-fix for Bug 112604
[squirrelmail.git] / src / compose.php
CommitLineData
59177427 1<?php
ef870322 2 /**
3 ** compose.php
4 **
5 ** Copyright (c) 1999-2000 The SquirrelMail development team
6 ** Licensed under the GNU GPL. For full terms see the file COPYING.
7 **
8 ** This code sends a mail.
df15de21 9 **
10 ** There are 3 modes of operation:
11 ** - Start new mail
12 ** - Add an attachment
13 ** - Send mail
14 **/
15
2a32fc83 16 session_start();
17
d068c0ec 18 if (!isset($config_php))
19 include("../config/config.php");
20 if (!isset($strings_php))
21 include("../functions/strings.php");
22 if (!isset($page_header_php))
23 include("../functions/page_header.php");
24 if (!isset($imap_php))
25 include("../functions/imap.php");
26 if (!isset($date_php))
27 include("../functions/date.php");
28 if (!isset($mime_php))
29 include("../functions/mime.php");
30 if (!isset($smtp_php))
31 include("../functions/smtp.php");
32 if (!isset($display_messages_php))
33 include("../functions/display_messages.php");
3c13b9fb 34 if (!isset($auth_php))
35 include ("../functions/auth.php");
15bfc1bc 36 if (!isset($plugin_php))
37 include ("../functions/plugin.php");
f7fb20fe 38
d3cdb279 39 include("../src/load_prefs.php");
8467bf00 40
4ba45d11 41 // This function is used when not sending or adding attachments
df15de21 42 function newMail () {
43 global $forward_id, $imapConnection, $msg, $ent_num, $body_ary, $body,
3806fa52 44 $reply_id, $send_to, $send_to_cc, $mailbox, $send_to_bcc;
e39d73e5 45
7aaa81fc 46 $send_to = sqStripSlashes(decodeHeader($send_to));
47 $send_to_cc = sqStripSlashes(decodeHeader($send_to_cc));
6e79bfe2 48 $send_to_bcc = sqStripSlashes(decodeHeader($send_to_bcc));
a53e5469 49
429f8906 50 if ($forward_id)
51 $id = $forward_id;
52 else if ($reply_id)
53 $id = $reply_id;
54
1195c340 55
429f8906 56 if ($id) {
813eba2f 57 sqimap_mailbox_select($imapConnection, $mailbox);
429f8906 58 $message = sqimap_get_message($imapConnection, $id, $mailbox);
8d8ab69a 59 $orig_header = $message->header;
1195c340 60 if ($ent_num)
61 $message = getEntity($message, $ent_num);
429f8906 62
63 if ($message->header->type0 == "text" || $message->header->type1 == "message") {
1195c340 64 if ($ent_num)
65 $body = decodeBody(mime_fetch_body($imapConnection, $id, $ent_num), $message->header->encoding);
66 else
67 $body = decodeBody(mime_fetch_body($imapConnection, $id, 1), $message->header->encoding);
429f8906 68 } else {
69 $body = "";
df15de21 70 }
71
429f8906 72 if ($message->header->type1 == "html")
73 $body = strip_tags($body);
74
df15de21 75 $body_ary = explode("\n", $body);
76 $body = "";
429f8906 77 for ($i=0; $i < count($body_ary); $i++) {
8d8ab69a 78 if ($i==0 && $forward_id) {
d68a3926 79 $tmp = "-------- " . _("Original Message") . " --------\n";
8d8ab69a 80 $tmp .= _("Subject") . ": " . $orig_header->subject . "\n";
81 $tmp .= " " . _("From") . ": " . $orig_header->from . "\n";
82 $tmp .= " " . _("To") . ": " . $orig_header->to[0] . "\n";
83 if (count($orig_header->to) > 1) {
84 for ($x=1; $x < count($orig_header->to); $x++) {
85 $tmp .= " " . $orig_header->to[$x] . "\n";
86 }
87 }
88 $tmp .= "\n" . $body_ary[$i];
