Fix for security token missing in newmail plugin (#2919418).
[squirrelmail.git] / plugins / message_details / message_details_bottom.php
CommitLineData
bbdea028 1<?php
4b4abf93 2
86c62251 3/**
4 * Message Details plugin - bottom frame with message structure and rfc822 body
8d6a115b 5 *
6 * Plugin to view the RFC822 raw message output and the bodystructure of a message
7 *
86c62251 8 * @author Marc Groot Koerkamp
30460a05 9 * @copyright 2002 Marc Groot Koerkamp, The Netherlands
10 * @copyright 2002-2009 The SquirrelMail Project Team
86c62251 11 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
12 * @version $Id$
ea5f4b8e 13 * @package plugins
14 * @subpackage message_details
8d6a115b 15 */
fab8e10c 16//FIXME: this file uses HTML extensively and eventually needs to be "templatized" (don't echo HTML directly)
bbdea028 17
202bcbcc 18/**
19 * Include the SquirrelMail initialization file.
20 */
21require('../../include/init.php');
22require(SM_PATH . 'functions/imap_general.php');
23require(SM_PATH . 'functions/imap_messages.php');
24require(SM_PATH . 'functions/mime.php');
bbdea028 25
f4450417 26sqgetGlobalVar('get_message_details', $md_action, SQ_GET);
bbdea028 27
24e1fb21 28/**
29 * Controls display of 8bit symbols in message source
30 * @global boolean $msgd_8bit_in_hex;
31 */
32global $msgd_8bit_in_hex;
33$msgd_8bit_in_hex=false;
34
4588f43d 35if (!empty($md_action)) {
51bbe8fa 36 sqgetGlobalVar('passed_id', $passed_id, SQ_GET, NULL, SQ_TYPE_BIGINT);
fab8e10c 37 if (!sqgetGlobalVar('passed_ent_id', $passed_ent_id, SQ_GET))
38 $passed_ent_id = 0;
f4450417 39 sqgetGlobalVar('mailbox', $mailbox, SQ_GET);
4588f43d 40 /*
fab8e10c 41 * change $unformatted to TRUE if you want to see
4588f43d 42 * message source without formating
43 */
fab8e10c 44 $unformatted = FALSE;
45 echo get_message_details($mailbox, $passed_id, $passed_ent_id, $unformatted);
f4450417 46}
47
48
49// ---------- function definitions ----------
04f6008a 50
24e1fb21 51/**
52 * Converts 8bit string to hex
53 *
f8a1ed5a 54 * Replaces 8bit symbols with their hex strings,
24e1fb21 55 * encloses them in curly brackets and uses different color.
56 * @param string $string text
57 * @return string
58 * @since 1.5.1
59 */
60function msgd_convert_to_hex($string) {
61 global $color;
62 return preg_replace("/([\200-\377])/e","'<font color=\"$color[2]\">{'.dechex(ord('\\1')).'}</font>'",$string);
63}
04f6008a 64
5d73c31d 65/**
66 * Calculates id of MIME entity
67 * @param string $entString
68 * @param integer $direction
69 * @return string
e9ec1bd8 70 * @access private
5d73c31d 71 */
bbdea028 72function CalcEntity($entString, $direction) {
73 $result = $entString;
74 if ($direction == -1) {
5c325683 75 $pos = strrpos($entString,'.');
76 $result = substr($entString,0,$pos);
bbdea028 77 }
78
79 switch ($direction) {
796f91d9 80 case 0:
81 $pos = strrpos($entString,'.');
82 if ($pos === false) {
83 $entString++;
84 $result= $entString;
91e0dccc 85 }
796f91d9 86 else {
87 $level = substr($entString,0,$pos);
88 $sublevel = substr($entString,$pos+1);
89 $sublevel++;
90 $result = "$level".'.'."$sublevel";
91 }
92 break;
93 case 1:
94 $result = "$entString".".0";
95 break;
96 default:
97 break;
bbdea028 98 }
99 return ($result);
100}
101
f4450417 102
f4450417 103/**
104 * Returns actual message details
105 * @param string $mailbox
106 * @param string $passed_id
fab8e10c 107 * @param string $passed_ent_id
f8a1ed5a 108 * @param boolean $stripHTML If TRUE, only plain text is returned,
109 * default is FALSE, wherein output contains
f4450417 110 * pretty-HTMLification of message body
111 * @return string The formatted message details
112 * @access public
113 */
fab8e10c 114function get_message_details($mailbox, $passed_id, $passed_ent_id=0, $stripHTML=FALSE) {
2128bbc6 115 global $imapServerAddress, $imapPort, $color,$msgd_8bit_in_hex, $username;
4588f43d 116
