From: Michael M Slusarz Date: Wed, 15 Jul 2009 17:04:00 +0000 (-0600) Subject: Convert to new Horde_Auth:: usage. X-Git-Url: https://git.internetallee.de/?a=commitdiff_plain;h=f59735ccc9143548aa54d36eead8db35360fb3de;p=horde.git Convert to new Horde_Auth:: usage. --- diff --git a/babel/lib/base.php b/babel/lib/base.php index c68e9b25a..2d2e176d6 100644 --- a/babel/lib/base.php +++ b/babel/lib/base.php @@ -23,7 +23,7 @@ if (!defined('BABEL_BASE')) { require_once HORDE_BASE . '/lib/core.php'; /* Notification system. */ -$notification = &Horde_Notification::singleton(); +$notification = Horde_Notification::singleton(); $notification->attach('status'); /* Registry. */ @@ -32,10 +32,7 @@ $registry = Horde_Registry::singleton(); try { $registry->pushApp('babel', !defined('AUTH_HANDLER')); } catch (Horde_Exception $e) { - if ($e->getCode() == 'permission_denied') { - Horde::authenticationFailureRedirect(); - } - throw $e; + Horde_Auth::authenticationFailureRedirect('babel', $e); } $conf = &$GLOBALS['conf']; diff --git a/chora/lib/base.php b/chora/lib/base.php index 23521c316..fbf01f89c 100644 --- a/chora/lib/base.php +++ b/chora/lib/base.php @@ -34,10 +34,7 @@ $registry = Horde_Registry::singleton(); try { $registry->pushApp('chora', !defined('AUTH_HANDLER')); } catch (Horde_Exception $e) { - if ($e->getCode() == 'permission_denied') { - Horde::authenticationFailureRedirect(); - } - throw $e; + Horde_Auth::authenticationFailureRedirect('chora', $e); } $conf = &$GLOBALS['conf']; define('CHORA_TEMPLATES', $registry->get('templates')); @@ -46,11 +43,8 @@ define('CHORA_TEMPLATES', $registry->get('templates')); $notification = &Horde_Notification::singleton(); $notification->attach('status'); -// Chora base library. -require_once CHORA_BASE . '/lib/Chora.php'; - // Initialize objects, path, etc. Chora::initialize(); -// Start compression, if requested. +// Start compression. Horde::compressOutput(); diff --git a/crumb/lib/base.php b/crumb/lib/base.php index 4481d3c06..61ec4b03d 100644 --- a/crumb/lib/base.php +++ b/crumb/lib/base.php @@ -27,26 +27,19 @@ $registry = Horde_Registry::singleton(); try { $registry->pushApp('crumb', !defined('AUTH_HANDLER')); } catch (Horde_Exception $e) { - if ($e->getCode() == 'permission_denied') { - Horde::authenticationFailureRedirect(); - } - throw $e; + Horde_Auth::authenticationFailureRedirect('crumb', $e); } $conf = &$GLOBALS['conf']; @define('CRUMB_TEMPLATES', $registry->get('templates')); // Notification system. -$notification = &Horde_Notification::singleton(); +$notification = Horde_Notification::singleton(); $notification->attach('status'); // Define the base file path of Crumb. @define('CRUMB_BASE', dirname(__FILE__) . '/..'); -// Crumb base library -require_once CRUMB_BASE . '/lib/Crumb.php'; - // Crumb driver -require_once CRUMB_BASE . '/lib/Driver.php'; $crumb_driver = Crumb_Driver::factory(); // Start output compression. diff --git a/drag_n_drop_portal/index.php b/drag_n_drop_portal/index.php index db2068dcd..51782d710 100644 --- a/drag_n_drop_portal/index.php +++ b/drag_n_drop_portal/index.php @@ -10,15 +10,10 @@ * @author Duck * @package Folks */ -define('HORDE_BASE', dirname(__FILE__) . '/..'); -require_once HORDE_BASE . '/lib/base.php'; +require_once dirname(__FILE__) . '/../lib/base.php'; require_once 'Horde/Loader.php'; require_once './lib/Block/Layout/View/js.php'; -if (!Horde_Auth::isAuthenticated()) { - Horde::authenticationFailureRedirect(); -} - // Load layout from preferences. $layout_pref = unserialize($prefs->getValue('portal_layout')); if (!is_array($layout_pref)) { diff --git a/drag_n_drop_portal/save.php b/drag_n_drop_portal/save.php index 8ae30ed8f..08baf62c8 100644 --- a/drag_n_drop_portal/save.php +++ b/drag_n_drop_portal/save.php @@ -10,13 +10,7 @@ * @author Duck * @package Folks */ -define('HORDE_BASE', dirname(__FILE__) . '/..'); -require_once HORDE_BASE . '/lib/base.php'; -require_once 'Horde/Loader.php'; - -if (!Horde_Auth::isAuthenticated()) { - Horde::authenticationFailureRedirect(); -} +require_once dirname(__FILE__) . '/../lib/base.php'; $layout = array(); $params = Horde_Util::getPost('params'); diff --git a/fima/lib/base.php b/fima/lib/base.php index e793a15ec..f288bd3b0 100644 --- a/fima/lib/base.php +++ b/fima/lib/base.php @@ -30,10 +30,7 @@ if ($session_control == 'none') { try { $registry->pushApp('fima', !defined('AUTH_HANDLER')); } catch (Horde_Exception $e) { - if ($e->getCode() == 'permission_denied') { - Horde::authenticationFailureRedirect(); - } - throw $e; + Horde_Auth::authenticationFailureRedirect('fima', $e); } $conf = &$GLOBALS['conf']; @define('FIMA_TEMPLATES', $registry->get('templates')); @@ -44,11 +41,10 @@ if (!defined('FIMA_BASE')) { } // Notification system. -$notification = &Horde_Notification::singleton(); +$notification = Horde_Notification::singleton(); $notification->attach('status'); // Fima base library -require_once FIMA_BASE . '/lib/Fima.php'; require_once FIMA_BASE . '/lib/Driver.php'; // Horde libraries. @@ -61,7 +57,6 @@ Horde::compressOutput(); Horde_Nls::setTimeZone(); // Create a share instance. -require_once 'Horde/Share.php'; -$GLOBALS['fima_shares'] = &Horde_Share::singleton($registry->getApp()); +$GLOBALS['fima_shares'] = Horde_Share::singleton($registry->getApp()); Fima::initialize(); diff --git a/folks/edit/friends/approve.php b/folks/edit/friends/approve.php index b8912b5ac..6d846e781 100644 --- a/folks/edit/friends/approve.php +++ b/folks/edit/friends/approve.php @@ -15,7 +15,7 @@ require_once dirname(__FILE__) . '/../../lib/base.php'; require_once FOLKS_BASE . '/lib/Friends.php'; if (!Horde_Auth::isAuthenticated()) { - Horde::authenticationFailureRedirect(); + Horde_Auth::authenticationFailureRedirect('folks'); } $user = Horde_Util::getGet('user'); diff --git a/folks/edit/friends/reject.php b/folks/edit/friends/reject.php index d76796f1b..70c81126c 100644 --- a/folks/edit/friends/reject.php +++ b/folks/edit/friends/reject.php @@ -15,7 +15,7 @@ require_once dirname(__FILE__) . '/../../lib/base.php'; require_once FOLKS_BASE . '/lib/Friends.php'; if (!Horde_Auth::isAuthenticated()) { - Horde::authenticationFailureRedirect(); + Horde_Auth::authenticationFailureRedirect('folks'); } $user = Horde_Util::getGet('user'); diff --git a/folks/edit/tabs.php b/folks/edit/tabs.php index 1409f004a..9b0a10c53 100644 --- a/folks/edit/tabs.php +++ b/folks/edit/tabs.php @@ -12,7 +12,7 @@ */ if (!Horde_Auth::isAuthenticated()) { - Horde::authenticationFailureRedirect(); + Horde_Auth::authenticationFailureRedirect('folks'); } $vars = Horde_Variables::getDefaultVariables(); diff --git a/folks/friends.php b/folks/friends.php index 76912d032..862c3c46f 100644 --- a/folks/friends.php +++ b/folks/friends.php @@ -15,7 +15,7 @@ require_once dirname(__FILE__) . '/lib/base.php'; require_once FOLKS_BASE . '/lib/Forms/Activity.php'; if (!Horde_Auth::isAuthenticated()) { - Horde::authenticationFailureRedirect(); + Horde_Auth::authenticationFailureRedirect('folks'); } $title = _("Friends"); diff --git a/folks/lib/base.php b/folks/lib/base.php index e1ca9cd9a..b4897ed8a 100644 --- a/folks/lib/base.php +++ b/folks/lib/base.php @@ -22,16 +22,13 @@ $registry = Horde_Registry::singleton(); try { $registry->pushApp('folks', !defined('AUTH_HANDLER')); } catch (Horde_Exception $e) { - if ($e->getCode() == 'permission_denied') { - Horde::authenticationFailureRedirect(); - } - throw $e; + Horde_Auth::authenticationFailureRedirect('folks', $e); } $conf = &$GLOBALS['conf']; define('FOLKS_TEMPLATES', $registry->get('templates')); // Notification system. -$notification = &Horde_Notification::singleton(); +$notification = Horde_Notification::singleton(); $notification->attach('status'); // Define the base file path of Folks. @@ -39,9 +36,6 @@ if (!defined('FOLKS_BASE')) { define('FOLKS_BASE', dirname(__FILE__) . '/..'); } -// Folks base library -require_once FOLKS_BASE . '/lib/Folks.php'; -require_once FOLKS_BASE . '/lib/Driver.php'; $GLOBALS['folks_driver'] = Folks_Driver::factory(); // Cache diff --git a/folks/report.php b/folks/report.php index 8a2f136ea..1c87ea161 100644 --- a/folks/report.php +++ b/folks/report.php @@ -15,10 +15,6 @@ require_once dirname(__FILE__) . '/lib/base.php'; -if (!Horde_Auth::isAuthenticated()) { - Horde::authenticationFailureRedirect(); -} - $user = Horde_Util::getFormData('user'); if (empty($user)) { $notification->push(_("User is not selected"), 'horde.warning'); diff --git a/framework/Service_Twitter/doc/twitter.php.example b/framework/Service_Twitter/doc/twitter.php.example index 4fa2d7f4c..518d88cb2 100644 --- a/framework/Service_Twitter/doc/twitter.php.example +++ b/framework/Service_Twitter/doc/twitter.php.example @@ -11,10 +11,6 @@ require_once dirname(__FILE__) . '/../lib/base.php'; -if (!Horde_Auth::getAuth()) { - Horde::authenticationFailureRedirect(); -} - /* Keys - these are obtained when registering for the service */ $consumer_key = '********'; $consumer_secret = '*********'; diff --git a/imp/ajax.php b/imp/ajax.php index 2c575880f..c4e8e9434 100644 --- a/imp/ajax.php +++ b/imp/ajax.php @@ -154,10 +154,10 @@ if (empty($action)) { // The following actions do not need write access to the session and // should be opened read-only for performance reasons. if (in_array($action, array('chunkContent', 'Html2Text', 'Text2Html', 'GetReplyData', 'FetchmailDialog'))) { - $session_control = 'readonly'; + $imp_session_control = 'readonly'; } -$dimp_logout = ($action == 'LogOut'); +$imp_dimp_logout = ($action == 'LogOut'); $session_timeout = 'json'; require_once IMP_BASE . '/lib/base.php'; diff --git a/imp/attachment.php b/imp/attachment.php index 9e6c96c12..f3e353fd3 100644 --- a/imp/attachment.php +++ b/imp/attachment.php @@ -16,9 +16,8 @@ // We do not need to be authenticated to get the file. Most users won't send // linked attachments just to other IMP users. -@define('AUTH_HANDLER', true); -$authentication = 'none'; -$session_control = 'none'; +$imp_authentication = 'none'; +$imp_session_control = 'none'; require_once dirname(__FILE__) . '/lib/base.php'; $self_url = Horde::selfUrl(false, true, true); @@ -38,7 +37,7 @@ if (is_null($mail_user) || is_null($time_stamp) || is_null($file_name)) { // Initialize the VFS. $vfsroot = VFS::singleton($conf['vfs']['type'], Horde::getDriverConfig('vfs', $conf['vfs']['type'])); -if (is_a($vfsroot, 'PEAR_Error')) { +if ($vfsroot instanceof PEAR_Error) { throw new Horde_Exception(sprintf(_("Could not create the VFS backend: %s"), $vfsroot->getMessage())); } diff --git a/imp/compose-mimp.php b/imp/compose-mimp.php index 4e6858d75..64f7b66da 100644 --- a/imp/compose-mimp.php +++ b/imp/compose-mimp.php @@ -238,6 +238,7 @@ case _("Send"): $cacheID = $imp_compose->getCacheId(); $title = _("Message Composition"); +$mimp_render = new Horde_Mobile(); $mimp_render->set('title', $title); $select_list = $identity->getSelectList(); diff --git a/imp/compose.php b/imp/compose.php index 9520694a7..6bb8fbd17 100644 --- a/imp/compose.php +++ b/imp/compose.php @@ -56,8 +56,8 @@ function _getIMPContents($index, $mailbox) } -$compose_page = true; -$session_control = 'netscape'; +$imp_compose_page = true; +$imp_session_control = 'netscape'; require_once dirname(__FILE__) . '/lib/base.php'; /* The message headers and text. */ diff --git a/imp/config/conf.xml b/imp/config/conf.xml index 6255a89d8..43483646e 100644 --- a/imp/config/conf.xml +++ b/imp/config/conf.xml @@ -282,11 +282,6 @@ virtual users hook? If so, make sure you define _imp_hook_vinfo() in hooks.php. The hook will be used to set $_SESSION['imp']['user'] at login time. There are examples in hooks.php.dist.">false - false - * To use, uncomment and modify these variables: - * - * $SERVER_SSL_PORT - Port on which your SSL server listens (Usually 443) - * $SERVER_HTTP_PORT - Port on which your HTTP server listens (Usually 80) - * $SERVER_SSL_URL - Full URL to your HTTPS server and Horde directory - * $SERVER_HTTP_URL - Full URL to your HTTP server and Horde directory - */ - -// $SERVER_SSL_PORT = 443; -// $SERVER_HTTP_PORT = 80; -// $SERVER_SSL_URL = 'https://www.example.com'; -// $SERVER_HTTP_URL = 'http://www.example.com'; -// -// $port = $_SERVER['SERVER_PORT']; -// -// echo '
'; -// -// switch ($port) { -// case $SERVER_SSL_PORT: -// echo _("You are currently using Secure HTTPS
"); -// break; -// -// case $SERVER_HTTP_PORT: -// echo _("You are currently using Standard HTTP
"); -// break; -// } -// -// echo '' . _("Click here for Standard HTTP") . ' - ' . _("Click here for Secure HTTPS") . '
'; - -?> -
-
getImageDir('horde')) ?>
diff --git a/imp/contacts.php b/imp/contacts.php index f3de4575c..7f1aeb57f 100644 --- a/imp/contacts.php +++ b/imp/contacts.php @@ -10,7 +10,7 @@ * @package IMP */ -$authentication = 'horde'; +$imp_authentication = 'horde'; require_once dirname(__FILE__) . '/lib/base.php'; /* Get the lists of address books through the API. */ diff --git a/imp/docs/CHANGES b/imp/docs/CHANGES index ca648d2b2..6c44fc9ab 100644 --- a/imp/docs/CHANGES +++ b/imp/docs/CHANGES @@ -2,6 +2,7 @@ v5.0-git -------- +[mms] Logins now handled by Horde login handler. [mms] When generating and sending compressed ZIP data, use server-side temp streams to minimize memory usage. [mms] Decode bodypart data on server if possible (RFC 3516). diff --git a/imp/folders.php b/imp/folders.php index 067a9c66f..7abb02009 100644 --- a/imp/folders.php +++ b/imp/folders.php @@ -72,9 +72,6 @@ $folder_list = Horde_Util::getFormData('folder_list', array()); $refresh_url = Horde::applicationUrl('folders.php', true); $refresh_time = $prefs->getValue('refresh_time'); -/* Other variables. */ -$open_compose_window = null; - /* Run through the action handlers. */ $actionID = Horde_Util::getFormData('actionID'); if ($actionID) { @@ -247,10 +244,6 @@ case 'mark_folder_unseen': } break; -case 'login_compose': - $open_compose_window = IMP::openComposeWin(); - break; - case 'delete_folder_confirm': case 'folders_empty_mailbox_confirm': if (!empty($folder_list)) { @@ -526,13 +519,5 @@ if (count($rows) > 10) { /* No need for extra template - close out the tags here. */ echo ''; -if ($open_compose_window === false) { - if (!isset($options)) { - $options = array(); - } - Horde::addScriptFile('imp.js', 'imp', true); - Horde::addInlineScript(IMP::popupIMPString('compose.php', array_merge(array('popup' => 1), $options, IMP::getComposeArgs()))); -} - $notification->notify(array('listeners' => 'audio')); require $registry->get('templates', 'horde') . '/common-footer.inc'; diff --git a/imp/index.php b/imp/index.php index c6ee32662..1b9e37b22 100644 --- a/imp/index.php +++ b/imp/index.php @@ -22,4 +22,8 @@ if (!$imp_configured) { array('servers.php' => 'This file controls the default settings for IMP, and also defines the list of available servers if you are using the server list.')); } -require IMP_BASE . '/redirect.php'; +// Will redirect to login page if not authenticated. +require_once IMP_BASE . '/lib/base.php'; + +// Load initial page as defined by view mode & preferences. +require IMP_Auth::getInitialPage(); diff --git a/imp/js/src/login.js b/imp/js/src/login.js index b86abc9d1..10f6daaf1 100644 --- a/imp/js/src/login.js +++ b/imp/js/src/login.js @@ -7,128 +7,28 @@ var ImpLogin = { // The following variables are defined in login.php: - // autologin_url, dimp_sel, imp_auth, lang_url, show_list + // dimp_sel, server_key_error - _reload: function() + submit: function(parentfunc) { - window.top.document.location = this.autologin_url + $F('server_key'); - }, - - submit: function() - { - if (this.show_list && $F('server_key').startsWith('_')) { + if ($('imp_server_key') && $F('imp_server_key').startsWith('_')) { + alert(this.server_key_error); + $('imp_server_key').focus(); return; } - if (!$F('imapuser')) { - alert(IMP.text.login_username); - $('imapuser').focus(); - } else if (!$F('pass')) { - alert(IMP.text.login_password); - $('pass').focus(); - } else { - $('loginButton').disable(); - if (this.ie_clientcaps) { - try { - $('ie_version').setValue(objCCaps.getComponentVersion("{89820200-ECBD-11CF-8B85-00AA005B4383}","componentid")); - } catch (e) { } - } - $('imp_login').submit(); - } - }, - - _selectLang: function() - { - // We need to reload the login page here, but only if the user hasn't - // already entered a username and password. - if (!$F('imapuser') && !