Removing hooks where we can from templates; one hook will probably have to stay;...
[squirrelmail.git] / plugins / squirrelspell / sqspell_functions.php
1 <?php
2
3 /**
4 * sqspell_functions.php
5 *
6 * All SquirrelSpell-wide functions are in this file.
7 *
8 * @author Konstantin Riabitsev <icon at duke.edu>
9 * @copyright &copy; 1999-2007 The SquirrelMail Project Team
10 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
11 * @version $Id$
12 * @package plugins
13 * @subpackage squirrelspell
14 */
15
16 /** globalize configuration vars **/
17 global $SQSPELL_APP, $SQSPELL_APP_DEFAULT, $SQSPELL_WORDS_FILE, $SQSPELL_CRYPTO;
18
19 /**
20 * load plugin configuration
21 * @todo allow storing configuration file in config/ directory
22 */
23 include_once(SM_PATH . 'plugins/squirrelspell/sqspell_config.php');
24
25 /**
26 * Workaround for including function squirrelspell_version() in SM 1.5 CVS,
27 * where plugins' setup.php is not included by default.
28 */
29 include_once(SM_PATH . 'plugins/squirrelspell/setup.php');
30
31 /** Hooked functions **/
32
33 /**
34 * Register option page block (internal function)
35 * @since 1.5.1 (sqspell 0.5)
36 * @return void
37 */
38 function squirrelspell_optpage_block_function() {
39 global $optpage_blocks;
40
41 /**
42 * Dependency on JavaScript is checked by SquirrelMail scripts
43 * Register Squirrelspell with the $optpage_blocks array.
44 */
45 $optpage_blocks[] =
46 array(
47 'name' => _("SpellChecker Options"),
48 'url' => '../plugins/squirrelspell/sqspell_options.php',
49 'desc' => _("Here you may set up how your personal dictionary is stored, edit it, or choose which languages should be available to you when spell-checking."),
50 'js' => TRUE);
51 }
52
53 /**
54 * This function adds a "Check Spelling" link to the "Compose" row
55 * during message composition (internal function).
56 * @since 1.5.1 (sqspell 0.5)
57 * @return void
58 */
59 function squirrelspell_setup_function() {
60 /**
61 * Check if this browser is capable of displaying SquirrelSpell
62 * correctly.
63 */
64 if (checkForJavascript()) {
65 /**
66 * Some people may choose to disable javascript even though their
67 * browser is capable of using it. So these freaks don't complain,
68 * use document.write() so the "Check Spelling" button is not
69 * displayed if js is off in the browser.
70 */
71 $output = "<script type=\"text/javascript\">\n".
72 "<!--\n".
73 'document.write("<input type=\"button\" value=\"'.
74 _("Check Spelling").
75 '\" name=\"check_spelling\" onclick=\"window.open(\'../plugins/squirrelspell/sqspell_'.
76 'interface.php\', \'sqspell\', \'status=yes,width=550,height=370,'.
77 'resizable=yes\')\" />");' . "\n".
78 "//-->\n".
79 "</script>\n";
80 return array('compose_button_row' => $output);
81 }
82 }
83
84 /**
85 * Upgrade dictionaries (internal function)
86 *
87 * Transparently upgrades user's dictionaries when message listing is loaded
88 * @since 1.5.1 (sqspell 0.5)
89 */
90 function squirrelspell_upgrade_function() {
91 global $data_dir, $username;
92
93 if (! sqspell_check_version(0,5)) {
94 $langs=sqspell_getSettings_old(null);
95 $words=sqspell_getWords_old();
96 sqspell_saveSettings($langs);
97 foreach ($langs as $lang) {
98 $lang_words=sqspell_getLang_old($words,$lang);
99 $aLang_words=explode("\n",$lang_words);
100 $new_words=array();
101 foreach($aLang_words as $word) {
102 if (! preg_match("/^#/",$word) && trim($word)!='') {
103 $new_words[]=$word;
104 }
105 }
106 sqspell_writeWords($new_words,$lang);
107 }
108 // bump up version number
109 setPref($data_dir,$username,'sqspell_version','0.5');
110 }
111 }
112
113 /** Internal functions **/
114
115 /**
116 * This function is the GUI wrapper for the options page. SquirrelSpell
117 * uses it for creating all Options pages.
