** $Id$
**/
- $smtp_php = true;
+ if (defined('smtp_php'))
+ return;
+ define('smtp_php', true);
+
+ require_once('../functions/addressbook.php');
+ require_once('../functions/plugin.php');
+
+ global $username, $popuser, $domain;
// This should most probably go to some initialization...
if (ereg("^([^@%/]+)[@%/](.+)$", $username, $usernamedata)) {
}
// We need domain for smtp
if (!$domain)
- $domain = getenv("HOSTNAME");
+ $domain = getenv('HOSTNAME');
// Returns true only if this message is multipart
function isMultipart () {
return false;
}
+ // looks up aliases in the addressbook and expands them to
+ // the full address.
+ // Adds @$domain if it wasn't in the address book and if it
+ // doesn't have an @ symbol in it
+ function expandAddrs ($array) {
+ global $domain;
+
+ // don't show errors -- kinda critical that we don't see
+ // them here since the redirect won't work if we do show them
+ $abook = addressbook_init(false);
+ for ($i=0; $i < count($array); $i++) {
+ $result = $abook->lookup($array[$i]);
+ $ret = "";
+ if (isset($result['email'])) {
+ if (isset($result['name'])) {
+ $ret = '"'.$result['name'].'" ';
+ }
+ $ret .= '<'.$result['email'].'>';
+ $array[$i] = $ret;
+ }
+ else
+ {
+ if (strpos($array[$i], '@') === false)
+ $array[$i] .= '@' . $domain;
+ $array[$i] = '<' . $array[$i] . '>';
+ }
+ }
+ return $array;
+ }
+
// Attach the files that are due to be attached
function attachFiles ($fp) {
global $attachments, $attachment_dir;
$length = 0;
if (isMultipart()) {
- reset($attachments);
- while (list($localname, $remotename) = each($attachments)) {
- // This is to make sure noone is giving a filename in another
- // directory
- $localname = ereg_replace ("\\/", "", $localname);
-
- $fileinfo = fopen ($attachment_dir.$localname.".info", "r");
- $filetype = fgets ($fileinfo, 8192);
- fclose ($fileinfo);
- $filetype = trim ($filetype);
- if ($filetype=="")
- $filetype = "application/octet-stream";
+ foreach ($attachments as $info)
+ {
+ if (isset($info['type']))
+ $filetype = $info['type'];
+ else
+ $filetype = 'application/octet-stream';
- $header = "--".mimeBoundary()."\r\n";
- $header .= "Content-Type: $filetype;name=\"$remotename\"\r\n";
- $header .= "Content-Disposition: attachment; filename=\"$remotename\"\r\n";
- $header .= "Content-Transfer-Encoding: base64\r\n\r\n";
- fputs ($fp, $header);
- $length += strlen($header);
+ $header = '--'.mimeBoundary()."\r\n";
+ $header .= "Content-Type: $filetype; name=\"" .
+ $info['remotefilename'] . "\"\r\n";
+ $header .= "Content-Disposition: attachment; filename=\"" .
+ $info['remotefilename'] . "\"\r\n";
- $file = fopen ($attachment_dir.$localname, "r");
- while ($tmp = fread($file, 570)) {
- $encoded = chunk_split(base64_encode($tmp));
- $length += strlen($encoded);
- fputs ($fp, $encoded);
- }
+ // Use 'rb' for NT systems -- read binary
+ // Unix doesn't care -- everything's binary! :-)
+ $file = fopen ($attachment_dir . $info['localfilename'], 'rb');
+ if (substr($filetype, 0, 5) == 'text/' ||
+ $filetype == 'message/rfc822') {
+ $header .= "\r\n";
+ fputs ($fp, $header);
+ $length += strlen($header);
+ while ($tmp = fgets($file, 4096)) {
+ $tmp = str_replace("\r\n", "\n", $tmp);
+ $tmp = str_replace("\r", "\n", $tmp);
+ $tmp = str_replace("\n", "\r\n", $tmp);
+ if (feof($fp) && substr($tmp, -2) != "\r\n")
+ $tmp .= "\r\n";
+ fputs($fp, $tmp);
+ $length += strlen($tmp);
+ }
+ } else {
+ $header .= "Content-Transfer-Encoding: base64\r\n\r\n";
+ fputs ($fp, $header);
+ $length += strlen($header);
+ while ($tmp = fread($file, 570)) {
+ $encoded = chunk_split(base64_encode($tmp));
+ $length += strlen($encoded);
+ fputs ($fp, $encoded);
+ }
+ }
fclose ($file);
}
}
while (list($localname, $remotename) = each($attachments)) {
if (!ereg ("\\/", $localname)) {
unlink ($attachment_dir.$localname);
- unlink ($attachment_dir.$localname.".info");
+ unlink ($attachment_dir.$localname.'.info');
}
}
}
static $mimeBoundaryString;
if ($mimeBoundaryString == "") {
- $mimeBoundaryString = GenerateRandomString(70, '\'()+,-./:=?_', 7);
+ $mimeBoundaryString = "----=_" .
