6 * This implements all functions that do general IMAP functions.
8 * @copyright © 1999-2006 The SquirrelMail Project Team
9 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
11 * @package squirrelmail
17 require_once(SM_PATH
. 'functions/rfc822address.php');
21 * Generates a new session ID by incrementing the last one used;
22 * this ensures that each command has a unique ID.
23 * @param bool $unique_id (since 1.3.0) controls use of unique
24 * identifiers/message sequence numbers in IMAP commands. See IMAP
25 * rfc 'UID command' chapter.
26 * @return string IMAP session id of the form 'A000'.
29 function sqimap_session_id($unique_id = FALSE) {
30 static $sqimap_session_id = 1;
33 return( sprintf("A%03d", $sqimap_session_id++
) );
35 return( sprintf("A%03d", $sqimap_session_id++
) . ' UID' );
40 * Both send a command and accept the result from the command.
41 * This is to allow proper session number handling.
42 * @param stream $imap_stream imap connection resource
43 * @param string $query imap command
44 * @param boolean $handle_errors see sqimap_retrieve_imap_response()
45 * @param array $response
46 * @param array $message
47 * @param boolean $unique_id (since 1.3.0) see sqimap_session_id().
48 * @return mixed returns false on imap error. displays error message
49 * if imap stream is not available.
52 function sqimap_run_command_list ($imap_stream, $query, $handle_errors, &$response, &$message, $unique_id = false) {
54 $sid = sqimap_session_id($unique_id);
55 fputs ($imap_stream, $sid . ' ' . $query . "\r\n");
56 $tag_uid_a = explode(' ',trim($sid));
58 $read = sqimap_retrieve_imap_response ($imap_stream, $tag, $handle_errors, $response, $message, $query );
59 /* get the response and the message */
60 $message = $message[$tag];
61 $response = $response[$tag];
64 global $squirrelmail_language, $color;
65 set_up_language($squirrelmail_language);
66 $string = "<b><font color=\"$color[2]\">\n" .
67 _("ERROR: No available IMAP stream.") .
75 * @param stream $imap_stream imap connection resource
76 * @param string $query imap command
77 * @param boolean $handle_errors see sqimap_retrieve_imap_response()
78 * @param array $response empty string, if return = false
79 * @param array $message empty string, if return = false
80 * @param boolean $unique_id (since 1.3.0) see sqimap_session_id()
81 * @param boolean $filter (since 1.4.1 and 1.5.0) see sqimap_fread()
82 * @param mixed $outputstream (since 1.4.1 and 1.5.0) see sqimap_fread()
83 * @param boolean $no_return (since 1.4.1 and 1.5.0) see sqimap_fread()
84 * @return mixed returns false on imap error. displays error message
85 * if imap stream is not available.
88 function sqimap_run_command ($imap_stream, $query, $handle_errors, &$response,
89 &$message, $unique_id = false,$filter=false,
90 $outputstream=false,$no_return=false) {
92 $sid = sqimap_session_id($unique_id);
93 fputs ($imap_stream, $sid . ' ' . $query . "\r\n");
94 $tag_uid_a = explode(' ',trim($sid));
97 $read = sqimap_read_data ($imap_stream, $tag, $handle_errors, $response,
98 $message, $query,$filter,$outputstream,$no_return);
99 if (empty($read)) { //IMAP server dropped its connection
104 /* retrieve the response and the message */
105 $response = $response[$tag];
106 $message = $message[$tag];
108 if (!empty($read[$tag])) {
109 return $read[$tag][0];
114 global $squirrelmail_language, $color;
115 set_up_language($squirrelmail_language);
116 $string = "<b><font color=\"$color[2]\">\n" .
117 _("ERROR: No available IMAP stream.") .
125 * @param mixed $new_query
127 * @param array $aQuery
128 * @param boolean $unique_id see sqimap_session_id()
131 function sqimap_prepare_pipelined_query($new_query,&$tag,&$aQuery,$unique_id) {
132 $sid = sqimap_session_id($unique_id);
133 $tag_uid_a = explode(' ',trim($sid));
134 $tag = $tag_uid_a[0];
135 $query = $sid . ' '.$new_query."\r\n";
136 $aQuery[$tag] = $query;
140 * @param stream $imap_stream imap stream
141 * @param array $aQueryList
142 * @param boolean $handle_errors
143 * @param array $aServerResponse
144 * @param array $aServerMessage
145 * @param boolean $unique_id see sqimap_session_id()
146 * @param boolean $filter see sqimap_fread()
147 * @param mixed $outputstream see sqimap_fread()
148 * @param boolean $no_return see sqimap_fread()
151 function sqimap_run_pipelined_command ($imap_stream, $aQueryList, $handle_errors,
152 &$aServerResponse, &$aServerMessage, $unique_id = false,
153 $filter=false,$outputstream=false,$no_return=false) {
157 Do not fire all calls at once to the IMAP server but split the calls up
158 in portions of $iChunkSize. If we do not do that I think we misbehave as
159 IMAP client or should handle BYE calls if the IMAP server drops the
160 connection because the number of queries is to large. This isn't tested
161 but a wild guess how it could work in the field.
163 After testing it on Exchange 2000 we discovered that a chunksize of 32
164 was quicker then when we raised it to 128.