89 } else {
1195c340 90 $tmp = $body_ary[$i];
8d8ab69a 91 }
429f8906 92 if ($forward_id)
8d8ab69a 93 $body = "$body$tmp\n";
df15de21 94 else
8d8ab69a 95 $body = "$body> $tmp\n";
78509c54 96 }
a2790a61 97 sqimap_mailbox_close($imapConnection);
1195c340 98 return $body;
78509c54 99 }
429f8906 100
29d08a52 101 if (!$send_to) {
102 $send_to = sqimap_find_email($send_to);
103 }
104
df15de21 105 /** This formats a CC string if they hit "reply all" **/
106 if ($send_to_cc != "") {
a48fbf9b 107 $send_to_cc = ereg_replace( '"[^"]*"', "", $send_to_cc);
df15de21 108 $send_to_cc = ereg_replace(";", ",", $send_to_cc);
109 $sendcc = explode(",", $send_to_cc);
110 $send_to_cc = "";
111
112 for ($i = 0; $i < count($sendcc); $i++) {
113 $sendcc[$i] = trim($sendcc[$i]);
114 if ($sendcc[$i] == "")
115 continue;
116
a53e5469 117 $sendcc[$i] = sqimap_find_email($sendcc[$i]);
813eba2f 118 $whofrom = sqimap_find_displayable_name($msg["HEADER"]["FROM"]);
119 $whoreplyto = sqimap_find_email($msg["HEADER"]["REPLYTO"]);
df15de21 120
121 if ((strtolower(trim($sendcc[$i])) != strtolower(trim($whofrom))) &&
122 (strtolower(trim($sendcc[$i])) != strtolower(trim($whoreplyto))) &&
123 (trim($sendcc[$i]) != "")) {
124 $send_to_cc .= trim($sendcc[$i]) . ", ";
125 }
126 }
127 $send_to_cc = trim($send_to_cc);
128 if (substr($send_to_cc, -1) == ",") {
129 $send_to_cc = substr($send_to_cc, 0, strlen($send_to_cc) - 1);
130 }
131 }
132 } // function newMail()
78509c54 133
df15de21 134 function showInputForm () {
135 global $send_to, $send_to_cc, $reply_subj, $forward_subj, $body,
4ba45d11 136 $passed_body, $color, $use_signature, $signature, $editor_size,
3806fa52 137 $attachments, $subject, $newmail, $use_javascript_addr_book,
6e79bfe2 138 $send_to_bcc, $reply_id, $mailbox, $from_htmladdr_search;
78509c54 139
5f104808 140 $subject = sqStripSlashes(decodeHeader($subject));
2e434774 141 $reply_subj = decodeHeader($reply_subj);
142 $forward_subj = decodeHeader($forward_subj);
a53e5469 143
3806fa52 144 if ($use_javascript_addr_book) {
145 echo "\n<SCRIPT LANGUAGE=JavaScript><!--\n";
146 echo "function open_abook() { \n";
147 echo " var nwin = window.open(\"addrbook_popup.php\",\"abookpopup\",";
148 echo "\"width=670,height=300,resizable=yes,scrollbars=yes\");\n";
149 echo " if((!nwin.opener) && (document.windows != null))\n";
150 echo " nwin.opener = document.windows;\n";
151 echo "}\n";
152 echo "// --></SCRIPT>\n\n";
153 }
5100704d 154
cacf2747 155 echo "\n<FORM name=compose action=\"compose.php\" METHOD=POST ENCTYPE=\"multipart/form-data\">\n";
156 //echo "\n<FORM name=compose action=\"compose.php\" METHOD=POST>\n";
966286ae 157 if ($reply_id) {
158 echo "<input type=hidden name=reply_id value=$reply_id>\n";
6e79bfe2 159 }
cf8758c7 160 printf("<INPUT TYPE=hidden NAME=mailbox VALUE=\"%s\">\n", htmlspecialchars($mailbox));
c5d828b3 161 echo "<TABLE WIDTH=\"100%\" ALIGN=center CELLSPACING=0 BORDER=0>\n";
df15de21 162 echo " <TR>\n";
c5d828b3 163 echo " <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
df15de21 164 echo _("To:");
c5d828b3 165 echo " </TD><TD BGCOLOR=\"$color[4]\">\n";
cf8758c7 166 printf(" <INPUT TYPE=text NAME=\"send_to\" VALUE=\"%s\" SIZE=60><BR>\n",
