*
* This implements all functions that do general IMAP functions.
*
- * @copyright © 1999-2006 The SquirrelMail Project Team
+ * @copyright 1999-2021 The SquirrelMail Project Team
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
* @version $Id$
* @package squirrelmail
$message = $message[$tag];
$response = $response[$tag];
return $read[$tag];
+//FIXME: obey $handle_errors below!
} else {
global $squirrelmail_language, $color;
set_up_language($squirrelmail_language);
+//FIXME: NO HTML IN CORE!
$string = "<b><font color=\"$color[2]\">\n" .
_("ERROR: No available IMAP stream.") .
+//FIXME: NO HTML IN CORE!
"</b></font>\n";
error_box($string);
return false;
$message = $message[$tag];
if (!empty($read[$tag])) {
+ /* sqimap_read_data should be called for one response
+ but since it just calls sqimap_retrieve_imap_response
+ which handles multiple responses we need to check for
+ that and merge the $read[$tag] array IF they are
+ separated and IF it was a FETCH response. */
+
+ if (isset($read[$tag][1]) && is_array($read[$tag][1]) && isset($read[$tag][1][0])
+ && preg_match('/^\* \d+ FETCH/', $read[$tag][1][0])) {
+ $result = array();
+ foreach($read[$tag] as $index => $value) {
+ $result = array_merge($result, $read[$tag]["$index"]);
+ }
+ return $result;
+ }
+
return $read[$tag][0];
} else {
return $read[$tag];
}
+//FIXME: obey $handle_errors below!
} else {
global $squirrelmail_language, $color;
set_up_language($squirrelmail_language);
+//FIXME: NO HTML IN CORE!
$string = "<b><font color=\"$color[2]\">\n" .
_("ERROR: No available IMAP stream.") .
+//FIXME: NO HTML IN CORE!
"</b></font>\n";
error_box($string);
return false;
&$response, &$message, $query = '') {
global $color, $oTemplate, $squirrelmail_language;
set_up_language($squirrelmail_language);
+//FIXME: NO HTML IN CORE!
$string = "<b><font color=\"$color[2]\">\n" .
_("ERROR: Bad function call.") .
+//FIXME: NO HTML IN CORE!
"</b><br />\n" .
_("Reason:") . ' '.
'There is a plugin installed which make use of the <br />' .
'Please adapt the installed plugin and let it use<br />'.
'sqimap_run_command or sqimap_run_command_list instead<br /><br />'.
'The following query was issued:<br />'.
- htmlspecialchars($query) . '<br />' . "</font><br />\n";
+//FIXME: NO HTML IN CORE!
+ sm_encode_html_special_chars($query) . '<br />' . "</font><br />\n";
error_box($string);
$oTemplate->display('footer.tpl');
exit;
global $color, $squirrelmail_language;
set_up_language($squirrelmail_language);
+//FIXME: NO HTML IN CORE!
$string = "<font color=\"$color[2]\"><b>\n" . $title . "</b><br />\n";
$cmd = explode(' ',$query);
$cmd= strtolower($cmd[0]);
if ($query != '' && $cmd != 'login')
- $string .= _("Query:") . ' ' . htmlspecialchars($query) . '<br />';
+ $string .= _("Query:") . ' ' . sm_encode_html_special_chars($query) . '<br />';
if ($message_title != '')
$string .= $message_title;
if ($message != '')
- $string .= htmlspecialchars($message);
+ $string .= sm_encode_html_special_chars($message);
+//FIXME: NO HTML IN CORE!
