X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=functions%2Ffile_prefs.php;h=601dba987871f1a64c81882abc1da7b628a65c33;hp=a4bfeace80d83102d2c94d999c9231970878ab1b;hb=11e62dd0fef499029744a33795aa7ac53e51c3b0;hpb=9be8198db452ada405ad990214d7a3b26d129a33
diff --git a/functions/file_prefs.php b/functions/file_prefs.php
index a4bfeace..601dba98 100644
--- a/functions/file_prefs.php
+++ b/functions/file_prefs.php
@@ -3,29 +3,40 @@
/**
* file_prefs.php
*
- * Copyright (c) 1999-2002 The SquirrelMail Project Team
- * Licensed under the GNU GPL. For full terms see the file COPYING.
- *
* This contains functions for manipulating user preferences in files
*
- * $Id$
+ * @copyright 1999-2020 The SquirrelMail Project Team
+ * @license http://opensource.org/licenses/gpl-license.php GNU Public License
+ * @version $Id$
+ * @package squirrelmail
+ * @subpackage prefs
+ * @since 1.2.5
*/
-global $prefs_are_cached, $prefs_cache;
/**
* Check the preferences into the session cache.
+ *
+ * @param string $data_dir
+ * @param string $username
+ *
+ * @since 1.1.3
+ *
*/
function cachePrefValues($data_dir, $username) {
global $prefs_are_cached, $prefs_cache;
-
+
+ sqgetGlobalVar('prefs_are_cached', $prefs_are_cached, SQ_SESSION );
if ( isset($prefs_are_cached) && $prefs_are_cached) {
+ sqgetGlobalVar('prefs_cache', $prefs_cache, SQ_SESSION );
+// sm_print_r($prefs_cache);
+// exit;
return;
}
-
- session_unregister('prefs_cache');
- session_unregister('prefs_are_cached');
-
+
+ sqsession_unregister('prefs_cache');
+ sqsession_unregister('prefs_are_cached');
+
/* Calculate the filename for the user's preference file */
$filename = getHashedFile($username, $data_dir, "$username.pref");
@@ -35,112 +46,182 @@ function cachePrefValues($data_dir, $username) {
/* Make sure that the preference file now DOES exist. */
if (!file_exists($filename)) {
- include_once( '../functions/display_messages.php' );
logout_error( sprintf( _("Preference file, %s, does not exist. Log out, and log back in to create a default preference file."), $filename) );
exit;
}
- $file = fopen($filename, 'r');
+ /* Open the file, or else display an error to the user. */
+ if(!$file = @fopen($filename, 'r'))
+ {
+ logout_error( sprintf( _("Preference file, %s, could not be opened. Contact your system administrator to resolve this issue."), $filename) );
+ exit;
+ }
/* Read in the preferences. */
$highlight_num = 0;
while (! feof($file)) {
- $pref = trim(fgets($file, 1024));
+ $pref = '';
+ /* keep reading a pref until we reach an eol (\n (or \r for macs)) */
+ while($read = fgets($file, 1024))
+ {
+ $pref .= $read;
+ if(strpos($read,"\n") || strpos($read,"\r"))
+ break;
+ }
+ $pref = trim($pref);
$equalsAt = strpos($pref, '=');
if ($equalsAt > 0) {
$key = substr($pref, 0, $equalsAt);
$value = substr($pref, $equalsAt + 1);
+
+//FIXME: this code is not in db_prefs.php that I can see
+ /* this is to 'rescue' old-style highlighting rules. */
if (substr($key, 0, 9) == 'highlight') {
$key = 'highlight' . $highlight_num;
$highlight_num ++;
}
+//FIXME: this code is not in db_prefs.php that I can see
if ($value != '') {
$prefs_cache[$key] = $value;
}
}
- }
- fclose($file);
+ }
+ fclose($file);
$prefs_are_cached = TRUE;
- session_register('prefs_cache');
- session_register('prefs_are_cached');
+ sqsession_register($prefs_cache, 'prefs_cache');
+ sqsession_register($prefs_are_cached, 'prefs_are_cached');
}
-
+
/**
- * Return the value for the prefernce given by $string.
+ * Return the value for the desired preference.
+ *
+ * @param string $data_dir data directory
+ * @param string $username user name
+ * @param string $pref_name preference name
+ * @param string $default (since 1.2.0) default preference value
+ *
+ * @return mixed
+ *
*/
-function getPref($data_dir, $username, $string, $default = '') {
+function getPref($data_dir, $username, $pref_name, $default = '') {
global $prefs_cache;
- $result = '';
-
- cachePrefValues($data_dir, $username);
- if (isset($prefs_cache[$string])) {
- $result = $prefs_cache[$string];
- } else {
- $result = $default;
+ $temp = array(&$username, &$pref_name);
+ $result = do_hook('get_pref_override', $temp);
+ if (is_null($result)) {
+ cachePrefValues($data_dir, $username);
+ if (isset($prefs_cache[$pref_name])) {
+ $result = $prefs_cache[$pref_name];
+ } else {
+//FIXME: is there a justification for having two prefs hooks so close? who uses them?
