the-djmaze/snappymail
1
1
Fork 0
mirror of https://github.com/the-djmaze/snappymail.git synced 2024-09-20 15:45:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

Changed: use hash_hmac() instead of MailSo\Base\Utils::Hmac()

Browse source 
Renamed: PrepearFetchSequence() to PrepareFetchSequence()
Removed: StripSlashesValue() because PHP7 has no magic_quotes_gpc
This commit is contained in:
djmaze 2020-03-18 01:26:40 +01:00
parent 23e9964997
commit 9bb44e7f98
7 changed files with 19 additions and 128 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
rainloop/v/0.0.0/app/libraries/MailSo/Base/Http.php
View file

@ -59,14 +59,14 @@ class Http
*
* @return mixed
*/
public function GetQuery(string $sKey, $mDefault = null, bool $bClearPercZeroZero = true)
public function GetQuery(string $sKey, $mDefault = null)
{
return isset($_GET[$sKey]) ? \MailSo\Base\Utils::StripSlashesValue($_GET[$sKey], $bClearPercZeroZero) : $mDefault;
return isset($_GET[$sKey]) ? $_GET[$sKey] : $mDefault;
}
public function GetQueryAsArray() : ?array
{
return isset($_GET) && \is_array($_GET) ? \MailSo\Base\Utils::StripSlashesValue($_GET, true) : null;
return isset($_GET) && \is_array($_GET) ? $_GET : null;
}
public function HasPost(string $sKey) : bool
@ -79,14 +79,14 @@ class Http
*
* @return mixed
*/
public function GetPost(string $sKey, $mDefault = null, bool $bClearPercZeroZero = false)
public function GetPost(string $sKey, $mDefault = null)
{
return isset($_POST[$sKey]) ? \MailSo\Base\Utils::StripSlashesValue($_POST[$sKey], $bClearPercZeroZero) : $mDefault;
return isset($_POST[$sKey]) ? $_POST[$sKey] : $mDefault;
}
public function GetPostAsArray() : ?array
{
return isset($_POST) && \is_array($_POST) ? \MailSo\Base\Utils::StripSlashesValue($_POST, false) : null;
return isset($_POST) && \is_array($_POST) ? $_POST : null;
}
public function HasRequest(string $sKey) : bool
@ -101,7 +101,7 @@ class Http
*/
public function GetRequest(string $sKey, $mDefault = null)
{
return isset($_REQUEST[$sKey]) ? \MailSo\Base\Utils::StripSlashesValue($_REQUEST[$sKey]) : $mDefault;
return isset($_REQUEST[$sKey]) ? $_REQUEST[$sKey] : $mDefault;
}
public function HasServer(string $sKey) : bool

