<?php
-
/**
* webmail.php -- Displays the main frameset
*
- * Copyright (c) 1999-2002 The SquirrelMail development team
- * Licensed under the GNU GPL. For full terms see the file COPYING.
- *
* This file generates the main frameset. The files that are
* shown can be given as parameters. If the user is not logged in
* this file will verify username and password.
*
- * $Id$
+ * @copyright 1999-2021 The SquirrelMail Project Team
+ * @license http://opensource.org/licenses/gpl-license.php GNU Public License
+ * @version $Id$
+ * @package squirrelmail
*/
-/* Path for SquirrelMail required files. */
-define('SM_PATH','../');
-
-/* SquirrelMail required files. */
-require_once(SM_PATH . 'functions/strings.php');
-require_once(SM_PATH . 'config/config.php');
-require_once(SM_PATH . 'functions/prefs.php');
-require_once(SM_PATH . 'functions/imap.php');
-require_once(SM_PATH . 'functions/plugin.php');
-require_once(SM_PATH . 'functions/i18n.php');
-require_once(SM_PATH . 'functions/auth.php');
-require_once(SM_PATH . 'functions/global.php');
-
-if (!function_exists('sqm_baseuri')){
- require_once(SM_PATH . 'functions/display_messages.php');
-}
-$base_uri = sqm_baseuri();
-
-session_start();
-
-if (isset($_SESSION['username'])) {
- $username = $_SESSION['username'];
-}
-if (isset($_SESSION['delimiter'])) {
- $delimiter = $_SESSION['delimiter'];
-}
-if (isset($_SESSION['onetimepad'])) {
- $onetimepad = $_SESSION['onetimepad'];
-}
-if (isset($_GET['right_frame'])) {
- $right_frame = $_GET['right_frame'];
-}
-
-is_logged_in();
-
-do_hook('webmail_top');
+/** This is the webmail page */
+define('PAGE_NAME', 'webmail');
/**
- * We'll need this to later have a noframes version
- *
- * Check if the user has a language preference, but no cookie.
- * Send him a cookie with his language preference, if there is
- * such discrepancy.
+ * Include the SquirrelMail initialization file.
*/
-$my_language = getPref($data_dir, $username, 'language');
-if ($my_language != $squirrelmail_language) {
- setcookie('squirrelmail_language', $my_language, time()+2592000, $base_uri);
+require('../include/init.php');
+
+if (sqgetGlobalVar('sort', $sort)) {
+ $sort = (int) $sort;
}
-set_up_language(getPref($data_dir, $username, 'language'));
+if (sqgetGlobalVar('startMessage', $startMessage)) {
+ $startMessage = (int) $startMessage;
+}
-echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Frameset//EN\">\n".
- "<html><head>\n" .
- "<title>$org_title</title>\n";
+if (!sqgetGlobalVar('mailbox', $mailbox)) {
+ $mailbox = 'INBOX';
+}
-$left_size = getPref($data_dir, $username, 'left_size');
-$location_of_bar = getPref($data_dir, $username, 'location_of_bar');
+sqgetGlobalVar('right_frame', $right_frame, SQ_GET);
-if (isset($languages[$squirrelmail_language]['DIR']) &&
- strtolower($languages[$squirrelmail_language]['DIR']) == 'rtl') {
- $temp_location_of_bar = 'right';
+if (sqgetGlobalVar('mailtodata', $mailtodata)) {
+ $mailtourl = 'mailtodata='.urlencode($mailtodata);
} else {
- $temp_location_of_bar = 'left';
+ $mailtourl = '';
}
-if ($location_of_bar == '') {
- $location_of_bar = $temp_location_of_bar;
-}
-$temp_location_of_bar = '';
-
+// Determine the size of the left frame
+$left_size = getPref($data_dir, $username, 'left_size');
if ($left_size == "") {
if (isset($default_left_size)) {
$left_size = $default_left_size;
}
}
-if ($location_of_bar == 'right') {
- echo "<frameset cols=\"*, $left_size\" id=\"fs1\">\n";
+// Determine where the navigation frame should be
+$location_of_bar = getPref($data_dir, $username, 'location_of_bar');
+if (isset($languages[$squirrelmail_language]['DIR']) &&
+ strtolower($languages[$squirrelmail_language]['DIR']) == 'rtl') {
+ $temp_location_of_bar = 'right';
+} else {
+ $temp_location_of_bar = 'left';
}
-else {
- echo "<frameset cols=\"$left_size, *\" id=\"fs1\">\n";
+if ($location_of_bar == '') {
+ $location_of_bar = $temp_location_of_bar;
}
+// this value may be changed by a plugin, but initialize
+// it first to avoid register_globals headaches
+//
+$right_frame_url = '';
+do_hook('webmail_top', $null);
+
+// Determine the main frame URL
/*
* There are three ways to call webmail.php
* 1. webmail.php
*
* This was done to create a pure HTML way of refreshing the folder list since
* we would like to use as little Javascript as possible.
