Added option to do data and attachment directory hashing, up to four levels. Will...

Should work for both data directory and attachment. Also modified Squirrelspell plugin to use this as well.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@1857 7612ce4b-ef26-0410-bec9-ea0150e637f0

diff --git a/config/conf.pl b/config/conf.pl
index 12fa4c77fcafc0f7e53bd372e793c5f115301fbf..ec277285e5c279cc0ab55725faa4edc83bc0a093 100755 (executable)
--- a/config/conf.pl
+++ b/config/conf.pl
@@ -6,7 +6,7 @@
 #
 # $Id$
 ############################################################              
 #
 # $Id$
 ############################################################              

-$conf_pl_version = "x63";
+$conf_pl_version = "x64";

 
 ############################################################              
 # Some people try to run this as a CGI. That's wrong!
 
 ############################################################              
 # Some people try to run this as a CGI. That's wrong!


@@ -344,10 +344,11 @@ while (($command ne "q") && ($command ne "Q")) {
       print "1.  Default Charset        : $WHT$default_charset$NRM\n";
       print "2.  Data Directory         : $WHT$data_dir$NRM\n";
       print "3.  Attachment Directory   : $WHT$attachment_dir$NRM\n";
       print "1.  Default Charset        : $WHT$default_charset$NRM\n";
       print "2.  Data Directory         : $WHT$data_dir$NRM\n";
       print "3.  Attachment Directory   : $WHT$attachment_dir$NRM\n";

-      print "4.  Default Left Size      : $WHT$default_left_size$NRM\n";
-      print "5.  Usernames in Lowercase : $WHT$force_username_lowercase$NRM\n";
-      print "6.  Allow use of priority  : $WHT$default_use_priority$NRM\n";
-      print "7.  Hide SM attributions   : $WHT$hide_sm_attributions$NRM\n";
+      print "4.  Directory Hash Level   : $WHT$dir_hash_level$NRM\n";
+      print "5.  Default Left Size      : $WHT$default_left_size$NRM\n";
+      print "6.  Usernames in Lowercase : $WHT$force_username_lowercase$NRM\n";
+      print "7.  Allow use of priority  : $WHT$default_use_priority$NRM\n";
+      print "8.  Hide SM attributions   : $WHT$hide_sm_attributions$NRM\n";

       print "\n";
       print "R   Return to Main Menu\n";
    } elsif ($menu == 5) {
       print "\n";
       print "R   Return to Main Menu\n";
    } elsif ($menu == 5) {


@@ -501,12 +502,13 @@ while (($command ne "q") && ($command ne "Q")) {
          elsif ($command == 16) { $auto_create_special            = command214(); }
       } elsif ($menu == 4) {
          if    ($command == 1) { $default_charset          = command31 (); }
          elsif ($command == 16) { $auto_create_special            = command214(); }
       } elsif ($menu == 4) {
          if    ($command == 1) { $default_charset          = command31 (); }

-         elsif ($command == 2) { $data_dir                 = command33 (); }
-         elsif ($command == 3) { $attachment_dir           = command34 (); }
-         elsif ($command == 4) { $default_left_size        = command35 (); }
-        elsif ($command == 5) { $force_username_lowercase = command36 (); }
-        elsif ($command == 6) { $default_use_priority     = command37 (); }
-         elsif ($command == 7) { $hide_sm_attributions     = command38 (); }
+         elsif ($command == 2) { $data_dir                 = command33a (); }
+         elsif ($command == 3) { $attachment_dir           = command33b (); }
+         elsif ($command == 4) { $dir_hash_level           = command33c (); }
+         elsif ($command == 5) { $default_left_size        = command35 (); }
+        elsif ($command == 6) { $force_username_lowercase = command36 (); }
+        elsif ($command == 7) { $default_use_priority     = command37 (); }
+         elsif ($command == 8) { $hide_sm_attributions     = command38 (); }

       } elsif ($menu == 5) {
          if    ($command == 1) { command41 (); }
          elsif ($command == 2) { $theme_css = command42 (); }
       } elsif ($menu == 5) {
          if    ($command == 1) { command41 (); }
          elsif ($command == 2) { $theme_css = command42 (); }


@@ -1270,7 +1272,7 @@ sub command31 {
 }
 
 # Data directory
 }
 
 # Data directory

-sub command33 {
+sub command33a {

    print "It is a possible security hole to have a writable directory\n";
    print "under the web server's root directory (ex: /home/httpd/html).\n";
    print "For this reason, it is possible to put the data directory\n";
    print "It is a possible security hole to have a writable directory\n";
    print "under the web server's root directory (ex: /home/httpd/html).\n";
    print "For this reason, it is possible to put the data directory\n";


