X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=functions%2Fimap_general.php;h=b2062224f371b6883285866718e33ef7273e2ae7;hp=62945b91e34f658ff58f101422f85b69285c6efc;hb=b86c49398094717a28e7738283fea7c164c4c871;hpb=b4e0d36553528a83e1f311931a2678474b37f6ab diff --git a/functions/imap_general.php b/functions/imap_general.php index 62945b91..b2062224 100755 --- a/functions/imap_general.php +++ b/functions/imap_general.php @@ -5,7 +5,7 @@ * * This implements all functions that do general IMAP functions. * - * @copyright © 1999-2006 The SquirrelMail Project Team + * @copyright 1999-2011 The SquirrelMail Project Team * @license http://opensource.org/licenses/gpl-license.php GNU Public License * @version $Id$ * @package squirrelmail @@ -60,11 +60,14 @@ function sqimap_run_command_list ($imap_stream, $query, $handle_errors, &$respon $message = $message[$tag]; $response = $response[$tag]; return $read[$tag]; +//FIXME: obey $handle_errors below! } else { global $squirrelmail_language, $color; set_up_language($squirrelmail_language); +//FIXME: NO HTML IN CORE! $string = "\n" . _("ERROR: No available IMAP stream.") . +//FIXME: NO HTML IN CORE! "\n"; error_box($string); return false; @@ -110,11 +113,14 @@ function sqimap_run_command ($imap_stream, $query, $handle_errors, &$response, } else { return $read[$tag]; } +//FIXME: obey $handle_errors below! } else { global $squirrelmail_language, $color; set_up_language($squirrelmail_language); +//FIXME: NO HTML IN CORE! $string = "\n" . _("ERROR: No available IMAP stream.") . +//FIXME: NO HTML IN CORE! "\n"; error_box($string); return false; @@ -316,8 +322,10 @@ function sqimap_read_data_list($imap_stream, $tag, $handle_errors, &$response, &$message, $query = '') { global $color, $oTemplate, $squirrelmail_language; set_up_language($squirrelmail_language); +//FIXME: NO HTML IN CORE! $string = "\n" . _("ERROR: Bad function call.") . +//FIXME: NO HTML IN CORE! "
\n" . _("Reason:") . ' '. 'There is a plugin installed which make use of the
' . @@ -325,6 +333,7 @@ function sqimap_read_data_list($imap_stream, $tag, $handle_errors, 'Please adapt the installed plugin and let it use
'. 'sqimap_run_command or sqimap_run_command_list instead

'. 'The following query was issued:
'. +//FIXME: NO HTML IN CORE! htmlspecialchars($query) . '
' . "
\n"; error_box($string); $oTemplate->display('footer.tpl'); @@ -346,6 +355,7 @@ function sqimap_error_box($title, $query = '', $message_title = '', $message = ' global $color, $squirrelmail_language; set_up_language($squirrelmail_language); +//FIXME: NO HTML IN CORE! $string = "\n" . $title . "
\n"; $cmd = explode(' ',$query); $cmd= strtolower($cmd[0]); @@ -356,6 +366,7 @@ function sqimap_error_box($title, $query = '', $message_title = '', $message = ' $string .= $message_title; if ($message != '') $string .= htmlspecialchars($message); +//FIXME: NO HTML IN CORE! $string .= "
