailfetch_lmos_$i_loop");
	96	$mailfetch_uidl_[$i_loop] = getPref($data_dir, $username, "mailfetch_uidl_$i_loop");
	97	$mailfetch_subfolder_[$i_loop] = getPref($data_dir, $username, "mailfetch_subfolder_$i_loop");
929da10d	98	$mailfetch_auth_[$i_loop] = getPref($data_dir, $username, "mailfetch_auth_$i_loop",MAIL_FETCH_AUTH_USER);
929da10d	99	$mailfetch_type_[$i_loop] = getPref($data_dir, $username, "mailfetch_type_$i_loop",MAIL_FETCH_USE_PLAIN);
60683821	100
	101	$mailfetch_server=$mailfetch_server_[$i_loop];
	102	$mailfetch_port=$mailfetch_port_[$i_loop];
	103	$mailfetch_user=$mailfetch_user_[$i_loop];
	104	$mailfetch_alias=$mailfetch_alias_[$i_loop];
	105	$mailfetch_pass=$mailfetch_pass_[$i_loop];
	106	$mailfetch_lmos=$mailfetch_lmos_[$i_loop];
	107	$mailfetch_login=$mailfetch_login_[$i_loop];
	108	$mailfetch_uidl=$mailfetch_uidl_[$i_loop];
	109	$mailfetch_subfolder=$mailfetch_subfolder_[$i_loop];
929da10d	110	$mailfetch_auth=$mailfetch_auth_[$i_loop];
	111	$mailfetch_type=$mailfetch_type_[$i_loop];
	112	// end of what the heck
	113
60683821	114
	115	// $outMsg .= "$mailfetch_alias checked<br />";
	116
	117	// $outMsg .= "$mailfetch_alias_[$i_loop]<br />";
	118
929da10d	119	// FIXME: duplicate code with different output destination.
	120
	121	$pop3 = new mail_fetch(array('host' => $mailfetch_server,
	122	'port' => $mailfetch_port,
	123	'auth' => $mailfetch_auth,
	124	'tls' => $mailfetch_type,
	125	'timeout' => 60));
60683821	126
929da10d	127	if (!empty($pop3->error)) {
929da10d	128	$outMsg .= _("Warning:") . ' ' . $pop3->error;
60683821	129	continue;
	130	}
	131
a9805897	132	$imap_stream = sqimap_login($username, false, $imapServerAddress, $imapPort, 10, $imap_stream_options);
60683821	133
929da10d	134	/* log into pop server*/
	135	if (! $pop3->login($mailfetch_user, $mailfetch_pass)) {
	136	$outMsg .= _("Login Failed:") . ' ' . $pop3->error;
60683821	137	continue;
	138	}
	139
929da10d	140	$aMsgStat = $pop3->command_stat();
929da10d	141	if (is_bool($aMsgStat)) {
3047e291	142	$outMsg .= _("Can't get mailbox status:") . ' ' . sm_encode_html_special_chars($pop3->error);
929da10d	143	continue;
929da10d	144	}
60683821	145
929da10d	146	$Count = $aMsgStat['count'];
60683821	147
60683821	148	$i = 1;
929da10d	149
	150	if ($Count>0) {
	151	// If we leave messages on server, try using UIDL
	152	if ($mailfetch_lmos == 'on') {
	153	$msglist = $pop3->command_uidl();
	154	if (is_bool($msglist)) {
3047e291	155	$outMsg .= _("Server does not support UIDL.") . ' '.sm_encode_html_special_chars($pop3->error);
929da10d	156	// User asked to leave messages on server, but we can't do that.
	157	$pop3->command_quit();
	158	continue;
	159	// $mailfetch_lmos = 'off';
	160	} else {
	161	// calculate number of new messages
	162	for ($j = 1; $j <= sizeof($msglist); $j++) {
	163	// do strict comparison ('1111.10' should not be equal to '1111.100')
	164	if ($msglist[$j] === $mailfetch_uidl) {
	165	$i = $j+1;
	166	break;
	167	}
	168	}
	169	}
	170	}
	171	// fetch list of messages with LIST
	172	// we can use else control, but we can also set $mailfetch_lmos
	173	// to off if server does not support UIDL.
