X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=functions%2Fsmtp.php;h=4500ad6b7ad079f9d489f84c200fdf381a5a71d6;hb=ec9f1c41e27285105e5b2265045a8985f071212e;hp=ef8684da7d408ad68ac24a13cc6c90658b3b87b2;hpb=6ebf8b305f3551fd9e5a6f9b5643bf0b5356fe04;p=squirrelmail.git diff --git a/functions/smtp.php b/functions/smtp.php index ef8684da..4500ad6b 100644 --- a/functions/smtp.php +++ b/functions/smtp.php @@ -3,10 +3,24 @@ ** ** This contains all the functions needed to send messages through ** an smtp server or sendmail. + ** + ** $Id$ **/ $smtp_php = true; + // This should most probably go to some initialization... + if (ereg("^([^@%/]+)[@%/](.+)$", $username, $usernamedata)) { + $popuser = $usernamedata[1]; + $domain = $usernamedata[2]; + unset($usernamedata); + } else { + $popuser = $username; + } + // We need domain for smtp + if (!$domain) + $domain = getenv('HOSTNAME'); + // Returns true only if this message is multipart function isMultipart () { global $attachments; @@ -28,23 +42,23 @@ while (list($localname, $remotename) = each($attachments)) { // This is to make sure noone is giving a filename in another // directory - $localname = ereg_replace ("\\/", "", $localname); + $localname = ereg_replace ("\\/", '', $localname); - $fileinfo = fopen ($attachment_dir.$localname.".info", "r"); + $fileinfo = fopen ($attachment_dir.$localname.'.info', 'r'); $filetype = fgets ($fileinfo, 8192); fclose ($fileinfo); $filetype = trim ($filetype); - if ($filetype=="") - $filetype = "application/octet-stream"; + if ($filetype=='') + $filetype = 'application/octet-stream'; - $header = "--".mimeBoundary()."\r\n"; - $header .= "Content-Type: $filetype\r\n"; + $header = '--'.mimeBoundary()."\r\n"; + $header .= "Content-Type: $filetype;name=\"$remotename\"\r\n"; $header .= "Content-Disposition: attachment; filename=\"$remotename\"\r\n"; $header .= "Content-Transfer-Encoding: base64\r\n\r\n"; fputs ($fp, $header); $length += strlen($header); - $file = fopen ($attachment_dir.$localname, "r"); + $file = fopen ($attachment_dir.$localname, 'r'); while ($tmp = fread($file, 570)) { $encoded = chunk_split(base64_encode($tmp)); $length += strlen($encoded); @@ -66,7 +80,7 @@ while (list($localname, $remotename) = each($attachments)) { if (!ereg ("\\/", $localname)) { unlink ($attachment_dir.$localname); - unlink ($attachment_dir.$localname.".info"); + unlink ($attachment_dir.$localname.'.info'); } } } @@ -74,14 +88,10 @@ // Return a nice MIME-boundary function mimeBoundary () { - global $version, $REMOTE_ADDR, $SERVER_NAME, $REMOTE_PORT; - static $mimeBoundaryString; if ($mimeBoundaryString == "") { - $temp = "SquirrelMail".$version.$REMOTE_ADDR.$SERVER_NAME. - $REMOTE_PORT; - $mimeBoundaryString = "=-_+".substr(md5($temp),1,20); + $mimeBoundaryString = GenerateRandomString(70, '\'()+,-./:=?_', 7); } return $mimeBoundaryString; @@ -89,18 +99,22 @@ /* Time offset for correct timezone */ function timezone () { - $diff_second = date("Z"); + global $invert_time; + + $diff_second = date('Z'); + if ($invert_time) + $diff_second = - $diff_second; if ($diff_second > 0) - $sign = "+"; + $sign = '+'; else - $sign = "-"; + $sign = '-'; $diff_second = abs($diff_second); $diff_hour = floor ($diff_second / 3600); $diff_minute = floor (($diff_second-3600*$diff_hour) / 60); - $zonename = "(".strftime("%Z").")"; + $zonename = '('.strftime('%Z').')'; $result = sprintf ("%s%02d%02d %s", $sign, $diff_hour, $diff_minute, $zonename); return ($result); } @@ -108,7 +122,7 @@ /* Print all the needed RFC822 headers */ function write822Header ($fp, $t, $c, $b, $subject, $more_headers) { global $REMOTE_ADDR, $SERVER_NAME, $REMOTE_PORT; - global $data_dir, $username, $domain, $version, $useSendmail; + global $data_dir, $username, $popuser, $domain, $version, $useSendmail; global $default_charset, $HTTP_VIA, $HTTP_X_FORWARDED_FOR; global $REMOTE_HOST; @@ -116,34 +130,34 @@ // everytime the header is printed. static $header, $headerlength; - if ($header == "") { + if ($header == '') { $to = parseAddrs($t); $cc = parseAddrs($c); $bcc = parseAddrs($b); - $reply_to = getPref($data_dir, $username, "reply_to"); - $from = getPref($data_dir, $username, "full_name"); - $from_addr = getPref($data_dir, $username, "email_address"); - - if ($from_addr == "") - $from_addr = "$username@$domain"; + $reply_to = getPref($data_dir, $username, 'reply_to'); + $from = getPref($data_dir, $username, 'full_name'); + $from_addr = getPref($data_dir, $username, 'email_address'); + + if ($from_addr == '') + $from_addr = $popuser.'