index.php

   1 <?php
   2 /*
   3  +-----------------------------------------------------------------------+
   4  | RoundCube Webmail IMAP Client                                         |
   5  | Version 0.1-beta2                                                     |
   6  |                                                                       |
   7  | Copyright (C) 2005-2006, RoundCube Dev. - Switzerland                 |
   8  | Licensed under the GNU GPL                                            |
   9  |                                                                       |
  10  | Redistribution and use in source and binary forms, with or without    |
  11  | modification, are permitted provided that the following conditions    |
  12  | are met:                                                              |
  13  |                                                                       |
  14  | o Redistributions of source code must retain the above copyright      |
  15  |   notice, this list of conditions and the following disclaimer.       |
  16  | o Redistributions in binary form must reproduce the above copyright   |
  17  |   notice, this list of conditions and the following disclaimer in the |
  18  |   documentation and/or other materials provided with the distribution.|
  19  | o The names of the authors may not be used to endorse or promote      |
  20  |   products derived from this software without specific prior written  |
  21  |   permission.                                                         |
  22  |                                                                       |
  23  | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS   |
  24  | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT     |
  25  | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |
  26  | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT  |
  27  | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
  28  | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT      |
  29  | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
  30  | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
  31  | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT   |
  32  | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
  33  | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.  |
  34  |                                                                       |
  35  +-----------------------------------------------------------------------+
  36  | Author: Thomas Bruederli <roundcube@gmail.com>                        |
  37  +-----------------------------------------------------------------------+
  38
  39  $Id: index.php 429 2006-12-22 22:26:24Z thomasb $
  40
  41 */
  42
  43 define('RCMAIL_VERSION', '0.1-beta2');
  44
  45 // define global vars
  46 $CHARSET = 'UTF-8';
  47 $OUTPUT_TYPE = 'html';
  48 $JS_OBJECT_NAME = 'rcmail';
  49 $INSTALL_PATH = dirname(__FILE__);
  50 $MAIN_TASKS = array('mail','settings','addressbook','logout');
  51
  52 if (empty($INSTALL_PATH))
  53   $INSTALL_PATH = './';
  54 else
  55   $INSTALL_PATH .= '/';
  56
  57
  58 // make sure path_separator is defined
  59 if (!defined('PATH_SEPARATOR'))
  60   define('PATH_SEPARATOR', (eregi('win', PHP_OS) ? ';' : ':'));
  61
  62
  63 // RC include folders MUST be included FIRST to avoid other
  64 // possible not compatible libraries (i.e PEAR) to be included
  65 // instead the ones provided by RC
  66 ini_set('include_path', $INSTALL_PATH.PATH_SEPARATOR.$INSTALL_PATH.'program'.PATH_SEPARATOR.$INSTALL_PATH.'program/lib'.PATH_SEPARATOR.ini_get('include_path'));
  67
  68 ini_set('session.name', 'sessid');
  69 ini_set('session.use_cookies', 1);
  70 ini_set('session.gc_maxlifetime', 21600);
  71 ini_set('session.gc_divisor', 500);
  72 ini_set('error_reporting', E_ALL&~E_NOTICE);
  73
  74 // increase maximum execution time for php scripts
  75 // (does not work in safe mode)
  76 @set_time_limit(120);
  77
  78 // include base files
  79 require_once('include/rcube_shared.inc');
  80 require_once('include/rcube_imap.inc');
  81 require_once('include/bugs.inc');