166 $iQueryCount = count($aQueryList);
168 // array_chunk would also do the job but it's supported from php > 4.2
169 $aQueryChunks = array();
170 $iLoops = floor($iQueryCount / $iChunkSize);
172 if ($iLoops * $iChunkSize != $iQueryCount) ++
$iLoops;
174 if (!function_exists('array_chunk')) { // arraychunk replacement
176 for($i=0;$i<$iLoops;++
$i) {
177 for($j=0;$j<$iChunkSize;++
$j) {
178 $key = key($aQueryList);
179 $aTmp[$key] = $aQueryList[$key];
180 if (next($aQueryList) === false) break;
182 $aQueryChunks[] = $aTmp;
185 $aQueryChunks = array_chunk($aQueryList,$iChunkSize,true);
188 for ($i=0;$i<$iLoops;++
$i) {
189 $aQuery = $aQueryChunks[$i];
190 foreach($aQuery as $tag => $query) {
191 fputs($imap_stream,$query);
192 $aResults[$tag] = false;
194 foreach($aQuery as $tag => $query) {
195 if ($aResults[$tag] == false) {
196 $aReturnedResponse = sqimap_retrieve_imap_response ($imap_stream, $tag,
197 $handle_errors, $response, $message, $query,
198 $filter,$outputstream,$no_return);
199 foreach ($aReturnedResponse as $returned_tag => $aResponse) {
200 if (!empty($aResponse)) {
201 $aResults[$returned_tag] = $aResponse[0];
203 $aResults[$returned_tag] = $aResponse;
205 $aServerResponse[$returned_tag] = $response[$returned_tag];
206 $aServerMessage[$returned_tag] = $message[$returned_tag];
215 * Custom fgets function: gets a line from the IMAP server,
216 * no matter how big it may be.
217 * @param stream $imap_stream the stream to read from
218 * @return string a line
221 function sqimap_fgets($imap_stream) {
226 while (strpos($results, "\r\n", $offset) === false) {
227 if (!($read = fgets($imap_stream, $buffer))) {
228 /* this happens in case of an error */
229 /* reset $results because it's useless */
233 if ( $results != '' ) {
234 $offset = strlen($results) - 1;
242 * @param stream $imap_stream
243 * @param integer $iSize
244 * @param boolean $filter
245 * @param mixed $outputstream stream or 'php://stdout' string
246 * @param boolean $no_return controls data returned by function
250 function sqimap_fread($imap_stream,$iSize,$filter=false,
251 $outputstream=false, $no_return=false) {
252 if (!$filter ||
!$outputstream) {
253 $iBufferSize = $iSize;
255 // see php bug 24033. They changed fread behaviour %$^&$%
256 $iBufferSize = 7800; // multiple of 78 in case of base64 decoding.
258 if ($iSize < $iBufferSize) {
259 $iBufferSize = $iSize;
264 $sRead = $sReadRem = '';
265 // NB: fread can also stop at end of a packet on sockets.
266 while ($iRetrieved < $iSize) {
267 $sRead = fread($imap_stream,$iBufferSize);
268 $iLength = strlen($sRead);
269 $iRetrieved +
= $iLength ;
270 $iRemaining = $iSize - $iRetrieved;
271 if ($iRemaining < $iBufferSize) {
272 $iBufferSize = $iRemaining;
278 if ($sReadRem != '') {
279 $sRead = $sReadRem . $sRead;
283 if ($filter && $sRead != '') {
284 // in case the filter is base64 decoding we return a remainder
285 $sReadRem = $filter($sRead);
287 if ($outputstream && $sRead != '') {
288 if (is_resource($outputstream)) {
289 fwrite($outputstream,$sRead);
290 } else if ($outputstream == 'php://stdout') {
305 * Obsolete function, inform plugins that use it
306 * @param stream $imap_stream
308 * @param boolean $handle_errors
309 * @param array $response
310 * @param array $message
311 * @param string $query
313 * @deprecated (since 1.5.0) use sqimap_run_command or sqimap_run_command_list instead
315 function sqimap_read_data_list($imap_stream, $tag, $handle_errors,
316 &$response, &$message, $query = '') {
317 global $color, $oTemplate, $squirrelmail_language;
318 set_up_language($squirrelmail_language);
319 $string = "<b><font color=\"$color[2]\">\n" .
320 _("ERROR: Bad function call.") .
323 'There is a plugin installed which make use of the <br />' .
324 'SquirrelMail internal function sqimap_read_data_list.<br />'.
325 'Please adapt the installed plugin and let it use<br />'.
326 'sqimap_run_command or sqimap_run_command_list instead<br /><br />'.
327 'The following query was issued:<br />'.
328 htmlspecialchars($query) . '<br />' . "</font><br />\n";
330 $oTemplate->display('footer.tpl');
335 * Function to display an error related to an IMAP query.
336 * @param string title the caption of the error box
337 * @param string query the query that went wrong
338 * @param string message_title optional message title
339 * @param string message optional error message
340 * @param string $link an optional link to try again
344 function sqimap_error_box($title, $query = '', $message_title = '', $message = '', $link = '')
346 global $color, $squirrelmail_language;
348 set_up_language($squirrelmail_language);
349 $string = "<font color=\"$color[2]\"><b>\n" . $title . "</b><br />\n";
350 $cmd = explode(' ',$query);
351 $cmd= strtolower($cmd[0]);
353 if ($query != '' && $cmd != 'login')
354 $string .= _("Query:") . ' ' . htmlspecialchars($query) . '<br />';
355 if ($message_title != '')
356 $string .= $message_title;
358 $string .= htmlspecialchars($message);
359 $string .= "</font><br />\n";
366 * Reads the output from the IMAP stream. If handle_errors is set to true,
367 * this will also handle all errors that are received. If it is not set,
368 * the errors will be sent back through $response and $message.
369 * @param stream $imap_stream imap stream
371 * @param boolean $handle_errors handle errors internally or send them in $response and $message.
