if $key is set to false, sqimap_login() function will use sqauth_read_password()

to retrieve user password.
sqimap_login() calls in plugins are modified to use this code.
It allows to centralize place that is used to access password information.

Older way is preserved for backwards compatibility and different IMAP login
credentials.

ChangeLog

@@ -37,6 +37,9 @@ Version 1.5.2 - CVS
   - Fixed sqsession_cookie function for setting HttpOnly cookie attribute.
   - Reduce references header in a smart way to avoid "header too long"
     errors from SMTP servers in really long threads (#1167754, #1465342).
+  - Added code that allows to use internal password functions in sqimap_login().
+    Switched plugins to use this code instead of accessing key and otp information
+    directly.
 
 Version 1.5.1 (branched on 2006-02-12)
 --------------------------------------

functions/imap_general.php

@@ -743,7 +743,9 @@ function sqimap_create_stream($server,$port,$tls=0) {
  * Logs the user into the IMAP server.  If $hide is set, no error messages
  * will be displayed.  This function returns the IMAP connection handle.
  * @param string $username user name
- * @param string $password encrypted password
+ * @param string $password password encrypted with onetimepad. Since 1.5.2 
+ *  function can use internal password functions, if parameter is set to 
+ *  boolean false. 
  * @param string $imap_server_address address of imap server
  * @param integer $imap_port port of imap server
  * @param boolean $hide controls display connection errors
@@ -753,9 +755,19 @@ function sqimap_login ($username, $password, $imap_server_address, $imap_port, $
     global $color, $squirrelmail_language, $onetimepad, $use_imap_tls,
            $imap_auth_mech, $sqimap_capabilities;
 
-    if (!isset($onetimepad) || empty($onetimepad)) {
-        sqgetglobalvar('onetimepad' , $onetimepad , SQ_SESSION );
+    /* get imap login password */
+    if ($password===false) {
+        /* standard functions */
+        $password = sqauth_read_password();
+    } else {
+        /* old way. $key must be extracted from cookie */
+        if (!isset($onetimepad) || empty($onetimepad)) {
+            sqgetglobalvar('onetimepad' , $onetimepad , SQ_SESSION );
+        }
+        /* Decrypt the password */
+        $password = OneTimePadDecrypt($password, $onetimepad);
     }
+
     if (!isset($sqimap_capabilities)) {
         sqgetglobalvar('sqimap_capabilities' , $capability , SQ_SESSION );
     }
@@ -765,9 +777,6 @@ function sqimap_login ($username, $password, $imap_server_address, $imap_port, $
 
     $imap_stream = sqimap_create_stream($imap_server_address,$imap_port,$use_imap_tls);
 
-    /* Decrypt the password */
-    $password = OneTimePadDecrypt($password, $onetimepad);
-
     if (($imap_auth_mech == 'cram-md5') OR ($imap_auth_mech == 'digest-md5')) {
         // We're using some sort of authentication OTHER than plain or login
         $tag=sqimap_session_id(false);

include/options/folder.php

@@ -33,12 +33,11 @@ define('SMOPT_GRP_FOLDERSELECT', 2);
  * @return array all option information
  */
 function load_optpage_data_folder() {
-    global $username, $key, $imapServerAddress, $imapPort;
+    global $username, $imapServerAddress, $imapPort;
     global $folder_prefix, $default_folder_prefix, $show_prefix_option;
 
     /* Get some imap data we need later. */
-    $imapConnection =
-        sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
+    $imapConnection = sqimap_login($username, false, $imapServerAddress, $imapPort, 0);
     $boxes = sqimap_mailbox_list($imapConnection);
 
     /* Build a simple array into which we will build options. */

plugins/info/options.php

@@ -42,8 +42,6 @@ if (! is_plugin_enabled('info')) {
 
 /* GLOBALS */
 sqgetGlobalVar('username', $username, SQ_SESSION);
-sqgetGlobalVar('key', $key, SQ_COOKIE);
-sqgetGlobalVar('onetimepad', $onetimepad, SQ_SESSION);
 
 sqgetGlobalVar('submit', $submit, SQ_POST);
 