  82 require_once('include/main.inc');
  83 require_once('include/cache.inc');
  84 require_once('PEAR.php');
  85
  86
  87 // set PEAR error handling
  88 // PEAR::setErrorHandling(PEAR_ERROR_TRIGGER, E_USER_NOTICE);
  89
  90 // use gzip compression if supported
  91 if (function_exists('ob_gzhandler') && !ini_get('zlib.output_compression'))
  92   ob_start('ob_gzhandler');
  93 else
  94   ob_start();
  95
  96
  97 // catch some url/post parameters
  98 $_task = strip_quotes(get_input_value('_task', RCUBE_INPUT_GPC));
  99 $_action = strip_quotes(get_input_value('_action', RCUBE_INPUT_GPC));
 100 $_framed = (!empty($_GET['_framed']) || !empty($_POST['_framed']));
 101
 102 // use main task if empty or invalid value
 103 if (empty($_task) || !in_array($_task, $MAIN_TASKS))
 104   $_task = 'mail';
 105
 106 if (!empty($_GET['_remote']))
 107   $REMOTE_REQUEST = TRUE;
 108
 109 // start session with requested task
 110 rcmail_startup($_task);
 111
 112 // set session related variables
 113 $COMM_PATH = sprintf('./?_task=%s', $_task);
 114 $SESS_HIDDEN_FIELD = '';
 115
 116
 117 // add framed parameter
 118 if ($_framed)
 119   {
 120   $COMM_PATH .= '&_framed=1';
 121   $SESS_HIDDEN_FIELD .= "\n".'<input type="hidden" name="_framed" value="1" />';
 122   }
 123
 124
 125 // init necessary objects for GUI
 126 load_gui();
 127
 128
 129 // check DB connections and exit on failure
 130 if ($err_str = $DB->is_error())
 131   {
 132   raise_error(array('code' => 500, 'type' => 'db', 'line' => __LINE__, 'file' => __FILE__,
 133                     'message' => $err_str), FALSE, TRUE);
 134   }
 135
 136
 137 // error steps
 138 if ($_action=='error' && !empty($_GET['_code']))
 139   {
 140   raise_error(array('code' => hexdec($_GET['_code'])), FALSE, TRUE);
 141   }
 142
 143
 144 // try to log in
 145 if ($_action=='login' && $_task=='mail')
 146   {
 147   $host = $_POST['_host'] ? $_POST['_host'] : $CONFIG['default_host'];
 148
 149   // check if client supports cookies
 150   if (empty($_COOKIE))
 151     {
 152     show_message("cookiesdisabled", 'warning');
 153     }
 154   else if (isset($_POST['_user']) && isset($_POST['_pass']) &&
 155            rcmail_login(get_input_value('_user', RCUBE_INPUT_POST), $_POST['_pass'], $host))
 156     {
 157     // send redirect
 158     header("Location: $COMM_PATH");
 159     exit;
 160     }
 161   else
 162     {
 163     show_message("loginfailed", 'warning');
 164     $_SESSION['user_id'] = '';
 165     }
 166   }
 167
 168 // end session
 169 else if ($_action=='logout' && isset($_SESSION['user_id']))
 170   {
 171   show_message('loggedout');
 172   rcmail_kill_session();
 173   }
 174
 175 // check session and auth cookie
 176 else if ($_action!='login' && $_SESSION['user_id'])
 177   {
 178   if (!rcmail_authenticate_session() ||
 179       ($CONFIG['session_lifetime'] && isset($SESS_CHANGED) && $SESS_CHANGED + $CONFIG['session_lifetime']*60 < mktime()))
 180     {
 181     $message = show_message('sessionerror', 'error');
 182     rcmail_kill_session();
 183     }
 184   }
 185
 186
 187 // log in to imap server
 188 if (!empty($_SESSION['user_id']) && $_task=='mail')
 189   {
 190   $conn = $IMAP->connect($_SESSION['imap_host'], $_SESSION['username'], decrypt_passwd($_SESSION['password']), $_SESSION['imap_port'], $_SESSION['imap_ssl']);
 191   if (!$conn)
 192     {
 193     show_message('imaperror', 'error');
 194     $_SESSION['user_id'] = '';
 195     }
 196   else
 197     rcmail_set_imap_prop();
 198   }
 199
 200
 201 // not logged in -> set task to 'login
 202 if (empty($_SESSION['user_id']))
 203   {
 204   if ($REMOTE_REQUEST)
 205     {
 206     $message .= "setTimeout(\"location.href='\"+this.env.comm_path+\"'\", 2000);";
 207     rcube_remote_response($message);
 208     }
 209
 210   $_task = 'login';
 211   }
 212
 213
 214
 215 // set task and action to client
 216 $script = sprintf("%s.set_env('task', '%s');", $JS_OBJECT_NAME, $_task);
 217 if (!empty($_action))
 218   $script .= sprintf("\n%s.set_env('action', '%s');", $JS_OBJECT_NAME, $_action);
 219
 220 $OUTPUT->add_script($script);
 221
 222
 223