118 *
119 * @param string $title The title of the page to display
120 * @param string $scriptsrc This is used to link a file.js into the
121 * <script src="file.js"></script> format. This
122 * allows to separate javascript from the rest of the
123 * plugin and place it into the js/ directory.
124 * @param string $body The body of the message to display.
125 * @return void
126 */
127 function sqspell_makePage($title, $scriptsrc, $body){
128 global $color, $SQSPELL_VERSION;
129
130 if (! sqgetGlobalVar('MOD', $MOD, SQ_GET) ) {
131 $MOD = 'options_main';
132 }
133
134 displayPageHeader($color, 'None');
135 echo "&nbsp;<br />\n";
136 /**
137 * Check if we need to link in a script.
138 */
139 if($scriptsrc) {
140 echo "<script type=\"text/javascript\" src=\"js/$scriptsrc\"></script>\n";
141 }
142 echo html_tag( 'table', '', 'center', '', 'width="95%" border="0" cellpadding="2" cellspacing="0"' ) . "\n"
143 . html_tag( 'tr', "\n" .
144 html_tag( 'td', '<strong>' . $title .'</strong>', 'center', $color[9] )
145 ) . "\n"
146 . html_tag( 'tr', "\n" .
147 html_tag( 'td', '<hr />', 'left' )
148 ) . "\n"
149 . html_tag( 'tr', "\n" .
150 html_tag( 'td', $body, 'left' )
151 ) . "\n";
152 /**
153 * Generate a nice "Return to Options" link, unless this is the
154 * starting page.
155 */
156 if ($MOD != "options_main"){
157 echo html_tag( 'tr', "\n" .
158 html_tag( 'td', '<hr />', 'left' )
159 ) . "\n"
160 . html_tag( 'tr', "\n" .
161 html_tag( 'td', '<a href="sqspell_options.php">'
162 . _("Back to &quot;SpellChecker Options&quot; page")
163 . '</a>',
164 'center' )
165 ) . "\n";
166 }
167 /**
168 * Close the table and display the version.
169 */
170 echo html_tag( 'tr', "\n" .
171 html_tag( 'td', '<hr />', 'left' )
172 ) . "\n"
173 . html_tag( 'tr',
174 html_tag( 'td', 'SquirrelSpell ' . squirrelspell_version(), 'center', $color[9] )
175 ) . "\n</table>\n";
176 echo '</body></html>';
177 }
178
179 /**
180 * Function similar to the one above. This one is a general wrapper
181 * for the Squirrelspell pop-up window. It's called form nearly
182 * everywhere, except the check_me module, since that one is highly
183 * customized.
184 *
185 * @param string $onload Used to indicate and pass the name of a js function
186 * to call in a <body onload="function()" for automatic
187 * onload script execution.
188 * @param string $title Title of the page.
189 * @param string $scriptsrc If defined, link this javascript source page into
190 * the document using <script src="file.js"> format.
191 * @param string $body The content to include.
192 * @return void
193 */
194 function sqspell_makeWindow($onload, $title, $scriptsrc, $body){
195 global $color, $SQSPELL_VERSION;
196
197 displayHtmlHeader($title,
198 ($scriptsrc ? "\n<script type=\"text/javascript\" src=\"js/$scriptsrc\"></script>\n" : ''));
199
200 echo "<body text=\"$color[8]\" bgcolor=\"$color[4]\" link=\"$color[7]\" "
201 . "vlink=\"$color[7]\" alink=\"$color[7]\"";
202 /**
203 * Provide an onload="jsfunction()" if asked to.
204 */
205 if ($onload) {
206 echo " onload=\"$onload\"";
207 }
208 /**
209 * Draw the rest of the page.
210 */
211 echo ">\n"
212 . html_tag( 'table', "\n" .
213 html_tag( 'tr', "\n" .
214 html_tag( 'td', '<strong>' . $title . '</strong>', 'center', $color[9] )
215 ) . "\n" .
216 html_tag( 'tr', "\n" .
217 html_tag( 'td', '<hr />', 'left' )
218 ) . "\n" .
219 html_tag( 'tr', "\n" .
220 html_tag( 'td', $body, 'left' )
221 ) . "\n" .
222 html_tag( 'tr', "\n" .
223 html_tag( 'td', '<hr />', 'left' )
224 ) . "\n" .
