You might also want to read the INSTALL file in the PHP-distribution
:-)
-b. Setting up .php files to use PHP4
+b. Changing php.ini
+
+ PHP defaults to look for php.ini (PHP's configuration file) in
+ /usr/local/lib. However, for security reasons, it is suggested
+ that the location of this file is changed to someplace else. This
+ can be done at configure time with the configuration directive
+ --with-config-file-path=PATH.
+
+ Squirrelmail does not use cookies as of version 0.4. Edit the
+ php.ini file and change session.use_cookies to 0 (false). Also be
+ sure to change the session.save_path to someplace that can only be
+ read and written to by the webserver. session.save_path is the
+ location that PHP's session data will be written to.
+
+ SECURITY WARNING - SquirrelMail saves non plaintext passwords in
+ PHP's session data to log on to the IMAP server. If a user has
+ access to write PHP scripts on your system and knows the location
+ where PHP stores session data, he could get a listing of the
+ sessions being used and then read a given session's data with his
+ own PHP script. Caution should be used when setting up permissions
+ and locations of php.ini and the session data.
+
+c. Setting up .php files to use PHP4
You need to create a .htaccess file in you SquirrelMail directory
that looks something like this:
You could also add these lines to your Apache configuration file.
-c. Running into trouble
+d. Running into trouble
Setting up Apache with PHP4 can be a non-trivial task. Read the PHP4
and Apache documentation carefully if you run into trouble. If you
initials = taken by that person
(pl?) Importing of address books
- - Use PHP4 Session management, get rid of cookies
+(nre) Use PHP4 Session management, get rid of cookies
- Make it possible to save preferences in MySQL DB or on Filesystem
- Navigation between messages without going to folder list (next, prev)
- Configurable headers shown on the message listing, like: cc, to, etc
$display_messages_php = true;
function error_username_password_incorrect($color) {
+ global $PHPSESSID;
+
echo "<BR>";
echo "<TABLE COLS=1 WIDTH=75% NOBORDER BGCOLOR=\"$color[4]\" ALIGN=CENTER>";
echo " <TR>";
echo " <TD BGCOLOR=\"$color[0]\">";
echo " <B><CENTER>ERROR</CENTER></B>";
echo " </TD></TR><TR><TD>";
- echo " <CENTER><BR>". _("Unknown user or password incorrect.") ."<BR><A HREF=\"login.php\" TARGET=_top>". _("Click here to try again") ."</A>.</CENTER>";
+ echo " <CENTER><BR>". _("Unknown user or password incorrect.") ."<BR><A HREF=\"login.php?PHPSESSID=$PHPSESSID\" TARGET=_top>". _("Click here to try again") ."</A>.</CENTER>";
echo " </TD></TR>";
echo "</TABLE>";
echo "</BODY></HTML>";
}
function messages_deleted_message($mailbox, $sort, $startMessage, $color) {
+ global $PHPSESSID;
$urlMailbox = urlencode($mailbox);
+
echo "<BR>";
echo "<TABLE COLS=1 WIDTH=70% NOBORDER BGCOLOR=\"$color[4]\" ALIGN=CENTER>";
echo " <TR>";
echo " </TD></TR><TR><TD>";
echo " <CENTER><BR>". _("The selected messages were deleted successfully.") ."<BR>\n";
echo " <BR>";
- echo " <A HREF=\"webmail.php?right_frame=right_main.php&sort=$sort&startMessage=$startMessage&mailbox=$urlMailbox\" TARGET=_top>";
+ echo " <A HREF=\"webmail.php?PHPSESSID=$PHPSESSID&right_frame=right_main.php&sort=$sort&startMessage=$startMessage&mailbox=$urlMailbox\" TARGET=_top>";
echo " ". _("Click here to return to ") ."$mailbox</A>.";
echo " </CENTER>";
echo " </TD></TR>";
}
function messages_moved_message($mailbox, $sort, $startMessage, $color) {
+ global $PHPSESSID;
$urlMailbox = urlencode($mailbox);
+
echo "<BR>";
echo "<TABLE COLS=1 WIDTH=70% NOBORDER BGCOLOR=\"$color[4]\" ALIGN=CENTER>";
echo " <TR>";
echo " </TD></TR><TR><TD>";
echo " <CENTER><BR>". _("The selected messages were moved successfully.") ."<BR>\n";
echo " <BR>";
- echo " <A HREF=\"webmail.php?right_frame=right_main.php&sort=$sort&startMessage=$startMessage&mailbox=$urlMailbox\" TARGET=_top>";
+ echo " <A HREF=\"webmail.php?PHPSESSID=$PHPSESSID&right_frame=right_main.php&sort=$sort&startMessage=$startMessage&mailbox=$urlMailbox\" TARGET=_top>";
echo " ". _("Click here to return to ") ."$mailbox</A>.";
echo " </CENTER>";
echo " </TD></TR>";
}
function error_message($message, $mailbox, $sort, $startMessage, $color) {
+ global $PHPSESSID;
$urlMailbox = urlencode($mailbox);
+
echo "<BR>";
echo "<TABLE COLS=1 WIDTH=70% NOBORDER BGCOLOR=\"$color[4]\" ALIGN=CENTER>";
echo " <TR>";
echo " </TD></TR><TR><TD>";
echo " <CENTER><BR>$message<BR>\n";
echo " <BR>";
- echo " <A HREF=\"webmail.php?right_frame=right_main.php&sort=$sort&startMessage=$startMessage&mailbox=$urlMailbox\" TARGET=_top>";
+ echo " <A HREF=\"webmail.php?PHPSESSID=$PHPSESSID&right_frame=right_main.php&sort=$sort&startMessage=$startMessage&mailbox=$urlMailbox\" TARGET=_top>";
echo " ". _("Click here to return to ") ."$mailbox</A>.";
echo " </CENTER>";
echo " </TD></TR>";
******************************************************************************/
function sqimap_login ($username, $password, $imap_server_address, $imap_port, $hide) {
global $color;
+ global $PHPSESSID;
$imap_stream = fsockopen ($imap_server_address, $imap_port, &$error_number, &$error_string);
$server_info = fgets ($imap_stream, 1024);
</body>
</html>
<?