117 $returnValue = '';
118
4588f43d 119 $imapConnection = sqimap_login($username, false, $imapServerAddress, $imapPort, 0);
120 $read = sqimap_mailbox_select($imapConnection, $mailbox);
fab8e10c 121 if (!empty($passed_ent_id))
122 $body = sqimap_run_command($imapConnection, "FETCH $passed_id BODY[$passed_ent_id]",true, $response, $readmessage, TRUE);
123 else
124 $body = sqimap_run_command($imapConnection, "FETCH $passed_id RFC822",true, $response, $readmessage, TRUE);
4588f43d 125 $message_body = '';
126 $header = false;
127 $mimepart = false;
128 $bnd_end = false;
129 $messageheader = true;
130 $messageheaderstart=false;
131 $boundaries = array();
132 $entities = array();
133 session_unregister("entities");
134 $pre = '<b>';
135 $end = '</b>';
136 $entStr = '';
137 $bla ='';
138 $content = array ();
139 $content_indx = -1;
140 $contentset = false;
141
142 $count=count($body);
143 $body[$count-1] = substr($body[$count-1], -1);
144 for ($i=1; $i < $count; $i++) {
145 $line = rtrim($body[$i]);
146 if ($line == '') {
147 $pre = '';
148 $end = '';
149 if ($bnd_end) {
150 $header = true;
151 $mimepart = false;
152 } else if ($messageheader) {
153 if ($header) {
154 $header=false;
155 $end = '</div><div class="ent_body" id="'.$entStr.'B">';
156 }
157 $mimepart = -$header;
158 $bnd_end = false;
159 if ($messageheaderstart) {
160 $messageheaderstart=false;
161 }
162 } else if ($messageheaderstart) {
163 $messageheader= false;
164 } else {
165 if ($header) {
166 $pre = '';
167 $end = '</div><div class="ent_body" id="'.$entStr.'B">';
168 }
169 $header = false;
170 $mimepart=true;
796f91d9 171 }
4588f43d 172 $contentset = false;
173 $nameset = false;
796f91d9 174 } else {
4588f43d 175 if (!$header && $messageheader) {
176 $messageheaderstart=true;
177 if ($pre != '<b>') {
178 $pre = '<i><font color ="'.$color[1].'">';
179 $end = '</i></font>';
180 }
796f91d9 181 }
4588f43d 182 if (!$messageheader && !$header ) {
183 $mimepart=true;
184 } else {
185 $mimepart=false;
796f91d9 186 }
4588f43d 187 $pre = '';
188 $end = '';
91e0dccc 189 }
4588f43d 190 if ( ( $header || $messageheader) && (preg_match("/^.*boundary=\"?(.+(?=\")|.+).*/i",$line,$reg)) ) {
191 $bnd = $reg[1];
192 $bndreg = $bnd;
193 $bndreg = str_replace("\\","\\\\",$bndreg);
194 $bndreg = str_replace("?","\\?",$bndreg);
195 $bndreg = str_replace("+","\\+",$bndreg);
196 $bndreg = str_replace(".","\\.",$bndreg);
197 $bndreg = str_replace("/","\\/",$bndreg);
198 $bndreg = str_replace("-","\\-",$bndreg);
199 $bndreg = str_replace("(","\\(",$bndreg);
200 $bndreg = str_replace(")","\\)",$bndreg);
201
202 $boundaries[] = array( 'bnd' => $bnd, 'bndreg' => $bndreg);
203 $messageheader = false;
204 $messageheaderstart=false;
796f91d9 205 $mimepart=false;
4588f43d 206 if ($entStr=='') {
207 $entStr='0';
796f91d9 208 } else {
4588f43d 209 $entStr = CalcEntity("$entStr",1);
796f91d9 210 }
4588f43d 211 }
212
213 if (($line != '' && $line{0} == '-' || $header) && isset($boundaries[0])) {
214 $cnt=count($boundaries)-1;
215 $bnd = $boundaries[$cnt]['bnd'];
216 $bndreg = $boundaries[$cnt]['bndreg'];
217
218 $regstr = '/^--'."($bndreg)".".*".'/';
219 if (preg_match($regstr,$line,$reg) ) {
220 $bndlen = strlen($reg[1]);
221 $bndend = false;
222 if (strlen($line) > ($bndlen + 3)) {
223 if ($line{$bndlen+2} == '-' && $line{$bndlen+3} == '-')
224 $bndend = true;
225 }
226 if ($bndend) {
227 $entStr = CalcEntity("$entStr",-1);
228 array_pop($boundaries);
229 $pre .= '<b><font color ="'.$color[2].'">';
230 $end .= '</font></b>';
231 $header = true;
232 $mimepart = false;
233 $bnd_end = true;
234 $encoding = '';
235 } else {
236 $header = true;
237 $bnd_end = false;
238 $entStr = CalcEntity("$entStr",0);
239 $content_indx++;
240 $content[$content_indx]=array();
241 $content[$content_indx]['ent'] = '<a href="#'."$entStr \">$entStr".'</a>';
242 $pre .= '</div><div class="entheader" id="'.