$F('pass')) { - var params = { new_lang: $F('new_lang') }; - if (this.lang_url) { - params.url = this.lang_url; - } - self.location = 'login.php?' + Object.toQueryString(params); - } - }, - - /* Removes any leading hash that might be on a location string. */ - _removeHash: function(h) - { - return (Object.isString(h) && h.startsWith("#")) ? h.substring(1) : h; + parentfunc(); }, onDomLoad: function() { - if (this.imp_auth) { - if (parent.frames.horde_main) { - if (this.nomenu) { - parent.location = self.location; - } else { - document.imp_login.target = '_parent'; - } - } - } - /* Activate dynamic view. */ - var o = $('select_view').down('option[value=dimp]').show(); + var o = $('imp_select_view').down('option[value=dimp]').show(); if (this.dimp_sel) { o.writeAttribute('selected', 'selected'); } - - document.observe('change', this._changeHandler.bindAsEventListener(this)); - document.observe('click', this._clickHandler.bindAsEventListener(this)); - - // Need to capture hash information if it exists in URL - if (location.hash) { - $('anchor_string').setValue(this._removeHash(location.hash)); - } - - if (!$F('imapuser')) { - $('imapuser').focus(); - } else { - $('pass').focus(); - } - - if (this.reloadmenu && window.parent.frames.horde_menu) { - window.parent.frames.horde_menu.location.reload(); - } - }, - - _changeHandler: function(e) - { - switch (e.element().readAttribute('id')) { - case 'new_lang': - this._selectLang(); - break; - - case 'server_key': - this._reload(); - break; - } - }, - - _clickHandler: function(e) - { - if (e.isRightClick()) { - return; - } - - var elt = e.element(); - - while (Object.isElement(elt)) { - switch (elt.readAttribute('id')) { - case 'btn_login': - this._reload(); - break; - - case 'loginButton': - this.submit(); - break; - } - - elt = elt.up(); - } } - }; +HordeLogin.submit = HordeLogin.submit.wrap(ImpLogin.submit.bind(ImpLogin)); document.observe('dom:loaded', ImpLogin.onDomLoad.bind(ImpLogin)); diff --git a/imp/lib/Auth.php b/imp/lib/Auth.php index 071f9dfcc..2c35253ae 100644 --- a/imp/lib/Auth.php +++ b/imp/lib/Auth.php @@ -1,70 +1,492 @@ + * @author Jon Parise * @author Michael Slusarz - * @package Horde_Auth + * @package IMP */ -class IMP_Auth extends Horde_Auth_Base +class IMP_Auth { /** - * Find out if a set of login credentials are valid, and if - * requested, mark the user as logged in in the current session. + * The preferred server based on the value from the login form. * - * @param string $userID The userID to check. - * @param array $credentials The credentials to check. - * @param boolean $login Whether to log the user in. If false, we'll - * only test the credentials and won't modify - * the current session. + * @var string + */ + static public $prefServer = null; + + /** + * The auth type to use. * - * @return boolean Whether or not the credentials are valid. + * @var string */ - public function authenticate($userID = null, $credentials = array(), - $login = false) - { - return parent::authenticate($userID, $credentials, $login && (Horde_Auth::getProvider() == 'imp')); - } + static public $authType = null; /** - * Find out if a set of login credentials are valid. + * Authenticate to the mail server. * - * @param string $userID The userID to check. - * @param array $credentials An array of login credentials. + * @param array $credentials An array of login credentials. If empty, + * attempts to login to the cached session. + * 
+     * 'password' - (string) The user password.
+     * 'server' - (string) The server key to use (from servers.php).
+     * 'userid' - (string) The username.
+     *
* - * @throws Horde_Exception + * @return boolean True if session was created, false if pre-existing + * session used. + * @throws Horde_Auth_Exception */ - protected function _authenticate($userID, $credentials) + static public function authenticate($credentials = array()) { + $retval = false; + + // Do 'horde' authentication. + if (self::$authType == 'horde') { + if (Horde_Auth::getAuth()) { + return false; + } + throw new Horde_Auth_Exception('', Horde_Auth::REASON_FAILED); + } + // Check for valid IMAP Client object. if (!$GLOBALS['imp_imap']->ob) { - // Attempt to create IMAP Client object - $key = isset($credentials['server']) ? $credentials['server'] : IMP_Session::getAutoLoginServer(); - if (is_null($key) || - !isset($credentials['password']) || - !$GLOBALS['imp_imap']->createImapObject($userID, $credentials['password'], $key)) { - IMP::loginLogMessage('failed', __FILE__, __LINE__); - throw new Horde_Exception('', Horde_Auth::REASON_FAILED); + if (!isset($credentials['userid']) || + !isset($credentials['password'])) { + throw new Horde_Auth_Exception('', Horde_Auth::REASON_BADLOGIN); + } + + if (!isset($credentials['server'])) { + $credentials['server'] = self::getAutoLoginServer(); + } + + /* _createSession() will create the imp session variable, so there + * is no concern for an infinite loop here. */ + if (!isset($_SESSION['imp'])) { + self::_createSession($credentials); + $retval = true; + } elseif (!$GLOBALS['imp_imap']->createImapObject($credentials['userid'], $credentials['password'], $credentials['server'])) { + self::logMessage('failed', __FILE__, __LINE__); + throw new Horde_Auth_Exception('', Horde_Auth::REASON_FAILED); } } try { - $GLOBALS['imp_imap']->ob->login(); + if ($retval !== true) { + $GLOBALS['imp_imap']->ob->login(); + } } catch (Horde_Imap_Client_Exception $e) { - IMP::loginLogMessage($e->getMessage(), __FILE__, __LINE__); + self::logMessage($e->getMessage(), __FILE__, __LINE__); if ($e->getCode() == Horde_Imap_Client_Exception::SERVER_CONNECT) { - throw new Horde_Exception(_("Could not connect to the remote server.")); + throw new Horde_Auth_Exception(_("Could not connect to the remote server.")); } - throw new Horde_Exception('', Horde_Auth::REASON_BADLOGIN); + throw new Horde_Auth_Exception($e->getMessage()); + } + + if (!empty($_SESSION['imp']['logintasks'])) { + self::_loginTasks(); } + + return $retval; } + + /** + * Perform transparent authentication. + * + * @return boolean Whether transparent login is supported. + * @throws Horde_Auth_Exception + */ + static public function transparent() + { + $credentials = self::_canAutoLogin(); + if ($credentials === false) { + return false; + } + + self::_createSession($credentials); + return true; + } + + /** + * Log login related message. + * + * @param string $status Either 'login', 'logout', 'failed', or an + * error message. + * @param string $file The file where the error occurred. + * @param integer $line The line where the error occurred. + * @param integer $level The logging level. + */ + static public function logMessage($status, $file, $line, + $level = PEAR_LOG_ERR) + { + switch ($status) { + case 'login': + $status_msg = 'Login success'; + break; + + case 'logout': + $status_msg = 'Logout'; + break; + + case 'failed': + $status_msg = 'FAILED LOGIN'; + break; + + default: + $status_msg = $status; + break; + } + + $imp_imap = $GLOBALS['imp_imap']->ob; + + $msg = sprintf( + $status_msg . ' for %s [%s]%s to {%s:%s [%s]}', + empty($_SESSION['imp']['uniquser']) ? '' : $_SESSION['imp']['uniquser'], + $_SERVER['REMOTE_ADDR'], + empty($_SERVER['HTTP_X_FORWARDED_FOR']) ? '' : ' (forwarded for [' . $_SERVER['HTTP_X_FORWARDED_FOR'] . '])', + $imp_imap ? $imp_imap->getParam('hostspec') : '', + $imp_imap ? $imp_imap->getParam('port') : '', + empty($_SESSION['imp']['protocol']) ? '' : $_SESSION['imp']['protocol'] + ); + + Horde::logMessage($msg, $file, $line, $level); + } + + /** + * Set up the IMP session. Handle authentication, if required, and only do + * enough work to see if the user can log in. + * + * Creates the 'imp' session variable with the following entries: + * 'cache' -- Various IMP libraries can use this variable to cache + * data. + * 'file_upload' -- If file uploads are allowed, the max size. + * 'filteravail' -- Can we apply filters manually? + * 'imap' -- Config for various IMAP resources (acl, admin, + * namespace, quota) + * 'imap_ob' -- The serialized Horde_Imap_Client object. + * 'logintasks' -- Have the login tasks been completed? + * 'maildomain' -- See config/servers.php. + * 'notepadavail' -- Is listing of notepads available? + * 'protocol' -- Either 'imap' or 'pop'. + * 'rteavail' -- Is the HTML editor available? + * 'search' -- Settings used by the IMP_Search library. + * 'server_key' -- Server used to login. + * 'smime' -- Settings related to the S/MIME viewer. + * 'smtp' -- SMTP options ('host' and 'port') + * 'showunsub' -- Show unsusubscribed mailboxes on the folders screen. + * 'tasklistavail' -- Is listing of tasklists available? + * 'uniquser' -- The unique user name. + * 'view' -- The imp view mode (currently dimp, imp, or mimp) + * + * @param array $credentials An array of login credentials. + * 
+     * 'password' - (string) The user password.
+     * 'server' - (string) The server key to use (from servers.php).
+     * 'userid' - (string) The username.
+     *
+ * + * @throws Horde_Auth_Exception + */ + static protected function _createSession($credentials) + { + global $conf; + + /* Create the imp session variable. */ + $_SESSION['imp'] = array( + 'cache' => array(), + 'imap' => array(), + 'logintasks' => false, + 'server_key' => $credentials['server'], + 'showunsub' => false + ); + $sess = &$_SESSION['imp']; + + /* Run the username through virtualhost expansion functions if + * necessary. */ + if (!empty($conf['hooks']['vinfo'])) { + try { + $credentials['userid'] = Horde::callHook('_imp_hook_vinfo', array('username', $credentials['userid']), 'imp'); + } catch (Horde_Exception $e) {} + } + + /* Load the server configuration. */ + $ptr = $GLOBALS['imp_imap']->loadServerConfig($credentials['server']); + if ($ptr === false) { + throw new Horde_Auth_Exception('', Horde_Auth::REASON_FAILED); + } + + /* Determine the unique user name. */ + if (Horde_Auth::isAuthenticated()) { + $sess['uniquser'] = Horde_Auth::removeHook(Horde_Auth::getAuth()); + } else { + $sess['uniquser'] = $credentials['userid']; + if (!empty($ptr['realm'])) { + $sess['uniquser'] .= '@' . $ptr['realm']; + } + } + + /* Do necessary authentication now. */ + try { + self::authenticate(array( + 'password' => $credentials['password'], + 'server' => $credentials['server'], + 'userid' => $sess['uniquser'] + )); + } catch (Horde_Auth_Exception $e) { + unset($_SESSION['imp']); + throw $e; + } + + /* Set the protocol. */ + $sess['protocol'] = isset($ptr['protocol']) + ? $ptr['protocol'] + : 'imap'; + + /* Set the maildomain. */ + $maildomain = $GLOBALS['prefs']->getValue('mail_domain'); + $sess['maildomain'] = $maildomain + ? $maildomain + : $ptr['maildomain']; + + /* Store some basic IMAP server information. */ + if ($sess['protocol'] == 'imap') { + foreach (array('acl', 'admin', 'namespace', 'quota') as $val) { + if (isset($ptr[$val])) { + $sess['imap'][$val] = $ptr[$val]; + + /* 'admin' and 'quota' have password entries - encrypt + * these entries in the session if they exist. */ + if (isset($ptr[$val]['params']['password'])) { + $sess['imap'][$val]['params']['password'] = Horde_Secret::write(Horde_Secret::getKey('imp'), $ptr[$val]['params']['password']); + } + } + } + } + + /* Set the SMTP options, if needed. */ + if ($conf['mailer']['type'] == 'smtp') { + $sess['smtp'] = array(); + foreach (array('smtphost' => 'host', 'smtpport' => 'port') as $key => $val) { + if (!empty($ptr[$key])) { + $sess['smtp'][$val] = $ptr[$key]; + } + } + } + + /* Does the server allow file uploads? If yes, store the + * value, in bytes, of the maximum file size. */ + $sess['file_upload'] = $GLOBALS['browser']->allowFileUploads(); + + /* Is the 'mail/canApplyFilters' API call available? */ + $registry = Horde_Registry::singleton(); + try { + if ($registry->call('mail/canApplyFilters')) { + $sess['filteravail'] = true; + } + } catch (Horde_Exception $e) {} + + /* Is the 'tasks/listTasklists' call available? */ + if ($conf['tasklist']['use_tasklist'] && + $registry->hasMethod('tasks/listTasklists')) { + $sess['tasklistavail'] = true; + } + + /* Is the 'notes/listNotepads' call available? */ + if ($conf['notepad']['use_notepad'] && + $registry->hasMethod('notes/listNotepads')) { + $sess['notepadavail'] = true; + } + + /* Is the HTML editor available? */ + $imp_ui = new IMP_UI_Compose(); + $editor = $imp_ui->initRTE(null, true); + $sess['rteavail'] = $editor->supportedByBrowser(); + + /* Set up search information for the session. */ + $GLOBALS['imp_search']->sessionSetup(); + + IMP_Auth::logMessage('login', __FILE__, __LINE__, PEAR_LOG_NOTICE); + } + + /** + * Perform IMP login tasks. + */ + static protected function _loginTasks() + { + /* Do login tasks. */ + $tasks = Horde_LoginTasks::singleton('imp', Horde::selfUrl(true, true, true)); + $tasks->runTasks(); + + /* If the user wants to run filters on login, make sure they get + run. */ + if ($GLOBALS['prefs']->getValue('filter_on_login')) { + /* Run filters. */ + $imp_filter = new IMP_Filter(); + $imp_filter->filter('INBOX'); + } + + /* Check for drafts due to session timeouts. */ + $imp_compose = IMP_Compose::singleton(); + $imp_compose->recoverSessionExpireDraft(); + + $_SESSION['imp']['logintasks'] = true; + } + + /** + * Returns the autologin server key. + * + * @return string The server key, or null if none available. + */ + static public function getAutoLoginServer() + { + if (($servers = IMP_Imap::loadServerConfig()) === false) { + return null; + } + + $server_key = null; + foreach ($servers as $key => $val) { + if (is_null($server_key) && substr($key, 0, 1) != '_') { + $server_key = $key; + } + if (self::isPreferredServer($val, $key)) { + $server_key = $key; + break; + } + } + + return $server_key; + } + + /** + * Determines if the given mail server is the "preferred" mail server for + * this web server. This decision is based on the global 'SERVER_NAME' + * and 'HTTP_HOST' server variables and the contents of the 'preferred' + * field in the server's definition. The 'preferred' field may take a + * single value or an array of multiple values. + * + * @param string $server A complete server entry from the $servers hash. + * @param string $key The server key entry. + * + * @return boolean True if this entry is "preferred". + */ + static public function isPreferredServer($server, $key = null) + { + if (!is_null(self::$prefServer)) { + return ($key == self::$prefServer); + } + + if (!empty($server['preferred'])) { + if (is_array($server['preferred'])) { + if (in_array($_SERVER['SERVER_NAME'], $server['preferred']) || + in_array($_SERVER['HTTP_HOST'], $server['preferred'])) { + return true; + } + } elseif (($server['preferred'] == $_SERVER['SERVER_NAME']) || + ($server['preferred'] == $_SERVER['HTTP_HOST'])) { + return true; + } + } + + return false; + } + + /** + * Returns whether we can log in without a login screen for $server_key. + * + * @param string $server_key The server to check. Defaults to the + * autologin server. + * @param boolean $force If true, check $server_key even if there is + * more than one server available. + * + * @return array The credentials needed to login ('userId', 'password', + * 'server') or false if autologin not available. + */ + static protected function _canAutoLogin($server_key = null, $force = false) + { + if (($servers = $GLOBALS['imp_imap']->loadServerConfig()) === false) { + return false; + } + + if (is_null($server_key) || !$force) { + $auto_server = self::getAutoLoginServer(); + if (is_null($server_key)) { + $server_key = $auto_server; + } + } + + if ((!empty($auto_server) || $force) && + Horde_Auth::getAuth() && + !empty($servers[$server_key]['hordeauth'])) { + return array( + 'userId' => ((strcasecmp($servers[$server_key]['hordeauth'], 'full') == 0) + ? Horde_Auth::getAuth() + : Horde_Auth::getBareAuth()), + 'password' => Horde_Auth::getCredential('password'), + 'server' => $server_key + ); + } + + return false; + } + + /** + * Returns the initial page. + * + * @param boolean $url Return a URL instead of a file path. + * + * @return string Either the file path or a URL to the initial page. + */ + static public function getInitialPage($url = false) + { + switch ($_SESSION['imp']['view']) { + case 'dimp': + $page = 'index-dimp.php'; + break; + + case 'mimp': + $page = 'mailbox-mimp.php'; + break; + + default: + $init_url = ($_SESSION['imp']['protocol'] == 'pop') + ? 'INBOX' + : $GLOBALS['prefs']->getValue('initial_page'); + + $imp_search = new IMP_Search(); + + if (!$GLOBALS['prefs']->getValue('use_vinbox') && + $imp_search->isVINBOXFolder($init_url)) { + $init_url = 'folders.php'; + } elseif (($imp_search->createSearchID($init_url) == $init_url) && + !$imp_search->isVFolder($init_url)) { + $init_url = 'INBOX'; + if (!$GLOBALS['prefs']->isLocked('initial_page')) { + $GLOBALS['prefs']->setValue('initial_page', $init_url); + } + } + + switch ($init_url) { + case 'folders.php': + $page = $init_url; + break; + + default: + // TODO: Directly load mailbox.php + header('Location: ' . Horde_Util::addParameter(Horde::applicationUrl('mailbox.php', true), array('mailbox' => $init_url))); + exit; + } + } + + return $url + ? Horde::applicationUrl($page, true) + : IMP_BASE . '/' . $page; + } + } diff --git a/imp/lib/Block/Foldersummary.php b/imp/lib/Block/Foldersummary.php index 56817259c..f7f86b935 100644 --- a/imp/lib/Block/Foldersummary.php +++ b/imp/lib/Block/Foldersummary.php @@ -14,8 +14,11 @@ class IMP_Block_Foldersummary extends Horde_Block function _content() { - if (!IMP::checkAuthentication(true)) { - return ''; + $GLOBALS['imp_authentication'] = 'throw'; + try { + require_once dirname(__FILE__) . '/../base.php'; + } catch (Horde_Exception $e) { + return; } /* Filter on INBOX display, if requested. */ diff --git a/imp/lib/Block/Newmail.php b/imp/lib/Block/Newmail.php index db755be18..3d7179059 100644 --- a/imp/lib/Block/Newmail.php +++ b/imp/lib/Block/Newmail.php @@ -14,11 +14,11 @@ class IMP_Block_Newmail extends Horde_Block function _content() { - $GLOBALS['authentication'] = 'none'; - require_once dirname(__FILE__) . '/../base.php'; - - if (!IMP::checkAuthentication(true)) { - return ''; + $GLOBALS['imp_authentication'] = 'throw'; + try { + require_once dirname(__FILE__) . '/../base.php'; + } catch (Horde_Exception $e) { + return; } /* Filter on INBOX display, if requested. */ diff --git a/imp/lib/Block/summary.php b/imp/lib/Block/summary.php index 6e687c4b0..73077f0d6 100644 --- a/imp/lib/Block/summary.php +++ b/imp/lib/Block/summary.php @@ -39,15 +39,15 @@ class Horde_Block_imp_summary extends Horde_Block { global $notification, $prefs, $registry; - $GLOBALS['authentication'] = 'none'; - require dirname(__FILE__) . '/../base.php'; + $GLOBALS['imp_authentication'] = 'throw'; + try { + require_once dirname(__FILE__) . '/../base.php'; + } catch (Horde_Exception $e) { + return; + } $html = ''; - if (!IMP::checkAuthentication(true)) { - return $html . '
