X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=contrib%2Fdecrypt_headers.php;h=f053ed98870be44b0129f87273f2939d751c2893;hp=1e38107378b43efb9cc49a8f4bf150836b19f6d6;hb=de3178dc1a5117827e254544c6f164dba653ad83;hpb=432db2fc4af6edc726e9a52f023cd3bd1d664667

diff --git a/contrib/decrypt_headers.php b/contrib/decrypt_headers.php
index 1e381073..f053ed98 100644
--- a/contrib/decrypt_headers.php
+++ b/contrib/decrypt_headers.php
@@ -1,24 +1,10 @@
 <?php
+
 /**
  * Script provides form to decode encrypted header information.
  *
- * Copyright (c) 2005 The SquirrelMail Project Team
- * This file is part of SquirrelMail webmail interface.
- *
- * SquirrelMail is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * SquirrelMail is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with SquirrelMail; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
- *
+ * @copyright &copy; 2005-2009 The SquirrelMail Project Team
+ * @license http://opensource.org/licenses/gpl-license.php GNU Public License
  * @version $Id$
  * @package squirrelmail
  */
@@ -30,10 +16,11 @@
 define('SM_PATH','../');
 
 /**
- * include SquirrelMail string functions
+ * include SquirrelMail string and generic functions
  * script needs OneTimePadDecrypt() (functions/strings.php)
- * and sqgetGlobalVar() (functions/global.php, loaded by strings.php)
+ * and sqgetGlobalVar() (functions/global.php)
  */
+include_once(SM_PATH.'functions/global.php');
 include_once(SM_PATH.'functions/strings.php');
 
 /**
@@ -41,7 +28,7 @@ include_once(SM_PATH.'functions/strings.php');
  * @param string $hex hexadecimal string created with squirrelmail ip2hex 
  *  function in delivery class.
  * @return string ip address
- * @since 1.5.1
+ * @since 1.5.1 and 1.4.5
  */
 function hex2ip($hex) {
     if (strlen($hex)==8) {
@@ -50,14 +37,14 @@ function hex2ip($hex) {
             .hexdec(substr($hex,4,2)).'.'
             .hexdec(substr($hex,6,2));
     } elseif (strlen($hex)==32) {
-        $ret=hexdec(substr($hex,0,4)).':'
-            .hexdec(substr($hex,4,4)).':'
-            .hexdec(substr($hex,8,4)).':'
-            .hexdec(substr($hex,12,4)).':'
-            .hexdec(substr($hex,16,4)).':'
-            .hexdec(substr($hex,20,4)).':'
-            .hexdec(substr($hex,24,4)).':'
-            .hexdec(substr($hex,28,4));
+        $ret=substr($hex,0,4).':'
+            .substr($hex,4,4).':'
+            .substr($hex,8,4).':'
+            .substr($hex,12,4).':'
+            .substr($hex,16,4).':'
+            .substr($hex,20,4).':'
+            .substr($hex,24,4).':'
+            .substr($hex,28,4);
     } else {
         $ret=$hex;
     }
@@ -67,38 +54,46 @@ function hex2ip($hex) {
 /** create page headers */
 header('Content-Type: text/html');
 
-echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">'
+echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"'."\n"
+    .'  "http://www.w3.org/TR/1999/REC-html401-19991224/loose.dtd">'
     ."\n<head>\n<meta name=\"robots\" content=\"noindex,nofollow\">\n"
     ."</head><body>";
 
 if (sqgetGlobalVar('submit',$submit,SQ_POST)) {
+    $continue = TRUE;
     if (! sqgetGlobalVar('secret',$secret,SQ_POST) ||
-        empty($secret))
-        echo "<p>You must enter encryption key.</p>\n";
+        empty($secret)) {
+        $continue = FALSE;
+        echo "<p>You must enter an encryption key.</p>\n";
+    }
     if (! sqgetGlobalVar('enc_string',$enc_string,SQ_POST) ||
-        empty($enc_string))
-        echo "<p>You must enter encrypted string.</p>\n";
+        empty($enc_string)) {
+        $continue = FALSE;
+        echo "<p>You must enter an encrypted string.</p>\n";
+    }
 
-    if (isset($enc_string) && ! base64_decode($enc_string)) {
-        echo "<p>Encrypted string should be BASE64 encoded.<br />\n"
-            ."Please enter all characters that are listed after header name.</p>\n";
-    } elseif (isset($secret)) {
-        $string=OneTimePadDecrypt($enc_string,base64_encode($secret));
+    if ($continue) {
+        if (isset($enc_string) && ! base64_decode($enc_string)) {
+            echo "<p>Encrypted string should be BASE64 encoded.<br />\n"
+                ."Please enter all characters that are listed after header name.</p>\n";
+        } elseif (isset($secret)) {
+            $string=OneTimePadDecrypt($enc_string,base64_encode($secret));
 
-        if (sqgetGlobalVar('ip_addr',$is_addr,SQ_POST)) {
-            $string=hex2ip($string);
+            if (sqgetGlobalVar('ip_addr',$is_addr,SQ_POST)) {
+                $string=hex2ip($string);
+            }
+            echo "<p>Decoded string: ".htmlspecialchars($string)."</p>\n";
         }
-        echo "<p>Decoded string: ".$string."</p>\n";
     }
     echo "<hr />";
 }
 ?>
-<form action="<?php echo $PHP_SELF ?>" method="post" >
+<form action="" method="post">
 <p>
 Secret key: <input type="password" name="secret"><br />
 Encrypted string: <input type="text" name="enc_string"><br />
-Check, if it is an address string: <input type="checkbox" name="ip_addr" /><br />
+<label for="ip_addr">Check here if you are decoding an address string (FromHash/ProxyHash): </label><input type="checkbox" name="ip_addr" id="ip_addr" /><br />
 <button type="submit" name="submit" value="submit">Submit</button>
 </p>
 </form>
-</body></html>
\ No newline at end of file
+</body></html>