+ GenerateRandomString(60, '\'()+,-./:=?_', 7);
}
return $mimeBoundaryString;
function timezone () {
global $invert_time;
- $diff_second = date("Z");
+ $diff_second = date('Z');
if ($invert_time)
$diff_second = - $diff_second;
if ($diff_second > 0)
- $sign = "+";
+ $sign = '+';
else
- $sign = "-";
+ $sign = '-';
$diff_second = abs($diff_second);
$diff_hour = floor ($diff_second / 3600);
$diff_minute = floor (($diff_second-3600*$diff_hour) / 60);
- $zonename = "(".strftime("%Z").")";
+ $zonename = '('.strftime('%Z').')';
$result = sprintf ("%s%02d%02d %s", $sign, $diff_hour, $diff_minute, $zonename);
return ($result);
}
global $REMOTE_ADDR, $SERVER_NAME, $REMOTE_PORT;
global $data_dir, $username, $popuser, $domain, $version, $useSendmail;
global $default_charset, $HTTP_VIA, $HTTP_X_FORWARDED_FOR;
- global $REMOTE_HOST;
+ global $REMOTE_HOST, $identity;
// Storing the header to make sure the header is the same
// everytime the header is printed.
static $header, $headerlength;
- if ($header == "") {
- $to = parseAddrs($t);
- $cc = parseAddrs($c);
- $bcc = parseAddrs($b);
- $reply_to = getPref($data_dir, $username, "reply_to");
- $from = getPref($data_dir, $username, "full_name");
- $from_addr = getPref($data_dir, $username, "email_address");
+ if ($header == '') {
+ $to = expandAddrs(parseAddrs($t));
+ $cc = expandAddrs(parseAddrs($c));
+ $bcc = expandAddrs(parseAddrs($b));
+ if (isset($identity) && $identity != 'default')
+ {
+ $reply_to = getPref($data_dir, $username, 'reply_to' . $identity);
+ $from = getPref($data_dir, $username, 'full_name' . $identity);
+ $from_addr = getPref($data_dir, $username, 'email_address' . $identity);
+ }
+ else
+ {
+ $reply_to = getPref($data_dir, $username, 'reply_to');
+ $from = getPref($data_dir, $username, 'full_name');
+ $from_addr = getPref($data_dir, $username, 'email_address');
+ }
- if ($from_addr == "")
- $from_addr = $popuser."@".$domain;
+ if ($from_addr == '')
+ $from_addr = $popuser.'@'.$domain;
$to_list = getLineOfAddrs($to);
$cc_list = getLineOfAddrs($cc);
$bcc_list = getLineOfAddrs($bcc);
/* Encoding 8-bit characters and making from line */
- $subject = sqStripSlashes(encodeHeader($subject));
- if ($from == "")
+ $subject = encodeHeader($subject);
+ if ($from == '')
$from = "<$from_addr>";
else
- $from = "\"" . encodeHeader($from) . "\" <$from_addr>";
+ $from = '"' . encodeHeader($from) . "\" <$from_addr>";
/* This creates an RFC 822 date */
$date = date("D, j M Y H:i:s ", mktime()) . timezone();
/* Create a message-id */
- $message_id = "<" . $REMOTE_PORT . "." . $REMOTE_ADDR . ".";
- $message_id .= time() . ".squirrel@" . $SERVER_NAME .">";
+ $message_id = '<' . $REMOTE_PORT . '.' . $REMOTE_ADDR . '.';
+ $message_id .= time() . '.squirrel@' . $SERVER_NAME .'>';
/* Make an RFC822 Received: line */
if (isset($REMOTE_HOST))
$received_from = $REMOTE_ADDR;
if (isset($HTTP_VIA) || isset ($HTTP_X_FORWARDED_FOR)) {
- if ($HTTP_X_FORWARDED_FOR == "")
- $HTTP_X_FORWARDED_FOR = "unknown";
+ if ($HTTP_X_FORWARDED_FOR == '')
+ $HTTP_X_FORWARDED_FOR = 'unknown';
$received_from .= " (proxying for $HTTP_X_FORWARDED_FOR)";
}
$header .= "Date: $date\r\n";
$header .= "Subject: $subject\r\n";
$header .= "From: $from\r\n";
- $header .= "To: $to_list \r\n"; // Who it's TO
+ $header .= "To: $to_list\r\n"; // Who it's TO
/* Insert headers from the $more_headers array */