$string .= "</font><br />\n";
if ($link != '')
$string .= $link;
$read = '';
if (!is_array($message)) $message = array();
if (!is_array($response)) $response = array();
- $aResponse = '';
+ $aResponse = array();
$resultlist = array();
$data = array();
$sCommand = '';
$read = sqimap_fgets($imap_stream);
$i = 0;
while ($read) {
- $char = $read{0};
+ $char = $read[0];
switch ($char)
{
case '+':
$read = sqimap_fgets($imap_stream);
break;
- case $tag{0}:
+ case $tag[0]:
{
/* get the command */
$arg = '';
break 2; /* switch while */
}
break;
- } // end case $tag{0}
+ } // end case $tag[0]
case '*':
{
we prohibid that literal responses appear in the
outer loop so we can trust the untagged and
tagged info provided by $read */
+ $read_literal = false;
if ($s === "}\r\n") {
$j = strrpos($read,'{');
$iLit = substr($read,$j+1,-3);
if ($read === false) { /* error */
break 4; /* while while switch while */
}
- $fetch_data[] = $read;
+ $s = substr($read,-3);
+ $read_literal = true;
+ continue;
} else {
$fetch_data[] = $read;
}
break 4; /* while while switch while */
}
/* check for next untagged reponse and break */
- if ($read{0} == '*') break 2;
+ if ($read[0] == '*') break 2;
$s = substr($read,-3);
- } while ($s === "}\r\n");
+ } while ($s === "}\r\n" || $read_literal);
$s = substr($read,-3);
- } while ($read{0} !== '*' &&
+ } while ($read[0] !== '*' &&
substr($read,0,strlen($tag)) !== $tag);
$resultlist[] = $fetch_data;
/* release not neaded data */
if ($s === "}\r\n") {
$j = strrpos($read,'{');
$iLit = substr($read,$j+1,-3);
- $data[] = $read;
- $sLiteral = fread($imap_stream,$iLit);
- if ($sLiteral === false) { /* error */
- $read = false;
- break 3; /* while switch while */
+ // check for numeric value to avoid that untagged responses like:
+ // * OK [PARSE] Unexpected characters at end of address: {SET:debug=51}
+ // will trigger literal fetching ({SET:debug=51} !== int )
+ if (is_numeric($iLit)) {
+ $data[] = $read;
+ $sLiteral = fread($imap_stream,$iLit);
+ if ($sLiteral === false) { /* error */
+ $read = false;
+ break 3; /* while switch while */
+ }
+ $data[] = $sLiteral;
+ $data[] = sqimap_fgets($imap_stream);
+ } else {
+ $data[] = $read;
}
- $data[] = $sLiteral;
- $data[] = sqimap_fgets($imap_stream);
} else {
$data[] = $read;
}
$read = sqimap_fgets($imap_stream);
if ($read === false) {
break 3; /* while switch while */
- } else if ($read{0} == '*') {
+ } else if ($read[0] == '*') {
break;
}
$s = substr($read,-3);
$query = '';
}
sqimap_error_box(_("ERROR: IMAP server closed the connection."), $query, _("Server responded:"),$sResponse);
+//FIXME: NO HTML IN CORE!
echo '</body></html>';
exit;
} else if ($handle_errors) {
case 'NO':
/* ignore this error from M$ exchange, it is not fatal (aka bug) */
if (strstr($message[$tag], 'command resulted in') === false) {
+ sqsession_register('NO', 'IMAP_FATAL_ERROR_TYPE');
+ sqsession_register($query, 'IMAP_FATAL_ERROR_QUERY');
+ sqsession_register($message[$tag], 'IMAP_FATAL_ERROR_MESSAGE');
sqimap_error_box(_("ERROR: Could not complete request."), $query, _("Reason Given:") . ' ', $message[$tag]);
echo '</body></html>';
exit;
}
break;
case 'BAD':
+ sqsession_register('BAD', 'IMAP_FATAL_ERROR_TYPE');
+ sqsession_register($query, 'IMAP_FATAL_ERROR_QUERY');
+ sqsession_register($message[$tag], 'IMAP_FATAL_ERROR_MESSAGE');
sqimap_error_box(_("ERROR: Bad or malformed request."), $query, _("Server responded:") . ' ', $message[$tag]);
+//FIXME: NO HTML IN CORE!
echo '</body></html>';
exit;
case 'BYE':
+ sqsession_register('BYE', 'IMAP_FATAL_ERROR_TYPE');
+ sqsession_register($query, 'IMAP_FATAL_ERROR_QUERY');
+ sqsession_register($message[$tag], 'IMAP_FATAL_ERROR_MESSAGE');
sqimap_error_box(_("ERROR: IMAP server closed the connection."), $query, _("Server responded:") . ' ', $message[$tag]);
+//FIXME: NO HTML IN CORE!