225 html_tag( 'tr', "\n" .
226 html_tag( 'td', 'SquirrelSpell ' . squirrelspell_version(), 'center', $color[9] )
227 ) ,
228 '', '', 'width="100%" border="0" cellpadding="2"' );
229
230 global $oTemplate;
231 $oTemplate->display('footer.tpl');
232 }
233
234 /**
235 * Encryption function used by plugin (old format)
236 *
237 * This function does the encryption and decryption of the user
238 * dictionary. It is only available when PHP is compiled with
239 * mcrypt support (--with-mcrypt). See doc/CRYPTO for more
240 * information.
241 *
242 * @param $mode A string with either of the two recognized values:
243 * "encrypt" or "decrypt".
244 * @param $ckey The key to use for processing (the user's password
245 * in our case.
246 * @param $input Content to decrypt or encrypt, according to $mode.
247 * @return encrypted/decrypted content, or "PANIC" if the
248 * process bails out.
249 * @since 1.5.1 (sqspell 0.5)
250 * @deprecated
251 */
252 function sqspell_crypto_old($mode, $ckey, $input){
253 /**
254 * Double-check if we have the mcrypt_generic function. Bail out if
255 * not so.
256 */
257 if (!function_exists('mcrypt_generic')) {
258 return 'PANIC';
259 }
260 /**
261 * Setup mcrypt routines.
262 */
263 $td = mcrypt_module_open(MCRYPT_Blowfish, "", MCRYPT_MODE_ECB, "");
264 $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size ($td), MCRYPT_RAND);
265 mcrypt_generic_init($td, $ckey, $iv);
266 /**
267 * See what we have to do depending on $mode.
268 * 'encrypt' -- Encrypt the content.
269 * 'decrypt' -- Decrypt the content.
270 */
271 switch ($mode){
272 case 'encrypt':
273 $crypto = mcrypt_generic($td, $input);
274 break;
275 case 'decrypt':
276 $crypto = mdecrypt_generic($td, $input);
277 /**
278 * See if it decrypted successfully. If so, it should contain
279 * the string "# SquirrelSpell". If not, then bail out.
280 */
281 if (!strstr($crypto, "# SquirrelSpell")){
282 $crypto='PANIC';
283 }
284 break;
285 }
286 /**
287 * Finish up the mcrypt routines and return the processed content.
288 */
289 if (function_exists('mcrypt_generic_deinit')) {
290 // php 4.1.1+ syntax
291 mcrypt_generic_deinit ($td);
292 mcrypt_module_close ($td);
293 } else {
294 // older deprecated function
295 mcrypt_generic_end ($td);
296 }
297 return $crypto;
298 }
299
300 /**
301 * Encryption function used by plugin
302 *
303 * This function does the encryption and decryption of the user
304 * dictionary. It is only available when PHP is compiled with
305 * mcrypt support (--with-mcrypt). See doc/CRYPTO for more
306 * information.
307 *
308 * @param $mode A string with either of the two recognized values:
309 * "encrypt" or "decrypt".
310 * @param $ckey The key to use for processing (the user's password
311 * in our case.
312 * @param $input Content to decrypt or encrypt, according to $mode.
313 * @return encrypted/decrypted content, or "PANIC" if the
314 * process bails out.
315 */
316 function sqspell_crypto($mode, $ckey, $input){
317 /**
318 * Double-check if we have the mcrypt_generic function. Bail out if
319 * not so.
320 */
321 if (!function_exists('mcrypt_generic')) {
322 return 'PANIC';
323 }
324 /**
325 * Setup mcrypt routines.
326 */
327 $td = mcrypt_module_open(MCRYPT_Blowfish, "", MCRYPT_MODE_ECB, "");
328 $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size ($td), MCRYPT_RAND);
329 mcrypt_generic_init($td, $ckey, $iv);
330 /**
331 * See what we have to do depending on $mode.
332 * 'encrypt' -- Encrypt the content.
333 * 'decrypt' -- Decrypt the content.
334 */
335 switch ($mode){
336 case 'encrypt':
337 $crypto = mcrypt_generic($td, '{sqspell}'.$input);
338 break;
339 case 'decrypt':
340 $crypto = mdecrypt_generic($td, $input);
341 if (preg_match("/^\{sqspell\}(.*)/",$crypto,$match)){
342 $crypto = trim($match[1]);
343 } else {
344 $crypto='PANIC';
345 }
346 break;
347 }
348 /**
349 * Finish up the mcrypt routines and return the processed content.