 224 // not logged in -> show login page
 225 if (!$_SESSION['user_id'])
 226   {
 227   parse_template('login');
 228   exit;
 229   }
 230
 231
 232 // handle keep-alive signal
 233 if ($_action=='keep-alive')
 234   {
 235   rcube_remote_response('');
 236   exit;
 237   }
 238
 239
 240 // include task specific files
 241 if ($_task=='mail')
 242   {
 243   include_once('program/steps/mail/func.inc');
 244
 245   if ($_action=='show' || $_action=='print')
 246     include('program/steps/mail/show.inc');
 247
 248   if ($_action=='get')
 249     include('program/steps/mail/get.inc');
 250
 251   if ($_action=='moveto' || $_action=='delete')
 252     include('program/steps/mail/move_del.inc');
 253
 254   if ($_action=='mark')
 255     include('program/steps/mail/mark.inc');
 256
 257   if ($_action=='viewsource')
 258     include('program/steps/mail/viewsource.inc');
 259
 260   if ($_action=='send')
 261     include('program/steps/mail/sendmail.inc');
 262
 263   if ($_action=='upload')
 264     include('program/steps/mail/upload.inc');
 265
 266   if ($_action=='compose' || $_action=='remove-attachment')
 267     include('program/steps/mail/compose.inc');
 268
 269   if ($_action=='addcontact')
 270     include('program/steps/mail/addcontact.inc');
 271
 272   if ($_action=='expunge' || $_action=='purge')
 273     include('program/steps/mail/folders.inc');
 274
 275   if ($_action=='check-recent')
 276     include('program/steps/mail/check_recent.inc');
 277
 278   if ($_action=='getunread')
 279     include('program/steps/mail/getunread.inc');
 280
 281   if ($_action=='list' && isset($_GET['_remote']))
 282     include('program/steps/mail/list.inc');
 283
 284    if ($_action=='search')
 285      include('program/steps/mail/search.inc');
 286
 287   if ($_action=='spell')
 288     include('program/steps/mail/spell.inc');
 289
 290   if ($_action=='rss')
 291     include('program/steps/mail/rss.inc');
 292
 293
 294   // make sure the message count is refreshed
 295   $IMAP->messagecount($_SESSION['mbox'], 'ALL', TRUE);
 296   }
 297
 298
 299 // include task specific files
 300 if ($_task=='addressbook')
 301   {
 302   include_once('program/steps/addressbook/func.inc');
 303
 304   if ($_action=='save')
 305     include('program/steps/addressbook/save.inc');
 306
 307   if ($_action=='edit' || $_action=='add')
 308     include('program/steps/addressbook/edit.inc');
 309
 310   if ($_action=='delete')
 311     include('program/steps/addressbook/delete.inc');
 312
 313   if ($_action=='show')
 314     include('program/steps/addressbook/show.inc');
 315
 316   if ($_action=='list' && $_GET['_remote'])
 317     include('program/steps/addressbook/list.inc');
 318
 319   if ($_action=='ldappublicsearch')
 320     include('program/steps/addressbook/ldapsearchform.inc');
 321   }
 322
 323
 324 // include task specific files
 325 if ($_task=='settings')
 326   {
 327   include_once('program/steps/settings/func.inc');
 328
 329   if ($_action=='save-identity')
 330     include('program/steps/settings/save_identity.inc');
 331
 332   if ($_action=='add-identity' || $_action=='edit-identity')
 333     include('program/steps/settings/edit_identity.inc');
 334
 335   if ($_action=='delete-identity')
 336     include('program/steps/settings/delete_identity.inc');
 337
 338   if ($_action=='identities')
 339     include('program/steps/settings/identities.inc');
 340
 341   if ($_action=='save-prefs')
 342     include('program/steps/settings/save_prefs.inc');
 343
 344   if ($_action=='folders' || $_action=='subscribe' || $_action=='unsubscribe' ||
 345       $_action=='create-folder' || $_action=='rename-folder' || $_action=='delete-folder')
 346     include('program/steps/settings/manage_folders.inc');
 347
 348   }
 349
 350
 351 // parse main template
 352 parse_template($_task);
 353
 354
 355 // if we arrive here, something went wrong
 356 raise_error(array('code' => 404,
 357                   'type' => 'php',
 358                   'line' => __LINE__,
 359                   'file' => __FILE__,
 360                   'message' => "Invalid request"), TRUE, TRUE);
 361
 362 ?>