echo '</body></html>';
exit;
default:
+ sqsession_register('UNKNOWN', 'IMAP_FATAL_ERROR_TYPE');
+ sqsession_register($query, 'IMAP_FATAL_ERROR_QUERY');
+ sqsession_register($message[$tag], 'IMAP_FATAL_ERROR_MESSAGE');
sqimap_error_box(_("ERROR: Unknown IMAP response."), $query, _("Server responded:") . ' ', $message[$tag]);
/* the error is displayed but because we don't know the reponse we
return the result anyway */
* @param int port port number to connect to
* @param integer $tls whether to use plain text(0), TLS(1) or STARTTLS(2) when connecting.
* Argument was boolean before 1.5.1.
+ * @param array $stream_options Stream context options, see config_local.php
+ * for more details (OPTIONAL)
* @return imap-stream resource identifier
* @since 1.5.0 (usable only in 1.5.1 or later)
*/
-function sqimap_create_stream($server,$port,$tls=0) {
+function sqimap_create_stream($server,$port,$tls=0,$stream_options=array()) {
global $squirrelmail_language;
if (strstr($server,':') && ! preg_match("/^\[.*\]$/",$server)) {
$server = '['.$server.']';
}
+ // NB: Using "ssl://" ensures the highest possible TLS version
+ // will be negotiated with the server (whereas "tls://" only
+ // uses TLS version 1.0)
+ //
if ($tls == 1) {
if ((check_php_version(4,3)) and (extension_loaded('openssl'))) {
- /* Use TLS by prefixing "tls://" to the hostname */
- $server = 'tls://' . $server;
+ if (function_exists('stream_socket_client')) {
+ $server_address = 'ssl://' . $server . ':' . $port;
+ $ssl_context = @stream_context_create($stream_options);
+ $connect_timeout = ini_get('default_socket_timeout');
+ // null timeout is broken
+ if ($connect_timeout == 0)
+ $connect_timeout = 15;
+ $imap_stream = @stream_socket_client($server_address, $error_number, $error_string, $connect_timeout, STREAM_CLIENT_CONNECT, $ssl_context);
+ } else {
+ $imap_stream = @fsockopen('ssl://' . $server, $port, $error_number, $error_string, 15);
+ }
} else {
require_once(SM_PATH . 'functions/display_messages.php');
logout_error( sprintf(_("Error connecting to IMAP server: %s."), $server).
_("Please contact your system administrator and report this error."),
sprintf(_("Error connecting to IMAP server: %s."), $server));
}
+ } else {
+ $imap_stream = @fsockopen($server, $port, $error_number, $error_string, 15);
}
- $imap_stream = @fsockopen($server, $port, $error_number, $error_string, 15);
/* Do some error correction */
if (!$imap_stream) {
set_up_language($squirrelmail_language, true);
require_once(SM_PATH . 'functions/display_messages.php');
logout_error( sprintf(_("Error connecting to IMAP server: %s."), $server).
+//FIXME: NO HTML IN CORE!
"<br />\r\n$error_number : $error_string<br />\r\n",
sprintf(_("Error connecting to IMAP server: %s."), $server) );
exit;
/**
* Logs the user into the IMAP server. If $hide is set, no error messages
- * will be displayed. This function returns the IMAP connection handle.
+ * will be displayed (if set to 1, just exits, if set to 2, returns FALSE).
+ * This function returns the IMAP connection handle.
* @param string $username user name
- * @param string $password password encrypted with onetimepad. Since 1.5.2
- * function can use internal password functions, if parameter is set to
- * boolean false.
+ * @param string $password password encrypted with onetimepad. Since 1.5.2
+ * function can use internal password functions, if parameter is set to
+ * boolean false.