' . Horde::link(Horde::applicationUrl('index.php', true), sprintf(_("Log in to %s"), $registry->applications['imp']['name'])) . sprintf(_("Log in to %s"), $registry->applications['imp']['name']) . '
'; - } - /* Filter on INBOX display, if requested. */ if ($prefs->getValue('filter_on_display')) { $imp_filter = new IMP_Filter(); diff --git a/imp/lib/Block/tree_folders.php b/imp/lib/Block/tree_folders.php index 04a0316bb..b0bd677f3 100644 --- a/imp/lib/Block/tree_folders.php +++ b/imp/lib/Block/tree_folders.php @@ -17,11 +17,10 @@ class Horde_Block_imp_tree_folders extends Horde_Block function _buildTree(&$tree, $indent = 0, $parent = null) { - $GLOBALS['authentication'] = 'none'; - require_once dirname(__FILE__) . '/../base.php'; - - /* Abort immediately if we're not currently logged in. */ - if (!IMP::checkAuthentication(true)) { + $GLOBALS['imp_authentication'] = 'throw'; + try { + require_once dirname(__FILE__) . '/../base.php'; + } catch (Horde_Exception $e) { return; } diff --git a/imp/lib/Crypt/Pgp.php b/imp/lib/Crypt/Pgp.php index b65ea7488..ccaaf58ed 100644 --- a/imp/lib/Crypt/Pgp.php +++ b/imp/lib/Crypt/Pgp.php @@ -393,7 +393,7 @@ class IMP_Crypt_Pgp extends Horde_Crypt_Pgp } return isset($_SESSION['imp']['cache']['pgp'][$type][$id]) - ? Horde_Secret::read(IMP::getAuthKey(), $_SESSION['imp']['cache']['pgp'][$type][$id]) + ? Horde_Secret::read(Horde_Secret::getKey('imp'), $_SESSION['imp']['cache']['pgp'][$type][$id]) : null; } @@ -417,7 +417,7 @@ class IMP_Crypt_Pgp extends Horde_Crypt_Pgp $id = 'personal'; } - $_SESSION['imp']['cache']['pgp'][$type][$id] = Horde_Secret::write(IMP::getAuthKey(), $passphrase); + $_SESSION['imp']['cache']['pgp'][$type][$id] = Horde_Secret::write(Horde_Secret::getKey('imp'), $passphrase); return true; } diff --git a/imp/lib/Crypt/Smime.php b/imp/lib/Crypt/Smime.php index a638c56bd..736d4cf5c 100644 --- a/imp/lib/Crypt/Smime.php +++ b/imp/lib/Crypt/Smime.php @@ -270,7 +270,7 @@ class IMP_Crypt_Smime extends Horde_Crypt_Smime } if (isset($_SESSION['imp']['smime']['passphrase'])) { - return Horde_Secret::read(IMP::getAuthKey(), $_SESSION['imp']['smime']['passphrase']); + return Horde_Secret::read(Horde_Secret::getKey('imp'), $_SESSION['imp']['smime']['passphrase']); } elseif (isset($_SESSION['imp']['smime']['null_passphrase'])) { return ($_SESSION['imp']['smime']['null_passphrase']) ? null : false; } else { @@ -299,7 +299,7 @@ class IMP_Crypt_Smime extends Horde_Crypt_Smime if (!isset($_SESSION['imp']['smime'])) { $_SESSION['imp']['smime'] = array(); } - $_SESSION['imp']['smime']['passphrase'] = Horde_Secret::write(IMP::getAuthKey(), $passphrase); + $_SESSION['imp']['smime']['passphrase'] = Horde_Secret::write(Horde_Secret::getKey('imp'), $passphrase); return true; } diff --git a/imp/lib/IMP.php b/imp/lib/IMP.php index 336346126..a1af6a14b 100644 --- a/imp/lib/IMP.php +++ b/imp/lib/IMP.php @@ -46,48 +46,10 @@ class IMP /* hideDeletedMsgs() cache. */ static private $_delhide = null; - /* getAuthKey() cache. */ - static private $_authkey = null; - /* filesystemGC() cache. */ static private $_dirlist = array(); /** - * Makes sure the user has been authenticated to view the page. - * - * @param boolean $return If this is true, return false instead of - * exiting/redirecting if authentication fails. - * @param boolean $hordeauth Just check for Horde auth and don't bother - * the IMAP server. - * - * @return boolean True on success, false on error. - */ - static public function checkAuthentication($return = false, - $hordeauth = false) - { - if ($hordeauth) { - $reason = Horde_Auth::isAuthenticated(); - } else { - $auth_imp = new IMP_Auth(); - $reason = $auth_imp->authenticate(null, array(), false); - } - - if ($reason === true) { - return true; - } elseif ($return) { - return false; - } - - if (Horde_Util::getFormData('popup')) { - Horde_Util::closeWindowJS(); - } else { - $url = Horde_Util::addParameter(self::getLogoutUrl(null, true), 'url', Horde::selfUrl(true)); - header('Location: ' . $url); - } - exit; - } - - /** * Returns the plain text label that is displayed for the current mailbox, * replacing virtual search mailboxes with an appropriate description and * removing namespace and mailbox prefix information from what is shown to @@ -525,7 +487,7 @@ class IMP $spam_folder = self::folderPref($prefs->getValue('spam_folder'), true); - $menu = new Horde_Menu(Horde_Menu::MASK_ALL & ~Horde_Menu::MASK_LOGIN); + $menu = new Horde_Menu(); $menu->add(self::generateIMPUrl($menu_mailbox_url, 'INBOX'), _("_Inbox"), 'folders/inbox.png'); @@ -584,28 +546,6 @@ class IMP $menu->add(Horde::applicationUrl('filterprefs.php'), _("Fi_lters"), 'filters.png'); } - /* Logout. If IMP can auto login or IMP is providing authentication, - * then we only show the logout link if the sidebar isn't shown or if - * the configuration says to always show the current user a logout - * link. */ - $impAuth = ((Horde_Auth::getProvider() == 'imp') || $_SESSION['imp']['autologin']); - if (!$impAuth || - !$prefs->getValue('show_sidebar') || - Horde::showService('logout')) { - /* If IMP provides authentication and the sidebar isn't always on, - * target the main frame for logout to hide the sidebar while - * logged out. */ - $logout_target = ($impAuth) ? '_parent' : null; - - /* If IMP doesn't provide Horde authentication then we need to use - * IMP's logout screen since logging out should *not* end a Horde - * session. */ - $logout_url = self::getLogoutUrl(); - - $id = $menu->add($logout_url, _("_Log out"), 'logout.png', $registry->getImageDir('horde'), $logout_target); - $menu->setPosition($id, Horde_Menu::POS_LAST); - } - return ($type == 'object') ? $menu : $menu->render(); } @@ -1197,41 +1137,6 @@ class IMP } /** - * Returns the proper logout URL for logging out of IMP. - * - * @param integer $reason - * @param boolean $force Force URL to IMP login page. - * - * @return string The logout URL. - */ - static public function getLogoutUrl($reason = null, $force = false) - { - $params = array_filter(array( - 'server_key' => isset($_SESSION['imp']['server_key']) ? - $_SESSION['imp']['server_key'] : - Horde_Util::getFormData('server_key'), - 'language' => Horde_Util::getFormData('language') - )); - - if ($force || - !((Horde_Auth::getProvider() != 'imp') || !$_SESSION['imp']['autologin'])) { - $url = $GLOBALS['registry']->get('webroot', 'imp') . '/login.php'; - } else { - $url = Horde::getServiceLink('logout', 'horde', true); - } - - $url = (!is_null($reason) && is_array($reason)) - ? Horde_Auth::addLogoutParameters($url, $reason[0], $reason[1]) - : Horde_Auth::addLogoutParameters($url, $reason); - - if (!empty($params)) { - $url = Horde_Util::addParameter($url, $params, null, false); - } - - return $url; - } - - /** * Output the javascript needed to call the IMP popup JS function. * * @param string $url The IMP page to load. @@ -1260,50 +1165,6 @@ class IMP } /** - * Log login related message. - * - * @param string $status Either 'login', 'logout', or 'failed'. - * @param string $file The file where the error occurred. - * @param integer $line The line where the error occurred. - * @param integer $level The logging level. - */ - static public function loginLogMessage($status, $file, $line, - $level = PEAR_LOG_ERR) - { - switch ($status) { - case 'login': - $status_msg = 'Login success'; - break; - - case 'logout': - $status_msg = 'Logout'; - break; - - case 'failed': - $status_msg = 'FAILED LOGIN'; - break; - - default: - $status_msg = $status; - break; - } - - $imp_imap = $GLOBALS['imp_imap']->ob; - - $msg = sprintf( - $status_msg . ' for %s [%s]%s to {%s:%s [%s]}', - (!empty($_SESSION['imp']['uniquser'])) ? $_SESSION['imp']['uniquser'] : '', - $_SERVER['REMOTE_ADDR'], - (empty($_SERVER['HTTP_X_FORWARDED_FOR'])) ? '' : ' (forwarded for [' . $_SERVER['HTTP_X_FORWARDED_FOR'] . '])', - (!is_null($imp_imap)) ? $imp_imap->getParam('hostspec') : '', - (!is_null($imp_imap)) ? $imp_imap->getParam('port') : '', - (!empty($_SESSION['imp']['protocol'])) ? $_SESSION['imp']['protocol'] : '' - ); - - Horde::logMessage($msg, $file, $line, $level); - } - - /** * Outputs the necessary script tags, honoring local configuration * choices as to script caching. */ @@ -1618,21 +1479,6 @@ class IMP } /** - * Return the key used for [en|de]crypting auth credentials. - * - * @return string The secret key. - */ - static public function getAuthKey() - { - $key = &self::$_authkey; - - if (is_null($key)) { - $key = Horde_Secret::getKey(Horde_Auth::getProvider() == 'imp' ? 'auth' : 'imp'); - } - return $key; - } - - /** * Returns a Horde_Cache object (if configured) and handles any errors * associated with creating the object. * @@ -1710,8 +1556,7 @@ class IMP static public function canCompose() { try { - return empty($conf['hooks']['disable_compose']) || - !Horde::callHook('_imp_hook_disable_compose', array(), 'imp'); + return empty($conf['hooks']['disable_compose']) || !Horde::callHook('_imp_hook_disable_compose', array(), 'imp'); } catch (Horde_Exception $e) { return true; } diff --git a/imp/lib/Imap.php b/imp/lib/Imap.php index 4ac07b2fc..0d0b982ca 100644 --- a/imp/lib/Imap.php +++ b/imp/lib/Imap.php @@ -123,7 +123,7 @@ class IMP_Imap return false; } - Horde_Imap_Client::$encryptKey = IMP::getAuthKey(); + Horde_Imap_Client::$encryptKey = Horde_Secret::getKey('imp'); $old_error = error_reporting(0); $this->ob = unserialize($_SESSION['imp']['imap_ob']); diff --git a/imp/lib/Imap/Tree.php b/imp/lib/Imap/Tree.php index e2daef383..a68abc848 100644 --- a/imp/lib/Imap/Tree.php +++ b/imp/lib/Imap/Tree.php @@ -232,11 +232,9 @@ class IMP_Imap_Tree $this->_namespaces = (empty($GLOBALS['conf']['user']['allow_folders'])) ? array() : $ns; } - if (!isset($_SESSION['imp']['cache']['tree'])) { - $imp_cache = IMP::getCache(); - $_SESSION['imp']['cache']['tree'] = $imp_cache - ? uniqid(mt_rand() . Horde_Auth::getAuth()) - : null; + $imp_cache = IMP::getCache(); + if ($imp_cache) { + $_SESSION['imp']['cache']['tree'] = uniqid(mt_rand() . Horde_Auth::getAuth()); } /* Must set these values here because PHP 5 does not allow assignment @@ -289,13 +287,11 @@ class IMP_Imap_Tree { /* We only need to store the object if using Horde_Cache and the tree * has changed. */ - if (empty($this->_changed) || - is_null($_SESSION['imp']['cache']['tree'])) { - return; + if (!empty($this->_changed) && + isset($_SESSION['imp']['cache']['tree'])) { + $imp_cache = IMP::getCache(); + $imp_cache->set($_SESSION['imp']['cache']['tree'], serialize($this), 86400); } - - $imp_cache = IMP::getCache(); - $imp_cache->set($_SESSION['imp']['cache']['tree'], serialize($this), 86400); } /** diff --git a/imp/lib/MIMP.php b/imp/lib/MIMP.php index daab8aa58..baa6e1a57 100644 --- a/imp/lib/MIMP.php +++ b/imp/lib/MIMP.php @@ -43,10 +43,7 @@ class MIMP // $items[Horde_Util::addParameter($options_link, 'mobile', 1, false)] = _("Options"); // } - $logout_link = IMP::getLogoutUrl(Horde_Auth::REASON_LOGOUT); - if (!empty($logout_link)) { - $items[$logout_link] = _("Log out"); - } + $items[Horde::getServiceLink('logout')] = _("Log out"); foreach ($items as $link => $label) { $menu->add(new Horde_Mobile_link($label, $link)); diff --git a/imp/lib/Quota.php b/imp/lib/Quota.php index 9a088932b..20f43e5cd 100644 --- a/imp/lib/Quota.php +++ b/imp/lib/Quota.php @@ -89,7 +89,7 @@ class IMP_Quota /* If 'password' exists in params, it has been encrypted in the * session so we need to decrypt. */ if (isset($this->_params['password'])) { - $this->_params['password'] = Horde_Secret::read(IMP::getAuthKey(), $this->_params['password']); + $this->_params['password'] = Horde_Secret::read(Horde_Secret::getKey('imp'), $this->_params['password']); } } diff --git a/imp/lib/Session.php b/imp/lib/Session.php deleted file mode 100644 index 6003fe59f..000000000 --- a/imp/lib/Session.php +++ /dev/null @@ -1,366 +0,0 @@ - - * @author Jon Parise - * @author Michael Slusarz - * @package IMP - */ -class IMP_Session -{ - /** - * The preferred server based on the value from the login form. - * - * @var string - */ - static public $prefServer = null; - - /** - * Take information posted from a login attempt and try setting up - * an initial IMP session. Handle Horde authentication, if - * required, and only do enough work to see if the user can log - * in. This function should only be called once, when the user - * first logs in. On success, logs a message to the Horde log. - * - * Creates the 'imp' session variable with the following entries: - * 'autologin' -- Is autologin available? - * 'cache' -- Various IMP libraries can use this variable to cache - * data. - * 'file_upload' -- If file uploads are allowed, the max size. - * 'filteravail' -- Can we apply filters manually? - * 'imap' -- Config for various IMAP resources (acl, admin, - * namespace, quota) - * 'imap_ob' -- The serialized Horde_Imap_Client object. - * 'logintasks' -- Have the login tasks been completed? - * 'maildomain' -- See config/servers.php. - * 'notepadavail' -- Is listing of notepads available? - * 'protocol' -- Either 'imap' or 'pop'. - * 'rteavail' -- Is the HTML editor available? - * 'search' -- Settings used by the IMP_Search library. - * 'server_key' -- Server used to login. - * 'smime' -- Settings related to the S/MIME viewer. - * 'smtp' -- SMTP options ('host' and 'port') - * 'showunsub' -- Show unsusubscribed mailboxes on the folders screen. - * 'tasklistavail' -- Is listing of tasklists available? - * 'uniquser' -- The unique user name. - * 'view' -- The imp view mode (currently dimp, imp, or mimp) - * - * @param string $imapuser The username of the user. - * @param string $password The password of the user. - * @param string $server The server to use (see config/servers.php). - * - * @return boolean True on success, false on failure. - */ - static public function createSession($imapuser, $password, $server) - { - global $conf, $registry; - - /* We need both a username and password. */ - if (!strlen($imapuser) || !strlen($password)) { - return false; - } - - /* Create the imp session variable. */ - $_SESSION['imp'] = array( - 'cache' => array(), - 'imap' => array(), - 'logintasks' => false, - 'server_key' => $server, - 'showunsub' => false - ); - $sess = &$_SESSION['imp']; - - /* Run the username through virtualhost expansion functions if - * necessary. */ - if (!empty($conf['hooks']['vinfo'])) { - try { - $newUser = Horde::callHook('_imp_hook_vinfo', array('username', $imapuser), 'imp'); - if (strlen($newUser)) { - $imapuser = $newUser; - } - } catch (Horde_Exception $e) {} - } - - /* Load the server configuration. */ - $ptr = $GLOBALS['imp_imap']->loadServerConfig($server); - if ($ptr === false) { - return false; - } - - /* Determine the unique user name. */ - if (Horde_Auth::isAuthenticated()) { - $sess['uniquser'] = Horde_Auth::removeHook(Horde_Auth::getAuth()); - } else { - $sess['uniquser'] = $imapuser; - if (!empty($ptr['realm'])) { - $sess['uniquser'] .= '@' . $ptr['realm']; - } - } - - /* Create the Horde_Imap_Client object now. */ - if ($GLOBALS['imp_imap']->createImapObject($imapuser, $password, $server) === false) { - unset($_SESSION['imp']); - return false; - } - - /* Do necessary authentication now (since Horde_Auth:: may need to set - * values in Horde-land). */ - $auth_imp = new IMP_Auth(); - if ($auth_imp->authenticate($sess['uniquser'], array('password' => $password), true) !