/**
* This is a development version so in order to track programmer mistakes we
* set the error reporting to E_ALL
+FIXME: disabling this for now, because we now have $sm_debug_mode, but the problem with that is that we don't know what it will be until we have loaded the config file, a good 175 lines below after several important files have been included, etc. For now, we'll trust that developers have turned on E_ALL in php.ini anyway, but this can be uncommented if not.
*/
-error_reporting(E_ALL);
+//error_reporting(E_ALL);
+
/**
$color[15] = '#002266'; /* (dark blue) Unselectable folders */
$color[16] = '#ff9933'; /* (orange) Highlight color */
+require(SM_PATH . 'include/constants.php');
require(SM_PATH . 'functions/global.php');
require(SM_PATH . 'functions/strings.php');
require(SM_PATH . 'functions/arrays.php');
require(SM_PATH . 'config/config_local.php');
}
+
+/**
+ * Set PHP error reporting level based on the SquirrelMail debug mode
+ */
+$error_level = 0;
+if ($sm_debug_mode & SM_DEBUG_MODE_SIMPLE)
+ $error_level |= E_ERROR;
+if ($sm_debug_mode & SM_DEBUG_MODE_MODERATE
+ || $sm_debug_mode & SM_DEBUG_MODE_ADVANCED)
+ $error_level |= E_ALL;
+if ($sm_debug_mode & SM_DEBUG_MODE_STRICT)
+ $error_level |= E_STRICT;
+error_reporting($error_level);
+
+
require(SM_PATH . 'functions/plugin.php');
-require(SM_PATH . 'include/constants.php');
require(SM_PATH . 'include/languages.php');
require(SM_PATH . 'class/template/Template.class.php');
require(SM_PATH . 'class/error.class.php');
/* if running with magic_quotes_gpc then strip the slashes
from POST and GET global arrays */
-if (get_magic_quotes_gpc()) {
+if (function_exists('get_magic_quotes_gpc') && @get_magic_quotes_gpc()) {
sqstripslashes($_GET);
sqstripslashes($_POST);
}
if (!empty($_SESSION))
$_SESSION = array();
+ /**
+ * Allow administrators to define custom session handlers
+ * for SquirrelMail without needing to change anything in
+ * php.ini (application-level).
+ *
+ * In config_local.php, admin needs to put:
+ *
+ * $custom_session_handlers = array(
+ * 'my_open_handler',
+ * 'my_close_handler',
+ * 'my_read_handler',
+ * 'my_write_handler',
+ * 'my_destroy_handler',
+ * 'my_gc_handler',
+ * );
+ * session_module_name('user');
+ * session_set_save_handler(
+ * $custom_session_handlers[0],
+ * $custom_session_handlers[1],
+ * $custom_session_handlers[2],
+ * $custom_session_handlers[3],
+ * $custom_session_handlers[4],
+ * $custom_session_handlers[5]
+ * );
+ *
+ * We need to replicate that code once here because PHP has
+ * long had a bug that resets the session handler mechanism
+ * when the session data is also destroyed. Because of this
+ * bug, even administrators who define custom session handlers
+ * via a PHP pre-load defined in php.ini (auto_prepend_file)
+ * will still need to define the $custom_session_handlers array
+ * in config_local.php.
+ */
+ global $custom_session_handlers;
+ if (!empty($custom_session_handlers)) {
+ $open = $custom_session_handlers[0];
+ $close = $custom_session_handlers[1];
+ $read = $custom_session_handlers[2];
+ $write = $custom_session_handlers[3];
+ $destroy = $custom_session_handlers[4];
+ $gc = $custom_session_handlers[5];
+ session_module_name('user');
+ session_set_save_handler($open, $close, $read, $write, $destroy, $gc);
+ }
+
sqsession_is_active();
session_regenerate_id();
/* load prefs system; even when user not logged in, should be OK to do this here */
require(SM_PATH . 'functions/prefs.php');
+// FIXME: config/plugin_hooks.php has not yet been loaded (see a few lines below); so this hook call should I think not be working -- has anyone actually tested it? Is there any reason we cannot move this prefs code block down below "MAIN PLUGIN LOADING CODE HERE" (see below)? Reading the code, I *think* it should be OK, but.... Also, note that this code would then be placed immediately next to the config_override hook, and since it makes little sense to execute two hooks in a row, I will propose removing config_override (although sadly, it is less clear to plugin authors that they should use the prefs_backend hook to do any configuration override work in their plugin)
$prefs_backend = do_hook('prefs_backend', $null);
if (isset($prefs_backend) && !empty($prefs_backend) && file_exists(SM_PATH . $prefs_backend)) {
require(SM_PATH . $prefs_backend);
*
* Code can be utilized when session is started, but data is not loaded.
* We have already loaded configuration and other important vars. Can't
- * clean session globals here.
+ * clean session globals here, beside, the cleanout of globals at the
+ * top of this file will have removed anything this code would find anyway.
if ((bool) @ini_get('register_globals') &&
strtolower(ini_get('register_globals'))!='off') {
foreach ($_SESSION as $key => $value) {
/**
- * Do something special for some pages. This is based on the PAGE_NAME constand
+ * Do something special for some pages. This is based on the PAGE_NAME constant
* set at the top of every page.
*/
switch (PAGE_NAME) {
session_write_close();
break;
+ case 'mailto':
+ // nothing to do
+ break;
+
case 'redirect':
require(SM_PATH . 'functions/auth.php');
//nobreak;
exit;
}
-//FIXME: remove next line if the placement of the copy of this line above does not prove to be problematic
- sqgetGlobalVar('username',$username,SQ_SESSION);
sqgetGlobalVar('authz',$authz,SQ_SESSION);
/**
// Japanese translation used without mbstring support
if ($err==2) {
- $sError =
- "<p>You need to have PHP installed with the multibyte string function \n".
- "enabled (using configure option --enable-mbstring).</p>\n".
- "<p>System assumed that you accidently switched to Japanese translation \n".
- "and reverted your language preference to English.</p>\n".
- "<p>Please refresh this page in order to use webmail.</p>\n";
+ $sError = "<p>Your administrator needs to have PHP installed with the multibyte string extension enabled (using configure option --enable-mbstring).</p>\n"
+ . "<p>This system has assumed that you accidently switched to Japanese and has reverted your language preference to English.</p>\n"
+ . "<p>Please refresh this page in order to continue using your webmail.</p>\n";
error_box($sError);
}
}
// We want some variables to always be available to the template
+//
$oTemplate->assign('javascript_on',
(sqGetGlobalVar('user_is_logged_in', $user_is_logged_in, SQ_SESSION)
? checkForJavascript() : 0));
$oTemplate->assign($var, (isset($$var) ? $$var : NULL));
}
+// A few output elements are used often, so just get them once here
+//
+$nbsp = $oTemplate->fetch('non_breaking_space.tpl');
+$br = $oTemplate->fetch('line_break.tpl');
+
/**
* Initialize our custom error handler object
*/
$oldErrorHandler = set_error_handler('SquirrelMailErrorhandler');
}
+
+// ============================================================================
+// ================= End of Live Code, Beginning of Functions =================
+// ============================================================================
+
+
/**
* Javascript support detection function
* @param boolean $reset recheck javascript support if set to true.
projects / squirrelmail.git / blobdiff