Added auth.php to put authentication functions in one place. Added a

function there to check if the user is logged in without having to
connect to the IMAP server. Using this function in compose.php as a
test.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@570 7612ce4b-ef26-0410-bec9-ea0150e637f0

diff --git a/functions/auth.php b/functions/auth.php
new file mode 100644 (file)
index 0000000..594567f
--- /dev/null
+++ b/functions/auth.php
@@ -0,0 +1,22 @@
+<?php
+
+/**
+ ** auth.php
+ **
+ ** Contains functions used to do authentication.
+ **
+ **/
+
+   $auth_php = true;
+
+   function is_logged_in () {
+      if (!session_is_registered("user_is_logged_in")) {
+         echo _("You must login first.");
+         echo "</body></html>\n\n";
+         exit;
+      } else {
+         return true;
+      }
+   }
+
+?>

diff --git a/src/compose.php b/src/compose.php
index daae7b63b2f32fbffbe94e44f4a945513886d706..000b2264a4193eb022df089108e62f91d0a7930b 100644 (file)
--- a/src/compose.php
+++ b/src/compose.php
@@ -25,6 +25,8 @@
       include("../functions/smtp.php");
    if (!isset($display_messages_php))
       include("../functions/display_messages.php");
+   if (!isset($auth_php))
+      include ("../functions/auth.php");
 
    include("../src/load_prefs.php");
 
@@ -287,7 +289,7 @@
          showInputForm();
       }
    } else if ($html_addr_search_done) {
-      $imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
+      is_logged_in();
       displayPageHeader($color, $mailbox);
 
       $body = stripslashes($body);
@@ -314,7 +316,7 @@
       //* can think of a better way, please implement it.
       include ("addrbook_search_html.php");
    } else if (isset($attach)) {
-      $imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
+      is_logged_in();
       displayPageHeader($color, $mailbox);
 
       $localfilename = md5("$attachfile, $attachfile_name, $REMOTE_IP, $REMOTE_PORT, $UNIQUE_ID, and everything else that may add entropy");
@@ -341,7 +343,7 @@
       
       showInputForm();
    } else if (isset($do_delete)) {
-      $imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
+      is_logged_in();
       displayPageHeader($color, $mailbox);
 
       while (list($key, $localname) = each($delete)) {
@@ -352,7 +354,7 @@
 
       showInputForm();
    } else {
-      $imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
+      is_logged_in();
       displayPageHeader($color, $mailbox);
 
       $newmail = true;

diff --git a/src/webmail.php b/src/webmail.php
index 33a0aca7ab235ece7c972d56cbef3360cd2f1536..6a1eae8da33a0b55a2361babab6f0588cd9b9f58 100644 (file)
--- a/src/webmail.php
+++ b/src/webmail.php
@@ -27,20 +27,22 @@
    include ("../functions/imap.php");
    if (!isset($plugin_php))
       include ("../functions/plugin.php");
+   if (!isset($auth_php))
+      include ("../functions/auth.php");
 
-   if ($is_logged_in != true) {
+   if (session_is_registered("user_is_logged_in")) {
       do_hook ("login_before");
       // verify that username and password are correct
       $imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
       do_hook ("login_verified");
    }
 
-   session_register ("is_logged_in");
-   $is_logged_in = true;
+   session_register ("user_is_logged_in");
+   $user_is_logged_in = true;
 
    include ("../src/load_prefs.php");
 
-   echo "<html><head\n";
+   echo "<html><head>\n";
    echo "<TITLE>";
    echo "$org_title";
    echo "</TITLE>";