X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=functions%2Fimap_general.php;h=d353d5123b1a7b550067db501af266e43253e074;hp=6e52519de19e2a88b5e7b0000e902d5f7abae8e9;hb=1a531551726e16fe9ccbd8de06731c1730d8fce2;hpb=ba8f367aa0c64ee4553b246ffeae9ef2770578ce diff --git a/functions/imap_general.php b/functions/imap_general.php index 6e52519d..d353d512 100755 --- a/functions/imap_general.php +++ b/functions/imap_general.php @@ -3,24 +3,29 @@ /** * imap_general.php * - * Copyright (c) 1999-2003 The SquirrelMail Project Team + * Copyright (c) 1999-2004 The SquirrelMail Project Team * Licensed under the GNU GPL. For full terms see the file COPYING. * * This implements all functions that do general imap functions. * * $Id$ + * @package squirrelmail */ +/** Includes.. */ require_once(SM_PATH . 'functions/page_header.php'); require_once(SM_PATH . 'functions/auth.php'); -global $sqimap_session_id; -$sqimap_session_id = 1; +/** + * Generates a new session ID by incrementing the last one used; + * this ensures that each command has a unique ID. + * @param bool unique_id + * @return string IMAP session id of the form 'A000'. + */ +function sqimap_session_id($unique_id = FALSE) { + static $sqimap_session_id = 1; -/* Sets an unique session id in order to avoid simultanous sessions crash. */ -function sqimap_session_id($unique_id = false) { - global $data_dir, $username, $sqimap_session_id; if (!$unique_id) { return( sprintf("A%03d", $sqimap_session_id++) ); } else { @@ -28,7 +33,7 @@ function sqimap_session_id($unique_id = false) { } } -/* +/** * Both send a command and accept the result from the command. * This is to allow proper session number handling. */ @@ -36,8 +41,13 @@ function sqimap_run_command_list ($imap_stream, $query, $handle_errors, &$respon if ($imap_stream) { $sid = sqimap_session_id($unique_id); fputs ($imap_stream, $sid . ' ' . $query . "\r\n"); - $read = sqimap_read_data_list ($imap_stream, $sid, $handle_errors, $response, $message, $query ); - return $read; + $tag_uid_a = explode(' ',trim($sid)); + $tag = $tag_uid_a[0]; + $read = sqimap_retrieve_imap_response ($imap_stream, $tag, $handle_errors, $response, $message, $query ); + /* get the response and the message */ + $message = $message[$tag]; + $response = $response[$tag]; + return $read[$tag]; } else { global $squirrelmail_language, $color; set_up_language($squirrelmail_language); @@ -48,15 +58,33 @@ function sqimap_run_command_list ($imap_stream, $query, $handle_errors, &$respon error_box($string,$color); return false; } - } -function sqimap_run_command ($imap_stream, $query, $handle_errors, &$response, &$message, $unique_id = false) { +function sqimap_run_command ($imap_stream, $query, $handle_errors, &$response, + &$message, $unique_id = false,$filter=false, + $outputstream=false,$no_return=false) { if ($imap_stream) { $sid = sqimap_session_id($unique_id); - fputs ($imap_stream, $sid . ' ' . $query . "\r\n"); - $read = sqimap_read_data ($imap_stream, $sid, $handle_errors, $response, $message, $query); - return $read; + fputs ($imap_stream, $sid . ' ' . $query . "\r\n"); + $tag_uid_a = explode(' ',trim($sid)); + $tag = $tag_uid_a[0]; + + $read = sqimap_read_data ($imap_stream, $tag, $handle_errors, $response, + $message, $query,$filter,$outputstream,$no_return); + if (empty($read)) { //Imap server dropped its connection + $response = ''; + $message = ''; + return false; + } + /* retrieve the response and the message */ + $response = $response[$tag]; + $message = $message[$tag]; + + if (!empty($read[$tag])) { + return $read[$tag][0]; + } else { + return $read[$tag]; + } } else { global $squirrelmail_language, $color; set_up_language($squirrelmail_language); @@ -66,204 +94,449 @@ function sqimap_run_command ($imap_stream, $query, $handle_errors, &$response, & "\n"; error_box($string,$color); return false; + } +} + +function sqimap_prepare_pipelined_query($new_query,&$tag,&$aQuery,$unique_id) { + $sid = sqimap_session_id($unique_id); + $tag_uid_a = explode(' ',trim($sid)); + $tag = $tag_uid_a[0]; + $query = $sid . ' '.$new_query."