372 * @param array $response
373 * @param array $message
374 * @param string $query command that can be printed if something fails
375 * @param boolean $filter see sqimap_fread()
376 * @param mixed $outputstream see sqimap_fread()
377 * @param boolean $no_return see sqimap_fread()
380 function sqimap_retrieve_imap_response($imap_stream, $tag, $handle_errors,
381 &$response, &$message, $query = '',
382 $filter = false, $outputstream = false, $no_return = false) {
383 global $color, $squirrelmail_language;
385 if (!is_array($message)) $message = array();
386 if (!is_array($response)) $response = array();
388 $resultlist = array();
391 if (preg_match("/^(\w+)\s*/",$query,$aMatch)) {
392 $sCommand = strtoupper($aMatch[1]);
394 // error reporting (shouldn't happen)
396 $read = sqimap_fgets($imap_stream);
404 $read = sqimap_fgets($imap_stream);
409 /* get the command */
412 $s = substr($read,$i);
413 if (($j = strpos($s,' ')) ||
($j = strpos($s,"\n"))) {
414 $arg = substr($s,0,$j);
416 $found_tag = substr($read,0,$i-1);
425 $response[$found_tag] = $arg;
426 $message[$found_tag] = trim(substr($read,$i+
strlen($arg)));
428 $resultlist[] = $data;
430 $aResponse[$found_tag] = $resultlist;
431 $data = $resultlist = array();
432 if ($found_tag == $tag) {
433 break 3; /* switch switch while */
437 /* this shouldn't happen */
438 $response[$found_tag] = $arg;
439 $message[$found_tag] = trim(substr($read,$i+
strlen($arg)));
441 $resultlist[] = $data;
443 $aResponse[$found_tag] = $resultlist;
444 $data = $resultlist = array();
445 if ($found_tag == $tag) {
446 break 3; /* switch switch while */
450 $read = sqimap_fgets($imap_stream);
451 if ($read === false) { /* error */
452 break 2; /* switch while */
455 } // end case $tag{0}
459 if (($sCommand == "FETCH" ||
$sCommand == "STORE") && preg_match('/^\*\s\d+\sFETCH/',$read)) {
460 /* check for literal */
461 $s = substr($read,-3);
462 $fetch_data = array();
463 do { /* outer loop, continue until next untagged fetch
465 do { /* innerloop for fetching literals. with this loop
466 we prohibid that literal responses appear in the
467 outer loop so we can trust the untagged and
468 tagged info provided by $read */
469 if ($s === "}\r\n") {
470 $j = strrpos($read,'{');
471 $iLit = substr($read,$j+
1,-3);
472 $fetch_data[] = $read;
473 $sLiteral = sqimap_fread($imap_stream,$iLit,$filter,$outputstream,$no_return);
474 if ($sLiteral === false) { /* error */
475 break 4; /* while while switch while */
477 /* backwards compattibility */
478 $aLiteral = explode("\n", $sLiteral);
479 /* release not neaded data */
481 foreach ($aLiteral as $line) {
482 $fetch_data[] = $line ."\n";
484 /* release not neaded data */
486 /* next fgets belongs to this fetch because
487 we just got the exact literalsize and there
488 must follow data to complete the response */
489 $read = sqimap_fgets($imap_stream);
490 if ($read === false) { /* error */
491 break 4; /* while while switch while */
493 $fetch_data[] = $read;
495 $fetch_data[] = $read;
497 /* retrieve next line and check in the while
498 statements if it belongs to this fetch response */
499 $read = sqimap_fgets($imap_stream);
500 if ($read === false) { /* error */
501 break 4; /* while while switch while */
503 /* check for next untagged reponse and break */
504 if ($read{0} == '*') break 2;
505 $s = substr($read,-3);
506 } while ($s === "}\r\n");
507 $s = substr($read,-3);
508 } while ($read{0} !== '*' &&
509 substr($read,0,strlen($tag)) !== $tag);
510 $resultlist[] = $fetch_data;
511 /* release not neaded data */
514 $s = substr($read,-3);
516 if ($s === "}\r\n") {
517 $j = strrpos($read,'{');
518 $iLit = substr($read,$j+
1,-3);
519 // check for numeric value to avoid that untagged responses like:
520 // * OK [PARSE] Unexpected characters at end of address: {SET:debug=51}
521 // will trigger literal fetching ({SET:debug=51} !== int )
522 if (is_numeric($iLit)) {
524 $sLiteral = fread($imap_stream,$iLit);
525 if ($sLiteral === false) { /* error */
527 break 3; /* while switch while */
530 $data[] = sqimap_fgets($imap_stream);
537 $read = sqimap_fgets($imap_stream);
538 if ($read === false) {
539 break 3; /* while switch while */
540 } else if ($read{0} == '*') {
543 $s = substr($read,-3);
544 } while ($s === "}\r\n");
552 /* error processing in case $read is false */
553 if ($read === false) {
554 // try to retrieve an untagged bye respons from the results
555 $sResponse = array_pop($data);
556 if ($sResponse !== NULL && strpos($sResponse,'* BYE') !== false) {
557 if (!$handle_errors) {
560 sqimap_error_box(_("ERROR: IMAP server closed the connection."), $query, _("Server responded:"),$sResponse);
561 echo '</body></html>';
563 } else if ($handle_errors) {
565 sqimap_error_box(_("ERROR: Connection dropped by IMAP server."), $query);
570 /* Set $resultlist array */
572 //$resultlist[] = $data;
574 elseif (empty($resultlist)) {
575 $resultlist[] = array();
578 /* Return result or handle errors */
579 if ($handle_errors == false) {
582 switch ($response[$tag]) {
587 /* ignore this error from M$ exchange, it is not fatal (aka bug) */
588 if (strstr($message[$tag], 'command resulted in') === false) {
589 sqimap_error_box(_("ERROR: Could not complete request."), $query, _("Reason Given:") . ' ', $message[$tag]);
590 echo '</body></html>';
595 sqimap_error_box(_("ERROR: Bad or malformed request."), $query, _("Server responded:") . ' ', $message[$tag]);
596 echo '</body></html>';
599 sqimap_error_box(_("ERROR: IMAP server closed the connection."), $query, _("Server responded:") . ' ', $message[$tag]);
600 echo '</body></html>';
603 sqimap_error_box(_("ERROR: Unknown IMAP response."), $query, _("Server responded:") . ' ', $message[$tag]);
604 /* the error is displayed but because we don't know the reponse we
605 return the result anyway */
612 * @param stream $imap_stream imap string
613 * @param string $tag_uid
614 * @param boolean $handle_errors
615 * @param array $response
616 * @param array $message
617 * @param string $query (since 1.2.5)
618 * @param boolean $filter (since 1.4.1) see sqimap_fread()
619 * @param mixed $outputstream (since 1.4.1) see sqimap_fread()
620 * @param boolean $no_return (since 1.4.1) see sqimap_fread()
622 function sqimap_read_data ($imap_stream, $tag_uid, $handle_errors,
623 &$response, &$message, $query = '',
624 $filter=false,$outputstream=false,$no_return=false) {
626 $tag_uid_a = explode(' ',trim($tag_uid));
627 $tag = $tag_uid_a[0];
629 $res = sqimap_retrieve_imap_response($imap_stream, $tag, $handle_errors,
630 $response, $message, $query,$filter,$outputstream,$no_return);
635 * Connects to the IMAP server and returns a resource identifier for use with
636 * the other SquirrelMail IMAP functions. Does NOT login!
