X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=plugins%2Fmail_fetch%2Ffunctions.php;h=1c4fcd9e75334d2802531621feafec833e770fa4;hp=807323d1552faf1be9c644ce15a436b5160f84da;hb=0fcb12718ed2c817e8be5b0bb1eb947ffb93d423;hpb=1977ab5587905d225c6288141b82f7a6e3d29d02;ds=sidebyside diff --git a/plugins/mail_fetch/functions.php b/plugins/mail_fetch/functions.php index 807323d1..1c4fcd9e 100644 --- a/plugins/mail_fetch/functions.php +++ b/plugins/mail_fetch/functions.php @@ -9,7 +9,7 @@ * and josh@superfork.com (extracted from php manual) * Adapted for MailFetch by Philippe Mingo * - * @copyright 1999-2010 The SquirrelMail Project Team + * @copyright 1999-2012 The SquirrelMail Project Team * @license http://opensource.org/licenses/gpl-license.php GNU Public License * @version $Id$ * @package plugins @@ -22,7 +22,8 @@ include_once (SM_PATH . 'plugins/mail_fetch/constants.php'); include_once (SM_PATH . 'plugins/mail_fetch/class.mail_fetch.php'); /** declare plugin globals */ -global $mail_fetch_allow_unsubscribed; +global $mail_fetch_allow_unsubscribed, $mail_fetch_allowable_ports, + $mail_fetch_block_server_pattern; /** * Add link to menu at top of content pane @@ -311,18 +312,21 @@ function mail_fetch_folderact_function($args) { // end of hooked functions /** - * hex2bin - document me + * hex2bin - convert a hexadecimal string into binary + * Exists since PHP 5.4. */ -function hex2bin( $data ) { +if ( ! function_exists('hex2bin') ) { + function hex2bin( $data ) { - /* Original code by josh@superfork.com */ + /* Original code by josh@superfork.com */ - $len = strlen($data); - $newdata = ''; - for( $i=0; $i < $len; $i += 2 ) { - $newdata .= pack( "C", hexdec( substr( $data, $i, 2) ) ); + $len = strlen($data); + $newdata = ''; + for( $i=0; $i < $len; $i += 2 ) { + $newdata .= pack( "C", hexdec( substr( $data, $i, 2) ) ); + } + return $newdata; } - return $newdata; } function mf_keyED( $txt ) { @@ -417,3 +421,68 @@ function mail_fetch_check_noselect($imap_stream,$imap_folder) { } return false; } + +/** + * Validate a requested POP3 port number + * + * Allowable port numbers are configured in config.php + * (see config_example.php for an example and more + * rules about how the list of allowable port numbers + * can be specified) + * + * @param int $requested_port The port number given by the user + * + * @return string An error string is returned if the port + * number is not allowable, otherwise an + * empty string is returned. + * + */ +function validate_mail_fetch_port_number($requested_port) { + global $mail_fetch_allowable_ports; + if (empty($mail_fetch_allowable_ports)) + $mail_fetch_allowable_ports = array(110, 995); + + if (in_array('ALL', $mail_fetch_allowable_ports)) + return ''; + + if (!in_array($requested_port, $mail_fetch_allowable_ports)) { + sq_change_text_domain('mail_fetch'); + $error = _("Sorry, that port number is not allowed"); + sq_change_text_domain('squirrelmail'); + return $error; + } + + return ''; +} + +/** + * Validate a requested POP3 server address + * + * Blocked server addresses are configured in config.php + * (see config_example.php for more details) + * + * @param int $requested_address The server address given by the user + * + * @return string An error string is returned if the server + * address is not allowable, otherwise an + * empty string is returned. + * + */ +function validate_mail_fetch_server_address($requested_address) { + global $mail_fetch_block_server_pattern; + if (empty($mail_fetch_block_server_pattern)) + $mail_fetch_block_server_pattern = '/(^10\.)|(^192\.)|(^127\.)|(^localhost)/'; + + if ($mail_fetch_block_server_pattern == 'UNRESTRICTED') + return ''; + + if (preg_match($mail_fetch_block_server_pattern, $requested_address)) { + sq_change_text_domain('mail_fetch'); + $error = _("Sorry, that server address is not allowed"); + sq_change_text_domain('squirrelmail'); + return $error; + } + + return ''; +} +