[squirrelmail.git] / src / compose.php

<?php
   /** 
    ** compose.php
    **
    **  Copyright (c) 1999-2000 The SquirrelMail development team
    **  Licensed under the GNU GPL. For full terms see the file COPYING.
    **
    ** This code sends a mail.
    **
    ** There are 3 modes of operation:
    **  - Start new mail
    **  - Add an attachment
    **  - Send mail
    **/

   session_start();

   if (!isset($config_php))
      include("../config/config.php");
   if (!isset($strings_php))
      include("../functions/strings.php");
   if (!isset($page_header_php))
      include("../functions/page_header.php");
   if (!isset($imap_php))
      include("../functions/imap.php");
   if (!isset($date_php))
      include("../functions/date.php");
   if (!isset($mime_php))
      include("../functions/mime.php");
   if (!isset($smtp_php))
      include("../functions/smtp.php");
   if (!isset($display_messages_php))
      include("../functions/display_messages.php");
   if (!isset($auth_php))
      include ("../functions/auth.php");
   if (!isset($plugin_php))
      include ("../functions/plugin.php");

   include("../src/load_prefs.php");

   // This function is used when not sending or adding attachments
   function newMail () {
      global $forward_id, $imapConnection, $msg, $ent_num, $body_ary, $body,
         $reply_id, $send_to, $send_to_cc, $mailbox, $send_to_bcc, $editor_size;

      $send_to = sqStripSlashes(decodeHeader($send_to));
      $send_to_cc = sqStripSlashes(decodeHeader($send_to_cc));
      $send_to_bcc = sqStripSlashes(decodeHeader($send_to_bcc));

      if ($forward_id)
         $id = $forward_id;
      else if ($reply_id)
         $id = $reply_id;


      if ($id) {
         sqimap_mailbox_select($imapConnection, $mailbox);
         $message = sqimap_get_message($imapConnection, $id, $mailbox);
         $orig_header = $message->header;
         if ($ent_num)
            $message = getEntity($message, $ent_num);

         if ($message->header->type0 == "text" || $message->header->type1 == "message") {
            if ($ent_num)
               $body = decodeBody(mime_fetch_body($imapConnection, $id, $ent_num), $message->header->encoding);
            else
               $body = decodeBody(mime_fetch_body($imapConnection, $id, 1), $message->header->encoding);
         } else {
            $body = "";
         }
         
         if ($message->header->type1 == "html")
            $body = strip_tags($body);
            
         $body_ary = explode("\n", $body);
         $body = "";
         for ($i=0; $i < count($body_ary); $i++) {
            sqWordWrap($body_ary[$i], $editor_size - 1);
            $body .= $body_ary[$i];
         }
         $body_ary = array();
         $body_ary = explode("\n", $body);
         $body = "";
         for ($i=0; $i < count($body_ary); $i++) {
            if ($i==0 && $forward_id) {
               $tmp = "-------- " . _("Original Message") . " --------\n";
               $tmp .= _("Subject") . ": " . $orig_header->subject . "\n"; 
               $tmp .= _("From") . ": " . $orig_header->from . "\n"; 
               $tmp .= _("To") . ": " . $orig_header->to[0] . "\n"; 
               if (count($orig_header->to) > 1) {
                  for ($x=1; $x < count($orig_header->to); $x++) {
                     $tmp .= "         " . $orig_header->to[$x] . "\n";
                  }
               }
               $tmp .= "\n" . $body_ary[$i];
            } else {
               $tmp = $body_ary[$i];
            }
            if ($forward_id)
               $body = "$body$tmp\n";
            else
               $body = "$body> $tmp\n";
         }

         sqimap_mailbox_close($imapConnection);
         return $body;   
      }

      if (!$send_to) {
         $send_to = sqimap_find_email($send_to);
      }

      /** This formats a CC string if they hit "reply all" **/
      if ($send_to_cc != "") {
         $send_to_cc = ereg_replace( '"[^"]*"', "", $send_to_cc);
         $send_to_cc = ereg_replace(";", ",", $send_to_cc);
         $sendcc = explode(",", $send_to_cc);
         $send_to_cc = "";
         
         for ($i = 0; $i < count($sendcc); $i++) {
            $sendcc[$i] = trim($sendcc[$i]);
            if ($sendcc[$i] == "")
               continue;
            
            $sendcc[$i] = sqimap_find_email($sendcc[$i]);
            $whofrom = sqimap_find_displayable_name($msg["HEADER"]["FROM"]);
            $whoreplyto = sqimap_find_email($msg["HEADER"]["REPLYTO"]);
         
            if ((strtolower(trim($sendcc[$i])) != strtolower(trim($whofrom))) &&
                (strtolower(trim($sendcc[$i])) != strtolower(trim($whoreplyto))) &&
                (trim($sendcc[$i]) != "")) {
               $send_to_cc .= trim($sendcc[$i]) . ", ";
            }
         }
         $send_to_cc = trim($send_to_cc);
         if (substr($send_to_cc, -1) == ",") {
            $send_to_cc = substr($send_to_cc, 0, strlen($send_to_cc) - 1);
         }
      }
   } // function newMail()

   function showInputForm () {
      global $send_to, $send_to_cc, $reply_subj, $forward_subj, $body,
         $passed_body, $color, $use_signature, $signature, $editor_size,
         $attachments, $subject, $newmail, $use_javascript_addr_book,
         $send_to_bcc, $reply_id, $mailbox, $from_htmladdr_search;

