Revisions for imp/redirect.php

The old way of handling compose messages when the session timed out was
kludgy, never worked properly for me, isn't usable unless the user logs
back in, and doesn't work if using a custom login page
Rewrite using VFS to store the draft, which will be accessible on the next
login.

MFH:
2.288     +2 -3      imp/login.php
1.158     +2 -3      imp/redirect.php

IMP_BASE is often already defined in these two scripts

MFH: IMP.php - 1.686; redirect.php - 1.157; javascript_defs.php - 2.7

Tags: IMP_4_2

Add IMP::wrapInlineScript() and IMP::redirect().

Bug: 6179
MFH: redirect.php - 1.156; CHANGES - 1.1112; Session.php - 1.164

Tags: IMP_4_2_RC4

Bug: 6179
Redirect after doing maintenance to the proper view.

MFB:
[jan] Support vhosts setting when loading header.php, servers.php,
spelling.php and trailer.txt configuration files.

[jan] Support vhosts setting when loading header.php, servers.php,
spelling.php and trailer.txt configuration files.

MFH:
Allow users to specify server name and login credentials for IMP in Horde's
preferences. Too late in the game to get thoroughly tested, thus the weird
version numbers.

MFH: Add configuration option to force users to a certain view.

Tags: IMP_4_2_RC3

Add configuration option to force users to a certain view.

Allow users to specify server name and login credentials for IMP in Horde's
preferences. Too late in the game to get thoroughly tested, thus the weird
version numbers.

MFH: login.php - 2.279; redirect.php - 1.152

Tags: IMP_4_2_RC2

This setcookie() call is not in the right place - there is no way to switch
back to imp.
Make cookie name a bit clearer.

Happy New Year

Happy New Year

Merge from HEAD.

Remember webmail mode selected on the last login.

Tags: BEFORE_MERGE_3_2

Move application-specific hook examples to the application's config directories.

Tags: IMP_4_2_RC1

Jon has assigned his copyrights to The Horde Project.

Tags: IMP_4_2_ALPHA

Bump year, looks like a missed a few last time.

not sure where i was going with this comment.

More improvements to anchor redirection.  Don't add anchor until end or else
we may append parameters after it.  When redirecting, always send anchor even
if it was part of an original URL parameter (we will let the called function
worry about dealing with it).

Need to add anchor at the very end since we may be adding parameters
to URL part.

Preserve URL anchor information when performing login.

Bug: 5218
Don't load frameset if logging into either MIMP or DIMP.

[mms] Add option to login screen to allow user to select the application mode
if either DIMP or MIMP is also installed.

Happy New Year

Tags: IMP_4_1_6, IMP_4_1_5, IMP_4_1_4, IMP_4_1_4_RC1

Happy New Year

Assign copyright to The Horde Project for those copyright holders that already agreed to it.

Bug: 4793
MFH: redirect.php - 1.138; Imp.reg - 1.8

Bug: 4793
Revert URL change and fix the actual issue.

coding standards: don't use is_null().

MFH 1.136

'folders' no longer exists.

log successful login attempts in a single place in the code.
consolidate some duplicate code in api.php

MFH 1.134

Tags: IMP_4_1_3, IMP_4_1_2

Last try definitely wasn't right, this seems good.

MFH 1.133
Bug: 3807

Allow username not to be submitted at all with an existing session.
Bug: 3807

postlogin hook might need to run before maintenance, and can always
run maintenance later by re-calling redirect.php with url= wherever it
wants you to go next.

[cjh] Add a hook for post-login actions, after the session is established
but before redirection.

MFH 1.130

Tags: IMP_4_1_1, IMP_4_1, IMP_4_1_RC3

Looks like this was throwing an error if hordeauth was true and not 'full'.

MFH: Fix redirection to initial_application preference after running
Maintenance tasks.

Tags: IMP_4_1_RC2

[cjh] Fix redirection to initial_application preference after running
Maintenance tasks.

Happy new year

Tags: IMP_4_1_RC1

Happy new year\!

Clean up handling of recompose form data.  Ensure we remain in recompose mode
even if we have to reload the login screen.

Add IMP::recomposeLogin().
recompose mode now works properly on non imp-authenticated setups.

really no need to try to replicate both login.php and redirect.php for the
recompose functionality - just insert the recompose code into those files.
Move recompose template to login/ since it fits better there.

MFH: login.php - 2.230; redirect.php - 1.124; IMP.php - 1.520;
Session.php - 1.110

Move getInitialUrl() to IMP_Session:: as it is only used in the login/redirect
scripts.

Merged from HEAD

* Add ability to change SMTP server/port on IMP login.
Bug: #327

Tags: BEFORE_MERGE_3_1

MFH: 1.122

Tags: IMP_4_0_5, IMP_4_0_4, IMP_4_0_4_RC2

Fix endless redirection loop with failed hordeauth authentication.

MFH 1.121

Tags: IMP_4_0_4_RC1

Allow people to log in again.

Bug: 1883
MFH: redirect.php - 1.120; login.inc - 2.185; CHANGES - 1.794

Bug: 1883
Do not pass any more information than is required via form data for security
purposes.

MFH redirect.php 1.119

[cjh] Only use a Refresh: header if we need to, and if the URL is under 160
characters, to prevent triggering browser bugs that cause hangs
(Bug #1728).

