X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=config%2Fconf.pl;h=2de4eefb819b676cf3920bfbc627397b49abad12;hp=0f3c4c3fa6cb42e7f28cae9b4f6f420a397870a7;hb=bd3ebe3f8f07fd1b4294a30ef0c09a641eea1e77;hpb=3e339df82bc3f473f2afbcc133c770116b0e8452 diff --git a/config/conf.pl b/config/conf.pl index 0f3c4c3f..2de4eefb 100755 --- a/config/conf.pl +++ b/config/conf.pl @@ -1,7 +1,7 @@ #!/usr/bin/env perl # conf.pl # -# Copyright (c) 1999-2007 The SquirrelMail Project Team +# Copyright (c) 1999-2017 The SquirrelMail Project Team # Licensed under the GNU GPL. For full terms see COPYING. # # A simple configure script to configure SquirrelMail @@ -43,7 +43,23 @@ $dir = cwd(); ############################################################ -# First, lets read in the data already in there... +# Try to determine what the version of SquirrelMail is +############################################################ +$sm_version = 'unknown'; +if ( -e "../include/constants.php" && -r "../include/constants.php") { + open( FILE, "../include/constants.php" ); + while ( $line = ) { + if ($line =~ m/^define\('SM_VERSION', ?'(\d+\.\d+\.\d+( ?\[\w+]|))'/) { + $sm_version = $1; + last; + } + } + close(FILE); +} + + +############################################################ +# First, let's read in the data already in there... ############################################################ if ( -e "config.php" ) { # Make sure that file is readable @@ -140,7 +156,7 @@ if ( -e "config.php" ) { print " should get the 'config_default.php' that matches the version\n"; print " of SquirrelMail that you are running. You can get this from\n"; print " the SquirrelMail web page by going to the following URL:\n"; - print " http://www.squirrelmail.org.\n"; + print " http://squirrelmail.org.\n"; print "\n"; print "Continue loading with old config_default.php (a bad idea) [y/N]? "; $ctu = ; @@ -368,10 +384,19 @@ while ( $line = ) { } close FILE; +# RPC template sets aren't included in user interface skin list, +# so add the one from the config file here +# +if ($rpc_templateset =~ /_rpc$/) { + $templateset_name[$#templateset_name + 1] = $rpc_templateset; + $templateset_id[$#templateset_id + 1] = $rpc_templateset; +} + # FIXME: unknown introduction date $useSendmail = 'false' if ( lc($useSendmail) ne 'true' ); $sendmail_path = "/usr/sbin/sendmail" if ( !$sendmail_path ); $pop_before_smtp = 'false' if ( !$pop_before_smtp ); +$pop_before_smtp_host = '' if ( !$pop_before_smtp_host ); $default_unseen_notify = 2 if ( !$default_unseen_notify ); $default_unseen_type = 1 if ( !$default_unseen_type ); $config_use_color = 0 if ( !$config_use_color ); @@ -385,7 +410,7 @@ $delete_folder = 'false' if ( !$delete_folder ); $noselect_fix_enable = 'false' if ( !$noselect_fix_enable ); $frame_top = "_top" if ( !$frame_top ); $provider_uri = '' if ( !$provider_uri ); -$provider_name = '' if ( !$provider_name ); +$provider_name = '' if ( !$provider_name || $provider_name eq 'SquirrelMail'); $no_list_for_subscribe = 'false' if ( !$no_list_for_subscribe ); $allow_charset_search = 'true' if ( !$allow_charset_search ); $allow_advanced_search = 0 if ( !$allow_advanced_search) ; @@ -401,6 +426,8 @@ $hide_sm_attributions = 'false' if ( !$hide_sm_attributions ); # since 1.2.5 $edit_identity = 'true' if ( !$edit_identity ); $edit_name = 'true' if ( !$edit_name ); +# since 1.4.23/1.5.2 +$edit_reply_to = 'true' if ( !$edit_reply_to ); # since 1.4.0 $use_smtp_tls= 'false' if ( !$use_smtp_tls); @@ -408,6 +435,12 @@ $smtp_auth_mech = 'none' if ( !$smtp_auth_mech ); $use_imap_tls = 'false' if ( !$use_imap_tls ); $imap_auth_mech = 'login' if ( !$imap_auth_mech ); +# $use_imap_tls and $use_smtp_tls are switched to integer since 1.5.1 +$use_imap_tls = 0 if ( $use_imap_tls eq 'false'); +$use_imap_tls = 1 if ( $use_imap_tls eq 'true'); +$use_smtp_tls = 0 if ( $use_smtp_tls eq 'false'); +$use_smtp_tls = 1 if ( $use_smtp_tls eq 'true'); + # since 1.5.0 $show_alternative_names = 'false' if ( !$show_alternative_names ); # $available_languages option available only in 1.5.0. removed due to $languages @@ -418,12 +451,22 @@ $aggressive_decoding = 'false' if ( !$aggressive_decoding ); # $advanced_tree = 'false' if ( !$advanced_tree ); $use_php_recode = 'false' if ( !$use_php_recode ); $use_php_iconv = 'false' if ( !$use_php_iconv ); +$buffer_output = 'false' if ( !$buffer_output ); # since 1.5.1 $use_icons = 'false' if ( !$use_icons ); $use_iframe = 'false' if ( !$use_iframe ); $lossy_encoding = 'false' if ( !$lossy_encoding ); $allow_remote_configtest = 'false' if ( !$allow_remote_configtest ); +$secured_config = 'true' if ( !$secured_config ); +$sq_https_port = 443 if ( !$sq_https_port ); +$sq_ignore_http_x_forwarded_headers = 'true' if ( !$sq_ignore_http_x_forwarded_headers ); + +$sm_debug_mode = 'SM_DEBUG_MODE_MODERATE' if ( !$sm_debug_mode ); +#FIXME: When this is STABLE software, remove the line above and uncomment the one below: +#$sm_debug_mode = 'SM_DEBUG_MODE_OFF' if ( !$sm_debug_mode ); +$sm_debug_mode = convert_debug_binary_integer_to_constants($sm_debug_mode); + $addrbook_global_table = 'global_abook' if ( !$addrbook_global_table ); $addrbook_global_writeable = 'false' if ( !$addrbook_global_writeable ); $addrbook_global_listing = 'false' if ( !$addrbook_global_listing ); @@ -454,11 +497,6 @@ if ( !%fontsets) { 'verasans', 'bitstream vera sans,verdana,sans-serif'); } -# $use_imap_tls and $use_smtp_tls are switched to integer since 1.5.1 -$use_imap_tls = 0 if ( $use_imap_tls eq 'false'); -$use_imap_tls = 1 if ( $use_imap_tls eq 'true'); -$use_smtp_tls = 0 if ( $use_smtp_tls eq 'false'); -$use_smtp_tls = 1 if ( $use_smtp_tls eq 'true'); # sorting options changed names and reversed values in 1.5.1 $disable_thread_sort = 'false' if ( !$disable_thread_sort ); $disable_server_sort = 'false' if ( !$disable_server_sort ); @@ -472,12 +510,22 @@ $icon_theme_def = '' if ( !$icon_theme_def ); $disable_plugins = 'false' if ( !$disable_plugins ); $disable_plugins_user = '' if ( !$disable_plugins_user ); $only_secure_cookies = 'true' if ( !$only_secure_cookies ); +$disable_security_tokens = 'false' if ( !$disable_security_tokens ); +$check_referrer = '' if ( !$check_referrer ); +$ask_user_info = 'true' if ( !$ask_user_info ); +$use_transparent_security_image = 'true' if ( !$use_transparent_security_image ); +$display_imap_login_error = 'false' if ( !$display_imap_login_error ); if ( $ARGV[0] eq '--install-plugin' ) { print "Activating plugin " . $ARGV[1] . "\n"; - push @plugins, $ARGV[1]; - save_data(); - exit(0); + if ( -d "../plugins/" . $ARGV[1]) { + push @plugins, $ARGV[1]; + save_data(); + exit(0); + } else { + print "No such plugin.\n"; + exit(1); + } } elsif ( $ARGV[0] eq '--remove-plugin' ) { print "Removing plugin " . $ARGV[1] . "\n"; foreach $plugin (@plugins) { @@ -518,11 +566,12 @@ $list_supported_imap_servers = " hmailserver = hMailServer\n" . " macosx = Mac OS X Mailserver\n" . " mercury32 = Mercury/32\n" . - " uw = University of Washington's IMAP server\n"; + " uw = University of Washington's IMAP server\n" . + " gmail = IMAP access to Google mail (Gmail) accounts\n"; ##################################################################################### if ( $config_use_color == 1 ) { - $WHT = "\x1B[37;1m"; + $WHT = "\x1B[1m"; $NRM = "\x1B[0m"; } else { $WHT = ""; @@ -530,12 +579,30 @@ if ( $config_use_color == 1 ) { $config_use_color = 2; } +# lists can be printed in more than one column; default is just one +# +$columns = 1; + +# try to get screen width dynamically if possible; default to 80 +# (user can override with "w#" command) +# +eval { require "sys/ioctl.ph" }; +if ($@ + || !defined &TIOCGWINSZ + || !open(TTY, "+ 1) { + $num = print_multi_col_list(1, $columns, $screen_width, 1, @plugins); + } else { + $num = 0; + for ( $count = 0 ; $count <= $#plugins ; $count++ ) { + $num = $count + 1; + $english_name = get_plugin_english_name($plugins[$count]); + if ( $english_name eq "" ) { + print " $WHT$num.$NRM $plugins[$count]" . get_plugin_version($plugins[$count]) . "\n"; + } else { + print " $WHT$num.