Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Newer
Older
100644 279 lines (235 sloc) 10.315 kB
4e17e6c @thomascube Initial revision
thomascube authored
1 <?php
2 /*
a6f90e1 @alecpl -fixed disclaimer
alecpl authored
3 +-------------------------------------------------------------------------+
e019f2d @alecpl - s/RoundCube/Roundcube/
alecpl authored
4 | Roundcube Webmail IMAP Client |
80216d0 @alecpl - Change version number to 0.8-svn
alecpl authored
5 | Version 0.8-svn |
a6f90e1 @alecpl -fixed disclaimer
alecpl authored
6 | |
f5e7b35 @thomascube Bumbed version; Roundcube development is not Switzerland only
thomascube authored
7 | Copyright (C) 2005-2011, The Roundcube Dev Team |
a6f90e1 @alecpl -fixed disclaimer
alecpl authored
8 | |
9 | This program is free software; you can redistribute it and/or modify |
10 | it under the terms of the GNU General Public License version 2 |
11 | as published by the Free Software Foundation. |
12 | |
13 | This program is distributed in the hope that it will be useful, |
14 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16 | GNU General Public License for more details. |
17 | |
18 | You should have received a copy of the GNU General Public License along |
19 | with this program; if not, write to the Free Software Foundation, Inc., |
20 | 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. |
21 | |
22 +-------------------------------------------------------------------------+
23 | Author: Thomas Bruederli <roundcube@gmail.com> |
24 +-------------------------------------------------------------------------+
4e17e6c @thomascube Initial revision
thomascube authored
25
26 $Id$
27
28 */
29
47124c2 @thomascube Changed codebase to PHP5 with autoloader + added some new classes fro…
thomascube authored
30 // include environment
31 require_once 'program/include/iniset.php';
15a9d1c @thomascube Optimized loading time; added periodic mail check; added EXPUNGE command
thomascube authored
32
48bc52e @alecpl - Fix imap_init hook broken in r3258 (#1486493)
alecpl authored
33 // init application, start session, init output class, etc.
83a7636 @thomascube More code cleanup
thomascube authored
34 $RCMAIL = rcmail::get_instance();
35
9e54e6f @alecpl - Make the whole PHP output non-cacheable (#1487797)
alecpl authored
36 // Make the whole PHP output non-cacheable (#1487797)
37 send_nocacheing_headers();
38
d51c93b @alecpl - get rid of some hardcoded action names and move decission about out…
alecpl authored
39 // turn on output buffering
40 ob_start();
2f2f15b @thomascube Little improvements for message parsing and encoding
thomascube authored
41
8c72e33 @thomascube Show appropriate error message if config files are missing
thomascube authored
42 // check if config files had errors
43 if ($err_str = $RCMAIL->config->get_error()) {
44 raise_error(array(
45 'code' => 601,
46 'type' => 'php',
47 'message' => $err_str), false, true);
48 }
49
8affba5 @thomascube Improved error handling in DB connection failure
thomascube authored
50 // check DB connections and exit on failure
c321a95 @thomascube Merged devel-framework branch (r5746:5779) back into trunk
thomascube authored
51 if ($err_str = $RCMAIL->db->is_error()) {
f115416 @thomascube Merged branch devel-addressbook from r443 back to trunk
thomascube authored
52 raise_error(array(
53 'code' => 603,
54 'type' => 'db',
55 'message' => $err_str), FALSE, TRUE);
56 }
8affba5 @thomascube Improved error handling in DB connection failure
thomascube authored
57
4e17e6c @thomascube Initial revision
thomascube authored
58 // error steps
197601e @thomascube Next step: introduce the application class 'rcmail' and get rid of so…
thomascube authored
59 if ($RCMAIL->action=='error' && !empty($_GET['_code'])) {
4e17e6c @thomascube Initial revision
thomascube authored
60 raise_error(array('code' => hexdec($_GET['_code'])), FALSE, TRUE);
47124c2 @thomascube Changed codebase to PHP5 with autoloader + added some new classes fro…
thomascube authored
61 }
4e17e6c @thomascube Initial revision
thomascube authored
62
f5d61d8 @thomascube Revert r3038 and allow to specify the port as value of force_https
thomascube authored
63 // check if https is required (for login) and redirect if necessary
64 if (empty($_SESSION['user_id']) && ($force_https = $RCMAIL->config->get('force_https', false))) {
65 $https_port = is_bool($force_https) ? 443 : $force_https;
