src/redirect.php

   1 <?php
   2
   3    /**
   4     **  redirect.php -- derived from webmail.php by Ralf Kraudelt
   5     **                                              kraude@wiwi.uni-rostock.de
   6     **
   7     **  Copyright (c) 1999-2000 ...
   8     **  Licensed under the GNU GPL. For full terms see the file COPYING.
   9     **
  10     **  prevents users from reposting their form data after a
  11     **  successful logout
  12     **
  13     **  $Id$
  14     **/
  15
  16    if (!isset($strings_php))
  17       include ("../functions/strings.php");
  18    include("../config/config.php");
  19
  20    // Before starting the session, the base URI must be known.
  21    // Assuming that this file is in the src/ subdirectory (or
  22    // something).
  23    ereg ("(^.*/)[^/]+/[^/]+$", $PHP_SELF, $regs);
  24    $base_uri = $regs[1];
  25
  26    header("Pragma: no-cache");
  27    $location = get_location();
  28
  29    session_set_cookie_params (0, $base_uri);
  30    session_start();
  31
  32    session_register ("base_uri");
  33
  34    if(!isset($login_username)) {
  35       exit;
  36    }
  37
  38    // Refresh the language cookie.
  39    if (isset($squirrelmail_language)) {
  40       setcookie("squirrelmail_language", $squirrelmail_language, time()+2592000);
  41    }
  42
  43
  44    include ("../config/config.php");
  45    include ("../functions/prefs.php");
  46    include ("../functions/imap.php");
  47    if (!isset($plugin_php))
  48       include ("../functions/plugin.php");
  49    if (!isset($auth_php))
  50       include ("../functions/auth.php");
  51    if (!isset($strings_php))
  52       include ("../functions/strings.php");
  53
  54    if (!session_is_registered("user_is_logged_in") || $logged_in != 1) {
  55       do_hook ("login_before");
  56
  57       $onetimepad = OneTimePadCreate(strlen($secretkey));
  58       $key = OneTimePadEncrypt($secretkey, $onetimepad);
  59       session_register("onetimepad");
  60       // verify that username and password are correct
  61       if ($force_username_lowercase)
  62           $login_username = strtolower($login_username);
  63       $imapConnection = sqimap_login($login_username, $key, $imapServerAddress, $imapPort, 0);
  64           if (!$imapConnection) {
  65                 exit;
  66           }
  67       sqimap_logout($imapConnection);
  68
  69       setcookie("username", $login_username, 0, $base_uri);
  70       setcookie("key", $key, 0, $base_uri);
  71       setcookie("logged_in", 1, 0, $base_uri);
  72       do_hook ("login_verified");
  73    }
  74
  75    session_register ("user_is_logged_in");
  76    $user_is_logged_in = true;
  77
  78    header("Location: $location/webmail.php");
  79 ?>