$NRM $english_name ($plugins[$count])" . get_plugin_version($plugins[$count]) . "\n"; + } + } } print "\n Available Plugins:\n"; opendir( DIR, "../plugins" ); - @files = readdir(DIR); + @files = sort(readdir(DIR)); $pos = 0; @unused_plugins = (); for ( $i = 0 ; $i <= $#files ; $i++ ) { - if ( -d "../plugins/" . $files[$i] && $files[$i] !~ /^\./ && $files[$i] ne "CVS" ) { + if ( -d "../plugins/" . $files[$i] && $files[$i] !~ /^\./ && $files[$i] ne ".svn" ) { $match = 0; for ( $k = 0 ; $k <= $#plugins ; $k++ ) { if ( $plugins[$k] eq $files[$i] ) { @@ -745,9 +826,18 @@ while ( ( $command ne "q" ) && ( $command ne "Q" ) && ( $command ne ":q" ) ) { } } - for ( $i = 0 ; $i <= $#unused_plugins ; $i++ ) { - $num = $num + 1; - print " $num. $unused_plugins[$i]" . get_plugin_version($unused_plugins[$i]) . "\n"; + if ($columns > 1) { + $num = print_multi_col_list($num + 1, $columns, $screen_width, 1, @unused_plugins); + } else { + for ( $i = 0 ; $i <= $#unused_plugins ; $i++ ) { + $num = $num + 1; + $english_name = get_plugin_english_name($unused_plugins[$i]); + if ( $english_name eq "" ) { + print " $WHT$num.$NRM $unused_plugins[$i]" . get_plugin_version($unused_plugins[$i]) . "\n"; + } else { + print " $WHT$num.$NRM $english_name ($unused_plugins[$i])" . get_plugin_version($unused_plugins[$i]) . "\n"; + } + } } closedir DIR; @@ -761,6 +851,8 @@ while ( ( $command ne "q" ) && ( $command ne "Q" ) && ( $command ne ":q" ) ) { } print "U Set the user for whom plugins can be disabled\n"; print "R Return to Main Menu\n"; + print "C# List plugins in <#> number of columns\n"; + print "W# Change screen width to <#> (currently $screen_width)\n"; } elsif ( $menu == 9 ) { print $WHT. "Database\n" . $NRM; print "1. DSN for Address Book : $WHT$addrbook_dsn$NRM\n"; @@ -779,25 +871,31 @@ while ( ( $command ne "q" ) && ( $command ne "Q" ) && ( $command ne ":q" ) ) { print "\n"; print "R Return to Main Menu\n"; } elsif ( $menu == 10 ) { - print $WHT. "Language settings\n" . $NRM; - print "1. Default Language : $WHT$squirrelmail_default_language$NRM\n"; - print "2. Default Charset : $WHT$default_charset$NRM\n"; - print "3. Show alternative language names : $WHT$show_alternative_names$NRM\n"; - print "4. Enable aggressive decoding : $WHT$aggressive_decoding$NRM\n"; - print "5. Enable lossy encoding : $WHT$lossy_encoding$NRM\n"; - print "\n"; + print $WHT. "Language settings\n" . $NRM; + print "1. Default Language : $WHT$squirrelmail_default_language$NRM\n"; + print "2. Default Charset : $WHT$default_charset$NRM\n"; + print "3. Show alternative language names : $WHT$show_alternative_names$NRM\n"; + print "4. Enable aggressive decoding : $WHT$aggressive_decoding$NRM\n"; + print "5. Enable lossy encoding : $WHT$lossy_encoding$NRM\n"; + print "\n"; print "R Return to Main Menu\n"; } elsif ( $menu == 11 ) { - print $WHT. "Interface tweaks\n" . $NRM; - print "1. Display html mails in iframe : $WHT$use_iframe$NRM\n"; - print "\n"; - print $WHT. "PHP tweaks\n" . $NRM; - print "4. Use php recode functions : $WHT$use_php_recode$NRM\n"; - print "5. Use php iconv functions : $WHT$use_php_iconv$NRM\n"; - print "\n"; - print $WHT. "Configuration tweaks\n" . $NRM; - print "6. Allow remote configtest : $WHT$allow_remote_configtest$NRM\n"; - print "\n"; + print $WHT. "Interface tweaks\n" . $NRM; + print "1. Display html mails in iframe : $WHT$use_iframe$NRM\n"; + print "2. Ask user info on first login : $WHT$ask_user_info$NRM\n"; + print "\n"; + print $WHT. "PHP tweaks\n" . $NRM; + print "4. Use php recode functions : $WHT$use_php_recode$NRM\n"; + print "5. Use php iconv functions : $WHT$use_php_iconv$NRM\n"; + print "6. Buffer all output : $WHT$buffer_output$NRM\n"; + print "\n"; + print $WHT. "Configuration tweaks\n" . $NRM; + print "7. Allow remote configtest : $WHT$allow_remote_configtest$NRM\n"; + print "8. Debug mode : $WHT$sm_debug_mode$NRM\n"; + print "9. Secured configuration mode : $WHT$secured_config$NRM\n"; + print "10. HTTPS port : $WHT$sq_https_port$NRM\n"; + print "11. Ignore HTTP_X_FORWARDED headers: $WHT$sq_ignore_http_x_forwarded_headers$NRM\n"; + print "\n"; print "R Return to Main Menu\n"; } if ( $config_use_color == 1 ) { @@ -837,9 +935,11 @@ while ( ( $command ne "q" ) && ( $command ne "Q" ) && ( $command ne ":q" ) ) { $NRM = ""; } else { $config_use_color = 1; - $WHT = "\x1B[37;1m"; + $WHT = "\x1B[1m"; $NRM = "\x1B[0m"; } + } elsif ( $command =~ /^w([0-9]+)/ ) { + $screen_width = $1; } elsif ( $command eq "d" && $menu == 0 ) { set_defaults(); } else { @@ -923,9 +1023,13 @@ while ( ( $command ne "q" ) && ( $command ne "Q" ) && ( $command ne ":q" ) ) { elsif ( $command == 15 ) { $time_zone_type = command318(); } elsif ( $command == 16 ) { $config_location_base = command_config_location_base(); } elsif ( $command == 17 ) { $only_secure_cookies = command319(); } + elsif ( $command == 18 ) { $disable_security_tokens = command320(); } + elsif ( $command == 19 ) { $check_referrer = command321(); } + elsif ( $command == 20 ) { $use_transparent_security_image = command322(); } + elsif ( $command == 21 ) { $display_imap_login_error = command323(); } } elsif ( $menu == 5 ) { if ( $command == 1 ) { $use_icons = commandB3(); } -# elsif ( $command == 3 ) { $icon_theme_def = commandB7(); } +# elsif ( $command == 3 ) { $icon_theme_def = command53(); } elsif ( $command == 2 ) { $default_fontsize = command_default_fontsize(); } elsif ( $command == 3 ) { $templateset_default = command_templates(); } elsif ( $command == 4 ) { command_userThemes(); } @@ -941,10 +1045,11 @@ while ( ( $command ne "q" ) && ( $command ne "Q" ) && ( $command ne ":q" ) ) { } elsif ( $menu == 7 ) { if ( $command == 1 ) { $motd = command71(); } } elsif ( $menu == 8 ) { - if ( $command =~ /^[0-9]+/ ) { @plugins = command81(); } - elsif ( $command eq "u" ) { $disable_plugins_user = command82(); } - elsif ( $command eq "d" ) { $disable_plugins = 'true'; } - elsif ( $command eq "e" ) { $disable_plugins = 'false'; } + if ( $command =~ /^[0-9]+/ ) { @plugins = command81(); } + elsif ( $command eq "u" ) { $disable_plugins_user = command82(); } + elsif ( $command eq "d" ) { $disable_plugins = 'true'; } + elsif ( $command eq "e" ) { $disable_plugins = 'false'; } + elsif ( $command =~ /^c([0-9]+)/ ) { $columns = $1; } } elsif ( $menu == 9 ) { if ( $command == 1 ) { $addrbook_dsn = command91(); } elsif ( $command == 2 ) { $addrbook_table = command92(); } @@ -965,9 +1070,15 @@ while ( ( $command ne "q" ) && ( $command ne "Q" ) && ( $command ne ":q" ) ) { elsif ( $command == 5 ) { $lossy_encoding = commandA5(); } } elsif ( $menu == 11 ) { if ( $command == 1 ) { $use_iframe = commandB2(); } + elsif ( $command == 2 ) { $ask_user_info = command_ask_user_info(); } elsif ( $command == 4 ) { $use_php_recode = commandB4(); } elsif ( $command == 5 ) { $use_php_iconv = commandB5(); } - elsif ( $command == 6 ) { $allow_remote_configtest = commandB6(); } + elsif ( $command == 6 ) { $buffer_output = commandB6(); } + elsif ( $command == 7 ) { $allow_remote_configtest = commandB7(); } + elsif ( $command == 8 ) { $sm_debug_mode = commandB8(); } + elsif ( $command == 9 ) { $secured_config = commandB9(); } + elsif ( $command == 10 ) { $sq_https_port = commandB10(); } + elsif ( $command == 11 ) { $sq_ignore_http_x_forwarded_headers = commandB11(); } } } } @@ -1012,7 +1123,7 @@ sub command2 { print " to use the default logo, use ../images/sm_logo.png\n"; print " - To specify a logo defined outside the SquirrelMail source tree\n"; print " use the absolute URL the webserver would use to include the file\n"; - print " e.g. http://www.example.com/images/mylogo.gif or /images/mylogo.jpg\n"; + print " e.g. http://example.com/images/mylogo.gif or /images/mylogo.jpg\n"; print "\n"; print "[$WHT$org_logo$NRM]: $WHT"; $new_org_logo = ; @@ -1107,8 +1218,8 @@ sub command6 { # Default link to provider sub command7 { - print "Here you can set the link on the right of the page.\n"; - print "If empty, it will link to the SquirrelMail About page.\n"; + print "Here you can set the link on the top-right of the message list.