637 * @param string server hostname of IMAP server
638 * @param int port port number to connect to
639 * @param integer $tls whether to use plain text(0), TLS(1) or STARTTLS(2) when connecting.
640 * Argument was boolean before 1.5.1.
641 * @return imap-stream resource identifier
642 * @since 1.5.0 (usable only in 1.5.1 or later)
644 function sqimap_create_stream($server,$port,$tls=0) {
645 global $squirrelmail_language;
647 if (strstr($server,':') && ! preg_match("/^\[.*\]$/",$server)) {
648 // numerical IPv6 address must be enclosed in square brackets
649 $server = '['.$server.']';
653 if ((check_php_version(4,3)) and (extension_loaded('openssl'))) {
654 /* Use TLS by prefixing "tls://" to the hostname */
655 $server = 'tls://' . $server;
657 require_once(SM_PATH
. 'functions/display_messages.php');
658 logout_error( sprintf(_("Error connecting to IMAP server: %s."), $server).
660 _("TLS is enabled, but this version of PHP does not support TLS sockets, or is missing the openssl extension.").
662 _("Please contact your system administrator and report this error."),
663 sprintf(_("Error connecting to IMAP server: %s."), $server));
667 $imap_stream = @fsockopen
($server, $port, $error_number, $error_string, 15);
669 /* Do some error correction */
671 set_up_language($squirrelmail_language, true);
672 require_once(SM_PATH
. 'functions/display_messages.php');
673 logout_error( sprintf(_("Error connecting to IMAP server: %s."), $server).
674 "<br />\r\n$error_number : $error_string<br />\r\n",
675 sprintf(_("Error connecting to IMAP server: %s."), $server) );
678 $server_info = fgets ($imap_stream, 1024);
681 * Implementing IMAP STARTTLS (rfc2595) in php 5.1.0+
682 * http://www.php.net/stream-socket-enable-crypto
685 if (function_exists('stream_socket_enable_crypto')) {
686 // check starttls capability, don't use cached capability version
687 if (! sqimap_capability($imap_stream, 'STARTTLS', false)) {
688 // imap server does not declare starttls support
689 sqimap_error_box(sprintf(_("Error connecting to IMAP server: %s."), $server),
691 _("IMAP STARTTLS is enabled in SquirrelMail configuration, but used IMAP server does not support STARTTLS."));
695 // issue starttls command and check response
696 sqimap_run_command($imap_stream, 'STARTTLS', false, $starttls_response, $starttls_message);
698 if ($starttls_response!='OK') {
699 // starttls command failed
700 sqimap_error_box(sprintf(_("Error connecting to IMAP server: %s."), $server),
702 _("Server replied:") . ' ',
707 // start crypto on connection. suppress function errors.
708 if (@stream_socket_enable_crypto
($imap_stream,true,STREAM_CRYPTO_METHOD_TLS_CLIENT
)) {
709 // starttls was successful
712 * RFC 2595 requires to discard CAPABILITY information after successful
713 * STARTTLS command. We don't follow RFC, because SquirrelMail stores CAPABILITY
714 * information only after successful login (src/redirect.php) and cached information
715 * is used only in other php script connections after successful STARTTLS. If script
716 * issues sqimap_capability() call before sqimap_login() and wants to get initial
717 * capability response, script should set third sqimap_capability() argument to false.
719 //sqsession_unregister('sqimap_capabilities');
722 * stream_socket_enable_crypto() call failed. Possible issues:
723 * - broken ssl certificate (uw drops connection, error is in syslog mail facility)
724 * - some ssl error (can reproduce with STREAM_CRYPTO_METHOD_SSLv3_CLIENT, PHP E_WARNING
725 * suppressed in stream_socket_enable_crypto() call)
727 sqimap_error_box(sprintf(_("Error connecting to IMAP server: %s."), $server),
729 _("Unable to start TLS."));
731 * Bug: stream_socket_enable_crypto() does not register SSL errors in
732 * openssl_error_string() or stream notification wrapper and displays
733 * them in E_WARNING level message. It is impossible to retrieve error
734 * message without own error handler.
739 // php install does not support stream_socket_enable_crypto() function
740 sqimap_error_box(sprintf(_("Error connecting to IMAP server: %s."), $server),
742 _("IMAP STARTTLS is enabled in SquirrelMail configuration, but used PHP version does not support functions that allow to enable encryption on open socket."));
750 * Logs the user into the IMAP server. If $hide is set, no error messages
751 * will be displayed (if set to 1, just exits, if set to 2, returns FALSE).
752 * This function returns the IMAP connection handle.
753 * @param string $username user name
754 * @param string $password password encrypted with onetimepad. Since 1.5.2
755 * function can use internal password functions, if parameter is set to
757 * @param string $imap_server_address address of imap server
758 * @param integer $imap_port port of imap server
759 * @param int $hide controls display connection errors:
760 * 0 = do not hide, 1 = show logout error, 2 = return FALSE
761 * @return mixed The IMAP connection stream, or FALSE if $hide is set to 2
762 * and the connection fails.
764 function sqimap_login ($username, $password, $imap_server_address, $imap_port, $hide) {
765 global $color, $squirrelmail_language, $onetimepad, $use_imap_tls,
766 $imap_auth_mech, $sqimap_capabilities;
768 // Note/TODO: This hack grabs the $authz argument from the session. In the short future,
769 // a new argument in function sqimap_login() will be used instead.