	174	if ($mailfetch_lmos != 'on') {
	175	$msglist = $pop3->command_list();
60683821	176	}
	177	}
	178
	179	if ($Count < $i) {
929da10d	180	$pop3->command_quit();
60683821	181	continue;
	182	}
	183	if ($Count == 0) {
929da10d	184	$pop3->command_quit();
60683821	185	continue;
	186	}
	187
60683821	188	for (; $i <= $Count; $i++) {
	189	if (!ini_get('safe_mode'))
	190	set_time_limit(20); // 20 seconds per message max
929da10d	191	$Message = $pop3->command_retr($i);
60683821	192
929da10d	193	if (is_bool($Message)) {
3047e291	194	$outMsg .= _("Warning:") . ' ' . sm_encode_html_special_chars($pop3->error);
929da10d	195	continue;
60683821	196	}
	197
	198	// check if mail folder is not null and subscribed (There is possible issue with /noselect mail folders)
	199	if ($mailfetch_subfolder=='' \|\|
	200	! mail_fetch_check_folder($imap_stream,$mailfetch_subfolder)) {
	201	fputs($imap_stream, "A3$i APPEND INBOX {" . strlen($Message) . "}\r\n");
	202	} else {
	203	fputs($imap_stream, "A3$i APPEND $mailfetch_subfolder {" . strlen($Message) . "}\r\n");
	204	}
	205	$Line = fgets($imap_stream, 1024);
	206	if (substr($Line, 0, 1) == '+') {
	207	fputs($imap_stream, $Message);
	208	fputs($imap_stream, "\r\n");
	209	sqimap_read_data($imap_stream, "A3$i", false, $response, $message);
	210
929da10d	211	// Check results of append command
	212	$response=(implode('',$response));
	213	$message=(implode('',$message));
	214	if ($response != 'OK') {
3047e291	215	$outMsg .= _("Error Appending Message!")." ".sm_encode_html_special_chars($message);
929da10d	216
	217	if ($mailfetch_lmos == 'on') {
	218	setPref($data_dir,$username,"mailfetch_uidl_$i_loop", $msglist[$i-1]);
	219	}
	220	// Destroy msg list in order to prevent UIDL update
	221	$msglist = false;
	222	// if append fails, don't download other messages
	223	break;
	224	}
	225
60683821	226	if ($mailfetch_lmos != 'on') {
929da10d	227	$pop3->command_dele($i);
60683821	228	}
	229	} else {
	230	echo "$Line";
5fe0662e	231	$outMsg .= _("Error Appending Message!");
60683821	232	}
	233	}
	234
929da10d	235	$pop3->command_quit();
60683821	236	sqimap_logout($imap_stream);
929da10d	237	if ($mailfetch_lmos == 'on' && is_array($msglist)) {
929da10d	238	setPref($data_dir,$username,"mailfetch_uidl_$i_loop", array_pop($msglist));
60683821	239	}
	240	}
	241	}
	242
	243	if( trim( $outMsg ) <> '' ) {
	244	echo '<br /><font size="1">' . _("Mail Fetch Result:") . "<br />$outMsg</font>";
	245	}
	246	if( $mailfetch_newlog == 'on' ) {
	247	setPref($data_dir, $username, 'mailfetch_newlog', 'off');
	248	}
	249	}
	250
	251	/**
	252	* Internal function used to detect new logins
	253	*/
	254	function mail_fetch_setnew_function() {
2128bbc6	255	global $data_dir, $username;
60683821	256
60683821	257	setPref( $data_dir, $username, 'mailfetch_newlog', 'on' );
	258	}
	259
	260	/**
	261	* Internal function used to register option block
	262	* @since 1.5.1
	263	* @private
	264	*/
	265	function mailfetch_optpage_register_block_function() {
	266	global $optpage_blocks;
	267
	268	$optpage_blocks[] = array(
	269	'name' => _("POP3 Fetch Mail"),
	270	'url' => '../plugins/mail_fetch/options.php',
	271	'desc' => _("This configures settings for downloading email from a POP3 mailbox to your account on this server."),
	272	'js' => false
	273	);
	274	}
	275
	276	/**
202bcbcc	277	* Internal function used to update mail_fetch settings
60683821	278	* when folders are renamed or deleted.