* @param string $imap_server_address address of imap server
* @param integer $imap_port port of imap server
- * @param boolean $hide controls display connection errors
- * @return stream
+ * @param int $hide controls display connection errors:
+ * 0 = do not hide
+ * 1 = show no errors (just exit)
+ * 2 = show no errors (return FALSE)
+ * 3 = show no errors (return error string)
+ * @param array $stream_options Stream context options, see config_local.php
+ * for more details (OPTIONAL)
+ * @return mixed The IMAP connection stream, or if the connection fails,
+ * FALSE if $hide is set to 2 or an error string if $hide
+ * is set to 3.
*/
-function sqimap_login ($username, $password, $imap_server_address, $imap_port, $hide) {
+function sqimap_login ($username, $password, $imap_server_address,
+ $imap_port, $hide, $stream_options=array()) {
global $color, $squirrelmail_language, $onetimepad, $use_imap_tls,
- $imap_auth_mech, $sqimap_capabilities;
+ $imap_auth_mech, $sqimap_capabilities, $display_imap_login_error;
+
+ // Note/TODO: This hack grabs the $authz argument from the session. In the short future,
+ // a new argument in function sqimap_login() will be used instead.
+ $authz = '';
+ global $authz;
+ sqgetglobalvar('authz' , $authz , SQ_SESSION);
+
+ if(!empty($authz)) {
+ /* authz plugin - specific:
+ * Get proxy login parameters from authz plugin configuration. If they
+ * exist, they will override the current ones.
+ * This is useful if we want to use different SASL authentication mechanism
+ * and/or different TLS settings for proxy logins. */
+ global $authz_imap_auth_mech, $authz_use_imap_tls, $authz_imapPort_tls;
+ $imap_auth_mech = !empty($authz_imap_auth_mech) ? strtolower($authz_imap_auth_mech) : $imap_auth_mech;
+ $use_imap_tls = !empty($authz_use_imap_tls)? $authz_use_imap_tls : $use_imap_tls;
+ $imap_port = !empty($authz_use_imap_tls)? $authz_imapPort_tls : $imap_port;
+
+ if($imap_auth_mech == 'login' || $imap_auth_mech == 'cram-md5') {
+ logout_error("Misconfigured Plugin (authz or equivalent):<br/>".
+ "The LOGIN and CRAM-MD5 authentication mechanisms cannot be used when attempting proxy login.");
+ exit;
+ }
+ }
/* get imap login password */
if ($password===false) {
}
if (!isset($sqimap_capabilities)) {
- sqgetglobalvar('sqimap_capabilities' , $capability , SQ_SESSION );
+ sqgetglobalvar('sqimap_capabilities' , $sqimap_capabilities , SQ_SESSION );
}
$host = $imap_server_address;
$imap_server_address = sqimap_get_user_server($imap_server_address, $username);
- $imap_stream = sqimap_create_stream($imap_server_address,$imap_port,$use_imap_tls);
+ $imap_stream = sqimap_create_stream($imap_server_address,$imap_port,$use_imap_tls,$stream_options);
if (($imap_auth_mech == 'cram-md5') OR ($imap_auth_mech == 'digest-md5')) {
// We're using some sort of authentication OTHER than plain or login
// Got a challenge back
$challenge=$response[1];
if ($imap_auth_mech == 'digest-md5') {
- $reply = digest_md5_response($username,$password,$challenge,'imap',$host);
+ $reply = digest_md5_response($username,$password,$challenge,'imap',$host,$authz);
} elseif ($imap_auth_mech == 'cram-md5') {
$reply = cram_md5_response($username,$password,$challenge);
}
$read = sqimap_run_command ($imap_stream, $query, false, $response, $message);
} elseif ($imap_auth_mech == 'plain') {
/***
- * SASL PLAIN
- *
- * RFC 2595 Chapter 6
- *
- * The mechanism consists of a single message from the client to the
- * server. The client sends the authorization identity (identity to
- * login as), followed by a US-ASCII NUL character, followed by the
- * authentication identity (identity whose password will be used),
- * followed by a US-ASCII NUL character, followed by the clear-text
- * password. The client may leave the authorization identity empty to
- * indicate that it is the same as the authentication identity.