+ *
+ * The test for // should catch any attempt to include off-site webpages into
+ * our frameset.
+ *
+ * Note that plugins are allowed to completely and freely override the URI
+ * used for the "right" (content) frame, and they do so by modifying the
+ * global variable $right_frame_url.
+ *
*/
-if (!isset($right_frame)) {
+if (empty($right_frame) || (strpos(urldecode($right_frame), '//') !== false)) {
$right_frame = '';
-}
-if ($right_frame == 'right_main.php') {
- $urlMailbox = urlencode($mailbox);
- $right_frame_url =
- "right_main.php?mailbox=$urlMailbox&sort=$sort&startMessage=$startMessage";
-} elseif ($right_frame == 'options.php') {
- $right_frame_url = 'options.php';
-} elseif ($right_frame == 'folders.php') {
- $right_frame_url = 'folders.php';
-} else if ($right_frame == '') {
- $right_frame_url = 'right_main.php';
-} else {
- $right_frame_url = urldecode($right_frame);
}
-
-if ($location_of_bar == 'right') {
- echo "<FRAME SRC=\"$right_frame_url\" NAME=\"right\" frameborder=\"1\">\n" .
- "<FRAME SRC=\"left_main.php\" NAME=\"left\" frameborder=\"1\">\n";
+if ( strpos($right_frame,'?') ) {
+ $right_frame_file = substr($right_frame,0,strpos($right_frame,'?'));
+} else {
+ $right_frame_file = $right_frame;
}
-else {
- echo "<FRAME SRC=\"left_main.php\" NAME=\"left\" frameborder=\"1\">\n".
- "<FRAME SRC=\"$right_frame_url\" NAME=\"right\" frameborder=\"1\">\n";
+if (empty($right_frame_url)) {
+ switch($right_frame) {
+ case 'right_main.php':
+ $right_frame_url = "right_main.php?mailbox=".urlencode($mailbox)
+ . (!empty($sort)?"&sort=$sort":'')
+ . (!empty($startMessage)?"&startMessage=$startMessage":'');
+ break;
+ case 'options.php':
+ $right_frame_url = 'options.php';
+ break;
+ case 'folders.php':
+ $right_frame_url = 'folders.php';
+ break;
+ case 'compose.php':
+ $right_frame_url = 'compose.php?' . $mailtourl;
+ break;
+ case '':
+ $right_frame_url = 'right_main.php';
+ break;
+ default:
+ $right_frame_url = urlencode($right_frame);
+ break;
+ }
}
-do_hook('webmail_bottom');
-?>
-</FRAMESET>
-</HEAD></HTML>
+
+$oErrorHandler->setDelayedErrors(true);
+
+$oTemplate->assign('nav_size', $left_size);
+$oTemplate->assign('nav_on_left', $location_of_bar=='left');
+$oTemplate->assign('right_frame_url', $right_frame_url);
+
+displayHtmlHeader($org_title, '', false, true);
+
+$oTemplate->display('webmail.tpl');
+