350 */
351 if (function_exists('mcrypt_generic_deinit')) {
352 // php 4.1.1+ syntax
353 mcrypt_generic_deinit ($td);
354 mcrypt_module_close ($td);
355 } else {
356 // older deprecated function
357 mcrypt_generic_end ($td);
358 }
359 return $crypto;
360 }
361
362 /**
363 * This function transparently upgrades the 0.2 dictionary format to the
364 * 0.3 format, since user-defined languages have been added in 0.3 and
365 * the new format keeps user dictionaries selection in the file.
366 *
367 * This function will be retired soon, as it's been a while since anyone
368 * has been using SquirrelSpell-0.2.
369 *
370 * @param $words_string Contents of the 0.2-style user dictionary.
371 * @return Contents of the 0.3-style user dictionary.
372 * @deprecated
373 */
374 function sqspell_upgradeWordsFile($words_string){
375 global $SQSPELL_APP_DEFAULT, $SQSPELL_VERSION;
376 /**
377 * Define just one dictionary for this user -- the default.
378 * If the user wants more, s/he can set them up in personal
379 * preferences. See doc/UPGRADING for more info.
380 */
381 $new_words_string =
382 substr_replace($words_string,
383 "# SquirrelSpell User Dictionary $SQSPELL_VERSION\n# "
384 . "Last Revision: " . date("Y-m-d")
385 . "\n# LANG: $SQSPELL_APP_DEFAULT\n# $SQSPELL_APP_DEFAULT",
386 0, strpos($words_string, "\n")) . "# End\n";
387 sqspell_writeWords($new_words_string);
388 return $new_words_string;
389 }
390
391 /**
392 * gets list of available dictionaries from user's prefs.
393 * Function was modified in 1.5.1 (sqspell 0.5).
394 * Older function is suffixed with '_old'
395 * @return array list of dictionaries used by end user.
396 */
397 function sqspell_getSettings(){
398 global $data_dir, $username, $SQSPELL_APP_DEFAULT, $SQSPELL_APP;
399
400 $ret=array();
401
402 $sLangs=getPref($data_dir,$username,'sqspell_langs','');
403 if ($sLangs=='') {
404 $ret[0]=$SQSPELL_APP_DEFAULT;
405 } else {
406 $aLangs = explode(',',$sLangs);
407 foreach ($aLangs as $lang) {
408 if (array_key_exists($lang,$SQSPELL_APP)) {
409 $ret[]=$lang;
410 }
411 }
412 }
413 return $ret;
414 }
415
416 /**
417 * Saves user's language preferences
418 * @param array $langs languages array (first key is default language)
419 * @since 1.5.1 (sqspell 0.5)
420 */
421 function sqspell_saveSettings($langs) {
422 global $data_dir, $username;
423 setPref($data_dir,$username,'sqspell_langs',implode(',',$langs));
424 }
425
426 /**
427 * Get list of enabled languages.
428 *
429 * Right now it just returns an array with the dictionaries
430 * available to the user for spell-checking. It will probably
431 * do more in the future, as features are added.
432 *
433 * @param string $words The contents of the user's ".words" file.
434 * @return array a strings array with dictionaries available
435 * to this user, e.g. {"English", "Spanish"}, etc.
436 * @since 1.5.1 (sqspell 0.5)
437 * @deprecated
438 */
439 function sqspell_getSettings_old($words){
440 global $SQSPELL_APP, $SQSPELL_APP_DEFAULT;
441 /**
442 * Check if there is more than one dictionary configured in the
443 * system config.
444 */
445 if (sizeof($SQSPELL_APP) > 1){
446 /**
447 * Now load the user prefs. Check if $words was empty -- a bit of
448 * a dirty fall-back. TODO: make it so this is not required.
449 */
450 if(!$words){
451 $words=sqspell_getWords_old();
452 }
453 if ($words){
454 /**
455 * This user has a ".words" file.
456 * Find which dictionaries s/he wants to use and load them into
457 * the $langs array.
458 */
459 preg_match("/# LANG: (.*)/i", $words, $matches);
460 $langs=explode(", ", $matches[1]);
461 } else {
462 /**
463 * User doesn't have a personal dictionary. Grab the default
464 * system setting.