+ session_destroy();
exit;
} else {
echo "Unknown error: $read<br>";
function printMessageInfo($imapConnection, $t, $i, $from, $subject, $dateString, $answered, $seen, $mailbox, $sort, $startMessage) {
require ("../config/config.php");
+ global $PHPSESSID;
$senderName = $from;
$urlMailbox = urlencode($mailbox);
echo " <TD><nobr><B><input type=checkbox name=\"msg[$t]\" value=$i></B></nobr></TD>\n";
echo " <TD><B>$senderName</B></TD>\n";
echo " <TD NOWRAP><CENTER><B>$dateString</B></CENTER></TD>\n";
- echo " <TD><B><A HREF=\"read_body.php?mailbox=$urlMailbox&passed_id=$i&sort=$sort&startMessage=$startMessage&show_more=0\">$subject</A></B></TD>\n";
+ echo " <TD><B><A HREF=\"read_body.php?PHPSESSID=$PHPSESSID&mailbox=$urlMailbox&passed_id=$i&sort=$sort&startMessage=$startMessage&show_more=0\">$subject</A></B></TD>\n";
} else {
echo " <TD><nobr><input type=checkbox name=\"msg[$t]\" value=$i></nobr></TD>\n";
echo " <TD>$senderName</TD>\n";
echo " <TD NOWRAP><CENTER>$dateString</CENTER></TD>\n";
- echo " <TD><A HREF=\"read_body.php?mailbox=$urlMailbox&passed_id=$i&sort=$sort&startMessage=$startMessage&show_more=0\">$subject</A></TD>\n";
+ echo " <TD><A HREF=\"read_body.php?PHPSESSID=$PHPSESSID&mailbox=$urlMailbox&passed_id=$i&sort=$sort&startMessage=$startMessage&show_more=0\">$subject</A></TD>\n";
}
echo "</TR>\n";
}
**/
function showMessagesForMailbox($imapConnection, $mailbox, $numMessages, $startMessage, $sort, $color) {
include ("../config/config.php");
+ global $PHPSESSID;
if ($numMessages >= 1) {
for ($q = 0; $q < $numMessages; $q++) {
echo "<TR BGCOLOR=\"$color[4]\"><TD>";
if (($nextGroup <= $numMessages) && ($prevGroup >= 0)) {
- echo "<A HREF=\"right_main.php?sort=$sort&startMessage=$prevGroup&mailbox=$urlMailbox\" TARGET=\"right\">". _("Previous") ."</A>\n";
- echo "<A HREF=\"right_main.php?sort=$sort&startMessage=$nextGroup&mailbox=$urlMailbox\" TARGET=\"right\">". _("Next") ."</A>\n";
+ echo "<A HREF=\"right_main.php?PHPSESSID=$PHPSESSID&sort=$sort&startMessage=$prevGroup&mailbox=$urlMailbox\" TARGET=\"right\">". _("Previous") ."</A>\n";
+ echo "<A HREF=\"right_main.php?PHPSESSID=$PHPSESSID&sort=$sort&startMessage=$nextGroup&mailbox=$urlMailbox\" TARGET=\"right\">". _("Next") ."</A>\n";
}
else if (($nextGroup > $numMessages) && ($prevGroup >= 0)) {
- echo "<A HREF=\"right_main.php?sort=$sort&startMessage=$prevGroup&mailbox=$urlMailbox\" TARGET=\"right\">". _("Previous") ."</A>\n";
+ echo "<A HREF=\"right_main.php?PHPSESSID=$PHPSESSID&sort=$sort&startMessage=$prevGroup&mailbox=$urlMailbox\" TARGET=\"right\">". _("Previous") ."</A>\n";
echo "<FONT COLOR=\"$color[9]\">Next</FONT>\n";
}
else if (($nextGroup <= $numMessages) && ($prevGroup < 0)) {
echo "<FONT COLOR=\"$color[9]\">Previous</FONT>\n";
- echo "<A HREF=\"right_main.php?sort=$sort&startMessage=$nextGroup&mailbox=$urlMailbox\" TARGET=\"right\">". _("Next") ."</A>\n";
+ echo "<A HREF=\"right_main.php?PHPSESSID=$PHPSESSID&sort=$sort&startMessage=$nextGroup&mailbox=$urlMailbox\" TARGET=\"right\">". _("Next") ."</A>\n";
}
echo "</TD></TR>\n";
/** The delete and move options */
echo "<TR><TD BGCOLOR=\"$color[0]\">";
- echo "\n\n\n<FORM name=messageList method=post action=\"move_messages.php?msg=$msg&mailbox=$urlMailbox&sort=$sort&startMessage=$startMessage\">";
+ echo "\n\n\n<FORM name=messageList method=post action=\"move_messages.php?PHPSESSID=$PHPSESSID&msg=$msg&mailbox=$urlMailbox&sort=$sort&startMessage=$startMessage\">";
echo "<TABLE BGCOLOR=\"$color[0]\" COLS=2 BORDER=0>\n";
echo " <TR>\n";
echo " <TD WIDTH=60% ALIGN=LEFT>\n";
/** FROM HEADER **/
echo " <TD WIDTH=25%><B>". _("From") ."</B>";
if ($sort == 2)
- echo " <A HREF=\"right_main.php?sort=3&startMessage=1&mailbox=$urlMailbox\" TARGET=\"right\"><IMG SRC=\"../images/up_pointer.gif\" BORDER=0></A></TD>\n";
+ echo " <A HREF=\"right_main.php?PHPSESSID=$PHPSESSID&sort=3&startMessage=1&mailbox=$urlMailbox\" TARGET=\"right\"><IMG SRC=\"../images/up_pointer.gif\" BORDER=0></A></TD>\n";
else if ($sort == 3)
- echo " <A HREF=\"right_main.php?sort=2&startMessage=1&mailbox=$urlMailbox\" TARGET=\"right\"><IMG SRC=\"../images/down_pointer.gif\" BORDER=0></A></TD>\n";
+ echo " <A HREF=\"right_main.php?PHPSESSID=$PHPSESSID&sort=2&startMessage=1&mailbox=$urlMailbox\" TARGET=\"right\"><IMG SRC=\"../images/down_pointer.gif\" BORDER=0></A></TD>\n";
