0) return true; else return false; } // looks up aliases in the addressbook and expands them to // the full address. // Adds @$domain if it wasn't in the address book and if it // doesn't have an @ symbol in it function expandAddrs ($array) { global $domain; // don't show errors -- kinda critical that we don't see // them here since the redirect won't work if we do show them $abook = addressbook_init(false); for ($i=0; $i < count($array); $i++) { $result = $abook->lookup($array[$i]); $ret = ""; if (isset($result['email'])) { if (isset($result['name'])) { $ret = '"'.$result['name'].'" '; } $ret .= '<'.$result['email'].'>'; $array[$i] = $ret; } else { if (strpos($array[$i], '@') === false) $array[$i] .= '@' . $domain; $array[$i] = '<' . $array[$i] . '>'; } } return $array; } // Attach the files that are due to be attached function attachFiles ($fp) { global $attachments, $attachment_dir; $length = 0; if (isMultipart()) { foreach ($attachments as $info) { // echo "
Attachment Info:\n"; // var_dump($info); // echo "\n\n"; if (isset($info['type'])) $filetype = $info['type']; else $filetype = 'application/octet-stream'; $header = '--'.mimeBoundary()."\r\n"; $header .= "Content-Type: $filetype; name=\"" . $info['remotefilename'] . "\"\r\n"; $header .= "Content-Disposition: attachment; filename=\"" . $info['remotefilename'] . "\"\r\n"; $file = fopen ($attachment_dir . $info['localfilename'], 'r'); if (substr($filetype, 0, 5) == 'text/' || $filetype == 'message/rfc822') { $header .= "\r\n"; fputs ($fp, $header); $length += strlen($header); while ($tmp = fgets($file, 4096)) { $tmp = str_replace("\r\n", "\n", $tmp); $tmp = str_replace("\r", "\n", $tmp); $tmp = str_replace("\n", "\r\n", $tmp); $tmp .= "\r\n"; fputs($fp, $tmp); $length += strlen($tmp); } } else { $header .= "Content-Transfer-Encoding: base64\r\n\r\n"; fputs ($fp, $header); $length += strlen($header); while ($tmp = fread($file, 570)) { $encoded = chunk_split(base64_encode($tmp)); $length += strlen($encoded); fputs ($fp, $encoded); } } fclose ($file); } } return $length; } // Delete files that are uploaded for attaching function deleteAttachments() { global $attachments, $attachment_dir; if (isMultipart()) { reset($attachments); while (list($localname, $remotename) = each($attachments)) { if (!ereg ("\\/", $localname)) { unlink ($attachment_dir.$localname); unlink ($attachment_dir.$localname.'.info'); } } } } // Return a nice MIME-boundary function mimeBoundary () { static $mimeBoundaryString; if ($mimeBoundaryString == "") { $mimeBoundaryString = "----=_" . GenerateRandomString(60, '\'()+,-./:=?_', 7); } return $mimeBoundaryString; } /* Time offset for correct timezone */ function timezone () { global $invert_time; $diff_second = date('Z'); if ($invert_time) $diff_second = - $diff_second; if ($diff_second > 0) $sign = '+'; else $sign = '-'; $diff_second = abs($diff_second); $diff_hour = floor ($diff_second / 3600); $diff_minute = floor (($diff_second-3600*$diff_hour) / 60); $zonename = '('.strftime('%Z').')'; $result = sprintf ("%s%02d%02d %s", $sign, $diff_hour, $diff_minute, $zonename); return ($result); } /* Print all the needed RFC822 headers */ function write822Header ($fp, $t, $c, $b, $subject, $more_headers) { global $REMOTE_ADDR, $SERVER_NAME, $REMOTE_PORT; global $data_dir, $username, $popuser, $domain, $version, $useSendmail; global $default_charset, $HTTP_VIA, $HTTP_X_FORWARDED_FOR; global $REMOTE_HOST, $identity; // Storing the header to make sure the header is the same // everytime the header is printed. static $header, $headerlength; if ($header == '') { $to = expandAddrs(parseAddrs($t)); $cc = expandAddrs(parseAddrs($c)); $bcc = expandAddrs(parseAddrs($b)); if (isset($identity) && $identity != 'default') { $reply_to = getPref($data_dir, $username, 'reply_to' . $identity); $from = getPref($data_dir, $username, 'full_name' . $identity); $from_addr = getPref($data_dir, $username, 'email_address' . $identity); } else { $reply_to = getPref($data_dir, $username, 'reply_to'); $from = getPref($data_dir, $username, 'full_name'); $from_addr = getPref($data_dir, $username, 'email_address'); } if ($from_addr == '') $from_addr = $popuser.'