\r\n"; + $aQuery[$tag] = $query; +} + +function sqimap_run_pipelined_command ($imap_stream, $aQueryList, $handle_errors, + &$aServerResponse, &$aServerMessage, $unique_id = false, + $filter=false,$outputstream=false,$no_return=false) { + $aResponse = false; + + /* + Do not fire all calls at once to the imap-server but split the calls up + in portions of $iChunkSize. If we do not do that I think we misbehave as + IMAP client or should handle BYE calls if the IMAP-server drops the + connection because the number of queries is to large. This isn't tested + but a wild guess how it could work in the field. + + After testing it on Exchange 2000 we discovered that a chunksize of 32 + was quicker then when we raised it to 128. + */ + $iQueryCount = count($aQueryList); + $iChunkSize = 32; + // array_chunk would also do the job but it's supported from php > 4.2 + $aQueryChunks = array(); + $iLoops = floor($iQueryCount / $iChunkSize); + + if ($iLoops * $iChunkSize != $iQueryCount) ++$iLoops; + + if (!function_exists('array_chunk')) { // arraychunk replacement + reset($aQueryList); + for($i=0;$i<$iLoops;++$i) { + for($j=0;$j<$iChunkSize;++$j) { + $key = key($aQueryList); + $aTmp[$key] = $aQueryList[$key]; + if (next($aQueryList) === false) break; + } + $aQueryChunks[] = $aTmp; + } + } else { + $aQueryChunks = array_chunk($aQueryList,$iChunkSize,true); } + for ($i=0;$i<$iLoops;++$i) { + $aQuery = $aQueryChunks[$i]; + foreach($aQuery as $tag => $query) { + fputs($imap_stream,$query); + $aResults[$tag] = false; + } + foreach($aQuery as $tag => $query) { + if ($aResults[$tag] == false) { + $aReturnedResponse = sqimap_retrieve_imap_response ($imap_stream, $tag, + $handle_errors, $response, $message, $query, + $filter,$outputstream,$no_return); + foreach ($aReturnedResponse as $returned_tag => $aResponse) { + if (!empty($aResponse)) { + $aResults[$returned_tag] = $aResponse[0]; + } else { + $aResults[$returned_tag] = $aResponse; + } + $aServerResponse[$returned_tag] = $response[$returned_tag]; + $aServerMessage[$returned_tag] = $message[$returned_tag]; + } + } + } + } + return $aResults; } - -/* - * custom fgets function. gets a line from IMAP - * no matter how big it may be +/** + * Custom fgets function: gets a line from the IMAP-server, + * no matter how big it may be. + * @param stream imap_stream the stream to read from + * @return string a line */ - function sqimap_fgets($imap_stream) { $read = ''; $buffer = 4096; $results = ''; $offset = 0; - $i=0; while (strpos($results, "\r\n", $offset) === false) { if (!($read = fgets($imap_stream, $buffer))) { + /* this happens in case of an error */ + /* reset $results because it's useless */ + $results = false; break; } -// echo $read; if ( $results != '' ) { $offset = strlen($results) - 1; } $results .= $read; +#sm_print_r("Trace from line " . __LINE__, $results); } return $results; } -/* +function sqimap_fread($imap_stream,$iSize,$filter=false, + $outputstream=false, $no_return=false) { + if (!$filter || !$outputstream) { + $iBufferSize = $iSize; + } else { + // see php bug 24033. They changed fread behaviour %$^&$% + $iBufferSize = 7800; // multiple of 78 in case of base64 decoding. + } + if ($iSize < $iBufferSize) { + $iBufferSize = $iSize; + } + $iRetrieved = 0; + $results = ''; + $sRead = $sReadRem = ''; + // NB: fread can also stop at end of a packet on sockets. + while ($iRetrieved < $iSize) { + $sRead = fread($imap_stream,$iBufferSize); + $iLength = strlen($sRead); + $iRetrieved += $iLength ; + $iRemaining = $iSize - $iRetrieved; + if ($iRemaining < $iBufferSize) { + $iBufferSize = $iRemaining; + } + if (!$sRead) { + $results = false; + break; + } + if ($sReadRem) { + $sRead = $sReadRem . $sRead; + $sReadRem = ''; + } + if (substr($sRead,-1) !== "\n") { + $i = strrpos($sRead,"\n"); + if ($i !== false && $iRetrieved<$iSize) { + ++$i; + $sReadRem = substr($sRead,$i); + $sRead = substr($sRead,0,$i); + } else if ($iLength && $iRetrieved<$iSize) { // linelength > received buffer + $sReadRem = $sRead; + $sRead = ''; + } + } + if ($filter && $sRead) { + $filter($sRead); + } + if ($outputstream && $sRead) { + if (is_resource($outputstream)) { + fwrite($outputstream,$sRead); + } else if ($outputstream == 'php://stdout') { + echo $sRead; + } + } + if ($no_return) { + $sRead = ''; + } else { + $results .= $sRead; + } +#sm_print_r("Trace from line " . __LINE__, $results); + } + return $results; +} + +/** + * Obsolete function, inform plugins that use it + * @deprecated use sqimap_run_command or sqimap_run_command_list instead + */ +function sqimap_read_data_list($imap_stream, $tag, $handle_errors, + &$response, &$message, $query = '') { + global $color, $squirrelmail_language; + set_up_language($squirrelmail_language); + require_once(SM_PATH . 'functions/display_messages.php'); + $string = "\n" . + _("ERROR : Bad function call.") . + "
\n" . + _("Reason:") . ' '. + 'There is a plugin installed which make use of the
' . + 'SquirrelMail internal function sqimap_read_data_list.