@@ -56,7 +54,7 @@ for($i = 0; $i <= 9; $i++){
 
 /* END GLOBALS */
 
-$imap_stream = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
+$imap_stream = sqimap_login($username, false, $imapServerAddress, $imapPort, 0);
 $caps_array = get_caps($imap_stream);
 $list = array ('TEST_0',
                'TEST_1',

plugins/message_details/message_details_bottom.php

@@ -126,9 +126,8 @@ global $imapServerAddress, $imapPort, $color,$msgd_8bit_in_hex;
 $returnValue = '';
 
 sqgetGlobalVar('username', $username, SQ_SESSION);
-sqgetGlobalVar('key', $key, SQ_COOKIE);
 
-$imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
+$imapConnection = sqimap_login($username, false, $imapServerAddress, $imapPort, 0);
 $read = sqimap_mailbox_select($imapConnection, $mailbox);
 $start = gettimeofday();
 $body = sqimap_run_command($imapConnection, "FETCH $passed_id RFC822",true, $response, $readmessage, TRUE);

plugins/sent_subfolders/setup.php

@@ -104,11 +104,9 @@ function sent_subfolders_optpage_loadhook_folders() {
     global $optpage_data, $imapServerAddress, $imapPort, $show_contain_subfolders_option;
 
     sqgetGlobalVar('username', $username, SQ_SESSION);
-    sqgetGlobalVar('key', $key, SQ_COOKIE);
 
     /* Get some imap data we need later. */
-    $imapConnection =
-        sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
+    $imapConnection = sqimap_login($username, false, $imapServerAddress, $imapPort, 0);
     $boxes = sqimap_mailbox_list($imapConnection);
     sqimap_logout($imapConnection);
 
@@ -197,7 +195,6 @@ function sent_subfolders_update_sentfolder() {
     global $use_sent_subfolders, $move_to_sent;
 
     sqgetGlobalVar('username', $username, SQ_SESSION);
-    sqgetGlobalVar('key', $key, SQ_COOKIE);
     sqgetGlobalVar('delimiter', $delimiter, SQ_SESSION);
 
     if ($use_sent_subfolders || $move_to_sent) {
@@ -246,7 +243,7 @@ function sent_subfolders_update_sentfolder() {
             /* Auto-create folders, if they do not yet exist. */
             if ($sent_subfolder != 'none') {
                 /* Create the imap connection. */
-                $ic = sqimap_login($username, $key, $imapServerAddress, $imapPort, 10);
+                $ic = sqimap_login($username, false, $imapServerAddress, $imapPort, 10);
 
                 $boxes = false;
                 /**

plugins/spamcop/functions.php

@@ -131,13 +131,12 @@ function spamcop_options_function() {
  */
 function spamcop_while_sending_function() {
     global $mailbox, $spamcop_delete, $spamcop_save, $spamcop_is_composing, $auto_expunge,
-           $username, $key, $imapServerAddress, $imapPort;
+           $username, $imapServerAddress, $imapPort;
 
     if (sqgetGlobalVar('spamcop_is_composing' , $spamcop_is_composing)) {
         // delete spam message
         if ($spamcop_delete) {
-            $imapConnection = sqimap_login($username, $key, $imapServerAddress,
-                $imapPort, 0);
+            $imapConnection = sqimap_login($username, false, $imapServerAddress, $imapPort, 0);
             sqimap_mailbox_select($imapConnection, $mailbox);
             sqimap_msgs_list_delete($imapConnection, $mailbox, array($spamcop_is_composing));
             if ($auto_expunge)

plugins/spamcop/spamcop.php

@@ -23,8 +23,6 @@ include_once(SM_PATH . 'plugins/spamcop/functions.php');
 /* GLOBALS */
 
 sqgetGlobalVar('username', $username, SQ_SESSION);
-sqgetGlobalVar('key',      $key,      SQ_COOKIE);
-sqgetGlobalVar('onetimepad', $onetimepad, SQ_SESSION);
 
 sqgetGlobalVar('mailbox', $mailbox, SQ_GET);
 sqgetGlobalVar('passed_id', $passed_id, SQ_GET);
@@ -64,8 +62,7 @@ if (! is_plugin_enabled('spamcop')) {
     exit();
 }
 
-    $imap_stream = sqimap_login($username, $key, $imapServerAddress,
-       $imapPort, 0);
+    $imap_stream = sqimap_login($username, false, $imapServerAddress, $imapPort, 0);
     sqimap_mailbox_select($imap_stream, $mailbox);
 
     if ($spamcop_method == 'quick_email' ||