@@ -1298,7 +1300,7 @@ sub command33 {
 }
 
 # Attachment directory
 }
 
 # Attachment directory

-sub command34 {
+sub command33b {

    print "Path to directory used for storing attachments while a mail is\n";
    print "being sent.  There are a few security considerations regarding this\n";
    print "directory:\n";
    print "Path to directory used for storing attachments while a mail is\n";
    print "being sent.  There are a few security considerations regarding this\n";
    print "directory:\n";


@@ -1329,6 +1331,39 @@ sub command34 {
    return $new_attachment_dir;
 }
 
    return $new_attachment_dir;
 }
 

+sub command33c {
+   print "The directory hash level setting allows you to configure the level\n";
+   print "of hashing that Squirremail employs in your data and attachment\n";
+   print "directories. This value must be an integer ranging from 0 to 4.\n";
+   print "When this value is set to 0, Squirrelmail will simply store all\n";
+   print "files as normal in the data and attachment directories. However,\n";
+   print "when set to a value from 1 to 4, a simple hashing scheme will be\n";
+   print "used to organize the files in this directory. In short, the crc32\n";
+   print "value for a username will be computed. Then, up to the first 4\n";
+   print "digits of the hash, as set by this configuration value, will be\n";
+   print "used to directory hash the files for that user in the data and\n";
+   print "attachment directory. This allows for better performance on\n";
+   print "servers with larger numbers of users.\n";
+   print "\n";
+
+   print "[$WHT$dir_hash_level$NRM]: $WHT";
+   $new_dir_hash_level = <STDIN>;
+   if ($new_dir_hash_level eq "\n") {
+      $new_dir_hash_level = $dir_hash_level;
+   } else {
+      $new_dir_hash_level =~ s/[\r|\n]//g;
+   }
+   if (($new_dir_hash_level < 0) || ($new_dir_hash_level > 4)) {
+      print "Invalid Directory Hash Level.\n";
+      print "Value must be an integer ranging from 0 to 4\n";
+      print "Hit enter to continue.\n";
+      $enter_key = <STDIN>;
+
+      $new_dir_hash_level = $dir_hash_level;
+   }
+
+   return $new_dir_hash_level;
+}

 
 sub command35 {
    print "This is the default size (in pixels) of the left folder list.\n";
 
 sub command35 {
    print "This is the default size (in pixels) of the left folder list.\n";


@@ -1794,12 +1829,14 @@ sub save_data {
    print FILE "\t\$auto_create_special              =  $auto_create_special;\n";
    print FILE "\n";
 
    print FILE "\t\$auto_create_special              =  $auto_create_special;\n";
    print FILE "\n";
 

-   print FILE "\tglobal \$default_charset, \$data_dir, \$attachment_dir;\n";
+   print FILE "\tglobal \$default_charset;\n";
+   print FILE "\tglobal \$data_dir, \$attachment_dir, \$dir_hash_level;\n";

    print FILE "\tglobal \$default_left_size, \$force_username_lowercase;\n";
    print FILE "\tglobal \$default_use_priority, \$hide_sm_attributions;\n";
    print FILE "\t\$default_charset          = \"$default_charset\";\n";
    print FILE "\t\$data_dir                 = \"$data_dir\";\n";
    print FILE "\t\$attachment_dir           = \"$attachment_dir\";\n";
    print FILE "\tglobal \$default_left_size, \$force_username_lowercase;\n";
    print FILE "\tglobal \$default_use_priority, \$hide_sm_attributions;\n";
    print FILE "\t\$default_charset          = \"$default_charset\";\n";
    print FILE "\t\$data_dir                 = \"$data_dir\";\n";
    print FILE "\t\$attachment_dir           = \"$attachment_dir\";\n";

+   print FILE "\t\$dir_hash_level           = $dir_hash_level;\n";

    print FILE "\t\$default_left_size        =  $default_left_size;\n";
    print FILE "\t\$force_username_lowercase = $force_username_lowercase;\n";
    print FILE "\t\$default_use_priority     = $default_use_priority;\n";
    print FILE "\t\$default_left_size        =  $default_left_size;\n";
    print FILE "\t\$force_username_lowercase = $force_username_lowercase;\n";
    print FILE "\t\$default_use_priority     = $default_use_priority;\n";

diff --git a/config/config_default.php b/config/config_default.php
index 889aaa7456c87c54d16118b03e1fc7602ef751c0..fe4f88c143baeee67047e4bc930c1e03520be38e 100644 (file)
--- a/config/config_default.php
+++ b/config/config_default.php
@@ -212,6 +212,10 @@
     global $attachment_dir;
     $attachment_dir = $data_dir;
 
     global $attachment_dir;
     $attachment_dir = $data_dir;
 

+// Hash level used for data directory.
+    global $dir_hash_level;
+    $dir_hash_level = 0;
+