+ $temp = array(&$username, &$pref_name);
+ $result = do_hook('get_pref', $temp);
+ if (is_null($result)) {
+ $result = $default;
+ }
+ }
}
-
return ($result);
}
/**
* Save the preferences for this user.
+ *
+ * @param string $data_dir data directory
+ * @param string $username user name
+ *
+ * @since 1.1.3
+ *
*/
function savePrefValues($data_dir, $username) {
global $prefs_cache;
-
+
$filename = getHashedFile($username, $data_dir, "$username.pref");
- $file = fopen($filename, 'w');
+ /* Open the file for writing, or else display an error to the user. */
+ if(!$file = @fopen($filename.'.tmp', 'w'))
+ {
+ logout_error( sprintf( _("Preference file, %s, could not be opened. Contact your system administrator to resolve this issue."), $filename.'.tmp') );
+ exit;
+ }
foreach ($prefs_cache as $Key => $Value) {
if (isset($Value)) {
- fwrite($file, $Key . '=' . $Value . "\n");
+ if ( sq_fwrite($file, $Key . '=' . $Value . "\n") === FALSE ) {
+ logout_error( sprintf( _("Preference file, %s, could not be written. Contact your system administrator to resolve this issue.") , $filename . '.tmp') );
+ exit;
+ }
}
}
fclose($file);
- chmod($filename, 0600);
+ if (! @copy($filename . '.tmp',$filename) ) {
+ logout_error( sprintf( _("Preference file, %s, could not be copied from temporary file, %s. Contact your system administrator to resolve this issue."), $filename, $filename . '.tmp') );
+ exit;
+ }
+ @unlink($filename . '.tmp');
+ @chmod($filename, 0600);
+ sqsession_register($prefs_cache , 'prefs_cache');
}
/**
* Remove a preference for the current user.
+ *
+ * @param string $data_dir data directory
+ * @param string $username user name
+ * @param string $pref_name preference name
+ *
*/
-function removePref($data_dir, $username, $string) {
+function removePref($data_dir, $username, $pref_name) {
global $prefs_cache;
cachePrefValues($data_dir, $username);
-
- if (isset($prefs_cache[$string])) {
- unset($prefs_cache[$string]);
+
+ if (isset($prefs_cache[$pref_name])) {
+ unset($prefs_cache[$pref_name]);
}
-
+
savePrefValues($data_dir, $username);
}
/**
- * Set a there preference $string to $value.
+ * Set the desired preference setting ($pref_name)
+ * to whatever is in $value.
+ *
+ * @param string $data_dir data directory
+ * @param string $username user name
+ * @param string $pref_name preference name
+ * @param mixed $value preference value
+ *
*/
-function setPref($data_dir, $username, $string, $value) {
+function setPref($data_dir, $username, $pref_name, $value) {
global $prefs_cache;
cachePrefValues($data_dir, $username);
- if (isset($prefs_cache[$string]) && ($prefs_cache[$string] == $value)) {
+ if (isset($prefs_cache[$pref_name]) && ($prefs_cache[$pref_name] == $value)) {
return;
}
if ($value === '') {
- removePref($data_dir, $username, $string);
+ removePref($data_dir, $username, $pref_name);
return;
}
- $prefs_cache[$string] = $value;
+ $prefs_cache[$pref_name] = $value;
savePrefValues($data_dir, $username);
}
/**
* Check for a preferences file. If one can not be found, create it.
+ *
+ * @param string $data_dir data directory
+ * @param string $username user name
+ * @param string $filename (since 1.2.0) preference file name.
+ * (OPTIONAL; default is an empty string,
+ * in which case the file name is
+ * automatically detected)
+ *
*/
function checkForPrefs($data_dir, $username, $filename = '') {
/* First, make sure we have the filename. */
@@ -150,31 +231,42 @@ function checkForPrefs($data_dir, $username, $filename = '') {
/* Then, check if the file exists. */
if (!@file_exists($filename) ) {
- /* First, check the $data_dir for the default preference file. */
+
+ /* If it does not exist, check for default_prefs */
+
+ /* First, check legacy locations: data dir */
+ if(substr($data_dir,-1) != '/') {
+ $data_dir .= '/';
+ }
$default_pref = $data_dir . 'default_pref';
- /* If it is not there, check the internal data directory. */
+ /* or legacy location: internal data dir */
if (!@file_exists($default_pref)) {
- $default_pref = '../data/default_pref';
+ $default_pref = SM_PATH . 'data/default_pref';
}
- /* Otherwise, report an error. */
- $errTitle = sprintf( _("Error opening %s"), $default_pref );
- if (!file_exists($default_pref)) {
- $errString = $errTitle . "
\n" .