if(is_array($more_headers)) {
$header .= "Cc: $cc_list\r\n"; // Who the CCs are
}
- if ($reply_to != "")
+ if ($reply_to != '')
$header .= "Reply-To: $reply_to\r\n";
if ($useSendmail) {
$header .= "MIME-Version: 1.0\r\n";
if (isMultipart()) {
- $header .= "Content-Type: multipart/mixed; boundary=\"";
+ $header .= 'Content-Type: multipart/mixed; boundary="';
$header .= mimeBoundary();
$header .= "\"\r\n";
} else {
- if ($default_charset != "")
+ if ($default_charset != '')
$header .= "Content-Type: text/plain; charset=$default_charset\r\n";
else
$header .= "Content-Type: text/plain;\r\n";
$attachmentlength = 0;
if (isMultipart()) {
- $body = "--".mimeBoundary()."\r\n";
+ $body = '--'.mimeBoundary()."\r\n";
if ($default_charset != "")
$body .= "Content-Type: text/plain; charset=$default_charset\r\n";
$body .= "Content-Type: text/plain\r\n";
$body .= "Content-Transfer-Encoding: 8bit\r\n\r\n";
- $body .= sqStripSlashes($passedBody) . "\r\n\r\n";
+ $body .= $passedBody . "\r\n\r\n";
fputs ($fp, $body);
$attachmentlength = attachFiles($fp);
+ if (!isset($postbody)) $postbody = "";
$postbody .= "\r\n--".mimeBoundary()."--\r\n\r\n";
fputs ($fp, $postbody);
} else {
- $body = sqStripSlashes($passedBody) . "\r\n";
+ $body = $passedBody . "\r\n";
fputs ($fp, $body);
$postbody = "\r\n";
fputs ($fp, $postbody);
// spaces or other "weird" chars that would allow a user to
// exploit the shell/pipe it is used in.
$envelopefrom = "$popuser@$domain";
- $envelopefrom = ereg_replace("[[:blank:]]","", $envelopefrom);
- $envelopefrom = ereg_replace("[[:space:]]","", $envelopefrom);
- $envelopefrom = ereg_replace("[[:cntrl:]]","", $envelopefrom);
+ $envelopefrom = ereg_replace("[[:blank:]]",'', $envelopefrom);
+ $envelopefrom = ereg_replace("[[:space:]]",'', $envelopefrom);
+ $envelopefrom = ereg_replace("[[:cntrl:]]",'', $envelopefrom);
// open pipe to sendmail
- $fp = popen (escapeshellcmd("$sendmail_path -t -f$envelopefrom"), "w");
+ $fp = popen (escapeshellcmd("$sendmail_path -t -f$envelopefrom"), 'w');
$headerlength = write822Header ($fp, $t, $c, $b, $subject, $more_headers);
$bodylength = writeBody($fp, $body);
$read = fgets($smtpConnection, 1024);
$counter = 0;
while ($read) {
- echo $read . "<BR>";
+ echo $read . '<BR>';
$data[$counter] = $read;
$read = fgets($smtpConnection, 1024);
$counter++;
}
function sendSMTP($t, $c, $b, $subject, $body, $more_headers) {
- global $username, $popuser, $domain, $version, $smtpServerAddress, $smtpPort,
- $data_dir, $color;
-
- $to = parseAddrs($t);
- $cc = parseAddrs($c);
- $bcc = parseAddrs($b);
- $from_addr = getPref($data_dir, $username, "email_address");
+ global $username, $popuser, $domain, $version, $smtpServerAddress,
+ $smtpPort, $data_dir, $color, $use_authenticated_smtp, $identity,
+ $key, $onetimepad;
+
+ $to = expandAddrs(parseAddrs($t));
+ $cc = expandAddrs(parseAddrs($c));
+ $bcc = expandAddrs(parseAddrs($b));
+ if (isset($identity) && $identity != 'default')
+ $from_addr = getPref($data_dir, $username, 'email_address' . $identity);
+ else
+ $from_addr = getPref($data_dir, $username, 'email_address');
if (!$from_addr)
$from_addr = "$popuser@$domain";
$smtpConnection = fsockopen($smtpServerAddress, $smtpPort, $errorNumber, $errorString);
if (!$smtpConnection) {
- echo "Error connecting to SMTP Server.<br>";
+ echo 'Error connecting to SMTP Server.<br>';
