Added option to do data and attachment directory hashing, up to four levels. Will automatically search for missing file at other levels, move them to the right place, create hash directories, etc.

Should work for both data directory and attachment. Also modified Squirrelspell plugin to use this as well.

config/conf.pl

@@ -6,7 +6,7 @@
 #
 # $Id$
 ############################################################              
-$conf_pl_version = "x63";
+$conf_pl_version = "x64";
 
 ############################################################              
 # Some people try to run this as a CGI. That's wrong!
@@ -344,10 +344,11 @@ while (($command ne "q") && ($command ne "Q")) {
       print "1.  Default Charset        : $WHT$default_charset$NRM\n";
       print "2.  Data Directory         : $WHT$data_dir$NRM\n";
       print "3.  Attachment Directory   : $WHT$attachment_dir$NRM\n";
-      print "4.  Default Left Size      : $WHT$default_left_size$NRM\n";
-      print "5.  Usernames in Lowercase : $WHT$force_username_lowercase$NRM\n";
-      print "6.  Allow use of priority  : $WHT$default_use_priority$NRM\n";
-      print "7.  Hide SM attributions   : $WHT$hide_sm_attributions$NRM\n";
+      print "4.  Directory Hash Level   : $WHT$dir_hash_level$NRM\n";
+      print "5.  Default Left Size      : $WHT$default_left_size$NRM\n";
+      print "6.  Usernames in Lowercase : $WHT$force_username_lowercase$NRM\n";
+      print "7.  Allow use of priority  : $WHT$default_use_priority$NRM\n";
+      print "8.  Hide SM attributions   : $WHT$hide_sm_attributions$NRM\n";
       print "\n";
       print "R   Return to Main Menu\n";
    } elsif ($menu == 5) {
@@ -501,12 +502,13 @@ while (($command ne "q") && ($command ne "Q")) {
          elsif ($command == 16) { $auto_create_special            = command214(); }
       } elsif ($menu == 4) {
          if    ($command == 1) { $default_charset          = command31 (); }
-         elsif ($command == 2) { $data_dir                 = command33 (); }
-         elsif ($command == 3) { $attachment_dir           = command34 (); }
-         elsif ($command == 4) { $default_left_size        = command35 (); }
-	 elsif ($command == 5) { $force_username_lowercase = command36 (); }
-	 elsif ($command == 6) { $default_use_priority     = command37 (); }
-         elsif ($command == 7) { $hide_sm_attributions     = command38 (); }
+         elsif ($command == 2) { $data_dir                 = command33a (); }
+         elsif ($command == 3) { $attachment_dir           = command33b (); }
+         elsif ($command == 4) { $dir_hash_level           = command33c (); }
+         elsif ($command == 5) { $default_left_size        = command35 (); }
+	 elsif ($command == 6) { $force_username_lowercase = command36 (); }
+	 elsif ($command == 7) { $default_use_priority     = command37 (); }
+         elsif ($command == 8) { $hide_sm_attributions     = command38 (); }
       } elsif ($menu == 5) {
          if    ($command == 1) { command41 (); }
          elsif ($command == 2) { $theme_css = command42 (); }
@@ -1270,7 +1272,7 @@ sub command31 {
 }
 
 # Data directory
-sub command33 {
+sub command33a {
    print "It is a possible security hole to have a writable directory\n";
    print "under the web server's root directory (ex: /home/httpd/html).\n";
    print "For this reason, it is possible to put the data directory\n";
@@ -1298,7 +1300,7 @@ sub command33 {
 }
 
 # Attachment directory
-sub command34 {
+sub command33b {
    print "Path to directory used for storing attachments while a mail is\n";
    print "being sent.  There are a few security considerations regarding this\n";
    print "directory:\n";
@@ -1329,6 +1331,39 @@ sub command34 {
    return $new_attachment_dir;
 }
 