 //  This is the default size of the folder list.  Default is 150,
 //  but you can set it to whatever you wish.
    global $default_left_size;
 //  This is the default size of the folder list.  Default is 150,
 //  but you can set it to whatever you wish.
    global $default_left_size;

diff --git a/functions/addressbook.php b/functions/addressbook.php
index 6a45f348f23b886bc1678fdc137b251e13dae15e..457ca7daab568b60e1aea5e508ec271b37a1fa62 100644 (file)
--- a/functions/addressbook.php
+++ b/functions/addressbook.php
@@ -79,7 +79,7 @@ require_once('../functions/abook_ldap_server.php');
         }
       } else {
         // File
         }
       } else {
         // File

-        $filename = sprintf('%s%s.abook', $data_dir, $username);
+        $filename = getHashedFile($username, $data_dir, "$username.abook");

         $r = $abook->add_backend('local_file', Array('filename' => $filename,
                                                      'create'   => true));
         if(!$r && $showerr) {
         $r = $abook->add_backend('local_file', Array('filename' => $filename,
                                                      'create'   => true));
         if(!$r && $showerr) {

diff --git a/functions/prefs.php b/functions/prefs.php
index a41121353c419915121a8a56083177dad65767e9..35e7860717d9859ca3f8129efd0adfb6e9b6b9e8 100644 (file)
--- a/functions/prefs.php
+++ b/functions/prefs.php
@@ -27,7 +27,7 @@ function cachePrefValues($data_dir, $username) {
         return;
     }
 
         return;
     }
 

-    $filename = $data_dir . $username . '.pref';
+    $filename = getHashedFile($username, $data_dir, "$username.pref");

 
     if (!file_exists($filename)) {
         printf (_("Preference file, %s, does not exist. Log out, and log back in to create a default preference file."), $filename);
 
     if (!file_exists($filename)) {
         printf (_("Preference file, %s, does not exist. Log out, and log back in to create a default preference file."), $filename);


@@ -88,7 +88,9 @@ function getPref($data_dir, $username, $string, $default = '') {
 function savePrefValues($data_dir, $username) {
     global $prefs_cache;
    
 function savePrefValues($data_dir, $username) {
     global $prefs_cache;
    

-    $file = fopen($data_dir . $username . '.pref', 'w');
+    $filename = getHashedFile($username, $data_dir, "$username.pref");
+
+    $file = fopen($filename, 'w');

     foreach ($prefs_cache as $Key => $Value) {
         if (isset($Value)) {
             fwrite($file, $Key . '=' . $Value . "\n");
     foreach ($prefs_cache as $Key => $Value) {
         if (isset($Value)) {
             fwrite($file, $Key . '=' . $Value . "\n");


@@ -136,7 +138,7 @@ function setPref($data_dir, $username, $string, $value) {
  * Check for a preferences file. If one can not be found, create it.
  */
 function checkForPrefs($data_dir, $username) {
  * Check for a preferences file. If one can not be found, create it.
  */
 function checkForPrefs($data_dir, $username) {

-    $filename = $data_dir . $username . '.pref';
+    $filename = getHashedFile($username, $data_dir, "$username.pref");

     if (!file_exists($filename) ) {
         if (!copy($data_dir . 'default_pref', $filename)) {
             echo _("Error opening ") . $filename;
     if (!file_exists($filename) ) {
         if (!copy($data_dir . 'default_pref', $filename)) {
             echo _("Error opening ") . $filename;


@@ -149,7 +151,8 @@ function checkForPrefs($data_dir, $username) {
  * Write the User Signature.
  */
 function setSig($data_dir, $username, $value) {
  * Write the User Signature.
  */
 function setSig($data_dir, $username, $value) {

-    $file = fopen($data_dir . $username . '.sig', 'w');
+    $filename = getHashedFile($username, $data_dir, "$username.sig");
+    $file = fopen($filename, 'w');

     fwrite($file, $value);
     fclose($file);
 }
     fwrite($file, $value);
     fclose($file);
 }


@@ -158,7 +161,8 @@ function setSig($data_dir, $username, $value) {
  * Get the signature.
  */
 function getSig($data_dir, $username) {
  * Get the signature.
  */
 function getSig($data_dir, $username) {

-    $filename = $data_dir . $username . '.sig';
+    #$filename = $data_dir . $username . '.sig';
+    $filename = getHashedFile($username, $data_dir, "$username.sig");

     $sig = '';
     if (file_exists($filename)) {
         $file = fopen($filename, 'r');
     $sig = '';
     if (file_exists($filename)) {
         $file = fopen($filename, 'r');