5818e44 @alecpl - Fix $_SERVER['HTTPS'] check for SSL forcing on IIS (#1486243) + fix…
alecpl authored
66 if (!rcube_https_check($https_port)) {
76c94b6 @alecpl - Fix 'force_https' to specified port when URL contains a port number…
alecpl authored
67 $host = preg_replace('/:[0-9]+$/', '', $_SERVER['HTTP_HOST']);
68 $host .= ($https_port != 443 ? ':' . $https_port : '');
69 header('Location: https://' . $host . $_SERVER['REQUEST_URI']);
f5d61d8 @thomascube Revert r3038 and allow to specify the port as value of force_https
thomascube authored
70 exit;
71 }
72 }
73
cc97ea0 @thomascube Merged branch devel-api (from r2208 to r2387) back into trunk (omitti…
thomascube authored
74 // trigger startup plugin hook
75 $startup = $RCMAIL->plugins->exec_hook('startup', array('task' => $RCMAIL->task, 'action' => $RCMAIL->action));
76 $RCMAIL->set_task($startup['task']);
77 $RCMAIL->action = $startup['action'];
78
4e17e6c @thomascube Initial revision
thomascube authored
79 // try to log in
9b94eb6 @alecpl - Fix setting task name according to auth state. So, any action befor…
alecpl authored
80 if ($RCMAIL->task == 'login' && $RCMAIL->action == 'login') {
784a425 @thomascube protect login form submission from CSRF using a request token
thomascube authored
81 $request_valid = $_SESSION['temp'] && $RCMAIL->check_request(RCUBE_INPUT_POST, 'login');
82
0129d7c @alecpl - Fix authentication when submitting form with existing session (#148…
alecpl authored
83 // purge the session in case of new login when a session already exists
cc97ea0 @thomascube Merged branch devel-api (from r2208 to r2387) back into trunk (omitti…
thomascube authored
84 $RCMAIL->kill_session();
5f560ee @alecpl - Plugin API: Add 'pass' argument in 'authenticate' hook (#1487134)
alecpl authored
85
cc97ea0 @thomascube Merged branch devel-api (from r2208 to r2387) back into trunk (omitti…
thomascube authored
86 $auth = $RCMAIL->plugins->exec_hook('authenticate', array(
87 'host' => $RCMAIL->autoselect_host(),
88 'user' => trim(get_input_value('_user', RCUBE_INPUT_POST)),
5f560ee @alecpl - Plugin API: Add 'pass' argument in 'authenticate' hook (#1487134)
alecpl authored
89 'pass' => get_input_value('_pass', RCUBE_INPUT_POST, true,
90 $RCMAIL->config->get('password_charset', 'ISO-8859-1')),
4463648 @thomascube Allow a plugin to disable the cookie check
thomascube authored
91 'cookiecheck' => true,
784a425 @thomascube protect login form submission from CSRF using a request token
thomascube authored
92 'valid' => $request_valid,
64608bf @alecpl - Password: Make passwords encoding consistent with core, add 'passwo…
alecpl authored
93 ));
cc97ea0 @thomascube Merged branch devel-api (from r2208 to r2387) back into trunk (omitti…
thomascube authored
94
4e17e6c @thomascube Initial revision
thomascube authored
95 // check if client supports cookies
4463648 @thomascube Allow a plugin to disable the cookie check
thomascube authored
96 if ($auth['cookiecheck'] && empty($_COOKIE)) {
f115416 @thomascube Merged branch devel-addressbook from r443 back to trunk
thomascube authored
97 $OUTPUT->show_message("cookiesdisabled", 'warning');
98 }
784a425 @thomascube protect login form submission from CSRF using a request token
thomascube authored
99 else if ($auth['valid'] && !$auth['abort'] &&
fdff340 @alecpl - Move some checks into login() method
alecpl authored
100 $RCMAIL->login($auth['user'], $auth['pass'], $auth['host'])
4cfe66f @alecpl - small code cleanup
alecpl authored
101 ) {
102 // create new session ID, don't destroy the current session
c294eaa @alecpl - Performance improvement: Remove redundant DELETE query (for old ses…
alecpl authored
103 // it was destroyed already by $RCMAIL->kill_session() above
4cfe66f @alecpl - small code cleanup
alecpl authored
104 $RCMAIL->session->remove('temp');
c294eaa @alecpl - Performance improvement: Remove redundant DELETE query (for old ses…
alecpl authored
105 $RCMAIL->session->regenerate_id(false);
aad6e2a @thomascube New session authentication, should fix bugs #1483951 and #1484299; te…
thomascube authored
106
107 // send auth cookie if necessary
cf2da2f @thomascube Improve session validity check with changing auth cookies; reduce wri…
thomascube authored
108 $RCMAIL->session->set_auth_cookie();
aad6e2a @thomascube New session authentication, should fix bugs #1483951 and #1484299; te…
thomascube authored
109
5e0045b Add option to log successful logins.
