Hey there,
could anyone help me?
I'm trying to extend my roundcube installation with a deref-funktion like gmx have.
I found following solution for myself but's very unperfekt because it would not work with ssl-protected sites
first the things witch are inperfekt
-external solution
-no user orientated protection
-no functionality with ssl-sites (because of domain orientated protection)
-not skinable/not using the user-skins
must have (in my eys)
-more integration in roundcube
-user orientated protection
-100% neutral link for those browsers witch reffer the deref site (sound's lucky but opera reffer the site in all cases I try)
may have
-using the roundcube skin
now my first try (and external solution):
first change links
Original:
$convert_patterns[] = "/([\w]+):\/\/([a-z0-9\-\.]+[a-z]{2,4}([$url_chars$url_chars_within]*[$url_chars])?)/ie";
$convert_replaces[] = "rcmail_str_replacement('<a href=\"\\1://\\2\" target=\"_blank\">\\1://\\2</a>', \$replace_strings)";
$convert_patterns[] = "/([^\/:]|\s)(www\.)([a-z0-9\-]{2,}[a-z]{2,4}([$url_chars$url_chars_within]*[$url_chars])?)/ie";
$convert_replaces[] = "rcmail_str_replacement('\\1<a href=\"[url]http://\\2\\3\"[/url] target=\"_blank\">\\2\\3</a>', \$replace_strings)";
Replace:
$convert_patterns[] = "/([\w]+):\/\/([a-z0-9\-\.]+[a-z]{2,4}([$url_chars$url_chars_within]*[$url_chars])?)/ie";
$convert_replaces[] = "rcmail_str_replacement('\\1://\\2', \$replace_strings)";
$convert_patterns[] = "/([^\/:]|\s)(www\.)([a-z0-9\-]{2,}[a-z]{2,4}([$url_chars$url_chars_within]*[$url_chars])?)/ie";
$convert_replaces[] = "rcmail_str_replacement('\\1\\2\\3', \$replace_strings)";
than the solution for dereffering the links (not my own solution):
deref/index.php
function tpl ($template)
{
if (file_exists ('tpl/' . $template . '.html'))
{
include 'tpl/' . $template . '.html';
}
}
function logfile ()
{
global $link_url;
global $config;
if ($config['log'] == 1)
{
$fp = fopen ('log/logfile.txt', 'a');
fwrite($fp, "$link_url");
fwrite($fp, "\n");
fclose ($fp);
}
}
$config['prcl'] = 'http';
$config['time'] = 0;
$config['log'] = 1;
$link_url = urldecode($_SERVER['QUERY_STRING']);
if ($link_url != '')
{
/* Not nessesary because roundcube change the links itselve)
if (substr($link_url, 0, 7)!='[url]http://'[/url]) || substr($link_url, 0, 8)!='[url]https://'[/url] || substr($link_url, 0, 6)!='[url]ftp://'[/url]
{
$link_url = $config['prcl'] . '://' . $link_url;
}
*/
$link_head = $link_url;
$link_time = $config['time'];
logfile ();
tpl ('page_redirect');
exit ();
}
tpl ('page');
exit ();
?>
deref/tpl/page_redirect.html
global $link_head;
global $link_time;
?>
[/url]
Willkommen[/url] bei RoundCube Webmail
Weiterleitung
[/url]
; URL==$link_head?>">
Bitte warte =$link_time?> Sekunden
Umleitung auf: ">=$link_head?>
Code to protect the deref-funktion from extrenal use:
SetEnvIfNoCase Referer "^https?://domain.tld/" ref //will not work, because ssl don't reffer the source page
SetEnvIfNoCase Referer "^http://(www.)?domain.tld/" ref
Order Deny,Allow
Deny from all
Allow from env=ref
now I'd like to include all this directly in the roundcube installation so that links look like
http://www.domain.tld/roundcubeinstallation/?_task=def&url=http://external.tld/linkand the authentication is given by roundcube login (session)
I hope my intention is understandable and anyone could help me to include these function.
at least a simple sumerage of the functionality of this.
-the destination page is given in the url (?destination)
-dereferring by using meta refresh
-for browsers without meta refreshfunctionality site with link in it (like: "klick here to go to .... ")
-protecting deref from unknown users
why all this?
to Protect userdetails (linke e-mail-nr and so on) from other webmasters (on destinationpages)