@@ -170,4 +174,72 @@ function getSig($data_dir, $username) {
     return $sig;
 }
 
     return $sig;
 }
 

+function getHashedFile($username, $dir, $datafile, $hash_search = true) {
+    global $dir_hash_level;
+
+    /* Compute the hash for this user and extract the hash directories. */
+    $hash_dirs = computeHashDirs($username);
+
+    /* First, get and make sure the full hash directory exists. */
+    $real_hash_dir = getHashedDir($username, $dir, $hash_dirs);
+
+    /* Set the value of our real data file. */
+    $result = "$real_hash_dir/$datafile";
+
+    /* Check for this file in the real hash directory. */
+    if ($hash_search && !file_exists($result)) {
+        /* First check the base directory, the most common location. */
+        if (file_exists("$dir/$datafile")) {
+            rename("$dir/$datafile", $result);
+
+        /* Then check the full range of possible hash directories. */
+        } else {
+            $check_hash_dir = $dir;
+            for ($h = 0; $h < 4; ++$h) {
+                $check_hash_dir .= '/' . $hash_dirs[$h];
+                if (is_readable("$check_hash_dir/$datafile")) {
+                    rename("$check_hash_dir/$datafile", $result);
+                    break;
+                }
+            }
+        }
+    }
+     
+    /* Return the full hashed datafile path. */
+    return ($result);
+}
+
+function getHashedDir($username, $dir, $hash_dirs = '') {
+    global $dir_hash_level;
+
+    /* If necessary, populate the hash dir variable. */
+    if ($hash_dirs == '') {
+        $hash_dirs = computeHashDirs($username);
+    }
+
+    /* Make sure the full hash directory exists. */
+    $real_hash_dir = $dir;
+    for ($h = 0; $h < $dir_hash_level; ++$h) {
+        $real_hash_dir .= '/' . $hash_dirs[$h];
+        if (!is_dir($real_hash_dir)) {
+            mkdir($real_hash_dir, 0770);
+        }
+    }
+
+    /* And return that directory. */
+    return ($real_hash_dir);
+}
+
+function computeHashDirs($username) {
+    /* Compute the hash for this user and extract the hash directories. */
+    $hash = base_convert(crc32($username), 10, 16);
+    $hash_dirs = array();
+    for ($h = 0; $h < 4; ++ $h) {
+        $hash_dirs[] = substr($hash, $h, 1);
+    }
+
+    /* Return our array of hash directories. */
+    return ($hash_dirs);
+}
+

 ?>
 ?>

diff --git a/functions/smtp.php b/functions/smtp.php
index 4ef0c611332539a7dfa514b38379d8a4fedf9a67..e506373017333a677bbc37e2b1e4581d219471e6 100644 (file)
--- a/functions/smtp.php
+++ b/functions/smtp.php
@@ -30,6 +30,7 @@
 
 require_once('../functions/addressbook.php');
 require_once('../functions/plugin.php');
 
 require_once('../functions/addressbook.php');
 require_once('../functions/plugin.php');

+require_once('../functions/prefs.php');

 
 global $username, $popuser, $domain;
 
 
 global $username, $popuser, $domain;
 


@@ -116,10 +117,11 @@ global $username, $popuser, $domain;
 
    // Attach the files that are due to be attached
    function attachFiles ($fp) {
 
    // Attach the files that are due to be attached
    function attachFiles ($fp) {

-      global $attachments, $attachment_dir;
+      global $attachments, $attachment_dir, $username;

 
       $length = 0;
 
 
       $length = 0;
 

+      $hashed_attachment_dir = getHashedDir($username, $attachment_dir);

       if (isMultipart()) {
          foreach ($attachments as $info)
         {
       if (isMultipart()) {
          foreach ($attachments as $info)
         {


@@ -136,7 +138,9 @@ global $username, $popuser, $domain;
             
            // Use 'rb' for NT systems -- read binary
            // Unix doesn't care -- everything's binary!  :-)
             
            // Use 'rb' for NT systems -- read binary
            // Unix doesn't care -- everything's binary!  :-)

-            $file = fopen ($attachment_dir . $info['localfilename'], 'rb');
+             
+            $filename = $hashed_attachment_dir . '/' . $info['localfilename'];
+            $file = fopen ($filename, 'rb');

            if (substr($filetype, 0, 5) == 'text/' ||
                $filetype == 'message/rfc822') {
               $header .= "\r\n";
            if (substr($filetype, 0, 5) == 'text/' ||
                $filetype == 'message/rfc822') {
               $header .= "\r\n";


@@ -172,12 +176,14 @@ global $username, $popuser, $domain;
    function deleteAttachments() {
       global $attachments, $attachment_dir;
 
    function deleteAttachments() {
       global $attachments, $attachment_dir;
 

+      $hashed_attachment_dir = getHashedDir($username, $attachment_dir);

       if (isMultipart()) {
          reset($attachments);
          while (list($localname, $remotename) = each($attachments)) {
             if (!ereg ("\\/", $localname)) {
       if (isMultipart()) {
          reset($attachments);
          while (list($localname, $remotename) = each($attachments)) {
             if (!ereg ("\\/", $localname)) {

-               unlink ($attachment_dir.$localname);
-               unlink ($attachment_dir.$localname.'.info');
+               $filename = $hashed_attachment_dir . '/' . $localname;
+               unlink ($filename);
+               unlink ("$filename.info");