465 */
466 $langs[0]=$SQSPELL_APP_DEFAULT;
467 }
468 } else {
469 /**
470 * There is no need to read the ".words" file as there is only one
471 * dictionary defined system-wide.
472 */
473 $langs[0]=$SQSPELL_APP_DEFAULT;
474 }
475 return $langs;
476 }
477
478 /**
479 * Get user dictionary for selected language
480 * Function was modified in 1.5.1 (sqspell 0.5).
481 * Older function is suffixed with '_old'
482 * @param string $lang language
483 * @param array words stored in selected language dictionary
484 */
485 function sqspell_getLang($lang) {
486 global $data_dir, $username,$SQSPELL_CRYPTO;
487 $sWords=getPref($data_dir,$username,'sqspell_dict_' . $lang,'');
488 if (preg_match("/^\{crypt\}(.*)/i",$sWords,$match)) {
489 /**
490 * Dictionary is encrypted or mangled. Try to decrypt it.
491 * If fails, complain loudly.
492 *
493 * $old_key would be a value submitted by one of the modules with
494 * the user's old mailbox password. I admin, this is rather dirty,
495 * but efficient. ;)
496 */
497 if (sqgetGlobalVar('old_key', $old_key, SQ_POST)) {
498 $clear_key=$old_key;
499 } else {
500 sqgetGlobalVar('key', $key, SQ_COOKIE);
501 sqgetGlobalVar('onetimepad', $onetimepad, SQ_SESSION);
502 /**
503 * Get user's password (the key).
504 */
505 $clear_key = OneTimePadDecrypt($key, $onetimepad);
506 }
507 /**
508 * Invoke the decryption routines.
509 */
510 $sWords=sqspell_crypto("decrypt", $clear_key, $match[1]);
511 /**
512 * See if decryption failed.
513 */
514 if ($sWords=="PANIC"){
515 sqspell_handle_crypt_panic($lang);
516 // script execution stops here
517 } else {
518 /**
519 * OK! Phew. Set the encryption flag to true so we can later on
520 * encrypt it again before saving to HDD.
521 */
522 $SQSPELL_CRYPTO=true;
523 }
524 } else {
525 /**
526 * No encryption is/was used. Set $SQSPELL_CRYPTO to false,
527 * in case we have to save the dictionary later.
528 */
529 $SQSPELL_CRYPTO=false;
530 }
531 // rebuild word list and remove empty entries
532 $aWords=array();
533 foreach (explode(',',$sWords) as $word) {
534 if (trim($word) !='') {
535 $aWords[]=trim($word);
536 }
537 }
538 return $aWords;
539 }
540
541 /**
542 * Get user's dictionary (old format)
543 *
544 * This function returns only user-defined dictionary words that correspond
545 * to the requested language.
546 *
547 * @param $words The contents of the user's ".words" file.
548 * @param $lang Which language words to return, e.g. requesting
549 * "English" will return ONLY the words from user's
550 * English dictionary, disregarding any others.
551 * @return The list of words corresponding to the language
552 * requested.
553 * @since 1.5.1 (sqspell 0.5)
554 * @deprecated
555 */
556 function sqspell_getLang_old($words, $lang){
557 $start=strpos($words, "# $lang\n");
558 /**
559 * strpos() will return -1 if no # $lang\n string was found.
560 * Use this to return a zero-length value and indicate that no
561 * words are present in the requested dictionary.
562 */
563 if (!$start) return '';
564 /**
565 * The words list will end with a new directive, which will start
566 * with "#". Locate the next "#" and thus find out where the
567 * words end.
568 */
569 $end=strpos($words, "#", $start+1);
570 $lang_words = substr($words, $start, $end-$start);
571 return $lang_words;
572 }
573
574 /**
575 * Saves user's dictionary (old format)
576 *
577 * This function operates the user dictionary. If the format is
578 * clear-text, then it just reads the file and returns it. However, if
579 * the file is encrypted (well, "garbled"), then it tries to decrypt
580 * it, checks whether the decryption was successful, troubleshoots if
581 * not, then returns the clear-text dictionary to the app.
582 *
583 * @return the contents of the user's ".words" file, decrypted if
584 * necessary.