	279	* @since 1.5.1
	280	* @private
	281	*/
	282	function mail_fetch_folderact_function($args) {
	283	global $username, $data_dir;
	284
	285	if (empty($args) \|\| !is_array($args)) {
	286	return;
	287	}
	288
	289	/* Should be 3 ars, 1: old folder, 2: action, 3: new folder */
	290	if (count($args) != 3) {
	291	return;
	292	}
	293
	294	list($old_folder, $action, $new_folder) = $args;
	295
	296	$mailfetch_server_number = getPref($data_dir, $username, 'mailfetch_server_number');
	297
	298	for ($i = 0; $i < $mailfetch_server_number; $i++) {
	299	$mailfetch_subfolder = getPref($data_dir, $username, 'mailfetch_subfolder_' . $i);
	300
	301	if ($mailfetch_subfolder != $old_folder) {
	302	continue;
	303	}
	304
	305	if ($action == 'delete') {
	306	setPref($data_dir, $username, 'mailfetch_subfolder_' . $i, 'INBOX');
	307	} elseif ($action == 'rename') {
	308	setPref($data_dir, $username, 'mailfetch_subfolder_' . $i, $new_folder);
	309	}
	310	}
	311	}
	312	// end of hooked functions
	313
4f51df66	314	/**
f19ee57d	315	* hex2bin - convert a hexadecimal string into binary
f19ee57d	316	* Exists since PHP 5.4.
4f51df66	317	*/
f19ee57d	318	if ( ! function_exists('hex2bin') ) {
f19ee57d	319	function hex2bin( $data ) {
d622d38a	320
f19ee57d	321	/* Original code by josh@superfork.com */
d622d38a	322
f19ee57d	323	$len = strlen($data);
	324	$newdata = '';
	325	for( $i=0; $i < $len; $i += 2 ) {
	326	$newdata .= pack( "C", hexdec( substr( $data, $i, 2) ) );
	327	}
	328	return $newdata;
d622d38a	329	}
4f51df66	330	}
d622d38a	331
4f51df66	332	function mf_keyED( $txt ) {
d622d38a	333
4f51df66	334	global $MF_TIT;
d622d38a	335
4f51df66	336	if( !isset( $MF_TIT ) ) {
	337	$MF_TIT = "MailFetch Secure for SquirrelMail 1.x";
	338	}
d622d38a	339
4f51df66	340	$encrypt_key = md5( $MF_TIT );
	341	$ctr = 0;
	342	$tmp = "";
	343	for( $i = 0; $i < strlen( $txt ); $i++ ) {
	344	if( $ctr == strlen( $encrypt_key ) ) $ctr=0;
	345	$tmp.= substr( $txt, $i, 1 ) ^ substr( $encrypt_key, $ctr, 1 );
	346	$ctr++;
d622d38a	347	}
4f51df66	348	return $tmp;
4f51df66	349	}
d622d38a	350
4f51df66	351	function encrypt( $txt ) {
d622d38a	352
4f51df66	353	srand( (double) microtime() * 1000000 );
	354	$encrypt_key = md5( rand( 0, 32000 ) );
	355	$ctr = 0;
	356	$tmp = "";
	357	for( $i = 0; $i < strlen( $txt ); $i++ ) {
d622d38a	358	if ($ctr==strlen($encrypt_key)) $ctr=0;
4f51df66	359	$tmp.= substr($encrypt_key,$ctr,1) .
4f51df66	360	(substr($txt,$i,1) ^ substr($encrypt_key,$ctr,1));
d622d38a	361	$ctr++;
d622d38a	362	}
4f51df66	363	return bin2hex( mf_keyED( $tmp ) );
	364
	365	}
d622d38a	366
4f51df66	367	function decrypt( $txt ) {
d622d38a	368
4f51df66	369	$txt = mf_keyED( hex2bin( $txt ) );
	370	$tmp = '';
	371	for ( $i=0; $i < strlen( $txt ); $i++ ) {
	372	$md5 = substr( $txt, $i, 1 );
	373	$i++;
	374	$tmp.= ( substr( $txt, $i, 1 ) ^ $md5 );
d622d38a	375	}
4f51df66	376	return $tmp;
4f51df66	377	}
d622d38a	378
5f438206	379	/**
	380	* check mail folder
	381	* @param stream $imap_stream imap connection resource
	382	* @param string $imap_folder imap folder name
	383	* @return boolean true, when folder can be used to store messages.