111
rainloop/v/0.0.0/app/libraries/MailSo/Base/Utils.php
View file

@ -627,33 +627,6 @@ END;
return $sValue;
}
/**
* @unused
*
*
*/
public static function EncodeHeaderValue(string $sEncodeType, string $sEncodeCharset, string $sValue) : string
{
$sValue = \trim($sValue);
if (0 < \strlen($sValue) && !static::IsAscii($sValue))
{
switch (\strtoupper($sEncodeType))
{
case 'B':
$sValue = '=?'.\strtolower($sEncodeCharset).'?B?'.\base64_encode($sValue).'?=';
break;
case 'Q':
$sValue = '=?'.\strtolower($sEncodeCharset).'?Q?'.\str_replace(
array('?', ' ', '_'), array('=3F', '_', '=5F'),
\quoted_printable_encode($sValue)).'?=';
break;
}
}
return \trim($sValue);
}
public static function AttributeRfc2231Encode(string $sAttrName, string $sValue, string $sCharset = 'utf-8', string $sLang = '', int $iLen = 1000) : string
{
$sValue = \strtoupper($sCharset).'\''.$sLang.'\''.
@ -995,8 +968,6 @@ END;
/**
* @staticvar bool $bValidateAction
*
*
*/
public static function ResetTimeLimit(int $iTimeToReset = 15, int $iTimeToAdd = 120) : bool
{
@ -1322,16 +1293,6 @@ END;
return $sUtfString;
}
public static function IsRTL(string $sUtfString) : bool
{
// \x{0591}-\x{05F4} - Hebrew
// \x{0600}-\x{068F} - Arabic
// \x{0750}-\x{077F} - Arabic
// \x{08A0}-\x{08FF} - Arabic
// \x{103A0}-\x{103DF} - Old Persian
return 0 < (int) preg_match('/[\x{0591}-\x{05F4}\x{0600}-\x{068F}\x{0750}-\x{077F}\x{08A0}-\x{08FF}\x{103A0}-\x{103DF}]/u', $sUtfString);
}
public static function Base64Decode(string $sString) : string
{
$sResultString = \base64_decode($sString, true);
@ -1400,7 +1361,7 @@ END;
return $aResult;
}
public static function PrepearFetchSequence(array $aSequence) : string
public static function PrepareFetchSequence(array $aSequence) : string
{
$aResult = array();
if (\is_array($aSequence) && 0 < \count($aSequence))
@ -1869,44 +1830,6 @@ END;
return \str_replace('%00', '', $mValue);
}
/**
* @param mixed $mValue
*
* @return mixed
*/
public static function StripSlashesValue($mValue, bool $bClearNullBite = false)
{
static $bIsMagicQuotesOn = null;
if (null === $bIsMagicQuotesOn)
{
$bIsMagicQuotesOn = (bool) @\ini_get('magic_quotes_gpc');
}
if (!$bIsMagicQuotesOn)
{
return $bClearNullBite && \is_string($mValue) ? static::ClearNullBite($mValue) : $mValue;
}
$sType = \gettype($mValue);
if ('string' === $sType)
{
return \stripslashes($bClearNullBite ? static::ClearNullBite($mValue) : $mValue);
}
else if ('array' === $sType)
{
$aReturnValue = array();
$mValueKeys = \array_keys($mValue);
foreach ($mValueKeys as $sKey)
{
$aReturnValue[$sKey] = static::StripSlashesValue($mValue[$sKey], $bClearNullBite);
}
return $aReturnValue;
}
return $mValue;
}
public static function CharsetDetect(string $sStr) : string
{
$mResult = '';
@ -1930,26 +1853,6 @@ END;
\sha1($sAdditionalSalt).\rand(10000, 99999).\microtime(true));
}
public static function Hmac(string $sData, string $sKey) : string
{
if (\function_exists('hash_hmac'))
{
return \hash_hmac('md5', $sData, $sKey);
}
$iLen = 64;
if ($iLen < \strlen($sKey))
{
$sKey = \pack('H*', \md5($sKey));
}
$sKey = \str_pad($sKey, $iLen, \chr(0x00));
$sIpad = \str_pad('', $iLen, \chr(0x36));
$sOpad = \str_pad('', $iLen, \chr(0x5c));
return \md5(($sKey ^ $sOpad).\pack('H*', \md5(($sKey ^ $sIpad).$sData)));
}
public static function ValidateDomain(string $sDomain, bool $bSimple = false) : bool
{
$aMatch = array();
@ -2039,16 +1942,4 @@ END;
\bin2hex(\MailSo\Base\Crypt::XxteaEncrypt('id:'.$iID, \md5($sSalt))) : null
;
}
public static function PasswordWeaknessCheck(string $sPassword) : bool
{
$sPassword = \trim($sPassword);
if (6 > \strlen($sPassword))
{
return false;
}
$sLine = 'password 123.456 12345678 abc123 qwerty monkey letmein dragon 111.111 baseball iloveyou trustno1 1234567 sunshine master 123.123 welcome shadow ashley football jesus michael ninja mustang password1 123456 123456789 qwerty 111111 1234567 666666 12345678 7777777 123321 654321 1234567890 123123 555555 vkontakte gfhjkm 159753 777777 temppassword qazwsx 1q2w3e 1234 112233 121212 qwertyuiop qq18ww899 987654321 12345 zxcvbn zxcvbnm 999999 samsung ghbdtn 1q2w3e4r 1111111 123654 159357 131313 qazwsxedc 123qwe 222222 asdfgh 333333 9379992 asdfghjkl 4815162342 12344321 88888888 11111111 knopka 789456 qwertyu 1q2w3e4r5t iloveyou vfhbyf marina password qweasdzxc 10203 987654 yfnfif cjkysirj nikita 888888 vfrcbv k.,jdm qwertyuiop[] qwe123 qweasd natasha 123123123 fylhtq q1w2e3 stalker 1111111111 q1w2e3r4 nastya 147258369 147258 fyfcnfcbz 1234554321 1qaz2wsx andrey 111222 147852 genius sergey 7654321 232323 123789 fktrcfylh spartak admin test 123 azerty abc123 lol123 easytocrack1 hello saravn holysh!t test123 tundra_cool2 456 dragon thomas killer root 1111 pass master aaaaaa a monkey daniel asdasd e10adc3949ba59abbe56e057f20f883e changeme computer jessica letmein mirage loulou lol superman shadow admin123 secret administrator sophie kikugalanetroot doudou liverpool hallo sunshine charlie parola 100827092 michael andrew password1 fuckyou matrix cjmasterinf internet hallo123 eminem demo gewinner pokemon abcd1234 guest ngockhoa martin sandra asdf hejsan george qweqwe lollipop lovers q1q1q1 tecktonik naruto 12 password12 password123 password1234 password12345 password123456 password1234567 password12345678 password123456789 000000 maximius 123abc baseball1 football1 soccer princess slipknot 11111 nokia super star 666999 12341234 1234321 135790 159951 212121 zzzzzz 121314 134679 142536 19921992 753951 7007 1111114 124578 19951995 258456 qwaszx zaqwsx 55555 77777 54321 qwert 22222 33333 99999 88888 66666';
return false === \strpos($sLine, \strtolower($sPassword));
}
}

2
rainloop/v/0.0.0/app/libraries/MailSo/Imap/ImapClient.php
View file

@ -210,7 +210,7 @@ class ImapClient extends \MailSo\Net\NetClient
$sTicket = @\base64_decode($oContinuationResponse->ResponseList[1]);
$this->oLogger->Write('ticket: '.$sTicket);
$sToken = \base64_encode($sLogin.' '.\MailSo\Base\Utils::Hmac($sTicket, $sPassword));
$sToken = \base64_encode($sLogin.' '.\hash_hmac('md5', $sTicket, $sPassword));
if ($this->oLogger)
{