+sub command33c {
+   print "The directory hash level setting allows you to configure the level\n";
+   print "of hashing that Squirremail employs in your data and attachment\n";
+   print "directories. This value must be an integer ranging from 0 to 4.\n";
+   print "When this value is set to 0, Squirrelmail will simply store all\n";
+   print "files as normal in the data and attachment directories. However,\n";
+   print "when set to a value from 1 to 4, a simple hashing scheme will be\n";
+   print "used to organize the files in this directory. In short, the crc32\n";
+   print "value for a username will be computed. Then, up to the first 4\n";
+   print "digits of the hash, as set by this configuration value, will be\n";
+   print "used to directory hash the files for that user in the data and\n";
+   print "attachment directory. This allows for better performance on\n";
+   print "servers with larger numbers of users.\n";
+   print "\n";
+
+   print "[$WHT$dir_hash_level$NRM]: $WHT";
+   $new_dir_hash_level = <STDIN>;
+   if ($new_dir_hash_level eq "\n") {
+      $new_dir_hash_level = $dir_hash_level;
+   } else {
+      $new_dir_hash_level =~ s/[\r|\n]//g;
+   }
+   if (($new_dir_hash_level < 0) || ($new_dir_hash_level > 4)) {
+      print "Invalid Directory Hash Level.\n";
+      print "Value must be an integer ranging from 0 to 4\n";
+      print "Hit enter to continue.\n";
+      $enter_key = <STDIN>;
+
+      $new_dir_hash_level = $dir_hash_level;
+   }
+
+   return $new_dir_hash_level;
+}
 
 sub command35 {
    print "This is the default size (in pixels) of the left folder list.\n";
@@ -1794,12 +1829,14 @@ sub save_data {
    print FILE "\t\$auto_create_special              =  $auto_create_special;\n";
    print FILE "\n";
 
-   print FILE "\tglobal \$default_charset, \$data_dir, \$attachment_dir;\n";
+   print FILE "\tglobal \$default_charset;\n";
+   print FILE "\tglobal \$data_dir, \$attachment_dir, \$dir_hash_level;\n";
    print FILE "\tglobal \$default_left_size, \$force_username_lowercase;\n";
    print FILE "\tglobal \$default_use_priority, \$hide_sm_attributions;\n";
    print FILE "\t\$default_charset          = \"$default_charset\";\n";
    print FILE "\t\$data_dir                 = \"$data_dir\";\n";
    print FILE "\t\$attachment_dir           = \"$attachment_dir\";\n";
+   print FILE "\t\$dir_hash_level           = $dir_hash_level;\n";
    print FILE "\t\$default_left_size        =  $default_left_size;\n";
    print FILE "\t\$force_username_lowercase = $force_username_lowercase;\n";
    print FILE "\t\$default_use_priority     = $default_use_priority;\n";

config/config_default.php

@@ -212,6 +212,10 @@
     global $attachment_dir;
     $attachment_dir = $data_dir;
 
+// Hash level used for data directory.
+    global $dir_hash_level;
+    $dir_hash_level = 0;
+
 //  This is the default size of the folder list.  Default is 150,
 //  but you can set it to whatever you wish.
    global $default_left_size;

functions/addressbook.php

@@ -79,7 +79,7 @@ require_once('../functions/abook_ldap_server.php');
 	 }
       } else {
 	 // File
-	 $filename = sprintf('%s%s.abook', $data_dir, $username);
+	 $filename = getHashedFile($username, $data_dir, "$username.abook");
 	 $r = $abook->add_backend('local_file', Array('filename' => $filename,
 						      'create'   => true));
 	 if(!$r && $showerr) {

functions/prefs.php

@@ -27,7 +27,7 @@ function cachePrefValues($data_dir, $username) {
         return;
     }
 
-    $filename = $data_dir . $username . '.pref';
+    $filename = getHashedFile($username, $data_dir, "$username.pref");
 
     if (!file_exists($filename)) {
         printf (_("Preference file, %s, does not exist. Log out, and log back in to create a default preference file."), $filename);
@@ -88,7 +88,9 @@ function getPref($data_dir, $username, $string, $default = '') {
 function savePrefValues($data_dir, $username) {
     global $prefs_cache;
    
