squirrelmail-webmail  1.4.22
About: SquirrelMail is a standards-based webmail package with strong MIME support, address books, and folder manipulation (written in PHP4).
  Fossies Dox: squirrelmail-webmail-1.4.22.tar.gz  ("inofficial" and yet experimental doxygen-generated source code documentation)  

sqspell_functions.php File Reference

Go to the source code of this file.

Namespaces

 plugins
 

Functions

 sqspell_makePage ($title, $scriptsrc, $body)
 
 sqspell_makeWindow ($onload, $title, $scriptsrc, $body)
 
 sqspell_crypto ($mode, $ckey, $input)
 
 sqspell_upgradeWordsFile ($words_string)
 
 sqspell_getSettings ($words)
 
 sqspell_getLang ($words, $lang)
 
 sqspell_getWords ()
 
 sqspell_writeWords ($words)
 
 sqspell_deleteWords ()
 
 sqspell_makeDummy ()
 
 sqspell_ckMOD ($rMOD)
 

Variables

 $SQSPELL_VERSION ="v0.3.8"
 

Function Documentation

◆ sqspell_ckMOD()

sqspell_ckMOD (   $rMOD)

This function checks for security attacks. A $MOD variable is provided in the QUERY_STRING and includes one of the files from the modules directory ($MOD.mod). See if someone is trying to get out of the modules directory by providing dots, unicode strings, or slashes.

Parameters
string$rMODthe name of the module requested to include.
Returns
void, since it bails out with an access error if needed.

Definition at line 511 of file sqspell_functions.php.

References _(), and exit.

◆ sqspell_crypto()

sqspell_crypto (   $mode,
  $ckey,
  $input 
)

This function does the encryption and decryption of the user dictionary. It is only available when PHP is compiled with mcrypt support (–with-mcrypt). See doc/CRYPTO for more information.

Parameters
$modeA string with either of the two recognized values: "encrypt" or "decrypt".
$ckeyThe key to use for processing (the user's password in our case.
$inputContent to decrypt or encrypt, according to $mode.
Returns
encrypted/decrypted content, or "PANIC" if the process bails out.

Double-check if we have the mcrypt_generic function. Bail out if not so.

Setup mcrypt routines.

See what we have to do depending on $mode. 'encrypt' – Encrypt the content. 'decrypt' – Decrypt the content.

See if it decrypted successfully. If so, it should contain the string "# SquirrelSpell". If not, then bail out.

Finish up the mcrypt routines and return the processed content.

Definition at line 147 of file sqspell_functions.php.

Referenced by sqspell_getWords(), and sqspell_writeWords().

◆ sqspell_deleteWords()

sqspell_deleteWords ( )

So I open the door to my enemies, and I ask can we wipe the slate clean, but they tell me to please go... uhm... Well, this just erases the user dictionary file.

Definition at line 475 of file sqspell_functions.php.

References $SQSPELL_WORDS_FILE.

◆ sqspell_getLang()

sqspell_getLang (   $words,
  $lang 
)

This function returns only user-defined dictionary words that correspond to the requested language.

Parameters
$wordsThe contents of the user's ".words" file.
$langWhich language words to return, e.g. requesting "English" will return ONLY the words from user's English dictionary, disregarding any others.
Returns
The list of words corresponding to the language requested.

strpos() will return -1 if no # $lang
string was found. Use this to return a zero-length value and indicate that no words are present in the requested dictionary.

The words list will end with a new directive, which will start with "#". Locate the next "#" and thus find out where the words end.

Definition at line 276 of file sqspell_functions.php.

References $end.

◆ sqspell_getSettings()

sqspell_getSettings (   $words)

Right now it just returns an array with the dictionaries available to the user for spell-checking. It will probably do more in the future, as features are added.

Parameters
string$wordsThe contents of the user's ".words" file.
Returns
array a strings array with dictionaries available to this user, e.g. {"English", "Spanish"}, etc.

Check if there is more than one dictionary configured in the system config.

Now load the user prefs. Check if $words was empty – a bit of a dirty fall-back. TODO: make it so this is not required.

This user has a ".words" file. Find which dictionaries s/he wants to use and load them into the $langs array.

User doesn't have a personal dictionary. Grab the default system setting.

There is no need to read the ".words" file as there is only one dictionary defined system-wide.

Definition at line 226 of file sqspell_functions.php.

References $SQSPELL_APP, $SQSPELL_APP_DEFAULT, and sqspell_getWords().

◆ sqspell_getWords()

sqspell_getWords ( )

This function operates the user dictionary. If the format is clear-text, then it just reads the file and returns it. However, if the file is encrypted (well, "garbled"), then it tries to decrypt it, checks whether the decryption was successful, troubleshoots if not, then returns the clear-text dictionary to the app.

Returns
the contents of the user's ".words" file, decrypted if necessary.

Gobble it up.

Check if this is an encrypted file by looking for the string "# SquirrelSpell" in it (the crypto function does that).

This file is encrypted or mangled. Try to decrypt it. If fails, complain loudly.

$old_key would be a value submitted by one of the modules with the user's old mailbox password. I admin, this is rather dirty, but efficient. ;)

Get user's password (the key).

Invoke the decryption routines.

See if decryption failed.

AAAAAAAAAAAH!!!!! OK, ok, breathe! Let's hope the decryption failed because the user changed his password. Bring up the option to key in the old password or wipe the file and start over if everything else fails.