585 * @since 1.5.1 (sqspell 0.5)
586 * @deprecated
587 */
588 function sqspell_getWords_old(){
589 global $SQSPELL_WORDS_FILE, $SQSPELL_CRYPTO;
590 $words="";
591 if (file_exists($SQSPELL_WORDS_FILE)){
592 /**
593 * Gobble it up.
594 */
595 $fp=fopen($SQSPELL_WORDS_FILE, 'r');
596 $words=fread($fp, filesize($SQSPELL_WORDS_FILE));
597 fclose($fp);
598 }
599 /**
600 * Check if this is an encrypted file by looking for
601 * the string "# SquirrelSpell" in it (the crypto
602 * function does that).
603 */
604 if ($words && !strstr($words, "# SquirrelSpell")){
605 /**
606 * This file is encrypted or mangled. Try to decrypt it.
607 * If fails, complain loudly.
608 *
609 * $old_key would be a value submitted by one of the modules with
610 * the user's old mailbox password. I admin, this is rather dirty,
611 * but efficient. ;)
612 */
613 sqgetGlobalVar('key', $key, SQ_COOKIE);
614 sqgetGlobalVar('onetimepad', $onetimepad, SQ_SESSION);
615
616 sqgetGlobalVar('old_key', $old_key, SQ_POST);
617
618 if ($old_key != '') {
619 $clear_key=$old_key;
620 } else {
621 /**
622 * Get user's password (the key).
623 */
624 $clear_key = OneTimePadDecrypt($key, $onetimepad);
625 }
626 /**
627 * Invoke the decryption routines.
628 */
629 $words=sqspell_crypto_old("decrypt", $clear_key, $words);
630 /**
631 * See if decryption failed.
632 */
633 if ($words=="PANIC"){
634 sqspell_handle_crypt_panic();
635 // script execution stops here.
636 } else {
637 /**
638 * OK! Phew. Set the encryption flag to true so we can later on
639 * encrypt it again before saving to HDD.
640 */
641 $SQSPELL_CRYPTO=true;
642 }
643 } else {
644 /**
645 * No encryption is/was used. Set $SQSPELL_CRYPTO to false,
646 * in case we have to save the dictionary later.
647 */
648 $SQSPELL_CRYPTO=false;
649 }
650 /**
651 * Check if we need to upgrade the dictionary from version 0.2.x
652 * This is going away soon.
653 */
654 if (strstr($words, "Dictionary v0.2")){
655 $words=sqspell_upgradeWordsFile($words);
656 }
657 return $words;
658 }
659
660 /**
661 * Saves user's dictionary
662 * Function was replaced in 1.5.1 (sqspell 0.5).
663 * Older function is suffixed with '_old'
664 * @param array $words words that should be stored in dictionary
665 * @param string $lang language
666 */
667 function sqspell_writeWords($words,$lang){
668 global $SQSPELL_CRYPTO,$username,$data_dir;
669
670 $sWords = implode(',',$words);
671 if ($SQSPELL_CRYPTO){
672 /**
673 * User wants to encrypt the file. So be it.
674 * Get the user's password to use as a key.
675 */
676 sqgetGlobalVar('key', $key, SQ_COOKIE);
677 sqgetGlobalVar('onetimepad', $onetimepad, SQ_SESSION);
678
679 $clear_key=OneTimePadDecrypt($key, $onetimepad);
680 /**
681 * Try encrypting it. If fails, scream bloody hell.
682 */
683 $save_words = sqspell_crypto("encrypt", $clear_key, $sWords);
684 if ($save_words == 'PANIC'){
685 // FIXME: handle errors here
686
687 }
688 $save_words='{crypt}'.$save_words;
689 } else {
690 $save_words=$sWords;
691 }
692 setPref($data_dir,$username,'sqspell_dict_'.$lang,$save_words);
693 }
694
695 /**
696 * Writes user dictionary into the $username.words file, then changes mask
697 * to 0600. If encryption is needed -- does that, too.
698 *
699 * @param $words The contents of the ".words" file to write.
700 * @return void
701 * @since 1.5.1 (sqspell 0.5)
702 * @deprecated
703 */
704 function sqspell_writeWords_old($words){
705 global $SQSPELL_WORDS_FILE, $SQSPELL_CRYPTO;
706 /**
707 * if $words is empty, create a template entry by calling the
708 * sqspell_makeDummy() function.