      $subject = sqStripSlashes(decodeHeader($subject));
      $reply_subj = decodeHeader($reply_subj);
      $forward_subj = decodeHeader($forward_subj);
      $body = sqStripSlashes($body);

      if ($use_javascript_addr_book) {
         echo "\n<SCRIPT LANGUAGE=JavaScript><!--\n";
         echo "function open_abook() { \n";
         echo "  var nwin = window.open(\"addrbook_popup.php\",\"abookpopup\",";
         echo "\"width=670,height=300,resizable=yes,scrollbars=yes\");\n";
         echo "  if((!nwin.opener) && (document.windows != null))\n";
         echo "    nwin.opener = document.windows;\n";
         echo "}\n";
         echo "// --></SCRIPT>\n\n";
      }

      echo "\n<FORM name=compose action=\"compose.php\" METHOD=POST ENCTYPE=\"multipart/form-data\">\n";
      //echo "\n<FORM name=compose action=\"compose.php\" METHOD=POST>\n";
      if ($reply_id) {
         echo "<input type=hidden name=reply_id value=$reply_id>\n";
      }                 
      printf("<INPUT TYPE=hidden NAME=mailbox VALUE=\"%s\">\n", htmlspecialchars($mailbox));
      echo "<TABLE WIDTH=\"100%\" ALIGN=center CELLSPACING=0 BORDER=0>\n";
      echo "   <TR>\n";
      echo "      <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
      echo _("To:");
      echo "      </TD><TD BGCOLOR=\"$color[4]\">\n";
      printf("         <INPUT TYPE=text NAME=\"send_to\" VALUE=\"%s\" SIZE=60><BR>\n",
             htmlspecialchars($send_to));
      echo "      </TD>\n";
      echo "   </TR>\n";
      echo "   <TR>\n";
      echo "      <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
      echo _("CC:");
      echo "      </TD><TD BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
      printf("         <INPUT TYPE=text NAME=\"send_to_cc\" SIZE=60 VALUE=\"%s\"><BR>\n",
             htmlspecialchars($send_to_cc));
      echo "      </TD>\n";
      echo "   </TR>\n";
      echo "   <TR>\n";
      echo "      <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
      echo _("BCC:");
      echo "      </TD><TD BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
      printf("         <INPUT TYPE=text NAME=\"send_to_bcc\" VALUE=\"%s\" SIZE=60><BR>\n",
             htmlspecialchars($send_to_bcc));
      echo "</TD></TR>\n";

      echo "   <TR>\n";
      echo "      <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
      echo _("Subject:");
      echo "      </TD><TD BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
      if ($reply_subj) {
         $reply_subj = str_replace("\"", "'", $reply_subj);
         $reply_subj = sqStripSlashes($reply_subj);
         $reply_subj = trim($reply_subj);
         if (substr(strtolower($reply_subj), 0, 3) != "re:")
            $reply_subj = "Re: $reply_subj";
         printf("         <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
                htmlspecialchars($reply_subj));
      } else if ($forward_subj) {
         $forward_subj = str_replace("\"", "'", $forward_subj);
         $forward_subj = sqStripSlashes($forward_subj);
         $forward_subj = trim($forward_subj);
         if ((substr(strtolower($forward_subj), 0, 4) != "fwd:") &&
             (substr(strtolower($forward_subj), 0, 5) != "[fwd:") &&
             (substr(strtolower($forward_subj), 0, 6) != "[ fwd:"))
            $forward_subj = "[Fwd: $forward_subj]";
         printf("         <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
                htmlspecialchars($forward_subj));
      } else {
          printf("         <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
                htmlspecialchars($subject));
      }
      echo "</td></tr>\n\n";

      echo "   <TR><td>\n   </td><td>\n";
      if ($use_javascript_addr_book) {
         echo "      <SCRIPT LANGUAGE=JavaScript><!--\n document.write(\"";
         echo "         <input type=button value=\\\""._("Addresses")."\\\" onclick='javascript:open_abook();'>\");";
         echo "         // --></SCRIPT><NOSCRIPT>\n";
         echo "         <input type=submit name=\"html_addr_search\" value=\""._("Addresses")."\">";
         echo "      </NOSCRIPT>\n";
      } else {  
         echo "      <input type=submit name=\"html_addr_search\" value=\""._("Addresses")."\">";
      }   
      echo "\n    <INPUT TYPE=SUBMIT NAME=send VALUE=\"". _("Send") . "\">\n";
      
