src/redirect.php

   1 <?php
   2
   3 /**
   4  * redirect.php
   5  * Derived from webmail.php by Ralf Kraudelt <kraude@wiwi.uni-rostock.de>
   6  *
   7  * Copyright (c) 1999-2002 The SquirrelMail Project Team
   8  * Licensed under the GNU GPL. For full terms see the file COPYING.
   9  *
  10  * Prevents users from reposting their form data after a successful logout.
  11  *
  12  * $Id$
  13  */
  14
  15 /*****************************************************************/
  16 /*** THIS FILE NEEDS TO HAVE ITS FORMATTING FIXED!!!           ***/
  17 /*** PLEASE DO SO AND REMOVE THIS COMMENT SECTION.             ***/
  18 /***    + Base level indent should begin at left margin, as    ***/
  19 /***      the require_once below looks.                        ***/
  20 /***    + All identation should consist of four space blocks   ***/
  21 /***    + Tab characters are evil.                             ***/
  22 /***    + all comments should use "slash-star ... star-slash"  ***/
  23 /***      style -- no pound characters, no slash-slash style   ***/
  24 /***    + FLOW CONTROL STATEMENTS (if, while, etc) SHOULD      ***/
  25 /***      ALWAYS USE { AND } CHARACTERS!!!                     ***/
  26 /***    + Please use ' instead of ", when possible. Note "     ***/
  27 /***      should always be used in _( ) function calls.        ***/
  28 /*** Thank you for your help making the SM code more readable. ***/
  29 /*****************************************************************/
  30
  31 require_once('../functions/i18n.php');
  32 require_once('../functions/strings.php');
  33 require_once('../config/config.php');
  34 require_once('../functions/prefs.php');
  35 require_once('../functions/imap.php');
  36 require_once('../functions/plugin.php');
  37 require_once('../functions/constants.php');
  38 require_once('../functions/page_header.php');
  39
  40 // Remove slashes if PHP added them
  41 if (get_magic_quotes_gpc()) {
  42     global $REQUEST_METHOD;
  43
  44     if ($REQUEST_METHOD == "POST") {
  45         global $HTTP_POST_VARS;
  46         RemoveSlashes($HTTP_POST_VARS);
  47     } else if ($REQUEST_METHOD == "GET") {
  48         global $HTTP_GET_VARS;
  49         RemoveSlashes($HTTP_GET_VARS);
  50     }
  51 }
  52
  53
  54 function attachment_common_parse($str, $debug) {
  55     global $attachment_common_types, $attachment_common_types_parsed;
  56
  57     $attachment_common_types_parsed[$str] = true;
  58     $types = explode(', ', $str);
  59
  60     foreach ($types as $val) {
  61         // Ignore the ";q=1.0" stuff
  62         if (strpos($val, ';') !== false)
  63             $val = substr($val, 0, strpos($val, ';'));
  64
  65         if (! isset($attachment_common_types[$val])) {
  66             $attachment_common_types[$val] = true;
  67         }
  68     }
  69 }
  70
  71
  72 /* Before starting the session, the base URI must be known. Assuming */
  73 /* that this file is in the src/ subdirectory (or something).        */
  74 ereg ("(^.*/)[^/]+/[^/]+$", $PHP_SELF, $regs);
  75 $base_uri = $regs[1];
  76
  77 header('Pragma: no-cache');
  78 $location = get_location();
  79
  80 session_set_cookie_params (0, $base_uri);
  81 session_start();
  82
  83 session_unregister ('user_is_logged_in');
  84 session_register ('base_uri');
  85
  86 if (! isset($squirrelmail_language) ||
  87     $squirrelmail_language == '' ) {
  88     $squirrelmail_language = $squirrelmail_default_language;
  89 }
  90 set_up_language($squirrelmail_language, true);
  91 /* Refresh the language cookie. */
  92 setcookie('squirrelmail_language', $squirrelmail_language, time()+2592000,$base_uri);
  93
  94 if (!isset($login_username)) {
  95     displayHtmlHeader( _("You must be logged in to access this page.") );
  96     echo "<BODY BGCOLOR=\"#ffffff\">\n" .