\n"; + print "If empty, it will not be displayed.\n"; print "\n"; print "[$WHT$provider_uri$NRM]: $WHT"; $new_provider_uri = ; @@ -1122,13 +1233,13 @@ sub command7 { } sub command8 { - print "Here you can set the name of the link on the right of the page.\n"; - print "The default is 'SquirrelMail'\n"; + print "Here you can set the name of the link on the top-right of the message list.\n"; + print "The default is empty (do not display anything).'\n"; print "\n"; print "[$WHT$provider_name$NRM]: $WHT"; $new_provider_name = ; if ( $new_provider_name eq "\n" ) { - $new_provider_name = 'SquirrelMail'; + $new_provider_name = ''; } else { $new_provider_name =~ s/[\r\n]//g; $new_provider_name =~ s/^\s+$//g; @@ -1273,13 +1384,38 @@ sub command18a { $YesNo = 'n'; $YesNo = 'y' if ( lc($pop_before_smtp) eq 'true' ); - print "Use pop before SMTP (y/n) [$WHT$YesNo$NRM]: $WHT"; + print "Use POP before SMTP (y/n) [$WHT$YesNo$NRM]: $WHT"; $new_pop_before_smtp = ; $new_pop_before_smtp =~ tr/yn//cd; - return 'true' if ( $new_pop_before_smtp eq "y" ); - return 'false' if ( $new_pop_before_smtp eq "n" ); - return $pop_before_smtp; + if ( $new_pop_before_smtp eq "y" ) { + $new_pop_before_smtp = "true"; + } elsif ( $new_pop_before_smtp eq "n" ) { + $new_pop_before_smtp = "false"; + } else { + $new_pop_before_smtp = $pop_before_smtp; + } + + # if using POP before SMTP, allow setting of custom POP server address + if ($new_pop_before_smtp eq "true") { + print "$NRM\nIf the address of the POP server is not the same as\n"; + print "your SMTP server, you may specify it here. Leave blank (to\n"; + print "clear this, enter only spaces) to use the same address as\n"; + print "your SMTP server.\n"; + print "POP before SMTP server address [$WHT$pop_before_smtp_host$NRM]: $WHT"; + + $new_pop_before_smtp_host = ; + if ( $new_pop_before_smtp_host eq "\n" ) { + $new_pop_before_smtp_host = $pop_before_smtp_host; + } elsif ($new_pop_before_smtp_host =~ /^\s+$/) { + $new_pop_before_smtp_host = ''; + } else { + $new_pop_before_smtp_host =~ s/[\r|\n]//g; + } + $pop_before_smtp_host = $new_pop_before_smtp_host; + } + + return $new_pop_before_smtp; } # imap_server_type @@ -1415,7 +1551,7 @@ sub command112a { # SMTP authentication type -# Possible choices: none, plain, cram-md5, digest-md5 +# Possible choices: none, login, plain, cram-md5, digest-md5 sub command112b { if ($use_smtp_tls ne "0") { print "Auto-detection of login methods is unavailable when using TLS or STARTTLS.\n"; @@ -1440,6 +1576,7 @@ sub command112b { print " ERROR TESTING\n"; close $sock; } else { + $got = <$sock>; # Discard greeting print $sock "HELO $domain\r\n"; $got = <$sock>; # Discard print $sock "MAIL FROM:\r\n"; @@ -1455,6 +1592,7 @@ sub command112b { print $sock "QUIT\r\n"; close $sock; } + # Try login (SquirrelMail default) print "Testing login:\t\t"; $tmp=detect_auth_support('SMTP',$host,'LOGIN'); @@ -1468,6 +1606,19 @@ sub command112b { print $WHT . "ERROR DETECTING$NRM\n"; } + # Try plain + print "Testing plain:\t\t"; + $tmp=detect_auth_support('SMTP',$host,'PLAIN'); + if (defined($tmp)) { + if ($tmp eq 'YES') { + print $WHT . "SUPPORTED$NRM\n"; + } else { + print $WHT . "NOT SUPPORTED$NRM\n"; + } + } else { + print $WHT . "ERROR DETECTING$NRM\n"; + } + # Try CRAM-MD5 print "Testing CRAM-MD5:\t"; $tmp=detect_auth_support('SMTP',$host,'CRAM-MD5'); @@ -1498,12 +1649,12 @@ sub command112b { print "\nWhat authentication mechanism do you want to use for SMTP connections?\n"; print $WHT . "none" . $NRM . " - Your SMTP server does not require authorization.\n"; print $WHT . "login" . $NRM . " - Plaintext. If you can do better, you probably should.\n"; - print $WHT . "plain" . $NRM . " - SASL PLAIN. You already know it if you need this.\n"; + print $WHT . "plain" . $NRM . " - SASL PLAIN. Plaintext. If you can do better, you probably should.\n"; print $WHT . "cram-md5" . $NRM . " - Slightly better than plaintext.\n"; print $WHT . "digest-md5" . $NRM . " - Privacy protection - better than cram-md5.\n"; print $WHT . "\n*** YOUR SMTP SERVER MUST SUPPORT THE MECHANISM YOU CHOOSE HERE ***\n" . $NRM; print "If you don't understand or are unsure, you probably want \"none\"\n\n"; - print "none, login, cram-md5, or digest-md5 [$WHT$smtp_auth_mech$NRM]: $WHT"; + print "none, login, plain, cram-md5, or digest-md5 [$WHT$smtp_auth_mech$NRM]: $WHT"; $inval=; chomp($inval); if ($inval =~ /^none\b/i) { @@ -1540,10 +1691,10 @@ sub command_smtp_sitewide_userpass($) { print "SMTP connections?"; if ($smtp_sitewide_user ne '') { $default = 'y'; - print " [Yn]:"; + print " [Y/n]:"; } else { $default = 'n'; - print " [yN]:"; + print " [y/N]:"; } $tmp=; $tmp = trim($tmp); @@ -1642,18 +1793,23 @@ sub display_use_tls($) { } # $encode_header_key -sub command114{ - print "Encryption key allows to hide SquirrelMail Received: headers\n"; - print "in outbound messages. Interface uses encryption key to encode\n"; - print "username, remote address and proxied address, then stores encoded\n"; - print "information in X-Squirrel-* headers.\n"; +sub command114 { + print "This encryption key allows the hiding of SquirrelMail Received:\n"; + print "headers in outbound messages. SquirrelMail uses the encryption\n"; + print "key to encode the username, remote address, and proxied address\n"; + print "and then stores that encoded information in X-Squirrel-* headers.\n"; print "\n"; - print "Warning: used encryption function is not bulletproof. When used\n"; - print "with static encryption keys, it provides only minimal security\n"; - print "measures and information can be decoded quickly.\n"; + print "Warning: the encryption function used to accomplish this is not\n"; + print "bulletproof. When used with a static encryption key as it is here,\n"; + print "it provides only minimal security and the encoded user information\n"; + print "in the X-Squirrel-* headers can be decoded quickly by a skilled\n"; + print "attacker.\n"; print "\n"; - print "Encoded information can be decoded with decrypt_headers.php script\n"; - print "from SquirrelMail contrib/ directory.\n"; + print "When you need to inspect an email sent from your system with the\n"; + print "X-Squirrel-* headers, you can decode the user information therein\n"; + print "by using the decrypt_headers.php script found in the SquirrelMail\n"; + print "contrib/ directory. You'll need the encryption key that you\n"; + print "defined here when doing so.\n"; print "\n"; print "Enter encryption key: "; $new_encode_header_key = ; @@ -1909,11 +2065,12 @@ sub command24a { return $default_move_to_trash; } -# default move to sent +# default move to sent (save sent messages) sub command24b { - print "By default, should messages get moved to the sent folder? You\n"; - print "can specify the default sent folder in option 4. If this is set\n"; - print "to false, messages will get sent and no copy will be made.\n"; + print "By default, should copies of outgoing messages get saved in the\n"; + print "sent folder? You can specify the default sent folder in option 4.\n"; + print "If this is set to false, messages will get sent and no copy will\n"; + print "be made.