-    $file = fopen($data_dir . $username . '.pref', 'w');
+    $filename = getHashedFile($username, $data_dir, "$username.pref");
+
+    $file = fopen($filename, 'w');
     foreach ($prefs_cache as $Key => $Value) {
         if (isset($Value)) {
             fwrite($file, $Key . '=' . $Value . "\n");
@@ -136,7 +138,7 @@ function setPref($data_dir, $username, $string, $value) {
  * Check for a preferences file. If one can not be found, create it.
  */
 function checkForPrefs($data_dir, $username) {
-    $filename = $data_dir . $username . '.pref';
+    $filename = getHashedFile($username, $data_dir, "$username.pref");
     if (!file_exists($filename) ) {
         if (!copy($data_dir . 'default_pref', $filename)) {
             echo _("Error opening ") . $filename;
@@ -149,7 +151,8 @@ function checkForPrefs($data_dir, $username) {
  * Write the User Signature.
  */
 function setSig($data_dir, $username, $value) {
-    $file = fopen($data_dir . $username . '.sig', 'w');
+    $filename = getHashedFile($username, $data_dir, "$username.sig");
+    $file = fopen($filename, 'w');
     fwrite($file, $value);
     fclose($file);
 }
@@ -158,7 +161,8 @@ function setSig($data_dir, $username, $value) {
  * Get the signature.
  */
 function getSig($data_dir, $username) {
-    $filename = $data_dir . $username . '.sig';
+    #$filename = $data_dir . $username . '.sig';
+    $filename = getHashedFile($username, $data_dir, "$username.sig");
     $sig = '';
     if (file_exists($filename)) {
         $file = fopen($filename, 'r');
@@ -170,4 +174,72 @@ function getSig($data_dir, $username) {
     return $sig;
 }
 
+function getHashedFile($username, $dir, $datafile, $hash_search = true) {
+    global $dir_hash_level;
+
+    /* Compute the hash for this user and extract the hash directories. */
+    $hash_dirs = computeHashDirs($username);
+
+    /* First, get and make sure the full hash directory exists. */
+    $real_hash_dir = getHashedDir($username, $dir, $hash_dirs);
+
+    /* Set the value of our real data file. */
+    $result = "$real_hash_dir/$datafile";
+
+    /* Check for this file in the real hash directory. */
+    if ($hash_search && !file_exists($result)) {
+        /* First check the base directory, the most common location. */
+        if (file_exists("$dir/$datafile")) {
+            rename("$dir/$datafile", $result);
+
+        /* Then check the full range of possible hash directories. */
+        } else {
+            $check_hash_dir = $dir;
+            for ($h = 0; $h < 4; ++$h) {
+                $check_hash_dir .= '/' . $hash_dirs[$h];
+                if (is_readable("$check_hash_dir/$datafile")) {
+                    rename("$check_hash_dir/$datafile", $result);
+                    break;
+                }
+            }
+        }
+    }
+     
+    /* Return the full hashed datafile path. */
+    return ($result);
+}
+
+function getHashedDir($username, $dir, $hash_dirs = '') {
+    global $dir_hash_level;
+
+    /* If necessary, populate the hash dir variable. */
+    if ($hash_dirs == '') {
+        $hash_dirs = computeHashDirs($username);
+    }
+
+    /* Make sure the full hash directory exists. */
+    $real_hash_dir = $dir;
+    for ($h = 0; $h < $dir_hash_level; ++$h) {
+        $real_hash_dir .= '/' . $hash_dirs[$h];
+        if (!is_dir($real_hash_dir)) {
+            mkdir($real_hash_dir, 0770);
+        }
+    }
+
+    /* And return that directory. */
+    return ($real_hash_dir);
+}
+
+function computeHashDirs($username) {
+    /* Compute the hash for this user and extract the hash directories. */
+    $hash = base_convert(crc32($username), 10, 16);
+    $hash_dirs = array();
+    for ($h = 0; $h < 4; ++ $h) {
+        $hash_dirs[] = substr($hash, $h, 1);
+    }
+
+    /* Return our array of hash directories. */
+    return ($hash_dirs);
+}
+
 ?>

functions/smtp.php

@@ -30,6 +30,7 @@
 
 require_once('../functions/addressbook.php');
 require_once('../functions/plugin.php');
+require_once('../functions/prefs.php');
 
 global $username, $popuser, $domain;
 
@@ -116,10 +117,11 @@ global $username, $popuser, $domain;
 
    // Attach the files that are due to be attached
    function attachFiles ($fp) {
-      global $attachments, $attachment_dir;
+      global $attachments, $attachment_dir, $username;
 
       $length = 0;
 
+      $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
       if (isMultipart()) {
          foreach ($attachments as $info)
 	 {
@@ -136,7 +138,9 @@ global $username, $popuser, $domain;
             
 	    // Use 'rb' for NT systems -- read binary
 	    // Unix doesn't care -- everything's binary!  :-)
-            $file = fopen ($attachment_dir . $info['localfilename'], 'rb');
+             
+            $filename = $hashed_attachment_dir . '/' . $info['localfilename'];
+            $file = fopen ($filename, 'rb');
 	    if (substr($filetype, 0, 5) == 'text/' ||
  	        $filetype == 'message/rfc822') {
 	       $header .= "\r\n";
@@ -172,12 +176,14 @@ global $username, $popuser, $domain;
    function deleteAttachments() {
       global $attachments, $attachment_dir;
 