      do_hook("compose_button_row");

      echo "   </TD>\n";
      echo "   </TR>\n\n";


      echo "   <TR>\n";
      echo "      <TD BGCOLOR=\"$color[4]\" COLSPAN=2>\n";
      echo "         &nbsp;&nbsp;<TEXTAREA NAME=body ROWS=20 COLS=\"$editor_size\" WRAP=HARD>";
      if ($use_signature == true && $newmail == true && !isset($from_htmladdr_search)) {
         echo (htmlspecialchars($body)) . "\n\n-- \n" . htmlspecialchars($signature);
      } else {
         echo (htmlspecialchars($body));
      }
      echo "</TEXTAREA><BR>\n";
      echo "      </TD>\n";
      echo "   </TR>\n";
      echo "   <TR><TD COLSPAN=2 ALIGN=CENTER><INPUT TYPE=SUBMIT NAME=send VALUE=\"";
      echo _("Send");
      echo "\"></TD></TR>\n";
      
      // This code is for attachments
      echo "   <tr>\n";
      echo "     <TD BGCOLOR=\"$color[0]\" VALIGN=TOP ALIGN=RIGHT>\n";
      echo "      <SMALL><BR></SMALL>"._("Attach:");
      echo "      </td><td ALIGN=left BGCOLOR=\"$color[0]\">\n";
      //      echo "      <INPUT TYPE=\"hidden\" name=\"MAX_FILE_SIZE\"\n";
      //      echo "      value=\"10000\">\n";
      echo "      <INPUT NAME=\"attachfile\" SIZE=48 TYPE=\"file\">\n";
      echo "      &nbsp;&nbsp;<input type=\"submit\" name=\"attach\"";
      echo " value=\"" . _("Add") ."\">\n";
      echo "     </td>\n";
      echo "   </tr>\n";
      if (isset($attachments) && count($attachments)>0) {
         echo "<tr><td bgcolor=\"$color[0]\" align=right>\n";
         echo "&nbsp;";
         echo "</td><td align=left bgcolor=\"$color[0]\">";
         while (list($localname, $remotename) = each($attachments)) {
            echo "<input type=\"checkbox\" name=\"delete[]\" value=\"$localname\">\n";
            echo "$remotename <input type=\"hidden\" name=\"attachments[$localname]\" value=\"$remotename\"><br>\n";
         }
         
         echo "<input type=\"submit\" name=\"do_delete\" value=\""._("Delete selected attachments")."\">\n";
         echo "</td></tr>";
      }
      // End of attachment code

      echo "</TABLE>\n";
      echo "</FORM>";
      do_hook("compose_bottom");
   }

   function showSentForm () {
      echo "<BR><BR><BR><CENTER><B>Message Sent!</B><BR><BR>";
      echo "You will be automatically forwarded.<BR>If not, <A HREF=\"right_main.php\">click here</A>";
      echo "</CENTER>";
   }

   function checkInput ($show) {
      /** I implemented the $show variable because the error messages
          were getting sent before the page header.  So, I check once
          using $show=false, and then when i'm ready to display the
          error message, show=true **/
      global $body, $send_to, $subject, $color;

      if ($send_to == "") {
         if ($show)
            plain_error_message(_("You have not filled in the \"To:\" field."), $color);
         return false;
      }
      return true;
   } // function checkInput()


   if (($mailbox == "") || ($mailbox == "None"))
      $mailbox = "INBOX";

   if(isset($send)) {
      if (checkInput(false)) {
         $urlMailbox = urlencode ($mailbox);
         sendMessage($send_to, $send_to_cc, $send_to_bcc, $subject, $body, $reply_id);
         header ("Location: right_main.php?mailbox=$urlMailbox&sort=$sort&startMessage=1");
      } else {
         $imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
         displayPageHeader($color, $mailbox);
         checkInput(true);
         
         showInputForm();
         sqimap_logout($imapConnection);
      }
   } else if ($html_addr_search_done) {
      is_logged_in();
      displayPageHeader($color, $mailbox);

      $send_to = sqStripSlashes($send_to);
      $send_to_cc = sqStripSlashes($send_to_cc);
      $send_to_bcc = sqStripSlashes($send_to_bcc);
      
      for ($i=0; $i < count($send_to_search); $i++) {
         if ($send_to)
            $send_to .= ", ";
         $send_to .= $send_to_search[$i];   
      }
      
      for ($i=0; $i < count($send_to_cc_search); $i++) {
         if ($send_to_cc)
            $send_to_cc .= ", ";
         $send_to_cc .= $send_to_cc_search[$i];   
      }
      
      showInputForm();
   } else if ($html_addr_search) {
      // I am using an include so as to elminiate an extra unnecessary click.  If you
      // can think of a better way, please implement it.
      include ("addrbook_search_html.php");
   } else if (isset($attach)) {
      is_logged_in();
      displayPageHeader($color, $mailbox);

      $localfilename = md5($HTTP_POST_FILES['attachfile']['tmp_name'].", ".$HTTP_POST_FILES['attachfile']['name'].", $REMOTE_IP, $REMOTE_PORT, $UNIQUE_ID, and everything else that may add entropy");
//      $localfilename = $localfilename; // ??
      