\n"; print "\n"; print "Sent folder is currently: $sent_folder\n"; print "\n"; @@ -1923,7 +2080,7 @@ sub command24b { } else { $default_value = "n"; } - print "By default, move to sent (y/n) [$WHT$default_value$NRM]: $WHT"; + print "By default, save sent messages (y/n) [$WHT$default_value$NRM]: $WHT"; $new_show = ; if ( ( $new_show =~ /^y\n/i ) || ( ( $new_show =~ /^\n/ ) && ( $default_value eq "y" ) ) ) { $default_move_to_sent = 'true'; @@ -1942,7 +2099,7 @@ sub command24c { print "Drafts folder is currently: $draft_folder\n"; print "\n"; - if ( lc($default_move_to_draft) eq 'true' ) { + if ( lc($default_save_as_draft) eq 'true' ) { $default_value = "y"; } else { $default_value = "n"; @@ -2184,7 +2341,7 @@ sub command215 { #noselect fix sub command216 { - print "Some IMAP server allow subfolders to exist even if the parent\n"; + print "Some IMAP servers allow subfolders to exist even if the parent\n"; print "folders do not. This fixes some problems with the folder list\n"; print "when this is the case, causing the /NoSelect folders to be displayed\n"; print "\n"; @@ -2370,7 +2527,7 @@ sub command38 { print ""; print "\n"; - if ( lc($default_hide_attribution) eq 'true' ) { + if ( lc($hide_sm_attributions) eq 'true' ) { $default_value = "y"; } else { $default_value = "n"; @@ -2424,17 +2581,20 @@ sub command310 { if ( ( $new_edit =~ /^y\n/i ) || ( ( $new_edit =~ /^\n/ ) && ( $default_value eq "y" ) ) ) { $edit_identity = 'true'; $edit_name = 'true'; - $hide_auth_header = command311b(); + $edit_reply_to = 'true'; + $hide_auth_header = command311c(); } else { $edit_identity = 'false'; $edit_name = command311(); - $hide_auth_header = command311b(); + $edit_reply_to = command311b(); + $hide_auth_header = command311c(); } return $edit_identity; } sub command311 { - print " Given that users are not allowed to modify their + print "$NRM"; + print "\n Given that users are not allowed to modify their email address, can they edit their full name? "; @@ -2455,17 +2615,45 @@ sub command311 { } sub command311b { - print " SquirrelMail adds username information to every sent email - in order to prevent possible sender forging when users are allowed + print "$NRM"; + print "\n Given that users are not allowed to modify their + email address, can they edit their reply-to address? + + "; + + if ( lc($edit_reply_to) eq 'true' ) { + $default_value = "y"; + } else { + $default_value = "n"; + } + print "Allow the user to edit their reply-to address? (y/n) [$WHT$default_value$NRM]: $WHT"; + $new_edit = ; + if ( ( $new_edit =~ /^y\n/i ) || ( ( $new_edit =~ /^\n/ ) && ( $default_value eq "y" ) ) ) { + $edit_reply_to = 'true'; + } else { + $edit_reply_to = 'false'; + } + return $edit_reply_to; +} + +sub command311c { + print "$NRM"; + print "\n SquirrelMail adds username information to every outgoing email in + order to prevent possible sender forging by users that are allowed to change their email and/or full name. - You can remove user information from this header (y), if you think that - it violates privacy or security. + You can remove user information from this header (y) if you think + that it violates privacy or security. - Note: If users are allowed to change their email addresses, - this setting will make it difficult to determine who sent what where. + Note: If users are allowed to change their email addresses, this + setting will make it difficult to determine who sent what where. Use at your own risk. + Note: If you have defined a header encryption key in your SMTP or + Sendmail settings (see the \"Server Settings\" option page), this + setting is ignored because all user information in outgoing messages + is encoded. + "; if ( lc($hide_auth_header) eq "true" ) { @@ -2595,7 +2783,7 @@ sub command318 { print "See SquirrelMail documentation about format of config/timezones.php file.\n"; print "\n"; - print "Used time zone configuration (0,1,2,3)? [$WHT$time_zone_type$NRM]: $WHT"; + print "Desired time zone configuration (0,1,2,3)? [$WHT$time_zone_type$NRM]: $WHT"; $new_time_zone_type = ; if ( $new_time_zone_type =~ /^[0123]\n/i ) { $time_zone_type = $new_time_zone_type; @@ -2653,6 +2841,120 @@ sub command319 { } +# disable_security_tokens (since 1.5.2) +sub command320 { + print "This option allows you to turn off the security checks in the forms\n"; + print "that SquirrelMail generates. It is NOT RECOMMENDED that you disable\n"; + print "this feature - otherwise, your users may be exposed to phishing and\n"; + print "other attacks.\n"; + print "Unless you know what you are doing, you should leave this set to \"NO\".\n"; + print "\n"; + + if ( lc($disable_security_tokens) eq 'true' ) { + $default_value = "y"; + } else { + $default_value = "n"; + } + print "Disable secure forms? (y/n) [$WHT$default_value$NRM]: $WHT"; + $disable_security_tokens = ; + if ( ( $disable_security_tokens =~ /^y\n/i ) || ( ( $disable_security_tokens =~ /^\n/ ) && ( $default_value eq "y" ) ) ) { + $disable_security_tokens = 'true'; + } else { + $disable_security_tokens = 'false'; + } + return $disable_security_tokens; +} + + + +# check_referrer (since 1.5.2) +sub command321 { + print "This option allows you to enable referal checks for all page requests\n"; + print "made to SquirrelMail. This can help ensure that page requests came\n"; + print "from the same server and not from an attacker's site (usually the\n"; + print "result of a XSS or phishing attack). To enable referal checking,\n"; + print "this setting can be set to the domain where your SquirrelMail is\n"; + print "being hosted (usually the same as the Domain setting under Server\n"; + print "Settings). For example, it could be \"example.com\", or if you\n"; + print "use a plugin (such as Login Manager) to host SquirrelMail on more\n"; + print "than one domain, you can set this to \"###DOMAIN###\" to tell it\n"; + print "to use the current domain.\n"; + print "\n"; + print "However, in some cases (where proxy servers are in use, etc.), the\n"; + print "domain might be different.\n"; + print "\n"; + print "NOTE that referal checks are not foolproof - they can be spoofed by\n"; + print "browsers, and some browsers intentionally don't send referal\n"; + print "information (in which case, the check is silently bypassed)\n"; + print "\n"; + + print "Referal requirement? [$WHT$check_referrer$NRM]: $WHT"; + $new_check_referrer = ; + chomp($new_check_referrer); + $check_referrer = $new_check_referrer; + + return $check_referrer; +} + + + +# use_transparent_security_image (since 1.5.2) +sub command322 { + print "When HTML messages are being displayed, SquirrelMail's default behavior\n"; + print "is to remove all remote images and replace them with a local one.\n"; + print "\n"; + print "This option allows you to specify whether the local image should contain\n"; + print "text that indicates to the user that \"this image has been removed for\n"; + print "security reasons\" (translated into most languages), or if it should be\n"; + print "transparent.\n"; + print "\n"; + + if ( lc($use_transparent_security_image) eq 'true' ) { + $default_value = "y"; + } else { + $default_value = "n"; + } + print "Use transparent security image? (y/n) [$WHT$default_value$NRM]: $WHT"; + $use_transparent_security_image = ; + if ( ( $use_transparent_security_image =~ /^y\n/i ) || ( ( $use_transparent_security_image =~ /^\n/ ) && ( $default_value eq "y" ) ) ) { + $use_transparent_security_image = 'true'; + } else { + $use_transparent_security_image = 'false'; + } + return $use_transparent_security_image; +} + + + +# display_imap_login_error (since 1.5.2) +sub command323 { + print "Some IMAP servers return detailed information about why a login is\n"; + print "being refused (the username or password could be invalid or there\n"; + print "might be an administrative lock on the account).\n"; + print "\n"; + print "Enabling this option will cause SquirrelMail to display login failure\n"; + print "messages directly from the IMAP server. When it is disabled, login\n"; + print "failures are always reported to the user with the traditional \"Unknown\n"; + print "user or password incorrect.\"\n"; + print "\n"; + + if ( lc($display_imap_login_error) eq 'true' ) { + $default_value = "y"; + } else { + $default_value = "n"; + } + print "Display login error messages directly from the IMAP server? (y/n) [$WHT$default_value$NRM]: $WHT"; + $display_imap_login_error = ; + if ( ( $display_imap_login_error =~ /^y\n/i ) || ( ( $display_imap_login_error =~ /^\n/ ) && ( $default_value eq "y" ) ) ) { + $display_imap_login_error = 'true'; + } else { + $display_imap_login_error = 'false'; + } + return $display_imap_login_error; +} + + + sub command_userThemes { print "\nDefine the user themes that you wish to use. If you have added\n"; print "a theme of your own, just follow the instructions (?) about\n"; @@ -2766,11 +3068,11 @@ sub command_userThemes { print "\nStarting detection...