echo "$errorNumber : $errorString<br>";
exit;
}
$tmp = fgets($smtpConnection, 1024);
- errorCheck($tmp, $smtpConnection);
+ if (errorCheck($tmp, $smtpConnection)!=5) return(0);
$to_list = getLineOfAddrs($to);
$cc_list = getLineOfAddrs($cc);
/** Lets introduce ourselves */
- fputs($smtpConnection, "HELO $domain\r\n");
- $tmp = fgets($smtpConnection, 1024);
- errorCheck($tmp, $smtpConnection);
+ if (! isset ($use_authenticated_smtp) || $use_authenticated_smtp == false) {
+ fputs($smtpConnection, "HELO $domain\r\n");
+ $tmp = fgets($smtpConnection, 1024);
+ if (errorCheck($tmp, $smtpConnection)!=5) return(0);
+ } else {
+ fputs($smtpConnection, "EHLO $domain\r\n");
+ $tmp = fgets($smtpConnection, 1024);
+ if (errorCheck($tmp, $smtpConnection)!=5) return(0);
+
+ fputs($smtpConnection, "AUTH LOGIN\r\n");
+ $tmp = fgets($smtpConnection, 1024);
+ if (errorCheck($tmp, $smtpConnection)!=5) return(0);
+
+ fputs($smtpConnection, base64_encode ($username) . "\r\n");
+ $tmp = fgets($smtpConnection, 1024);
+ if (errorCheck($tmp, $smtpConnection)!=5) return(0);
+
+ fputs($smtpConnection, base64_encode (OneTimePadDecrypt($key, $onetimepad)) . "\r\n");
+ $tmp = fgets($smtpConnection, 1024);
+ if (errorCheck($tmp, $smtpConnection)!=5) return(0);
+ }
/** Ok, who is sending the message? */
- fputs($smtpConnection, "MAIL FROM:<$from_addr>\r\n");
+ fputs($smtpConnection, "MAIL FROM: <$from_addr>\r\n");
$tmp = fgets($smtpConnection, 1024);
- errorCheck($tmp, $smtpConnection);
+ if (errorCheck($tmp, $smtpConnection)!=5) return(0);
/** send who the recipients are */
for ($i = 0; $i < count($to); $i++) {
- fputs($smtpConnection, "RCPT TO:<$to[$i]>\r\n");
+ fputs($smtpConnection, "RCPT TO: $to[$i]\r\n");
$tmp = fgets($smtpConnection, 1024);
- errorCheck($tmp, $smtpConnection);
+ if (errorCheck($tmp, $smtpConnection)!=5) return(0);
}
for ($i = 0; $i < count($cc); $i++) {
- fputs($smtpConnection, "RCPT TO:<$cc[$i]>\r\n");
+ fputs($smtpConnection, "RCPT TO: $cc[$i]\r\n");
$tmp = fgets($smtpConnection, 1024);
- errorCheck($tmp, $smtpConnection);
+ if (errorCheck($tmp, $smtpConnection)!=5) return(0);
}
for ($i = 0; $i < count($bcc); $i++) {
- fputs($smtpConnection, "RCPT TO:<$bcc[$i]>\r\n");
+ fputs($smtpConnection, "RCPT TO: $bcc[$i]\r\n");
$tmp = fgets($smtpConnection, 1024);
- errorCheck($tmp, $smtpConnection);
+ if (errorCheck($tmp, $smtpConnection)!=5) return(0);
}
/** Lets start sending the actual message */
fputs($smtpConnection, "DATA\r\n");
$tmp = fgets($smtpConnection, 1024);
- errorCheck($tmp, $smtpConnection);
+ if (errorCheck($tmp, $smtpConnection)!=5) return(0);
// Send the message
$headerlength = write822Header ($smtpConnection, $t, $c, $b, $subject, $more_headers);
fputs($smtpConnection, ".\r\n"); // end the DATA part
$tmp = fgets($smtpConnection, 1024);
- $num = errorCheck($tmp, $smtpConnection);
+ $num = errorCheck($tmp, $smtpConnection, true);
if ($num != 250) {
- $tmp = nl2br(htmlspecialchars($tmp));
- echo "ERROR<BR>Message not sent!<BR>Reason given: $tmp<BR></BODY></HTML>";
+ $tmp = nl2br(htmlspecialchars($tmp));
+ displayPageHeader($color, 'None');
+ include_once('../functions/display_messages.php');
+ $msg = "Message not sent!<br>\nReason given: $tmp";
+ plain_error_message($msg, $color);
+ return(0);
}
fputs($smtpConnection, "QUIT\r\n"); // log off
}
- function errorCheck($line, $smtpConnection) {
- global $page_header_php;