      // Put the file in a better place
      // This shouldn't be here... Ondrej Sury <ondrej@sury.cz>
      //$tmp=explode('/',$attachfile);
      //$attachfile=$tmp[count($tmp)-1];
      //$attachfile=ereg_replace('\.{2,}','',$attachfile);

      //error_reporting(0); // Rename will produce error output if it fails
      //if (!rename($attachfile, $attachment_dir.$localfilename)) {
      //   if (!copy($attachfile, $attachment_dir.$localfilename)) {
      if (!@rename($HTTP_POST_FILES['attachfile']['tmp_name'], $attachment_dir.$localfilename)) {
         if (!@copy($HTTP_POST_FILES['attachfile']['tmp_name'], $attachment_dir.$localfilename)) {
            plain_error_message(_("Could not move/copy file. File not attached"), $color);
            $failed = true;
         }
      }
      // If it still exists, PHP will remove the original file

      if (!$failed) {
         // Write information about the file
         $fp = fopen ($attachment_dir.$localfilename.".info", "w");
         fputs ($fp, $HTTP_POST_FILES['attachfile']['type']."\n".$HTTP_POST_FILES['attachfile']['name']."\n");
         fclose ($fp);

         $attachments[$localfilename] = $HTTP_POST_FILES['attachfile']['name'];
      }
      
      showInputForm();
   } else if (isset($do_delete)) {
      is_logged_in();
      displayPageHeader($color, $mailbox);

      while (list($lkey, $localname) = each($delete)) {
         array_splice ($attachments, $lkey, 1);
         unlink ($attachment_dir.$localname);
         unlink ($attachment_dir.$localname.".info");
      }

      showInputForm();
   } else {
      $imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
      displayPageHeader($color, $mailbox);