6e79bfe2 167 htmlspecialchars($send_to));
df15de21 168 echo " </TD>\n";
169 echo " </TR>\n";
170 echo " <TR>\n";
c5d828b3 171 echo " <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
aae41ae9 172 echo _("CC:");
c5d828b3 173 echo " </TD><TD BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
cf8758c7 174 printf(" <INPUT TYPE=text NAME=\"send_to_cc\" SIZE=60 VALUE=\"%s\"><BR>\n",
6e79bfe2 175 htmlspecialchars($send_to_cc));
df15de21 176 echo " </TD>\n";
177 echo " </TR>\n";
178 echo " <TR>\n";
c5d828b3 179 echo " <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
aae41ae9 180 echo _("BCC:");
761d149e 181 echo " </TD><TD BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
cf8758c7 182 printf(" <INPUT TYPE=text NAME=\"send_to_bcc\" VALUE=\"%s\" SIZE=60><BR>\n",
6e79bfe2 183 htmlspecialchars($send_to_bcc));
3806fa52 184 echo "</TD></TR>\n";
5100704d 185
df15de21 186 echo " <TR>\n";
c5d828b3 187 echo " <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
df15de21 188 echo _("Subject:");
761d149e 189 echo " </TD><TD BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
df15de21 190 if ($reply_subj) {
191 $reply_subj = str_replace("\"", "'", $reply_subj);
7aaa81fc 192 $reply_subj = sqStripSlashes($reply_subj);
df15de21 193 $reply_subj = trim($reply_subj);
194 if (substr(strtolower($reply_subj), 0, 3) != "re:")
195 $reply_subj = "Re: $reply_subj";
cf8758c7 196 printf(" <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
6e79bfe2 197 htmlspecialchars($reply_subj));
df15de21 198 } else if ($forward_subj) {
199 $forward_subj = str_replace("\"", "'", $forward_subj);
7aaa81fc 200 $forward_subj = sqStripSlashes($forward_subj);
df15de21 201 $forward_subj = trim($forward_subj);
202 if ((substr(strtolower($forward_subj), 0, 4) != "fwd:") &&
203 (substr(strtolower($forward_subj), 0, 5) != "[fwd:") &&
204 (substr(strtolower($forward_subj), 0, 6) != "[ fwd:"))
205 $forward_subj = "[Fwd: $forward_subj]";
cf8758c7 206 printf(" <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
6e79bfe2 207 htmlspecialchars($forward_subj));
df15de21 208 } else {
6e79bfe2 209 printf(" <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
210 htmlspecialchars($subject));
31f3d7c0 211 }
480feea7 212 echo "</td></tr>\n\n";
213
214 echo " <TR><td>\n </td><td>\n";
215 if ($use_javascript_addr_book) {
216 echo " <SCRIPT LANGUAGE=JavaScript><!--\n document.write(\"";
217 echo " <input type=button value=\\\""._("Addresses")."\\\" onclick='javascript:open_abook();'>\");";
218 echo " // --></SCRIPT><NOSCRIPT>\n";
219 echo " <input type=submit name=\"html_addr_search\" value=\""._("Addresses")."\">";
220 echo " </NOSCRIPT>\n";
221 } else {
222 echo " <input type=submit name=\"html_addr_search\" value=\""._("Addresses")."\">";
223 }
224 echo "\n <INPUT TYPE=SUBMIT NAME=send VALUE=\"". _("Send") . "\">\n";
15bfc1bc 225
226 do_hook("compose_button_row");
227
480feea7 228 echo " </TD>\n";
229 echo " </TR>\n\n";
230
4ba45d11 231
e5b23ff2 232 echo " <TR>\n";
c5d828b3 233 echo " <TD BGCOLOR=\"$color[4]\" COLSPAN=2>\n";
cf8758c7 234 echo " &nbsp;&nbsp;<TEXTAREA NAME=body ROWS=20 COLS=\"$editor_size\" WRAP=HARD>";