             }
          }
       }
             }
          }
       }

diff --git a/plugins/squirrelspell/modules/forget_me.mod.php b/plugins/squirrelspell/modules/forget_me.mod.php
index d484a1a59e2fabdd52c08ee0a825736f69276935..9f9417574e611b2bce0a6b785b93749970ad1d8a 100644 (file)
--- a/plugins/squirrelspell/modules/forget_me.mod.php
+++ b/plugins/squirrelspell/modules/forget_me.mod.php
@@ -20,7 +20,7 @@
         $lang_words = sqspell_getLang($words, $sqspell_use_app);
         $msg = '<p>'.
                sprintf( _("Deleting the following entries from <strong>%s</strong> dictionary:", $sqspell_use_app ) .
         $lang_words = sqspell_getLang($words, $sqspell_use_app);
         $msg = '<p>'.
                sprintf( _("Deleting the following entries from <strong>%s</strong> dictionary:", $sqspell_use_app ) .

-               '</p>'.
+               '</p>' .

                "<ul>\n";
         for ($i=0; $i<sizeof($words_ary); $i++){
             // remove word by word...
                "<ul>\n";
         for ($i=0; $i<sizeof($words_ary); $i++){
             // remove word by word...


@@ -56,4 +56,4 @@
         sqspell_makePage(_("Personal Dictionary"), null, '<p>' . _("No changes requested.") . '</p>');
     }
     
         sqspell_makePage(_("Personal Dictionary"), null, '<p>' . _("No changes requested.") . '</p>');
     }
     

-?>
\ No newline at end of file
+?>

diff --git a/plugins/squirrelspell/sqspell_config.php b/plugins/squirrelspell/sqspell_config.php
index f83f77c4d676b6a7db1aeda72fcd03e932d6fcab..ef018d5ed89c21d642af84a07a8f274b3a1dd5b3 100644 (file)
--- a/plugins/squirrelspell/sqspell_config.php
+++ b/plugins/squirrelspell/sqspell_config.php
@@ -1,25 +1,27 @@
 <?php
 
    /**
 <?php
 
    /**

-    **  sqspell_config.php -- SquirrelSpell Configuration file.
-    **
-    **  Copyright (c) 1999-2001 The SquirrelMail development team
-    **  Licensed under the GNU GPL. For full terms see the file COPYING.
-    **
-    **
-    **
-    **  $Id$
-    **/
+    * sqspell_config.php -- SquirrelSpell Configuration file.
+    *
+    *  Copyright (c) 1999-2001 The SquirrelMail Development Team
+    *  Licensed under the GNU GPL. For full terms see the file COPYING.
+    *
+    *
+    *
+    * $Id$
+    */
+
+    require_once('../functions/prefs.php');

 
     /* Just for poor wretched souls with E_ALL. :) */
     global $username, $data_dir;
 
 
     /* Just for poor wretched souls with E_ALL. :) */
     global $username, $data_dir;
 

-

     $SQSPELL_APP = array( 'English' => 'ispell -a',
                           'Spanish' => 'ispell -d spanish -a' );
     $SQSPELL_APP_DEFAULT = 'English';
     $SQSPELL_APP = array( 'English' => 'ispell -a',
                           'Spanish' => 'ispell -d spanish -a' );
     $SQSPELL_APP_DEFAULT = 'English';

-    $SQSPELL_WORDS_FILE = "$data_dir/$username.words";
+    $SQSPELL_WORDS_FILE = 
+        getHashedFile($username, $data_dir, "$username.words");

     $SQSPELL_EREG = 'ereg';
     $SQSPELL_SOUP_NAZI = 'Mozilla/3, Mozilla/2, Opera 4, Opera/4, Macintosh';
 
     $SQSPELL_EREG = 'ereg';
     $SQSPELL_SOUP_NAZI = 'Mozilla/3, Mozilla/2, Opera 4, Opera/4, Macintosh';
 

-?>
\ No newline at end of file
+?>

diff --git a/src/compose.php b/src/compose.php
index fef3d070c65c89c28c104035f8a4a7963d98470b..27dee5d99b45098eeaf5b7a5ecad6d03914b55ad 100644 (file)
--- a/src/compose.php
+++ b/src/compose.php
@@ -172,7 +172,7 @@ require_once('../functions/plugin.php');
 
    function getAttachments($message) {
       global $mailbox, $attachments, $attachment_dir, $imapConnection,
 
    function getAttachments($message) {
       global $mailbox, $attachments, $attachment_dir, $imapConnection,

-             $ent_num, $forward_id, $draft_id;
+             $ent_num, $forward_id, $draft_id, $username;

  
      if (isset($draft_id))
          $id = $draft_id;
  
      if (isset($draft_id))
          $id = $draft_id;


@@ -185,6 +185,7 @@ require_once('../functions/plugin.php');
                $mailbox);
       }
 