\n\n"; opendir( DIR, "../css" ); - @files = readdir(DIR); + @files = sort(readdir(DIR)); $cnt = 0; while ( $cnt <= $#files ) { $filename = "../css/" . $files[$cnt] .'/'; - if ( $filename ne "../css/rtl.css" && -e $filename . "default.css" ) { + if ( $files[$cnt] !~ /^\./ && $filename ne "../css/rtl.css" && -e $filename . "default.css" ) { $found = 0; for ( $x = 0 ; $x <= $#user_theme_path ; $x++ ) { if ( $user_theme_path[$x] eq $filename ) { @@ -2779,9 +3081,16 @@ sub command_userThemes { } if ( $found != 1 ) { print "** Found user theme: $filename\n"; - print " What is its name? "; + $def = $files[$cnt]; + $def =~ s/_/ /g; + $def = lc($def); + #$def =~ s/(^\w+)/ucfirst $1/eg; + #$def =~ s/(\s+)(\w+)/$1 . ucfirst $2/eg; + $def =~ s/(^\w+)|(\s+)(\w+)/ucfirst $1 . $2 . ucfirst $3/eg; + print " What is its name? [$def]: "; $nm = ; - $nm =~ s/[\n\r]//g; + $nm =~ s/^\s+|\s+$|[\n\r]//g; + if ( $nm eq '' ) { $nm = $def; } $user_theme_name[ $#user_theme_name + 1 ] = $nm; $user_theme_path[ $#user_theme_path + 1 ] = $filename; } @@ -2971,11 +3280,11 @@ sub command_iconSets { print "\nStarting detection...\n\n"; opendir( DIR, "../images/themes/" ); - @files = readdir(DIR); + @files = sort(readdir(DIR)); $cnt = 0; while ( $cnt <= $#files ) { $filename = "../images/themes/" . $files[$cnt] .'/'; - if ( -d "../images/themes/" . $files[$cnt] && $files[$cnt] !~ /^\./ && $files[$cnt] ne "CVS" ) { + if ( -d "../images/themes/" . $files[$cnt] && $files[$cnt] !~ /^\./ && $files[$cnt] ne ".svn" ) { $found = 0; for ( $x = 0 ; $x <= $#icon_theme_path ; $x++ ) { if ( $icon_theme_path[$x] eq $filename ) { @@ -2984,9 +3293,16 @@ sub command_iconSets { } if ( $found != 1 ) { print "** Found icon theme: $filename\n"; - print " What is its name? "; + $def = $files[$cnt]; + $def =~ s/_/ /g; + $def = lc($def); + #$def =~ s/(^\w+)/ucfirst $1/eg; + #$def =~ s/(\s+)(\w+)/$1 . ucfirst $2/eg; + $def =~ s/(^\w+)|(\s+)(\w+)/ucfirst $1 . $2 . ucfirst $3/eg; + print " What is its name? [$def]: "; $nm = ; - $nm =~ s/[\n\r]//g; + $nm =~ s/^\s+|\s+$|[\n\r]//g; + if ( $nm eq '' ) { $nm = $def; } $icon_theme_name[ $#icon_theme_name + 1 ] = $nm; $icon_theme_path[ $#icon_theme_path + 1 ] = $filename; } @@ -3038,7 +3354,7 @@ sub command_iconSets { } sub command_templates { - print "\nDefine the template sets that you wish to use. If you have added\n"; + print "\nDefine the template sets (skins) that you wish to use. If you have added\n"; print "a template set of your own, just follow the instructions (?) about\n"; print "how to add them. You can also change the default template.\n"; @@ -3052,26 +3368,44 @@ sub command_templates { print " "; } if ( $templateset_id[$count] eq $templateset_fallback ) { - print "f "; + print "f"; + } else { + print " "; + } + if ( $templateset_id[$count] eq $rpc_templateset ) { + print "r "; } else { print " "; } if ( $count < 10 ) { print " "; } + if ( $count < 100 ) { + print " "; + } $name = $templateset_name[$count]; - $num_spaces = 35 - length($name); - for ( $i = 0 ; $i < $num_spaces ; $i++ ) { - $name = $name . " "; + + # present RPC template sets differently + # + if ( $templateset_id[$count] =~ /_rpc$/ ) { + $name = $name . " (not shown in user interface; used for RPC interface only)"; + } else { + + $num_spaces = 35 - length($name); + for ( $i = 0 ; $i < $num_spaces ; $i++ ) { + $name = $name . " "; + } + $name = $name . "($templateset_id[$count])"; + } - print " $count. $name"; - print "($templateset_id[$count])\n"; + print " $count. $name\n"; $count++; - } - print "\n d = default template set\n" - . " f = fallback template set\n\n"; + } + print "\n d = default template set\n" + . " f = fallback template set\n" + . " r = RPC template set\n\n"; $menu_text = ".-------------------------------------.\n" . "| t (detect template set) |\n" @@ -3079,7 +3413,8 @@ sub command_templates { . "| - N (remove template set) |\n" . "| m N (mark default template set) |\n" . "| f N (set fallback template set) |\n" - . "| l (list template sets) |\n" + . "| r N (set RPC template set) |\n" + . "| l (list template sets/skins) |\n" . "| d (done) |\n" . "|-------------------------------------|\n" . "| where N is a template set number |\n" @@ -3103,26 +3438,44 @@ sub command_templates { print " "; } if ( $templateset_id[$count] eq $templateset_fallback ) { - print "f "; + print "f"; + } else { + print " "; + } + if ( $templateset_id[$count] eq $rpc_templateset ) { + print "r "; } else { print " "; } if ( $count < 10 ) { print " "; } + if ( $count < 100 ) { + print " "; + } $name = $templateset_name[$count]; - $num_spaces = 35 - length($name); - for ( $i = 0 ; $i < $num_spaces ; $i++ ) { - $name = $name . " "; + + # present RPC template sets differently + # + if ( $templateset_id[$count] =~ /_rpc$/ ) { + $name = $name . " (not shown in user interface; used for RPC interface only)"; + } else { + + $num_spaces = 35 - length($name); + for ( $i = 0 ; $i < $num_spaces ; $i++ ) { + $name = $name . " "; + } + $name = $name . "($templateset_id[$count])"; + } - print " $count. $name"; - print "($templateset_id[$count])\n"; + print " $count. $name\n"; $count++; } print "\n d = default template set\n" - . " f = fallback template set\n\n"; + . " f = fallback template set\n" + . " r = RPC template set\n\n"; # mark default template set # @@ -3134,6 +3487,10 @@ sub command_templates { print "Cannot set default template set to $input. That template set does not exist.\n"; $templateset_default = $old_def; } + if ( $templateset_default =~ /_rpc$/ ) { + print "Cannot set default template set to $input. That template set is intended for the RPC interface only.\n"; + $templateset_default = $old_def; + } # set fallback template set # @@ -3145,6 +3502,25 @@ sub command_templates { print "Cannot set fallback template set to $input. That template set does not exist.\n"; $templateset_fallback = $old_def; } + if ( $templateset_fallback =~ /_rpc$/ ) { + print "Cannot set fallback template set to $input. That template set is intended for the RPC interface only.\n"; + $templateset_fallback = $old_def; + } + + # set RPC template set + # + } elsif ( $input =~ /^\s*r\s*[0-9]+/i ) { + $old_def = $rpc_templateset; + $input =~ s/^\s*r\s*//; + $rpc_templateset = $templateset_id[$input]; + if ( $rpc_templateset =~ /^\s*$/ ) { + print "Cannot set RPC template set to $input. That template set does not exist.\n"; + $rpc_templateset = $old_def; + } + if ( $rpc_templateset !~ /_rpc$/ ) { + print "Cannot set fallback template set to $input. That template set is not intended for the RPC interface.\n"; + $rpc_templateset = $old_def; + } # add template set # @@ -3167,10 +3543,10 @@ sub command_templates { } elsif ( $input =~ /^\s*t\s*/i ) { print "\nStarting detection...\n\n"; opendir( DIR, "../templates" ); - @files = readdir(DIR); + @files = sort(readdir(DIR)); $cnt = 0; while ( $cnt <= $#files ) { - if ( -d "../templates/" . $files[$cnt] && $files[$cnt] !~ /^\./ && $files[$cnt] ne "CVS" ) { + if ( -d "../templates/" . $files[$cnt] && $files[$cnt] !~ /^\./ && $files[$cnt] ne ".svn" ) { $filename = $files[$cnt]; $found = 0; for ( $x = 0 ; $x <= $#templateset_id ; $x++ ) { @@ -3181,9 +3557,23 @@ sub command_templates { } if ( $found != 1) { print "** Found template set: $filename\n"; - print " What is it's name (as shown to your users)? "; - $nm = ; - $nm =~ s/[\n\r]//g; + $def = $files[$cnt]; + + # no user-friendly names needed for RPC template sets + # + if ( $def =~ /_rpc$/ ) { + $nm = $def; + } else { + $def = lc($def); + $def =~ s/_/ /g; + #$def =~ s/(^\w+)/ucfirst $1/eg; + #$def =~ s/(\s+)(\w+)/$1 . ucfirst $2/eg; + $def =~ s/(^\w+)|(\s+)(\w+)/ucfirst $1 . $2 . ucfirst $3/eg; + print " What is it's name (as shown to your users)? [$def]: "; + $nm = ; + $nm =~ s/^\s+|\s+$|[\n\r]//g; + if ( $nm eq '' ) { $nm = $def; } + } $templateset_id[ $#templateset_id + 1 ] = $filename; $templateset_name[ $#templateset_name + 1 ] = $nm; } @@ -3197,6 +3587,7 @@ sub command_templates { print " Removing \"$filename\" (template set directory not found)\n"; if ( $templateset_default eq $filename ) { $templateset_default = 'default'; } if ( $templateset_fallback eq $filename ) { $templateset_fallback = 'default'; } + if ( $rpc_templateset eq $filename ) { $rpc_templateset = 'default_rpc'; } $offset = 0; @new_templateset_name = (); @new_templateset_id = (); @@ -3236,6 +3627,8 @@ sub command_templates { print "You cannot remove the default template set!