+      $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
       if (isMultipart()) {
          reset($attachments);
          while (list($localname, $remotename) = each($attachments)) {
             if (!ereg ("\\/", $localname)) {
-               unlink ($attachment_dir.$localname);
-               unlink ($attachment_dir.$localname.'.info');
+               $filename = $hashed_attachment_dir . '/' . $localname;
+               unlink ($filename);
+               unlink ("$filename.info");
             }
          }
       }

plugins/squirrelspell/modules/forget_me.mod.php

@@ -20,7 +20,7 @@
         $lang_words = sqspell_getLang($words, $sqspell_use_app);
         $msg = '<p>'.
                sprintf( _("Deleting the following entries from <strong>%s</strong> dictionary:", $sqspell_use_app ) .
-               '</p>'.
+               '</p>' .
                "<ul>\n";
         for ($i=0; $i<sizeof($words_ary); $i++){
             // remove word by word...
@@ -56,4 +56,4 @@
         sqspell_makePage(_("Personal Dictionary"), null, '<p>' . _("No changes requested.") . '</p>');
     }
     
-?>
+?>

plugins/squirrelspell/sqspell_config.php

@@ -1,25 +1,27 @@
 <?php
 
    /**
-    **  sqspell_config.php -- SquirrelSpell Configuration file.
-    **
-    **  Copyright (c) 1999-2001 The SquirrelMail development team
-    **  Licensed under the GNU GPL. For full terms see the file COPYING.
-    **
-    **
-    **
-    **  $Id$
-    **/
+    * sqspell_config.php -- SquirrelSpell Configuration file.
+    *
+    *  Copyright (c) 1999-2001 The SquirrelMail Development Team
+    *  Licensed under the GNU GPL. For full terms see the file COPYING.
+    *
+    *
+    *
+    * $Id$
+    */
+
+    require_once('../functions/prefs.php');
 
     /* Just for poor wretched souls with E_ALL. :) */
     global $username, $data_dir;
 
-
     $SQSPELL_APP = array( 'English' => 'ispell -a',
                           'Spanish' => 'ispell -d spanish -a' );
     $SQSPELL_APP_DEFAULT = 'English';
-    $SQSPELL_WORDS_FILE = "$data_dir/$username.words";
+    $SQSPELL_WORDS_FILE = 
+        getHashedFile($username, $data_dir, "$username.words");
     $SQSPELL_EREG = 'ereg';
     $SQSPELL_SOUP_NAZI = 'Mozilla/3, Mozilla/2, Opera 4, Opera/4, Macintosh';
 
-?>
+?>

src/compose.php

@@ -172,7 +172,7 @@ require_once('../functions/plugin.php');
 
    function getAttachments($message) {
       global $mailbox, $attachments, $attachment_dir, $imapConnection,
-             $ent_num, $forward_id, $draft_id;
+             $ent_num, $forward_id, $draft_id, $username;
  
      if (isset($draft_id))
          $id = $draft_id;
@@ -185,6 +185,7 @@ require_once('../functions/plugin.php');
                $mailbox);
       }
 
+      $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
       if (count($message->entities) == 0) {
           if ($message->header->entity_id != $ent_num) {
               $filename = decodeHeader($message->header->filename);
@@ -193,8 +194,11 @@ require_once('../functions/plugin.php');
                   $filename = "untitled-".$message->header->entity_id;
 
               $localfilename = GenerateRandomString(32, '', 7);
-              while (file_exists($attachment_dir . $localfilename))
+              $full_localfilename = "$hashed_attachment_dir/$localfilename";
+              while (file_exists($full_localfilename)) {
                   $localfilename = GenerateRandomString(32, '', 7);
+                  $full_localfilename = "$hashed_attachment_dir/$localfilename";
+              }
 
               $newAttachment = array();
               $newAttachment['localfilename'] = $localfilename;
@@ -203,7 +207,7 @@ require_once('../functions/plugin.php');
                  '/' . $message->header->type1);
 