709 */
710 if (!$words){
711 $words=sqspell_makeDummy();
712 }
713 if ($SQSPELL_CRYPTO){
714 /**
715 * User wants to encrypt the file. So be it.
716 * Get the user's password to use as a key.
717 */
718 sqgetGlobalVar('key', $key, SQ_COOKIE);
719 sqgetGlobalVar('onetimepad', $onetimepad, SQ_SESSION);
720
721 $clear_key=OneTimePadDecrypt($key, $onetimepad);
722 /**
723 * Try encrypting it. If fails, scream bloody hell.
724 */
725 $save_words = sqspell_crypto("encrypt", $clear_key, $words);
726 if ($save_words == 'PANIC'){
727 /**
728 * AAAAAAAAH! I'm not handling this yet, since obviously
729 * the admin of the site forgot to compile the MCRYPT support in
730 * when upgrading an existing PHP installation.
731 * I will add a handler for this case later, when I can come up
732 * with some work-around... Right now, do nothing. Let the Admin's
733 * head hurt.. ;)))
734 */
735 /** save some hairs on admin's head and store error message in logs */
736 error_log('SquirrelSpell: php does not have mcrypt support');
737 }
738 } else {
739 $save_words = $words;
740 }
741 /**
742 * Do the actual writing.
743 */
744 $fp=fopen($SQSPELL_WORDS_FILE, "w");
745 fwrite($fp, $save_words);
746 fclose($fp);
747 chmod($SQSPELL_WORDS_FILE, 0600);
748 }
749
750 /**
751 * Deletes user's dictionary
752 * Function was modified in 1.5.1 (sqspell 0.5). Older function is suffixed
753 * with '_old'
754 * @param string $lang dictionary
755 */
756 function sqspell_deleteWords($lang) {
757 global $data_dir, $username;
758 removePref($data_dir,$username,'sqspell_dict_'.$lang);
759 }
760
761 /**
762 * Deletes user's dictionary when it is corrupted.
763 * @since 1.5.1 (sqspell 0.5)
764 * @deprecated
765 */
766 function sqspell_deleteWords_old(){
767 /**
768 * So I open the door to my enemies,
769 * and I ask can we wipe the slate clean,
770 * but they tell me to please go...
771 * uhm... Well, this just erases the user dictionary file.
772 */
773 global $SQSPELL_WORDS_FILE;
774 if (file_exists($SQSPELL_WORDS_FILE)){
775 unlink($SQSPELL_WORDS_FILE);
776 }
777 }
778 /**
779 * Creates an empty user dictionary for the sake of saving prefs or
780 * whatever.
781 *
782 * @return The template to use when storing the user dictionary.
783 * @deprecated
784 */
785 function sqspell_makeDummy(){
786 global $SQSPELL_VERSION, $SQSPELL_APP_DEFAULT;
787 $words = "# SquirrelSpell User Dictionary $SQSPELL_VERSION\n"
788 . "# Last Revision: " . date('Y-m-d')
789 . "\n# LANG: $SQSPELL_APP_DEFAULT\n# End\n";
790 return $words;
791 }
792
793 /**
794 * This function checks for security attacks. A $MOD variable is
795 * provided in the QUERY_STRING and includes one of the files from the
796 * modules directory ($MOD.mod). See if someone is trying to get out
797 * of the modules directory by providing dots, unicode strings, or
798 * slashes.
799 *
800 * @param string $rMOD the name of the module requested to include.
801 * @return void, since it bails out with an access error if needed.
802 */
803 function sqspell_ckMOD($rMOD){
804 if (strstr($rMOD, '.')
805 || strstr($rMOD, '/')
806 || strstr($rMOD, '%')
807 || strstr($rMOD, "\\")){
808 echo _("Cute.");
809 exit;
810 }
811 }
812
813 /**
814 * Used to check internal version of SquirrelSpell dictionary
815 * @param integer $major main version number
816 * @param integer $minor second version number
817 * @return boolean true if stored dictionary version is $major.$minor or newer
818 * @since 1.5.1 (sqspell 0.5)
819 */
820 function sqspell_check_version($major,$minor) {
821 global $data_dir, $username;
822 // 0.4 version is internal version number that is used to indicate upgrade from
823 // separate files to generic SquirrelMail prefs storage.
