githubFork/roundcubemail.git

			@@ -1,6 +1,6 @@
			<?php

			/*
			/**
			+-----------------------------------------------------------------------+
			\| This file is part of the Roundcube Webmail client \|
			\| Copyright (C) 2008-2014, The Roundcube Dev Team \|
			@@ -17,7 +17,6 @@
			\| Author: Thomas Bruederli <roundcube@gmail.com> \|
			+-----------------------------------------------------------------------+
			*/


			/**
			* Base class of the Roundcube Framework
			@@ -125,8 +124,8 @@
			/**
			* This implements the 'singleton' design pattern
			*
			* @param integer Options to initialize with this instance. See rcube::INIT_WITH_* constants
			* @param string Environment name to run (e.g. live, dev, test)
			* @param integer $mode Options to initialize with this instance. See rcube::INIT_WITH_* constants
			* @param string $env Environment name to run (e.g. live, dev, test)
			*
			* @return rcube The one and only instance
			*/
			@@ -140,7 +139,6 @@
			return self::$instance;
			}


			/**
			* Private constructor
			*/
			@@ -152,7 +150,6 @@

			register_shutdown_function(array($this, 'shutdown'));
			}


			/**
			* Initial startup function
			@@ -177,7 +174,6 @@
			}
			}


			/**
			* Get the current database connection
			*
			@@ -197,7 +193,6 @@

			return $this->db;
			}


			/**
			* Get global handle for memcache access
			@@ -245,7 +240,6 @@
			return $this->memcache;
			}


			/**
			* Callback for memcache failure
			*/
			@@ -263,7 +257,6 @@
			true, false);
			}
			}


			/**
			* Initialize and get cache object
			@@ -283,7 +276,6 @@

			return $this->caches[$name];
			}


			/**
			* Initialize and get shared cache object
			@@ -317,11 +309,10 @@
			return $this->caches[$shared_name];
			}


			/**
			* Create SMTP object and connect to server
			*
			* @param boolean True if connection should be established
			* @param boolean $connect True if connection should be established
			*/
			public function smtp_init($connect = false)
			{
			@@ -331,7 +322,6 @@
			$this->smtp->connect();
			}
			}


			/**
			* Initialize and get storage object
			@@ -347,7 +337,6 @@

			return $this->storage;
			}


			/**
			* Initialize storage object
			@@ -447,7 +436,6 @@
			}
			}


			/**
			* Set special folders type association.
			* This must be done AFTER connecting to the server!
			@@ -476,7 +464,6 @@
			$storage->create_default_folders();
			}
			}


			/**
			* Callback for IMAP connection events to log session identifiers
			@@ -545,7 +532,6 @@
			$this->gc_temp();
			}


			/**
			* Garbage collector function for temp files.
			* Remove temp files older than two days
			@@ -577,7 +563,6 @@
			}
			}


			/**
			* Runs garbage collector with probability based on
			* session settings. This is intended for environments
			@@ -595,7 +580,6 @@
			}
			}
			}


			/**
			* Get localized text in the desired language
			@@ -653,7 +637,6 @@
			return strtr($text, array('\n' => "\n"));
			}


			/**
			* Check if the given text label exists
			*
			@@ -692,7 +675,6 @@

			return false;
			}


			/**
			* Load a localization package
			@@ -748,11 +730,10 @@
			}
			}


			/**
			* Check the given string and return a valid language code
			*
			* @param string Language code
			* @param string $lang Language code
			*
			* @return string Valid language code
			*/
			@@ -799,7 +780,6 @@
			return $lang;
			}


			/**
			* Read directory program/localization and return a list of available languages
			*
			@@ -829,13 +809,12 @@
			return $sa_languages;
			}


			/**
			* Encrypt using 3DES
			*
			* @param string $clear clear text input
			* @param string $key encryption key to retrieve from the configuration, defaults to 'des_key'
			* @param boolean $base64 whether or not to base64_encode() the result before returning
			* @param string $clear Clear text input
			* @param string $key Encryption key to retrieve from the configuration, defaults to 'des_key'
			* @param boolean $base64 Whether or not to base64_encode() the result before returning
			*
			* @return string encrypted text
			*/
			@@ -845,56 +824,25 @@
			return '';
			}