else
- echo " <A HREF=\"right_main.php?sort=3&startMessage=1&mailbox=$urlMailbox\" TARGET=\"right\"><IMG SRC=\"../images/sort_none.gif\" BORDER=0></A></TD>\n";
+ echo " <A HREF=\"right_main.php?PHPSESSID=$PHPSESSID&sort=3&startMessage=1&mailbox=$urlMailbox\" TARGET=\"right\"><IMG SRC=\"../images/sort_none.gif\" BORDER=0></A></TD>\n";
/** DATE HEADER **/
echo " <TD WIDTH=15%><B>". _("Date") ."</B>";
if ($sort == 0)
- echo " <A HREF=\"right_main.php?sort=1&startMessage=1&mailbox=$urlMailbox\" TARGET=\"right\"><IMG SRC=\"../images/up_pointer.gif\" BORDER=0></A></TD>\n";
+ echo " <A HREF=\"right_main.php?PHPSESSID=$PHPSESSID&sort=1&startMessage=1&mailbox=$urlMailbox\" TARGET=\"right\"><IMG SRC=\"../images/up_pointer.gif\" BORDER=0></A></TD>\n";
else if ($sort == 1)
- echo " <A HREF=\"right_main.php?sort=0&startMessage=1&mailbox=$urlMailbox\" TARGET=\"right\"><IMG SRC=\"../images/down_pointer.gif\" BORDER=0></A></TD>\n";
+ echo " <A HREF=\"right_main.php?PHPSESSID=$PHPSESSID&sort=0&startMessage=1&mailbox=$urlMailbox\" TARGET=\"right\"><IMG SRC=\"../images/down_pointer.gif\" BORDER=0></A></TD>\n";
else
- echo " <A HREF=\"right_main.php?sort=0&startMessage=1&mailbox=$urlMailbox\" TARGET=\"right\"><IMG SRC=\"../images/sort_none.gif\" BORDER=0></A></TD>\n";
+ echo " <A HREF=\"right_main.php?PHPSESSID=$PHPSESSID&sort=0&startMessage=1&mailbox=$urlMailbox\" TARGET=\"right\"><IMG SRC=\"../images/sort_none.gif\" BORDER=0></A></TD>\n";
/** SUBJECT HEADER **/
echo " <TD WIDTH=%><B>". _("Subject") ."</B>\n";
if ($sort == 4)
- echo " <A HREF=\"right_main.php?sort=5&startMessage=1&mailbox=$urlMailbox\" TARGET=\"right\"><IMG SRC=\"../images/up_pointer.gif\" BORDER=0></A></TD>\n";
+ echo " <A HREF=\"right_main.php?PHPSESSID=$PHPSESSID&sort=5&startMessage=1&mailbox=$urlMailbox\" TARGET=\"right\"><IMG SRC=\"../images/up_pointer.gif\" BORDER=0></A></TD>\n";
else if ($sort == 5)
- echo " <A HREF=\"right_main.php?sort=4&startMessage=1&mailbox=$urlMailbox\" TARGET=\"right\"><IMG SRC=\"../images/down_pointer.gif\" BORDER=0></A></TD>\n";
+ echo " <A HREF=\"right_main.php?PHPSESSID=$PHPSESSID&sort=4&startMessage=1&mailbox=$urlMailbox\" TARGET=\"right\"><IMG SRC=\"../images/down_pointer.gif\" BORDER=0></A></TD>\n";
else
- echo " <A HREF=\"right_main.php?sort=5&startMessage=1&mailbox=$urlMailbox\" TARGET=\"right\"><IMG SRC=\"../images/sort_none.gif\" BORDER=0></A></TD>\n";
+ echo " <A HREF=\"right_main.php?PHPSESSID=$PHPSESSID&sort=5&startMessage=1&mailbox=$urlMailbox\" TARGET=\"right\"><IMG SRC=\"../images/sort_none.gif\" BORDER=0></A></TD>\n";
echo "</TR>";
echo "<TR BGCOLOR=\"$color[4]\"><TD>";
if (($nextGroup <= $numMessages) && ($prevGroup >= 0)) {
- echo "<A HREF=\"right_main.php?sort=$sort&startMessage=$prevGroup&mailbox=$urlMailbox\" TARGET=\"right\">" . _("Previous") . "</A>\n";
- echo "<A HREF=\"right_main.php?sort=$sort&startMessage=$nextGroup&mailbox=$urlMailbox\" TARGET=\"right\">" . _("Next") . "</A>\n";
+ echo "<A HREF=\"right_main.php?PHPSESSID=$PHPSESSID&sort=$sort&startMessage=$prevGroup&mailbox=$urlMailbox\" TARGET=\"right\">" . _("Previous") . "</A>\n";
+ echo "<A HREF=\"right_main.php?PHPSESSID=$PHPSESSID&sort=$sort&startMessage=$nextGroup&mailbox=$urlMailbox\" TARGET=\"right\">" . _("Next") . "</A>\n";
}
else if (($nextGroup > $numMessages) && ($prevGroup >= 0)) {
- echo "<A HREF=\"right_main.php?sort=$sort&startMessage=$prevGroup&mailbox=$urlMailbox\" TARGET=\"right\">" . _("Previous") . "</A>\n";
+ echo "<A HREF=\"right_main.php?PHPSESSID=$PHPSESSID&sort=$sort&startMessage=$prevGroup&mailbox=$urlMailbox\" TARGET=\"right\">" . _("Previous") . "</A>\n";
echo "<FONT COLOR=\"$color[9]\">" . _("Next") . "</FONT>\n";
}
else if (($nextGroup <= $numMessages) && ($prevGroup < 0)) {
echo "<FONT COLOR=\"$color[9]\">Previous</FONT>\n";
- echo "<A HREF=\"right_main.php?sort=$sort&startMessage=$nextGroup&mailbox=$urlMailbox\" TARGET=\"right\">" . _("Next") . "</A>\n";
+ echo "<A HREF=\"right_main.php?PHPSESSID=$PHPSESSID&sort=$sort&startMessage=$nextGroup&mailbox=$urlMailbox\" TARGET=\"right\">" . _("Next") . "</A>\n";
}
echo "</TD></TR></TABLE>"; /** End of message-list table */
}
bottom, etc.