@'.$domain; $to_list = getLineOfAddrs($to); $cc_list = getLineOfAddrs($cc); $bcc_list = getLineOfAddrs($bcc); - + /* Encoding 8-bit characters and making from line */ $subject = sqStripSlashes(encodeHeader($subject)); - if ($from == "") + if ($from == '') $from = "<$from_addr>"; else - $from = "\"" . encodeHeader($from) . "\" <$from_addr>"; + $from = '"' . encodeHeader($from) . "\" <$from_addr>"; /* This creates an RFC 822 date */ $date = date("D, j M Y H:i:s ", mktime()) . timezone(); /* Create a message-id */ - $message_id = "<" . $REMOTE_PORT . "." . $REMOTE_ADDR . "."; - $message_id .= time() . ".squirrel@" . $SERVER_NAME .">"; + $message_id = '<' . $REMOTE_PORT . '.' . $REMOTE_ADDR . '.'; + $message_id .= time() . '.squirrel@' . $SERVER_NAME .'>'; /* Make an RFC822 Received: line */ if (isset($REMOTE_HOST)) @@ -152,8 +166,8 @@ $received_from = $REMOTE_ADDR; if (isset($HTTP_VIA) || isset ($HTTP_X_FORWARDED_FOR)) { - if ($HTTP_X_FORWARDED_FOR == "") - $HTTP_X_FORWARDED_FOR = "unknown"; + if ($HTTP_X_FORWARDED_FOR == '') + $HTTP_X_FORWARDED_FOR = 'unknown'; $received_from .= " (proxying for $HTTP_X_FORWARDED_FOR)"; } @@ -181,7 +195,7 @@ $header .= "Cc: $cc_list\r\n"; // Who the CCs are } - if ($reply_to != "") + if ($reply_to != '') $header .= "Reply-To: $reply_to\r\n"; if ($useSendmail) { @@ -197,11 +211,11 @@ $header .= "MIME-Version: 1.0\r\n"; if (isMultipart()) { - $header .= "Content-Type: multipart/mixed; boundary=\""; + $header .= 'Content-Type: multipart/mixed; boundary="'; $header .= mimeBoundary(); $header .= "\"\r\n"; } else { - if ($default_charset != "") + if ($default_charset != '') $header .= "Content-Type: text/plain; charset=$default_charset\r\n"; else $header .= "Content-Type: text/plain;\r\n"; @@ -225,7 +239,7 @@ $attachmentlength = 0; if (isMultipart()) { - $body = "--".mimeBoundary()."\r\n"; + $body = '--'.mimeBoundary()."\r\n"; if ($default_charset != "") $body .= "Content-Type: text/plain; charset=$default_charset\r\n"; @@ -233,7 +247,7 @@ $body .= "Content-Type: text/plain\r\n"; $body .= "Content-Transfer-Encoding: 8bit\r\n\r\n"; - $body .= sqStripSlashes($passedBody) . "\r\n"; + $body .= sqStripSlashes($passedBody) . "\r\n\r\n"; fputs ($fp, $body); $attachmentlength = attachFiles($fp); @@ -252,18 +266,18 @@ // Send mail using the sendmail command function sendSendmail($t, $c, $b, $subject, $body, $more_headers) { - global $sendmail_path, $username, $domain; + global $sendmail_path, $popuser, $username, $domain; // Build envelope sender address. Make sure it doesn't contain // spaces or other "weird" chars that would allow a user to // exploit the shell/pipe it is used in. - $envelopefrom = "$username@$domain"; - $envelopefrom = ereg_replace("[[:blank:]]","", $envelopefrom); - $envelopefrom = ereg_replace("[[:space:]]","", $envelopefrom); - $envelopefrom = ereg_replace("[[:cntrl:]]","", $envelopefrom); + $envelopefrom = "$popuser@$domain"; + $envelopefrom = ereg_replace("[[:blank:]]",'', $envelopefrom); + $envelopefrom = ereg_replace("[[:space:]]",'', $envelopefrom); + $envelopefrom = ereg_replace("[[:cntrl:]]",'', $envelopefrom); // open pipe to sendmail - $fp = popen (escapeshellcmd("$sendmail_path -t -f$envelopefrom"), "w"); + $fp = popen (escapeshellcmd("$sendmail_path -t -f$envelopefrom"), 'w'); $headerlength = write822Header ($fp, $t, $c, $b, $subject, $more_headers); $bodylength = writeBody($fp, $body); @@ -277,7 +291,7 @@ $read = fgets($smtpConnection, 1024); $counter = 0; while ($read) { - echo $read . "