			/*-
			* Add a single canary byte to the end of the clear text, which
			* will help find out how much of padding will need to be removed
			* upon decryption; see http://php.net/mcrypt_generic#68082
			*/
			$clear = pack("a*H2", $clear, "80");
			$ckey = $this->config->get_crypto_key($key);

			if (function_exists('openssl_encrypt')) {
			$method = 'DES-EDE3-CBC';
			$opts = defined('OPENSSL_RAW_DATA') ? OPENSSL_RAW_DATA : true;
			$iv = $this->create_iv(openssl_cipher_iv_length($method));
			$cipher = $iv . openssl_encrypt($clear, $method, $ckey, $opts, $iv);
			}
			else if (function_exists('mcrypt_module_open') &&
			($td = mcrypt_module_open(MCRYPT_TripleDES, "", MCRYPT_MODE_CBC, ""))
			) {
			$iv = $this->create_iv(mcrypt_enc_get_iv_size($td));
			mcrypt_generic_init($td, $ckey, $iv);
			$cipher = $iv . mcrypt_generic($td, $clear);
			mcrypt_generic_deinit($td);
			mcrypt_module_close($td);
			}
			else {
			@include_once 'des.inc';

			if (function_exists('des')) {
			$des_iv_size = 8;
			$iv = $this->create_iv($des_iv_size);
			$cipher = $iv . des($ckey, $clear, 1, 1, $iv);
			}
			else {
			self::raise_error(array(
			'code' => 500, 'type' => 'php',
			'file' => __FILE__, 'line' => __LINE__,
			'message' => "Could not perform encryption; make sure OpenSSL or Mcrypt or lib/des.inc is available"
			), true, true);
			}
			}
			// Add a single canary byte to the end of the clear text, which
			// will help find out how much of padding will need to be removed
			// upon decryption; see http://php.net/mcrypt_generic#68082.
			$clear = pack("a*H2", $clear, "80");
			$ckey = $this->config->get_crypto_key($key);
			$method = 'DES-EDE3-CBC';
			$opts = defined('OPENSSL_RAW_DATA') ? OPENSSL_RAW_DATA : true;
			$iv = rcube_utils::random_bytes(openssl_cipher_iv_length($method), true);
			$cipher = $iv . openssl_encrypt($clear, $method, $ckey, $opts, $iv);

			return $base64 ? base64_encode($cipher) : $cipher;
			}


			/**
			* Decrypt 3DES-encrypted string
			*
			* @param string $cipher encrypted text
			* @param string $key encryption key to retrieve from the configuration, defaults to 'des_key'
			* @param boolean $base64 whether or not input is base64-encoded
			* @param string $cipher Encrypted text
			* @param string $key Encryption key to retrieve from the configuration, defaults to 'des_key'
			* @param boolean $base64 Whether or not input is base64-encoded
			*
			* @return string decrypted text
			*/
			@@ -907,84 +855,25 @@
			$cipher = $base64 ? base64_decode($cipher) : $cipher;
			$ckey = $this->config->get_crypto_key($key);

			if (function_exists('openssl_decrypt')) {
			$method = 'DES-EDE3-CBC';
			$opts = defined('OPENSSL_RAW_DATA') ? OPENSSL_RAW_DATA : true;
			$iv_size = openssl_cipher_iv_length($method);
			$iv = substr($cipher, 0, $iv_size);
			$method = 'DES-EDE3-CBC';
			$opts = defined('OPENSSL_RAW_DATA') ? OPENSSL_RAW_DATA : true;
			$iv_size = openssl_cipher_iv_length($method);
			$iv = substr($cipher, 0, $iv_size);

			// session corruption? (#1485970)
			if (strlen($iv) < $iv_size) {
			return '';
			}

			$cipher = substr($cipher, $iv_size);
			$clear = openssl_decrypt($cipher, $method, $ckey, $opts, $iv);
			}
			else if (function_exists('mcrypt_module_open') &&
			($td = mcrypt_module_open(MCRYPT_TripleDES, "", MCRYPT_MODE_CBC, ""))
			) {
			$iv_size = mcrypt_enc_get_iv_size($td);
			$iv = substr($cipher, 0, $iv_size);

			// session corruption? (#1485970)
			if (strlen($iv) < $iv_size) {
			return '';
			}

			$cipher = substr($cipher, $iv_size);
			mcrypt_generic_init($td, $ckey, $iv);
			$clear = mdecrypt_generic($td, $cipher);
			mcrypt_generic_deinit($td);
			mcrypt_module_close($td);
			}
			else {
			@include_once 'des.inc';

			if (function_exists('des')) {
			$des_iv_size = 8;
			$iv = substr($cipher, 0, $des_iv_size);
			$cipher = substr($cipher, $des_iv_size);
			$clear = des($ckey, $cipher, 0, 1, $iv);
			}
			else {
			self::raise_error(array(
			'code' => 500, 'type' => 'php',
			'file' => __FILE__, 'line' => __LINE__,
			'message' => "Could not perform decryption; make sure OpenSSL or Mcrypt or lib/des.inc is available"
			), true, true);
			}
			// session corruption? (#1485970)
			if (strlen($iv) < $iv_size) {
			return '';
			}