      $newmail = true;
      newMail();
      showInputForm();
      sqimap_logout($imapConnection);
   }
?>
Commit	Line	Data
59177427	1	<?php
ef870322	2	/**
	3	** compose.php
	4	**
	5	** Copyright (c) 1999-2000 The SquirrelMail development team
	6	** Licensed under the GNU GPL. For full terms see the file COPYING.
	7	**
	8	** This code sends a mail.
df15de21	9	**
	10	** There are 3 modes of operation:
	11	** - Start new mail
	12	** - Add an attachment
	13	** - Send mail
	14	**/
	15
2a32fc83	16	session_start();
2a32fc83	17
d068c0ec	18	if (!isset($config_php))
	19	include("../config/config.php");
	20	if (!isset($strings_php))
	21	include("../functions/strings.php");
	22	if (!isset($page_header_php))
	23	include("../functions/page_header.php");
	24	if (!isset($imap_php))
	25	include("../functions/imap.php");
	26	if (!isset($date_php))
	27	include("../functions/date.php");
	28	if (!isset($mime_php))
	29	include("../functions/mime.php");
	30	if (!isset($smtp_php))
	31	include("../functions/smtp.php");
	32	if (!isset($display_messages_php))
	33	include("../functions/display_messages.php");
3c13b9fb	34	if (!isset($auth_php))
3c13b9fb	35	include ("../functions/auth.php");
15bfc1bc	36	if (!isset($plugin_php))
15bfc1bc	37	include ("../functions/plugin.php");
f7fb20fe	38
d3cdb279	39	include("../src/load_prefs.php");
8467bf00	40
4ba45d11	41	// This function is used when not sending or adding attachments
df15de21	42	function newMail () {
df15de21	43	global $forward_id, $imapConnection, $msg, $ent_num, $body_ary, $body,
a794e82c	44	$reply_id, $send_to, $send_to_cc, $mailbox, $send_to_bcc, $editor_size;
e39d73e5	45
7aaa81fc	46	$send_to = sqStripSlashes(decodeHeader($send_to));
7aaa81fc	47	$send_to_cc = sqStripSlashes(decodeHeader($send_to_cc));
6e79bfe2	48	$send_to_bcc = sqStripSlashes(decodeHeader($send_to_bcc));
a53e5469	49
429f8906	50	if ($forward_id)
	51	$id = $forward_id;
	52	else if ($reply_id)
	53	$id = $reply_id;
	54
1195c340	55
429f8906	56	if ($id) {
813eba2f	57	sqimap_mailbox_select($imapConnection, $mailbox);
429f8906	58	$message = sqimap_get_message($imapConnection, $id, $mailbox);
8d8ab69a	59	$orig_header = $message->header;
1195c340	60	if ($ent_num)
1195c340	61	$message = getEntity($message, $ent_num);
429f8906	62
429f8906	63	if ($message->header->type0 == "text" \|\| $message->header->type1 == "message") {
1195c340	64	if ($ent_num)
	65	$body = decodeBody(mime_fetch_body($imapConnection, $id, $ent_num), $message->header->encoding);
	66	else
	67	$body = decodeBody(mime_fetch_body($imapConnection, $id, 1), $message->header->encoding);
429f8906	68	} else {
429f8906	69	$body = "";
df15de21	70	}
df15de21	71
429f8906	72	if ($message->header->type1 == "html")
	73	$body = strip_tags($body);
	74
a794e82c	75	$body_ary = explode("\n", $body);
	76	$body = "";
	77	for ($i=0; $i < count($body_ary); $i++) {
	78	sqWordWrap($body_ary[$i], $editor_size - 1);
	79	$body .= $body_ary[$i];
	80	}
	81	$body_ary = array();
df15de21	82	$body_ary = explode("\n", $body);
df15de21	83	$body = "";
429f8906	84	for ($i=0; $i < count($body_ary); $i++) {
8d8ab69a	85	if ($i==0 && $forward_id) {
d68a3926	86	$tmp = "-------- " . _("Original Message") . " --------\n";
8d8ab69a	87	$tmp .= _("Subject") . ": " . $orig_header->subject . "\n";
51da06f5	88	$tmp .= _("From") . ": " . $orig_header->from . "\n";
51da06f5	89	$tmp .= _("To") . ": " . $orig_header->to[0] . "\n";
8d8ab69a	90	if (count($orig_header->to) > 1) {
	91	for ($x=1; $x < count($orig_header->to); $x++) {
	92	$tmp .= " " . $orig_header->to[$x] . "\n";
	93	}
	94	}
	95	$tmp .= "\n" . $body_ary[$i];
	96	} else {
1195c340	97	$tmp = $body_ary[$i];
8d8ab69a	98	}
429f8906	99	if ($forward_id)
8d8ab69a	100	$body = "$body$tmp\n";
df15de21	101	else
8d8ab69a	102	$body = "$body> $tmp\n";
78509c54	103	}
a794e82c	104
a2790a61	105	sqimap_mailbox_close($imapConnection);
1195c340	106	return $body;
78509c54	107	}
429f8906	108
29d08a52	109	if (!$send_to) {
	110	$send_to = sqimap_find_email($send_to);
	111	}
	112
df15de21	113	/ This formats a CC string if they hit "reply all" /
df15de21	114	if ($send_to_cc != "") {
a48fbf9b	115	$send_to_cc = ereg_replace( '"[^"]*"', "", $send_to_cc);
df15de21	116	$send_to_cc = ereg_replace(";", ",", $send_to_cc);