               // Write Attachment to file
-              $fp = fopen ($attachment_dir.$localfilename, 'w');
+              $fp = fopen ("$hashed_attachment_dir/$localfilename", 'w');
               fputs ($fp, decodeBody(mime_fetch_body($imapConnection,
                   $id, $message->header->entity_id),
                   $message->header->encoding));
@@ -366,16 +370,16 @@ require_once('../functions/plugin.php');
       echo " value=\"" . _("Add") ."\">\n";
       echo "     </td>\n";
       echo "   </tr>\n";
-      if (count($attachments))
-      {
+      if (count($attachments)) {
+         $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
          echo "<tr><td bgcolor=\"$color[0]\" align=right>\n";
          echo "&nbsp;";
          echo "</td><td align=left bgcolor=\"$color[0]\">";
          foreach ($attachments as $key => $info) {
+            $attached_file = "$hashed_attachment_dir/$info[localfilename]";
             echo "<input type=\"checkbox\" name=\"delete[]\" value=\"$key\">\n";
             echo $info['remotefilename'] . " - " . $info['type'] . " (";
-            echo show_readable_size(filesize($attachment_dir .
-                $info['localfilename'])) . ")<br>\n";
+            echo show_readable_size(filesize($attached_file)) . ")<br>\n";
          }
 
          echo "<input type=\"submit\" name=\"do_delete\" value=\""._("Delete selected attachments")."\">\n";
@@ -447,14 +451,18 @@ require_once('../functions/plugin.php');
 
    // True if FAILURE
    function saveAttachedFiles() {
-      global $HTTP_POST_FILES, $attachment_dir, $attachments;
+      global $HTTP_POST_FILES, $attachment_dir, $attachments, $username;
       
+      $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
       $localfilename = GenerateRandomString(32, '', 7);
-      while (file_exists($attachment_dir . $localfilename))
+      $full_localfilename = "$hashed_attachment_dir/$localfilename";
+      while (file_exists($full_localfilename)) {
           $localfilename = GenerateRandomString(32, '', 7);
+          $full_localfilename = "$hashed_attachment_dir/$localfilename";
+      }
 
-      if (!@rename($HTTP_POST_FILES['attachfile']['tmp_name'], $attachment_dir.$localfilename)) {
-         if (!@copy($HTTP_POST_FILES['attachfile']['tmp_name'], $attachment_dir.$localfilename)) {
+      if (!@rename($HTTP_POST_FILES['attachfile']['tmp_name'], $full_localfilename)) {
+         if (!@copy($HTTP_POST_FILES['attachfile']['tmp_name'], $full_localfilename)) {
             return true;
          }
       }
@@ -600,11 +608,12 @@ require_once('../functions/plugin.php');
    } else if (isset($do_delete)) {
       displayPageHeader($color, $mailbox);
 
-      if (isset($delete) && is_array($delete))
-      {
-         foreach($delete as $index)
-         {
-            unlink ($attachment_dir.$attachments[$index]['localfilename']);
+      $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
+      if (isset($delete) && is_array($delete)) {
+         foreach($delete as $index) {
+            $attached_file = $hashed_attachment_dir . '/'
+                           . $attachments[$index]['localfilename'];
+            unlink ($attached_file);
             unset ($attachments[$index]);
          }
       }
@@ -633,11 +642,13 @@ require_once('../functions/plugin.php');
    }
 
    function ClearAttachments() {
-       global $attachments, $attachment_dir;
+       global $username, $attachments, $attachment_dir;
+       $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
 
        foreach ($attachments as $info) {
-           if (file_exists($attachment_dir . $info['localfilename'])) {
-               unlink($attachment_dir . $info['localfilename']);
+           $attached_file = "$hashed_attachment_dir/$info[localfilename]";
+           if (file_exists($attached_file)) {
+               unlink($attached_file);
            }
        }
 

src/draft_actions.php

@@ -142,20 +142,25 @@ function writeBodyForDraft ($fp, $passedBody) {
 
 
 function saveMessageAsDraft($t, $c, $b, $subject, $body, $reply_id) {
-    global $useSendmail, $msg_id, $is_reply, $mailbox, $onetimepad;
-    global $data_dir, $username, $domain, $key, $version, $sent_folder, $imapServerAddress, $imapPort;
-    global $draft_folder, $attachment_dir;
+    global $useSendmail, $msg_id, $is_reply, $mailbox, $onetimepad,
+           $data_dir, $username, $domain, $key, $version, $sent_folder,
+           $imapServerAddress, $imapPort, $draft_folder, $attachment_dir;
     $more_headers = Array();
 