772 sqgetglobalvar('authz' , $authz , SQ_SESSION
);
775 /* authz plugin - specific:
776 * Get proxy login parameters from authz plugin configuration. If they
777 * exist, they will override the current ones.
778 * This is useful if we want to use different SASL authentication mechanism
779 * and/or different TLS settings for proxy logins. */
780 global $authz_imap_auth_mech, $authz_use_imap_tls, $authz_imapPort_tls;
781 $imap_auth_mech = !empty($authz_imap_auth_mech) ?
strtolower($authz_imap_auth_mech) : $imap_auth_mech;
782 $use_imap_tls = !empty($authz_use_imap_tls)?
$authz_use_imap_tls : $use_imap_tls;
783 $imap_port = !empty($authz_use_imap_tls)?
$authz_imapPort_tls : $imap_port;
785 if($imap_auth_mech == 'login' ||
$imap_auth_mech == 'cram-md5') {
786 logout_error("Misconfigured Plugin (authz or equivalent):<br/>".
787 "The LOGIN and CRAM-MD5 authentication mechanisms cannot be used when attempting proxy login.");
792 /* get imap login password */
793 if ($password===false) {
794 /* standard functions */
795 $password = sqauth_read_password();
797 /* old way. $key must be extracted from cookie */
798 if (!isset($onetimepad) ||
empty($onetimepad)) {
799 sqgetglobalvar('onetimepad' , $onetimepad , SQ_SESSION
);
801 /* Decrypt the password */
802 $password = OneTimePadDecrypt($password, $onetimepad);
805 if (!isset($sqimap_capabilities)) {
806 sqgetglobalvar('sqimap_capabilities' , $sqimap_capabilities , SQ_SESSION
);
809 $host = $imap_server_address;
810 $imap_server_address = sqimap_get_user_server($imap_server_address, $username);
812 $imap_stream = sqimap_create_stream($imap_server_address,$imap_port,$use_imap_tls);
814 if (($imap_auth_mech == 'cram-md5') OR ($imap_auth_mech == 'digest-md5')) {
815 // We're using some sort of authentication OTHER than plain or login
816 $tag=sqimap_session_id(false);
817 if ($imap_auth_mech == 'digest-md5') {
818 $query = $tag . " AUTHENTICATE DIGEST-MD5\r\n";
819 } elseif ($imap_auth_mech == 'cram-md5') {
820 $query = $tag . " AUTHENTICATE CRAM-MD5\r\n";
822 fputs($imap_stream,$query);
823 $answer=sqimap_fgets($imap_stream);
824 // Trim the "+ " off the front
825 $response=explode(" ",$answer,3);
826 if ($response[0] == '+') {
827 // Got a challenge back
828 $challenge=$response[1];
829 if ($imap_auth_mech == 'digest-md5') {
830 $reply = digest_md5_response($username,$password,$challenge,'imap',$host,$authz);
831 } elseif ($imap_auth_mech == 'cram-md5') {
832 $reply = cram_md5_response($username,$password,$challenge);
834 fputs($imap_stream,$reply);
835 $read=sqimap_fgets($imap_stream);
836 if ($imap_auth_mech == 'digest-md5') {
837 // DIGEST-MD5 has an extra step..
838 if (substr($read,0,1) == '+') { // OK so far..
839 fputs($imap_stream,"\r\n");
840 $read=sqimap_fgets($imap_stream);
843 $results=explode(" ",$read,3);
844 $response=$results[1];
845 $message=$results[2];
847 // Fake the response, so the error trap at the bottom will work
849 $message='IMAP server does not appear to support the authentication method selected.';
850 $message .= ' Please contact your system administrator.';
852 } elseif ($imap_auth_mech == 'login') {
853 // Original IMAP login code
854 $query = 'LOGIN "' . quoteimap($username) . '" "' . quoteimap($password) . '"';
855 $read = sqimap_run_command ($imap_stream, $query, false, $response, $message);
856 } elseif ($imap_auth_mech == 'plain') {
858 * SASL PLAIN, RFC 4616 (updates 2595)
860 * The mechanism consists of a single message, a string of [UTF-8]
861 * encoded [Unicode] characters, from the client to the server. The
862 * client presents the authorization identity (identity to act as),
863 * followed by a NUL (U+0000) character, followed by the authentication
864 * identity (identity whose password will be used), followed by a NUL
865 * (U+0000) character, followed by the clear-text password. As with
866 * other SASL mechanisms, the client does not provide an authorization
867 * identity when it wishes the server to derive an identity from the
868 * credentials and use that as the authorization identity.
870 $tag=sqimap_session_id(false);
871 $sasl = (isset($sqimap_capabilities['SASL-IR']) && $sqimap_capabilities['SASL-IR']) ?
true : false;
873 $auth = base64_encode("$username\0$authz\0$password");
875 $auth = base64_encode("$username\0$username\0$password");
878 // IMAP Extension for SASL Initial Client Response
879 // <draft-siemborski-imap-sasl-initial-response-01b.txt>
880 $query = $tag . " AUTHENTICATE PLAIN $auth\r\n";
881 fputs($imap_stream, $query);
882 $read = sqimap_fgets($imap_stream);
884 $query = $tag . " AUTHENTICATE PLAIN\r\n";
885 fputs($imap_stream, $query);
886 $read=sqimap_fgets($imap_stream);
887 if (substr($read,0,1) == '+') { // OK so far..
888 fputs($imap_stream, "$auth\r\n");
889 $read = sqimap_fgets($imap_stream);
892 $results=explode(" ",$read,3);
893 $response=$results[1];
894 $message=$results[2];
898 $message="Internal SquirrelMail error - unknown IMAP authentication method chosen. Please contact the developers.";
901 /* If the connection was not successful, lets see why */
902 if ($response != 'OK') {
904 if ($response != 'NO') {
905 /* "BAD" and anything else gets reported here. */
906 $message = htmlspecialchars($message);
907 set_up_language($squirrelmail_language, true);
908 if ($response == 'BAD') {
909 $string = sprintf (_("Bad request: %s")."<br />\r\n", $message);
911 $string = sprintf (_("Unknown error: %s") . "<br />\n", $message);
913 if (isset($read) && is_array($read)) {
914 $string .= '<br />' . _("Read data:") . "<br />\n";
915 foreach ($read as $line) {
916 $string .= htmlspecialchars($line) . "<br />\n";
923 * If the user does not log in with the correct
924 * username and password it is not possible to get the
925 * correct locale from the user's preferences.