== true) { - unset($_SESSION['imp']); - return false; - } - - /* Set the protocol. */ - $sess['protocol'] = isset($ptr['protocol']) ? $ptr['protocol'] : 'imap'; - - /* Set the maildomain. */ - $maildomain = $GLOBALS['prefs']->getValue('mail_domain'); - $sess['maildomain'] = ($maildomain) ? $maildomain : $ptr['maildomain']; - - /* Store some basic IMAP server information. */ - if ($sess['protocol'] == 'imap') { - foreach (array('acl', 'admin', 'namespace', 'quota') as $val) { - if (isset($ptr[$val])) { - $sess['imap'][$val] = $ptr[$val]; - - /* 'admin' and 'quota' have password entries - encrypt - * these entries in the session if they exist. */ - if (isset($ptr[$val]['params']['password'])) { - $sess['imap'][$val]['params']['password'] = Horde_Secret::write(IMP::getAuthKey(), $ptr[$val]['params']['password']); - } - } - } - } - - /* Set the SMTP options, if needed. */ - if ($conf['mailer']['type'] == 'smtp') { - $sess['smtp'] = array(); - foreach (array('smtphost' => 'host', 'smtpport' => 'port') as $key => $val) { - if (!empty($ptr[$key])) { - $sess['smtp'][$val] = $ptr[$key]; - } - } - } - - /* Does the server allow file uploads? If yes, store the - * value, in bytes, of the maximum file size. */ - $sess['file_upload'] = $GLOBALS['browser']->allowFileUploads(); - - /* Is the 'mail/canApplyFilters' API call available? */ - try { - if ($registry->call('mail/canApplyFilters')) { - $sess['filteravail'] = true; - } - } catch (Horde_Exception $e) {} - - /* Is the 'tasks/listTasklists' call available? */ - if ($conf['tasklist']['use_tasklist'] && - $registry->hasMethod('tasks/listTasklists')) { - $sess['tasklistavail'] = true; - } - - /* Is the 'notes/listNotepads' call available? */ - if ($conf['notepad']['use_notepad'] && - $registry->hasMethod('notes/listNotepads')) { - $sess['notepadavail'] = true; - } - - /* Is the HTML editor available? */ - $imp_ui = new IMP_UI_Compose(); - $editor = $imp_ui->initRTE(null, true); - $sess['rteavail'] = $editor->supportedByBrowser(); - - /* Cache autologin check. */ - $sess['autologin'] = self::canAutologin(); - - /* Set up search information for the session. */ - $GLOBALS['imp_search']->sessionSetup(); - - IMP::loginLogMessage('login', __FILE__, __LINE__, PEAR_LOG_NOTICE); - - return true; - } - - /** - * Perform IMP login tasks. - * - * @param string $url The URL to use for the Horde_LoginTasks redirect. - */ - static public function loginTasks($url = null) - { - if (!empty($_SESSION['imp']['logintasks'])) { - return; - } - - /* Do login tasks. */ - $tasks = Horde_LoginTasks::singleton('imp', is_null($url) ? Horde::selfUrl(true, true, true) : $url); - $tasks->runTasks(); - - /* If the user wants to run filters on login, make sure they get - run. */ - if ($GLOBALS['prefs']->getValue('filter_on_login')) { - /* Run filters. */ - $imp_filter = new IMP_Filter(); - $imp_filter->filter('INBOX'); - } - - /* Check for drafts due to session timeouts. */ - $imp_compose = IMP_Compose::singleton(); - $imp_compose->recoverSessionExpireDraft(); - - $_SESSION['imp']['logintasks'] = true; - } - - /** - * Returns the autologin server key. - * - * @return string The server key, or null if none available. - */ - static public function getAutoLoginServer() - { - if (($servers = IMP_Imap::loadServerConfig()) === false) { - return null; - } - - $server_key = null; - foreach ($servers as $key => $val) { - if (is_null($server_key) && substr($key, 0, 1) != '_') { - $server_key = $key; - } - if (self::isPreferredServer($val, $key)) { - $server_key = $key; - break; - } - } - - return $server_key; - } - - /** - * Returns whether we can log in without a login screen for $server_key. - * - * @param string $server_key The server to check. Defaults to the - * autologin server. - * @param boolean $force If true, check $server_key even if there is - * more than one server available. - * - * @return mixed The autologin user if autologin is available, or false. - */ - static public function canAutoLogin($server_key = null, $force = false) - { - if (($servers = $GLOBALS['imp_imap']->loadServerConfig()) === false) { - return false; - } - - if (is_null($server_key) || !$force) { - $auto_server = self::getAutoLoginServer(); - if (is_null($server_key)) { - $server_key = $auto_server; - } - } - - if ((!empty($auto_server) || $force) && - Horde_Auth::getAuth() && - !empty($servers[$server_key]['hordeauth'])) { - return (strcasecmp($servers[$server_key]['hordeauth'], 'full') == 0) - ? Horde_Auth::getAuth() - : Horde_Auth::getBareAuth(); - } - - return false; - } - - /** - * Determines if the given mail server is the "preferred" mail server for - * this web server. This decision is based on the global 'SERVER_NAME' - * and 'HTTP_HOST' server variables and the contents of the 'preferred' - * field in the server's definition. The 'preferred' field may take a - * single value or an array of multiple values. - * - * @param string $server A complete server entry from the $servers hash. - * @param string $key The server key entry. - * - * @return boolean True if this entry is "preferred". - */ - static public function isPreferredServer($server, $key = null) - { - if (!is_null(self::$prefServer)) { - return ($key == self::$prefServer); - } - - if (!empty($server['preferred'])) { - if (is_array($server['preferred'])) { - if (in_array($_SERVER['SERVER_NAME'], $server['preferred']) || - in_array($_SERVER['HTTP_HOST'], $server['preferred'])) { - return true; - } - } elseif (($server['preferred'] == $_SERVER['SERVER_NAME']) || - ($server['preferred'] == $_SERVER['HTTP_HOST'])) { - return true; - } - } - - return false; - } - - /** - * Returns the initial URL. - * - * @param string $actionID The action ID to perform on the initial page. - * @param boolean $encode If true the argument separator gets encoded. - * - * @return string The initial URL. - */ - static public function getInitialUrl($actionID = null, $encode = true) - { - /* TODO: For now, redirect MIMP to mailbox page. */ - if ($_SESSION['imp']['view'] == 'mimp') { - $url = Horde_Util::addParameter(Horde::applicationUrl('mailbox-mimp.php', true), array('mailbox' => 'INBOX')); - if (!empty($actionID)) { - $url = Horde_Util::addParameter($url, array('actionID' => $actionID), null, false); - } - return $url; - } - - /* Redirect DIMP to index page. */ - if ($_SESSION['imp']['view'] == 'dimp') { - return Horde::applicationUrl('index-dimp.php', true); - } - - $init_url = ($_SESSION['imp']['protocol'] == 'pop') - ? 'INBOX' - : $GLOBALS['prefs']->getValue('initial_page'); - - $imp_search = new IMP_Search(); - - if (!$GLOBALS['prefs']->getValue('use_vinbox') && - $imp_search->isVINBOXFolder($init_url)) { - $init_url = 'folders.php'; - } elseif (($imp_search->createSearchID($init_url) == $init_url) && - !$imp_search->isVFolder($init_url)) { - $init_url = 'INBOX'; - if (!$GLOBALS['prefs']->isLocked('initial_page')) { - $GLOBALS['prefs']->setValue('initial_page', $init_url); - } - } - - if ($init_url == 'folders.php') { - $url = Horde_Util::addParameter(Horde::applicationUrl($init_url, !$encode), array_merge(array('folders_token' => Horde::getRequestToken('imp.folders')), IMP::getComposeArgs()), null, $encode); - } else { - $url = Horde_Util::addParameter(Horde::applicationUrl('mailbox.php', !$encode), array_merge(array('mailbox' => $init_url, 'mailbox_token' => Horde::getRequestToken('imp.mailbox')), IMP::getComposeArgs()), null, $encode); - } - - if (!empty($actionID)) { - $url = Horde_Util::addParameter($url, 'actionID', $actionID, $encode); - } - - return $url; - } -} diff --git a/imp/lib/api.php b/imp/lib/api.php index 3b2d91562..03fcd50ad 100644 --- a/imp/lib/api.php +++ b/imp/lib/api.php @@ -132,7 +132,13 @@ $_services = array( 'type' => '{urn:horde}hashHash' ), - /* Horde_Auth_Application method. */ + /* Horde_Auth_Application methods. */ + 'authLoginParams' => array( + 'args' => array(), + 'checkperms' => false, + 'type' => '{urn:horde}hashHash' + ), + 'authAuthenticate' => array( 'args' => array( 'userID' => 'string', @@ -141,6 +147,12 @@ $_services = array( ), 'checkperms' => false, 'type' => 'boolean' + ), + + 'authTransparent' => array( + 'args' => array(), + 'checkperms' => false, + 'type' => 'boolean' ) ); @@ -263,7 +275,7 @@ function _imp_compose($args = array(), $extra = array()) */ function _imp_batchCompose($args = array(), $extra = array()) { - $GLOBALS['authentication'] = 'none'; + $GLOBALS['imp_authentication'] = 'none'; require_once dirname(__FILE__) . '/base.php'; $links = array(); @@ -281,15 +293,15 @@ function _imp_batchCompose($args = array(), $extra = array()) */ function _imp_folderlist() { - $GLOBALS['authentication'] = 'none'; - require_once dirname(__FILE__) . '/base.php'; - - if (IMP::checkAuthentication(true)) { - $imp_folder = IMP_Folder::singleton(); - return $imp_folder->flist(); + try { + $GLOBALS['imp_authentication'] = 'throw'; + require_once dirname(__FILE__) . '/base.php'; + } catch (Horde_Exception $e) { + return false; } - return false; + $imp_folder = IMP_Folder::singleton(); + return $imp_folder->flist(); } /** @@ -301,15 +313,15 @@ function _imp_folderlist() */ function _imp_createFolder($folder) { - $GLOBALS['authentication'] = 'none'; - require_once dirname(__FILE__) . '/base.php'; - - if (IMP::checkAuthentication(true)) { - $imp_folder = IMP_Folder::singleton(); - return $imp_folder->create(IMP::appendNamespace($folder), $GLOBALS['prefs']->getValue('subscribe')); + try { + $GLOBALS['imp_authentication'] = 'throw'; + require_once dirname(__FILE__) . '/base.php'; + } catch (Horde_Exception $e) { + return false; } - return false; + $imp_folder = IMP_Folder::singleton(); + return $imp_folder->create(IMP::appendNamespace($folder), $GLOBALS['prefs']->getValue('subscribe')); } /** @@ -323,15 +335,15 @@ function _imp_createFolder($folder) */ function _imp_deleteMessages($mailbox, $indices) { - $GLOBALS['authentication'] = 'none'; - require_once dirname(__FILE__) . '/base.php'; - - if (IMP::checkAuthentication(true)) { - $imp_message = IMP_Message::singleton(); - return $imp_message->delete(array($mailbox => $indices), array('nuke' => true)); + try { + $GLOBALS['imp_authentication'] = 'throw'; + require_once dirname(__FILE__) . '/base.php'; + } catch (Horde_Exception $e) { + return false; } - return false; + $imp_message = IMP_Message::singleton(); + return $imp_message->delete(array($mailbox => $indices), array('nuke' => true)); } /** @@ -345,15 +357,15 @@ function _imp_deleteMessages($mailbox, $indices) */ function _imp_copyMessages($mailbox, $indices, $target) { - $GLOBALS['authentication'] = 'none'; - require_once dirname(__FILE__) . '/base.php'; - - if (IMP::checkAuthentication(true)) { - $imp_message = IMP_Message::singleton(); - return $imp_message->copy($target, 'copy', array($mailbox => $indices), true); + try { + $GLOBALS['imp_authentication'] = 'throw'; + require_once dirname(__FILE__) . '/base.php'; + } catch (Horde_Exception $e) { + return false; } - return false; + $imp_message = IMP_Message::singleton(); + return $imp_message->copy($target, 'copy', array($mailbox => $indices), true); } /** @@ -367,15 +379,15 @@ function _imp_copyMessages($mailbox, $indices, $target) */ function _imp_moveMessages($mailbox, $indices, $target) { - $GLOBALS['authentication'] = 'none'; - require_once dirname(__FILE__) . '/base.php'; - - if (IMP::checkAuthentication(true)) { - $imp_message = IMP_Message::singleton(); - return $imp_message->copy($target, 'move', array($mailbox => $indices), true); + try { + $GLOBALS['imp_authentication'] = 'throw'; + require_once dirname(__FILE__) . '/base.php'; + } catch (Horde_Exception $e) { + return false; } - return false; + $imp_message = IMP_Message::singleton(); + return $imp_message->copy($target, 'move', array($mailbox => $indices), true); } /** @@ -390,15 +402,15 @@ function _imp_moveMessages($mailbox, $indices, $target) */ function _imp_flagMessages($mailbox, $indices, $flags, $set) { - $GLOBALS['authentication'] = 'none'; - require_once dirname(__FILE__) . '/base.php'; - - if (IMP::checkAuthentication(true)) { - $imp_message = IMP_Message::singleton(); - return $imp_message->flag($flags, 'move', array($mailbox => $indices), $set); + try { + $GLOBALS['imp_authentication'] = 'throw'; + require_once dirname(__FILE__) . '/base.php'; + } catch (Horde_Exception $e) { + return false; } - return false; + $imp_message = IMP_Message::singleton(); + return $imp_message->flag($flags, 'move', array($mailbox => $indices), $set); } /** @@ -411,12 +423,14 @@ function _imp_flagMessages($mailbox, $indices, $flags, $set) */ function _imp_msgEnvelope($mailbox, $indices) { - $GLOBALS['authentication'] = 'none'; - require_once dirname(__FILE__) . '/base.php'; + try { + $GLOBALS['imp_authentication'] = 'throw'; + require_once dirname(__FILE__) . '/base.php'; + } catch (Horde_Exception $e) { + return false; + } - return IMP::checkAuthentication(true) - ? $GLOBALS['imp_imap']->ob->fetch($mailbox, array(Horde_Imap_Client::FETCH_ENVELOPE => true), array('ids' => $indices)) - : false; + return $GLOBALS['imp_imap']->ob->fetch($mailbox, array(Horde_Imap_Client::FETCH_ENVELOPE => true), array('ids' => $indices)); } /** @@ -430,12 +444,14 @@ function _imp_msgEnvelope($mailbox, $indices) */ function _imp_searchMailbox($mailbox, $query) { - $GLOBALS['authentication'] = 'none'; - require_once dirname(__FILE__) . '/base.php'; + try { + $GLOBALS['imp_authentication'] = 'throw'; + require_once dirname(__FILE__) . '/base.php'; + } catch (Horde_Exception $e) { + return false; + } - return IMP::checkAuthentication(true) - ? $GLOBALS['imp_search']->runSearchQuery($query, $mailbox) - : false; + return $GLOBALS['imp_search']->runSearchQuery($query, $mailbox); } /** @@ -447,12 +463,14 @@ function _imp_searchMailbox($mailbox, $query) */ function _imp_mailboxCacheId($mailbox) { - $GLOBALS['authentication'] = 'none'; - require_once dirname(__FILE__) . '/base.php'; + try { + $GLOBALS['imp_authentication'] = 'throw'; + require_once dirname(__FILE__) . '/base.php'; + } catch (Horde_Exception $e) { + return false; + } - return IMP::checkAuthentication(true) - ? $GLOBALS['imp_imap']->ob->getCacheId($mailbox) - : null; + return $GLOBALS['imp_imap']->ob->getCacheId($mailbox); } /** @@ -469,20 +487,20 @@ function _imp_mailboxCacheId($mailbox) */ function _imp_server() { - $GLOBALS['authentication'] = 'none'; - require_once dirname(__FILE__) . '/base.php'; - - if (IMP::checkAuthentication(true)) { - $imap_obj = unserialize($_SESSION['imp']['imap_ob']); - return array( - 'hostspec' => $imap_obj->getParam('hostspec'), - 'port' => $imap_obj->getParam('port'), - 'protocol' => $_SESSION['imp']['protocol'], - 'secure' => $imap_obj->getParam('secure') - ); + try { + $GLOBALS['imp_authentication'] = 'throw'; + require_once dirname(__FILE__) . '/base.php'; + } catch (Horde_Exception $e) { + return null; } - return null; + $imap_obj = unserialize($_SESSION['imp']['imap_ob']); + return array( + 'hostspec' => $imap_obj->getParam('hostspec'), + 'port' => $imap_obj->getParam('port'), + 'protocol' => $_SESSION['imp']['protocol'], + 'secure' => $imap_obj->getParam('secure') + ); } /** @@ -497,7 +515,7 @@ function _imp_server() function _imp_favouriteRecipients($limit, $filter = array('new', 'forward', 'reply', 'redirect')) { - $GLOBALS['authentication'] = 'none'; + $GLOBALS['imp_authentication'] = 'none'; require_once dirname(__FILE__) . '/base.php'; if ($GLOBALS['conf']['sentmail']['driver'] != 'none') { @@ -513,16 +531,18 @@ function _imp_favouriteRecipients($limit, */ function _imp_changeLanguage() { - $GLOBALS['authentication'] = 'none'; - require_once dirname(__FILE__) . '/base.php'; - - if (IMP::checkAuthentication(true)) { - $imp_folder = IMP_Folder::singleton(); - $imp_folder->clearFlistCache(); - $imaptree = IMP_Imap_Tree::singleton(); - $imaptree->init(); - $GLOBALS['imp_search']->sessionSetup(true); + try { + $GLOBALS['imp_authentication'] = 'throw'; + require_once dirname(__FILE__) . '/base.php'; + } catch (Horde_Exception $e) { + return; } + + $imp_folder = IMP_Folder::singleton(); + $imp_folder->clearFlistCache(); + $imaptree = IMP_Imap_Tree::singleton(); + $imaptree->init(); + $GLOBALS['imp_search']->sessionSetup(true); } /** @@ -535,53 +555,166 @@ function _imp_changeLanguage() */ function _imp_cacheOutput($params) { - $GLOBALS['authentication'] = 'none'; - require_once dirname(__FILE__) . '/base.php'; + try { + $GLOBALS['imp_authentication'] = 'throw'; + require_once dirname(__FILE__) . '/base.php'; + } catch (Horde_Exception $e) { + throw new Horde_Exception('No cache data available'); + } + + switch ($params['id']) { + case 'fckeditor': + return array( + 'data' => + 'FCKConfig.ToolbarSets["ImpToolbar"] = ' . $GLOBALS['prefs']->getValue('fckeditor_buttons') . ";\n" . + /* To more closely match "normal" textarea behavior, send + * send
on enter instead of