svncommit authored
110 // log successful login
3544558 @alecpl - Add HTTP_X_REAL_IP and HTTP_X_FORWARDED_FOR to successful logins lo…
alecpl authored
111 rcmail_log_login();
10eedbe @alecpl - add file/line definitions to raise_error() calls
alecpl authored
112
cc97ea0 @thomascube Merged branch devel-api (from r2208 to r2387) back into trunk (omitti…
thomascube authored
113 // restore original request parameters
88007cf @thomascube Fix login redirect issues (#1487686)
thomascube authored
114 $query = array();
32234d7 @thomascube Better fix for login redirect, don't force mail task
thomascube authored
115 if ($url = get_input_value('_url', RCUBE_INPUT_POST)) {
cc97ea0 @thomascube Merged branch devel-api (from r2208 to r2387) back into trunk (omitti…
thomascube authored
116 parse_str($url, $query);
c294eaa @alecpl - Performance improvement: Remove redundant DELETE query (for old ses…
alecpl authored
117
32234d7 @thomascube Better fix for login redirect, don't force mail task
thomascube authored
118 // prevent endless looping on login page
119 if ($query['_task'] == 'login')
120 unset($query['_task']);
121 }
cc97ea0 @thomascube Merged branch devel-api (from r2208 to r2387) back into trunk (omitti…
thomascube authored
122
123 // allow plugins to control the redirect url after login success
32234d7 @thomascube Better fix for login redirect, don't force mail task
thomascube authored
124 $redir = $RCMAIL->plugins->exec_hook('login_after', $query + array('_task' => 'mail'));
fcc7f86 @thomascube Log session validation errors; keep error message when redirecting to…
thomascube authored
125 unset($redir['abort'], $redir['_err']);
5e0045b Add option to log successful logins.
svncommit authored
126
4e17e6c @thomascube Initial revision
thomascube authored
127 // send redirect
cc97ea0 @thomascube Merged branch devel-api (from r2208 to r2387) back into trunk (omitti…
thomascube authored
128 $OUTPUT->redirect($redir);
f115416 @thomascube Merged branch devel-addressbook from r443 back to trunk
thomascube authored
129 }
47124c2 @thomascube Changed codebase to PHP5 with autoloader + added some new classes fro…
thomascube authored
130 else {
c321a95 @thomascube Merged devel-framework branch (r5746:5779) back into trunk
thomascube authored
131 $error_code = is_object($RCMAIL->storage) ? $RCMAIL->storage->get_error_code() : 1;
6d99f99 @alecpl - Handle situation when $IMAP object isn't initialized on log in
alecpl authored
132
c321a95 @thomascube Merged devel-framework branch (r5746:5779) back into trunk
thomascube authored
133 $OUTPUT->show_message($error_code < -1 ? 'storageerror' : (!$auth['valid'] ? 'invalidrequest' : 'loginfailed'), 'warning');
8fcc3e1 @alecpl - Improved IMAP errors handling
alecpl authored
134 $RCMAIL->plugins->exec_hook('login_failed', array(
6d99f99 @alecpl - Handle situation when $IMAP object isn't initialized on log in
alecpl authored
135 'code' => $error_code, 'host' => $auth['host'], 'user' => $auth['user']));
1854c45 @thomascube More code cleanup + oop-ization
thomascube authored
136 $RCMAIL->kill_session();
4e17e6c @thomascube Initial revision
thomascube authored
137 }
f115416 @thomascube Merged branch devel-addressbook from r443 back to trunk
thomascube authored
138 }
4e17e6c @thomascube Initial revision
thomascube authored
139
de62f02 @thomascube Also check referer on logout action
thomascube authored
140 // end session (after optional referer check)
141 else if ($RCMAIL->task == 'logout' && isset($_SESSION['user_id']) && (!$RCMAIL->config->get('referer_check') || rcube_check_referer())) {
c321a95 @thomascube Merged devel-framework branch (r5746:5779) back into trunk
thomascube authored
142 $userdata = array(
143 'user' => $_SESSION['username'],
144 'host' => $_SESSION['storage_host'],
145 'lang' => $RCMAIL->user->language,
146 );
f115416 @thomascube Merged branch devel-addressbook from r443 back to trunk
thomascube authored