926 * Therefore, apply the same hack as on the login
929 * $squirrelmail_language is set by a cookie when
930 * the user selects language and logs out
933 set_up_language($squirrelmail_language, true);
936 /* terminate the session nicely */
937 sqimap_logout($imap_stream);
938 logout_error( _("Unknown user or password incorrect.") );
942 if ($hide == 2) return FALSE;
947 /* Special error case:
948 * Login referrals. The server returns:
949 * ? OK [REFERRAL <imap url>]
950 * Check RFC 2221 for details. Since we do not support login referrals yet
951 * we log the user out.
953 if ( stristr($message, 'REFERRAL imap') === TRUE ) {
954 sqimap_logout($imap_stream);
955 set_up_language($squirrelmail_language, true);
957 logout_error( _("Your mailbox is not located at this server. Try a different server or consult your system administrator") );
965 * Simply logs out the IMAP session
966 * @param stream $imap_stream the IMAP connection to log out.
969 function sqimap_logout ($imap_stream) {
970 /* Logout is not valid until the server returns 'BYE'
971 * If we don't have an imap_ stream we're already logged out */
972 if(isset($imap_stream) && $imap_stream)
973 sqimap_run_command($imap_stream, 'LOGOUT', false, $response, $message);
977 * Retrieve the CAPABILITY string from the IMAP server.
978 * If capability is set, returns only that specific capability,
979 * else returns array of all capabilities.
980 * @param stream $imap_stream
981 * @param string $capability (since 1.3.0)
982 * @param boolean $bUseCache (since 1.5.1) Controls use of capability data stored in session
983 * @return mixed (string if $capability is set and found,
984 * false, if $capability is set and not found,
985 * array if $capability not set)
987 function sqimap_capability($imap_stream, $capability='', $bUseCache=true) {
988 // sqgetGlobalVar('sqimap_capabilities', $sqimap_capabilities, SQ_SESSION);
990 if (!$bUseCache ||
! sqgetGlobalVar('sqimap_capabilities', $sqimap_capabilities, SQ_SESSION
)) {
991 $read = sqimap_run_command($imap_stream, 'CAPABILITY', true, $a, $b);
992 $c = explode(' ', $read[0]);
993 for ($i=2; $i < count($c); $i++
) {
994 $cap_list = explode('=', $c[$i]);
995 if (isset($cap_list[1])) {
996 if(isset($sqimap_capabilities[trim($cap_list[0])]) &&
997 !is_array($sqimap_capabilities[trim($cap_list[0])])) {
998 // Remove array key that was added in 'else' block below
999 // This is to accomodate for capabilities like:
1001 unset($sqimap_capabilities[trim($cap_list[0])]);
1003 $sqimap_capabilities[trim($cap_list[0])][] = $cap_list[1];
1005 if(!isset($sqimap_capabilities[trim($cap_list[0])])) {
1006 $sqimap_capabilities[trim($cap_list[0])] = TRUE;
1012 if (isset($sqimap_capabilities[$capability])) {
1013 return $sqimap_capabilities[$capability];
1018 return $sqimap_capabilities;
1022 * Returns the delimiter between mailboxes: INBOX/Test, or INBOX.Test
1023 * @param stream $imap_stream
1026 function sqimap_get_delimiter ($imap_stream = false) {
1027 global $sqimap_delimiter, $optional_delimiter;
1029 /* Use configured delimiter if set */
1030 if((!empty($optional_delimiter)) && $optional_delimiter != 'detect') {
1031 return $optional_delimiter;
1034 /* Delimiter is stored in the session from redirect. Try fetching from there first */
1035 if (empty($sqimap_delimiter)) {
1036 sqgetGlobalVar('delimiter',$sqimap_delimiter,SQ_SESSION
);
1039 /* Do some caching here */
1040 if (!$sqimap_delimiter) {
1041 if (sqimap_capability($imap_stream, 'NAMESPACE')) {
1043 * According to something that I can't find, this is supposed to work on all systems
1044 * OS: This won't work in Courier IMAP.
1045 * OS: According to rfc2342 response from NAMESPACE command is:
1046 * OS: * NAMESPACE (PERSONAL NAMESPACES) (OTHER_USERS NAMESPACE) (SHARED NAMESPACES)
1047 * OS: We want to lookup all personal NAMESPACES...
1049 * TODO: remove this in favour of the information from sqimap_get_namespace()
1051 $read = sqimap_run_command($imap_stream, 'NAMESPACE', true, $a, $b);
1052 if (eregi('\\* NAMESPACE +(\\( *\\(.+\\) *\\)|NIL) +(\\( *\\(.+\\) *\\)|NIL) +(\\( *\\(.+\\) *\\)|NIL)', $read[0], $data)) {
1053 if (eregi('^\\( *\\((.*)\\) *\\)', $data[1], $data2)) {
1056 $pna = explode(')(', $pn);
1057 while (list($k, $v) = each($pna)) {
1058 $lst = explode('"', $v);
1059 if (isset($lst[3])) {
1060 $pn[$lst[1]] = $lst[3];
1066 $sqimap_delimiter = $pn[0];
1068 fputs ($imap_stream, ". LIST \"INBOX\" \"\"\r\n");
1069 $read = sqimap_read_data($imap_stream, '.', true, $a, $b);
1070 $read = $read['.'][0]; //sqimap_read_data() now returns a tag array of response array
1071 $quote_position = strpos ($read[0], '"');
1072 $sqimap_delimiter = substr ($read[0], $quote_position+
1, 1);
1075 return $sqimap_delimiter;
1079 * Retrieves the namespaces from the IMAP server.