\n"; } elsif ( $templateset_id[$rem_num] eq $templateset_fallback ) { print "You cannot remove the fallback template set!\n"; + } elsif ( $templateset_id[$rem_num] eq $rpc_templateset ) { + print "You cannot remove the RPC template set!\n"; } else { $count = 0; @new_templateset_name = (); @@ -3824,7 +4217,7 @@ sub command91 { print "[$WHT$addrbook_dsn$NRM]: $WHT"; $new_dsn = ; if ( $new_dsn eq "\n" ) { - $new_dsn = ""; + $new_dsn = $addrbook_dsn; } else { $new_dsn =~ s/[\r\n]//g; $new_dsn =~ s/^\s+$//g; @@ -3866,7 +4259,7 @@ sub command93 { print "[$WHT$prefs_dsn$NRM]: $WHT"; $new_dsn = ; if ( $new_dsn eq "\n" ) { - $new_dsn = ""; + $new_dsn = $prefs_dsn; } else { $new_dsn =~ s/[\r\n]//g; $new_dsn =~ s/^\s+$//g; @@ -3890,9 +4283,7 @@ sub command94 { sub command95 { print "This is the name of the field in which you want to store the\n"; - print "username of the person the prefs are for. It default to 'user'\n"; - print "which clashes with a reserved keyword in PostgreSQL so this\n"; - print "will need to be changed for that database at least\n"; + print "username of the person the prefs are for. It defaults to 'user'\n"; print "\n"; print "[$WHT$prefs_user_field$NRM]: $WHT"; $new_field = ; @@ -3971,7 +4362,7 @@ sub command98 { print "[$WHT$addrbook_global_dsn$NRM]: $WHT"; $new_dsn = ; if ( $new_dsn eq "\n" ) { - $new_dsn = ""; + $new_dsn = $addrbook_global_dsn; } else { $new_dsn =~ s/[\r\n]//g; $new_dsn =~ s/^\s+$//g; @@ -4156,6 +4547,30 @@ sub commandB2 { } return $use_iframe; } + +# ask user info +sub command_ask_user_info { + print "New users need to supply their real name and email address to\n"; + print "send out proper mails. When this option is enabled, a user that\n"; + print "logs in for the first time will be redirected to the Personal\n"; + print "Options screen and asked to supply their personal data.\n"; + print "\n"; + + if ( lc($ask_user_info) eq 'true' ) { + $default_value = "y"; + } else { + $default_value = "n"; + } + print "Ask user info? (y/n) [$WHT$default_value$NRM]: $WHT"; + $ask_user_info = ; + if ( ( $ask_user_info =~ /^y\n/i ) || ( ( $ask_user_info =~ /^\n/ ) && ( $default_value eq "y" ) ) ) { + $ask_user_info = 'true'; + } else { + $ask_user_info = 'false'; + } + return $ask_user_info; +} + # use icons sub commandB3 { print "Enabling this option will cause icons to be used instead of text\n"; @@ -4229,8 +4644,37 @@ sub commandB5 { return $use_php_iconv; } -# configtest block +# buffer output sub commandB6 { + print "In some cases, buffering all output (holding it on the server until\n"; + print "the full page is ready to send to the browser) allows more complex\n"; + print "functionality, especially for plugins that want to add headers on hooks\n"; + print "that are beyond the point of output having been sent to the browser\n"; + print "otherwise. Most plugins that need this functionality will enable it\n"; + print "automatically on their own, but you can turn it on manually here. You'd\n"; + print "usually want to do this if you want to specify a custom output handler\n"; + print "for parsing the output - you can do that by specifying a value for\n"; + print "\$buffered_output_handler in config_local.php. Don't forget to define\n"; + print "a function of the same name as what \$buffered_output_handler is set to.\n"; + print "\n"; + + if ( lc($buffer_output) eq 'true' ) { + $default_value = "y"; + } else { + $default_value = "n"; + } + print "Buffer all output? (y/n) [$WHT$default_value$NRM]: $WHT"; + $buffer_output = ; + if ( ( $buffer_output =~ /^y\n/i ) || ( ( $buffer_output =~ /^\n/ ) && ( $default_value eq "y" ) ) ) { + $buffer_output = 'true'; + } else { + $buffer_output = 'false'; + } + return $buffer_output; +} + +# configtest block +sub commandB7 { print "Enable this option if you want to check SquirrelMail configuration\n"; print "remotely with configtest.php script.\n"; print "\n"; @@ -4251,7 +4695,7 @@ sub commandB6 { } # Default Icon theme -sub commandB7 { +sub command53 { print "You may change the path to the default icon theme to be used, if icons\n"; print "have been enabled. This theme will be used when an icon cannot be\n"; print "found in the current theme, or when no icon theme is specified. If\n"; @@ -4277,6 +4721,171 @@ sub commandB7 { return $new_icon_theme_def; } +# SquirrelMail debug mode (since 1.5.2) +sub commandB8 { + print "When debugging or developing SquirrelMail, you may want to increase\n"; + print "the verbosity of certain kinds of errors, notices, and/or diagnostics.\n"; + print "You may enable one or more of the debugging modes here. Please make\n"; + print "sure that you have turned off debugging if you are using SquirrelMail\n"; + print "in a production environment.\n\n"; + + $input = ""; + while ( $input ne "d\n" ) { + $sm_debug_mode = convert_debug_constants_to_binary_integer($sm_debug_mode); + + # per include/constants.php, here are the debug mode values: + # + # 0 SM_DEBUG_MODE_OFF + # 1 SM_DEBUG_MODE_SIMPLE + # 512 SM_DEBUG_MODE_MODERATE + # 524288 SM_DEBUG_MODE_ADVANCED + # 536870912 SM_DEBUG_MODE_STRICT + # + print "\n# Enabled? Description\n"; + print "---------------------------------------------------------------------\n"; + print "0 " . ($sm_debug_mode == 0 ? "y" : " ") + . " No debugging (recommended in production environments)\n"; + print "1 " . ($sm_debug_mode & 1 ? "y" : " ") + . " Simple debugging (PHP E_ERROR)\n"; + print "2 " . ($sm_debug_mode & 512 ? "y" : " ") + . " Moderate debugging (PHP E_ALL without E_STRICT)\n"; + print "3 " . ($sm_debug_mode & 524288 ? "y" : " ") + . " Advanced debugging (PHP E_ALL (without E_STRICT) plus\n"; + print " log errors intentionally suppressed)\n"; + print "4 " . ($sm_debug_mode & 536870912 ? "y" : " ") + . " Strict debugging (PHP E_ALL and E_STRICT)\n"; + print "\n"; + + print "SquirrelMail debug mode (0,1,2,3,4) or d when done? : $WHT"; + $input = ; + if ( $input eq "d\n" ) { + # nothing + } elsif ($input !~ /^[0-9]+\n$/) { + print "\nInvalid configuration value.\n"; + print "\nPress enter to continue..."; + $tmp = ; + } elsif ( $input == "0\n" ) { + $sm_debug_mode = 0; + } elsif ( $input == "1\n" ) { + if ($sm_debug_mode & 1) { + $sm_debug_mode ^= 1; + } else { + $sm_debug_mode |= 1; + } + } elsif ( $input == "2\n" ) { + if ($sm_debug_mode & 512) { + $sm_debug_mode ^= 512; + } else { + $sm_debug_mode |= 512; + } + } elsif ( $input == "3\n" ) { + if ($sm_debug_mode & 524288) { + $sm_debug_mode ^= 524288; + } else { + $sm_debug_mode |= 524288; + } + } elsif ( $input == "4\n" ) { + if ($sm_debug_mode & 536870912) { + $sm_debug_mode ^= 536870912; + } else { + $sm_debug_mode |= 536870912; + } + } else { + print "\nInvalid configuration value.\n"; + print "\nPress enter to continue..."; + $tmp = ; + } + print "\n"; + } + $sm_debug_mode = convert_debug_binary_integer_to_constants($sm_debug_mode); + return $sm_debug_mode; +} + +# Secured configuration mode (since 1.5.2) +sub commandB9 { + print "This option allows you to enable \"Secured Configuration\" mode,\n"; + print "which will guarantee that certain settings made herein will be\n"; + print "made immutable and will not be subject to override by either friendly\n"; + print "or unfriendly code/plugins. Only a small number of settings herein\n"; + print "will be used in this manner - just those that are deemed to be a\n"; + print "potential security threat when rouge plugin or other code may be\n"; + print "executed inside SquirrelMail.