			/*-
			* Trim PHP's padding and the canary byte; see note in
			* rcube::encrypt() and http://php.net/mcrypt_generic#68082
			*/
			$cipher = substr($cipher, $iv_size);
			$clear = openssl_decrypt($cipher, $method, $ckey, $opts, $iv);

			// Trim PHP's padding and the canary byte; see note in
			// rcube::encrypt() and http://php.net/mcrypt_generic#68082
			$clear = substr(rtrim($clear, "\0"), 0, -1);

			return $clear;
			}


			/**
			* Generates encryption initialization vector (IV)
			*
			* @param int Vector size
			*
			* @return string Vector string
			*/
			private function create_iv($size)
			{
			// mcrypt_create_iv() can be slow when system lacks entrophy
			// we'll generate IV vector manually
			$iv = '';
			for ($i = 0; $i < $size; $i++) {
			$iv .= chr(mt_rand(0, 255));
			}

			return $iv;
			}


			/**
			* Returns session token for secure URLs
			@@ -1013,7 +902,6 @@
			return false;
			}


			/**
			* Generate a unique token to be used in a form request
			*
			@@ -1032,12 +920,11 @@
			return $plugin['value'];
			}


			/**
			* Check if the current request contains a valid token.
			* Empty requests aren't checked until use_secure_urls is set.
			*
			* @param int Request method
			* @param int $mode Request method
			*
			* @return boolean True if request token is valid false if not
			*/
			@@ -1082,11 +969,11 @@
			return true;
			}


			/**
			* Build a valid URL to this instance of Roundcube
			*
			* @param mixed Either a string with the action or url parameters as key-value pairs
			* @param mixed $p Either a string with the action or url parameters as key-value pairs
			*
			* @return string Valid application URL
			*/
			public function url($p)
			@@ -1094,7 +981,6 @@
			// STUB: should be overloaded by the application
			return '';
			}


			/**
			* Function to be executed in script shutdown
			@@ -1129,7 +1015,6 @@
			}
			}


			/**
			* Registers shutdown function to be executed on shutdown.
			* The functions will be executed before destroying any
			@@ -1142,7 +1027,6 @@
			$this->shutdown_functions[] = $function;
			}


			/**
			* Quote a given string.
			* Shortcut function for rcube_utils::rep_specialchars_output()
			@@ -1153,7 +1037,6 @@
			{
			return rcube_utils::rep_specialchars_output($str, 'html', $mode, $newlines);
			}


			/**
			* Quote a given string for javascript output.
			@@ -1166,12 +1049,11 @@
			return rcube_utils::rep_specialchars_output($str, 'js');
			}


			/**
			* Construct shell command, execute it and return output as string.
			* Keywords {keyword} are replaced with arguments
			*
			* @param $cmd Format string with {keywords} to be replaced
			* @param $cmd Format string with {keywords} to be replaced
			* @param $values (zero, one or more arrays can be passed)
			*
			* @return output of command. shell errors not detectable
			@@ -1219,7 +1101,6 @@
			return (string)shell_exec($cmd);
			}


			/**
			* Print or write debug messages
			*
			@@ -1230,12 +1111,13 @@
			$args = func_get_args();

			if (class_exists('rcube', false)) {
			$rcube = self::get_instance();
			$rcube = self::get_instance();
			$plugin = $rcube->plugins->exec_hook('console', array('args' => $args));
			if ($plugin['abort']) {
			return;
			}
			$args = $plugin['args'];

			$args = $plugin['args'];
			}

			$msg = array();
			@@ -1246,13 +1128,12 @@
			self::write_log('console', join(";\n", $msg));
			}


			/**
			* Append a line to a logfile in the logs directory.
			* Date will be added automatically to the line.
			*
			* @param $name name of log file
			* @param line Line to append
			* @param string $name Name of the log file
			* @param mixed $line Line to append
			*/
			public static function write_log($name, $line)
			{
			@@ -1267,11 +1148,7 @@
			$session_key = intval(self::$instance->config->get('log_session_id', 8));
			}

			if (empty($date_format)) {
			$date_format = 'd-M-Y H:i:s O';
			}

			$date = date($date_format);
			$date = rcube_utils::date_format($date_format);

			// trigger logging hook
			if (is_object(self::$instance) && is_object(self::$instance->plugins)) {
			@@ -1330,18 +1207,17 @@
			return false;
			}


