0ct0pu5
/
squirrelmail


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180
							<?php

/**
 * prefs.php
 *
 * This contains functions for filebased user prefs locations
 *
 * @copyright 1999-2025 The SquirrelMail Project Team
 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
 * @version $Id$
 * @package squirrelmail
 * @subpackage prefs
 */


/* Hashing functions */

/**
 * Given a username and datafilename, this will return the path to the
 * hashed location of that datafile.
 *
 * @param string username the username of the current user
 * @param string dir the SquirrelMail datadir
 * @param string datafile the name of the file to open
 * @param bool hash_seach default true
 * @return string the hashed location of datafile
 * @since 1.2.0
 */
function getHashedFile($username, $dir, $datafile, $hash_search = true) {

    /* Remove trailing slash from $dir if found */
    if (substr($dir, -1) == '/') {
        $dir = substr($dir, 0, strlen($dir) - 1);
    }

    /* Compute the hash for this user and extract the hash directories. */
    $hash_dirs = computeHashDirs($username);

    /* First, get and make sure the full hash directory exists. */
    $real_hash_dir = getHashedDir($username, $dir, $hash_dirs);

    /* Set the value of our real data file, after we've removed unwanted characters. */
    $datafile = str_replace('/', '_', $datafile);
    $result = "$real_hash_dir/$datafile";

    /* Check for this file in the real hash directory. */
    if ($hash_search && !@file_exists($result)) {
        /* First check the base directory, the most common location. */
        if (@file_exists("$dir/$datafile")) {
            rename("$dir/$datafile", $result);

        /* Then check the full range of possible hash directories. */
        } else {
            $check_hash_dir = $dir;
            for ($h = 0; $h < 4; ++$h) {
                $check_hash_dir .= '/' . $hash_dirs[$h];
                if (@is_readable("$check_hash_dir/$datafile")) {
                    rename("$check_hash_dir/$datafile", $result);
                    break;
                }
            }
        }
    }

    /* Return the full hashed datafile path. */
    return ($result);
}

/**
 * Helper function for getHashedFile, given a username returns the hashed
 * dir for that username.
 *
 * @param string username the username of the current user
 * @param string dir the SquirrelMail datadir
 * @param string hash_dirs default ''
 * @return the path to the hash dir for username
 * @since 1.2.0
 */
function getHashedDir($username, $dir, $hash_dirs = '') {
    global $dir_hash_level;

    /* Remove trailing slash from $dir if found */
    if (substr($dir, -1) == '/') {
        $dir = substr($dir, 0, strlen($dir) - 1);
    }

    /* If necessary, populate the hash dir variable. */
    if ($hash_dirs == '') {
        $hash_dirs = computeHashDirs($username);
    }

    /* Make sure the full hash directory exists. */
    $real_hash_dir = $dir;
    for ($h = 0; $h < $dir_hash_level; ++$h) {
        $real_hash_dir .= '/' . $hash_dirs[$h];
        if (!@is_dir($real_hash_dir)) {
//FIXME: When safe_mode is turned on, the error suppression below makes debugging safe_mode UID/GID restrictions tricky... for now, I will add a check in configtest
            if (!@mkdir($real_hash_dir, 0770)) {
                error_box ( sprintf(_("Error creating directory %s."), $real_hash_dir) . "\n" .
                     _("Could not create hashed directory structure!") . "\n" .
                     _("Please contact your system administrator and report this error.") );
                exit;
            }
        }
    }

    /* And return that directory. */
    return ($real_hash_dir);
}

/**
 * Helper function for getHashDir which does the actual hash calculation.
 *
 * Uses a crc32 algorithm by default, but if you put
 * the following in config/config_local.php, you can
 * force md5 instead:
 *    $hash_dirs_use_md5 = TRUE;
 *
 * You may also specify that if usernames are in full
 * email address format, the domain part (beginning
 * with "@") be stripped before calculating the crc
 * or md5.  Do that by putting the following in
 * config/config_local.php:
 *    $hash_dirs_strip_domain = TRUE;
 *
 * @param string username the username to calculate the hash dir for
 *
 * @return array a list of hash dirs for this username
 *
 * @since 1.2.0
 *
 */
function computeHashDirs($username) {

    global $hash_dirs_use_md5, $hash_dirs_strip_domain;
    static $hash_dirs = array();


    // strip domain from username
    if ($hash_dirs_strip_domain)
        $user = substr($username, 0, strpos($username, '@'));
    else
        $user = $username;


    // have we already calculated it?
    if (!empty($hash_dirs[$user]))
        return $hash_dirs[$user];


    if ($hash_dirs_use_md5) {

        $hash = md5($user);
        //$hash = md5bin($user);

    } else {

        /* Compute the hash for this user and extract the hash directories.  */
        /* Note that the crc32() function result will be different on 32 and */
        /* 64 bit systems, thus the hack below.                              */
        $crc = crc32($user);
        if ($crc & 0x80000000) {
            $crc ^= 0xffffffff;
            $crc += 1;
        }
        $hash = base_convert($crc, 10, 16);
    }


    $my_hash_dirs = array();
    for ($h = 0; $h < 4; ++ $h) {
        $my_hash_dirs[] = substr($hash, $h, 1);
    }

    // Return our array of hash directories
    $hash_dirs[$user] = $my_hash_dirs;
    return ($my_hash_dirs);
}