+ * SASL PLAIN, RFC 4616 (updates 2595)
*
- **/
+ * The mechanism consists of a single message, a string of [UTF-8]
+ * encoded [Unicode] characters, from the client to the server. The
+ * client presents the authorization identity (identity to act as),
+ * followed by a NUL (U+0000) character, followed by the authentication
+ * identity (identity whose password will be used), followed by a NUL
+ * (U+0000) character, followed by the clear-text password. As with
+ * other SASL mechanisms, the client does not provide an authorization
+ * identity when it wishes the server to derive an identity from the
+ * credentials and use that as the authorization identity.
+ */
$tag=sqimap_session_id(false);
- $sasl = (isset($capability['SASL-IR']) && $capability['SASL-IR']) ? true : false;
- $auth = base64_encode("$username\0$username\0$password");
+ $sasl = (isset($sqimap_capabilities['SASL-IR']) && $sqimap_capabilities['SASL-IR']) ? true : false;
+ if(!empty($authz)) {
+ $auth = base64_encode("$username\0$authz\0$password");
+ } else {
+ $auth = base64_encode("$username\0$username\0$password");
+ }
if ($sasl) {
// IMAP Extension for SASL Initial Client Response
// <draft-siemborski-imap-sasl-initial-response-01b.txt>
$results=explode(" ",$read,3);
$response=$results[1];
$message=$results[2];
+
} else {
$response="BAD";
$message="Internal SquirrelMail error - unknown IMAP authentication method chosen. Please contact the developers.";
/* If the connection was not successful, lets see why */
if ($response != 'OK') {
- if (!$hide) {
+ if (!$hide || $hide == 3) {
+//FIXME: UUURG... We don't want HTML in error messages, should also do html sanitizing of error messages elsewhere; should't assume output is destined for an HTML browser here
if ($response != 'NO') {
/* "BAD" and anything else gets reported here. */
- $message = htmlspecialchars($message);
+ $message = sm_encode_html_special_chars($message);
set_up_language($squirrelmail_language, true);
if ($response == 'BAD') {
+ if ($hide == 3) return sprintf(_("Bad request: %s"), $message);
$string = sprintf (_("Bad request: %s")."<br />\r\n", $message);
} else {
+ if ($hide == 3) return sprintf(_("Unknown error: %s"), $message);
$string = sprintf (_("Unknown error: %s") . "<br />\n", $message);
}
if (isset($read) && is_array($read)) {
$string .= '<br />' . _("Read data:") . "<br />\n";
foreach ($read as $line) {
- $string .= htmlspecialchars($line) . "<br />\n";
+ $string .= sm_encode_html_special_chars($line) . "<br />\n";
}
}
error_box($string);
set_up_language($squirrelmail_language, true);
sqsession_destroy();
- sqsetcookieflush();
+
/* terminate the session nicely */
sqimap_logout($imap_stream);
- logout_error( _("Unknown user or password incorrect.") );
+
+ // determine what error message to use
+ //
+ $fail_msg = _("Unknown user or password incorrect.");
+ if ($display_imap_login_error) {
+ // See if there is an error message from the server
+ // Skip any rfc5530 response code: '[something]' at the
+ // start of the message
+ if (!empty($message)
+ && $message[0] == '['
+ && ($end = strstr($message, ']'))
+ && $end != ']') {
+ $message = substr($end, 1);
+ }
+ // Remove surrounding spaces and if there
+ // is anything left, display that as the
+ // error message:
+ $message = trim($message);
+ if (strlen($message))
+ $fail_msg = _($message);
+ }
+
+ if ($hide == 3) return $fail_msg;
+ logout_error($fail_msg);
exit;
}
} else {
+ if ($hide == 2) return FALSE;
exit;
}
}
exit;
}
+ // Run ID command if configured - RFC 2971
+ //
+ // Administrator must declare a configuration variable called
+ // $imap_id_command_args in config/config_local.php which must
+ // be an array, where each key is an attibute to be sent in the
+ // IMAP ID command to the server. Values will be sent as-is
+ // except if the value is "###REMOTE ADDRESS###" (without quotes)
+ // in which case the current user's real IP address will be
+ // substituted. If "###X-FORWARDED-FOR###" is used and a
+ // "X-FORWARDED-FOR" header is present in the client request,
+ // the contents of that header are used (careful, this can be
+ // forged). If "###X-FORWARDED-FOR OR REMOTE ADDRESS###" is
+ // used, then the "X-FORWARDED-FOR" header is used if it is
+ // present in the request, otherwise, the client's connecting
+ // IP address is used. The following attributes will always be
+ // added unless they are specifically overridden with a blank
+ // value:
+ // name, vendor, support-url, version
+ // A parsed representation of server's response is made available
+ // to plugins as both a global and session variable named
+ // "imap_server_id_response" (a simple key/value array) unless
+ // response parsing is turned off by way of setting a variable
+ // named $do_not_parse_imap_id_command_response in
+ // config/config_local.php to TRUE, in which case, the stored
+ // response will be the unparsed IMAP response.