- _("Default preference file not found!") . "
\n" .
- _("Please contact your system administrator and report this error.") . "
\n";
- include_once( '../functions/display_messages.php' );
- logout_error( $errString, $errTitle );
- exit;
- } else if (!@copy($default_pref, $filename)) {
- $user_data = posix_getpwuid(posix_getuid());
- $uid = $user_data['name'];
- $errString = $errTitle . '
' .
- _("Could not create initial preference file!") . "
\n" .
- sprintf( _("%s should be writable by user %s"), $data_dir, $uid ) .
- "
\n" . _("Please contact your system administrator and report this error.") . "
\n";
- include_once( '../functions/display_messages.php' );
+ /* If no legacies, check where we'd expect it to be located:
+ * under config/ */
+ if (!@file_exists($default_pref)) {
+ $default_pref = SM_PATH . 'config/default_pref';
+ }
+
+ /* If a default_pref file found, try to copy it, if none found,
+ * try to create an empty one. If that fails, report an error.
+ */
+ if (
+ ( is_readable($default_pref) && !@copy($default_pref, $filename) ) ||
+ !@touch($filename)
+ ) {
+ $uid = 'that the web server is running as';
+ if (function_exists('posix_getuid')){
+ $user_data = posix_getpwuid(posix_getuid());
+ $uid = $user_data['name'];
+ }
+ $errTitle = _("Could not create initial preference file!");
+ $errString = $errTitle . "\n" .
+ sprintf( _("%s should be writable by the user %s."), $data_dir, $uid ) . "\n" .
+ _("Please contact your system administrator and report this error.") ;
logout_error( $errString, $errTitle );
exit;
}
@@ -183,23 +275,61 @@ function checkForPrefs($data_dir, $username, $filename = '') {
/**
* Write the User Signature.
+ *
+ * @param string $data_dir data directory
+ * @param string $username user name
+ * @param integer $number (since 1.2.5) identity number.
+ * (before 1.2.5., this parameter
+ * was used for the signature value)
+ * @param string $value (since 1.2.5) signature value
+ *
*/
function setSig($data_dir, $username, $number, $value) {
+ // Limit signature size to 64KB (database BLOB limit)
+ if (strlen($value)>65536) {
+ error_option_save(_("Signature is too big."));
+ return;
+ }
$filename = getHashedFile($username, $data_dir, "$username.si$number");
- $file = fopen($filename, 'w');
- fwrite($file, $value);
+ /* Open the file for writing, or else display an error to the user. */
+ if(!$file = @fopen("$filename.tmp", 'w')) {
+ logout_error( sprintf( _("Signature file, %s, could not be opened. Contact your system administrator to resolve this issue."), $filename . '.tmp') );
+ exit;
+ }
+ if ( sq_fwrite($file, $value) === FALSE ) {
+ logout_error( sprintf( _("Signature file, %s, could not be written. Contact your system administrator to resolve this issue.") , $filename . '.tmp'));
+ exit;
+ }
fclose($file);
+ if (! @copy($filename . '.tmp',$filename) ) {
+ logout_error( sprintf( _("Signature file, %s, could not be copied from temporary file, %s. Contact your system administrator to resolve this issue."), $filename, $filename . '.tmp') );
+ exit;
+ }
+ @unlink($filename . '.tmp');
+ @chmod($filename, 0600);
+
}
/**
* Get the signature.
+ *
+ * @param string $data_dir data directory
+ * @param string $username user name
+ * @param integer $number (since 1.2.5) identity number
+ *
+ * @return string signature
+ *
*/
function getSig($data_dir, $username, $number) {
- #$filename = $data_dir . $username . '.si$number';
$filename = getHashedFile($username, $data_dir, "$username.si$number");
$sig = '';
if (file_exists($filename)) {
- $file = fopen($filename, 'r');
+ /* Open the file, or else display an error to the user. */
+ if(!$file = @fopen($filename, 'r'))
+ {
+ logout_error( sprintf( _("Signature file, %s, could not be opened. Contact your system administrator to resolve this issue."), $filename) );
+ exit;
+ }
while (!feof($file)) {
$sig .= fgets($file, 1024);
}
@@ -207,3 +337,5 @@ function getSig($data_dir, $username, $number) {
}
return $sig;
}
+
+// vim: et ts=4