	117	$sendcc = explode(",", $send_to_cc);
	118	$send_to_cc = "";
	119
	120	for ($i = 0; $i < count($sendcc); $i++) {
	121	$sendcc[$i] = trim($sendcc[$i]);
	122	if ($sendcc[$i] == "")
	123	continue;
	124
a53e5469	125	$sendcc[$i] = sqimap_find_email($sendcc[$i]);
813eba2f	126	$whofrom = sqimap_find_displayable_name($msg["HEADER"]["FROM"]);
813eba2f	127	$whoreplyto = sqimap_find_email($msg["HEADER"]["REPLYTO"]);
df15de21	128
	129	if ((strtolower(trim($sendcc[$i])) != strtolower(trim($whofrom))) &&
	130	(strtolower(trim($sendcc[$i])) != strtolower(trim($whoreplyto))) &&
	131	(trim($sendcc[$i]) != "")) {
	132	$send_to_cc .= trim($sendcc[$i]) . ", ";
	133	}
	134	}
	135	$send_to_cc = trim($send_to_cc);
	136	if (substr($send_to_cc, -1) == ",") {
	137	$send_to_cc = substr($send_to_cc, 0, strlen($send_to_cc) - 1);
	138	}
	139	}
	140	} // function newMail()
78509c54	141
df15de21	142	function showInputForm () {
df15de21	143	global $send_to, $send_to_cc, $reply_subj, $forward_subj, $body,
4ba45d11	144	$passed_body, $color, $use_signature, $signature, $editor_size,
3806fa52	145	$attachments, $subject, $newmail, $use_javascript_addr_book,
6e79bfe2	146	$send_to_bcc, $reply_id, $mailbox, $from_htmladdr_search;
78509c54	147
5f104808	148	$subject = sqStripSlashes(decodeHeader($subject));
2e434774	149	$reply_subj = decodeHeader($reply_subj);
2e434774	150	$forward_subj = decodeHeader($forward_subj);
162efb6f	151	$body = sqStripSlashes($body);
a53e5469	152
3806fa52	153	if ($use_javascript_addr_book) {
	154	echo "\n<SCRIPT LANGUAGE=JavaScript><!--\n";
	155	echo "function open_abook() { \n";
	156	echo " var nwin = window.open(\"addrbook_popup.php\",\"abookpopup\",";
	157	echo "\"width=670,height=300,resizable=yes,scrollbars=yes\");\n";
	158	echo " if((!nwin.opener) && (document.windows != null))\n";
	159	echo " nwin.opener = document.windows;\n";
	160	echo "}\n";
	161	echo "// --></SCRIPT>\n\n";
	162	}
5100704d	163
cacf2747	164	echo "\n<FORM name=compose action=\"compose.php\" METHOD=POST ENCTYPE=\"multipart/form-data\">\n";
cacf2747	165	//echo "\n<FORM name=compose action=\"compose.php\" METHOD=POST>\n";
966286ae	166	if ($reply_id) {
966286ae	167	echo "<input type=hidden name=reply_id value=$reply_id>\n";
6e79bfe2	168	}
cf8758c7	169	printf("<INPUT TYPE=hidden NAME=mailbox VALUE=\"%s\">\n", htmlspecialchars($mailbox));
c5d828b3	170	echo "<TABLE WIDTH=\"100%\" ALIGN=center CELLSPACING=0 BORDER=0>\n";
df15de21	171	echo " <TR>\n";
c5d828b3	172	echo " <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
df15de21	173	echo _("To:");
c5d828b3	174	echo " </TD><TD BGCOLOR=\"$color[4]\">\n";
cf8758c7	175	printf(" <INPUT TYPE=text NAME=\"send_to\" VALUE=\"%s\" SIZE=60><BR>\n",
6e79bfe2	176	htmlspecialchars($send_to));
df15de21	177	echo " </TD>\n";
	178	echo " </TR>\n";
	179	echo " <TR>\n";
c5d828b3	180	echo " <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
aae41ae9	181	echo _("CC:");
c5d828b3	182	echo " </TD><TD BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
cf8758c7	183	printf(" <INPUT TYPE=text NAME=\"send_to_cc\" SIZE=60 VALUE=\"%s\"><BR>\n",
6e79bfe2	184	htmlspecialchars($send_to_cc));
df15de21	185	echo " </TD>\n";
	186	echo " </TR>\n";
	187	echo " <TR>\n";
c5d828b3	188	echo " <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
aae41ae9	189	echo _("BCC:");
761d149e	190	echo " </TD><TD BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
cf8758c7	191	printf(" <INPUT TYPE=text NAME=\"send_to_bcc\" VALUE=\"%s\" SIZE=60><BR>\n",
6e79bfe2	192	htmlspecialchars($send_to_bcc));
3806fa52	193	echo "</TD></TR>\n";
5100704d	194
df15de21	195	echo " <TR>\n";
c5d828b3	196	echo " <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
df15de21	197	echo _("Subject:");
761d149e	198	echo " </TD><TD BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
df15de21	199	if ($reply_subj) {
df15de21	200	$reply_subj = str_replace("\"", "'", $reply_subj);
7aaa81fc	201	$reply_subj = sqStripSlashes($reply_subj);
df15de21	202	$reply_subj = trim($reply_subj);
	203	if (substr(strtolower($reply_subj), 0, 3) != "re:")
	204	$reply_subj = "Re: $reply_subj";
cf8758c7	205	printf(" <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
6e79bfe2	206	htmlspecialchars($reply_subj));
df15de21	207	} else if ($forward_subj) {