14
rainloop/v/0.0.0/app/libraries/MailSo/Mail/MailClient.php
View file

@ -228,7 +228,7 @@ class MailClient
: \MailSo\Imap\Enumerations\StoreAction::REMOVE_FLAGS_SILENT
;
$this->oImapClient->MessageStoreFlag(\MailSo\Base\Utils::PrepearFetchSequence($aIndexRange),
$this->oImapClient->MessageStoreFlag(\MailSo\Base\Utils::PrepareFetchSequence($aIndexRange),
$bIndexIsUid, array($sMessageFlag), $sStoreAction);
}
}
@ -460,7 +460,7 @@ class MailClient
$this->oImapClient->FolderSelect($sFolder);
$sIndexRange = \MailSo\Base\Utils::PrepearFetchSequence($aIndexRange);
$sIndexRange = \MailSo\Base\Utils::PrepareFetchSequence($aIndexRange);
$this->oImapClient->MessageStoreFlag($sIndexRange, $bIndexIsUid,
array(\MailSo\Imap\Enumerations\MessageFlag::DELETED),
@ -493,12 +493,12 @@ class MailClient
if ($bUseMoveSupported && $this->oImapClient->IsSupported('MOVE'))
{
$this->oImapClient->MessageMove($sToFolder,
\MailSo\Base\Utils::PrepearFetchSequence($aIndexRange), $bIndexIsUid);
\MailSo\Base\Utils::PrepareFetchSequence($aIndexRange), $bIndexIsUid);
}
else
{
$this->oImapClient->MessageCopy($sToFolder,
\MailSo\Base\Utils::PrepearFetchSequence($aIndexRange), $bIndexIsUid);
\MailSo\Base\Utils::PrepareFetchSequence($aIndexRange), $bIndexIsUid);
$this->MessageDelete($sFromFolder, $aIndexRange, $bIndexIsUid, true, $bExpungeAll);
}
@ -521,7 +521,7 @@ class MailClient
$this->oImapClient->FolderSelect($sFromFolder);
$this->oImapClient->MessageCopy($sToFolder,
\MailSo\Base\Utils::PrepearFetchSequence($aIndexRange), $bIndexIsUid);
\MailSo\Base\Utils::PrepareFetchSequence($aIndexRange), $bIndexIsUid);
return $this;
}
@ -728,7 +728,7 @@ class MailClient
\MailSo\Imap\Enumerations\FetchType::INDEX,
\MailSo\Imap\Enumerations\FetchType::UID,
\MailSo\Imap\Enumerations\FetchType::FLAGS
), \MailSo\Base\Utils::PrepearFetchSequence($aUids), true);
), \MailSo\Base\Utils::PrepareFetchSequence($aUids), true);
if (\is_array($aFetchResponse) && 0 < \count($aFetchResponse))
{
@ -1496,7 +1496,7 @@ class MailClient
$bSimple ?
$this->getEnvelopeOrHeadersRequestStringForSimpleList() :
$this->getEnvelopeOrHeadersRequestString()
), \MailSo\Base\Utils::PrepearFetchSequence($aRequestIndexOrUids), $bIndexAsUid);
), \MailSo\Base\Utils::PrepareFetchSequence($aRequestIndexOrUids), $bIndexAsUid);
if (\is_array($aFetchResponse) && 0 < \count($aFetchResponse))
{

2
rainloop/v/0.0.0/app/libraries/MailSo/Smtp/SmtpClient.php
View file

@ -188,7 +188,7 @@ class SmtpClient extends \MailSo\Net\NetClient
try
{
$this->sendRequestWithCheck(\base64_encode($sLogin.' '.\MailSo\Base\Utils::Hmac($sTicket, $sPassword)), 235, '', true);
$this->sendRequestWithCheck(\base64_encode($sLogin.' '.\hash_hmac('md5', $sTicket, $sPassword)), 235, '', true);
}
catch (\MailSo\Smtp\Exceptions\NegativeResponseException $oException)
{

2
rainloop/v/0.0.0/app/libraries/RainLoop/Actions.php
View file

@ -349,7 +349,7 @@ class Actions
$sQuery = \trim(\trim($sQuery), ' /');
$aSubQuery = $this->Http()->GetQuery('q', null);
$aSubQuery = $this->Http()->GetQuery('q');
if (\is_array($aSubQuery))
{
$aSubQuery = \array_map(function ($sS) {

2
rainloop/v/0.0.0/app/libraries/RainLoop/ServiceActions.php
View file

@ -81,7 +81,7 @@ class ServiceActions
$aResponseItem = null;
$oException = null;
$sAction = $this->oHttp->GetPost('Action', null);
$sAction = $this->oHttp->GetPost('Action');
if (empty($sAction) && $this->oHttp->IsGet() && !empty($this->aPaths[2]))
{
$sAction = $this->aPaths[2];