@'.$domain; $to_list = getLineOfAddrs($to); $cc_list = getLineOfAddrs($cc); $bcc_list = getLineOfAddrs($bcc); /* Encoding 8-bit characters and making from line */ $subject = encodeHeader($subject); if ($from == '') $from = "<$from_addr>"; else $from = '"' . encodeHeader($from) . "\" <$from_addr>"; /* This creates an RFC 822 date */ $date = date("D, j M Y H:i:s ", mktime()) . timezone(); /* Create a message-id */ $message_id = '<' . $REMOTE_PORT . '.' . $REMOTE_ADDR . '.'; $message_id .= time() . '.squirrel@' . $SERVER_NAME .'>'; /* Make an RFC822 Received: line */ if (isset($REMOTE_HOST)) $received_from = "$REMOTE_HOST ([$REMOTE_ADDR])"; else $received_from = $REMOTE_ADDR; if (isset($HTTP_VIA) || isset ($HTTP_X_FORWARDED_FOR)) { if ($HTTP_X_FORWARDED_FOR == '') $HTTP_X_FORWARDED_FOR = 'unknown'; $received_from .= " (proxying for $HTTP_X_FORWARDED_FOR)"; } $header = "Received: from $received_from\r\n"; $header .= " (SquirrelMail authenticated user $username)\r\n"; $header .= " by $SERVER_NAME with HTTP;\r\n"; $header .= " $date\r\n"; /* Insert the rest of the header fields */ $header .= "Message-ID: $message_id\r\n"; $header .= "Date: $date\r\n"; $header .= "Subject: $subject\r\n"; $header .= "From: $from\r\n"; $header .= "To: $to_list\r\n"; // Who it's TO /* Insert headers from the $more_headers array */ if(is_array($more_headers)) { reset($more_headers); while(list($h_name, $h_val) = each($more_headers)) { $header .= sprintf("%s: %s\r\n", $h_name, $h_val); } } if ($cc_list) { $header .= "Cc: $cc_list\r\n"; // Who the CCs are } if ($reply_to != '') $header .= "Reply-To: $reply_to\r\n"; if ($useSendmail) { if ($bcc_list) { // BCCs is removed from header by sendmail $header .= "Bcc: $bcc_list\r\n"; } } $header .= "X-Mailer: SquirrelMail (version $version)\r\n"; // Identify SquirrelMail // Do the MIME-stuff $header .= "MIME-Version: 1.0\r\n"; if (isMultipart()) { $header .= 'Content-Type: multipart/mixed; boundary="'; $header .= mimeBoundary(); $header .= "\"\r\n"; } else { if ($default_charset != '') $header .= "Content-Type: text/plain; charset=$default_charset\r\n"; else $header .= "Content-Type: text/plain;\r\n"; $header .= "Content-Transfer-Encoding: 8bit\r\n"; } $header .= "\r\n"; // One blank line to separate header and body $headerlength = strlen($header); } // Write the header fputs ($fp, $header); return $headerlength; } // Send the body function writeBody ($fp, $passedBody) { global $default_charset; $attachmentlength = 0; if (isMultipart()) { $body = '--'.mimeBoundary()."\r\n"; if ($default_charset != "") $body .= "Content-Type: text/plain; charset=$default_charset\r\n"; else $body .= "Content-Type: text/plain\r\n"; $body .= "Content-Transfer-Encoding: 8bit\r\n\r\n"; $body .= $passedBody . "\r\n\r\n"; fputs ($fp, $body); $attachmentlength = attachFiles($fp); if (!isset($postbody)) $postbody = ""; $postbody .= "\r\n--".mimeBoundary()."--\r\n\r\n"; fputs ($fp, $postbody); } else { $body = $passedBody . "\r\n"; fputs ($fp, $body); $postbody = "\r\n"; fputs ($fp, $postbody); } return (strlen($body) + strlen($postbody) + $attachmentlength); } // Send mail using the sendmail command function sendSendmail($t, $c, $b, $subject, $body, $more_headers) { global $sendmail_path, $popuser, $username, $domain; // Build envelope sender address. Make sure it doesn't contain // spaces or other "weird" chars that would allow a user to // exploit the shell/pipe it is used in. $envelopefrom = "$popuser@$domain"; $envelopefrom = ereg_replace("[[:blank:]]",'', $envelopefrom); $envelopefrom = ereg_replace("[[:space:]]",'', $envelopefrom); $envelopefrom = ereg_replace("[[:cntrl:]]",'', $envelopefrom); // open pipe to sendmail $fp = popen (escapeshellcmd("$sendmail_path -t -f$envelopefrom"), 'w'); $headerlength = write822Header ($fp, $t, $c, $b, $subject, $more_headers); $bodylength = writeBody($fp, $body); pclose($fp); return ($headerlength + $bodylength); } function smtpReadData($smtpConnection) { $read = fgets($smtpConnection, 1024); $counter = 0; while ($read) { echo $read . '