Fixing security vulnerability in squirrelspell.

[squirrelmail.git] / plugins / squirrelspell / modules / crypto_badkey.mod.php

diff --git a/plugins/squirrelspell/modules/crypto_badkey.mod.php b/plugins/squirrelspell/modules/crypto_badkey.mod.php
deleted file mode 100644 (file)
index 47dae86..0000000
--- a/plugins/squirrelspell/modules/crypto_badkey.mod.php
+++ /dev/null
@@ -1,64 +0,0 @@
-<?php
-
-   /**
-    **  CRYPTO_BADKEY.MOD.PHP -- Squirrelspell module
-    **
-    **  Copyright (c) 1999-2002 The SquirrelMail development team
-    **  Licensed under the GNU GPL. For full terms see the file COPYING.
-    **
-    **  This module tries to decrypt the user dictionary with a newly provided
-    **  old password, or erases the file if everything else fails. :(         
-    **
-    **  $Id$
-    **/
-
-    // Just for fidian! :)
-    global $delete_words, $SCRIPT_NAME, $old_key;
-    if ($delete_words=='ON'){
-        // All attemts to decrypt the file were futile. Erase the bastard and
-        // hope this never happens again.
-        sqspell_deleteWords(); 
-        // See where we were called from -- pop-up window or options page
-        // and call whichever wrapper is appropriate.
-        if (strstr($SCRIPT_NAME, 'sqspell_options')){
-            $msg='<p>' . _("Your personal dictionary was erased.") . '</p>';
-            sqspell_makePage(_("Dictionary Erased"), null, $msg);
-        } else {
-            $msg = '<p>' . ("Your personal dictionary was erased. Please close this window and click \"Check Spelling\" button again to start your spellcheck over." ) .
-                   '</p> '.
-                   '<p align="center"><form>'.
-                   '<input type="button" value=" ' _("Close this Window") . ' " onclick="self.close()">'.
-                   '</form></p>';
-            sqspell_makeWindow(null, _("Dictionary Erased"), null, $msg);
-        }
-        exit;
-    }
-    
-    if ($old_key){
-        // User provided another key to try and decrypt the dictionary.
-        // call sqspell_getWords. If this key fails, the function will
-        // handle it.
-        $words=sqspell_getWords();
-        // It worked! Pinky, you're a genius!
-        // Write it back this time encrypted with a new key.
-        sqspell_writeWords($words);
-        // See where we are and call a necessary GUI-wrapper.
-        if (strstr($SCRIPT_NAME, 'sqspell_options')){
-            $msg = '<p>' .
-                   _("Your personal dictionary was re-encrypted successfully. Now "
-                     "return to the &quot;SpellChecker options&quot; menu and make your selection "
-                     "again." ) . '</p>';
-            sqspell_makePage(_("Successful Re-encryption"), null, $msg);
-        } else {
-            $msg = '<p>'.
-                   _("Your personal dictionary was re-encrypted successfully. Please "
-                     "close this window and click \"Check Spelling\" button again to start your "
-                     "spellcheck over.") . '</p>' .
-                   '<form><p align="center"><input type="button" value=" ' . _("Close this Window") . ' "'.
-                   'onclick="self.close()"></p></form>';
-            sqspell_makeWindow(null, _("Dictionary re-encrypted"), null, $msg);
-        }
-        exit;
-    }
-    
-?>