1080 * NAMESPACE is an IMAP extension defined in RFC 2342.
1082 * @param stream $imap_stream
1085 function sqimap_get_namespace($imap_stream) {
1086 $read = sqimap_run_command($imap_stream, 'NAMESPACE', true, $a, $b);
1087 return sqimap_parse_namespace($read[0]);
1091 * Parses a NAMESPACE response and returns an array with the available
1092 * personal, users and shared namespaces.
1094 * @param string $input
1095 * @return array The returned array has the following format:
1098 * 'personal' => array(
1099 * 0 => array('prefix'=>'INBOX.','delimiter' =>'.'),
1102 * 'users' => array(..
1104 * 'shared' => array( ..
1108 * Note that if a namespace is not defined in the server, then the corresponding
1109 * array will be empty.
1111 function sqimap_parse_namespace(&$input) {
1112 $ns_strings = array(1=>'personal', 2=>'users', 3=>'shared');
1113 $namespace = array();
1115 if(ereg('NAMESPACE (\(\(.*\)\)|NIL) (\(\(.*\)\)|NIL) (\(\(.*\)\)|NIL)', $input, $regs) !== false) {
1116 for($i=1; $i<=3; $i++
) {
1117 if($regs[$i] == 'NIL') {
1118 $namespace[$ns_strings[$i]] = array();
1120 // Pop-out the first ( and last ) for easier parsing
1121 $ns = substr($regs[$i], 1, sizeof($regs[$i])-2);
1122 if($c = preg_match_all('/\((?:(.*?)\s*?)\)/', $ns, $regs2)) {
1123 $namespace[$ns_strings[$i]] = array();
1124 for($j=0; $j<sizeof($regs2[1]); $j++
) {
1125 preg_match('/"(.*)"\s+("(.*)"|NIL)/', $regs2[1][$j], $regs3);
1126 $namespace[$ns_strings[$i]][$j]['prefix'] = $regs3[1];
1127 if($regs3[2] == 'NIL') {
1128 $namespace[$ns_strings[$i]][$j]['delimiter'] = null;
1130 // $regs[3] is $regs[2] without the quotes
1131 $namespace[$ns_strings[$i]][$j]['delimiter'] = $regs3[3];
1144 * This encodes a mailbox name for use in IMAP commands.
1145 * @param string $what the mailbox to encode
1146 * @return string the encoded mailbox string
1149 function sqimap_encode_mailbox_name($what)
1151 if (ereg("[\"\\\r\n]", $what))
1152 return '{' . strlen($what) . "}\r\n" . $what; /* 4.3 literal form */
1153 return '"' . $what . '"'; /* 4.3 quoted string form */
1157 * Gets the number of messages in the current mailbox.
1159 * OBSOLETE use sqimap_status_messages instead.
1160 * @param stream $imap_stream imap stream
1161 * @param string $mailbox
1164 function sqimap_get_num_messages ($imap_stream, $mailbox) {
1165 $aStatus = sqimap_status_messages($imap_stream,$mailbox,array('MESSAGES'));
1166 return $aStatus['MESSAGES'];
1170 * OBSOLETE FUNCTION should be removed after mailbox_display,
1171 * printMessage function is adapted
1172 * $addr_ar = array(), $group = '' and $host='' arguments are used in 1.4.0
1173 * @param string $address
1174 * @param integer $max
1176 * @deprecated See Rfc822Address.php
1178 function parseAddress($address, $max=0) {
1179 $aAddress = parseRFC822Address($address,array('limit'=> $max));
1181 * Because the expected format of the array element is changed we adapt it now.
1182 * This also implies that this function is obsolete and should be removed after the
1183 * rest of the source is adapted. See Rfc822Address.php for the new function.
1185 array_walk($aAddress, '_adaptAddress');
1190 * OBSOLETE FUNCTION should be removed after mailbox_display,
1191 * printMessage function is adapted
1193 * callback function used for formating of addresses array in
1194 * parseAddress() function
1195 * @param array $aAddr
1196 * @param integer $k array key
1200 function _adaptAddress(&$aAddr,$k) {
1201 $sPersonal = (isset($aAddr[SQM_ADDR_PERSONAL
]) && $aAddr[SQM_ADDR_PERSONAL
]) ?
1202 $aAddr[SQM_ADDR_PERSONAL
] : '';
1203 $sEmail = ($aAddr[SQM_ADDR_HOST
]) ?
1204 $aAddr[SQM_ADDR_MAILBOX
] . '@'.$aAddr[SQM_ADDR_HOST
] :
1205 $aAddr[SQM_ADDR_MAILBOX
];
1206 $aAddr = array($sEmail,$sPersonal);
1210 * Returns the number of unseen messages in this folder.
1211 * obsoleted by sqimap_status_messages !
1212 * Arguments differ in 1.0.x
1213 * @param stream $imap_stream
1214 * @param string $mailbox
1218 function sqimap_unseen_messages ($imap_stream, $mailbox) {
1219 $aStatus = sqimap_status_messages($imap_stream,$mailbox,array('UNSEEN'));
1220 return $aStatus['UNSEEN'];
1224 * Returns the status items of a mailbox.
1225 * Default it returns MESSAGES,UNSEEN and RECENT
1226 * Supported status items are MESSAGES, UNSEEN, RECENT (since 1.4.0),
1227 * UIDNEXT (since 1.5.1) and UIDVALIDITY (since 1.5.1)
1228 * @param stream $imap_stream imap stream
1229 * @param string $mailbox mail folder
1230 * @param array $aStatusItems status items
1234 function sqimap_status_messages ($imap_stream, $mailbox,
1235 $aStatusItems = array('MESSAGES','UNSEEN','RECENT')) {
1237 $aStatusItems = implode(' ',$aStatusItems);
1238 $read_ary = sqimap_run_command ($imap_stream, 'STATUS ' . sqimap_encode_mailbox_name($mailbox) .