\n"; if ($link != '') $string .= $link; @@ -466,6 +477,7 @@ function sqimap_retrieve_imap_response($imap_stream, $tag, $handle_errors, we prohibid that literal responses appear in the outer loop so we can trust the untagged and tagged info provided by $read */ + $read_literal = false; if ($s === "}\r\n") { $j = strrpos($read,'{'); $iLit = substr($read,$j+1,-3); @@ -490,7 +502,9 @@ function sqimap_retrieve_imap_response($imap_stream, $tag, $handle_errors, if ($read === false) { /* error */ break 4; /* while while switch while */ } - $fetch_data[] = $read; + $s = substr($read,-3); + $read_literal = true; + continue; } else { $fetch_data[] = $read; } @@ -503,7 +517,7 @@ function sqimap_retrieve_imap_response($imap_stream, $tag, $handle_errors, /* check for next untagged reponse and break */ if ($read{0} == '*') break 2; $s = substr($read,-3); - } while ($s === "}\r\n"); + } while ($s === "}\r\n" || $read_literal); $s = substr($read,-3); } while ($read{0} !== '*' && substr($read,0,strlen($tag)) !== $tag); @@ -558,6 +572,7 @@ function sqimap_retrieve_imap_response($imap_stream, $tag, $handle_errors, $query = ''; } sqimap_error_box(_("ERROR: IMAP server closed the connection."), $query, _("Server responded:"),$sResponse); +//FIXME: NO HTML IN CORE! echo ''; exit; } else if ($handle_errors) { @@ -593,10 +608,12 @@ function sqimap_retrieve_imap_response($imap_stream, $tag, $handle_errors, break; case 'BAD': sqimap_error_box(_("ERROR: Bad or malformed request."), $query, _("Server responded:") . ' ', $message[$tag]); +//FIXME: NO HTML IN CORE! echo ''; exit; case 'BYE': sqimap_error_box(_("ERROR: IMAP server closed the connection."), $query, _("Server responded:") . ' ', $message[$tag]); +//FIXME: NO HTML IN CORE! echo ''; exit; default: @@ -671,6 +688,7 @@ function sqimap_create_stream($server,$port,$tls=0) { set_up_language($squirrelmail_language, true); require_once(SM_PATH . 'functions/display_messages.php'); logout_error( sprintf(_("Error connecting to IMAP server: %s."), $server). +//FIXME: NO HTML IN CORE! "
\r\n$error_number : $error_string
\r\n", sprintf(_("Error connecting to IMAP server: %s."), $server) ); exit; @@ -748,7 +766,7 @@ function sqimap_create_stream($server,$port,$tls=0) { /** * Logs the user into the IMAP server. If $hide is set, no error messages - * will be displayed (if set to 1, just exits, if set to 2, returns FALSE). + * will be displayed (if set to 1, just exits, if set to 2, returns FALSE). * This function returns the IMAP connection handle. * @param string $username user name * @param string $password password encrypted with onetimepad. Since 1.5.2 @@ -762,7 +780,7 @@ function sqimap_create_stream($server,$port,$tls=0) { * 2 = show no errors (return FALSE) * 3 = show no errors (return error string) * @return mixed The IMAP connection stream, or if the connection fails, - * FALSE if $hide is set to 2 or an error string if $hide + * FALSE if $hide is set to 2 or an error string if $hide * is set to 3. */ function sqimap_login ($username, $password, $imap_server_address, $imap_port, $hide) { @@ -777,11 +795,11 @@ function sqimap_login ($username, $password, $imap_server_address, $imap_port, $ if(!empty($authz)) { /* authz plugin - specific: - * Get proxy login parameters from authz plugin configuration. If they + * Get proxy login parameters from authz plugin configuration. If they * exist, they will override the current ones. * This is useful if we want to use different SASL authentication mechanism * and/or different TLS settings for proxy logins. */ - global $authz_imap_auth_mech, $authz_use_imap_tls, $authz_imapPort_tls; + global $authz_imap_auth_mech, $authz_use_imap_tls, $authz_imapPort_tls; $imap_auth_mech = !empty($authz_imap_auth_mech) ? strtolower($authz_imap_auth_mech) : $imap_auth_mech; $use_imap_tls = !empty($authz_use_imap_tls)? $authz_use_imap_tls : $use_imap_tls; $imap_port = !empty($authz_use_imap_tls)? $authz_imapPort_tls : $imap_port; @@ -939,7 +957,7 @@ function sqimap_login ($username, $password, $imap_server_address, $imap_port, $ set_up_language($squirrelmail_language, true); sqsession_destroy(); - sqsetcookieflush(); + /* terminate the session nicely */ sqimap_logout($imap_stream); if ($hide == 3) return _("Unknown user or password incorrect."); @@ -1053,12 +1071,12 @@ function sqimap_get_delimiter ($imap_stream = false) { * OS: According to rfc2342 response from NAMESPACE command is: * OS: * NAMESPACE (PERSONAL NAMESPACES) (OTHER_USERS NAMESPACE) (SHARED NAMESPACES) * OS: We want to lookup all personal NAMESPACES... - * + * * TODO: remove this in favour of the information from sqimap_get_namespace() */ $read = sqimap_run_command($imap_stream, 'NAMESPACE', true, $a, $b); - if (eregi('\\* NAMESPACE +(\\( *\\(.+\\) *\\)|NIL) +(\\( *\\(.+\\) *\\)|NIL) +(\\( *\\(.+\\) *\\)|NIL)', $read[0], $data)) { - if (eregi('^\\( *\\((.*)\\) *\\)', $data[1], $data2)) { + if (preg_match('/\* NAMESPACE +(\( *\(.+\) *\)|NIL) +(\( *\(.+\) *\)|NIL) +(\( *\(.+\) *\)|NIL)/i', $read[0], $data)) { + if (preg_match('/^\( *\((.*)\) *\)/', $data[1], $data2)) { $pn = $data2[1]; } $pna = explode(')(', $pn); @@ -1094,7 +1112,7 @@ function sqimap_get_namespace($imap_stream) { $read = sqimap_run_command($imap_stream, 'NAMESPACE', true, $a, $b); return sqimap_parse_namespace($read[0]); } - + /** * Parses a NAMESPACE response and returns an array with the available * personal, users and shared namespaces. @@ -1120,7 +1138,7 @@ function sqimap_parse_namespace(&$input) { $ns_strings = array(1=>'personal', 2=>'users', 3=>'shared'); $namespace = array(); - if(ereg('NAMESPACE (\(\(.*\)\)|NIL) (\(\(.*\)\)|NIL) (\(\(.*\)\)|NIL)', $input, $regs) !== false) { + if (preg_match('/NAMESPACE (\(\(.*\)\)|NIL) (\(\(.*\)\)|NIL) (\(\(.*\)\)|NIL)/', $input, $regs)) { for($i=1; $i<=3; $i++) { if($regs[$i] == 'NIL') { $namespace[$ns_strings[$i]] = array(); @@ -1156,7 +1174,7 @@ function sqimap_parse_namespace(&$input) { */ function sqimap_encode_mailbox_name($what) { - if (ereg("[\"\\\r\n]", $what)) + if (preg_match('/["\\\r\n]/', $what)) return '{' . strlen($what) . "}\r\n" . $what; /* 4.3 literal form */ return '"' . $what . '"'; /* 4.3 quoted string form */ } @@ -1279,7 +1297,7 @@ function sqimap_status_messages ($imap_stream, $mailbox, if (!empty($hook_status)) { $hook_status['MAILBOX']=$mailbox; $hook_status['CALLER']='sqimap_status_messages'; - do_hook_function('folder_status',$hook_status); + do_hook('folder_status', $hook_status); } return $status; } @@ -1349,7 +1367,8 @@ function sqimap_append_checkresponse($response, $sMailbox, $sid='', $query='') { if ($sRsp == 'NO' || $sRsp == 'BAD') { // for the moment disabled. Enable after 1.5.1 release. // Notices could give valueable information about the mailbox - // sqm_trigger_imap_error('SQM_IMAP_APPEND_NOTICE',$imapquery,$sRsp,$sMsg); + // Update: seems this was forgotten, but now it is finally enabled + sqm_trigger_imap_error('SQM_IMAP_APPEND_NOTICE',$imapquery,$sRsp,$sMsg); } $bDone = false; case $imapsid: @@ -1417,6 +1436,7 @@ function sqimap_get_user_server ($imap_server, $username) { * @since 1.3.0 */ function map_yp_alias($username) { - $yp = `ypmatch $username aliases`; + $safe_username = escapeshellarg($username); + $yp = `ypmatch $safe_username aliases`; return chop(substr($yp, strlen($username)+1)); }