'. + 'Please adapt the installed plugin and let it use
'. + 'sqimap_run_command or sqimap_run_command_list instead

'. + 'The following query was issued:
'. + htmlspecialchars($query) . '
' . "
\n"; + error_box($string,$color); + echo ''; + exit; +} + +/** + * Function to display an error related to an IMAP-query. + * @param string title the caption of the error box + * @param string query the query that went wrong + * @param string message_title optional message title + * @param string message optional error message + * @param string $link an optional link to try again + * @return void + */ +function sqimap_error_box($title, $query = '', $message_title = '', $message = '', $link = '') +{ + global $color, $squirrelmail_language; + + set_up_language($squirrelmail_language); + require_once(SM_PATH . 'functions/display_messages.php'); + $string = "\n" . $title . "
\n"; + $cmd = explode(' ',$query); + $cmd= strtolower($cmd[0]); + + if ($query != '' && $cmd != 'login') + $string .= _("Query:") . ' ' . htmlspecialchars($query) . '
'; + if ($message_title != '') + $string .= $message_title; + if ($message != '') + $string .= htmlspecialchars($message); + $string .= "
\n"; + if ($link != '') + $string .= $link; + error_box($string,$color); +} + +/** * Reads the output from the IMAP stream. If handle_errors is set to true, * this will also handle all errors that are received. If it is not set, - * the errors will be sent back through $response and $message + * the errors will be sent back through $response and $message. */ - -function sqimap_read_data_list ($imap_stream, $pre, $handle_errors, &$response, &$message, $query = '') { +function sqimap_retrieve_imap_response($imap_stream, $tag, $handle_errors, + &$response, &$message, $query = '', + $filter = false, $outputstream = false, $no_return = false) { global $color, $squirrelmail_language; $read = ''; - $pre_a = explode(' ',trim($pre)); - $pre = $pre_a[0]; + if (!is_array($message)) $message = array(); + if (!is_array($response)) $response = array(); + $aResponse = ''; $resultlist = array(); $data = array(); $read = sqimap_fgets($imap_stream); - $i = 0; - while (1) { - $char = $read{0}; - switch ($char) { - case $pre{0}: - /* get the command */ - $arg = ''; - $i = strlen($pre)+1; - $s = substr($read,$i); - if (($j = strpos($s,' ')) || ($j = strpos($s,"\n"))) { - $arg = substr($s,0,$j); - } - $tag = substr($read,0,$i-1); - if ($arg && $tag==$pre) { - switch ($arg) { - case 'OK': - case 'BAD': - case 'NO': - case 'BYE': - case 'PREAUTH': - $response = $arg; - $message = trim(substr($read,$i+strlen($arg))); - break 3; - default: - /* this shouldn't happen */ - $response = $arg; - $message = trim(substr($read,$i+strlen($arg))); - break 3; - } - } elseif($tag !== $pre) { - /* reset data array because we do not need this reponse */ - $data = array(); - $read = sqimap_fgets($imap_stream); - break; - } - case '*': - if (preg_match('/^\*\s\d+\sFETCH/',$read)) { - /* check for literal */ - $s = substr($read,-3); - $fetch_data = array(); - do { /* outer loop, continue until next untagged fetch - or tagged reponse */ - do { /* innerloop for fetching literals. with this loop - we prohibid that literal responses appear in the - outer loop so we can trust the untagged and - tagged info provided by $read */ - if ($s === "}\r\n") { - $j = strrpos($read,'{'); - $iLit = substr($read,$j+1,-3); - $fetch_data[] = $read; - $sLiteral = fread($imap_stream,$iLit); - /* backwards compattibility */ - $aLiteral = explode("\n", $sLiteral); - /* release not neaded data */ - unset($sLiteral); - foreach ($aLiteral as $line) { - $fetch_data[] = $line ."\n"; - } - /* release not neaded data */ - unset($aLiteral); - /* next fgets belongs to this fetch because - we just got teh exact literalsize and there - must follow data to complete the response */ - $fetch_data[] = sqimap_fgets($imap_stream); - } else { - $fetch_data[] = $read; - } - /* retrieve next line and check in the while - statements if it belongs to this fetch response */ - $read = sqimap_fgets($imap_stream); - /* check for next untagged reponse and break */ - if ($read{0} == '*') break 2; - $s = substr($read,-3); - } while ($s === "}\r\n"); - $s = substr($read,-3); - } while ($read{0} !== '*' && - substr($read,0,strlen($pre)) !== $pre); - $resultlist[] = $fetch_data; - /* release not neaded data */ - unset ($fetch_data); - } else { - $s = substr($read,-3); - do { - if ($s === "}\r\n") { - $j = strrpos($read,'{'); - $iLit = substr($read,$j+1,-3); - $data[] = $read; - $data[] = fread($imap_stream,$iLit); - $fetch_data[] = sqimap_fgets($imap_stream); - } else { - $data[] = $read; - } - $read = sqimap_fgets($imap_stream); - if ($read{0} == '*') break; - $s = substr($read,-3); - } while ($s === "}\r\n"); - break 1; - } - break; - case '+': - $read = sqimap_fgets($imap_stream); - break; - default: - $read = sqimap_fgets($imap_stream); - break; - } + $i = $k = 0; + while ($read) { + $char = $read{0}; + switch ($char) + { + case '+': + default: + $read = sqimap_fgets($imap_stream); + break; + + case $tag{0}: + { + /* get the command */ + $arg = ''; + $i = strlen($tag)+1; + $s = substr($read,$i); + if (($j = strpos($s,' ')) || ($j = strpos($s,"\n"))) { + $arg = substr($s,0,$j); + } + $found_tag = substr($read,0,$i-1); + if ($found_tag) { + switch ($arg) + { + case 'OK': + case 'BAD': + case 'NO': + case 'BYE': + case 'PREAUTH': + $response[$found_tag] = $arg; + $message[$found_tag] = trim(substr($read,$i+strlen($arg))); + if (!empty($data)) { + $resultlist[] = $data; + } + $aResponse[$found_tag] = $resultlist; + $data = $resultlist = array(); + if ($found_tag == $tag) { + break 3; /* switch switch while */ + } + break; + default: + /* this shouldn't happen */ + $response[$found_tag] = $arg; + $message[$found_tag] = trim(substr($read,$i+strlen($arg))); + if (!empty($data)) { + $resultlist[] = $data; + } + $aResponse[$found_tag] = $resultlist; + $data = $resultlist = array(); + if ($found_tag == $tag) { + break 3; /* switch switch while */ + } + } + } + $read = sqimap_fgets($imap_stream); + if ($read === false) { /* error */ + break 3; /* switch switch while */ + } + break; + } // end case $tag{0} + + case '*': + { + if (preg_match('/^\*\s\d+\sFETCH/',$read)) { + /* check for literal */ + $s = substr($read,-3); + $fetch_data = array(); + do { /* outer loop, continue until next untagged fetch + or tagged reponse */ + do { /* innerloop for fetching literals. with this loop + we prohibid that literal responses appear in the + outer loop so we can trust the untagged and + tagged info provided by $read */ + if ($s === "}\r\n") { + $j = strrpos($read,'{'); + $iLit = substr($read,$j+1,-3); + $fetch_data[] = $read; + $sLiteral = sqimap_fread($imap_stream,$iLit,$filter,$outputstream,$no_return); + if ($sLiteral === false) { /* error */ + break 4; /* while while switch while */ + } + /* backwards compattibility */ + $aLiteral = explode("\n", $sLiteral); + /* release not neaded data */ + unset($sLiteral); + foreach ($aLiteral as $line) { + $fetch_data[] = $line ."