**/
function formatBody($message, $color, $wrap_at) {
+ global $PHPSESSID;
/** this if statement checks for the entity to show as the
primary message. To add more of them, just put them in the
$body = translateText($body, $wrap_at, $charset);
- $body .= "<BR><SMALL><CENTER><A HREF=\"../src/download.php?absolute_dl=true&passed_id=$id&passed_ent_id=$ent_num&mailbox=$urlmailbox\">". _("Download this as a file") ."</A></CENTER><BR></SMALL>";
+ $body .= "<BR><SMALL><CENTER><A HREF=\"../src/download.php?PHPSESSID=$PHPSESSID&absolute_dl=true&passed_id=$id&passed_ent_id=$ent_num&mailbox=$urlmailbox\">". _("Download this as a file") ."</A></CENTER><BR></SMALL>";
/** Display the ATTACHMENTS: message if there's more than one part **/
if (count($message["ENTITIES"]) > 1) {
$urlMailbox = urlencode($message["INFO"]["MAILBOX"]);
$id = $message["INFO"]["ID"];
- $body .= "<TT> <A HREF=\"../src/download.php?passed_id=$id&mailbox=$urlMailbox&passed_ent_id=$i\">" . $display_filename . "</A> <SMALL>(TYPE: $type0/$type1)</SMALL></TT><BR>";
+ $body .= "<TT> <A HREF=\"../src/download.php?PHPSESSID=$PHPSESSID&passed_id=$id&mailbox=$urlMailbox&passed_ent_id=$i\">" . $display_filename . "</A> <SMALL>(TYPE: $type0/$type1)</SMALL></TT><BR>";
}
$body .= "</TD></TR></TABLE>";
}
**
**/
+ session_start();
+
$page_header_php = true;
if (!isset($prefs_php))
header ("Content-Type: text/html; charset=$default_charset");
function displayPageHeader($color, $mailbox) {
+ global $PHPSESSID;
+
/** Here is the header and wrapping table **/
$shortBoxName = readShortMailboxName($mailbox, ".");
$shortBoxName = stripslashes($shortBoxName);
echo "<TABLE BGCOLOR=\"$color[4]\" BORDER=0 COLS=2 WIDTH=100% CELLSPACING=0 CELLPADDING=2>";
echo " <TR BGCOLOR=\"$color[9]\" WIDTH=100%>";
echo " <TD ALIGN=left WIDTH=30%>";
- echo " <A HREF=\"signout.php\" TARGET=_top><B>" . _("Sign Out") . "</B></A>";
+ echo " <A HREF=\"signout.php?PHPSESSID=$PHPSESSID\" TARGET=_top><B>" . _("Sign Out") . "</B></A>";
echo " </TD><TD ALIGN=right WIDTH=70%>";
echo " <div align=right>" . _("Current Folder: ") . "<B>$shortBoxName </div></B>";
echo " </TD>";
echo " </TR></TABLE>\n";
echo "<TABLE BGCOLOR=\"$color[4]\" BORDER=0 COLS=2 WIDTH=100% CELLSPACING=0 CELLPADDING=2><TR>";
echo " <TD ALIGN=left WIDTH=70%>";
- echo " <A HREF=\"compose.php\">" . _("Compose") . "</A>  ";
- echo " <A HREF=\"addressbook.php\">" . _("Addresses") . "</A>  ";
- echo " <A HREF=\"folders.php\">" . _("Folders") . "</A>  ";
- echo " <A HREF=\"options.php\">" . _("Options") . "</A>  ";
+ echo " <A HREF=\"compose.php?PHPSESSID=$PHPSESSID\">" . _("Compose") . "</A>  ";
+ echo " <A HREF=\"addressbook.php?PHPSESSID=$PHPSESSID\">" . _("Addresses") . "</A>  ";
+ echo " <A HREF=\"folders.php?PHPSESSID=$PHPSESSID\">" . _("Folders") . "</A>  ";
+ echo " <A HREF=\"options.php?PHPSESSID=$PHPSESSID\">" . _("Options") . "</A>  ";
echo " </TD><TD ALIGN=right WIDTH=30%>";
echo " <A HREF=\"http://squirrelmail.sourceforge.net/index.php3?from=1\" TARGET=_top>SquirrelMail</A>";
echo " </TD>";
**
**/
+ session_start();
+
if(!isset($logged_in)) {
echo _("You must login first.");
exit;
<FRAMESET ROWS="60,*" BORDER=0>
<FRAME NAME="abookmain" MARGINWIDTH=0 SCROLLING=NO
- SRC="addrbook_search.php?show=form" BORDER=0>
- <FRAME NAME="abookres" MARGINWIDTH=0 SRC="addrbook_search.php?show=blank"
+ SRC="addrbook_search.php?PHPSESSID=<? echo $PHPSESSID; ?>&show=form" BORDER=0>
+ <FRAME NAME="abookres" MARGINWIDTH=0 SRC="addrbook_search.php?PHPSESSID=<? echo $PHPSESSID; ?>&show=blank"
BORDER=0>
</FRAMESET>
**
**/
+ session_start();
+
if(!isset($logged_in)) {
echo _("You must login first.");
exit;
// Create search form
if($show == "form") {
- printf("<FORM NAME=sform TARGET=abookres ACTION=\"%s\" METHOD=GET>\n",
- $PHP_SELF);
+ printf("<FORM NAME=sform TARGET=abookres ACTION=\"%s\" METHOD=\"POST\">\n",
+ $PHP_SELF . "?PHPSESSID=$PHPSESSID");
printf("<TABLE BORDER=0 WIDTH=\"100%%\" HEIGHT=\"100%%\">");
printf("<TR><TD NOWRAP VALIGN=middle>\n");
printf(" <STRONG>%s:</STRONG>\n</TD><TD VALIGN=middle>\n",
**
**/
+ session_start();
+
if(!isset($logged_in)) {
echo _("You must login first.");
exit;
printf("<TR%s NOWRAP>\n <TD align=center><SMALL>".