. */ + "FCKConfig.EnterMode = \'br\';\n" . + 'FCKConfig.ShiftEnterMode = \'p\';', + 'type' => 'text/javascript' + ); + } +} - if (IMP::checkAuthentication(true)) { - switch ($params['id']) { - case 'fckeditor': - return array( - 'data' => - 'FCKConfig.ToolbarSets["ImpToolbar"] = ' . $GLOBALS['prefs']->getValue('fckeditor_buttons') . ";\n" . - // To more closely match "normal" textarea behavior, - // send
on enter instead of

. - "FCKConfig.EnterMode = \'br\';\n" . - 'FCKConfig.ShiftEnterMode = \'p\';', - 'type' => 'text/javascript' - ); +/* + * TODO + */ +function _imp_authLoginParams() +{ + $params = array(); + + if ($GLOBALS['conf']['server']['server_list'] == 'shown') { + $servers = IMP_Imap::loadServerConfig(); + $server_list = array(); + foreach ($servers as $key => $val) { + $server_list[$key] = array('name' => $val['name']); } + $params['imp_server_key'] = array( + 'label' => _("Server"), + 'selected' => Horde_Util::getFormData('imp_server_key', IMP_Auth::getAutoLoginServer()), + 'type' => 'select', + 'value' => $server_list + ); } - throw new Horde_Exception('No cache data available'); + /* If dimp/mimp are available, show selection of alternate views. */ + if (!empty($GLOBALS['conf']['user']['select_view'])) { + $views = array(); + if (!($view_cookie = Horde_Util::getFormData('imp_select_view'))) { + if (isset($_COOKIE['default_imp_view'])) { + $view_cookie = $_COOKIE['default_imp_view']; + } else { + $browser = Horde_Browser::singleton(); + $view_cookie = $browser->isMobile() ? 'mimp' : 'imp'; + } + } + + $params['imp_select_view'] = array( + 'label' => _("Mode"), + 'type' => 'select', + 'value' => array( + 'imp' => array( + 'name' => _("Traditional"), + 'selected' => $view_cookie == 'imp' + ), + 'dimp' => array( + 'hidden' => true, + 'name' => _("Dynamic") + // Dimp selected is handled by javascript (dimp_sel) + ), + 'mimp' => array( + 'name' => _("Minimalist"), + 'selected' => $view_cookie == 'mimp' + ) + ) + ); + } + + return array( + 'js_code' => array( + 'ImpLogin.dimp_sel=' . intval($view_cookie == 'dimp'), + 'ImpLogin.server_key_error=' . Horde_Serialize::serialize(_("Please choose a mail server."), Horde_Serialize::JSON) + ), + 'js_files' => array( + array('login.js', 'imp') + ), + 'params' => $params + ); } /** * Tries to authenticate with the mail server and create a mail session. * - * @param string $userID The username of the user. - * @param array $credentials Credentials of the user. Only allowed key: + * @param string $userId The username of the user. + * @param array $credentials Credentials of the user. Allowed keys: + * 'imp_select_view', 'imp_server_key', * 'password'. - * @param array $params Additional parameters. Only allowed key: - * 'server'. * - * @return boolean True on success, false on failure. + * @throws Horde_Auth_Exception */ -function _imp_authAuthenticate($userID, $credentials, $params = array()) +function _imp_authAuthenticate($userId, $credentials) { - $GLOBALS['authentication'] = 'none'; - $GLOBALS['noset_view'] = true; + $GLOBALS['imp_authentication'] = 'none'; require_once dirname(__FILE__) . '/base.php'; - $server_key = empty($params['server']) - ? IMP_Session::getAutoLoginServer() - : $params['server']; + $new_session = IMP_Auth::authenticate(array( + 'password' => $credentials['password'], + 'server' => !empty($credentials['imp_server_key']) ? $credentials['imp_server_key'] : '', + 'userid' => $userId + )); + + if ($new_session) { + global $conf; + + /* Set view in session/cookie. */ + $view = empty($conf['user']['select_view']) + ? (empty($conf['user']['force_view']) ? 'imp' : $conf['user']['force_view']) + : (empty($credentials['imp_select_view']) ? 'imp' : $credentials['imp_select_view']); + + setcookie('default_imp_view', $view, time() + 30 * 86400, + $conf['cookie']['path'], + $conf['cookie']['domain']); + + $_SESSION['imp']['view'] = $view; + } +} + +/** + * Tries to transparently authenticate with the mail server and create a mail + * session. + * + * @return boolean Whether transparent login is supported. + * @throws Horde_Auth_Exception + */ +function _imp_authTransparent() +{ + /* Transparent auth is a bit goofy - we most likely have reached this + * code from the pushApp() call in base.php already. As such, some of the + * IMP init has not yet been done, so we need to do the necessary init + * here or else things will fail in IMP_Auth. */ + $GLOBALS['imp_authentication'] = 'none'; + require_once dirname(__FILE__) . '/base.php'; + if (!isset($GLOBALS['imp_imap'])) { + $GLOBALS['imp_imap'] = new IMP_Imap(); + } + if (!isset($GLOBALS['imp_search'])) { + $GLOBALS['imp_search'] = new IMP_Search(); + } + + if (IMP_Auth::transparent() === false) { + return false; + } + + /* Set view in session. */ + $_SESSION['imp']['view'] = empty($GLOBALS['conf']['user']['select_view']) + ? (empty($GLOBALS['conf']['user']['force_view']) ? 'imp' : $GLOBALS['conf']['user']['force_view']) + : 'imp'; - return IMP_Session::createSession($userID, $credentials['password'], $server_key); + return true; } /** - * Adds a set of authentication credentials. + * Adds a user defined by authentication credentials. * * @param string $userId The userId to add. * @param array $credentials An array of login credentials. For IMAP, @@ -597,14 +730,14 @@ function _imp_authAddUser($userId, $credentials) $params = array_merge($params, $_SESSION['imp']['admin']['params']); if (isset($params['admin_password'])) { - $params['admin_password'] = Horde_Secret::read(IMP::getAuthKey(), $params['admin_password']); + $params['admin_password'] = Horde_Secret::read(Horde_Secret::getKey('imp'), $params['admin_password']); } $auth = Horde_Auth::singleton('imap', $params); $auth->addUser($userId, $credentials); } /** - * Deletes a set of authentication credentials. + * Deletes a user defined by authentication credentials. * * @param string $userId The userId to delete. * @@ -618,7 +751,7 @@ function _imp_authRemoveUser($userId) $params = array_merge($params, $_SESSION['imp']['admin']['params']); if (isset($params['admin_password'])) { - $params['admin_password'] = Horde_Secret::read(IMP::getAuthKey(), $params['admin_password']); + $params['admin_password'] = Horde_Secret::read(Horde_Secret::getKey('imp'), $params['admin_password']); } $auth = Horde_Auth::singleton('imap', $params); $auth->removeUser($userId); @@ -638,7 +771,7 @@ function _imp_authUserList() $params = array_merge($params, $_SESSION['imp']['admin']['params']); if (isset($params['admin_password'])) { - $params['admin_password'] = Horde_Secret::read(IMP::getAuthKey(), $params['admin_password']); + $params['admin_password'] = Horde_Secret::read(Horde_Secret::getKey('imp'), $params['admin_password']); } $auth = Horde_Auth::singleton('imap', $params); return $auth->listUsers(); diff --git a/imp/lib/base.php b/imp/lib/base.php index 645be4f88..7d25ecbeb 100644 --- a/imp/lib/base.php +++ b/imp/lib/base.php @@ -3,25 +3,30 @@ * IMP base inclusion file. This file brings in all of the dependencies that * every IMP script will need, and sets up objects that all scripts use. * - * The following variables, defined in the script that calls this one, are - * used: - * $authentication - The type of authentication to use: - * 'horde' - Only use horde authentication - * 'none' - Do not authenticate - * Default - Authenticate to IMAP/POP server - * $compose_page - If true, we are on IMP's compose page - * $dimp_logout - Logout and redirect to the login page. - * $login_page - If true, we are on IMP's login page - * $mimp_debug - If true, output text/plain version of page. - * $no_compress - Controls whether the page should be compressed - * $session_control - Sets special session control limitations + * The following global variables are used: + * 