147 $OUTPUT->show_message('loggedout');
1854c45 @thomascube More code cleanup + oop-ization
thomascube authored
148 $RCMAIL->logout_actions();
149 $RCMAIL->kill_session();
7ef47e5 @thomascube Add some arguments to the logout_after hook
thomascube authored
150 $RCMAIL->plugins->exec_hook('logout_after', $userdata);
f115416 @thomascube Merged branch devel-addressbook from r443 back to trunk
thomascube authored
151 }
4e17e6c @thomascube Initial revision
thomascube authored
152
bac7d17 @thomascube Fixed bugs #1364122, #1468895, ticket #1483811 and other minor bugs
thomascube authored
153 // check session and auth cookie
9b94eb6 @alecpl - Fix setting task name according to auth state. So, any action befor…
alecpl authored
154 else if ($RCMAIL->task != 'login' && $_SESSION['user_id'] && $RCMAIL->action != 'send') {
cf2da2f @thomascube Improve session validity check with changing auth cookies; reduce wri…
thomascube authored
155 if (!$RCMAIL->session->check_auth()) {
1854c45 @thomascube More code cleanup + oop-ization
thomascube authored
156 $RCMAIL->kill_session();
fcc7f86 @thomascube Log session validation errors; keep error message when redirecting to…
thomascube authored
157 $session_error = true;
4e17e6c @thomascube Initial revision
thomascube authored
158 }
f115416 @thomascube Merged branch devel-addressbook from r443 back to trunk
thomascube authored
159 }
4e17e6c @thomascube Initial revision
thomascube authored
160
161 // not logged in -> show login page
197601e @thomascube Next step: introduce the application class 'rcmail' and get rid of so…
thomascube authored
162 if (empty($RCMAIL->user->ID)) {
fcc7f86 @thomascube Log session validation errors; keep error message when redirecting to…
thomascube authored
163 // log session failures
6354da5 @thomascube Fix r5117: don't show error on default login page
thomascube authored
164 if (($task = get_input_value('_task', RCUBE_INPUT_GPC)) && !in_array($task, array('login','logout')) && !$session_error && ($sess_id = $_COOKIE[ini_get('session.name')])) {
fcc7f86 @thomascube Log session validation errors; keep error message when redirecting to…
thomascube authored
165 $RCMAIL->session->log("Aborted session " . $sess_id . "; no valid session data found");
166 $session_error = true;
167 }
168
ec045b0 @thomascube Revert r4609 and use stateless request tokens; no need to save them i…
thomascube authored
169 if ($OUTPUT->ajax_call)
fcc7f86 @thomascube Log session validation errors; keep error message when redirecting to…
thomascube authored
170 $OUTPUT->redirect(array('_err' => 'session'), 2000);
9b94eb6 @alecpl - Fix setting task name according to auth state. So, any action befor…
alecpl authored
171
ccc80d1 @alecpl - Fix login page loading into an iframe when session expires (#1485952)
alecpl authored
172 if (!empty($_REQUEST['_framed']))
fcc7f86 @thomascube Log session validation errors; keep error message when redirecting to…
thomascube authored
173 $OUTPUT->command('redirect', $RCMAIL->url(array('_err' => 'session')));
ccc80d1 @alecpl - Fix login page loading into an iframe when session expires (#1485952)
alecpl authored
174
330127a @thomascube Disable PHP notices + check for installer script on login page
thomascube authored
175 // check if installer is still active
83a7636 @thomascube More code cleanup
thomascube authored
176 if ($RCMAIL->config->get('enable_installer') && is_readable('./installer/index.php')) {
47124c2 @thomascube Changed codebase to PHP5 with autoloader + added some new classes fro…
thomascube authored
177 $OUTPUT->add_footer(html::div(array('style' => "background:#ef9398; border:2px solid #dc5757; padding:0.5em; margin:2em auto; width:50em"),
178 html::tag('h2', array('style' => "margin-top:0.2em"), "Installer script is still accessible") .
e019f2d @alecpl - s/RoundCube/Roundcube/
alecpl authored
179 html::p(null, "The install script of your Roundcube installation is still stored in its default location!") .