+ //
+ global $imap_id_command_args, $do_not_parse_imap_id_command_response;
+ if (!empty($imap_id_command_args) && is_array($imap_id_command_args)
+ && sqimap_capability($imap_stream, 'ID')) {
+
+ static $args = array();
+ if (empty($args)) {
+ if (!isset($imap_id_command_args['name']))
+ $imap_id_command_args['name'] = 'SquirrelMail';
+ if (!isset($imap_id_command_args['vendor']))
+ $imap_id_command_args['vendor'] = 'SquirrelMail Project Team';
+ if (!isset($imap_id_command_args['support-url']))
+ $imap_id_command_args['support-url'] = 'https://squirrelmail.org';
+ if (!isset($imap_id_command_args['version'])) {
+ $imap_id_command_args['version'] = SM_VERSION;
+ }
+ foreach ($imap_id_command_args as $key => $value) {
+ $key = trim($key);
+ $value = trim($value);
+ if ($key === '' || $value === '')
+ continue;
+ if ($value === '###REMOTE ADDRESS###' && sqGetGlobalVar('REMOTE_ADDR', $remote_addr, SQ_SERVER))
+ $value = $remote_addr;
+ else if ($value === '###X-FORWARDED-FOR###' && sqGetGlobalVar('HTTP_X_FORWARDED_FOR', $remote_addr, SQ_SERVER))
+ $value = $remote_addr;
+ else if ($value === '###X-FORWARDED-FOR OR REMOTE ADDRESS###') {
+ if (sqGetGlobalVar('HTTP_X_FORWARDED_FOR', $remote_addr, SQ_SERVER))
+ $value = $remote_addr;
+ else if (sqGetGlobalVar('REMOTE_ADDR', $remote_addr, SQ_SERVER))
+ $value = $remote_addr;
+ }
+ else if ($value === '###REMOTE ADDRESS###' && sqGetGlobalVar('REMOTE_ADDR', $remote_addr, SQ_SERVER)) {
+ $value = $remote_addr;
+ }
+ $args[] = '"' . str_replace(array('"', '\\'), array('\\"', '\\\\'), $key)
+ . '" "' . str_replace(array('"', '\\'), array('\\"', '\\\\'), $value) . '"';
+ }
+ }
+ $read_ary = sqimap_run_command($imap_stream, 'ID (' . implode(' ', $args) . ')', false, $response, $message);
+ if (!empty($read_ary) && is_array($read_ary)) {
+ global $imap_server_id_response;
+ if ($do_not_parse_imap_id_command_response)
+ $imap_server_id_response = $read_ary;
+ else
+ {
+ $imap_server_id_response = array();
+
+ // NOTE that this parser ignores closing ) sign, so
+ // technically some kind of malformed server
+ // response could cause extra junk to be included here
+ foreach ($read_ary as $info)
+ {
+ $parsed_info = explode('(', $info, 2);
+ if (!empty($parsed_info[1]))
+ {
+ // find opening quote for the next key name
+ while ($parsed_info = explode('"', $parsed_info[1], 2))
+ {
+ if (empty($parsed_info[1]))
+ break;
+ else
+ {
+ // find closing quote for the key name
+ $pos = strpos($parsed_info[1], '"');
+ if ($pos === FALSE)
+ break;
+ else
+ {
+ $key = substr($parsed_info[1], 0, $pos);
+ $parsed_info[1] = substr($parsed_info[1], $pos + 1);
+
+ // find opening quote for the key's value