+ * imp_authentication - The type of authentication to use:
+ *   'horde' - Only use horde authentication
+ *   'none'  - Do not authenticate
+ *   'throw' - Authenticate to IMAP/POP server; on no auth, throw a
+ *             Horde_Exception
+ *   Default - Authenticate to IMAP/POP server; on no auth redirect to login
+ *             screen
+ * imp_compose_page - If true, we are on IMP's compose page
+ * imp_dimp_logout - Logout and redirect to the login page.
+ * imp_no_compress - Controls whether the page should be compressed
+ * imp_session_control - Sets special session control limitations:
+ * 
+ * 'netscape'
+ * 'none'
+ * 'readonly'
+ * 

  *
  * Global variables defined:
  *   $imp_imap    - An IMP_Imap object
  *   $imp_mbox    - Current mailbox information
  *   $imp_notify  - A Horde_Notification_Listener object
  *   $imp_search  - An IMP_Search object
- *   $mimp_render - (MIMP view only) A Horde_Mobile object
  *
  * Copyright 1999-2009 The Horde Project (http://www.horde.org/)
  *
@@ -39,7 +44,7 @@ require_once HORDE_BASE . '/lib/core.php';
 
 // Registry.
 $s_ctrl = 0;
-switch (Horde_Util::nonInputVar('session_control')) {
+switch (Horde_Util::nonInputVar('imp_session_control')) {
 case 'netscape':
     if ($browser->isBrowser('mozilla')) {
         session_cache_limiter('private, must-revalidate');
@@ -56,100 +61,76 @@ case 'readonly':
 }
 $registry = Horde_Registry::singleton($s_ctrl);
 
-// We explicitly do not check application permissions for the compose
-// and login pages, since those are handled below and need to fall through
-// to IMP-specific code.
-$compose_page = Horde_Util::nonInputVar('compose_page');
-try {
-    $registry->pushApp('imp', !(defined('AUTH_HANDLER') || $compose_page));
-} catch (Horde_Exception $e) {
-    if ($e->getCode() == 'permission_denied') {
-        Horde::authenticationFailureRedirect();
-    }
-    throw $e;
-}
-
-$conf = &$GLOBALS['conf'];
-if (!defined('IMP_TEMPLATES')) {
-    define('IMP_TEMPLATES', $registry->get('templates'));
-}
-
-// TODO: Remove once this can be autoloaded
-require_once 'Horde/Identity.php';
-
-// Initialize global $imp_imap object.
-if (!isset($GLOBALS['imp_imap'])) {
-    $GLOBALS['imp_imap'] = new IMP_Imap();
-}
-
-// Start compression.
-if (!Horde_Util::nonInputVar('no_compress')) {
-    Horde::compressOutput();
-}
-
-// If IMP isn't responsible for Horde auth, and no one is logged into
-// Horde, redirect to the login screen. If this is a compose window
-// that just timed out, store the draft.
-if (!(Horde_Auth::isAuthenticated() || (Horde_Auth::getProvider() == 'imp'))) {
-    if ($compose_page) {
-        $imp_compose = IMP_Compose::singleton();
-        $imp_compose->sessionExpireDraft();
-    }
-    Horde::authenticationFailureRedirect();
-}
-
 // Determine view mode.
 $viewmode = isset($_SESSION['imp']['view'])
     ? $_SESSION['imp']['view']
     : 'imp';
 
-$authentication = Horde_Util::nonInputVar('authentication', 0);
-if ($authentication !== 'none') {
-    // If we've reached this point and have valid login credentials
-    // but don't actually have an IMP session, then we need to go
-    // through redirect.php to ensure that everything gets set up
-    // properly. Single-signon and transparent authentication setups
-    // are likely to trigger this case.
-    if (empty($_SESSION['imp'])) {
-        if ($compose_page) {
-            $imp_compose = IMP_Compose::singleton();
-            $imp_compose->sessionExpireDraft();
-            require IMP_BASE . '/login.php';
-        } else {
-            require IMP_BASE . '/redirect.php';
-        }
-        exit;
-    }
+// Handle dimp logout requests.
+if (($viewmode == 'dimp') && Horde_Util::nonInputVar('imp_dimp_logout')) {
+    Horde::redirect(str_replace('&', '&', Horde::getServiceLink('logout')));
+}
 
-    if ($compose_page) {
-        if (!IMP::checkAuthentication(true, ($authentication === 'horde'))) {
-            $imp_compose = IMP_Compose::singleton();
-            $imp_compose->sessionExpireDraft();
-            require IMP_BASE . '/login.php';
-            exit;
+// Determine imp authentication type.
+$authentication = Horde_Util::nonInputVar('imp_authentication');
+if ($authentication == 'horde') {
+    IMP_Auth::$authType = 'horde';
+}
+
+try {
+    $registry->pushApp('imp', ($authentication != 'none'));
+} catch (Horde_Exception $e) {
+    if ($e->getCode() == Horde_Registry::AUTH_FAILURE) {
+        if ($authentication == 'throw') {
+            throw $e;
         }
-    } elseif ($viewmode == 'dimp') {
-        // Handle session timeouts
-        if (!IMP::checkAuthentication(true)) {
+
+        if ($viewmode == 'dimp') {
+            // Handle session timeouts
             switch (Horde_Util::nonInputVar('session_timeout')) {
             case 'json':
                 $GLOBALS['notification']->push(null, 'dimp.timeout');
                 Horde::sendHTTPResponse(Horde::prepareResponse(), 'json');
-                // Fall through
+                exit;
 
             case 'none':
                 exit;
 
             default:
-                Horde::redirect(Horde_Util::addParameter(Horde::url($GLOBALS['registry']->get('webroot', 'imp') . '/redirect.php'), 'url', Horde::selfUrl(true)));
+                // TODO: Redirect to login screen
+                exit;
             }
         }
-    } else {
-        IMP::checkAuthentication(false, ($authentication === 'horde'));
+
+        if (Horde_Util::nonInputVar('imp_compose_page')) {
+            $imp_compose = IMP_Compose::singleton();
+            $imp_compose->sessionExpireDraft();
+        }
     }
 
-    /* Some stuff that only needs to be initialized if we are
-     * authenticated. */
+    Horde_Auth::authenticationFailureRedirect('imp', $e);
+}
+
+$conf = &$GLOBALS['conf'];
+if (!defined('IMP_TEMPLATES')) {
+    define('IMP_TEMPLATES', $registry->get('templates'));
+}
+
+// Start compression.
+if (!Horde_Util::nonInputVar('imp_no_compress')) {
+    Horde::compressOutput();
+}
+
+/* Some stuff that only needs to be initialized if we are authenticated. */
+// TODO: Remove once this can be autoloaded
+require_once 'Horde/Identity.php';
+
+// Initialize global $imp_imap object.
+if (!isset($GLOBALS['imp_imap'])) {
+    $GLOBALS['imp_imap'] = new IMP_Imap();
+}
+
+if ($authentication !== 'none') {
     // Initialize some message parsing variables.
     Horde_Mime::$brokenRFC2231 = !empty($GLOBALS['conf']['mailformat']['brokenrfc2231']);
 
@@ -160,15 +141,8 @@ if ($authentication !== 'none') {
     }
 }
 
-// Handle logout requests
-if (($viewmode == 'dimp') && Horde_Util::nonInputVar('dimp_logout')) {
-    Horde::redirect(str_replace('&', '&', IMP::getLogoutUrl()));
-}
-
-// Notification system.
 $notification = Horde_Notification::singleton();
-if (($viewmode == 'mimp') ||
-    (Horde_Util::nonInputVar('login_page') && $GLOBALS['browser']->isMobile())) {
+if ($viewmode == 'mimp') {
     $GLOBALS['imp_notify'] = $notification->attach('status', null, 'Horde_Notification_Listener_Mobile');
 } else {
     $GLOBALS['imp_notify'] = $notification->attach('status', array('viewmode' => $viewmode), 'IMP_Notification_Listener_Status');
@@ -182,17 +156,3 @@ $GLOBALS['imp_mbox'] = IMP::getCurrentMailboxInfo();
 
 // Initialize IMP_Search object.
 $GLOBALS['imp_search'] = new IMP_Search(array('id' => (isset($_SESSION['imp']) && IMP_Search::isSearchMbox($GLOBALS['imp_mbox']['mailbox'])) ? $GLOBALS['imp_mbox']['mailbox'] : null));
-
-if ($viewmode == 'mimp') {
-    // Mobile markup renderer.
-    $debug = Horde_Util::nonInputVar('mimp_debug');
-    $GLOBALS['mimp_render'] = new Horde_Mobile(null, $debug);
-    $GLOBALS['mimp_render']->set('debug', !empty($debug));
-} elseif (empty($_SESSION['imp']['logintasks']) &&
-          ($authentication !== 'none') &&
-          !defined('AUTH_HANDLER')) {
-    /* This captures all login tasks requests other than the IMP
-     * authentication + frameset case which needs to be handled in
-     * redirect.php. */
-    IMP_Session::loginTasks();
-}
diff --git a/imp/lib/prefs.php b/imp/lib/prefs.php
index ff61da2da..6454b7bf9 100644
--- a/imp/lib/prefs.php
+++ b/imp/lib/prefs.php
@@ -243,14 +243,10 @@ function prefs_callback()
 
 /* Make sure we have an active IMAP stream. */
 try {
-    $res = $GLOBALS['registry']->call('mail/server');
+    $GLOBALS['registry']->call('mail/server');
 } catch (Horde_Exception $e) {
-    $res = false;
-}
-
-if (!$res) {
-    header('Location: ' . Horde_Util::addParameter(Horde::applicationUrl('redirect.php'), 'url', Horde::selfUrl(true)));
-    exit;
+    // TODO: Send to login screen
+    throw $e;
 }
 