\n"; + print "\n"; + + if ( lc($secured_config) eq 'true' ) { + $default_value = "y"; + } else { + $default_value = "n"; + } + print "Enable secured configuration mode? (y/n) [$WHT$default_value$NRM]: $WHT"; + $secured_config = ; + if ( ( $secured_config =~ /^y\n/i ) || ( ( $secured_config =~ /^\n/ ) && ( $default_value eq "y" ) ) ) { + $secured_config = 'true'; + } else { + $secured_config = 'false'; + } + return $secured_config; +} + +# Set a (non-standard) HTTPS port +sub commandB10 { + print "If you run HTTPS (SSL-secured HTTP) on a non-standard port, you should\n"; + print "indicate that port here. Even if you do not, SquirrelMail may still\n"; + print "auto-detect secure connections, but it is safer and also very useful\n"; + print "for third party plugins if you specify the port number here.\n"; + print "\n"; + print "Most SquirrelMail administrators will not need to use this setting\n"; + print "because most all web servers use port 443 for HTTPS connections, and\n"; + print "SquirrelMail assumes 443 unless something else is given here.\n"; + print "\n"; + + print "Enter your HTTPS port [$sq_https_port]: "; + my $tmp = ; + $tmp = trim($tmp); + # value is not modified, if user hits Enter or enters space + if ($tmp ne '') { + # make sure that input is numeric + if ($tmp =~ /^\d+$/) { + $sq_https_port = $tmp; + } else { + print "\n"; + print "--- INPUT ERROR ---\n"; + print "\n"; + print "If you want to change this setting, you must enter a number.\n"; + print "If you want to keep the original value, just press Enter.\n\n"; + print "Press Enter to continue..."; + $tmp = ; + } + } + return $sq_https_port; +} + +# Ignore HTTP_X_FORWARDED_* headers? +sub commandB11 { + + if ( lc($sq_ignore_http_x_forwarded_headers) eq 'true' ) { + $default_value = "y"; + } else { + $default_value = "n"; + } + + print "Because HTTP_X_FORWARDED_* headers can be sent by the client and\n"; + print "therefore possibly exploited by an outsider, SquirrelMail ignores\n"; + print "them by default. If a proxy server or other machine sits between\n"; + print "clients and your SquirrelMail server, you can turn this off to\n"; + print "tell SquirrelMail to use such headers.\n"; + print "\n"; + + print "Ignore HTTP_X_FORWARDED headers? (y/n) [$WHT$default_value$NRM]: $WHT"; + $sq_ignore_http_x_forwarded_headers = ; + if ( ( $sq_ignore_http_x_forwarded_headers =~ /^y\n/i ) || ( ( $sq_ignore_http_x_forwarded_headers =~ /^\n/ ) && ( $default_value eq "y" ) ) ) { + $sq_ignore_http_x_forwarded_headers = 'true'; + } else { + $sq_ignore_http_x_forwarded_headers = 'false'; + } + return $sq_ignore_http_x_forwarded_headers; +} + sub save_data { $tab = " "; if ( open( CF, ">config.php" ) ) { @@ -4288,7 +4897,6 @@ sub save_data { print CF " * Created using the configure script, conf.pl\n"; print CF " */\n"; print CF "\n"; - print CF "global \$version;\n"; if ($print_config_version) { print CF "\$config_version = '$print_config_version';\n"; @@ -4358,6 +4966,8 @@ sub save_data { # boolean print CF "\$pop_before_smtp = $pop_before_smtp;\n"; # string + print CF "\$pop_before_smtp_host = '$pop_before_smtp_host';\n"; + # string print CF "\$imap_server_type = '$imap_server_type';\n"; # boolean print CF "\$invert_time = $invert_time;\n"; @@ -4427,6 +5037,8 @@ sub save_data { # boolean print CF "\$edit_name = $edit_name;\n"; # boolean + print CF "\$edit_reply_to = $edit_reply_to;\n"; + # boolean print CF "\$hide_auth_header = $hide_auth_header;\n"; # boolean print CF "\$disable_thread_sort = $disable_thread_sort;\n"; @@ -4501,7 +5113,15 @@ sub save_data { if ( $templateset_fallback eq '' ) { $templateset_fallback = 'default'; } print CF "\$templateset_fallback = '$templateset_fallback';\n"; + if ( $rpc_templateset eq '' ) { $rpc_templateset = 'default_rpc'; } + print CF "\$rpc_templateset = '$rpc_templateset';\n"; + for ( $count = 0 ; $count <= $#templateset_name ; $count++ ) { + + # don't include RPC template sets + # + if ( $templateset_id[$count] =~ /_rpc$/ ) { next; } + print CF "\$aTemplateSet[$count]['ID'] = '" . $templateset_id[$count] . "';\n"; # escape theme name so it can contain single quotes. $esc_name = $templateset_name[$count]; @@ -4593,7 +5213,7 @@ sub save_data { # integer print CF " 'search_tree' => $ldap_search_tree[$count]"; } - if ( $ldap_listing[$count] ) { + if ( $ldap_starttls[$count] ) { print CF ",\n"; # boolean print CF " 'starttls' => $ldap_starttls[$count]"; @@ -4648,31 +5268,52 @@ sub save_data { print CF "\$smtp_sitewide_pass = '". quote_single($smtp_sitewide_pass) ."';\n"; # string print CF "\$imap_auth_mech = '$imap_auth_mech';\n"; - # boolean + # integer print CF "\$use_imap_tls = $use_imap_tls;\n"; - # boolean + # integer print CF "\$use_smtp_tls = $use_smtp_tls;\n"; + # boolean + print CF "\$display_imap_login_error = $display_imap_login_error;\n"; # string print CF "\$session_name = '$session_name';\n"; # boolean - print CF "\$only_secure_cookies = $only_secure_cookies;\n"; + print CF "\$only_secure_cookies = $only_secure_cookies;\n"; + print CF "\$disable_security_tokens = $disable_security_tokens;\n"; + + # string + print CF "\$check_referrer = '$check_referrer';\n"; + + # boolean + print CF "\$use_transparent_security_image = $use_transparent_security_image;\n"; print CF "\n"; # boolean print CF "\$use_iframe = $use_iframe;\n"; - print CF "\n"; + # boolean + print CF "\$ask_user_info = $ask_user_info;\n"; # boolean print CF "\$use_icons = $use_icons;\n"; print CF "\n"; # boolean print CF "\$use_php_recode = $use_php_recode;\n"; - print CF "\n"; # boolean print CF "\$use_php_iconv = $use_php_iconv;\n"; print CF "\n"; # boolean + print CF "\$buffer_output = $buffer_output;\n"; + print CF "\n"; + # boolean print CF "\$allow_remote_configtest = $allow_remote_configtest;\n"; + print CF "\$secured_config = $secured_config;\n"; + # integer + print CF "\$sq_https_port = $sq_https_port;\n"; + # boolean + print CF "\$sq_ignore_http_x_forwarded_headers = $sq_ignore_http_x_forwarded_headers;\n"; + # (binary) integer or constant - convert integer + # values to constants before output + $sm_debug_mode = convert_debug_binary_integer_to_constants($sm_debug_mode); + print CF "\$sm_debug_mode = $sm_debug_mode;\n"; print CF "\n"; close CF; @@ -4857,6 +5498,50 @@ sub set_defaults { $message = "\nIf you use IMAPdir depot, you must set default folder prefix to empty string.\n"; $continue = 1; + } elsif ( $server eq "gmail" ) { + $imap_server_type = "gmail"; + $default_folder_prefix = ""; + $trash_folder = "[Gmail]/Trash"; + $default_move_to_trash = true; + $sent_folder = "[Gmail]/Sent Mail"; + $draft_folder = "[Gmail]/Drafts"; + $auto_create_special = false; + $show_prefix_option = false; + $default_sub_of_inbox = false; + $show_contain_subfolders_option = false; + $delete_folder = true; + $force_username_lowercase = false; + $optional_delimiter = "/"; + $disp_default_folder_prefix = ""; + $domain = "gmail.com"; + $imapServerAddress = "imap.gmail.com"; + $imapPort = 993; + $use_imap_tls = 1; + $imap_auth_mech = "login"; + $smtpServerAddress = "smtp.gmail.com"; + $smtpPort = 465; + $pop_before_smtp = false; + $useSendmail = false; + $use_smtp_tls = 1; + $smtp_auth_mech = "login"; + $continue = 1; + + # Gmail changes system folder names (Drafts, Sent, Trash) out + # from under you when the user changes language settings + $message = "\nNOTE! When a user changes languages in Gmail's interface, the\n" + . "Drafts, Sent and Trash folder names are changed to localized\n" + . "versions thereof. To see those folders correctly in SquirrelMail,\n" + . "the user should change the SquirrelMail language to match.\n" + . "Moreover, SquirrelMail then needs to be told what folders to use\n" + . "for Drafts, Sent and Trash in Options --> Folder Preferences.\n" + . "These default settings will only correctly find the Sent, Trash\n" + . "and Drafts folders if both Gmail and SquirrelMail languages are\n" + . "set to English.\n\n" + . "Also note that in some regions (Europe?), the default folder\n" + . "names (see main menu selection 3. Folder Defaults) are different\n" + . "(they may need to have the prefix \"[Google Mail]\" instead of\n" + . "\"[Gmail]\") and \"Trash\" may be called \"Bin\" instead.\n"; + } elsif ( $server eq "quit" ) { $continue = 1; } else { @@ -4888,12 +5573,13 @@ sub set_defaults { # the SM directory tree, the SM_PATH variable will be # prepended to the path, if not, then the path will be # converted to an absolute path, e.g. -# '../images/logo.gif' --> SM_PATH . 