6e79bfe2 235 if ($use_signature == true && $newmail == true && !isset($from_htmladdr_search)) {
ef3c69f0 236 echo (htmlspecialchars($body)) . "\n\n-- \n" . htmlspecialchars($signature);
cf8758c7 237 } else {
ef3c69f0 238 echo (htmlspecialchars($body));
cf8758c7 239 }
240 echo "</TEXTAREA><BR>\n";
e5b23ff2 241 echo " </TD>\n";
242 echo " </TR>\n";
c5d828b3 243 echo " <TR><TD COLSPAN=2 ALIGN=CENTER><INPUT TYPE=SUBMIT NAME=send VALUE=\"";
e5b23ff2 244 echo _("Send");
245 echo "\"></TD></TR>\n";
246
4ba45d11 247 // This code is for attachments
248 echo " <tr>\n";
c5d828b3 249 echo " <TD BGCOLOR=\"$color[0]\" VALIGN=TOP ALIGN=RIGHT>\n";
aae41ae9 250 echo " <SMALL><BR></SMALL>"._("Attach:");
c5d828b3 251 echo " </td><td ALIGN=left BGCOLOR=\"$color[0]\">\n";
4ba45d11 252 // echo " <INPUT TYPE=\"hidden\" name=\"MAX_FILE_SIZE\"\n";
253 // echo " value=\"10000\">\n";
254 echo " <INPUT NAME=\"attachfile\" TYPE=\"file\">\n";
95de6c91 255 echo " &nbsp;&nbsp;<input type=\"submit\" name=\"attach\"";
256 echo " value=\"" . _("Add") ."\">\n";
469eb37b 257 echo " </td>\n";
469eb37b 258 echo " </tr>\n";
4ba45d11 259 if (isset($attachments) && count($attachments)>0) {
c5d828b3 260 echo "</tr><tr><td bgcolor=\"$color[1]\" align=right>\n";
e5b23ff2 261 echo "&nbsp;";
c5d828b3 262 echo "</td><td align=left bgcolor=\"$color[0]\">";
4ba45d11 263 while (list($localname, $remotename) = each($attachments)) {
264 echo "<input type=\"checkbox\" name=\"delete[]\" value=\"$localname\">\n";
265 echo "$remotename <input type=\"hidden\" name=\"attachments[$localname]\" value=\"$remotename\"><br>\n";
266 }
267
268 echo "<input type=\"submit\" name=\"do_delete\" value=\""._("Delete selected attachments")."\">\n";
469eb37b 269 echo "</td></tr>";
4ba45d11 270 }
4ba45d11 271 // End of attachment code
272
ffc2ccbc 273 echo "</TABLE>\n";
df15de21 274 echo "</FORM>";
d7d3c4d4 275 do_hook("compose_bottom");
31f3d7c0 276 }
8467bf00 277
df15de21 278 function showSentForm () {
df15de21 279 echo "<BR><BR><BR><CENTER><B>Message Sent!</B><BR><BR>";
9f2215a1 280 echo "You will be automatically forwarded.<BR>If not, <A HREF=\"right_main.php\">click here</A>";
aae41ae9 281 echo "</CENTER>";
df15de21 282 }
b278172f 283
0ad7dbda 284 function checkInput ($show) {
285 /** I implemented the $show variable because the error messages
286 were getting sent before the page header. So, I check once
287 using $show=false, and then when i'm ready to display the
288 error message, show=true **/
289 global $body, $send_to, $subject, $color;
b278172f 290
99fa2b21 291 if ($send_to == "") {
0ad7dbda 292 if ($show)
293 plain_error_message(_("You have not filled in the \"To:\" field."), $color);
df15de21 294 return false;
b278172f 295 }
df15de21 296 return true;
297 } // function checkInput()
298
3806fa52 299
ecf51658 300 if (($mailbox == "") || ($mailbox == "None"))
dcb7f454 301 $mailbox = "INBOX";
3806fa52 302
4ba45d11 303 if(isset($send)) {
0ad7dbda 304 if (checkInput(false)) {
966286ae 305 $urlMailbox = urlencode ($mailbox);
306 sendMessage($send_to, $send_to_cc, $send_to_bcc, $subject, $body, $reply_id);