  97         "<BR>&nbsp;<BR>\n" .
  98         "<CENTER>\n" .
  99         '<B>' . _("You must be logged in to access this page.") . "</B><BR>" .
 100         '<A HREF="../src/login.php">'  . _("Go to the login page") . "</A>\n" .
 101         "</CENTER>\n" .
 102         "</BODY></HTML>\n";
 103     exit;
 104 }
 105
 106 if (!session_is_registered('user_is_logged_in')) {
 107     do_hook ('login_before');
 108
 109     $onetimepad = OneTimePadCreate(strlen($secretkey));
 110     $key = OneTimePadEncrypt($secretkey, $onetimepad);
 111     session_register('onetimepad');
 112
 113     /* Verify that username and password are correct. */
 114     if ($force_username_lowercase) {
 115         $login_username = strtolower($login_username);
 116     }
 117
 118     $imapConnection = sqimap_login($login_username, $key, $imapServerAddress, $imapPort, 0);
 119     if (!$imapConnection) {
 120         displayHtmlHeader( _("There was an error contacting the mail server.") );
 121         echo "<body bgcolor=\"#ffffff\">\n".
 122             "<br> <br>\n".
 123             "<center>\n".
 124             '<b>' . _("There was an error contacting the mail server.") . "</b><br>\n".
 125             _("Contact your administrator for help.") . "\n".
 126             "</center>\n".
 127             "</body></html>\n";
 128         exit;
 129     } else {
 130         $delimiter = sqimap_get_delimiter ($imapConnection);
 131     }
 132     sqimap_logout($imapConnection);
 133     session_register('delimiter');
 134
 135     $username = $login_username;
 136     session_register ('username');
 137     setcookie('key', $key, 0, $base_uri);
 138     do_hook ('login_verified');
 139
 140 }
 141
 142 /* Set the login variables. */
 143 $user_is_logged_in = true;
 144 $just_logged_in = true;
 145
 146 /* And register with them with the session. */
 147 session_register ('user_is_logged_in');
 148 session_register ('just_logged_in');
 149
 150 /* parse the accepted content-types of the client */
 151 $attachment_common_types = array();
 152 $attachment_common_types_parsed = array();
 153 session_register('attachment_common_types');
 154 session_register('attachment_common_types_parsed');
 155
 156 $debug = false;
 157 if (isset($HTTP_SERVER_VARS['HTTP_ACCEPT']) &&
 158     !isset($attachment_common_types_parsed[$HTTP_SERVER_VARS['HTTP_ACCEPT']]))
 159     attachment_common_parse($HTTP_SERVER_VARS['HTTP_ACCEPT'], $debug);
 160 if (isset($HTTP_ACCEPT) &&
 161     !isset($attachment_common_types_parsed[$HTTP_ACCEPT]))
 162     attachment_common_parse($HTTP_ACCEPT, $debug);
 163
 164
 165 /* Complete autodetection of Javascript. */
 166 $javascript_setting = getPref
 167     ($data_dir, $username, 'javascript_setting', SMPREF_JS_AUTODETECT);
 168 $js_autodetect_results = (isset($js_autodetect_results) ?
 169     $js_autodetect_results : SMPREF_JS_OFF);
 170 if ($javascript_setting == SMPREF_JS_AUTODETECT) {
 171     if ($js_autodetect_results == SMPREF_JS_ON) {
 172         setPref($data_dir, $username, 'javascript_on', SMPREF_JS_ON);
 173     } else {
 174         setPref($data_dir, $username, 'javascript_on', SMPREF_JS_OFF);
 175     }
 176 } else {
 177     setPref($data_dir, $username, 'javascript_on', SMPREF_JS_OFF);
 178 }
 179
 180 /* Compute the URL to forward the user to. */
 181 if(isset($rcptemail)) {
 182     $redirect_url = 'webmail.php?right_frame=compose.php&rcptaddress=';
 183     $redirect_url .= urlencode($rcptemail);
 184 } else {
 185     $redirect_url = 'webmail.php';
 186 }
 187
 188 /* Send them off to the appropriate page. */
 189 header("Location: $redirect_url");
 190
 191 ?>