+ $parsed_info = explode('"', $parsed_info[1], 2);
+ if (empty($parsed_info[1]))
+ break;
+ else
+ {
+ // find closing quote for the key's value
+ $pos = strpos($parsed_info[1], '"');
+ if ($pos === FALSE)
+ break;
+ else
+ {
+ $imap_server_id_response[$key] = substr($parsed_info[1], 0, $pos);
+ $parsed_info[1] = substr($parsed_info[1], $pos + 1);
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ sqsession_register($imap_server_id_response, 'imap_server_id_response');
+ }
+ }
+
return $imap_stream;
}
function sqimap_logout ($imap_stream) {
/* Logout is not valid until the server returns 'BYE'
* If we don't have an imap_ stream we're already logged out */
- if(isset($imap_stream) && $imap_stream)
+ if(isset($imap_stream) && $imap_stream) {
sqimap_run_command($imap_stream, 'LOGOUT', false, $response, $message);
+ fclose($imap_stream);
+ }
}
/**
/* Do some caching here */
if (!$sqimap_delimiter) {
- if (sqimap_capability($imap_stream, 'NAMESPACE')) {
+ if (sqimap_capability($imap_stream, 'NAMESPACE')
/*
* According to something that I can't find, this is supposed to work on all systems
* OS: This won't work in Courier IMAP.
* OS: According to rfc2342 response from NAMESPACE command is:
* OS: * NAMESPACE (PERSONAL NAMESPACES) (OTHER_USERS NAMESPACE) (SHARED NAMESPACES)
* OS: We want to lookup all personal NAMESPACES...
+ *
+ * TODO: remove this in favour of the information from sqimap_get_namespace()
*/
- $read = sqimap_run_command($imap_stream, 'NAMESPACE', true, $a, $b);
- if (eregi('\\* NAMESPACE +(\\( *\\(.+\\) *\\)|NIL) +(\\( *\\(.+\\) *\\)|NIL) +(\\( *\\(.+\\) *\\)|NIL)', $read[0], $data)) {
- if (eregi('^\\( *\\((.*)\\) *\\)', $data[1], $data2)) {
- $pn = $data2[1];
- }
- $pna = explode(')(', $pn);
- while (list($k, $v) = each($pna)) {
- $lst = explode('"', $v);
- if (isset($lst[3])) {
- $pn[$lst[1]] = $lst[3];
- } else {
- $pn[$lst[1]] = '';
- }
+ && ($read = sqimap_run_command($imap_stream, 'NAMESPACE', true, $a, $b))
+ && preg_match('/\* NAMESPACE +(\( *\(.+\) *\)|NIL) +(\( *\(.+\) *\)|NIL) +(\( *\(.+\) *\)|NIL)/i', $read[0], $data)
+ && preg_match('/^\( *\((.*)\) *\)/', $data[1], $data2)) {
+ $pn = $data2[1];
+ $pna = explode(')(', $pn);
+ $delnew = array();
+ foreach ($pna as $v) {
+ $lst = explode('"', $v);
+ if (isset($lst[3])) {
+ $delnew[$lst[1]] = $lst[3];
+ } else {
+ $delnew[$lst[1]] = '';
}
}
- $sqimap_delimiter = $pn[0];
+ $sqimap_delimiter = array_shift($delnew);
} else {
fputs ($imap_stream, ". LIST \"INBOX\" \"\"\r\n");
$read = sqimap_read_data($imap_stream, '.', true, $a, $b);
return $sqimap_delimiter;
}
+/**
+ * Retrieves the namespaces from the IMAP server.
+ * NAMESPACE is an IMAP extension defined in RFC 2342.