307 header ("Location: right_main.php?mailbox=$urlMailbox&sort=$sort&startMessage=1");
df15de21 308 } else {
e1469126 309 $imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
dcb7f454 310 displayPageHeader($color, $mailbox);
0ad7dbda 311 checkInput(true);
312
df15de21 313 showInputForm();
1195c340 314 sqimap_logout($imapConnection);
7c6cb7ca 315 }
3806fa52 316 } else if ($html_addr_search_done) {
3c13b9fb 317 is_logged_in();
dcb7f454 318 displayPageHeader($color, $mailbox);
3806fa52 319
7aaa81fc 320 $send_to = sqStripSlashes($send_to);
321 $send_to_cc = sqStripSlashes($send_to_cc);
322 $send_to_bcc = sqStripSlashes($send_to_bcc);
3806fa52 323
6c7fd6ca 324 for ($i=0; $i < count($send_to_search); $i++) {
325 if ($send_to)
326 $send_to .= ", ";
327 $send_to .= $send_to_search[$i];
328 }
329
330 for ($i=0; $i < count($send_to_cc_search); $i++) {
331 if ($send_to_cc)
332 $send_to_cc .= ", ";
333 $send_to_cc .= $send_to_cc_search[$i];
334 }
335
3806fa52 336 showInputForm();
6c7fd6ca 337 } else if ($html_addr_search) {
591d2a88 338 // I am using an include so as to elminiate an extra unnecessary click. If you
339 // can think of a better way, please implement it.
6c7fd6ca 340 include ("addrbook_search_html.php");
4ba45d11 341 } else if (isset($attach)) {
3c13b9fb 342 is_logged_in();
dcb7f454 343 displayPageHeader($color, $mailbox);
fc3348ac 344
4ba45d11 345 $localfilename = md5("$attachfile, $attachfile_name, $REMOTE_IP, $REMOTE_PORT, $UNIQUE_ID, and everything else that may add entropy");
c3c37167 346 $localfilename = $localfilename;
4ba45d11 347
348 // Put the file in a better place
cacf2747 349 $tmp=explode('/',$attachfile);
350 $attachfile=$tmp[count($tmp)-1];
351 $attachfile=ereg_replace('\.{2,}','',$attachfile);
352
4ba45d11 353 error_reporting(0); // Rename will produce error output if it fails
c3c37167 354 if (!rename($attachfile, $attachment_dir.$localfilename)) {
355 if (!copy($attachfile, $attachment_dir.$localfilename)) {
22ef7536 356 plain_error_message(_("Could not move/copy file. File not attached"), $color);
c3c37167 357 $failed = true;
4ba45d11 358 }
359 }
360 // If it still exists, PHP will remove the original file
361
c3c37167 362 if (!$failed) {
363 // Write information about the file
364 $fp = fopen ($attachment_dir.$localfilename.".info", "w");
365 fputs ($fp, "$attachfile_type\n$attachfile_name\n");
366 fclose ($fp);
4ba45d11 367
c3c37167 368 $attachments[$localfilename] = $attachfile_name;
369 }
4ba45d11 370
371 showInputForm();
372 } else if (isset($do_delete)) {
3c13b9fb 373 is_logged_in();
dcb7f454 374 displayPageHeader($color, $mailbox);
fc3348ac 375
fb16d219 376 while (list($lkey, $localname) = each($delete)) {
377 array_splice ($attachments, $lkey, 1);
c3c37167 378 unlink ($attachment_dir.$localname);
379 unlink ($attachment_dir.$localname.".info");
4ba45d11 380 }
4bfed9f3 381
4ba45d11 382 showInputForm();
383 } else {
a60b9989 384 $imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
dcb7f454 385 displayPageHeader($color, $mailbox);
fc3348ac 386
b57c4e63 387 $newmail = true;
1220e677 388 newMail();
4ba45d11 389 showInputForm();
1195c340 390 sqimap_logout($imapConnection);
4ba45d11 391 }
da79853a 392?>