1239 " ($aStatusItems)", false, $result, $message);
1241 $messages = $unseen = $recent = $uidnext = $uidvalidity = false;
1242 $regs = array(false,false);
1243 while (isset($read_ary[$i])) {
1244 if (preg_match('/UNSEEN\s+([0-9]+)/i', $read_ary[$i], $regs)) {
1247 if (preg_match('/MESSAGES\s+([0-9]+)/i', $read_ary[$i], $regs)) {
1248 $messages = $regs[1];
1250 if (preg_match('/RECENT\s+([0-9]+)/i', $read_ary[$i], $regs)) {
1253 if (preg_match('/UIDNEXT\s+([0-9]+)/i', $read_ary[$i], $regs)) {
1254 $uidnext = $regs[1];
1256 if (preg_match('/UIDVALIDITY\s+([0-9]+)/i', $read_ary[$i], $regs)) {
1257 $uidvalidity = $regs[1];
1262 $status=array('MESSAGES' => $messages,
1264 'RECENT' => $recent,
1265 'UIDNEXT' => $uidnext,
1266 'UIDVALIDITY' => $uidvalidity);
1268 if (!empty($messages)) { $hook_status['MESSAGES']=$messages; }
1269 if (!empty($unseen)) { $hook_status['UNSEEN']=$unseen; }
1270 if (!empty($recent)) { $hook_status['RECENT']=$recent; }
1271 if (!empty($hook_status)) {
1272 $hook_status['MAILBOX']=$mailbox;
1273 $hook_status['CALLER']='sqimap_status_messages';
1274 do_hook_function('folder_status',$hook_status);
1281 * Saves a message to a given folder -- used for saving sent messages
1282 * @param stream $imap_stream
1283 * @param string $sent_folder
1285 * @return string $sid
1287 function sqimap_append ($imap_stream, $sMailbox, $length) {
1288 $sid = sqimap_session_id();
1289 $query = $sid . ' APPEND ' . sqimap_encode_mailbox_name($sMailbox) . " (\\Seen) {".$length."}";
1290 fputs ($imap_stream, "$query\r\n");
1291 $tmp = fgets ($imap_stream, 1024);
1292 sqimap_append_checkresponse($tmp, $sMailbox,$sid, $query);
1297 * @param stream imap_stream
1298 * @param string $folder (since 1.3.2)
1300 function sqimap_append_done ($imap_stream, $sMailbox='') {
1301 fputs ($imap_stream, "\r\n");
1302 $tmp = fgets ($imap_stream, 1024);
1303 while (!sqimap_append_checkresponse($tmp, $sMailbox)) {
1304 $tmp = fgets ($imap_stream, 1024);
1309 * Displays error messages, if there are errors in responses to
1310 * commands issues by sqimap_append() and sqimap_append_done() functions.
1311 * @param string $response
1312 * @param string $sMailbox
1313 * @return bool $bDone
1314 * @since 1.5.1 and 1.4.5
1316 function sqimap_append_checkresponse($response, $sMailbox, $sid='', $query='') {
1317 // static vars to keep them available when sqimap_append_done calls this function.
1318 static $imapquery, $imapsid;
1323 $imapquery = $query;
1328 if ($response{0} == '+') {
1329 // continuation request triggerd by sqimap_append()
1332 $i = strpos($response, ' ');
1333 $sRsp = substr($response,0,$i);
1334 $sMsg = substr($response,$i+
1);
1335 $aExtra = array('MAILBOX' => $sMailbox);
1337 case '*': //untagged response
1338 $i = strpos($sMsg, ' ');
1339 $sRsp = strtoupper(substr($sMsg,0,$i));
1340 $sMsg = substr($sMsg,$i+
1);
1341 if ($sRsp == 'NO' ||
$sRsp == 'BAD') {
1342 // for the moment disabled. Enable after 1.5.1 release.
1343 // Notices could give valueable information about the mailbox
1344 // sqm_trigger_imap_error('SQM_IMAP_APPEND_NOTICE',$imapquery,$sRsp,$sMsg);
1349 // $imapsid<space>$sRsp<space>$sMsg
1351 $i = strpos($sMsg, ' ');
1352 $sRsp = strtoupper(substr($sMsg,0,$i));
1353 $sMsg = substr($sMsg,$i+
1);
1356 if (preg_match("/(.*)(quota)(.*)$/i", $sMsg, $aMatch)) {
1357 sqm_trigger_imap_error('SQM_IMAP_APPEND_QUOTA_ERROR',$imapquery,$sRsp,$sMsg,$aExtra);
1359 sqm_trigger_imap_error('SQM_IMAP_APPEND_ERROR',$imapquery,$sRsp,$sMsg,$aExtra);
1363 sqm_trigger_imap_error('SQM_IMAP_ERROR',$imapquery,$sRsp,$sMsg,$aExtra);
1366 sqm_trigger_imap_error('SQM_IMAP_BYE',$imapquery,$sRsp,$sMsg,$aExtra);
1375 // should be false because of the unexpected response but i'm not sure if
1376 // that will cause an endless loop in sqimap_append_done
1384 * Allows mapping of IMAP server address with custom function
1385 * see map_yp_alias()
1386 * @param string $imap_server imap server address or mapping
1387 * @param string $username
1391 function sqimap_get_user_server ($imap_server, $username) {
1392 if (substr($imap_server, 0, 4) != "map:") {
1393 return $imap_server;
1395 $function = substr($imap_server, 4);
1396 return $function($username);
1400 * This is an example that gets IMAP servers from yellowpages (NIS).
1401 * you can simple put map:map_yp_alias in your $imap_server_address
1402 * in config.php use your own function instead map_yp_alias to map your
1403 * LDAP whatever way to find the users IMAP server.
1405 * Requires access to external ypmatch program
1406 * FIXME: it can be implemented in php yp extension or pecl (since php 5.1.0)
1407 * @param string $username
1411 function map_yp_alias($username) {
1412 $yp = `ypmatch
$username aliases`
;
1413 return chop(substr($yp, strlen($username)+
1));