X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=plugins%2Fadministrator%2Foptions.php;h=cceb0b20c73d181e4f8acbba6ca8a9f2c864ae38;hp=ed695e0f7876679841b2435b2ff7b0a8d92bd63e;hb=a3d6c63eaf7d76a260625292970b88e2d618346d;hpb=cf1efdce52fce19388a74b85903cbeb7fd5e31ad

diff --git a/plugins/administrator/options.php b/plugins/administrator/options.php
index ed695e0f..cceb0b20 100644
--- a/plugins/administrator/options.php
+++ b/plugins/administrator/options.php
@@ -3,7 +3,7 @@
 /**
  * Administrator Plugin
  *
- * Copyright (c) 1999-2002 The SquirrelMail Project Team
+ * Copyright (c) 1999-2003 The SquirrelMail Project Team
  * Licensed under the GNU GPL. For full terms see the file COPYING.
  *
  * Philippe Mingo
@@ -127,27 +127,88 @@ function parseConfig( $cfg_file ) {
             }
         }
     }
+}
+
+/* Change paths containing SM_PATH to admin-friendly paths
+   relative to the config dir, i.e.:
+     ''                          --> <empty string>
+     SM_PATH . 'images/logo.gif' --> ../images/logo.gif
+     '/absolute/path/logo.gif'   --> /absolute/path/logo.gif
+     'http://whatever/'          --> http://whatever
+   Note removal of quotes in returned value
+*/
+function change_to_rel_path($old_path) {
+    $new_path = str_replace("SM_PATH . '", "../", $old_path); 
+    $new_path = str_replace("../config/","", $new_path);
+    $new_path = str_replace("'","", $new_path);
+    return $new_path;
+}
 
+/* Change relative path (relative to config dir) to 
+   internal SM_PATH, i.e.:
+     empty_string            --> ''
+     ../images/logo.gif      --> SM_PATH . 'images/logo.gif'
+     images/logo.gif         --> SM_PATH . 'config/images/logo.gif'
+     /absolute/path/logo.gif --> '/absolute/path/logo.gif'
+     http://whatever/        --> 'http://whatever'
+*/     
+function change_to_sm_path($old_path) {
+   if ( $old_path === '' || $old_path == "''" ) {
+     return "''";
+   } elseif ( preg_match("/^(\/|http)/", $old_path) ) {
+     return "'" . $old_path . "'";
+   } elseif ( preg_match("/^(\$|SM_PATH)/", $old_path) ) {
+     return $old_path;
+   }
+   
+   $new_path = '';
+   $rel_path = explode("../", $old_path);
+   if ( count($rel_path) > 2 ) {
+     // Since we're relative to the config dir, 
+     // more than 1 ../ puts us OUTSIDE the SM tree.
+     // get full path to config.php, then pop the filename
+     $abs_path = explode('/', realpath (SM_PATH . 'config/config.php'));
+     array_pop ($abs_path); 
+     foreach ( $rel_path as $subdir ) {
+       if ( $subdir === '' ) {
+         array_pop ($abs_path);
+       } else {
+         array_push($abs_path, $subdir);
+       }
+     }
+     foreach ($abs_path as $subdir) {
+       $new_path .= $subdir . '/';
+     }
+     $new_path = "'$new_path'";
+   } elseif ( count($rel_path) > 1 ) {
+     // we're within the SM tree, prepend SM_PATH
+     $new_path = str_replace('../',"SM_PATH . '", $old_path . "'");
+   } else {
+     // Last, if it's a relative path without a .. prefix, 
+     // we're somewhere within the config dir, so prepend
+     //  SM_PATH . 'config/  
+     $new_path = "SM_PATH . 'config/" . $old_path . "'";
+   }
+   return $new_path;
 }
 
+
 /* ---------------------- main -------------------------- */
 
-chdir('..');
-chdir('..');
-define('SM_PATH','../');
+define('SM_PATH','../../');
 
 /* SquirrelMail required files. */
 require_once(SM_PATH . 'include/validate.php');
 require_once(SM_PATH . 'functions/page_header.php');
 require_once(SM_PATH . 'functions/imap.php');
-require_once(SM_PATH . 'src/load_prefs.php');
+require_once(SM_PATH . 'include/load_prefs.php');
 require_once(SM_PATH . 'plugins/administrator/defines.php');
 require_once(SM_PATH . 'plugins/administrator/auth.php');
 