Happy New Year

Happy New Year

Tags: IMP_4_0_3, IMP_4_0_3_RC1, IMP_4_0_2, IMP_4_0_2_RC1, IMP_4_0_1

Happy New Year! :-)

Tags: IMP_3_2_8, IMP_3_2_7

MFH 1.117

Bug: 892

need to pass $actionID through here.

Don't want to run loginTasks twice.

Tags: FRAMEWORK_3, IMP_4_0

Bug: 993
Move maintenance finished if block further up the logic chain to prevent
undefined index errors.

Log the invalid server key and avoid undefined variable warning.

Bug: 993
Fix frameset and initial_application pref handling after maintenance tasks
are run.

Put back handling of action=compose for BC.

Fix some logic that was resulting in encoded (&) urls being used for header redirects. This should finally close #892.

... and one more piece of it comes back to avoid loading the frameset
multiple times.

Tags: IMP_4_0_RC3

Still need a variant of the frameset parameter in IMP to tell
redirect.php whether to go through Horde's index.php or straight to
the IMP initial page.

Bug: 814

I need to test this on a few other installs, but I think this will
work and is much simpler - testing for the existance of the frameset
and if it's there, modifying the login form target, instead of passing
a GET parameter around. This way Horde logins always reload the full
frameset, which is good from a security standpoint, and also fixes
#814.

Bug: 814

Always honor the login_compose action. I've done this by forcing the
intial app to IMP (instead of the preference) if this is specified -
any objectsions to this or better ideas? I think it's probably
necessary to support the non-popup compose window case, and much
simpler even with it. Also reasonable, if the user expects to be
writing mail.

Bug: #892

Remove unnecessary parens.

Tags: IMP_4_0_RC2

Insert code in the login screen to auto-detect the exact version of IE (version
5.0 +).  This allows us to only turn off page compression for the exact
versions of IE that are affected.  I am still not sure if I am embarassed at
how hackish this is or excited by how hackish this is :)

Tags: IMP_4_0_RC1

Fix URL generation.

Don't encode separator in REFRESH header.

Tags: IMP_4_0_BETA

Fix typo (Jan Kuipers <jrkuipers@lauwerscollege.nl>).

Registry::getParam() -> Registry::get().

Optimizations.

I have no idea if what I am doing here is correct or not (I will be honest -
I am not really sure what is going on with the whole 'encoded' parameter
thing), but I needed to make these changes or else IMP would go into an
infinite loop when logging in.

Use Refresh: instead of Location: when we may be going from an SSL url
to a regular http url (with use_ssl = 3).

Bug: 405

The last of the array_key_exists() should be gone now for IMP.
While I'm at it, clean up some phpdoc and a few unnecessary global calls.

Lots and lots of copyright and license updates and fixes. Someone will have to that for the HEAD branches too.

Tags: IMP_3_2_7_RC1, IMP_3_2_6, IMP_3_2_5, IMP_3_2_4

Redirect to frameset, if the frameset parameter is set but empty and the user is already authenticated.

Tags: IMP_4_0_ALPHA

Store authentication error reason/messages in a global array ($__autherrors).
This is a bit messy but necessary since we a) use Auth:: both statically and
via objects all over the place so there is no guarantee that
storing something in an object/static variable will be able to be accessed
elsewhere, and b) since we use Horde::authenticationErrorRedirect() to redirect
on most authentication problems (like session timeouts), or our logout
redirects are disjointed in code a long way from the actual authentication
failures, it starts to get really messy if we were to start explicitly
explicitly passing around specific Auth object variables all over the place.
This change has the additional benefit of allowing us to call
Auth::addLogoutParameters() with just the URL argument and having that
function automatically generate the correct parameters necessary to output
the error message on the login page. That function will still allow a
specific reason to be passed in if the calling code knows exactly what kind
of error it wants to throw.

Set direct_access in IMP::createSession() instead of redirect.php to make
sure it is REALLY set. This at last fixes the last occurences of the
"undefined index 'direct_access'" errors that still might have happened if
someone "overlooked" a fatal error.

Tags: IMP_3_2_3, IMP_3_2_3_RC1

Simplify logoutUrl().
Try to pass along any error messages received during authentication.

Standardize logout messages by collecting them in Auth:: and using
Auth::addLogoutParameters() to generated the standardized parameters for logout
screens.
Goal: This allows us to add a new logout reason ('message') that will be
handled uniformly across our different login screens.  This reason will allow
us to (finally) use Auth's ability to output a customized error message (e.g.
the server is not responding) to the user instead of being restricted to
'failed', 'session', etc. preset messages.

I obviously spoke way too soon on the frameset/login issues. This
commit gets us closer. Not gonna promise anything this time. :)

Take a shot at detecting the presence of the frameset with javascript
and a form variable, and act accordingly in index.php.

[cjh] Various $no_auth and $self_contained_auth flags have been standardized
into an AUTH_HANDLER constant, which if defined signals the application
that it should not check permissions upon calling $registry->pushApp(),
as the calling script will handle that itself, or is a system-level cron
job/script/etc.
[cjh] Add an option to $registry->pushApp() to specify whether or not to check
application permissions.

Happy new year everyone.

whitespace

Add $conf['menu']['always'] from Ben Chavet <ben@chavet.net>.

Use the new Util:: class.