/**
* webmail.php -- Displays the main frameset
*
- * Copyright (c) 1999-2003 The SquirrelMail development team
+ * Copyright (c) 1999-2005 The SquirrelMail Project Team
* Licensed under the GNU GPL. For full terms see the file COPYING.
*
* This file generates the main frameset. The files that are
* shown can be given as parameters. If the user is not logged in
* this file will verify username and password.
*
- * $Id$
+ * @version $Id$
+ * @package squirrelmail
*/
-/* Path for SquirrelMail required files. */
+/**
+ * Path for SquirrelMail required files.
+ * @ignore
+ */
define('SM_PATH','../');
/* SquirrelMail required files. */
}
$base_uri = sqm_baseuri();
-session_start();
+sqsession_is_active();
sqgetGlobalVar('username', $username, SQ_SESSION);
sqgetGlobalVar('delimiter', $delimiter, SQ_SESSION);
sqgetGlobalVar('onetimepad', $onetimepad, SQ_SESSION);
+if (sqgetGlobalVar('sort', $sort)) {
+ $sort = (int) $sort;
+}
+
+if (sqgetGlobalVar('startMessage', $startMessage)) {
+ $startMessage = (int) $startMessage;
+}
+
+if (!sqgetGlobalVar('mailbox',$mailbox)) {
+ $mailbox = 'INBOX';
+}
+
sqgetGlobalVar('right_frame', $right_frame, SQ_GET);
if ( isset($_SESSION['session_expired_post']) ) {
setcookie('squirrelmail_language', $my_language, time()+2592000, $base_uri);
}
-set_up_language(getPref($data_dir, $username, 'language'));
-
-echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Frameset//EN\">\n".
- "<html><head>\n" .
- "<title>$org_title</title>\n".
- "</head>";
+$err=set_up_language(getPref($data_dir, $username, 'language'));
+
+$output = "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Frameset//EN\">\n".
+ "<html><head>\n" .
+ "<meta name=\"robots\" content=\"noindex,nofollow\">\n" .
+ "<title>$org_title</title>\n".
+ "</head>";
+
+// Japanese translation used without mbstring support
+if ($err==2) {
+ echo $output.
+ "<body>\n".
+ "<p>You need to have php4 installed with the multibyte string function \n".
+ "enabled (using configure option --enable-mbstring).</p>\n".
+ "<p>System assumed that you accidently switched to Japanese translation \n".
+ "and reverted your language preference to English.</p>\n".
+ "<p>Please refresh this page in order to use webmail.</p>\n".
+ "</body></html>";
+ return;
+}
$left_size = getPref($data_dir, $username, 'left_size');
$location_of_bar = getPref($data_dir, $username, 'location_of_bar');
}
if ($location_of_bar == 'right') {
- echo "<frameset cols=\"*, $left_size\" id=\"fs1\">\n";
+ $output .= "<frameset cols=\"*, $left_size\" id=\"fs1\">\n";
}
else {
- echo "<frameset cols=\"$left_size, *\" id=\"fs1\">\n";
+ $output .= "<frameset cols=\"$left_size, *\" id=\"fs1\">\n";
}
/*
* This was done to create a pure HTML way of refreshing the folder list since
* we would like to use as little Javascript as possible.
*/
-if (!isset($right_frame)) {
+
+if (empty($right_frame) || (strpos(urldecode($right_frame), '://'))) {
$right_frame = '';
-}
+}
+
if ($right_frame == 'right_main.php') {
$urlMailbox = urlencode($mailbox);
- $right_frame_url =
- "right_main.php?mailbox=$urlMailbox&sort=$sort&startMessage=$startMessage";
+ $right_frame_url = "right_main.php?mailbox=$urlMailbox"
+ . (!empty($sort)?"&sort=$sort":'')
+ . (!empty($startMessage)?"&startMessage=$startMessage":'');
} elseif ($right_frame == 'options.php') {
$right_frame_url = 'options.php';
} elseif ($right_frame == 'folders.php') {
} else if ($right_frame == '') {
$right_frame_url = 'right_main.php';
} else {
- $right_frame_url = $right_frame;
+ $right_frame_url = htmlspecialchars($right_frame);
}
$left_frame = '<frame src="left_main.php" name="left" frameborder="1" title="'.
_("Message List") ."\" />\n";
if ($location_of_bar == 'right') {
- echo $right_frame . $left_frame;
+ $output .= $right_frame . $left_frame;
}
else {
- echo $left_frame . $right_frame;
+ $output .= $left_frame . $right_frame;
+}
+$ret = concat_hook_function('webmail_bottom', $output);
+if($ret != '') {
+ $output = $ret;
}
-do_hook('webmail_bottom');
+echo $output;
?>
</frameset>
</html>