 GLOBAL $data_dir, $username;
 
 if ( !adm_check_user() ) {
-    header("Location: ../../src/options.php") ;
+    header('Location: ' . SM_PATH . 'src/options.php') ;
     exit;
 }
 
@@ -159,8 +220,8 @@ foreach ( $defcfg as $key => $def ) {
     $newcfg[$key] = '';
 }
 
-$cfgfile = '../config/config.php';
-parseConfig( '../config/config_default.php' );
+$cfgfile = SM_PATH . 'config/config.php';
+parseConfig( SM_PATH . 'config/config_default.php' );
 parseConfig( $cfgfile );
 
 $colapse = array( 'Titles' => 'off',
@@ -173,21 +234,28 @@ $colapse = array( 'Titles' => 'off',
                   'Group7' => getPref($data_dir, $username, 'adm_Group7', 'on' ),
                   'Group8' => getPref($data_dir, $username, 'adm_Group8', 'on' ) );
 
-if ( isset( $switch ) ) {
-
+/* look in $_GET array for 'switch' */
+if ( sqgetGlobalVar('switch', $switch, SQ_GET) ) {
     if ( $colapse[$switch] == 'on' ) {
        $colapse[$switch] = 'off';
     } else {
        $colapse[$switch] = 'on';
     }
     setPref($data_dir, $username, "adm_$switch", $colapse[$switch] );
-
 }
 
 echo "<form action=options.php method=post name=options>" .
     "<center><table width=95% bgcolor=\"$color[5]\"><tr><td>".
     "<table width=100% cellspacing=0 bgcolor=\"$color[4]\">" ,
-    "<tr bgcolor=\"$color[5]\"><th colspan=2>" . _("Configuration Administrator") . "</th></tr>";
+    "<tr bgcolor=\"$color[5]\"><th colspan=2>" . _("Configuration Administrator") . "</th></tr>",
+    "<tr bgcolor=\"$color[5]\"><td colspan=2i align=\"center\">";
+?>
+<small>Note: it is recommended that you configure your system using conf.pl, and not this plugin.
+conf.pl contains additional information regarding the purpose of variables and
+appropriate values, as well as additional verification steps.<br />
+Run or consult conf.pl should you run into difficulty with your configuration.</small>
+</td></tr>
+<?php
 
 $act_grp = 'Titles';  /* Active group */
 
@@ -263,8 +331,9 @@ foreach ( $newcfg as $k => $v ) {
             echo "</td></tr>\n";
             break;
         case SMOPT_TYPE_INTEGER:
-            if ( isset( $HTTP_POST_VARS[$e] ) ) {
-                $v = intval( $HTTP_POST_VARS[$e] );
+	    /* look for variable $e in POST, fill into $v */
+            if ( sqgetGlobalVar($e, $v, SQ_POST) ) {
+                $v = intval( $v );
                 $newcfg[$k] = $v;
             }
             echo "<tr><td>$name</td><td>".
@@ -275,8 +344,7 @@ foreach ( $newcfg as $k => $v ) {
             echo "</td></tr>\n";
             break;
         case SMOPT_TYPE_NUMLIST:
-            if ( isset( $HTTP_POST_VARS[$e] ) ) {
-                $v = $HTTP_POST_VARS[$e];
+            if (  sqgetGlobalVar($e, $v, SQ_POST) ) {
                 $newcfg[$k] = $v;
             }
             echo "<tr><td>$name</td><td>";
@@ -295,8 +363,8 @@ foreach ( $newcfg as $k => $v ) {
             echo "</td></tr>\n";
             break;
         case SMOPT_TYPE_STRLIST:
-            if ( isset( $HTTP_POST_VARS[$e] ) ) {
-                $v = '"' . $HTTP_POST_VARS[$e] . '"';
+            if (  sqgetGlobalVar($e, $v, SQ_POST) ) {
+                $v = '"' . $v . '"';
                 $newcfg[$k] = $v;
             }
             echo "<tr><td>$name</td><td>".
@@ -316,8 +384,8 @@ foreach ( $newcfg as $k => $v ) {
             break;
 