 /* Add necessary javascript files here (so they are added to the document
diff --git a/imp/login.php b/imp/login.php
deleted file mode 100644
index 9316ee6cb..000000000
--- a/imp/login.php
+++ /dev/null
@@ -1,361 +0,0 @@
-
- * @author  Michael Slusarz 
- * @package IMP
- */
-
-@define('AUTH_HANDLER', true);
-$authentication = 'none';
-$login_page = true;
-require_once dirname(__FILE__) . '/lib/base.php';
-
-/* Set the 'preferred' server. */
-$pref_server = Horde_Util::getFormData('server');
-if (!empty($pref_server)) {
-    IMP_Session::$prefServer = $pref_server;
-}
-
-/* Get an Auth object. */
-$imp_auth = (Horde_Auth::getProvider() == 'imp');
-$auth = Horde_Auth::singleton($conf['auth']['driver']);
-$logout_reason = Horde_Auth::getLogoutReason();
-
-$actionID = (Horde_Util::getFormData('action') == 'compose') ? 'login_compose' : Horde_Util::getFormData('actionID');
-$url_param = Horde_Util::getFormData('url');
-
-$load_frameset = intval($imp_auth && empty($conf['menu']['always']));
-
-/* Handle cases where we already have a session. */
-if (!empty($_SESSION['imp']) && is_array($_SESSION['imp'])) {
-    if ($logout_reason) {
-        /* Log logout requests now. */
-        if ($logout_reason == Horde_Auth::REASON_LOGOUT) {
-            IMP::loginLogMessage('logout', __FILE__, __LINE__, PEAR_LOG_NOTICE);
-        } else {
-            Horde::logMessage($_SERVER['REMOTE_ADDR'] . ' ' . Horde_Auth::getLogoutReasonString(), __FILE__, __LINE__, PEAR_LOG_NOTICE);
-        }
-
-        $language = (isset($prefs)) ? $prefs->getValue('language') : Horde_Nls::select();
-
-        unset($_SESSION['imp']);
-
-        /* Cleanup preferences. */
-        if (isset($prefs)) {
-            $prefs->cleanup($imp_auth);
-        }
-
-        if ($imp_auth) {
-            Horde_Auth::clearAuth();
-            @session_destroy();
-            $registry->setupSessionHandler();
-            @session_start();
-        }
-
-        Horde_Nls::setLang($language);
-
-        /* Hook to preselect the correct language in the widget. */
-        $_GET['new_lang'] = $language;
-
-        $registry->loadPrefs('horde');
-        $registry->loadPrefs();
-    } else {
-        if ($url_param) {
-            $url = Horde::applicationUrl('redirect.php', true);
-            $params = array('url' => $url_param);
-            $url = Horde_Util::addParameter($url, $params, null, false);
-        } else {
-            $url = IMP_Session::getInitialUrl($actionID, false);
-        }
-        header('Location: ' . $url);
-        exit;
-    }
-}
-
-/* Log session timeouts. */
-if ($logout_reason == Horde_Auth::REASON_SESSION) {
-    $entry = sprintf('Session timeout for client [%s]', $_SERVER['REMOTE_ADDR']);
-    Horde::logMessage($entry, __FILE__, __LINE__, PEAR_LOG_NOTICE);
-
-    /* Make sure everything is really cleared. */
-    Horde_Auth::clearAuth();
-    unset($_SESSION['imp']);
-}
-
-/* Redirect the user on logout if redirection is enabled. */
-if ($logout_reason == Horde_Auth::REASON_LOGOUT &&
-    (!empty($conf['user']['redirect_on_logout']) ||
-     !empty($conf['auth']['redirect_on_logout']))) {
-    if (!empty($conf['auth']['redirect_on_logout'])) {
-        $url = Horde_Auth::addLogoutParameters($conf['auth']['redirect_on_logout'], Horde_Auth::REASON_LOGOUT);
-    } else {
-        $url = Horde_Auth::addLogoutParameters($conf['user']['redirect_on_logout'], Horde_Auth::REASON_LOGOUT);
-    }
-    if (!isset($_COOKIE[session_name()])) {
-        $url = Horde_Util::addParameter($url, session_name(), session_id());
-    }
-    header('Location: ' . $url);
-    exit;
-}
-
-/* Redirect the user if an alternate login page has been specified. */
-if (!empty($conf['auth']['alternate_login'])) {
-    $url = Horde_Auth::addLogoutParameters($conf['auth']['alternate_login']);
-    if (!isset($_COOKIE[session_name()])) {
-        $url = Horde_Util::addParameter($url, session_name(), session_id(), false);
-    }
-    if ($url_param) {
-        $url = Horde_Util::addParameter($url, 'url', $url_param, false);
-    }
-    header('Location: ' . $url);
-    exit;
-} elseif (!empty($conf['user']['alternate_login'])) {
-    $url = Horde_Auth::addLogoutParameters($conf['user']['alternate_login']);
-    if (!isset($_COOKIE[session_name()])) {
-        $url = Horde_Util::addParameter($url, session_name(), session_id(), false);
-    }
-    header('Location: ' . $url);
-    exit;
-}
-
-/* Initialize the password key. If we are doing Horde auth as well,
- * make sure that the Horde auth key gets set instead. */
-Horde_Secret::setKey($imp_auth ? 'auth' : 'imp');
-
-$autologin = Horde_Util::getFormData('autologin', false);
-$server_key = Horde_Util::getFormData('server_key', IMP_Session::getAutoLoginServer());
-if (($servers = $GLOBALS['imp_imap']->loadServerConfig()) === false) {
-    $servers = array();
-}
-$used_servers = $servers;
-if ($conf['server']['server_list'] != 'shown') {
-    $used_servers = array($server_key => $servers[$server_key]);
-}
-
-if (!$logout_reason && IMP_Session::canAutoLogin($server_key, $autologin)) {
-    $url = Horde::applicationUrl('redirect.php', true);
-    $params = array('actionID' => 'login', 'autologin' => true, 'url' => $url_param);
-    if (count($used_servers) == 1) {
-        $params['server_key'] = key($used_servers);
-    }
-    $url = Horde_Util::addParameter($url, $params, null, false);
-    header('Location: ' . $url);
-    exit;
-}
-
-$title = sprintf(_("Welcome to %s"), $registry->get('name', ($imp_auth) ? 'horde' : null));
-
-if ($logout_reason) {
-    $notification->push(str_replace('
', ' ', Horde_Auth::getLogoutReasonString()), 'horde.message');
-}
-
-/* Build the  widget for the servers list. */
-    if ($show_list) {
-        $server_select = new Horde_Mobile_select('server', 'popup', _("Server:"));
-        foreach ($servers_list as $val) {
-            $server_select->add($val['name'], $val['val'], $val['sel']);
-        }
-    }
-
-    /* Build the  widget containing the available views. */
-    if (!empty($views)) {
-        $view_select = new Horde_Mobile_select('select_view', 'popup', _("Mode:"));
-        foreach ($views as $val) {
-            $view_select->add($val['name'], $val['val'], $val['sel']);
-        }
-    }
-
-    require IMP_TEMPLATES . '/login/mobile.inc';
-    exit;
-}
-
-$display_list = ($show_list && !empty($hordeauth_servers_list));
-
-/* Prepare the login template. */
-$t = new Horde_Template();
-$t->setOption('gettext', true);
-$tabindex = 0;
-
-$t->set('action', Horde::url('redirect.php', false, -1, true));
-$t->set('imp_auth', intval($imp_auth));
-$t->set('formInput', Horde_Util::formInput());
-$t->set('actionID', htmlspecialchars($actionID));
-$t->set('url', htmlspecialchars($url_param));
-$t->set('autologin', intval($autologin));
-$t->set('anchor_string', htmlspecialchars(Horde_Util::getFormData('anchor_string')));
-$t->set('server_key', (!$display_list) ? htmlspecialchars($server_key) : null);
-
-/* Do we need to do IE version detection? */
-$t->set('ie_clientcaps', (!Horde_Auth::getAuth() && ($browser->getBrowser() == 'msie') && ($browser->getMajor() >= 5)));
-
-$extra_hidden = array();
-foreach (IMP::getComposeArgs() as $arg => $value) {
-    $extra_hidden[] = array('name' => htmlspecialchars($arg), 'value' => htmlspecialchars($value));
-}
-$t->set('extra_hidden', $extra_hidden);
-
-$menu = new Horde_Menu(Horde_Menu::MASK_NONE);
-$t->set('menu', $menu->render());
-$t->set('title', sprintf(_("Welcome to %s"), $registry->get('name', ($imp_auth) ? 'horde' : null)));
-
-ob_start();
-$notification->notify(array('listeners' => 'status'));
-$t->set('notification_output', ob_get_contents());
-ob_end_clean();
-
-$t->set('display_list', $display_list);
-if ($display_list) {
-    $t->set('hsl_skey_tabindex', ++$tabindex);
-    $t->set('hsl', $hordeauth_servers_list);
-    $t->set('hsl_tabindex', ++$tabindex);
-}
-
-$t->set('server_list', ($show_list && !empty($servers_list)));
-if ($t->get('server_list')) {
-    $t->set('slist_tabindex', ++$tabindex);
-    $t->set('slist', $servers_list);
-}
-
-$t->set('username_tabindex', ++$tabindex);
-$t->set('username', htmlspecialchars(Horde_Util::getFormData('imapuser')));
-$t->set('user_vinfo', null);
-if (!empty($conf['hooks']['vinfo'])) {
-    $t->set('user_vinfo', Horde::callHook('_imp_hook_vinfo', array('vdomain'), 'imp'));
-}
-$t->set('password_tabindex', ++$tabindex);
-
-$t->set('choose_language', $choose_language);
-if ($choose_language) {
-    $t->set('langs_tabindex', ++$tabindex);
-    $t->set('langs', $langs);
-}
-
-$t->set('select_view', !empty($views));
-if ($t->get('select_view')) {
-    $t->set('view_tabindex', ++$tabindex);
-    $t->set('views', $views);
-}
-
-$t->set('login_tabindex', ++$tabindex);
-$t->set('login', _("Login"));
-
-$t->set('signup_link', false);
-if ($conf['signup']['allow'] && isset($auth) && $auth->hasCapability('add')) {
-    $t->set('signup_text', _("Don't have an account? Sign up."));
-    $t->set('signup_link', Horde::link(Horde_Util::addParameter(Horde::url($registry->get('webroot', 'horde') . '/signup.php'), 'url', $url_param), $t->get('signup_text'), 'light'));
-}
-
-$login_page = true;
-Horde::addScriptFile('prototype.js', 'horde', true);
-Horde::addScriptFile('login.js', 'imp', true);
-require IMP_TEMPLATES . '/common-header.inc';
-
-$charset = Horde_Nls::getCharset();
-$login_params = $autologin
-    ? array('autologin' => $autologin, 'server_key' => '')
-    : array('server_key' => '');
-
-Horde::addInlineScript(array(
-    'ImpLogin.autologin_url = ' . Horde_Serialize::serialize(Horde_Util::addParameter(Horde::selfUrl(), $login_params, null, false), Horde_Serialize::JSON, $charset),
-    'ImpLogin.ie_clientcaps = ' . intval($t->get('ie_clientcaps')),
-    'ImpLogin.imp_auth = ' . intval($imp_auth),
-    'ImpLogin.lang_url = ' . Horde_Serialize::serialize($lang_url, Horde_Serialize::JSON, $charset),
-    'ImpLogin.nomenu = ' . $load_frameset,
-    'ImpLogin.reloadmenu = ' . intval($logout_reason && $load_frameset),
-    'ImpLogin.show_list = ' . intval($show_list),
-    'ImpLogin.dimp_sel = ' . intval($dimp_sel),
-));
-
-echo $t->fetch(IMP_TEMPLATES . '/login/login.html');
-
-try {
-    Horde::loadConfiguration('motd.php', null, null, true);
-} catch (Horde_Exception $e) {}
-require $registry->get('templates', 'horde') . '/common-footer.inc';
diff --git a/imp/mailbox-mimp.php b/imp/mailbox-mimp.php
index da836afcd..675ab8b8e 100644
--- a/imp/mailbox-mimp.php
+++ b/imp/mailbox-mimp.php
@@ -69,6 +69,7 @@ if ($pageOb['page'] != $pageOb['pagecount']) {
 
 /* Generate mailbox summary string. */
 $title = IMP::getLabel($imp_mbox['mailbox']);
+$mimp_render = new Horde_Mobile();
 $mimp_render->set('title', $title);
 if ($pageOb['msgcount']) {
     $msgcount = $pageOb['msgcount'];
diff --git a/imp/mailbox.php b/imp/mailbox.php
index 2775dc276..fbb2765af 100644
--- a/imp/mailbox.php
+++ b/imp/mailbox.php
@@ -205,10 +205,6 @@ case 'view_messages':
     $redirect = Horde_Util::addParameter(IMP::generateIMPUrl('thread.php', $imp_mbox['mailbox'], null, null, false), array('mode' => 'msgview', 'msglist' => $GLOBALS['imp_imap']->ob->utils->toSequenceString(IMP::parseIndicesList($indices), array('mailbox' => true))), null, false);
     header('Location: ' . $redirect);
     exit;
-
-case 'login_compose':
-    $open_compose_window = IMP::openComposeWin();
-    break;
 }
 
 /* Token to use in requests */
diff --git a/imp/message-mimp.php b/imp/message-mimp.php
index f96f2fbb5..1bca22537 100644
--- a/imp/message-mimp.php
+++ b/imp/message-mimp.php
@@ -127,6 +127,9 @@ $msgcount = $imp_mailbox->getMessageCount();
 $mailbox_link = Horde_Util::addParameter(IMP::generateIMPUrl('mailbox-mimp.php', $imp_mbox['mailbox']), array('s' => $msgindex));
 $self_link = IMP::generateIMPUrl('message-mimp.php', $imp_mbox['mailbox'], $index, $mailbox_name);
 
+/* Init render object. */
+$mimp_render = new Horde_Mobile();
+
 /* Output download confirmation screen. */
 $atc_id = Horde_Util::getFormData('atc');
 if (($actionID == 'c') && !is_null($atc_id)) {
diff --git a/imp/redirect.php b/imp/redirect.php
deleted file mode 100644
index 546aa6c8b..000000000
--- a/imp/redirect.php
+++ /dev/null
@@ -1,172 +0,0 @@
-
- * @package IMP
- */
-
-function _framesetUrl($url)
-{
-    if (!empty($conf['menu']['always']) ||
-        $GLOBALS['prefs']->getValue('show_sidebar')) {
-        $url = Horde_Util::addParameter(Horde::applicationUrl($GLOBALS['registry']->get('webroot', 'horde') . '/index.php', true), array('url' => _addAnchor($url, 'param')), null, false);
-
-        /* Need to do a loginTasks check here because we must display login
-         * tasks before frameset is loaded. */
-        IMP_Session::loginTasks($url);
-    }
-
-    return $url;
-}
-
-function _newSessionUrl($actionID)
-{
-    $url = '';
-    $addActionID = true;
-
-    if ($GLOBALS['url_in']) {
-        $url = Horde::url(Horde_Util::removeParameter($GLOBALS['url_in'], session_name()), true);
-    } elseif (Horde_Auth::getProvider() == 'imp') {
-        $url = Horde::applicationUrl($GLOBALS['registry']->get('webroot', 'horde') . '/', true);
-
-        /* Force the initial page to IMP if we're logging in to compose a
-         * message. */
-        if ($actionID == 'login_compose') {
-            $url = Horde_Util::addParameter($url, 'url', _addAnchor(IMP_Session::getInitialUrl($actionID, false), 'param'));
-            $addActionID = false;
-        }
-    } else {
-        $url = IMP_Session::getInitialUrl($actionID, false);
-        if ($GLOBALS['isLogin']) {
-            /* Don't show popup window in initial page. */
-            $url = Horde_Util::addParameter($url, 'no_newmail_popup', 1, false);
-        }
-    }
-
-    if ($addActionID && $actionID) {
-        /* Preserve the actionID. */
-        $url = Horde_Util::addParameter($url, 'actionID', $actionID, false);
-    }
-
-    return $url;
-}
-
-function _redirect($url)
-{
-    Horde::redirect(_addAnchor($url, 'url'));
-}
-
-/* Add anchor to outgoing URL. */
-function _addAnchor($url, $type)
-{
-    switch ($type) {
-    case 'param':
-        if (!empty($GLOBALS['url_anchor'])) {
-            $url .= '#' . $GLOBALS['url_anchor'];
-        }
-        break;
-
-    case 'url':
-        $anchor = Horde_Util::getFormData('anchor_string');
-        if (!empty($anchor)) {
-            $url .= '#' . $anchor;
-        } else {
-            return _addAnchor($url, 'param');
-        }
-        break;
-    }
-
-    return $url;
-}
-
-@define('AUTH_HANDLER', true);
-$authentication = 'none';
-require_once dirname(__FILE__) . '/lib/base.php';
-
-$actionID = (Horde_Util::getFormData('action') == 'compose') ? 'login_compose' : Horde_Util::getFormData('actionID');
-$autologin = Horde_Util::getFormData('autologin');
-$imapuser = Horde_Util::getPost('imapuser');
-$pass = Horde_Util::getPost('pass');
-if (!empty($autologin)) {
-    $imapuser = IMP_Session::canAutoLogin();
-    $pass = Horde_Auth::getCredential('password');
-}
-$isLogin = empty($_SESSION['imp']['logintasks']);
-
-/* Get URL/Anchor strings now. */
-$url_anchor = null;
-$url_in = $url_form = Horde_Util::getFormData('url');
-if (($pos = strrpos($url_in, '#')) !== false) {
-    $url_anchor = substr($url_in, $pos + 1);
-    $url_in = substr($url_in, 0, $pos);
-}
-
-/* If we already have a session: */
-if (isset($_SESSION['imp']) && is_array($_SESSION['imp'])) {
-    /* Make sure that if a username was specified, it is the current
-     * username. */
-    if ((!is_null($imapuser) && ($imapuser != $_SESSION['imp']['user'])) ||
-        (!is_null($pass) && ($pass != $GLOBALS['imp_imap']->ob->getParam('password')))) {
-        /* Disable the old session. */
-        unset($_SESSION['imp']);
-        _redirect(IMP::getLogoutUrl(Horde_Auth::REASON_FAILED, true));
-    }
-
-    $url = $url_in;
-    if (empty($url_in)) {
-        $url = IMP_Session::getInitialUrl($actionID, false);
-    } elseif (!empty($actionID)) {
-        $url = Horde_Util::addParameter($url_in, 'actionID', $actionID, false);
-    }
-
-    /* Don't show popup window in initial page. */
-    if ($isLogin) {
-        $url = Horde_Util::addParameter($url, 'no_newmail_popup', 1, false);
-    }
-
-    _redirect(_framesetUrl($url));
-}
-
-/* Create a new session if we're given the proper parameters. */
-if (!is_null($imapuser) && !is_null($pass)) {
-    if (Horde_Auth::getProvider() == 'imp') {
-        /* Destroy any existing session on login and make sure to use a new
-         * session ID, to avoid session fixation issues. */
-        $registry->getCleanSession();
-    }
-
-    if (IMP_Session::createSession($imapuser, $pass, Horde_Util::getFormData('server_key', IMP_Session::getAutoLoginServer()))) {
-        $ie_version = Horde_Util::getFormData('ie_version');
-        if ($ie_version) {
-            $browser->setIEVersion($ie_version);
-        }
-
-        if (($horde_language = Horde_Util::getFormData('new_lang'))) {
-            $_SESSION['horde_language'] = $horde_language;
-        }
-
-        $view = empty($conf['user']['select_view'])
-            ? (empty($conf['user']['force_view']) ? 'imp' : $conf['user']['force_view'])
-            : Horde_Util::getFormData('select_view', 'imp');
-
-        setcookie('default_imp_view', $view, time() + 30 * 86400,
-                  $conf['cookie']['path'],
-                  $conf['cookie']['domain']);
-        $_SESSION['imp']['view'] = $view;
-
-        if (!empty($conf['hooks']['postlogin'])) {
-            Horde::callHook('_imp_hook_postlogin', array($actionID, $isLogin), 'imp');
-        }
-
-        _redirect(_framesetUrl(_newSessionUrl($actionID)));
-    }
-
-    _redirect(IMP::getLogoutUrl(null, true));
-}
-
-/* No session, and no login attempt. Just go to the login page. */
-require IMP_BASE . '/login.php';
diff --git a/imp/rss.php b/imp/rss.php
index 9a9b512e9..d899b554a 100644
--- a/imp/rss.php
+++ b/imp/rss.php
@@ -9,14 +9,11 @@
  * @package IMP
  */
 
-$authentication = 'none';
-@define('AUTH_HANDLER', true);
-require_once dirname(__FILE__) . '/lib/base.php';
-
-$auth = Horde_Auth::singleton($conf['auth']['driver']);
-if ((!Horde_Auth::getAuth() || !IMP::checkAuthentication(true)) &&
-    (!isset($_SERVER['PHP_AUTH_USER']) ||
-     !$auth->authenticate($_SERVER['PHP_AUTH_USER'], array('password' => isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : null)))) {
+$imp_authentication = 'throw';
+try {
+    require_once dirname(__FILE__) . '/lib/base.php';
+} catch (Horde_Exception $e) {
+    //!$auth->authenticate($_SERVER['PHP_AUTH_USER'], array('password' => isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : null)))) {
     header('WWW-Authenticate: Basic realm="IMP RSS Interface"');
     header('HTTP/1.0 401 Unauthorized');
     echo '401 Unauthorized';
diff --git a/imp/scripts/Imp.reg b/imp/scripts/Imp.reg
deleted file mode 100644
index a730da1bd..000000000
--- a/imp/scripts/Imp.reg
+++ /dev/null
@@ -1,28 +0,0 @@
-REGEDIT4
-
-[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Mail]
-@="Imp"
-
-[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Mail\Imp]
-@="IMP"
-
-[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Mail\Imp\Protocols]
-
-[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Mail\Imp\Protocols\mailto]
-"EditFlags"=hex:02,00,00,00
-"URL Protocol"=""
-@="URL:MailTo Protocol"
-
-[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Mail\Imp\Protocols\mailto\shell]
-
-[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Mail\Imp\Protocols\mailto\shell\open]
-
-[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Mail\Imp\Protocols\mailto\shell\open\command]
-@="Rundll32.exe Url.dll,FileProtocolHandler webmail.example.com/horde/imp/?actionID=login_compose&to=%L"
-
-[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Mail\Imp\shell]
-
-[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Mail\Imp\shell\open]
-
-[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Mail\Imp\shell\open\command]
-@="Rundll32.exe Url.dll,FileProtocolHandler webmail.example.com/horde/imp"
diff --git a/imp/scripts/custom_login.php b/imp/scripts/custom_login.php
deleted file mode 100644
index d22d6b9c8..000000000
--- a/imp/scripts/custom_login.php
+++ /dev/null
@@ -1,24 +0,0 @@
-get('initial_page','horde');
-
-?>
-
-
-