'images/logo.gif' -# '../../someplace/data' --> '/absolute/path/someplace/data' -# 'images/logo.gif' --> SM_PATH . 'config/images/logo.gif' -# '/absolute/path/logo.gif' --> '/absolute/path/logo.gif' -# 'http://whatever/' --> 'http://whatever' -# $some_var/path --> "$some_var/path" +# '../images/logo.gif' --> SM_PATH . 'images/logo.gif' +# '../../someplace/data' --> '/absolute/path/someplace/data' +# 'images/logo.gif' --> SM_PATH . 'config/images/logo.gif' +# '/absolute/path/logo.gif' --> '/absolute/path/logo.gif' +# 'C:\absolute\path\logo.gif' --> 'C:\absolute\path\logo.gif' +# 'http://whatever/' --> 'http://whatever' +# $some_var/path --> "$some_var/path" sub change_to_SM_path() { my ($old_path) = @_; my $new_path = ''; @@ -4904,7 +5590,7 @@ sub change_to_SM_path() { # If the path is absolute, don't bother. return "\'" . $old_path . "\'" if ( $old_path eq ''); return "\'" . $old_path . "\'" if ( $old_path =~ /^(\/|http)/ ); - return "\'" . $old_path . "\'" if ( $old_path =~ /^\w:\// ); + return "\'" . $old_path . "\'" if ( $old_path =~ /^\w:(\\|\/)/ ); return $old_path if ( $old_path =~ /^\'(\/|http)/ ); return $old_path if ( $old_path =~ /^\'\w:\// ); return $old_path if ( $old_path =~ /^SM_PATH/); @@ -5022,14 +5708,11 @@ sub detect_auth_support { # So at this point, we have a response, and it is (hopefully) valid. if ($service eq 'SMTP') { - if (($response =~ /^535/) or ($response =~/^502/)) { + if (!($response =~ /^334/)) { # Not supported print $sock $logout; close $sock; return 'NO'; - } elsif ($response =~ /^503/) { - #Something went wrong - return undef; } } elsif ($service eq 'IMAP') { if ($response =~ /^A01/) { @@ -5084,7 +5767,7 @@ sub check_imap_folder($) { } elsif ($folder_name =~ /[&\*\%]/) { # check for ampersand and list-wildcards print "Folder name contains special UTF7-IMAP characters.\n"; - print "Are you sure that folder name is correct? (yN): "; + print "Are you sure that folder name is correct? (y/N): "; my $tmp = ; $tmp = lc(trim($tmp)); if ($tmp =~ /^y$/) { @@ -5166,6 +5849,61 @@ sub get_plugin_version() { } +# determine a plugin's English name +# +# parses the setup.php file, looking for the +# English name in the _info() function. +# +sub get_plugin_english_name() { + + my $plugin_name = shift(@_); + + $setup_file = '../plugins/' . $plugin_name . '/setup.php'; + if ( -e "$setup_file" ) { + # Make sure that file is readable + if (! -r "$setup_file") { + print "\n"; + print "WARNING:\n"; + print "The file \"$setup_file\" was found, but you don't\n"; + print "have rights to read it. The plugin \""; + print $plugin_name . "\" may not work correctly until you fix this.\n"; + print "\nPress enter to continue"; + $ctu = ; + print "\n"; + next; + } + + $english_name = ''; +# FIXME: grep the file instead of reading it into memory? + $whole_file = ''; + open( FILE, "$setup_file" ); + while ( $line = ) { + $whole_file .= $line; + } + close(FILE); + + # the English name is in the _info function or nothing... + # + if ($whole_file =~ /('english_name'\s*=>\s*['"](.*?)['"])/) { + $english_name .= $2; + } + + return $english_name; + + } else { + print "\n"; + print "WARNING:\n"; + print "The file \"$setup_file\" was not found.\n"; + print "The plugin \"" . $plugin_name; + print "\" may not work correctly until you fix this.\n"; + print "\nPress enter to continue"; + $ctu = ; + print "\n"; + next; + } + +} + # parses the setup.php files for all activated plugins and # builds static plugin hooks array so we don't have to load # ALL plugins are runtime and build the hook array on every @@ -5362,3 +6100,174 @@ PLUGIN: for ( $ct = 0 ; $ct <= $#plugins ; $ct++ ) { } +# converts (binary) integer values that correspond +# to the SquirrelMail debug mode constants (see +# include/constants.php) into those constant strings +# (bitwise or'd if more than one is enabled) +# +# if the value passed in is not an integer, it is +# returned unmolested +# +sub convert_debug_binary_integer_to_constants() { + + my ($debug_mode) = @_; + if ($debug_mode =~ /^[^0-9]/) { + return $debug_mode; + } + $debug_mode = int($debug_mode); + $new_debug_mode = ''; + + # per include/constants.php, here are their values: + # + # 0 SM_DEBUG_MODE_OFF + # 1 SM_DEBUG_MODE_SIMPLE + # 512 SM_DEBUG_MODE_MODERATE + # 524288 SM_DEBUG_MODE_ADVANCED + # 536870912 SM_DEBUG_MODE_STRICT + # + if ($debug_mode & 1) { + $new_debug_mode .= ' | SM_DEBUG_MODE_SIMPLE'; + } + if ($debug_mode & 512) { + $new_debug_mode .= ' | SM_DEBUG_MODE_MODERATE'; + } + if ($debug_mode & 524288) { + $new_debug_mode .= ' | SM_DEBUG_MODE_ADVANCED'; + } + if ($debug_mode & 536870912) { + $new_debug_mode .= ' | SM_DEBUG_MODE_STRICT'; + } + + $new_debug_mode =~ s/^ \| //; + if (!$new_debug_mode) { + $new_debug_mode = 'SM_DEBUG_MODE_OFF'; + } + + return $new_debug_mode; +} + +# converts SquirrelMail debug mode constants (see +# include/constants.php) into their corresponding +# (binary) integer values +# +# if the value passed in is an integer already, it +# is returned unmolested +# +sub convert_debug_constants_to_binary_integer() { + + my ($debug_mode) = @_; + if ($debug_mode =~ /^[0-9]/) { + return $debug_mode; + } + $new_debug_mode = 0; + + # per include/constants.php, here are their values: + # + # 0 SM_DEBUG_MODE_OFF + # 1 SM_DEBUG_MODE_SIMPLE + # 512 SM_DEBUG_MODE_MODERATE + # 524288 SM_DEBUG_MODE_ADVANCED + # 536870912 SM_DEBUG_MODE_STRICT + # + if ($debug_mode =~ /\bSM_DEBUG_MODE_OFF\b/) { + $new_debug_mode = 0; + } + if ($debug_mode =~ /\bSM_DEBUG_MODE_SIMPLE\b/) { + $new_debug_mode |= 1; + } + if ($debug_mode =~ /\bSM_DEBUG_MODE_MODERATE\b/) { + $new_debug_mode |= 512; + } + if ($debug_mode =~ /\bSM_DEBUG_MODE_ADVANCED\b/) { + $new_debug_mode |= 524288; + } + if ($debug_mode =~ /\bSM_DEBUG_MODE_STRICT\b/) { + $new_debug_mode |= 536870912; + } + + return $new_debug_mode; +} + +# Function to print n column numbered lists +# +# WARNING: the names in the list will be truncated +# to fit in their respective columns based on the +# screen width and number of columns. +# +# Expected arguments (in this order): +# +# * The start number to use for the list +# * The number of columns to use +# * The screen width +# * Boolean (zero/one), indicating +# whether or not to show item numbers +# * The list of strings to be shown +# +# Returns: The number printed on screen of the last item in the list +# +sub print_multi_col_list { + my ($num, $cols, $screen_width, $show_numbering, @list) = @_; + my $x; + my $col_cnt = 0; + my $row_cnt = 0; + my $rows; + my $col_width; + my $total = 0; + my @layout = (); + my @numbers = (); + + $rows = int(@list / $cols); + if (@list % $cols) { $rows++; } + if ($show_numbering) { $col_width = int(($screen_width - 2) / $cols) - 5; } + else { $col_width = int(($screen_width - 2) / $cols) - 2; } + + # build the layout array so numbers run down each column + # + for ( $x = 0; $x < @list; $x++ ) { + + $layout[$row_cnt][$col_cnt] = $list[$x]; + $numbers[$row_cnt][$col_cnt] = $num++; + + # move to next column + # + if ($row_cnt == $rows - 1) { + $row_cnt = 0; + $col_cnt++; + } + else { $row_cnt++; } + + } + + # if we filled up fewer rows than needed, recalc column width + # + if ($rows * $col_cnt == @list) { $col_cnt--; } # loop above ended right after increment + if ($col_cnt + 1 < $cols) { + if ($show_numbering) { $col_width = int(($screen_width - 2) / ($col_cnt + 1)) - 5; } + else { $col_width = int(($screen_width - 2) / ($col_cnt + 1)) - 2; } + } + + # print it + # iterate rows + # + for ( $row_cnt = 0; $row_cnt <= $rows; $row_cnt++ ) { + + # indent the row + # + print " "; + + # iterate columns for this row + # + for ( $col_cnt = 0; $col_cnt <= $cols; $col_cnt++ ) { + if ($layout[$row_cnt][$col_cnt]) { + print " "; + if ($show_numbering) { printf "$WHT% 2u.$NRM", $numbers[$row_cnt][$col_cnt]; } + printf " %-$col_width." . $col_width . "s", $layout[$row_cnt][$col_cnt]; + } + } + print "\n"; + } + + + return $num - 1; +} +