         case SMOPT_TYPE_TEXTAREA:
-            if ( isset( $HTTP_POST_VARS[$e] ) ) {
-                $v = '"' . $HTTP_POST_VARS[$e] . '"';
+            if (  sqgetGlobalVar($e, $v, SQ_POST) ) {
+                $v = '"' . $v . '"';
                 $newcfg[$k] = str_replace( "\n", '', $v );
             }
             echo "<tr><td valign=top>$name</td><td>".
@@ -328,8 +396,8 @@ foreach ( $newcfg as $k => $v ) {
             echo "</td></tr>\n";
             break;
         case SMOPT_TYPE_STRING:
-            if ( isset( $HTTP_POST_VARS[$e] ) ) {
-                $v = '"' . $HTTP_POST_VARS[$e] . '"';
+            if (  sqgetGlobalVar($e, $v, SQ_POST) ) {
+                $v = '"' . $v . '"';
                 $newcfg[$k] = $v;
             }
             if ( $v == '""' && isset( $defcfg[$k]['default'] ) ) {
@@ -344,8 +412,7 @@ foreach ( $newcfg as $k => $v ) {
             echo "</td></tr>\n";
             break;
         case SMOPT_TYPE_BOOLEAN:
-            if ( isset( $HTTP_POST_VARS[$e] ) ) {
-                $v = $HTTP_POST_VARS[$e];
+            if (  sqgetGlobalVar($e, $v, SQ_POST) ) {
                 $newcfg[$k] = $v;
             } else {
                 $v = strtoupper( $v );
@@ -365,6 +432,22 @@ foreach ( $newcfg as $k => $v ) {
             }
             echo "</td></tr>\n";
             break;
+	case SMOPT_TYPE_PATH:
+            if (  sqgetGlobalVar($e, $v, SQ_POST) ) {
+               $v = change_to_sm_path($v);
+               $newcfg[$k] = $v;
+            }
+            if ( $v == "''" && isset( $defcfg[$k]['default'] ) ) {
+               $v = change_to_sm_path($defcfg[$k]['default']);
+               $newcfg[$k] = $v;
+            }
+	    echo "<tr><td>$name</td><td>".
+                 "<input size=\"$size\" name=\"adm_$n\" value=\"" . change_to_rel_path($v) . "\">";
+            if ( isset( $defcfg[$k]['comment'] ) ) {
+                 echo ' &nbsp; ' . $defcfg[$k]['comment'];
+            }
+	    echo "</td></tr>\n";
+	    break;
         default:
             echo "<tr><td>$name</td><td>" .
                  "<b><i>$v</i></b>";
@@ -374,7 +457,6 @@ foreach ( $newcfg as $k => $v ) {
             echo "</td></tr>\n";
         }
     }
-
 }
 
 /* Special Themes Block */
@@ -386,8 +468,8 @@ if ( $colapse['Group7'] == 'off' ) {
     while ( isset( $newcfg["\$theme[$i]['NAME']"] ) ) {
         $k1 = "\$theme[$i]['NAME']";
         $e1 = "theme_name_$i";
-        if ( isset( $HTTP_POST_VARS[$e1] ) ) {
-            $v1 = '"' . str_replace( '\"', '"', $HTTP_POST_VARS[$e1] ) . '"';
+        if (  sqgetGlobalVar($e, $v1, SQ_POST) ) {
+            $v1 = '"' . str_replace( '\"', '"', $v1 ) . '"';
             $v1 = '"' . str_replace( '"', '\"', $v1 ) . '"';
             $newcfg[$k1] = $v1;
         } else {
@@ -395,15 +477,14 @@ if ( $colapse['Group7'] == 'off' ) {
         }
         $k2 = "\$theme[$i]['PATH']";
         $e2 = "theme_path_$i";
-        if ( isset( $HTTP_POST_VARS[$e2] ) ) {
-            $v2 = '"' . str_replace( '\"', '"', $HTTP_POST_VARS[$e2] ) . '"';
-            $v2 = '"' . str_replace( '"', '\"', $v2 ) . '"';
-            $newcfg[$k2] = $v2;
+        if (  sqgetGlobalVar($e, $v2, SQ_POST) ) {
+            $v2 = change_to_sm_path($v2);
+	    $newcfg[$k2] = $v2;
         } else {
             $v2 = $newcfg[$k2];
         }
         $name = substr( $v1, 1, strlen( $v1 ) - 2 );
-        $path = substr( $v2, 1, strlen( $v2 ) - 2 );
+        $path = change_to_rel_path($v2);
         echo '<tr>'.
              "<td align=right>$i. <input name=\"$e1\" value=\"$name\" size=30></td>".
              "<td><input name=\"$e2\" value=\"$path\" size=40></td>".
@@ -425,26 +506,25 @@ echo "<tr bgcolor=\"$color[0]\"><th colspan=2>" .
 