                $mailbox);
       }
 

+      $hashed_attachment_dir = getHashedDir($username, $attachment_dir);

       if (count($message->entities) == 0) {
           if ($message->header->entity_id != $ent_num) {
               $filename = decodeHeader($message->header->filename);
       if (count($message->entities) == 0) {
           if ($message->header->entity_id != $ent_num) {
               $filename = decodeHeader($message->header->filename);


@@ -193,8 +194,11 @@ require_once('../functions/plugin.php');
                   $filename = "untitled-".$message->header->entity_id;
 
               $localfilename = GenerateRandomString(32, '', 7);
                   $filename = "untitled-".$message->header->entity_id;
 
               $localfilename = GenerateRandomString(32, '', 7);

-              while (file_exists($attachment_dir . $localfilename))
+              $full_localfilename = "$hashed_attachment_dir/$localfilename";
+              while (file_exists($full_localfilename)) {

                   $localfilename = GenerateRandomString(32, '', 7);
                   $localfilename = GenerateRandomString(32, '', 7);

+                  $full_localfilename = "$hashed_attachment_dir/$localfilename";
+              }

 
               $newAttachment = array();
               $newAttachment['localfilename'] = $localfilename;
 
               $newAttachment = array();
               $newAttachment['localfilename'] = $localfilename;


@@ -203,7 +207,7 @@ require_once('../functions/plugin.php');
                  '/' . $message->header->type1);
 
               // Write Attachment to file
                  '/' . $message->header->type1);
 
               // Write Attachment to file

-              $fp = fopen ($attachment_dir.$localfilename, 'w');
+              $fp = fopen ("$hashed_attachment_dir/$localfilename", 'w');

               fputs ($fp, decodeBody(mime_fetch_body($imapConnection,
                   $id, $message->header->entity_id),
                   $message->header->encoding));
               fputs ($fp, decodeBody(mime_fetch_body($imapConnection,
                   $id, $message->header->entity_id),
                   $message->header->encoding));


@@ -366,16 +370,16 @@ require_once('../functions/plugin.php');
       echo " value=\"" . _("Add") ."\">\n";
       echo "     </td>\n";
       echo "   </tr>\n";
       echo " value=\"" . _("Add") ."\">\n";
       echo "     </td>\n";
       echo "   </tr>\n";

-      if (count($attachments))
-      {
+      if (count($attachments)) {
+         $hashed_attachment_dir = getHashedDir($username, $attachment_dir);

          echo "<tr><td bgcolor=\"$color[0]\" align=right>\n";
          echo "&nbsp;";
          echo "</td><td align=left bgcolor=\"$color[0]\">";
          foreach ($attachments as $key => $info) {
          echo "<tr><td bgcolor=\"$color[0]\" align=right>\n";
          echo "&nbsp;";
          echo "</td><td align=left bgcolor=\"$color[0]\">";
          foreach ($attachments as $key => $info) {

+            $attached_file = "$hashed_attachment_dir/$info[localfilename]";

             echo "<input type=\"checkbox\" name=\"delete[]\" value=\"$key\">\n";
             echo $info['remotefilename'] . " - " . $info['type'] . " (";
             echo "<input type=\"checkbox\" name=\"delete[]\" value=\"$key\">\n";
             echo $info['remotefilename'] . " - " . $info['type'] . " (";

-            echo show_readable_size(filesize($attachment_dir .
-                $info['localfilename'])) . ")<br>\n";
+            echo show_readable_size(filesize($attached_file)) . ")<br>\n";

          }
 
          echo "<input type=\"submit\" name=\"do_delete\" value=\""._("Delete selected attachments")."\">\n";
          }
 
          echo "<input type=\"submit\" name=\"do_delete\" value=\""._("Delete selected attachments")."\">\n";


@@ -447,14 +451,18 @@ require_once('../functions/plugin.php');
 
    // True if FAILURE
    function saveAttachedFiles() {
 
    // True if FAILURE
    function saveAttachedFiles() {

-      global $HTTP_POST_FILES, $attachment_dir, $attachments;
+      global $HTTP_POST_FILES, $attachment_dir, $attachments, $username;

       
       

+      $hashed_attachment_dir = getHashedDir($username, $attachment_dir);

       $localfilename = GenerateRandomString(32, '', 7);
       $localfilename = GenerateRandomString(32, '', 7);

-      while (file_exists($attachment_dir . $localfilename))
+      $full_localfilename = "$hashed_attachment_dir/$localfilename";
+      while (file_exists($full_localfilename)) {

           $localfilename = GenerateRandomString(32, '', 7);
           $localfilename = GenerateRandomString(32, '', 7);

+          $full_localfilename = "$hashed_attachment_dir/$localfilename";
+      }

 
 