df15de21	208	$forward_subj = str_replace("\"", "'", $forward_subj);
7aaa81fc	209	$forward_subj = sqStripSlashes($forward_subj);
df15de21	210	$forward_subj = trim($forward_subj);
	211	if ((substr(strtolower($forward_subj), 0, 4) != "fwd:") &&
	212	(substr(strtolower($forward_subj), 0, 5) != "[fwd:") &&
	213	(substr(strtolower($forward_subj), 0, 6) != "[ fwd:"))
	214	$forward_subj = "[Fwd: $forward_subj]";
cf8758c7	215	printf(" <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
6e79bfe2	216	htmlspecialchars($forward_subj));
df15de21	217	} else {
6e79bfe2	218	printf(" <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
6e79bfe2	219	htmlspecialchars($subject));
31f3d7c0	220	}
480feea7	221	echo "</td></tr>\n\n";
	222
	223	echo " <TR><td>\n </td><td>\n";
	224	if ($use_javascript_addr_book) {
	225	echo " <SCRIPT LANGUAGE=JavaScript><!--\n document.write(\"";
	226	echo " <input type=button value=\\\""._("Addresses")."\\\" onclick='javascript:open_abook();'>\");";
	227	echo " // --></SCRIPT><NOSCRIPT>\n";
	228	echo " <input type=submit name=\"html_addr_search\" value=\""._("Addresses")."\">";
	229	echo " </NOSCRIPT>\n";
	230	} else {
	231	echo " <input type=submit name=\"html_addr_search\" value=\""._("Addresses")."\">";
	232	}
	233	echo "\n <INPUT TYPE=SUBMIT NAME=send VALUE=\"". _("Send") . "\">\n";
15bfc1bc	234
	235	do_hook("compose_button_row");
	236
480feea7	237	echo " </TD>\n";
	238	echo " </TR>\n\n";
	239
4ba45d11	240
e5b23ff2	241	echo " <TR>\n";
c5d828b3	242	echo " <TD BGCOLOR=\"$color[4]\" COLSPAN=2>\n";
cf8758c7	243	echo "   <TEXTAREA NAME=body ROWS=20 COLS=\"$editor_size\" WRAP=HARD>";
6e79bfe2	244	if ($use_signature == true && $newmail == true && !isset($from_htmladdr_search)) {
ef3c69f0	245	echo (htmlspecialchars($body)) . "\n\n-- \n" . htmlspecialchars($signature);
cf8758c7	246	} else {
ef3c69f0	247	echo (htmlspecialchars($body));
cf8758c7	248	}
cf8758c7	249	echo "</TEXTAREA><BR>\n";
e5b23ff2	250	echo " </TD>\n";
e5b23ff2	251	echo " </TR>\n";
c5d828b3	252	echo " <TR><TD COLSPAN=2 ALIGN=CENTER><INPUT TYPE=SUBMIT NAME=send VALUE=\"";
e5b23ff2	253	echo _("Send");
	254	echo "\"></TD></TR>\n";
	255
4ba45d11	256	// This code is for attachments
4ba45d11	257	echo " <tr>\n";
c5d828b3	258	echo " <TD BGCOLOR=\"$color[0]\" VALIGN=TOP ALIGN=RIGHT>\n";
aae41ae9	259	echo " <SMALL><BR></SMALL>"._("Attach:");
c5d828b3	260	echo " </td><td ALIGN=left BGCOLOR=\"$color[0]\">\n";
4ba45d11	261	// echo " <INPUT TYPE=\"hidden\" name=\"MAX_FILE_SIZE\"\n";
4ba45d11	262	// echo " value=\"10000\">\n";
944eb785	263	echo " <INPUT NAME=\"attachfile\" SIZE=48 TYPE=\"file\">\n";
95de6c91	264	echo "   <input type=\"submit\" name=\"attach\"";
95de6c91	265	echo " value=\"" . _("Add") ."\">\n";
469eb37b	266	echo " </td>\n";
469eb37b	267	echo " </tr>\n";
4ba45d11	268	if (isset($attachments) && count($attachments)>0) {
162efb6f	269	echo "<tr><td bgcolor=\"$color[0]\" align=right>\n";
e5b23ff2	270	echo " ";
c5d828b3	271	echo "</td><td align=left bgcolor=\"$color[0]\">";
4ba45d11	272	while (list($localname, $remotename) = each($attachments)) {
	273	echo "<input type=\"checkbox\" name=\"delete[]\" value=\"$localname\">\n";
	274	echo "$remotename <input type=\"hidden\" name=\"attachments[$localname]\" value=\"$remotename\"><br>\n";
	275	}
	276
	277	echo "<input type=\"submit\" name=\"do_delete\" value=\""._("Delete selected attachments")."\">\n";
469eb37b	278	echo "</td></tr>";
4ba45d11	279	}
4ba45d11	280	// End of attachment code
4ba45d11	281
ffc2ccbc	282	echo "</TABLE>\n";
df15de21	283	echo "</FORM>";
d7d3c4d4	284	do_hook("compose_bottom");
31f3d7c0	285	}
8467bf00	286
df15de21	287	function showSentForm () {
df15de21	288	echo "<BR><BR><BR><CENTER><B>Message Sent!</B><BR><BR>";
9f2215a1	289	echo "You will be automatically forwarded.<BR>If not, <A HREF=\"right_main.php\">click here</A>";
aae41ae9	290	echo "</CENTER>";
df15de21	291	}
b278172f	292
0ad7dbda	293	function checkInput ($show) {
	294	/** I implemented the $show variable because the error messages
	295	were getting sent before the page header. So, I check once
	296	using $show=false, and then when i'm ready to display the
	297	error message, show=true **/
	298	global $body, $send_to, $subject, $color;
b278172f	299
99fa2b21	300	if ($send_to == "") {