\n"; + } + /* release not neaded data */ + unset($aLiteral); + /* next fgets belongs to this fetch because + we just got the exact literalsize and there + must follow data to complete the response */ + $read = sqimap_fgets($imap_stream); + if ($read === false) { /* error */ + break 4; /* while while switch while */ + } + $fetch_data[] = $read; + } else { + $fetch_data[] = $read; + } + /* retrieve next line and check in the while + statements if it belongs to this fetch response */ + $read = sqimap_fgets($imap_stream); + if ($read === false) { /* error */ + break 4; /* while while switch while */ + } + /* check for next untagged reponse and break */ + if ($read{0} == '*') break 2; + $s = substr($read,-3); + } while ($s === "}\r\n"); + $s = substr($read,-3); + } while ($read{0} !== '*' && + substr($read,0,strlen($tag)) !== $tag); + $resultlist[] = $fetch_data; + /* release not neaded data */ + unset ($fetch_data); + } else { + $s = substr($read,-3); + do { + if ($s === "}\r\n") { + $j = strrpos($read,'{'); + $iLit = substr($read,$j+1,-3); + $data[] = $read; + $sLiteral = fread($imap_stream,$iLit); + if ($sLiteral === false) { /* error */ + $read = false; + break 3; /* while switch while */ + } + $data[] = $sLiteral; + $data[] = sqimap_fgets($imap_stream); + } else { + $data[] = $read; + } + $read = sqimap_fgets($imap_stream); + if ($read === false) { + break 3; /* while switch while */ + } else if ($read{0} == '*') { + break; + } + $s = substr($read,-3); + } while ($s === "}\r\n"); + break 1; + } + break; + } // end case '*' + } // end switch + } // end while + + /* error processing in case $read is false */ + if ($read === false) { + unset($data); + if ($handle_errors) { + sqimap_error_box(_("ERROR : Connection dropped by imap-server."), $query); + exit; + } } + + /* Set $resultlist array */ if (!empty($data)) { - $resultlist[] = $data; + //$resultlist[] = $data; } elseif (empty($resultlist)) { $resultlist[] = array(); } + + /* Return result or handle errors */ if ($handle_errors == false) { - return( $resultlist ); - } - elseif ($response == 'NO') { - /* ignore this error from M$ exchange, it is not fatal (aka bug) */ - if (strstr($message, 'command resulted in') === false) { - set_up_language($squirrelmail_language); - require_once(SM_PATH . 'functions/display_messages.php'); - $string = "\n" . - _("ERROR : Could not complete request.") . - "
\n" . - _("Query:") . ' ' . - htmlspecialchars($query) . '
' . - _("Reason Given: ") . - htmlspecialchars($message) . "
\n"; - error_box($string,$color); + return $aResponse; + } + switch ($response[$tag]) { + case 'OK': + return $aResponse; + break; + case 'NO': + /* ignore this error from M$ exchange, it is not fatal (aka bug) */ + if (strstr($message[$tag], 'command resulted in') === false) { + sqimap_error_box(_("ERROR : Could not complete request."), $query, _("Reason Given: "), $message[$tag]); + echo ''; exit; } - } - elseif ($response == 'BAD') { - set_up_language($squirrelmail_language); - require_once(SM_PATH . 'functions/display_messages.php'); - $string = "\n" . - _("ERROR : Bad or malformed request.") . - "
\n" . - _("Query:") . ' '. - htmlspecialchars($query) . '
' . - _("Server responded: ") . - htmlspecialchars($message) . "
\n"; - error_box($string,$color); + break; + case 'BAD': + sqimap_error_box(_("ERROR : Bad or malformed request."), $query, _("Server responded: "), $message[$tag]); + echo ''; + exit; + case 'BYE': + sqimap_error_box(_("ERROR : Imap server closed the connection."), $query, _("Server responded: "), $message[$tag]); + echo ''; exit; - } - else { - return $resultlist; + default: + sqimap_error_box(_("ERROR : Unknown imap response."), $query, _("Server responded: "), $message[$tag]); + /* the error is displayed but because we don't know the reponse we + return the result anyway */ + return $aResponse; + break; } } -function sqimap_read_data ($imap_stream, $pre, $handle_errors, &$response, &$message, $query = '') { - $res = sqimap_read_data_list($imap_stream, $pre, $handle_errors, $response, $message, $query); - +function sqimap_read_data ($imap_stream, $tag_uid, $handle_errors, + &$response, &$message, $query = '', + $filter=false,$outputstream=false,$no_return=false) { + + $tag_uid_a = explode(' ',trim($tag_uid)); + $tag = $tag_uid_a[0]; + + $res = sqimap_retrieve_imap_response($imap_stream, $tag, $handle_errors, + $response, $message, $query,$filter,$outputstream,$no_return); /* sqimap_read_data should be called for one response - but since it just calls sqimap_read_data_list which + but since it just calls sqimap_retrieve_imap_response which handles multiple responses we need to check for that and merge the $res array IF they are seperated and IF it was a FETCH response. */ @@ -276,104 +549,160 @@ function sqimap_read_data ($imap_stream, $pre, $handle_errors, &$response, &$mes // } // } if (isset($result)) { - return $result; + return $result[$tag]; } else { - return $res[0]; + return $res; } +} +/** + * Connects to the IMAP server and returns a resource identifier for use with + * the other SquirrelMail IMAP functions. Does NOT login! + * @param string server hostname of IMAP server + * @param int port port number to connect to + * @param bool tls whether to use TLS when connecting. + * @return imap-stream resource identifier + */ +function sqimap_create_stream($server,$port,$tls=false) { + global $username, $use_imap_tls; + + if ($tls == true) { + if ((check_php_version(4,3)) and (extension_loaded('openssl'))) { + /* Use TLS by prefixing "tls://" to the hostname */ + $server = 'tls://' . $server; + } else { + require_once(SM_PATH . 'functions/display_messages.php'); + $string = "Unable to connect to IMAP server!