The _("SquirrelSpell...) line has to be on one line, otherwise gettext will bork. ;(

Add some string vars so they can be i18n'd.

See if this happened in the pop-up window or when accessing the SpellChecker options page. This is a dirty solution, I agree. TODO: make this prettier.

OK! Phew. Set the encryption flag to true so we can later on encrypt it again before saving to HDD.

No encryption is/was used. Set $SQSPELL_CRYPTO to false, in case we have to save the dictionary later.

Check if we need to upgrade the dictionary from version 0.2.x This is going away soon.

Definition at line 304 of file sqspell_functions.php.

References $SQSPELL_CRYPTO, $SQSPELL_WORDS_FILE, _(), exit, html_tag(), OneTimePadDecrypt(), SQ_COOKIE, SQ_POST, SQ_SESSION, sqgetGlobalVar(), sqspell_crypto(), sqspell_makePage(), sqspell_makeWindow(), and sqspell_upgradeWordsFile().

Referenced by sqspell_getSettings().

◆ sqspell_makeDummy()

sqspell_makeDummy ( )

Creates an empty user dictionary for the sake of saving prefs or whatever.

Returns
The template to use when storing the user dictionary.

Definition at line 493 of file sqspell_functions.php.

References $SQSPELL_APP_DEFAULT, and $SQSPELL_VERSION.

Referenced by sqspell_writeWords().

◆ sqspell_makePage()

sqspell_makePage (   $title,
  $scriptsrc,
  $body 
)

This function is the GUI wrapper for the options page. SquirrelSpell uses it for creating all Options pages.

Parameters
string$titleThe title of the page to display
string$scriptsrcThis is used to link a file.js into the <script src="file.js"></script> format. This allows to separate javascript from the rest of the plugin and place it into the js/ directory.
string$bodyThe body of the message to display.
Returns
void

Check if we need to link in a script.

Generate a nice "Return to Options" link, unless this is the starting page.

Close the table and display the version.

Definition at line 28 of file sqspell_functions.php.

References $body, $color, $SQSPELL_VERSION, _(), displayPageHeader(), html_tag(), SQ_GET, and sqgetGlobalVar().

Referenced by sqspell_getWords().

◆ sqspell_makeWindow()

sqspell_makeWindow (   $onload,
  $title,
  $scriptsrc,
  $body 
)

Function similar to the one above. This one is a general wrapper for the Squirrelspell pop-up window. It's called form nearly everywhere, except the check_me module, since that one is highly customized.

Parameters
string$onloadUsed to indicate and pass the name of a js function to call in a <body onload="function()" for automatic onload script execution.
string$titleTitle of the page.
string$scriptsrcIf defined, link this javascript source page into the document using <script src="file.js"> format.
string$bodyThe content to include.
Returns
void

Provide an onload="jsfunction()" if asked to.

Draw the rest of the page.

Definition at line 95 of file sqspell_functions.php.

References $body, $color, $SQSPELL_VERSION, displayHtmlHeader(), and html_tag().

Referenced by sqspell_getWords().

◆ sqspell_upgradeWordsFile()

sqspell_upgradeWordsFile (   $words_string)

This function transparently upgrades the 0.2 dictionary format to the 0.3 format, since user-defined languages have been added in 0.3 and the new format keeps user dictionaries selection in the file.

This function will be retired soon, as it's been a while since anyone has been using SquirrelSpell-0.2.

Parameters
$words_stringContents of the 0.2-style user dictionary.
Returns
Contents of the 0.3-style user dictionary.

Define just one dictionary for this user – the default. If the user wants more, s/he can set them up in personal preferences. See doc/UPGRADING for more info.

Definition at line 200 of file sqspell_functions.php.

References $SQSPELL_APP_DEFAULT, $SQSPELL_VERSION, and sqspell_writeWords().

Referenced by sqspell_getWords().

◆ sqspell_writeWords()

sqspell_writeWords (   $words)

Writes user dictionary into the $username.words file, then changes mask to 0600. If encryption is needed – does that, too.

Parameters
$wordsThe contents of the ".words" file to write.
Returns
void

if $words is empty, create a template entry by calling the sqspell_makeDummy() function.

User wants to encrypt the file. So be it. Get the user's password to use as a key.

Try encrypting it. If fails, scream bloody hell.

AAAAAAAAH! I'm not handling this yet, since obviously the admin of the site forgot to compile the MCRYPT support in when upgrading an existing PHP installation. I will add a handler for this case later, when I can come up with some work-around... Right now, do nothing. Let the Admin's head hurt.. ;)))

Do the actual writing.

Definition at line 431 of file sqspell_functions.php.

References $SQSPELL_CRYPTO, $SQSPELL_WORDS_FILE, OneTimePadDecrypt(), SQ_COOKIE, SQ_SESSION, sqgetGlobalVar(), sqspell_crypto(), and sqspell_makeDummy().

Referenced by sqspell_upgradeWordsFile().

Variable Documentation

◆ $SQSPELL_VERSION

$SQSPELL_VERSION ="v0.3.8"

SquirrelSpell version. Don't modify, since it identifies the format of the user dictionary files and messing with this can do ugly stuff. :)

Definition at line 526 of file sqspell_functions.php.

Referenced by sqspell_makeDummy(), sqspell_makePage(), sqspell_makeWindow(), and sqspell_upgradeWordsFile().