-      if (!@rename($HTTP_POST_FILES['attachfile']['tmp_name'], $attachment_dir.$localfilename)) {
-         if (!@copy($HTTP_POST_FILES['attachfile']['tmp_name'], $attachment_dir.$localfilename)) {
+      if (!@rename($HTTP_POST_FILES['attachfile']['tmp_name'], $full_localfilename)) {
+         if (!@copy($HTTP_POST_FILES['attachfile']['tmp_name'], $full_localfilename)) {

             return true;
          }
       }
             return true;
          }
       }


@@ -600,11 +608,12 @@ require_once('../functions/plugin.php');
    } else if (isset($do_delete)) {
       displayPageHeader($color, $mailbox);
 
    } else if (isset($do_delete)) {
       displayPageHeader($color, $mailbox);
 

-      if (isset($delete) && is_array($delete))
-      {
-         foreach($delete as $index)
-         {
-            unlink ($attachment_dir.$attachments[$index]['localfilename']);
+      $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
+      if (isset($delete) && is_array($delete)) {
+         foreach($delete as $index) {
+            $attached_file = $hashed_attachment_dir . '/'
+                           . $attachments[$index]['localfilename'];
+            unlink ($attached_file);

             unset ($attachments[$index]);
          }
       }
             unset ($attachments[$index]);
          }
       }


@@ -633,11 +642,13 @@ require_once('../functions/plugin.php');
    }
 
    function ClearAttachments() {
    }
 
    function ClearAttachments() {

-       global $attachments, $attachment_dir;
+       global $username, $attachments, $attachment_dir;
+       $hashed_attachment_dir = getHashedDir($username, $attachment_dir);

 
        foreach ($attachments as $info) {
 
        foreach ($attachments as $info) {

-           if (file_exists($attachment_dir . $info['localfilename'])) {
-               unlink($attachment_dir . $info['localfilename']);
+           $attached_file = "$hashed_attachment_dir/$info[localfilename]";
+           if (file_exists($attached_file)) {
+               unlink($attached_file);

            }
        }
 
            }
        }
 

diff --git a/src/draft_actions.php b/src/draft_actions.php
index a665ba5a3d35535f98eec790992965489389fc5e..637909bb856326924dbbe23ce7a2eeaa6c8d4e77 100644 (file)
--- a/src/draft_actions.php
+++ b/src/draft_actions.php
@@ -142,20 +142,25 @@ function writeBodyForDraft ($fp, $passedBody) {
 
 
 function saveMessageAsDraft($t, $c, $b, $subject, $body, $reply_id) {
 
 
 function saveMessageAsDraft($t, $c, $b, $subject, $body, $reply_id) {

-    global $useSendmail, $msg_id, $is_reply, $mailbox, $onetimepad;
-    global $data_dir, $username, $domain, $key, $version, $sent_folder, $imapServerAddress, $imapPort;
-    global $draft_folder, $attachment_dir;
+    global $useSendmail, $msg_id, $is_reply, $mailbox, $onetimepad,
+           $data_dir, $username, $domain, $key, $version, $sent_folder,
+           $imapServerAddress, $imapPort, $draft_folder, $attachment_dir;

     $more_headers = Array();
 
     $imap_stream = sqimap_login($username, $key, $imapServerAddress, $imapPort, 1);
 
     $more_headers = Array();
 
     $imap_stream = sqimap_login($username, $key, $imapServerAddress, $imapPort, 1);
 

+    $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
+

     $tmpDraftFile = "draft-" . GenerateRandomString(32, '', 7);
     $tmpDraftFile = "draft-" . GenerateRandomString(32, '', 7);

-    while ( file_exists($attachment_dir .$tmpDraftFile)){
+    $full_tmpDraftFile = "$hashed_attachment_dir/$tmpDraftFile";
+    while (file_exists($full_tmpDraftFile)){

          $tmpDraftFile = "draft-" . GenerateRandomString(32, '', 7);
          $tmpDraftFile = "draft-" . GenerateRandomString(32, '', 7);

+         $full_tmpDraftFile = "$hashed_attachment_dir/$tmpDraftFile";

     }
     }

-    $fp = fopen($attachment_dir . $tmpDraftFile, 'w');
+    $fp = fopen($full_tmpDraftFile, 'w');

 
 

-    $headerlength = write822HeaderForDraft ($fp, $t, $c, $b, $subject, $more_headers, FALSE);
+    $headerlength = write822HeaderForDraft
+        ($fp, $t, $c, $b, $subject, $more_headers, FALSE);

     $bodylength = writeBodyForDraft ($fp, $body, FALSE);
     fclose($fp);
 
     $bodylength = writeBodyForDraft ($fp, $body, FALSE);
     fclose($fp);
 


@@ -163,7 +168,8 @@ function saveMessageAsDraft($t, $c, $b, $subject, $body, $reply_id) {
 
     if (sqimap_mailbox_exists ($imap_stream, $draft_folder)) {
         sqimap_append ($imap_stream, $draft_folder, $length);
 
     if (sqimap_mailbox_exists ($imap_stream, $draft_folder)) {
         sqimap_append ($imap_stream, $draft_folder, $length);

