Fix HTTPS detection under Windows IIS (#2318118)

[squirrelmail.git] / functions / strings.php

diff --git a/functions/strings.php b/functions/strings.php
index eff1ba661af8900a0782cdc0dcbbdd5779b749c9..1fcbd6dc9b7bfc5c8484e4d87f69cb12755f1fde 100644 (file)
--- a/functions/strings.php
+++ b/functions/strings.php
@@ -470,7 +470,8 @@ function readShortMailboxName($haystack, $needle) {
  */
 function get_location () {
 
  */
 function get_location () {
 

-    global $imap_server_type, $config_location_base;
+    global $imap_server_type, $config_location_base,
+           $is_secure_connection, $sq_ignore_http_x_forwarded_headers;

 
     /* Get the path, handle virtual directories */
     if(strpos(php_self(), '?')) {
 
     /* Get the path, handle virtual directories */
     if(strpos(php_self(), '?')) {


@@ -492,21 +493,13 @@ function get_location () {
 
     /* Check if this is a HTTPS or regular HTTP request. */
     $proto = 'http://';
 
     /* Check if this is a HTTPS or regular HTTP request. */
     $proto = 'http://';

-
-    /*
-     * If you have 'SSLOptions +StdEnvVars' in your apache config
-     *     OR if you have HTTPS=on in your HTTP_SERVER_VARS
-     *     OR if you are on port 443
-     */
-    $getEnvVar = getenv('HTTPS');
-    if ((isset($getEnvVar) && strcasecmp($getEnvVar, 'on') === 0) ||
-        (sqgetGlobalVar('HTTPS', $https_on, SQ_SERVER) && strcasecmp($https_on, 'on') === 0) ||
-        (sqgetGlobalVar('SERVER_PORT', $server_port, SQ_SERVER) &&  $server_port == 443)) {
+    if ($is_secure_connection)

         $proto = 'https://';
         $proto = 'https://';

-    }

 
     /* Get the hostname from the Host header or server config. */
 
     /* Get the hostname from the Host header or server config. */

-    if ( !sqgetGlobalVar('HTTP_X_FORWARDED_HOST', $host, SQ_SERVER) || empty($host) ) {
+    if ($sq_ignore_http_x_forwarded_headers
+     || !sqgetGlobalVar('HTTP_X_FORWARDED_HOST', $host, SQ_SERVER)
+     || empty($host)) {

         if ( !sqgetGlobalVar('HTTP_HOST', $host, SQ_SERVER) || empty($host) ) {
             if ( !sqgetGlobalVar('SERVER_NAME', $host, SQ_SERVER) || empty($host) ) {
                 $host = '';
         if ( !sqgetGlobalVar('HTTP_HOST', $host, SQ_SERVER) || empty($host) ) {
             if ( !sqgetGlobalVar('SERVER_NAME', $host, SQ_SERVER) || empty($host) ) {
                 $host = '';


@@ -518,7 +511,8 @@ function get_location () {
     if (! strstr($host, ':')) {
         if (sqgetGlobalVar('SERVER_PORT', $server_port, SQ_SERVER)) {
             if (($server_port != 80 && $proto == 'http://') ||
     if (! strstr($host, ':')) {
         if (sqgetGlobalVar('SERVER_PORT', $server_port, SQ_SERVER)) {
             if (($server_port != 80 && $proto == 'http://') ||

-                ($server_port != 443 && $proto == 'https://')) {
+                ($server_port != 443 && $proto == 'https://' &&
+                 strcasecmp($forwarded_proto, 'https') !== 0)) {

                 $port = sprintf(':%d', $server_port);
             }
         }
                 $port = sprintf(':%d', $server_port);
             }
         }


@@ -540,6 +534,32 @@ function get_location () {
 }
 
 
 }
 
 

+/**
+ * Get Message List URI
+ *
+ * @param string $mailbox      Current mailbox name (unencoded/raw)
+ * @param string $startMessage The mailbox page offset
+ * @param string $what         Any current search parameters (OPTIONAL; 
+ *                             default empty string)
+ *
+ * @return string The message list URI
+ *
+ * @since 1.5.2
+ *
+ */
+function get_message_list_uri($mailbox, $startMessage, $what='') {
+
+    global $base_uri;
+
+    $urlMailbox = urlencode($mailbox);
+
+    $list_xtra = "?where=read_body.php&what=$what&mailbox=" . $urlMailbox.
+                 "&startMessage=$startMessage";
+
+    return $base_uri .'src/right_main.php'. $list_xtra;
+}
+
+