			/**
			* Throw system error (and show error page).
			*
			* @param array Named parameters
			* @param array $arg Named parameters
			* - code: Error code (required)
			* - type: Error type [php\|db\|imap\|javascript] (required)
			* - message: Error message
			* - file: File where error occurred
			* - line: Line where error occurred
			* @param boolean True to log the error
			* @param boolean Terminate script execution
			* @param boolean $log True to log the error
			* @param boolean $terminate Terminate script execution
			*/
			public static function raise_error($arg = array(), $log = false, $terminate = false)
			{
			@@ -1393,11 +1269,10 @@
			}
			}


			/**
			* Report error according to configured debug_level
			*
			* @param array Named parameters
			* @param array $arg_arr Named parameters
			* @see self::raise_error()
			*/
			public static function log_bug($arg_arr)
			@@ -1452,13 +1327,12 @@
			}
			}


			/**
			* Write debug info to the log
			*
			* @param string Engine type - file name (memcache, apc)
			* @param string Data string to log
			* @param bool Operation result
			* @param string $engine Engine type - file name (memcache, apc)
			* @param string $data Data string to log
			* @param bool $result Operation result
			*/
			public static function debug($engine, $data, $result = null)
			{
			@@ -1478,7 +1352,6 @@
			self::write_log($engine, $line);
			}


			/**
			* Returns current time (with microseconds).
			*
			@@ -1489,13 +1362,12 @@
			return microtime(true);
			}


			/**
			* Logs time difference according to provided timer
			*
			* @param float $timer Timer (self::timer() result)
			* @param string $label Log line prefix
			* @param string $dest Log file name
			* @param float $timer Timer (self::timer() result)
			* @param string $label Log line prefix
			* @param string $dest Log file name
			*
			* @see self::timer()
			*/
			@@ -1546,7 +1418,6 @@
			return null;
			}


			/**
			* Getter for logged user name.
			*
			@@ -1562,7 +1433,6 @@
			}
			}


			/**
			* Getter for logged user email (derived from user name not identity).
			*
			@@ -1574,7 +1444,6 @@
			return $this->user->get_username('mail');
			}
			}


			/**
			* Getter for logged user password.
			@@ -1644,13 +1513,13 @@
			/**
			* Send the given message using the configured method.
			*
			* @param object $message Reference to Mail_MIME object
			* @param string $from Sender address string
			* @param array $mailto Array of recipient address strings
			* @param array $error SMTP error array (reference)
			* @param string $body_file Location of file with saved message body (reference),
			* used when delay_file_io is enabled
			* @param array $options SMTP options (e.g. DSN request)
			* @param object $message Reference to Mail_MIME object
			* @param string $from Sender address string
			* @param array $mailto Array of recipient address strings
			* @param array $error SMTP error array (reference)
			* @param string $body_file Location of file with saved message body (reference),
			* used when delay_file_io is enabled
			* @param array $options SMTP options (e.g. DSN request)
			*
			* @return boolean Send status.
			*/
			@@ -1690,12 +1559,8 @@
			if (strlen($headers['Bcc']))
			$a_recipients[] = $headers['Bcc'];

			// clean Bcc from header for recipients
			$send_headers = $headers;
			unset($send_headers['Bcc']);
			// here too, it because txtHeaders() below use $message->_headers not only $send_headers
			unset($message->_headers['Bcc']);

			// remove Bcc header and get the whole head of the message as string
			$send_headers = array('Bcc' => null);
			$smtp_headers = $message->txtHeaders($send_headers, true);

			if ($message->getParam('delay_file_io')) {
			@@ -1737,13 +1602,9 @@
			// send mail using PHP's mail() function
			else {
			// unset some headers because they will be added by the mail() function
			$headers_enc = $message->headers($headers);
			$headers_php = $message->_headers;
			unset($headers_php['To'], $headers_php['Subject']);

			// reset stored headers and overwrite
			$message->_headers = array();
			$header_str = $message->txtHeaders($headers_php);
			$headers_enc = $headers;
			$headers_res = array('To' => null, 'Subject' => null);
			$header_str = $message->txtHeaders($headers_res, true);

			// #1485779
			if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
			@@ -1816,19 +1677,17 @@
			fclose($msg_body);
			}

			$message->_headers = array();
			$message->headers($headers);
			$message->headers($headers, true);

			return $sent;
			}

			}


			/**
			* Lightweight plugin API class serving as a dummy if plugins are not enabled
			*
			* @package Framework
			* @package Framework
			* @subpackage Core
			*/
			class rcube_dummy_plugin_api