243 $entStr.'H"><a name="'."$entStr".'"><b><font color="'.$color[2].'">';
244 $end .= '</font></b>';
245 $header = true;
246 $mimepart = false;
247 $encoding = '';
796f91d9 248 }
4588f43d 249 } else {
250 if ($header) {
251 if (!$contentset && preg_match("/^.*(content-type:)\s*(\w+)\/(\w+).*/i",$line,$reg)) {
252 if (strtolower($reg[2]) == 'message' && strtolower($reg[3]) == 'rfc822') {
253 $messageheader = true;
254 }
255 $content[$content_indx]['type'] = "$reg[2]/$reg[3]";
256 $contentset = true;
257 if ($reg[2] == 'image') {
258 $entities["$entStr"] = array();
259 $entities["$entStr"]['entity'] = $entStr;
260 $entities["$entStr"]['contenttype']=$reg[2].'/'.$reg[3];
261 }
262 } else if (!$nameset && preg_match("/^.*(name=\s*)\"(.*)\".*/i",$line,$reg)) {
263 $name = htmlspecialchars($reg[2]);
264 $content[$content_indx]['name'] = decodeHeader($name);
265 $nameset = true;
266 if (isset($entities["$entStr"])) {
267 $entities["$entStr"]['name'] = urlEncode($reg[2]);
268 }
269 } else if (preg_match("/^.*(content-transfer-encoding:)\s*(\w+-?(\w+)?).*/i",$line,$reg) ) {
270 $encoding = $reg[2];
271 if (isset($entities["$entStr"])) {
272 $entities["$entStr"]['encoding']=$reg[2];
273 }
274 $content[$content_indx]['encoding'] = $encoding;
275 $mimeentity = '';
276 }
bbdea028 277
4588f43d 278 $pre .= '<b><font color='.$color[7].'">';
279 $end .= '</font></b>';
280 //$mimepart=false;
281 }
796f91d9 282 }
283 }
4588f43d 284
285 if ($stripHTML) {
286 $message_body .= $line . "\r\n";
287 } else {
288 $line = htmlspecialchars($line);
289 if ($msgd_8bit_in_hex) $line = msgd_convert_to_hex($line);
290 $message_body .= "$pre"."$line"."$end"."\r\n";
bbdea028 291 }
796f91d9 292 }
4588f43d 293
f4450417 294//$returnValue .= returnTime($start).'<br />';
bbdea028 295$xtra = <<<ECHO
296
a74103dd 297<style type="text/css">
bbdea028 298<!--
299.ent_body {
300 display:inline;
301}
302
303.header {
304 display:inline;
305}
306
307.entheader {
308 display:inline;
bbdea028 309 width:99%;
310}
684f1a88 311-->
796f91d9 312</style>
bbdea028 313
314ECHO;
315
4588f43d 316 if (!$stripHTML) {
317 ob_start();
318 displayHtmlHeader( _("Message Details"), $xtra, FALSE );
319 $returnValue .= ob_get_contents();
320 ob_end_clean();
bbdea028 321 }
f4450417 322
4588f43d 323 /* body */
324 if (!$stripHTML) {
325 $returnValue .= "<body text=\"$color[8]\" bgcolor=\"$color[4]\" link=\"$color[7]\" vlink=\"$color[7]\" alink=\"$color[7]\">\n";
326 $returnValue .= '<font face="monospace">'."\n";
327 $returnValue .= '<br />'."\n";
328 }
f4450417 329
4588f43d 330 if (count($content) > 0 && !$stripHTML) {
331 $returnValue .= '<h2>'._("Bodystructure")."</h2>\n\n";
332 $returnValue .= '<table border="1" width="98%"><thead>'.
333 '<tr bgcolor="'.$color[7].'">'.
334 '<td><b><font color="'.$color[5].'">'._("Entity").'</font></b></td>'.
335 '<td><b><font color="'.$color[5].'">'._("Content-Type").'</font></b></td>'.
336 '<td><b><font color="'.$color[5].'">'._("Name").'</font></b></td>'.
337 '<td><b><font color="'.$color[5].'">'._("Encoding").'</font></b></td>'.
338 '</tr>'.
339 '</thead><tbody>';
340 for ($i = 0; $i < count($content);$i++) {
341 $returnValue .= '<tr><td>';
342 $returnValue .= $content[$i]['ent'].'</td><td>';
343 if (isset($content[$i]['type'])) {
344 $returnValue .= $content[$i]['type'];
345 } else $returnValue .= 'TEXT/PLAIN';
346 $returnValue .= '</td><td>';
347 if (isset($content[$i]['name'])) {
348 $returnValue .= $content[$i]['name'];
349 } else $returnValue .= '&nbsp;';
350 $returnValue .= '</td><td>';
351 if (isset($content[$i]['encoding'])) {
352 $returnValue .= $content[$i]['encoding'];
353 } else $returnValue .= '&nbsp;';
354 $returnValue .= '</td></tr>'."\n";
355 }
356 $returnValue .= '</tbody></table><br />'."\n";
357 }
f4450417 358
4588f43d 359 if (!$stripHTML) {
360 $returnValue .= '<h2>'._("RFC822 Message body")."</h2>\n\n";
361 $returnValue .= '<pre><div><div class="header">';
362 } else {
363 $returnValue .= '<pre>';
364 }
f4450417 365
4588f43d 366 $returnValue .= $message_body;
367
368 if (!$stripHTML) {
369 $returnValue .= '</div></div></pre></font></body></html>';
370 } else {
371 $returnValue .= '</pre>';
372 }
373 return $returnValue;
f4450417 374}