+ function errorCheck($line, $smtpConnection, $verbose = false) {
global $color;
- if (!isset($page_header_php)) {
- include "../functions/page_header.php";
- }
// Read new lines on a multiline response
$lines = $line;
$err_num = substr($line, 0, strpos($line, " "));
switch ($err_num) {
- case 500: $message = "Syntax error; command not recognized";
+ case 500: $message = 'Syntax error; command not recognized';
$status = 0;
break;
- case 501: $message = "Syntax error in parameters or arguments";
+ case 501: $message = 'Syntax error in parameters or arguments';
$status = 0;
break;
- case 502: $message = "Command not implemented";
+ case 502: $message = 'Command not implemented';
$status = 0;
break;
- case 503: $message = "Bad sequence of commands";
+ case 503: $message = 'Bad sequence of commands';
$status = 0;
break;
- case 504: $message = "Command parameter not implemented";
+ case 504: $message = 'Command parameter not implemented';
$status = 0;
break;
- case 211: $message = "System status, or system help reply";
+ case 211: $message = 'System status, or system help reply';
$status = 5;
break;
- case 214: $message = "Help message";
+ case 214: $message = 'Help message';
$status = 5;
break;
- case 220: $message = "Service ready";
+ case 220: $message = 'Service ready';
$status = 5;
break;
- case 221: $message = "Service closing transmission channel";
+ case 221: $message = 'Service closing transmission channel';
$status = 5;
break;
- case 421: $message = "Service not available, closing chanel";
+ case 421: $message = 'Service not available, closing chanel';
$status = 0;
break;
-
- case 250: $message = "Requested mail action okay, completed";
+ case 235: return(5); break;
+ case 250: $message = 'Requested mail action okay, completed';
$status = 5;
break;
- case 251: $message = "User not local; will forward";
+ case 251: $message = 'User not local; will forward';
$status = 5;
break;
- case 450: $message = "Requested mail action not taken: mailbox unavailable";
+ case 334: return(5); break;
+ case 450: $message = 'Requested mail action not taken: mailbox unavailable';
$status = 0;
break;
- case 550: $message = "Requested action not taken: mailbox unavailable";
+ case 550: $message = 'Requested action not taken: mailbox unavailable';
$status = 0;
break;
- case 451: $message = "Requested action aborted: error in processing";
+ case 451: $message = 'Requested action aborted: error in processing';
$status = 0;
break;
- case 551: $message = "User not local; please try forwarding";
+ case 551: $message = 'User not local; please try forwarding';
$status = 0;
break;
- case 452: $message = "Requested action not taken: insufficient system storage";
+ case 452: $message = 'Requested action not taken: insufficient system storage';
$status = 0;
break;
- case 552: $message = "Requested mail action aborted: exceeding storage allocation";
+ case 552: $message = 'Requested mail action aborted: exceeding storage allocation';
$status = 0;
break;
- case 553: $message = "Requested action not taken: mailbox name not allowed";
+ case 553: $message = 'Requested action not taken: mailbox name not allowed';
$status = 0;
break;
- case 354: $message = "Start mail input; end with .";
+ case 354: $message = 'Start mail input; end with .';
$status = 5;
break;
- case 554: $message = "Transaction failed";
+ case 554: $message = 'Transaction failed';