+ *
+ * @param stream $imap_stream
+ * @return array
+ */
+function sqimap_get_namespace($imap_stream) {
+ $read = sqimap_run_command($imap_stream, 'NAMESPACE', true, $a, $b);
+ return sqimap_parse_namespace($read[0]);
+}
+
+/**
+ * Parses a NAMESPACE response and returns an array with the available
+ * personal, users and shared namespaces.
+ *
+ * @param string $input
+ * @return array The returned array has the following format:
+ * <pre>
+ * array(
+ * 'personal' => array(
+ * 0 => array('prefix'=>'INBOX.','delimiter' =>'.'),
+ * 1 => ...
+ * ),
+ * 'users' => array(..
+ * ),
+ * 'shared' => array( ..
+ * )
+ * )
+ * </pre>
+ * Note that if a namespace is not defined in the server, then the corresponding
+ * array will be empty.
+ */
+function sqimap_parse_namespace(&$input) {
+ $ns_strings = array(1=>'personal', 2=>'users', 3=>'shared');
+ $namespace = array();
+
+ if (preg_match('/NAMESPACE (\(\(.*\)\)|NIL) (\(\(.*\)\)|NIL) (\(\(.*\)\)|NIL)/', $input, $regs)) {
+ for($i=1; $i<=3; $i++) {
+ if($regs[$i] == 'NIL') {
+ $namespace[$ns_strings[$i]] = array();
+ } else {
+ // Pop-out the first ( and last ) for easier parsing
+ $ns = substr($regs[$i], 1, sizeof($regs[$i])-2);
+ if($c = preg_match_all('/\((?:(.*?)\s*?)\)/', $ns, $regs2)) {
+ $namespace[$ns_strings[$i]] = array();
+ for($j=0; $j<sizeof($regs2[1]); $j++) {
+ preg_match('/"(.*)"\s+("(.*)"|NIL)/', $regs2[1][$j], $regs3);
+ $namespace[$ns_strings[$i]][$j]['prefix'] = $regs3[1];
+ if($regs3[2] == 'NIL') {
+ $namespace[$ns_strings[$i]][$j]['delimiter'] = null;
+ } else {
+ // $regs[3] is $regs[2] without the quotes
+ $namespace[$ns_strings[$i]][$j]['delimiter'] = $regs3[3];
+ }
+ unset($regs3);
+ }
+ }
+ unset($ns);
+ }
+ }
+ }
+ return($namespace);
+}
+
/**
* This encodes a mailbox name for use in IMAP commands.
* @param string $what the mailbox to encode
*/
function sqimap_encode_mailbox_name($what)
{
- if (ereg("[\"\\\r\n]", $what))
+ if (preg_match('/["\\\r\n]/', $what))
return '{' . strlen($what) . "}\r\n" . $what; /* 4.3 literal form */
return '"' . $what . '"'; /* 4.3 quoted string form */
}
if (!empty($hook_status)) {
$hook_status['MAILBOX']=$mailbox;
$hook_status['CALLER']='sqimap_status_messages';
- do_hook_function('folder_status',$hook_status);
+ do_hook('folder_status', $hook_status);
}
return $status;
}
if ($sid) {
$imapsid = $sid;
}
- if ($response{0} == '+') {
+ if ($response[0] == '+') {
// continuation request triggerd by sqimap_append()
$bDone = true;
} else {
if ($sRsp == 'NO' || $sRsp == 'BAD') {
// for the moment disabled. Enable after 1.5.1 release.
// Notices could give valueable information about the mailbox
- // sqm_trigger_imap_error('SQM_IMAP_APPEND_NOTICE',$imapquery,$sRsp,$sMsg);
+ // Update: seems this was forgotten, but now it is finally enabled
+ sqm_trigger_imap_error('SQM_IMAP_APPEND_NOTICE',$imapquery,$sRsp,$sMsg);
}
$bDone = false;
case $imapsid:
* @since 1.3.0
*/
function map_yp_alias($username) {
- $yp = `ypmatch $username aliases`;
+ $safe_username = escapeshellarg($username);
+ $yp = `ypmatch $safe_username aliases`;
return chop(substr($yp, strlen($username)+1));
}
-
-?>
\ No newline at end of file