"<INPUT TYPE=checkbox %s NAME=\"sel[]\" VALUE=\"%d:%s\">".
"</SMALL><TD NOWRAP> %s <TD NOWRAP> %s ".
- "<TD NOWRAP> <A HREF=\"compose.php?send_to=%s\">%s</A>".
+ "<TD NOWRAP> <A HREF=\"compose.php?PHPSESSID=$PHPSESSID&send_to=%s\">%s</A>".
" <TD NOWRAP> %s</TR>\n",
($line % 2) ? " bgcolor=\"$color[0]\"" : "",
$selected, $row["backend"], $row["nickname"],
** - Send mail
**/
+ session_start();
+
if (!isset($config_php))
include("../config/config.php");
if (!isset($strings_php))
function showInputForm () {
global $send_to, $send_to_cc, $reply_subj, $forward_subj, $body,
$passed_body, $color, $use_signature, $signature, $editor_size,
- $attachments, $subject, $newmail;
+ $attachments, $subject, $newmail, $PHPSESSID;
$subject = decodeHeader($subject);
$reply_subj = decodeHeader($reply_subj);
echo "\n<SCRIPT LANGUAGE=JavaScript><!--\n";
echo "function open_abook() { \n";
- echo " var nwin = window.open(\"addrbook_popup.php\",\"abookpopup\",";
+ echo " var nwin = window.open(\"addrbook_popup.php?PHPSESSID=$PHPSESSID\",\"abookpopup\",";
echo "\"width=670,height=300,resizable=yes,scrollbars=yes\");\n";
echo " if((!nwin.opener) && (document.windows != null))\n";
echo " nwin.opener = document.windows;\n";
echo "}\n";
echo "// --></SCRIPT>\n\n";
- echo "\n<FORM name=compose action=\"compose.php\" METHOD=POST\n";
+ echo "\n<FORM name=compose action=\"compose.php?PHPSESSID=$PHPSESSID\" METHOD=POST\n";
echo "ENCTYPE=\"multipart/form-data\">\n";
echo "<TABLE COLS=2 WIDTH=50 ALIGN=center CELLSPACING=0 BORDER=0>\n";
echo " <TR>\n";
}
function showSentForm () {
+ global $PHPSESSID;
+
echo "<BR><BR><BR><CENTER><B>Message Sent!</B><BR><BR>";
- echo "You will be automatically forwarded.<BR>If not, <A HREF=\"right_main.php\">click here</A>";
+ echo "You will be automatically forwarded.<BR>If not, <A HREF=\"right_main.php?PHPSESSID=$PHPSESSID\">click here</A>";
echo "</CENTER>";
}
if(isset($send)) {
if (checkInput(false)) {
sendMessage($send_to, $send_to_cc, $send_to_bcc, $subject, $body);
- header ("Location: right_main.php");
+ header ("Location: right_main.php?PHPSESSID=$PHPSESSID");
} else {
echo "<HTML><BODY TEXT=\"$color[8]\" BGCOLOR=\"$color[4]\" LINK=\"$color[7]\" VLINK=\"$color[7]\" ALINK=\"$color[7]\">\n";
$imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
<?
+ session_start();
+
if (!isset($config_php))
include("../config/config.php");
if (!isset($strings_php))
<?
+ session_start();
+
if (!isset($config_php))
include("../config/config.php");
if (!isset($strings_php))
echo "</CENTER></B>";
echo "</TD></TR><TR><TD BGCOLOR=\"$color[4]\">";
$urlmailbox = urlencode($mailbox);
- echo "<CENTER><A HREF=\"../src/download.php?absolute_dl=true&passed_id=$id&passed_ent_id=$entid&mailbox=$urlmailbox\">";
+ echo "<CENTER><A HREF=\"../src/download.php?PHPSESSID=$PHPSESSID&absolute_dl=true&passed_id=$id&passed_ent_id=$entid&mailbox=$urlmailbox\">";
echo _("Download this as a file");
echo "</A></CENTER><BR><BR><TT>";
if ($type1 == "html")
<?
+ session_start();
+
include("../config/config.php");
include("../functions/strings.php");
include("../functions/page_header.php");
<?
+ session_start();
+
if (!isset($config_php))
include("../config/config.php");
if (!isset($strings_php))
}
if ($count_special_folders < count($boxes)) {
- echo "<FORM ACTION=folders_delete.php METHOD=SUBMIT>\n";
+ echo "<FORM ACTION=\"folders_delete.php?PHPSESSID=$PHPSESSID\" METHOD=\"POST\">\n";
echo "<TT><SELECT NAME=mailbox>\n";
for ($i = 0; $i < count($boxes); $i++) {
$use_folder = true;
echo _("Create Folder");
echo "</B></TD></TR>";
echo "<TR><TD BGCOLOR=\"$color[4]\" ALIGN=CENTER>";
- echo "<FORM ACTION=folders_create.php METHOD=POST>\n";
+ echo "<FORM ACTION=\"folders_create.php?PHPSESSID=$PHPSESSID\" METHOD=\"POST\">\n";
echo "<INPUT TYPE=TEXT SIZE=25 NAME=folder_name><BR>\n";
echo _("as a subfolder of");
echo "<BR>";
echo "</B></TD></TR>";
echo "<TR><TD BGCOLOR=\"$color[4]\" ALIGN=CENTER>";
if ($count_special_folders < count($boxes)) {
- echo "<FORM ACTION=folders_rename_getname.php METHOD=POST>\n";
+ echo "<FORM ACTION=\"folders_rename_getname.php?PHPSESSID=$PHPSESSID\" METHOD=\"POST\">\n";
echo "<TT><SELECT NAME=old>\n";
for ($i = 0; $i < count($boxes); $i++) {
$use_folder = true;
echo "</B></TD></TR>";
echo "<TR><TD BGCOLOR=\"$color[4]\" ALIGN=CENTER>";
if ($count_special_folders < count($boxes)) {
- echo "<FORM ACTION=\"folders_subscribe.php?method=unsub\" METHOD=POST>\n";
+ echo "<FORM ACTION=\"folders_subscribe.php?PHPSESSID=$PHPSESSID&method=unsub\" METHOD=\"POST\">\n";
echo "<TT><SELECT NAME=mailbox>\n";
for ($i = 0; $i < count($boxes); $i++) {
$use_folder = true;
$imap_stream = sqimap_login ($username, $key, $imapServerAddress, $imapPort, 1);
$boxes = sqimap_mailbox_list_all ($imap_stream);
- echo "<FORM ACTION=\"folders_subscribe.php?method=sub\" METHOD=POST>\n";
+ echo "<FORM ACTION=\"folders_subscribe.php?PHPSESSID=$PHPSESSID&method=sub\" METHOD=\"POST\">\n";
echo "<tt><input type=text size=32 name=mailbox></tt>";
echo "<INPUT TYPE=SUBMIT VALUE=\"";
echo _("Subscribe");
<?