5c89bd63	384	* @since 1.5.1 and 1.4.5
5f438206	385	*/
	386	function mail_fetch_check_folder($imap_stream,$imap_folder) {
	387	global $mail_fetch_allow_unsubscribed;
	388
	389	// check if folder is subscribed or only exists.
	390	if (sqimap_mailbox_is_subscribed($imap_stream,$imap_folder)) {
	391	$ret = true;
	392	} elseif ($mail_fetch_allow_unsubscribed && sqimap_mailbox_exists($imap_stream,$imap_folder)) {
	393	$ret = true;
	394	} else {
	395	$ret = false;
	396	}
	397
	398	// make sure that folder can store messages
	399	if ($ret && mail_fetch_check_noselect($imap_stream,$imap_folder)) {
	400	$ret = false;
	401	}
	402
	403	return $ret;
	404	}
	405
	406	/**
	407	* Checks if folder is noselect (can't store messages)
f8a1ed5a	408	*
5f438206	409	* Function does not check if folder subscribed.
	410	* @param stream $imap_stream imap connection resource
	411	* @param string $imap_folder imap folder name
	412	* @return boolean true, when folder has noselect flag. false in any other case.
5c89bd63	413	* @since 1.5.1 and 1.4.5
5f438206	414	*/
	415	function mail_fetch_check_noselect($imap_stream,$imap_folder) {
	416	$boxes=sqimap_mailbox_list($imap_stream);
	417	foreach($boxes as $box) {
	418	if ($box['unformatted']==$imap_folder) {
	419	return (bool) check_is_noselect($box['raw']);
	420	}
	421	}
	422	return false;
	423	}
b571d899	424
	425	/**
	426	* Validate a requested POP3 port number
	427	*
	428	* Allowable port numbers are configured in config.php
	429	* (see config_example.php for an example and more
	430	* rules about how the list of allowable port numbers
	431	* can be specified)
	432	*
	433	* @param int $requested_port The port number given by the user
	434	*
	435	* @return string An error string is returned if the port
	436	* number is not allowable, otherwise an
	437	* empty string is returned.
	438	*
	439	*/
	440	function validate_mail_fetch_port_number($requested_port) {
	441	global $mail_fetch_allowable_ports;
	442	if (empty($mail_fetch_allowable_ports))
	443	$mail_fetch_allowable_ports = array(110, 995);
	444
	445	if (in_array('ALL', $mail_fetch_allowable_ports))
	446	return '';
	447
	448	if (!in_array($requested_port, $mail_fetch_allowable_ports)) {
	449	sq_change_text_domain('mail_fetch');
	450	$error = _("Sorry, that port number is not allowed");
	451	sq_change_text_domain('squirrelmail');
	452	return $error;
	453	}
	454
	455	return '';
	456	}
	457
	458	/**
	459	* Validate a requested POP3 server address
	460	*
	461	* Blocked server addresses are configured in config.php
	462	* (see config_example.php for more details)
	463	*
	464	* @param int $requested_address The server address given by the user
	465	*
	466	* @return string An error string is returned if the server
	467	* address is not allowable, otherwise an
	468	* empty string is returned.
	469	*
	470	*/
	471	function validate_mail_fetch_server_address($requested_address) {
	472	global $mail_fetch_block_server_pattern;
	473	if (empty($mail_fetch_block_server_pattern))
	474	$mail_fetch_block_server_pattern = '/(^10\.)\|(^192\.)\|(^127\.)\|(^localhost)/';
	475
	476	if ($mail_fetch_block_server_pattern == 'UNRESTRICTED')
	477	return '';
	478
	479	if (preg_match($mail_fetch_block_server_pattern, $requested_address)) {
	480	sq_change_text_domain('mail_fetch');
	481	$error = _("Sorry, that server address is not allowed");
	482	sq_change_text_domain('squirrelmail');
	483	return $error;
	484	}
	485
	486	return '';
	487	}
488