"; + echo $read . '
'; $data[$counter] = $read; $read = fgets($smtpConnection, 1024); $counter++; @@ -285,47 +299,20 @@ } function sendSMTP($t, $c, $b, $subject, $body, $more_headers) { - global $username, $domain, $version, $smtpServerAddress, $smtpPort, + global $username, $popuser, $domain, $version, $smtpServerAddress, $smtpPort, $data_dir, $color; $to = parseAddrs($t); $cc = parseAddrs($c); $bcc = parseAddrs($b); - $from_addr = getPref($data_dir, $username, "email_address"); - - - /* - * A patch from Bill Thousand - * - * "I don't know if anyone else needs this or not, but it totally makes squirrelmail usable for us. - * This quick patch checks the username and from address for the domain information. We use - * a virtual domain patch for our imap server that allows multiple domains by using username@domain.com - * as the login username." - */ - if ($from_addr == "") { - if (strstr($username, "@")) { - $from_addr = $username; - $address_pieces = explode("@",$username); - $domain = $address_pieces[1]; - } else { - $from_addr = "$username@$domain"; - } - } else { - // If the From Address is specified, use the domain in the from - // address if it's there. - if (strstr($from_addr, "@")) { - $address_pieces = explode("@", $from_addr); - $domain = $address_pieces[1]; - } - } - /* - * End patch from Bill Thousand - */ + $from_addr = getPref($data_dir, $username, 'email_address'); + if (!$from_addr) + $from_addr = "$popuser@$domain"; $smtpConnection = fsockopen($smtpServerAddress, $smtpPort, $errorNumber, $errorString); if (!$smtpConnection) { - echo "Error connecting to SMTP Server.
"; + echo 'Error connecting to SMTP Server.
'; echo "$errorNumber : $errorString
"; exit; } @@ -391,7 +378,7 @@ global $page_header_php; global $color; if (!isset($page_header_php)) { - include "../functions/page_header.php"; + include '../functions/page_header.php'; } // Read new lines on a multiline response @@ -406,91 +393,91 @@ $err_num = substr($line, 0, strpos($line, " ")); switch ($err_num) { - case 500: $message = "Syntax error; command not recognized"; + case 500: $message = 'Syntax error; command not recognized'; $status = 0; break; - case 501: $message = "Syntax error in parameters or arguments"; + case 501: $message = 'Syntax error in parameters or arguments'; $status = 0; break; - case 502: $message = "Command not implemented"; + case 502: $message = 'Command not implemented'; $status = 0; break; - case 503: $message = "Bad sequence of commands"; + case 503: $message = 'Bad sequence of commands'; $status = 0; break; - case 504: $message = "Command parameter not implemented"; + case 504: $message = 'Command parameter not implemented'; $status = 0; break; - case 211: $message = "System status, or system help reply"; + case 211: $message = 'System status, or system help reply'; $status = 5; break; - case 214: $message = "Help message"; + case 214: $message = 'Help message'; $status = 5; break; - case 220: $message = "Service ready"; + case 220: $message = 'Service ready'; $status = 5; break; - case 221: $message = "Service closing transmission channel"; + case 221: $message = 'Service closing transmission channel'; $status = 5; break; - case 421: $message = "Service not available, closing chanel"; + case 421: $message = 'Service not available, closing chanel'; $status = 0; break; - case 250: $message = "Requested mail action okay, completed"; + case 250: $message = 'Requested mail action okay, completed'; $status = 5; break; - case 251: $message = "User not local; will forward"; + case 251: $message = 'User not local; will forward'; $status = 5; break; - case 450: $message = "Requested mail action not taken: mailbox unavailable"; + case 450: $message = 'Requested mail action not taken: mailbox unavailable'; $status = 0; break; - case 550: $message = "Requested action not taken: mailbox unavailable"; + case 550: $message = 'Requested action not taken: mailbox unavailable'; $status = 0; break; - case 451: $message = "Requested action aborted: error in processing"; + case 451: $message = 'Requested action aborted: error in processing'; $status = 0; break; - case 551: $message = "User not local; please try forwarding"; + case 551: $message = 'User not local; please try forwarding'; $status = 0; break; - case 452: $message = "Requested action not taken: insufficient system storage"; + case 452: $message = 'Requested action not taken: insufficient system storage'; $status = 0; break; - case 552: $message = "Requested mail action aborted: exceeding storage allocation"; + case 552: $message = 'Requested mail action aborted: exceeding storage allocation'; $status = 0; break; - case 553: $message = "Requested action not taken: mailbox name not allowed"; + case 553: $message = 'Requested action not taken: mailbox name not allowed'; $status = 0; break; - case 354: $message = "Start mail input; end with ."; + case 354: $message = 'Start mail input; end with .'; $status = 5; break; - case 554: $message = "Transaction failed"; + case 554: $message = 'Transaction failed'; $status = 0; break; - default: $message = "Unknown response: ". nl2br(htmlspecialchars($lines)); + default: $message = Unknown response: '. nl2br(htmlspecialchars($lines)); $status = 0; - $error_num = "001"; + $error_num = '001'; break; } if ($status == 0) { - displayPageHeader($color, "None"); - echo ""; + displayPageHeader($color, 'None'); + echo ''; echo "
ERROR

"; echo "   Error Number: $err_num
"; echo "         Reason: $message
"; $lines = nl2br(htmlspecialchars($lines)); echo "Server Response: $lines
"; - echo "
MAIL NOT SENT"; - echo ""; + echo '
MAIL NOT SENT'; + echo ''; exit; } return $err_num; @@ -505,7 +492,7 @@ if ($reply_id) { sqimap_mailbox_select ($imap_stream, $mailbox); - sqimap_messages_flag ($imap_stream, $reply_id, $reply_id, "Answered"); + sqimap_messages_flag ($imap_stream, $reply_id, $reply_id, 'Answered'); // Insert In-Reply-To and References headers if the // message-id of the message we reply to is set (longer than "<>") @@ -513,13 +500,28 @@ // with the message ID appended, but it can be only the message ID too. $hdr = sqimap_get_small_header ($imap_stream, $reply_id, false); if(strlen($hdr->message_id) > 2) { - $more_headers["In-Reply-To"] = $hdr->message_id; - $more_headers["References"] = $hdr->message_id; + $more_headers['In-Reply-To'] = $hdr->message_id; + $more_headers['References'] = $hdr->message_id; } - sqimap_mailbox_close($imap_stream); } + + // In order to remove the problem of users not able to create + // messages with "." on a blank line, RFC821 has made provision + // in section 4.5.2 (Transparency). + $body = ereg_replace("\n\.", "\n\.\.", $body); + $body = ereg_replace("^\.", "\.\.", $body); + + // this is to catch all plain \n instances and + // replace them with \r\n. + $body = ereg_replace("\r\n", "\n", $body); + $body = ereg_replace("\n", "\r\n", $body); - if ($useSendmail==true) { + // Make sure that $t, $c, and $b do not contain newlines. + $t = ereg_replace("[\n|\r]", "", $t); + $c = ereg_replace("[\n|\r]", "", $c); + $b = ereg_replace("[\n|\r]", "", $b); + + if ($useSendmail) { $length = sendSendmail($t, $c, $b, $subject, $body, $more_headers); } else { $length = sendSMTP($t, $c, $b, $subject, $body, $more_headers); @@ -528,11 +530,12 @@ if (sqimap_mailbox_exists ($imap_stream, $sent_folder)) { sqimap_append ($imap_stream, $sent_folder, $length); write822Header ($imap_stream, $t, $c, $b, $subject, $more_headers); - writeBody ($imap_stream, $body); + writeBody ($imap_stream, $body); sqimap_append_done ($imap_stream); - } - sqimap_logout($imap_stream); + } + sqimap_logout($imap_stream); // Delete the files uploaded for attaching (if any). deleteAttachments(); } -?> + +?> \ No newline at end of file