824 $sqspell_version=getPref($data_dir,$username,'sqspell_version','0.4');
825
826 $aVersion=explode('.',$sqspell_version);
827
828 if ($aVersion[0] < $major ||
829 ( $aVersion[0] == $major && $aVersion[1] < $minor)) {
830 return false;
831 }
832 return true;
833 }
834
835 /**
836 * Displays form that allows to enter different password for dictionary decryption.
837 * If language is not set, function provides form to handle older dictionary files.
838 * @param string $lang language
839 * @since 1.5.1 (sqspell 0.5)
840 */
841 function sqspell_handle_crypt_panic($lang=false) {
842 if (! sqgetGlobalVar('SCRIPT_NAME',$SCRIPT_NAME,SQ_SERVER))
843 $SCRIPT_NAME='';
844
845 /**
846 * AAAAAAAAAAAH!!!!! OK, ok, breathe!
847 * Let's hope the decryption failed because the user changed his
848 * password. Bring up the option to key in the old password
849 * or wipe the file and start over if everything else fails.
850 *
851 * The _("SquirrelSpell...) line has to be on one line, otherwise
852 * gettext will bork. ;(
853 */
854 $msg = html_tag( 'p', "\n" .
855 '<strong>' . _("ATTENTION:") . '</strong><br />'
856 . _("SquirrelSpell was unable to decrypt your personal dictionary. This is most likely due to the fact that you have changed your mailbox password. In order to proceed, you will have to supply your old password so that SquirrelSpell can decrypt your personal dictionary. It will be re-encrypted with your new password after this. If you haven't encrypted your dictionary, then it got mangled and is no longer valid. You will have to delete it and start anew. This is also true if you don't remember your old password -- without it, the encrypted data is no longer accessible.") ,
857 'left' ) . "\n"
858 . (($lang) ? html_tag('p',sprintf(_("Your %s dictionary is encrypted with password that differs from your current password."),
859 htmlspecialchars($lang)),'left') : '')
860 . '<blockquote>' . "\n"
861 . '<form method="post" onsubmit="return AYS()">' . "\n"
862 . '<input type="hidden" name="MOD" value="crypto_badkey" />' . "\n"
863 . (($lang) ?
864 '<input type="hidden" name="dict_lang" value="'.htmlspecialchars($lang).'" />' :
865 '<input type="hidden" name="old_setup" value="yes" />')
866 . html_tag( 'p', "\n" .
867 '<input type="checkbox" name="delete_words" value="ON" />'
868 . _("Delete my dictionary and start a new one") . '<br />'
869 . _("Decrypt my dictionary with my old password:")
870 . '<input name="old_key" size="10" />' ,
871 'left' ) . "\n"
872 . '</blockquote>' . "\n"
873 . html_tag( 'p', "\n"
874 . '<input type="submit" value="'
875 . _("Proceed") . ' &gt;&gt;" />' ,
876 'center' ) . "\n"
877 . '</form>' . "\n";
878 /**
879 * Add some string vars so they can be i18n'd.
880 */
881 $msg .= "<script type=\"text/javascript\"><!--\n"
882 . "var ui_choice = \"" . _("You must make a choice") ."\";\n"
883 . "var ui_candel = \"" . _("You can either delete your dictionary or type in the old password. Not both.") . "\";\n"
884 . "var ui_willdel = \"" . _("This will delete your personal dictionary file. Proceed?") . "\";\n"
885 . "//--></script>\n";
886 /**
887 * See if this happened in the pop-up window or when accessing
888 * the SpellChecker options page.
889 * This is a dirty solution, I agree.
890 * TODO: make this prettier.
891 */
892 if (strstr($SCRIPT_NAME, "sqspell_options")){
893 sqspell_makePage(_("Error Decrypting Dictionary"),
894 "decrypt_error.js", $msg);
895 } else {
896 sqspell_makeWindow(null, _("Error Decrypting Dictionary"),
897 "decrypt_error.js", $msg);
898 }
899 exit;
900 }
901
902 /**
903 * SquirrelSpell version. Don't modify, since it identifies the format
904 * of the user dictionary files and messing with this can do ugly
905 * stuff. :)
906 * @global string $SQSPELL_VERSION
907 * @deprecated
908 */
909 $SQSPELL_VERSION="v0.3.8";