$status = 0;
break;
- default: $message = "Unknown response: ". nl2br(htmlspecialchars($lines));
+ default: $message = 'Unknown response: '. nl2br(htmlspecialchars($lines));
$status = 0;
- $error_num = "001";
+ $error_num = '001';
break;
}
if ($status == 0) {
- displayPageHeader($color, "None");
- echo "<TT>";
- echo "<br><b><font color=\"$color[1]\">ERROR</font></b><br><br>";
- echo " <B>Error Number: </B>$err_num<BR>";
- echo " <B>Reason: </B>$message<BR>";
+ include_once('../functions/page_header.php');
+ displayPageHeader($color, 'None');
+ include_once('../functions/display_messages.php');
$lines = nl2br(htmlspecialchars($lines));
- echo "<B>Server Response: </B>$lines<BR>";
- echo "<BR>MAIL NOT SENT";
- echo "</TT></BODY></HTML>";
- exit;
+ $msg = $message . "<br>\nServer replied: $lines";
+ plain_error_message($msg, $color);
}
+ if (! $verbose) return $status;
return $err_num;
}
function sendMessage($t, $c, $b, $subject, $body, $reply_id) {
- global $useSendmail, $msg_id, $is_reply, $mailbox;
+ global $useSendmail, $msg_id, $is_reply, $mailbox, $onetimepad;
global $data_dir, $username, $domain, $key, $version, $sent_folder, $imapServerAddress, $imapPort;
+ global $more_headers;
$more_headers = Array();
+ do_hook("smtp_send");
+
$imap_stream = sqimap_login($username, $key, $imapServerAddress, $imapPort, 1);
- if ($reply_id) {
+ if (isset($reply_id) && $reply_id) {
sqimap_mailbox_select ($imap_stream, $mailbox);
- sqimap_messages_flag ($imap_stream, $reply_id, $reply_id, "Answered");
+ sqimap_messages_flag ($imap_stream, $reply_id, $reply_id, 'Answered');
// Insert In-Reply-To and References headers if the
// message-id of the message we reply to is set (longer than "<>")
// with the message ID appended, but it can be only the message ID too.
$hdr = sqimap_get_small_header ($imap_stream, $reply_id, false);
if(strlen($hdr->message_id) > 2) {
- $more_headers["In-Reply-To"] = $hdr->message_id;
- $more_headers["References"] = $hdr->message_id;
+ $more_headers['In-Reply-To'] = $hdr->message_id;
+ $more_headers['References'] = $hdr->message_id;
}
}
// In order to remove the problem of users not able to create
- // messages with "." on a blank line, RFC821 has made provision
- // in section 4.5.2 (Transparency).
- $body = ereg_replace("\n\.", "\n\.\.", $body);
- $body = ereg_replace("^\.", "\.\.", $body);
+ // messages with "." on a blank line, RFC821 has made provision
+ // in section 4.5.2 (Transparency).
+ $body = ereg_replace("\n\\.", "\n..", $body);
+ $body = ereg_replace("^\\.", "..", $body);
// this is to catch all plain \n instances and
- // replace them with \r\n.
- $body = ereg_replace("\r\n", "\n", $body);
+ // replace them with \r\n. All newlines were converted
+ // into just \n inside the compose.php file.
$body = ereg_replace("\n", "\r\n", $body);
- // Make sure that $t, $c, and $b do not contain newlines.
- $t = ereg_replace("[\n|\r]", "", $t);
- $c = ereg_replace("[\n|\r]", "", $c);
- $b = ereg_replace("[\n|\r]", "", $b);
-
if ($useSendmail) {
$length = sendSendmail($t, $c, $b, $subject, $body, $more_headers);
} else {
}
sqimap_logout($imap_stream);
// Delete the files uploaded for attaching (if any).
- deleteAttachments();
+ // only if $length != 0 (if there was no error)
+ if ($length)
+ ClearAttachments();
+
+ return $length;
}
-
-?>
+
+?>
\ No newline at end of file