 /**
  * Encrypts password
  *
 /**
  * Encrypts password
  *


@@ -604,83 +624,6 @@ function OneTimePadDecrypt ($string, $epad) {
     return $decrypted;
 }
 
     return $decrypted;
 }
 

-
-/**
- * Randomizes the mt_rand() function.
- *
- * Toss this in strings or integers and it will seed the generator
- * appropriately. With strings, it is better to get them long.
- * Use md5() to lengthen smaller strings.
- *
- * @param mixed $val a value to seed the random number generator. mixed = integer or string.
- * @return void
- * @since 1.0
- */
-function sq_mt_seed($Val) {
-    /* if mt_getrandmax() does not return a 2^n - 1 number,
-       this might not work well.  This uses $Max as a bitmask. */
-    $Max = mt_getrandmax();
-
-    if (! is_int($Val)) {
-            $Val = crc32($Val);
-    }
-
-    if ($Val < 0) {
-        $Val *= -1;
-    }
-
-    if ($Val == 0) {
-        return;
-    }
-
-    mt_srand(($Val ^ mt_rand(0, $Max)) & $Max);
-}
-
-
-/**
- * Init random number generator
- *
- * This function initializes the random number generator fairly well.
- * It also only initializes it once, so you don't accidentally get
- * the same 'random' numbers twice in one session.
- *
- * @return void
- * @since 1.0
- */
-function sq_mt_randomize() {
-    static $randomized;
-
-    if ($randomized) {
-        return;
-    }
-
-    /* Global. */
-    sqgetGlobalVar('REMOTE_PORT', $remote_port, SQ_SERVER);
-    sqgetGlobalVar('REMOTE_ADDR', $remote_addr, SQ_SERVER);
-    sq_mt_seed((int)((double) microtime() * 1000000));
-    sq_mt_seed(md5($remote_port . $remote_addr . getmypid()));
-
-    /* getrusage */
-    if (function_exists('getrusage')) {
-        /* Avoid warnings with Win32 */
-        $dat = @getrusage();
-        if (isset($dat) && is_array($dat)) {
-            $Str = '';
-            foreach ($dat as $k => $v)
-                {
-                    $Str .= $k . $v;
-                }
-            sq_mt_seed(md5($Str));
-        }
-    }
-
-    if(sqgetGlobalVar('UNIQUE_ID', $unique_id, SQ_SERVER)) {
-        sq_mt_seed(md5($unique_id));
-    }
-
-    $randomized = 1;
-}
-

 /**
  * Creates encryption key
  *
 /**
  * Creates encryption key
  *


@@ -693,8 +636,6 @@ function sq_mt_randomize() {
  * @since 1.0
  */
 function OneTimePadCreate ($length=100) {
  * @since 1.0
  */
 function OneTimePadCreate ($length=100) {

-    sq_mt_randomize();
-

     $pad = '';
     for ($i = 0; $i < $length; $i++) {
         $pad .= chr(mt_rand(0,255));
     $pad = '';
     for ($i = 0; $i < $length; $i++) {
         $pad .= chr(mt_rand(0,255));


@@ -712,11 +653,11 @@ function OneTimePadCreate ($length=100) {
  */
 function show_readable_size($bytes) {
     $bytes /= 1024;
  */
 function show_readable_size($bytes) {
     $bytes /= 1024;

-    $type = 'KiB';
+    $type = _("KiB");

 
     if ($bytes / 1024 > 1) {
         $bytes /= 1024;
 
     if ($bytes / 1024 > 1) {
         $bytes /= 1024;

-        $type = 'MiB';
+        $type = _("MiB");

     }
 
     if ($bytes < 10) {
     }
 
     if ($bytes < 10) {


@@ -758,8 +699,6 @@ function GenerateRandomString($size, $chars, $flags = 0) {
         return '';
     }
 
         return '';
     }
 

-    sq_mt_randomize(); /* Initialize the random number generator */
-

     $String = '';
     $j = strlen( $chars ) - 1;
     while (strlen($String) < $size) {
     $String = '';
     $j = strlen( $chars ) - 1;
     while (strlen($String) < $size) {