 if( $colapse['Group8'] == 'off' ) {
 
-    $fd = opendir( '../plugins/' );
-    $op_plugin = array();
-    $p_count = 0;
-    while (false!==($file = readdir($fd))) {
-        if ($file != '.' && $file != '..' && $file != 'CVS' ) {
-            if ( filetype( $file ) == 'dir' ) {
-                $op_plugin[] = $file;
-                $p_count++;
-            }
+  $plugpath = SM_PATH . 'plugins/';
+  if ( file_exists($plugpath) ) {
+      $fd = opendir( $plugpath );
+      $op_plugin = array();
+      $p_count = 0;
+      while (false !== ($file = readdir($fd))) {
+        if ($file != '.' && $file != '..' && $file != 'CVS' && is_dir($plugpath . $file) ) {
+            $op_plugin[] = $file;
+            $p_count++;
         }
-    }
-    closedir($fd);
-    asort( $op_plugin );
+      }
+      closedir($fd);
+      asort( $op_plugin );
 
-    /* Lets get the plugins that are active */
-    $plugins = array();
-    if ( isset( $HTTP_POST_VARS['plg'] ) ) {
+      /* Lets get the plugins that are active */
+      $plugins = array();
+      if (  sqgetGlobalVar('plg', $v, SQ_POST) ) {
         foreach ( $op_plugin as $plg ) {
-            if ( isset( $HTTP_POST_VARS["plgs_$plg"] ) &&
-                 $HTTP_POST_VARS["plgs_$plg"] == 'on' ) {
+            if (  sqgetGlobalVar("plgs_$plg", $v, SQ_POST) && $v == 'on' ) {
                 $plugins[] = $plg;
             }
         }
@@ -459,7 +539,7 @@ if( $colapse['Group8'] == 'off' ) {
             $newcfg[$k] = '';
             $i++;
         }
-    } else {
+      } else {
         $i = 0;
         while ( isset( $newcfg["\$plugins[$i]"] ) ) {
             $k = "\$plugins[$i]";
@@ -467,9 +547,9 @@ if( $colapse['Group8'] == 'off' ) {
             $plugins[] = substr( $v, 1, strlen( $v ) - 2 );
             $i++;
         }
-    }
-    echo "<tr><td colspan=2><input type=hidden name=plg value=on><center><table><tr><td>";
-    foreach ( $op_plugin as $plg ) {
+      }
+      echo "<tr><td colspan=2><input type=hidden name=plg value=on><center><table><tr><td>";
+      foreach ( $op_plugin as $plg ) {
         if ( in_array( $plg, $plugins ) ) {
             $sw = ' checked';
         } else {
@@ -478,9 +558,11 @@ if( $colapse['Group8'] == 'off' ) {
         echo '<tr>' .
              "<td>$plg</td><td><input$sw type=checkbox name=plgs_$plg></td>".
              "</tr>\n";
-    }
-    echo '</td></tr></table>';
-
+      }
+      echo '</td></tr></table></td></tr>';
+  } else {
+      echo '<tr><td colspan=2 align="center">Plugin directory could not be found: ' . $plugpath . "</td></tr>\n";
+  }
 }
 echo "<tr bgcolor=\"$color[5]\"><th colspan=2><input value=\"" .
      _("Change Settings") . "\" type=submit></th></tr>" ,
@@ -514,5 +596,4 @@ if( $fp = @fopen( $cfgfile, 'w' ) ) {
          _("Config file can't be opened. Please check config.php.").
          '</font>';
 }
-
 ?>