5
* Derived from webmail.php by Ralf Kraudelt <kraude@wiwi.uni-rostock.de>
7
* Copyright (c) 1999-2003 The SquirrelMail Project Team
8
* Licensed under the GNU GPL. For full terms see the file COPYING.
10
* Prevents users from reposting their form data after a successful logout.
12
* $Id: redirect.php,v 1.79 2003/12/01 21:56:58 cigamit Exp $
13
* @package squirrelmail
16
/** Path for SquirrelMail required files. */
17
define('SM_PATH','../');
19
/* SquirrelMail required files. */
20
require_once(SM_PATH . 'functions/global.php');
21
require_once(SM_PATH . 'functions/i18n.php');
22
require_once(SM_PATH . 'functions/strings.php');
23
require_once(SM_PATH . 'config/config.php');
24
require_once(SM_PATH . 'functions/prefs.php');
25
require_once(SM_PATH . 'functions/imap.php');
26
require_once(SM_PATH . 'functions/plugin.php');
27
require_once(SM_PATH . 'functions/constants.php');
28
require_once(SM_PATH . 'functions/page_header.php');
30
/* Before starting the session, the base URI must be known. Assuming */
31
/* that this file is in the src/ subdirectory (or something). */
32
if (!function_exists('sqm_baseuri')){
33
require_once(SM_PATH . 'functions/display_messages.php');
35
$base_uri = sqm_baseuri();
37
header('Pragma: no-cache');
38
$location = get_location();
40
session_set_cookie_params (0, $base_uri);
41
sqsession_is_active();
43
sqsession_unregister ('user_is_logged_in');
44
sqsession_register ($base_uri, 'base_uri');
46
/* get globals we me need */
47
sqGetGlobalVar('login_username', $login_username);
48
sqGetGlobalVar('secretkey', $secretkey);
49
sqGetGlobalVar('js_autodetect_results', $js_autodetect_results);
50
if(!sqGetGlobalVar('squirrelmail_language', $squirrelmail_language) || $squirrelmail_language == '') {
51
$squirrelmail_language = $squirrelmail_default_language;
53
if (!sqgetGlobalVar('mailto', $mailto)) {
57
/* end of get globals */
59
set_up_language($squirrelmail_language, true);
60
/* Refresh the language cookie. */
61
setcookie('squirrelmail_language', $squirrelmail_language, time()+2592000,
64
if (!isset($login_username)) {
65
include_once(SM_PATH . 'functions/display_messages.php' );
66
logout_error( _("You must be logged in to access this page.") );
70
if (!sqsession_is_registered('user_is_logged_in')) {
71
do_hook ('login_before');
73
$onetimepad = OneTimePadCreate(strlen($secretkey));
74
$key = OneTimePadEncrypt($secretkey, $onetimepad);
75
sqsession_register($onetimepad, 'onetimepad');
77
/* remove redundant spaces */
78
$login_username = trim($login_username);
80
/* Verify that username and password are correct. */
81
if ($force_username_lowercase) {
82
$login_username = strtolower($login_username);
85
$imapConnection = sqimap_login($login_username, $key, $imapServerAddress, $imapPort, 0);
87
$sqimap_capabilities = sqimap_capability($imapConnection);
88
sqsession_register($sqimap_capabilities, 'sqimap_capabilities');
89
$delimiter = sqimap_get_delimiter ($imapConnection);
91
sqimap_logout($imapConnection);
92
sqsession_register($delimiter, 'delimiter');
94
$username = $login_username;
95
sqsession_register ($username, 'username');
96
setcookie('key', $key, 0, $base_uri);
97
do_hook ('login_verified');
101
/* Set the login variables. */
102
$user_is_logged_in = true;
103
$just_logged_in = true;
105
/* And register with them with the session. */
106
sqsession_register ($user_is_logged_in, 'user_is_logged_in');
107
sqsession_register ($just_logged_in, 'just_logged_in');
109
/* parse the accepted content-types of the client */
110
$attachment_common_types = array();
111
$attachment_common_types_parsed = array();
112
sqsession_register($attachment_common_types, 'attachment_common_types');
113
sqsession_register($attachment_common_types_parsed, 'attachment_common_types_parsed');
117
if ( sqgetGlobalVar('HTTP_ACCEPT', $http_accept, SQ_SERVER) &&
118
!isset($attachment_common_types_parsed[$http_accept]) ) {
119
attachment_common_parse($http_accept, $debug);
122
/* Complete autodetection of Javascript. */
123
$javascript_setting = getPref
124
($data_dir, $username, 'javascript_setting', SMPREF_JS_AUTODETECT);
125
$js_autodetect_results = (isset($js_autodetect_results) ?
126
$js_autodetect_results : SMPREF_JS_OFF);
127
/* See if it's set to "Always on" */
128
$js_pref = SMPREF_JS_ON;
129
if ($javascript_setting != SMPREF_JS_ON){
130
if ($javascript_setting == SMPREF_JS_AUTODETECT) {
131
if ($js_autodetect_results == SMPREF_JS_OFF) {
132
$js_pref = SMPREF_JS_OFF;
135
$js_pref = SMPREF_JS_OFF;
138
/* Update the prefs */
139
setPref($data_dir, $username, 'javascript_on', $js_pref);
141
/* Compute the URL to forward the user to. */
142
$redirect_url = $location . '/webmail.php';
144
if ( sqgetGlobalVar('session_expired_location', $session_expired_location, SQ_SESSION) ) {
145
sqsession_unregister('session_expired_location');
146
$compose_new_win = getPref($data_dir, $username, 'compose_new_win', 0);
147
if ($compose_new_win) {
148
// do not prefix $location here because $session_expired_location is set to PHP_SELF
150
$redirect_url = $session_expired_location;
151
} elseif ( strpos($session_expired_location, 'webmail.php') === FALSE ) {
152
$redirect_url = $location.'/webmail.php?right_frame='.urldecode($session_expired_location);
154
unset($session_expired_location);
157
$redirect_url = $location . '/webmail.php?right_frame=compose.php&mailto=';
158
$redirect_url .= $mailto;
161
/* Write session data and send them off to the appropriate page. */
162
session_write_close();
163
header("Location: $redirect_url");
165
/* --------------------- end main ----------------------- */
167
function attachment_common_parse($str, $debug) {
168
global $attachment_common_types, $attachment_common_types_parsed;
170
$attachment_common_types_parsed[$str] = true;
173
* Replace ", " with "," and explode on that as Mozilla 1.x seems to
174
* use "," to seperate whilst IE, and earlier versions of Mozilla use
178
$str = str_replace( ', ' , ',' , $str );
179
$types = explode(',', $str);
181
foreach ($types as $val) {
182
// Ignore the ";q=1.0" stuff
183
if (strpos($val, ';') !== false)
184
$val = substr($val, 0, strpos($val, ';'));
186
if (! isset($attachment_common_types[$val])) {
187
$attachment_common_types[$val] = true;
190
$_SESSION['attachment_common_types'] = $attachment_common_types;