-        write822HeaderForDraft ($imap_stream, $t, $c, $b, $subject, $more_headers, TRUE);
+        write822HeaderForDraft
+            ($imap_stream, $t, $c, $b, $subject, $more_headers, TRUE);

         writeBodyForDraft ($imap_stream, $body, TRUE);
         sqimap_append_done ($imap_stream);
     }
         writeBodyForDraft ($imap_stream, $body, TRUE);
         sqimap_append_done ($imap_stream);
     }


@@ -171,8 +177,8 @@ function saveMessageAsDraft($t, $c, $b, $subject, $body, $reply_id) {
     if ($length){
         ClearAttachments();
     }
     if ($length){
         ClearAttachments();
     }

-    if (file_exists($attachment_dir . $tmpDraftFile)){
-        unlink ($attachment_dir . $tmpDraftFile);
+    if (file_exists($full_tmpDraftFile)){
+        unlink ($full_tmpDraftFile);

     }
     return $length;
 }
     }
     return $length;
 }

diff --git a/src/retrievalerror.php b/src/retrievalerror.php
index d2623abd4d6bd2e2c29257dee8fb96b73293dc4d..0fd94f2fb85064f9a841c7ca8b3ab7f17d9c46f9 100644 (file)
--- a/src/retrievalerror.php
+++ b/src/retrievalerror.php
@@ -42,11 +42,13 @@ require_once("../src/load_prefs.php");
 
 
    function ClearAttachments() {
 
 
    function ClearAttachments() {

-       global $attachments, $attachment_dir;
+       global $attachments, $attachment_dir, $username;

 
 

+       $hashed_attachment_dir = getHashedDir($username, $attachment_dir);

        foreach ($attachments as $info) {
        foreach ($attachments as $info) {

-           if (file_exists($attachment_dir . $info['localfilename'])) {
-               unlink($attachment_dir . $info['localfilename']);
+           $attached_file = "$hashed_attachment_dir/$info[localfilename]";
+           if (file_exists($attached_file)) {
+               unlink($attached_file);

            }
        }
 
            }
        }
 


@@ -63,12 +65,16 @@ require_once("../src/load_prefs.php");
    $thebastard = implode('', $data);
 
 
    $thebastard = implode('', $data);
 
 

-
+   $hashed_attachment_dir = getHashedDir($username, $attachment_dir);

    $localfilename = GenerateRandomString(32, '', 7);
    $localfilename = GenerateRandomString(32, '', 7);

-   while (file_exists($attachment_dir . $localfilename))
+   $full_localfilename = "$hashed_attachment_dir/$localfilename";
+   while (file_exists($full_localfilename)) {

        $localfilename = GenerateRandomString(32, '', 7);
        $localfilename = GenerateRandomString(32, '', 7);

+       $full_localfilename = "$hashed_attachment_dir/$localfilename";
+   }
+

    // Write Attachment to file
    // Write Attachment to file

-   $fp = fopen ($attachment_dir.$localfilename, 'w');
+   $fp = fopen ($full_localfilename, 'w');

    fputs ($fp, $thebastard);
    fclose ($fp);
 
    fputs ($fp, $thebastard);
    fclose ($fp);
 

diff --git a/src/right_main.php b/src/right_main.php
index 6e346257b795ff64a10bf58c6852cf6e2363f645..c7b72b68bbd68401d32bad2ba601b663847cbb21 100644 (file)
--- a/src/right_main.php
+++ b/src/right_main.php
@@ -33,6 +33,8 @@ require_once('../functions/display_messages.php');
  *    $key              pass                               *
  ***********************************************************/
 
  *    $key              pass                               *
  ***********************************************************/
 

+$bob = getHashedFile($username, $data_dir, "username.pref");
+

 /* Open a connection on the imap port (143) */
 $imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
 
 /* Open a connection on the imap port (143) */
 $imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
 

diff --git a/src/signout.php b/src/signout.php
index ed82aeb2e5223fa8bce9e941919d3d3b06befcab..8e15b7c83d7ad3b060241d11f16fd4e59f85d85c 100644 (file)
--- a/src/signout.php
+++ b/src/signout.php
@@ -35,9 +35,11 @@ require_once('../functions/plugin.php');
    if (! isset($attachments)) {
        $attachments = array();
    }
    if (! isset($attachments)) {
        $attachments = array();
    }

+   $hashed_attachment_dir = getHashedDir($username, $attachment_dir);

    foreach ($attachments as $info) {
    foreach ($attachments as $info) {

-       if (file_exists($attachment_dir . $info['localfilename'])) {
-           unlink($attachment_dir . $info['localfilename']);
+       $attached_file = "$hashed_attachment_dir/$info[localfilename]";
+       if (file_exists($attached_file)) {
+           unlink($attached_file);

        }
    }
 
        }
    }