     $imap_stream = sqimap_login($username, $key, $imapServerAddress, $imapPort, 1);
 
+    $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
+
     $tmpDraftFile = "draft-" . GenerateRandomString(32, '', 7);
-    while ( file_exists($attachment_dir .$tmpDraftFile)){
+    $full_tmpDraftFile = "$hashed_attachment_dir/$tmpDraftFile";
+    while (file_exists($full_tmpDraftFile)){
          $tmpDraftFile = "draft-" . GenerateRandomString(32, '', 7);
+         $full_tmpDraftFile = "$hashed_attachment_dir/$tmpDraftFile";
     }
-    $fp = fopen($attachment_dir . $tmpDraftFile, 'w');
+    $fp = fopen($full_tmpDraftFile, 'w');
 
-    $headerlength = write822HeaderForDraft ($fp, $t, $c, $b, $subject, $more_headers, FALSE);
+    $headerlength = write822HeaderForDraft
+        ($fp, $t, $c, $b, $subject, $more_headers, FALSE);
     $bodylength = writeBodyForDraft ($fp, $body, FALSE);
     fclose($fp);
 
@@ -163,7 +168,8 @@ function saveMessageAsDraft($t, $c, $b, $subject, $body, $reply_id) {
 
     if (sqimap_mailbox_exists ($imap_stream, $draft_folder)) {
         sqimap_append ($imap_stream, $draft_folder, $length);
-        write822HeaderForDraft ($imap_stream, $t, $c, $b, $subject, $more_headers, TRUE);
+        write822HeaderForDraft
+            ($imap_stream, $t, $c, $b, $subject, $more_headers, TRUE);
         writeBodyForDraft ($imap_stream, $body, TRUE);
         sqimap_append_done ($imap_stream);
     }
@@ -171,8 +177,8 @@ function saveMessageAsDraft($t, $c, $b, $subject, $body, $reply_id) {
     if ($length){
         ClearAttachments();
     }
-    if (file_exists($attachment_dir . $tmpDraftFile)){
-        unlink ($attachment_dir . $tmpDraftFile);
+    if (file_exists($full_tmpDraftFile)){
+        unlink ($full_tmpDraftFile);
     }
     return $length;
 }

src/retrievalerror.php

@@ -42,11 +42,13 @@ require_once("../src/load_prefs.php");
 
 
    function ClearAttachments() {
-       global $attachments, $attachment_dir;
+       global $attachments, $attachment_dir, $username;
 
+       $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
        foreach ($attachments as $info) {
-           if (file_exists($attachment_dir . $info['localfilename'])) {
-               unlink($attachment_dir . $info['localfilename']);
+           $attached_file = "$hashed_attachment_dir/$info[localfilename]";
+           if (file_exists($attached_file)) {
+               unlink($attached_file);
            }
        }
 
@@ -63,12 +65,16 @@ require_once("../src/load_prefs.php");
    $thebastard = implode('', $data);
 
 
-
+   $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
    $localfilename = GenerateRandomString(32, '', 7);
-   while (file_exists($attachment_dir . $localfilename))
+   $full_localfilename = "$hashed_attachment_dir/$localfilename";
+   while (file_exists($full_localfilename)) {
        $localfilename = GenerateRandomString(32, '', 7);
+       $full_localfilename = "$hashed_attachment_dir/$localfilename";
+   }
+
    // Write Attachment to file
-   $fp = fopen ($attachment_dir.$localfilename, 'w');
+   $fp = fopen ($full_localfilename, 'w');
    fputs ($fp, $thebastard);
    fclose ($fp);
 

src/right_main.php

@@ -33,6 +33,8 @@ require_once('../functions/display_messages.php');
  *    $key              pass                               *
  ***********************************************************/
 
+$bob = getHashedFile($username, $data_dir, "username.pref");
+
 /* Open a connection on the imap port (143) */
 $imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
 

src/signout.php

@@ -35,9 +35,11 @@ require_once('../functions/plugin.php');
    if (! isset($attachments)) {
        $attachments = array();
    }
+   $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
    foreach ($attachments as $info) {
-       if (file_exists($attachment_dir . $info['localfilename'])) {
-           unlink($attachment_dir . $info['localfilename']);
+       $attached_file = "$hashed_attachment_dir/$info[localfilename]";
+       if (file_exists($attached_file)) {
+           unlink($attached_file);
        }
    }