+ session_start();
+
if (!isset($config_php))
include("../config/config.php");
if (!isset($strings_php))
if (strpos($folder_name, "\"") || strpos($folder_name, ".") ||
strpos($folder_name, "/") || strpos($folder_name, "\\") ||
strpos($folder_name, "'") || strpos($folder_name, "$dm")) {
- plain_error_message(_("Illegal folder name. Please select a different name.")."<BR><A HREF=\"../src/folders.php\">"._("Click here to go back")."</A>.", $color);
+ plain_error_message(_("Illegal folder name. Please select a different name.")."<BR><A HREF=\"../src/folders.php?PHPSESSID=$PHPSESSID\">"._("Click here to go back")."</A>.", $color);
exit;
}
echo _("Folder Created!");
echo "</B><BR><BR>";
echo _("The folder has been successfully created.");
- echo "<BR><A HREF=\"webmail.php?right_frame=folders.php\" TARGET=_top>";
+ echo "<BR><A HREF=\"webmail.php?right_frame=folders.php?PHPSESSID=$PHPSESSID\" TARGET=_top>";
echo _("Click here");
echo "</A> ";
echo _("to continue.");
<?
+ session_start();
+
/*
* Incoming values:
* $mailbox - selected mailbox from the form
echo _("Folder Deleted!");
echo "</B><BR><BR>";
echo _("The folder has been successfully deleted.");
- echo "<BR><A HREF=\"webmail.php?right_frame=folders.php\" TARGET=_top>";
+ echo "<BR><A HREF=\"webmail.php?PHPSESSID=$PHPSESSID&right_frame=folders.php\" TARGET=_top>";
echo _("Click here");
echo "</A> ";
echo _("to continue.");
<?
+ session_start();
+
if (!isset($config_php))
include("../config/config.php");
if (!isset($strings_php))
echo _("Folder Renamed!");
echo "</B><BR><BR>";
echo _("The folder has been successfully renamed.");
- echo "<BR><A HREF=\"webmail.php?right_frame=folders.php\" TARGET=_top>";
+ echo "<BR><A HREF=\"webmail.php?PHPSESSID=$PHPSESSID&right_frame=folders.php\" TARGET=_top>";
echo _("Click here");
echo "</A> ";
echo _("to continue.");
<?
+ session_start();
+
if (!isset($config_php))
include("../config/config.php");
if (!isset($strings_php))
echo _("Rename a folder");
echo "</B></TD></TR>";
echo "<TR><TD BGCOLOR=\"$color[4]\" ALIGN=CENTER>";
- echo "<FORM ACTION=folders_rename_do.php METHOD=POST>\n";
+ echo "<FORM ACTION=\"folders_rename_do.php?PHPSESSID=$PHPSESSID\" METHOD=\"POST\">\n";
echo _("New name:");
echo " <INPUT TYPE=TEXT SIZE=25 NAME=new_name VALUE=\"$old_name\"><BR>\n";
if ($isfolder)
<?
+ session_start();
+
if (!isset($config_php))
include("../config/config.php");
if (!isset($strings_php))
echo "</B><BR><BR>";
echo _("You have been successfully unsubscribed.");
}
- echo "<BR><A HREF=\"webmail.php?right_frame=folders.php\" TARGET=_top>";
+ echo "<BR><A HREF=\"webmail.php?PHPSESSID=$PHPSESSID&right_frame=folders.php\" TARGET=_top>";
echo _("Click here");
echo "</A> ";
echo _("to continue.");
**
**/
+ session_start();
+
if(!isset($username)) {
echo "You need a valid user and password to access this page!";
exit;
function formatMailboxName($imapConnection, $mailbox, $real_box, $delimeter, $color, $move_to_trash) {
require ("../config/config.php");
+ global $PHPSESSID;
$mailboxURL = urlencode($real_box);
sqimap_mailbox_select ($imapConnection, $real_box);
}
if ($special_color == true) {
- $line .= "<a href=\"right_main.php?sort=0&startMessage=1&mailbox=$mailboxURL\" target=\"right\" style=\"text-decoration:none\"><FONT COLOR=\"$color[11]\">";
+ $line .= "<a href=\"right_main.php?PHPSESSID=$PHPSESSID&sort=0&startMessage=1&mailbox=$mailboxURL\" target=\"right\" style=\"text-decoration:none\"><FONT COLOR=\"$color[11]\">";
$line .= replace_spaces($mailbox);
$line .= "</font></a>";
} else {
- $line .= "<a href=\"right_main.php?sort=0&startMessage=1&mailbox=$mailboxURL\" target=\"right\" style=\"text-decoration:none\">";
+ $line .= "<a href=\"right_main.php?PHPSESSID=$PHPSESSID&sort=0&startMessage=1&mailbox=$mailboxURL\" target=\"right\" style=\"text-decoration:none\">";
$line .= replace_spaces($mailbox);
$line .= "</font></a>";
}
if (($move_to_trash == true) && (trim($real_box) == $trash_folder)) {
$urlMailbox = urlencode($real_box);
$line .= "<small>";
- $line .= " (<B><A HREF=\"empty_trash.php?numMessages=$numMessages&mailbox=$urlMailbox\" TARGET=right style=\"text-decoration:none\">"._("purge")."</A></B>)";
+ $line .= " (<B><A HREF=\"empty_trash.php?PHPSESSID=$PHPSESSID&numMessages=$numMessages&mailbox=$urlMailbox\" TARGET=right style=\"text-decoration:none\">"._("purge")."</A></B>)";