180 html::p(null, "Please <b>remove</b> the whole <tt>installer</tt> folder from the Roundcube directory because .
47124c2 @thomascube Changed codebase to PHP5 with autoloader + added some new classes fro…
thomascube authored
181 these files may expose sensitive configuration data like server passwords and encryption keys
182 to the public. Make sure you cannot access the <a href=\"./installer/\">installer script</a> from your browser.")
183 )
184 );
185 }
9e54e6f @alecpl - Make the whole PHP output non-cacheable (#1487797)
alecpl authored
186
fcc7f86 @thomascube Log session validation errors; keep error message when redirecting to…
thomascube authored
187 if ($session_error || $_REQUEST['_err'] == 'session')
188 $OUTPUT->show_message('sessionerror', 'error', null, true, -1);
249db18 @alecpl - Fix "Server Error! (Not Found)" when using utils/save-pref action (…
alecpl authored
189
784a425 @thomascube protect login form submission from CSRF using a request token
thomascube authored
190 $RCMAIL->set_task('login');
f115416 @thomascube Merged branch devel-addressbook from r443 back to trunk
thomascube authored
191 $OUTPUT->send('login');
192 }
249db18 @alecpl - Fix "Server Error! (Not Found)" when using utils/save-pref action (…
alecpl authored
193 // CSRF prevention
194 else {
195 // don't check for valid request tokens in these actions
196 $request_check_whitelist = array('login'=>1, 'spell'=>1);
197
198 // check client X-header to verify request origin
199 if ($OUTPUT->ajax_call) {
ec045b0 @thomascube Revert r4609 and use stateless request tokens; no need to save them i…
thomascube authored
200 if (rc_request_header('X-Roundcube-Request') != $RCMAIL->get_request_token() && !$RCMAIL->config->get('devel_mode')) {
abdf314 @thomascube Allow cross-task ajax requests
thomascube authored
201 header('HTTP/1.1 403 Forbidden');
249db18 @alecpl - Fix "Server Error! (Not Found)" when using utils/save-pref action (…
alecpl authored
202 die("Invalid Request");
203 }
204 }
205 // check request token in POST form submissions
206 else if (!empty($_POST) && !$request_check_whitelist[$RCMAIL->action] && !$RCMAIL->check_request()) {
207 $OUTPUT->show_message('invalidrequest', 'error');
208 $OUTPUT->send($RCMAIL->task);
209 }
a77cf22 @thomascube Add optional referer check to prevent CSRF in GET requests
thomascube authored
210
211 // check referer if configured
212 if (!$request_check_whitelist[$RCMAIL->action] && $RCMAIL->config->get('referer_check') && !rcube_check_referer()) {
213 raise_error(array(
214 'code' => 403,
215 'type' => 'php',
216 'message' => "Referer check failed"), true, true);
217 }
249db18 @alecpl - Fix "Server Error! (Not Found)" when using utils/save-pref action (…
alecpl authored
218 }
4e17e6c @thomascube Initial revision
thomascube authored
219
3703021 @alecpl - Plugin API: added 'ready' hook (#1488073)
alecpl authored
220 // we're ready, user is authenticated and the request is safe
221 $plugin = $RCMAIL->plugins->exec_hook('ready', array('task' => $RCMAIL->task, 'action' => $RCMAIL->action));
222 $RCMAIL->set_task($plugin['task']);
223 $RCMAIL->action = $plugin['action'];
224
225
249db18 @alecpl - Fix "Server Error! (Not Found)" when using utils/save-pref action (…
alecpl authored
226 // handle special actions
48aff91 @thomascube Moved code block to a more appropriate position + codestyle
thomascube authored
227 if ($RCMAIL->action == 'keep-alive') {
228 $OUTPUT->reset();
28ac5ca @thomascube Let plugins hook into keep-alive requests
thomascube authored
229 $RCMAIL->plugins->exec_hook('keep_alive', array());
48aff91 @thomascube Moved code block to a more appropriate position + codestyle
thomascube authored
230 $OUTPUT->send();
231 }
249db18 @alecpl - Fix "Server Error! (Not Found)" when using utils/save-pref action (…
alecpl authored
232 else if ($RCMAIL->action == 'save-pref') {