0ad7dbda	301	if ($show)
0ad7dbda	302	plain_error_message(_("You have not filled in the \"To:\" field."), $color);
df15de21	303	return false;
b278172f	304	}
df15de21	305	return true;
	306	} // function checkInput()
	307
3806fa52	308
ecf51658	309	if (($mailbox == "") \|\| ($mailbox == "None"))
dcb7f454	310	$mailbox = "INBOX";
3806fa52	311
4ba45d11	312	if(isset($send)) {
0ad7dbda	313	if (checkInput(false)) {
966286ae	314	$urlMailbox = urlencode ($mailbox);
	315	sendMessage($send_to, $send_to_cc, $send_to_bcc, $subject, $body, $reply_id);
	316	header ("Location: right_main.php?mailbox=$urlMailbox&sort=$sort&startMessage=1");
df15de21	317	} else {
e1469126	318	$imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
dcb7f454	319	displayPageHeader($color, $mailbox);
0ad7dbda	320	checkInput(true);
0ad7dbda	321
df15de21	322	showInputForm();
1195c340	323	sqimap_logout($imapConnection);
7c6cb7ca	324	}
3806fa52	325	} else if ($html_addr_search_done) {
3c13b9fb	326	is_logged_in();
dcb7f454	327	displayPageHeader($color, $mailbox);
3806fa52	328
7aaa81fc	329	$send_to = sqStripSlashes($send_to);
	330	$send_to_cc = sqStripSlashes($send_to_cc);
	331	$send_to_bcc = sqStripSlashes($send_to_bcc);
3806fa52	332
6c7fd6ca	333	for ($i=0; $i < count($send_to_search); $i++) {
	334	if ($send_to)
	335	$send_to .= ", ";
	336	$send_to .= $send_to_search[$i];
	337	}
	338
	339	for ($i=0; $i < count($send_to_cc_search); $i++) {
	340	if ($send_to_cc)
	341	$send_to_cc .= ", ";
	342	$send_to_cc .= $send_to_cc_search[$i];
	343	}
	344
3806fa52	345	showInputForm();
6c7fd6ca	346	} else if ($html_addr_search) {
591d2a88	347	// I am using an include so as to elminiate an extra unnecessary click. If you
591d2a88	348	// can think of a better way, please implement it.
6c7fd6ca	349	include ("addrbook_search_html.php");
4ba45d11	350	} else if (isset($attach)) {
3c13b9fb	351	is_logged_in();
dcb7f454	352	displayPageHeader($color, $mailbox);
fc3348ac	353
6519e12b	354	$localfilename = md5($HTTP_POST_FILES['attachfile']['tmp_name'].", ".$HTTP_POST_FILES['attachfile']['name'].", $REMOTE_IP, $REMOTE_PORT, $UNIQUE_ID, and everything else that may add entropy");
6519e12b	355	// $localfilename = $localfilename; // ??
4ba45d11	356
4ba45d11	357	// Put the file in a better place
162efb6f	358	// This shouldn't be here... Ondrej Sury <ondrej@sury.cz>
	359	//$tmp=explode('/',$attachfile);
	360	//$attachfile=$tmp[count($tmp)-1];
	361	//$attachfile=ereg_replace('\.{2,}','',$attachfile);
cacf2747	362
162efb6f	363	//error_reporting(0); // Rename will produce error output if it fails
	364	//if (!rename($attachfile, $attachment_dir.$localfilename)) {
	365	// if (!copy($attachfile, $attachment_dir.$localfilename)) {
6519e12b	366	if (!@rename($HTTP_POST_FILES['attachfile']['tmp_name'], $attachment_dir.$localfilename)) {
6519e12b	367	if (!@copy($HTTP_POST_FILES['attachfile']['tmp_name'], $attachment_dir.$localfilename)) {
22ef7536	368	plain_error_message(_("Could not move/copy file. File not attached"), $color);
c3c37167	369	$failed = true;
4ba45d11	370	}
	371	}
	372	// If it still exists, PHP will remove the original file
	373
c3c37167	374	if (!$failed) {
	375	// Write information about the file
	376	$fp = fopen ($attachment_dir.$localfilename.".info", "w");
6519e12b	377	fputs ($fp, $HTTP_POST_FILES['attachfile']['type']."\n".$HTTP_POST_FILES['attachfile']['name']."\n");
c3c37167	378	fclose ($fp);
4ba45d11	379
6519e12b	380	$attachments[$localfilename] = $HTTP_POST_FILES['attachfile']['name'];
c3c37167	381	}
4ba45d11	382
	383	showInputForm();
	384	} else if (isset($do_delete)) {
3c13b9fb	385	is_logged_in();
dcb7f454	386	displayPageHeader($color, $mailbox);
fc3348ac	387
fb16d219	388	while (list($lkey, $localname) = each($delete)) {
fb16d219	389	array_splice ($attachments, $lkey, 1);
c3c37167	390	unlink ($attachment_dir.$localname);
c3c37167	391	unlink ($attachment_dir.$localname.".info");
4ba45d11	392	}
4bfed9f3	393
4ba45d11	394	showInputForm();
4ba45d11	395	} else {
a60b9989	396	$imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
dcb7f454	397	displayPageHeader($color, $mailbox);
fc3348ac	398
b57c4e63	399	$newmail = true;
1220e677	400	newMail();
4ba45d11	401	showInputForm();
1195c340	402	sqimap_logout($imapConnection);
4ba45d11	403	}
da79853a	404	?>