$line .= "</small></a>\n";
}
echo "<FONT SIZE=4><B><CENTER>";
echo _("Folders") . "</B><BR></FONT>";
- echo "<small>(<A HREF=\"../src/left_main.php\" TARGET=\"left\">";
+ echo "<small>(<A HREF=\"../src/left_main.php?PHPSESSID=$PHPSESSID\" TARGET=\"left\">";
echo _("refresh folder list");
echo "</A>)</small></CENTER><BR>";
$delimeter = sqimap_get_delimiter($imapConnection);
**
**/
- setcookie("username", "", time(), "/");
- setcookie("key", "", time(), "/");
- setcookie("logged_in", 0, time(), "/");
+# setcookie("username", "", time(), "/");
+# setcookie("key", "", time(), "/");
+# setcookie("logged_in", 0, time(), "/");
if (!isset($config_php))
include("../config/config.php");
echo "</TITLE></HEAD>\n";
echo "<BODY TEXT=000000 BGCOLOR=#FFFFFF LINK=0000CC VLINK=0000CC ALINK=0000CC>\n";
- echo "<FORM ACTION=webmail.php METHOD=\"POST\" NAME=f>\n";
+ echo "<FORM ACTION=\"webmail.php\" METHOD=\"POST\" NAME=f>\n";
echo "<CENTER><IMG SRC=\"$org_logo\"</CENTER>\n";
echo "<CENTER><SMALL>";
echo _("SquirrelMail version $version<BR>By the SquirrelMail Development Team");
<?
+ session_start();
+
if (!isset($config_php))
include("../config/config.php");
if (!isset($strings_php))
sqimap_mailbox_expunge($imapConnection, $mailbox);
if ($auto_forward) {
- header ("Location: right_main.php");
+ header ("Location: right_main.php?PHPSESSID=$PHPSESSID");
} else {
echo "<HTML><BODY TEXT=\"$color[8]\" BGCOLOR=\"$color[4]\" LINK=\"$color[7]\" VLINK=\"$color[7]\" ALINK=\"$color[7]\">\n";
displayPageHeader($color, $mailbox);
sqimap_mailbox_expunge($imapConnection, $mailbox);
if ($auto_forward) {
- header ("Location: right_main.php");
+ header ("Location: right_main.php?PHPSESSID=$PHPSESSID");
} else {
echo "<HTML><BODY TEXT=\"$color[8]\" BGCOLOR=\"$color[4]\" LINK=\"$color[7]\" VLINK=\"$color[7]\" ALINK=\"$color[7]\">\n";
displayPageHeader($color, $mailbox);
<?
+ session_start();
+
if (!isset($config_php))
include("../config/config.php");
if (!isset($strings_php))
echo " </TD></TR>\n";
echo "</TABLE>\n";
- echo "<FORM action=\"options_submit.php\" METHOD=POST>\n";
+ echo "<FORM action=\"options_submit.php?PHPSESSID=$PHPSESSID\" METHOD=POST>\n";
echo "<TABLE WIDTH=100% COLS=2 ALIGN=CENTER>\n";
// FULL NAME
echo " <TR>";
<?
+ session_start();
+
if (!isset($config_php))
include("../config/config.php");
if (!isset($strings_php))
echo _("Options Saved!");
echo "</B><BR><BR>";
echo _("Your options have been saved.");
- echo "<BR><A HREF=\"webmail.php\" TARGET=_top>";
+ echo "<BR><A HREF=\"webmail.php?PHPSESSID=$PHPSESSID\" TARGET=_top>";
echo _("Click here");
echo "</A> ";
echo _("to continue.");
<?
+ session_start();
+
if (!isset($config_php))
include("../config/config.php");
if (!isset($strings_php))
if (count($to_ary) > 1) {
if ($show_more == false) {
if ($i == 1) {
- $to_string = "$to_string (<A HREF=\"read_body.php?mailbox=$urlMailbox&passed_id=$passed_id&sort=$sort&startMessage=$startMessage&show_more=1&show_more_cc=$show_more_cc\">$echo_more</A>)";
+ $to_string = "$to_string (<A HREF=\"read_body.php?PHPSESSID=$PHPSESSID&mailbox=$urlMailbox&passed_id=$passed_id&sort=$sort&startMessage=$startMessage&show_more=1&show_more_cc=$show_more_cc\">$echo_more</A>)";
$i = count($to_ary);
}
} else if ($i == 1) {
- $to_string = "$to_string (<A HREF=\"read_body.php?mailbox=$urlMailbox&passed_id=$passed_id&sort=$sort&startMessage=$startMessage&show_more=0&show_more_cc=$show_more_cc\">$echo_less</A>)";
+ $to_string = "$to_string (<A HREF=\"read_body.php?PHPSESSID=$PHPSESSID&mailbox=$urlMailbox&passed_id=$passed_id&sort=$sort&startMessage=$startMessage&show_more=0&show_more_cc=$show_more_cc\">$echo_less</A>)";
}
}
}
if (count($cc_ary) > 1) {
if ($show_more_cc == false) {
if ($i == 1) {
- $cc_string = "$cc_string (<A HREF=\"read_body.php?mailbox=$urlMailbox&passed_id=$passed_id&sort=$sort&startMessage=$startMessage&show_more_cc=1&show_more=$show_more\">$echo_more</A>)";
+ $cc_string = "$cc_string (<A HREF=\"read_body.php?PHPSESSID=$PHPSESSID&mailbox=$urlMailbox&passed_id=$passed_id&sort=$sort&startMessage=$startMessage&show_more_cc=1&show_more=$show_more\">$echo_more</A>)";
$i = count($cc_ary);
}
} else if ($i == 1) {