TLS is enabled, but this " . + "version of PHP does not support TLS sockets, or is missing the openssl " . + "extension.

Please contact your system administrator."; + logout_error($string,$color); + } + } + + $imap_stream = fsockopen($server, $port, $error_number, $error_string, 15); + + /* Do some error correction */ + if (!$imap_stream) { + set_up_language($squirrelmail_language, true); + require_once(SM_PATH . 'functions/display_messages.php'); + $string = sprintf (_("Error connecting to IMAP server: %s.") . + "
\r\n", $server) . + "$error_number : $error_string
\r\n"; + logout_error($string,$color); + exit; + } + $server_info = fgets ($imap_stream, 1024); + return $imap_stream; } -/* +/** * Logs the user into the imap server. If $hide is set, no error messages * will be displayed. This function returns the imap connection handle. */ function sqimap_login ($username, $password, $imap_server_address, $imap_port, $hide) { - global $color, $squirrelmail_language, $onetimepad, $use_imap_tls, $imap_auth_mech; + global $color, $squirrelmail_language, $onetimepad, $use_imap_tls, + $imap_auth_mech, $sqimap_capabilities; if (!isset($onetimepad) || empty($onetimepad)) { sqgetglobalvar('onetimepad' , $onetimepad , SQ_SESSION ); } - $imap_server_address = sqimap_get_user_server($imap_server_address, $username); - $host=$imap_server_address; - - if (($use_imap_tls == true) and (check_php_version(4,3)) and (extension_loaded('openssl'))) { - /* Use TLS by prefixing "tls://" to the hostname */ - $imap_server_address = 'tls://' . $imap_server_address; - } - - $imap_stream = fsockopen ( $imap_server_address, $imap_port, $error_number, $error_string, 15); - - /* Do some error correction */ - if (!$imap_stream) { - if (!$hide) { - set_up_language($squirrelmail_language, true); - require_once(SM_PATH . 'functions/display_messages.php'); - $string = sprintf (_("Error connecting to IMAP server: %s.") . - "
\r\n", $imap_server_address) . - "$error_number : $error_string
\r\n"; - logout_error($string,$color); - } - exit; + if (!isset($sqimap_capabilities)) { + sqgetglobalvar('sqimap_capabilities' , $capability , SQ_SESSION ); } - $server_info = fgets ($imap_stream, 1024); + $host = $imap_server_address; + $imap_server_address = sqimap_get_user_server($imap_server_address, $username); + + $imap_stream = sqimap_create_stream($imap_server_address,$imap_port,$use_imap_tls); /* Decrypt the password */ $password = OneTimePadDecrypt($password, $onetimepad); - if (($imap_auth_mech == 'cram-md5') OR ($imap_auth_mech == 'digest-md5')) { - // We're using some sort of authentication OTHER than plain or login - $tag=sqimap_session_id(false); - if ($imap_auth_mech == 'digest-md5') { + if (($imap_auth_mech == 'cram-md5') OR ($imap_auth_mech == 'digest-md5')) { + // We're using some sort of authentication OTHER than plain or login + $tag=sqimap_session_id(false); + if ($imap_auth_mech == 'digest-md5') { $query = $tag . " AUTHENTICATE DIGEST-MD5\r\n"; - } elseif ($imap_auth_mech == 'cram-md5') { + } elseif ($imap_auth_mech == 'cram-md5') { $query = $tag . " AUTHENTICATE CRAM-MD5\r\n"; - } - fputs($imap_stream,$query); - $answer=sqimap_fgets($imap_stream); - // Trim the "+ " off the front - $response=explode(" ",$answer,3); - if ($response[0] == '+') { + } + fputs($imap_stream,$query); + $answer=sqimap_fgets($imap_stream); + // Trim the "+ " off the front + $response=explode(" ",$answer,3); + if ($response[0] == '+') { // Got a challenge back - $challenge=$response[1]; - if ($imap_auth_mech == 'digest-md5') { - $reply = digest_md5_response($username,$password,$challenge,'imap',$host); - } elseif ($imap_auth_mech == 'cram-md5') { - $reply = cram_md5_response($username,$password,$challenge); - } - fputs($imap_stream,$reply); - $read=sqimap_fgets($imap_stream); - if ($imap_auth_mech == 'digest-md5') { - // DIGEST-MD5 has an extra step.. - if (substr($read,0,1) == '+') { // OK so far.. + $challenge=$response[1]; + if ($imap_auth_mech == 'digest-md5') { + $reply = digest_md5_response($username,$password,$challenge,'imap',$host); + } elseif ($imap_auth_mech == 'cram-md5') { + $reply = cram_md5_response($username,$password,$challenge); + } + fputs($imap_stream,$reply); + $read=sqimap_fgets($imap_stream); + if ($imap_auth_mech == 'digest-md5') { + // DIGEST-MD5 has an extra step.. + if (substr($read,0,1) == '+') { // OK so far.. fputs($imap_stream,"\r\n"); $read=sqimap_fgets($imap_stream); - } } - $results=explode(" ",$read,3); - $response=$results[1]; - $message=$results[2]; - } else { - // Fake the response, so the error trap at the bottom will work - $response="BAD"; - $message='IMAP server does not appear to support the authentication method selected.'; - $message .= ' Please contact your system administrator.'; - } + } + $results=explode(" ",$read,3); + $response=$results[1]; + $message=$results[2]; + } else { + // Fake the response, so the error trap at the bottom will work + $response="BAD"; + $message='IMAP server does not appear to support the authentication method selected.'; + $message .