-User: 

-Pass: 

-
-
-

diff --git a/imp/stationery.php b/imp/stationery.php
index e05c19de6..f70c85c56 100644
--- a/imp/stationery.php
+++ b/imp/stationery.php
@@ -9,7 +9,7 @@
  * @package IMP
  */
 
-$authentication = 'horde';
+$imp_authentication = 'horde';
 require_once dirname(__FILE__) . '/lib/base.php';
 require_once 'Horde/Prefs/UI.php';
 
diff --git a/imp/templates/folders/folders-mimp.inc b/imp/templates/folders/folders-mimp.inc
index 47be0f376..37a447be9 100644
--- a/imp/templates/folders/folders-mimp.inc
+++ b/imp/templates/folders/folders-mimp.inc
@@ -1,5 +1,6 @@
 set('title', $title);
 $c = &$mimp_render->add(new Horde_Mobile_card('m', $title));
 $c->softkey('#o', _("Menu"));
diff --git a/imp/templates/javascript_defs_dimp.php b/imp/templates/javascript_defs_dimp.php
index 6dbc75fe6..742b27a2e 100644
--- a/imp/templates/javascript_defs_dimp.php
+++ b/imp/templates/javascript_defs_dimp.php
@@ -17,7 +17,7 @@ foreach (DIMP::menuList() as $app) {
     $app_urls[$app] = Horde::url($GLOBALS['registry']->getInitialPage($app), true);
 }
 
-require IMP_BASE . '/config/portal.php';
+include IMP_BASE . '/config/portal.php';
 foreach ($dimp_block_list as $block) {
     if ($block['ob'] instanceof Horde_Block) {
         $app = $block['ob']->getApp();
@@ -49,7 +49,7 @@ $code['conf'] = array_filter(array(
     'URI_MESSAGE' => Horde::applicationUrl('message-dimp.php'),
     'URI_PREFS' => Horde::url($horde_webroot . '/services/prefs/', true, -1),
     'URI_PREFS_IMP' => str_replace('&', '&', Horde_Util::addParameter(Horde::getServiceLink('options', 'imp'), array('nomenu' => 1))),
-    'URI_TIMEOUT' => Horde_Auth::addLogoutParameters($horde_webroot . '/login.php', Horde_Auth::REASON_SESSION),
+    'URI_TIMEOUT' => Horde_Auth::getLogoutUrl(array('reason' => Horde_Auth::REASON_SESSION)),
     'URI_VIEW' => Horde::applicationUrl('view.php', true, -1),
 
     'SESSION_ID' => defined('SID') ? SID : '',
diff --git a/imp/templates/login/login.html b/imp/templates/login/login.html
deleted file mode 100644
index 8f1cae515..000000000
--- a/imp/templates/login/login.html
+++ /dev/null
@@ -1,116 +0,0 @@
-
 target="_parent">
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- 
-  
- 
-

-   
-
-    
-     
-     
-    
-
-
-
-    
-     
-     
-    
-
-
-    
-     
-     
-    
-
-    
-     
-     
-    
-
-
-    
-     
-     
-    
-
-
-
-    
-     
-     
-    
-
-
-    
-     
-     
-    
-
-
-    
-     
-     
-    
-
-   

-      
-      
-     

-      
-     

-       @
-     

-      
-     

-      
-     

-      
-     
 
-      
-     
 
-      
-     

-  

-
diff --git a/imp/templates/login/mobile.inc b/imp/templates/login/mobile.inc
deleted file mode 100644
index 88afcc9ce..000000000
--- a/imp/templates/login/mobile.inc
+++ /dev/null
@@ -1,48 +0,0 @@
-add(new Horde_Mobile_card());
-
-$imp_notify->setMobileObject($c);
-
-$c->add(new Horde_Mobile_text(sprintf(_("Welcome to %s"), ($imp_auth) ? $registry->get('name',' horde') : $registry->get('name'))));
-
-$f = &$c->add(new Horde_Mobile_form(Horde::applicationUrl('redirect.php', false, -1)));
-$f->add(new Horde_Mobile_input('imapuser', htmlspecialchars(Horde_Util::getFormData('imapuser')), _("Username: ")));
-
-// Add a password input, and set the type accordingly.
-$p = &$f->add(new Horde_Mobile_input('pass', '', _("Password: ")));
-$p->set('type', 'password');
-
-if (!empty($server_select)) {
-    $f->add($server_select);
-}
-
-if (!empty($protocol_select)) {
-    $f->add($protocol_select);
-}
-
-if (!empty($lang_select)) {
-    $f->add($lang_select);
-}
-
-if (!empty($view_select)) {
-    $f->add($view_select);
-}
-
-// Submit button.
-$f->add(new Horde_Mobile_submit(_("Log in")));
-
-if (!empty($actionID)) {
-    $f->add(new Horde_Mobile_hidden('actionID', $actionID));
-}
-if (!empty($url_param)) {
-    $f->add(new Horde_Mobile_hidden('url', $url_param));
-}
-
-// Add the form to the page.
-$m->add($f);
-
-// Display everything.
-$m->display();
diff --git a/imp/templates/mailbox/mailbox-mimp.inc b/imp/templates/mailbox/mailbox-mimp.inc
index 50d9efdc3..b668cba56 100644
--- a/imp/templates/mailbox/mailbox-mimp.inc
+++ b/imp/templates/mailbox/mailbox-mimp.inc
@@ -11,6 +11,7 @@ if ($readonly) {
     $title .= ' [' . _("Read-Only") . ']';
 }
 
+$mimp_render = new Horde_Mobile();
 $c = &$mimp_render->add(new Horde_Mobile_card('m', $title));
 $c->softkey('#o', _("Menu"));
 
diff --git a/imp/view.php b/imp/view.php
index 6bbe31b79..fda54e85f 100644
--- a/imp/view.php
+++ b/imp/view.php
@@ -48,10 +48,10 @@ function _fullMessageTextLength($ob)
 /* Don't compress if we are already sending in compressed format. */
 if ((isset($_GET['actionID']) && ($_GET['actionID'] == 'download_all')) ||
     !empty($_GET['zip'])) {
-    $no_compress = true;
+    $imp_no_compress = true;
 }
 
-$session_control = 'readonly';
+$imp_session_control = 'readonly';
 require_once dirname(__FILE__) . '/lib/base.php';
 
 $actionID = Horde_Util::getFormData('actionID');
diff --git a/ingo/lib/base.php b/ingo/lib/base.php
index 7b9ed3787..791bc27c2 100644
--- a/ingo/lib/base.php
+++ b/ingo/lib/base.php
@@ -23,10 +23,7 @@ $registry = Horde_Registry::singleton();
 try {
     $registry->pushApp('ingo', !defined('AUTH_HANDLER'));
 } catch (Horde_Exception $e) {
-    if ($e->getCode() == 'permission_denied') {
-        Horde::authenticationFailureRedirect();
-    }
-    throw $e;
+    Horde_Auth::authenticationFailureRedirect('ingo', $e);
 }
 $conf = &$GLOBALS['conf'];
 
@@ -38,11 +35,6 @@ if (!defined('INGO_TEMPLATES')) {
 $notification = Horde_Notification::singleton();
 $notification->attach('status');
 
-// Redirect the user to the Horde login page if they haven't authenticated.
-if (!Horde_Auth::isAuthenticated() && !defined('AUTH_HANDLER')) {
-    Horde::authenticationFailureRedirect();
-}
-
 // Start compression.
 Horde::compressOutput();
 
diff --git a/jeta/lib/base.php b/jeta/lib/base.php
index 6f855fba4..b4f48aba2 100644
--- a/jeta/lib/base.php
+++ b/jeta/lib/base.php
@@ -22,10 +22,7 @@ $registry = Horde_Registry::singleton();
 try {
     $registry->pushApp('jeta', !defined('AUTH_HANDLER'));
 } catch (Horde_Exception $e) {
-    if ($e->getCode() == 'permission_denied') {
-        Horde::authenticationFailureRedirect();
-    }
-    throw $e;
+    Horde_Auth::authenticationFailureRedirect('jeta', $e);
 }
 
 $conf = &$GLOBALS['conf'];
diff --git a/kastalia/download.php b/kastalia/download.php
index 72ab0f47d..67cc36917 100755
--- a/kastalia/download.php
+++ b/kastalia/download.php
@@ -34,10 +34,7 @@ $registry = Horde_Registry::singleton();
 try {
     $registry->pushApp('kastalia', !defined('AUTH_HANDLER'));
 } catch (Horde_Exception $e) {
-    if ($e->getCode() == 'permission_denied') {
-        Horde::authenticationFailureRedirect();
-    }
-    throw $e;
+    Horde_Auth::authenticationFailureRedirect('kastalia', $e);
 }
 //###################  ###################
 
diff --git a/kastalia/lib/base.php b/kastalia/lib/base.php
index 52e3596ad..666fc9e2b 100755
--- a/kastalia/lib/base.php
+++ b/kastalia/lib/base.php
@@ -24,23 +24,17 @@ $registry = Horde_Registry::singleton();
 try {
     $registry->pushApp('kastalia', !defined('AUTH_HANDLER'));
 } catch (Horde_Exception $e) {
-    if ($e->getCode() == 'permission_denied') {
-        Horde::authenticationFailureRedirect();
-    }
-    throw $e;
+    Horde_Auth::authenticationFailureRedirect('kastalia', $e);
 }
 $conf = &$GLOBALS['conf'];
 @define('KASTALIA_TEMPLATES', $registry->get('templates'));
 
 // Notification system.
-$notification = &Horde_Notification::singleton();
+$notification = Horde_Notification::singleton();
 $notification->attach('status');
 
 // Define the base file path of Kastalia.
 @define('KASTALIA_BASE', dirname(__FILE__) . '/..');
 
-// Kastalia base library
-require_once KASTALIA_BASE . '/lib/Kastalia.php';
-
 // Start output compression.
 Horde::compressOutput();
diff --git a/kronolith/lib/base.php b/kronolith/lib/base.php
index 580311f21..80bb034da 100644
--- a/kronolith/lib/base.php
+++ b/kronolith/lib/base.php
@@ -31,10 +31,7 @@ if ($session_control == 'none') {
 try {
     $registry->pushApp('kronolith', !defined('AUTH_HANDLER'));
 } catch (Horde_Exception $e) {
-    if ($e->getCode() == 'permission_denied') {
-        Horde::authenticationFailureRedirect();
-    }
-    throw $e;
+    Horde_Auth::authenticationFailureRedirect('kronolith', $e);
 }
 $conf = &$GLOBALS['conf'];
 define('KRONOLITH_TEMPLATES', $registry->get('templates'));
diff --git a/news/add.php b/news/add.php
index b4d75975a..9a205dfc7 100644
--- a/news/add.php
+++ b/news/add.php
@@ -90,7 +90,7 @@ function _max_upload_size()
 // Is logged it?
 if (!Horde_Auth::isAuthenticated()) {
     $notification->push(_("Only authenticated users can post news."), 'horde.warning');
-    Horde::authenticationFailureRedirect();
+    Horde_Auth::authenticationFailureRedirect('news');
 }
 
 // Default vars
diff --git a/news/admin/tabs.php b/news/admin/tabs.php
index 6c241d5f8..8002fe1ab 100644
--- a/news/admin/tabs.php
+++ b/news/admin/tabs.php
@@ -13,7 +13,7 @@
 /* Only admin should be using this. */
 if (!Horde_Auth::isAdmin('news:admin')) {
     $notification->push(_("You are not authorised for this action."), 'horde.warning');
-    Horde::authenticationFailureRedirect();
+    Horde_Auth::authenticationFailureRedirect('news');
 }
 
 $vars = Horde_Variables::getDefaultVariables();
diff --git a/news/lib/base.php b/news/lib/base.php
index a046d63f4..eef0caef2 100644
--- a/news/lib/base.php
+++ b/news/lib/base.php
@@ -27,16 +27,13 @@ $registry = Horde_Registry::singleton();
 try {
     $registry->pushApp('news', !defined('AUTH_HANDLER'));
 } catch (Horde_Exception $e) {
-    if ($e->getCode() == 'permission_denied') {
-        Horde::authenticationFailureRedirect();
-    }
-    throw $e;
+    Horde_Auth::authenticationFailureRedirect('news', $e);
 }
 $conf = &$GLOBALS['conf'];
 define('NEWS_TEMPLATES', $registry->get('templates'));
 
 // Notification system.
-$notification = &Horde_Notification::singleton();
+$notification = Horde_Notification::singleton();
 $notification->attach('status');
 
 // Define the base file path of News.
@@ -45,8 +42,8 @@ if (!defined('NEWS_BASE')) {
 }
 
 // Cache
-$GLOBALS['cache'] = &Horde_Cache::singleton($GLOBALS['conf']['cache']['driver'],
-                                            Horde::getDriverConfig('cache', $GLOBALS['conf']['cache']['driver']));
+$GLOBALS['cache'] = Horde_Cache::singleton($GLOBALS['conf']['cache']['driver'],
+                                           Horde::getDriverConfig('cache', $GLOBALS['conf']['cache']['driver']));
 
 // Set up News drivers.
 $GLOBALS['news'] = News_Driver::factory();
diff --git a/news/reads.php b/news/reads.php
index 50f5eb2f9..859b8a6aa 100644
--- a/news/reads.php
+++ b/news/reads.php
@@ -14,7 +14,7 @@
 require_once dirname(__FILE__) . '/lib/base.php';
 
 if (!Horde_Auth::isAuthenticated()) {
-    Horde::authenticationFailureRedirect();
+    Horde_Auth::authenticationFailureRedirect('news');
 }
 
 $id = Horde_Util::getFormData('id', 0);
diff --git a/skoli/lib/base.php b/skoli/lib/base.php
index 1405fa07a..fc2a74487 100644
--- a/skoli/lib/base.php
+++ b/skoli/lib/base.php
@@ -22,10 +22,7 @@ $registry = Horde_Registry::singleton();
 try {
     $registry->pushApp('skoli', !defined('AUTH_HANDLER'));
 } catch (Horde_Exception $e) {
-    if ($e->getCode() == 'permission_denied') {
-        Horde::authenticationFailureRedirect();
-    }
-    throw $e;
+    Horde_Auth::authenticationFailureRedirect('skoli', $e);
 }
 $conf = &$GLOBALS['conf'];
 @define('SKOLI_TEMPLATES', $registry->get('templates'));
diff --git a/timeobjects/lib/base.php b/timeobjects/lib/base.php
index 28b3be95d..aa96b6a72 100644
--- a/timeobjects/lib/base.php
+++ b/timeobjects/lib/base.php
@@ -33,10 +33,7 @@ if ($session_control == 'none') {
 try {
     $registry->pushApp('timeobjects', !defined('AUTH_HANDLER'));
 } catch (Horde_Exception $e) {
-    if ($e->getCode() == 'permission_denied') {
-        Horde::authenticationFailureRedirect();
-    }
-    throw $e;
+    Horde_Auth::authenticationFailureRedirect('timeobjects', $e);
 }
 
 if (!defined('TIMEOBJECTS_BASE')) {
diff --git a/turba/lib/base.php b/turba/lib/base.php
index b0091157e..9135f8b47 100644
--- a/turba/lib/base.php
+++ b/turba/lib/base.php
@@ -9,7 +9,6 @@
  * need, and sets up objects that all scripts use.
  */
 
-
 // Determine BASE directories.
 require_once dirname(__FILE__) . '/base.load.php';
 
@@ -21,10 +20,7 @@ $registry = Horde_Registry::singleton();
 try {
     $registry->pushApp('turba', !defined('AUTH_HANDLER'));
 } catch (Horde_Exception $e) {
-    if ($e->getCode() == 'permission_denied') {
-        Horde::authenticationFailureRedirect();
-    }
-    throw $e;
+    Horde_Auth::authenticationFailureRedirect('turba', $e);
 }
 $conf = $GLOBALS['conf'];
 define('TURBA_TEMPLATES', $registry->get('templates'));