- $cc_string = "$cc_string (<A HREF=\"read_body.php?mailbox=$urlMailbox&passed_id=$passed_id&sort=$sort&startMessage=$startMessage&show_more_cc=0&show_more=$show_more\">$echo_less</A>)";
+ $cc_string = "$cc_string (<A HREF=\"read_body.php?PHPSESSID=$PHPSESSID&mailbox=$urlMailbox&passed_id=$passed_id&sort=$sort&startMessage=$startMessage&show_more_cc=0&show_more=$show_more\">$echo_less</A>)";
}
}
}
echo " <TR>";
echo " <TD ALIGN=LEFT WIDTH=50%>";
echo " <SMALL>";
- echo " <A HREF=\"right_main.php?sort=$sort&startMessage=$startMessage&mailbox=$urlMailbox\">";
+ echo " <A HREF=\"right_main.php?PHPSESSID=$PHPSESSID&sort=$sort&startMessage=$startMessage&mailbox=$urlMailbox\">";
echo _("Message List");
echo "</A> | ";
- echo " <A HREF=\"delete_message.php?mailbox=$urlMailbox&message=$passed_id&sort=$sort&startMessage=1\">";
+ echo " <A HREF=\"delete_message.php?PHPSESSID=$PHPSESSID&mailbox=$urlMailbox&message=$passed_id&sort=$sort&startMessage=1\">";
echo _("Delete");
echo "</A> ";
echo " </SMALL>";
echo " </TD><TD WIDTH=50% ALIGN=RIGHT>";
echo " <SMALL>";
- echo " <A HREF=\"compose.php?forward_id=$passed_id&forward_subj=$url_subj&mailbox=$urlMailbox\">";
+ echo " <A HREF=\"compose.php?PHPSESSID=$PHPSESSID&forward_id=$passed_id&forward_subj=$url_subj&mailbox=$urlMailbox\">";
echo _("Forward");
echo "</A> | ";
- echo " <A HREF=\"compose.php?send_to=$url_replyto&reply_subj=$url_subj&reply_id=$passed_id&mailbox=$urlMailbox\">";
+ echo " <A HREF=\"compose.php?PHPSESSID=$PHPSESSID&send_to=$url_replyto&reply_subj=$url_subj&reply_id=$passed_id&mailbox=$urlMailbox\">";
echo _("Reply");
echo "</A> | ";
- echo " <A HREF=\"compose.php?send_to=$url_replytoall&send_to_cc=$url_replytoallcc&reply_subj=$url_subj&reply_id=$passed_id&mailbox=$urlMailbox\">";
+ echo " <A HREF=\"compose.php?PHPSESSID=$PHPSESSID&send_to=$url_replytoall&send_to_cc=$url_replytoallcc&reply_subj=$url_subj&reply_id=$passed_id&mailbox=$urlMailbox\">";
echo _("Reply All");
echo "</A> ";
echo " </SMALL>";
**
**/
+ session_start();
+
if(!isset($logged_in)) {
echo _("You must login first.");
exit;
<?
+ session_start();
+
/**
** signout.php
**
}
}
- setcookie("username", "", time(), "/");
- setcookie("key", "", time(), "/");
- setcookie("logged_in", 0, time(), "/");
+# setcookie("username", "", time(), "/");
+# setcookie("key", "", time(), "/");
+# setcookie("logged_in", 0, time(), "/");
?>
<HTML>
<?
?>
</BODY>
</HTML>
-
+<?
+ session_destroy();
+?>
**
**/
+ session_start();
+
if(!isset($username)) {
echo _("You need a valid user and password to access this page!");
exit;
}
- setcookie("username", $username, 0, "/");
- setcookie("key", $key, 0, "/");
- setcookie("logged_in", 1, 0, "/");
+# setcookie("username", $username, 0, "/");
+# setcookie("key", $key, 0, "/");
+# setcookie("logged_in", 1, 0, "/");
+
+ session_register("username");
+ session_register("key");
+ session_register("logged_in");
+ $logged_in = 0;
+
+ $PHPSESSID = session_id();
+
// Refresh the language cookie.
- if (isset($squirrelmail_language))
- setcookie("squirrelmail_language", $squirrelmail_language,
- time()+2592000);
+ if (isset($squirrelmail_language)) {
+ session_register("squirrelmail_language");
+# setcookie("squirrelmail_language", $squirrelmail_language, time()+2592000);
+ }
?>
<HTML><HEAD>
<?
**/
if ($right_frame == "right_main.php") {
$urlMailbox = urlencode($mailbox);
- echo "<FRAME SRC=\"left_main.php\" NAME=\"left\">";
- echo "<FRAME SRC=\"right_main.php?mailbox=$urlMailbox&sort=$sort&startMessage=$startMessage\" NAME=\"right\">";
+ echo "<FRAME SRC=\"left_main.php?PHPSESSID=$PHPSESSID\" NAME=\"left\">";
+ echo "<FRAME SRC=\"right_main.php?PHPSESSID=$PHPSESSID&mailbox=$urlMailbox&sort=$sort&startMessage=$startMessage\" NAME=\"right\">";
} else if ($right_frame == "folders.php") {
$urlMailbox = urlencode($mailbox);
- echo "<FRAME SRC=\"left_main.php\" NAME=\"left\">";
- echo "<FRAME SRC=\"folders.php\" NAME=\"right\">";
+ echo "<FRAME SRC=\"left_main.php?PHPSESSID=$PHPSESSID\" NAME=\"left\">";
+ echo "<FRAME SRC=\"folders.php?PHPSESSID=$PHPSESSID\" NAME=\"right\">";
} else {
- echo "<FRAME SRC=\"left_main.php\" NAME=\"left\">";
- echo "<FRAME SRC=\"right_main.php\" NAME=\"right\">";
+ echo "<FRAME SRC=\"left_main.php?PHPSESSID=$PHPSESSID\" NAME=\"left\">";
+ echo "<FRAME SRC=\"right_main.php?PHPSESSID=$PHPSESSID\" NAME=\"right\">";
}
?>
</FRAMESET>