= ' Please contact your system administrator.'; + } } elseif ($imap_auth_mech == 'login') { - // Original IMAP login code - $query = 'LOGIN "' . quoteimap($username) . '" "' . quoteimap($password) . '"'; - $read = sqimap_run_command ($imap_stream, $query, false, $response, $message); + // Original IMAP login code + $query = 'LOGIN "' . quoteimap($username) . '" "' . quoteimap($password) . '"'; + $read = sqimap_run_command ($imap_stream, $query, false, $response, $message); } elseif ($imap_auth_mech == 'plain') { - /* Replace this with SASL PLAIN if it ever gets implemented */ - $response="BAD"; - $message='SquirrelMail does not support SASL PLAIN yet. Rerun conf.pl and use login instead.'; + /*** + * SASL PLAIN + * + * RFC 2595 Chapter 6 + * + * The mechanism consists of a single message from the client to the + * server. The client sends the authorization identity (identity to + * login as), followed by a US-ASCII NUL character, followed by the + * authentication identity (identity whose password will be used), + * followed by a US-ASCII NUL character, followed by the clear-text + * password. The client may leave the authorization identity empty to + * indicate that it is the same as the authentication identity. + * + **/ + $tag=sqimap_session_id(false); + $sasl = (isset($capability['SASL-IR']) && $capability['SASL-IR']) ? true : false; + $auth = base64_encode("$username\0$username\0$password"); + if ($sasl) { + // IMAP Extension for SASL Initial Client Response + // + $query = $tag . " AUTHENTICATE PLAIN $auth\r\n"; + fputs($imap_stream, $query); + $read = sqimap_fgets($imap_stream); } else { - $response="BAD"; - $message="Internal SquirrelMail error - unknown IMAP authentication method chosen. Please contact the developers."; + $query = $tag . " AUTHENTICATE PLAIN\r\n"; + fputs($imap_stream, $query); + $read=sqimap_fgets($imap_stream); + if (substr($read,0,1) == '+') { // OK so far.. + fputs($imap_stream, "$auth\r\n"); + $read = sqimap_fgets($imap_stream); + } } - - /* If the connection was not successful, lets see why */ + $results=explode(" ",$read,3); + $response=$results[1]; + $message=$results[2]; + } else { + $response="BAD"; + $message="Internal SquirrelMail error - unknown IMAP authentication method chosen. Please contact the developers."; + } + + /* If the connection was not successful, lets see why */ if ($response != 'OK') { if (!$hide) { if ($response != 'NO') { @@ -382,12 +711,12 @@ function sqimap_login ($username, $password, $imap_server_address, $imap_port, $ set_up_language($squirrelmail_language, true); require_once(SM_PATH . 'functions/display_messages.php'); if ($response == 'BAD') { - $string = sprintf (_("Bad request: %s")."
\r\n", $message); + $string = sprintf (_("Bad request: %s")."
\r\n", $message); } else { - $string = sprintf (_("Unknown error: %s") . "
\n", $message); + $string = sprintf (_("Unknown error: %s") . "
\n", $message); } if (isset($read) && is_array($read)) { - $string .= '
' . _("Read data:") . "
\n"; + $string .= '
' . _("Read data:") . "
\n"; foreach ($read as $line) { $string .= htmlspecialchars($line) . "
\n"; } @@ -405,7 +734,7 @@ function sqimap_login ($username, $password, $imap_server_address, $imap_port, $ * $squirrelmail_language is set by a cookie when * the user selects language and logs out */ - + set_up_language($squirrelmail_language, true); include_once(SM_PATH . 'functions/display_messages.php' ); sqsession_destroy(); @@ -419,7 +748,11 @@ function sqimap_login ($username, $password, $imap_server_address, $imap_port, $ return $imap_stream; } -/* Simply logs out the IMAP session */ +/** + * Simply logs out the IMAP session + * @param stream imap_stream the IMAP connection to log out. + * @return void + */ function sqimap_logout ($imap_stream) { /* Logout is not valid until the server returns 'BYE' * If we don't have an imap_ stream we're already logged out */ @@ -427,6 +760,11 @@ function sqimap_logout ($imap_stream) { sqimap_run_command($imap_stream, 'LOGOUT', false, $response, $message); } +/** + * Retreive the CAPABILITY string from the IMAP server. + * If capability is set, returns only that specific capability, + * else returns array of all capabilities. + */ function sqimap_capability($imap_stream, $capability='') { global $sqimap_capabilities; if (!is_array($sqimap_capabilities)) { @@ -452,7 +790,9 @@ function sqimap_capability($imap_stream, $capability='') { return $sqimap_capabilities; } -/* Returns the delimeter between mailboxes: INBOX/Test, or INBOX.Test */ +/** + * Returns the delimeter between mailboxes: INBOX/Test, or INBOX.Test + */ function sqimap_get_delimiter ($imap_stream = false) { global $sqimap_delimiter, $optional_delimiter; @@ -490,6 +830,7 @@ function sqimap_get_delimiter ($imap_stream = false) { } else { fputs ($imap_stream, ". LIST \"INBOX\" \"\"\r\n"); $read = sqimap_read_data($imap_stream, '.', true, $a, $b); + $read = $read['.'][0]; //sqimap_read_data() now returns a tag array of response array $quote_position = strpos ($read[0], '"'); $sqimap_delimiter = substr ($read[0], $quote_position+1, 1); } @@ -497,10 +838,24 @@ function sqimap_get_delimiter ($imap_stream = false) { return $sqimap_delimiter; } +/** + * This encodes a mailbox name for use in IMAP commands. + * @param string what the mailbox to encode + * @return string the encoded mailbox string + */ +function sqimap_encode_mailbox_name($what) +{ + if (ereg("[\"\\\r\n]", $what)) + return '{' . strlen($what) . "}\r\n" . $what; /* 4.3 literal form */ + return '"' . $what . '"'; /* 4.3 quoted string form */ +} + -/* Gets the number of messages in the current mailbox. */ +/** + * Gets the number of messages in the current mailbox. + */ function sqimap_get_num_messages ($imap_stream, $mailbox) { - $read_ary = sqimap_run_command ($imap_stream, "EXAMINE \"$mailbox\"", false, $result, $message); + $read_ary = sqimap_run_command ($imap_stream, 'EXAMINE ' . sqimap_encode_mailbox_name($mailbox), false, $result, $message); for ($i = 0; $i < count($read_ary); $i++) { if (ereg("[^ ]+ +([^ ]+) +EXISTS", $read_ary[$i], $regs)) { return $regs[1]; @@ -509,145 +864,181 @@ function sqimap_get_num_messages ($imap_stream, $mailbox) { return false; //"BUG! Couldn't get number of messages in $mailbox!"; } - -function parseAddress($address, $max=0, $addr_ar = array(), $group = '', $host='', $limit=0) { - $pos = 0; - $j = strlen($address); - $personal = ''; - $addr = ''; - $comment = ''; - if ($max && $max == count($addr_ar)) { - return $addr_ar; +function parseAddress($address, $max=0) { + $aTokens = array(); + $aAddress = array(); + $iCnt = strlen($address); + $aSpecials = array('(' ,'<' ,',' ,';' ,':'); + $aReplace = array(' (',' <',' ,',' ;',' :'); + $address = str_replace($aSpecials,$aReplace,$address); + $i = $iAddrFound = $bGroup = 0; + while ($i < $iCnt) { + $cChar = $address{$i}; + switch($cChar) + { + case '<': + $iEnd = strpos($address,'>',$i+1); + if (!$iEnd) { + $sToken = substr($address,$i); + $i = $iCnt; + } else { + $sToken = substr($address,$i,$iEnd - $i +1); + $i = $iEnd; + } + $sToken = str_replace($aReplace, $aSpecials,$sToken); + $aTokens[] = $sToken; + break; + case '"': + $iEnd = strpos($address,$cChar,$i+1); + if ($iEnd) { + // skip escaped quotes + $prev_char = $address{$iEnd-1}; + while ($prev_char === '\\' && substr($address,$iEnd-2,2) !== '\\\\') { + $iEnd = strpos($address,$cChar,$iEnd+1); + if ($iEnd) { + $prev_char = $address{$iEnd-1}; + } else { + $prev_char = false; + } + } + } + if (!$iEnd) { + $sToken = substr($address,$i); + $i = $iCnt; + } else { + // also remove the surrounding quotes + $sToken = substr($address,$i+1,$iEnd - $i -1); + $i = $iEnd; + } + $sToken = str_replace($aReplace, $aSpecials,$sToken); + if ($sToken) $aTokens[] = $sToken; + break; + case '(': + $iEnd = strpos($address,')',$i); + if (!$iEnd) { + $sToken = substr($address,$i); + $i = $iCnt; + } else { + $sToken = substr($address,$i,$iEnd - $i + 1); + $i = $iEnd; + } + $sToken = str_replace($aReplace, $aSpecials,$sToken); + $aTokens[] = $sToken; + break; + case ',': + ++$iAddrFound; + case ';': + if (!$bGroup) { + ++$iAddrFound; + } else { + $bGroup = false; + } + if ($max && $max == $iAddrFound) { + break 2; + } else { + $aTokens[] = $cChar; + break; + } + case ':': + $bGroup = true; + case ' ': + $aTokens[] = $cChar; + break; + default: + $iEnd = strpos($address,' ',$i+1); + if ($iEnd) { + $sToken = trim(substr($address,$i,$iEnd - $i)); + $i = $iEnd-1; + } else { + $sToken = trim(substr($address,$i)); + $i = $iCnt; + } + if ($sToken) $aTokens[] = $sToken; + } + ++$i; } - while ($pos < $j) { - if ($max && $max == count($addr_ar)) { - return $addr_ar; + $sPersonal = $sEmail = $sComment = $sGroup = ''; + $aStack = $aComment = array(); + foreach ($aTokens as $sToken) { + if ($max && $max == count($aAddress)) { + return $aAddress; } - $char = $address{$pos}; - switch ($char) { - case '=': - /* check if it is an encoded string */ - if (preg_match('/^(=\?([^?]*)\?(Q|B)\?([^?]*)\?=)(.*)/Ui',substr($address,$pos),$reg)) { - /* add stringpart before the encoded string to the personal var */ - if (!$personal) { - $personal = substr($address,0,$pos); - } - $personal .= $reg[1]; - $pos += strlen($reg[1]); - } else { - ++$pos; - } - break; - case '"': /* get the personal name */ - ++$pos; - if ($address{$pos} == '"') { - ++$pos; - } else { - $personal_start = $personal_end = $pos; - while ($pos < $j) { - $personal_end = strpos($address,'"',$pos); - if (($personal_end-2)>0 && (substr($address,$personal_end-2,2) === '\\"' || - substr($address,$personal_end-2,2) === '\\\\')) { - $pos = $personal_end+1; - } else { - $personal = substr($address,$personal_start,$personal_end-$personal_start); - break; - } - } - if ($personal_end) { /* prohibit endless loops due to very wrong addresses */ - $pos = $personal_end+1; - } else { - $pos = $j; - } - } - break; - case '<': /* get email address */ - $addr_start = $pos; - $addr_end = strpos($address,'>',$addr_start); - if($addr_end === FALSE) { - // in case the address doesn't end, prevent loop - $pos++; - } else { - $addr = substr($address,$addr_start+1,$addr_end-$addr_start-1); - $pos = $addr_end+1; - } - break; - case '(': /* rip off comments */ - $addr_start = $pos; - $pos = strpos($address,')'); - if ($pos !