4351f7c @alecpl - Improve performance by including files with absolute path (#1487849)
alecpl authored
233 include INSTALL_PATH . 'program/steps/utils/save_pref.inc';
249db18 @alecpl - Fix "Server Error! (Not Found)" when using utils/save-pref action (…
alecpl authored
234 }
1cded85 @thomascube Re-design of caching (new database table added\!); some bugfixes; Pos…
thomascube authored
235
4e17e6c @thomascube Initial revision
thomascube authored
236
6ea6c9b @thomascube Simplify step inclusion in controller (index.php)
thomascube authored
237 // include task specific functions
4351f7c @alecpl - Improve performance by including files with absolute path (#1487849)
alecpl authored
238 if (is_file($incfile = INSTALL_PATH . 'program/steps/'.$RCMAIL->task.'/func.inc'))
239 include_once $incfile;
6ea6c9b @thomascube Simplify step inclusion in controller (index.php)
thomascube authored
240
241 // allow 5 "redirects" to another action
242 $redirects = 0; $incstep = null;
243 while ($redirects < 5) {
cc97ea0 @thomascube Merged branch devel-api (from r2208 to r2387) back into trunk (omitti…
thomascube authored
244 // execute a plugin action
05a631a @thomascube Allow plugins to register their own tasks
thomascube authored
245 if ($RCMAIL->plugins->is_plugin_task($RCMAIL->task)) {
87e58c7 @thomascube Default action for plugin tasks is 'index'
thomascube authored
246 if (!$RCMAIL->action) $RCMAIL->action = 'index';
05a631a @thomascube Allow plugins to register their own tasks
thomascube authored
247 $RCMAIL->plugins->exec_action($RCMAIL->task.'.'.$RCMAIL->action);
248 break;
249 }
250 else if (preg_match('/^plugin\./', $RCMAIL->action)) {
cc97ea0 @thomascube Merged branch devel-api (from r2208 to r2387) back into trunk (omitti…
thomascube authored
251 $RCMAIL->plugins->exec_action($RCMAIL->action);
252 break;
253 }
6ea6c9b @thomascube Simplify step inclusion in controller (index.php)
thomascube authored
254 // try to include the step file
68d2d54 @alecpl - Move action files map from index.php to steps' func.inc files
alecpl authored
255 else if (($stepfile = $RCMAIL->get_action_file())
4351f7c @alecpl - Improve performance by including files with absolute path (#1487849)
alecpl authored
256 && is_file($incfile = INSTALL_PATH . 'program/steps/'.$RCMAIL->task.'/'.$stepfile)
68d2d54 @alecpl - Move action files map from index.php to steps' func.inc files
alecpl authored
257 ) {
4351f7c @alecpl - Improve performance by including files with absolute path (#1487849)
alecpl authored
258 include $incfile;
6ea6c9b @thomascube Simplify step inclusion in controller (index.php)
thomascube authored
259 $redirects++;
260 }
261 else {
262 break;
263 }
f115416 @thomascube Merged branch devel-addressbook from r443 back to trunk
thomascube authored
264 }
4e17e6c @thomascube Initial revision
thomascube authored
265
266
6ea6c9b @thomascube Simplify step inclusion in controller (index.php)
thomascube authored
267 // parse main template (default)
197601e @thomascube Next step: introduce the application class 'rcmail' and get rid of so…
thomascube authored
268 $OUTPUT->send($RCMAIL->task);
539cd47 @thomascube Fix for URL injection vulnerability (Bug #1307966)
thomascube authored
269
4e17e6c @thomascube Initial revision
thomascube authored
270
539cd47 @thomascube Fix for URL injection vulnerability (Bug #1307966)
thomascube authored
271 // if we arrive here, something went wrong
f115416 @thomascube Merged branch devel-addressbook from r443 back to trunk
thomascube authored
272 raise_error(array(
273 'code' => 404,
274 'type' => 'php',
275 'line' => __LINE__,
276 'file' => __FILE__,
47124c2 @thomascube Changed codebase to PHP5 with autoloader + added some new classes fro…
thomascube authored
277 'message' => "Invalid request"), true, true);
b25dfd0 @alecpl - removed PHP closing tag
alecpl authored
278
Something went wrong with that request. Please try again.