== false) { - $comment = substr($address, $addr_start+1,($pos-$addr_start-1)); - $address_start = substr($address, 0, $addr_start); - $address_end = substr($address, $pos + 1); - $address = $address_start . $address_end; - } - $j = strlen($address); - $pos = $addr_start + 1; + $cChar = $sToken{0}; + switch ($cChar) + { + case '=': + case '"': + case ' ': + $aStack[] = $sToken; + break; + case '(': + $aComment[] = substr($sToken,1,-1); + break; + case ';': + if ($sGroup) { + $sEmail = trim(implode(' ',$aStack)); + $aAddress[] = array($sGroup,$sEmail); + $aStack = $aComment = array(); + $sGroup = ''; break; - case ';': /* we reached a non rfc2822 compliant delimiter */ - if ($group) { - $address = substr($address, 0, $pos - 1); - ++$pos; - break; - } - case ',': /* we reached a delimiter */ - if ($addr == '') { - $addr = substr($address, 0, $pos); - } else if ($personal == '') { - $personal = trim(substr($address, 0, $addr_start)); + } + case ',': + if (!$sEmail) { + while (count($aStack) && !$sEmail) { + $sEmail = trim(array_pop($aStack)); } - if (!$personal && $comment) $personal = $comment; - if ($personal) $personal = decodeHeader($personal); - $addr_ar[] = array($addr,$personal); - $address = trim(substr($address, $pos+1)); - $j = strlen($address); - $pos = 0; - $personal = ''; - $addr = ''; - break; - case ':': /* process the group addresses */ - /* group marker */ - $group = substr($address, 0, $pos); - $address = substr($address, $pos+1); - $result = parseAddress($address, $max, $addr_ar, $group); - $addr_ar = $result[0]; - $pos = $result[1]; - $address = substr($address, $pos++); - $j = strlen($address); - $group = ''; - break; - default: - ++$pos; - break; + } + if (count($aStack)) { + $sPersonal = trim(implode('',$aStack)); + } else { + $sPersonal = ''; + } + if (!$sPersonal && count($aComment)) { + $sComment = implode(' ',$aComment); + $sPersonal .= $sComment; + } + $aAddress[] = array($sEmail,$sPersonal); + $sPersonal = $sComment = $sEmail = ''; + $aStack = $aComment = array(); + break; + case ':': + $sGroup = implode(' ',$aStack); break; + $aStack = array(); + break; + case '<': + $sEmail = trim(substr($sToken,1,-1)); + break; + case '>': + /* skip */ + break; + default: $aStack[] = $sToken; break; } } - if ($addr == '') { - $addr = substr($address, 0, $pos); - } else if ($personal == '') { - $personal = trim(substr($address, 0, $addr_start)); - } - if (!$personal && $comment) $personal = $comment; - $email = $addr; - if ($group && $addr == '') { /* no addresses found in group */ - $personal = $group; - $addr_ar[] = array('',$personal); - return (array($addr_ar,$pos+1 )); - } elseif ($group) { - $addr_ar[] = array($addr,$personal); - return (array($addr_ar,$pos+1 )); - } else { - if ($personal || $addr) { - $addr_ar[] = array($addr, $personal); + /* now do the action again for the last address */ + if (!$sEmail) { + while (count($aStack) && !$sEmail) { + $sEmail = trim(array_pop($aStack)); } } - return ($addr_ar); -} + if (count($aStack)) { + $sPersonal = trim(implode('',$aStack)); + } else { + $sPersonal = ''; + } + if (!$sPersonal && count($aComment)) { + $sComment = implode(' ',$aComment); + $sPersonal .= $sComment; + } + $aAddress[] = array($sEmail,$sPersonal); + return $aAddress; +} + -/* - * Returns the number of unseen messages in this folder +/** + * Returns the number of unseen messages in this folder. */ function sqimap_unseen_messages ($imap_stream, $mailbox) { - $read_ary = sqimap_run_command ($imap_stream, "STATUS \"$mailbox\" (UNSEEN)", false, $result, $message); + $read_ary = sqimap_run_command ($imap_stream, 'STATUS ' . sqimap_encode_mailbox_name($mailbox) . ' (UNSEEN)', false, $result, $message); $i = 0; $regs = array(false, false); while (isset($read_ary[$i])) { @@ -659,11 +1050,11 @@ function sqimap_unseen_messages ($imap_stream, $mailbox) { return $regs[1]; } -/* - * Returns the number of unseen/total messages in this folder +/** + * Returns the number of total/unseen/recent messages in this folder */ function sqimap_status_messages ($imap_stream, $mailbox) { - $read_ary = sqimap_run_command ($imap_stream, "STATUS \"$mailbox\" (MESSAGES UNSEEN RECENT)", false, $result, $message); + $read_ary = sqimap_run_command ($imap_stream, 'STATUS ' . sqimap_encode_mailbox_name($mailbox) . ' (MESSAGES UNSEEN RECENT)', false, $result, $message); $i = 0; $messages = $unseen = $recent = false; $regs = array(false,false); @@ -683,11 +1074,11 @@ function sqimap_status_messages ($imap_stream, $mailbox) { } -/* - * Saves a message to a given folder -- used for saving sent messages +/** + * Saves a message to a given folder -- used for saving sent messages */ function sqimap_append ($imap_stream, $sent_folder, $length) { - fputs ($imap_stream, sqimap_session_id() . " APPEND \"$sent_folder\" (\\Seen) \{$length}\r\n"); + fputs ($imap_stream, sqimap_session_id() . ' APPEND ' . sqimap_encode_mailbox_name($sent_folder) . " (\\Seen) \{$length}\r\n"); $tmp = fgets ($imap_stream, 1024); } @@ -732,11 +1123,12 @@ function sqimap_get_user_server ($imap_server, $username) { return $function($username); } -/* This is an example that gets imapservers from yellowpages (NIS). +/** + * This is an example that gets imapservers from yellowpages (NIS). * you can simple put map:map_yp_alias in your $imap_server_address * in config.php use your own function instead map_yp_alias to map your - * LDAP whatever way to find the users imapserver. */ - + * LDAP whatever way to find the users imapserver. + */ function map_yp_alias($username) { $yp = `ypmatch $username aliases`; return chop(substr($yp, strlen($username)+1));