[squirrelmail.git] / src / compose.php

<?php
   /** 
    ** compose.php
    **
    **  Copyright (c) 1999-2000 The SquirrelMail development team
    **  Licensed under the GNU GPL. For full terms see the file COPYING.
    **
    ** This code sends a mail.
    **
    ** There are 3 modes of operation:
    **  - Start new mail
    **  - Add an attachment
    **  - Send mail
    **/

   session_start();

   if (!isset($config_php))
      include("../config/config.php");
   if (!isset($strings_php))
      include("../functions/strings.php");
   if (!isset($page_header_php))
      include("../functions/page_header.php");
   if (!isset($imap_php))
      include("../functions/imap.php");
   if (!isset($date_php))
      include("../functions/date.php");
   if (!isset($mime_php))
      include("../functions/mime.php");
   if (!isset($smtp_php))
      include("../functions/smtp.php");
   if (!isset($display_messages_php))
      include("../functions/display_messages.php");
   if (!isset($auth_php))
      include ("../functions/auth.php");
   if (!isset($plugin_php))
      include ("../functions/plugin.php");

   include("../src/load_prefs.php");

   // This function is used when not sending or adding attachments
   function newMail () {
      global $forward_id, $imapConnection, $msg, $ent_num, $body_ary, $body,
         $reply_id, $send_to, $send_to_cc, $mailbox, $send_to_bcc, $editor_size;

      $send_to = sqStripSlashes(decodeHeader($send_to));
      $send_to_cc = sqStripSlashes(decodeHeader($send_to_cc));
      $send_to_bcc = sqStripSlashes(decodeHeader($send_to_bcc));

      if ($forward_id)
         $id = $forward_id;
      else if ($reply_id)
         $id = $reply_id;


      if ($id) {
         sqimap_mailbox_select($imapConnection, $mailbox);
         $message = sqimap_get_message($imapConnection, $id, $mailbox);
         $orig_header = $message->header;
         if ($ent_num)
            $message = getEntity($message, $ent_num);

         if ($message->header->type0 == "text" || $message->header->type1 == "message") {
            if ($ent_num)
               $body = decodeBody(mime_fetch_body($imapConnection, $id, $ent_num), $message->header->encoding);
            else
               $body = decodeBody(mime_fetch_body($imapConnection, $id, 1), $message->header->encoding);
         } else {
            $body = "";
         }
         
         if ($message->header->type1 == "html")
            $body = strip_tags($body);
         
         sqUnWordWrap($body);   
         $body_ary = explode("\n", $body);
         $i = count($body_ary) - 1;
         while (isset($body_ary[$i]) && ereg("^[>\s]*$", $body_ary[$i])) {
            unset($body_ary[$i]);
            $i --;
         }
         $body = "";
         for ($i=0; $i < count($body_ary); $i++) {
            if (! $forward_id)
            {
                if (ereg('^[\s>]+', $body_ary[$i]))
                {
                    $body_ary[$i] = '>' . $body_ary[$i];
                }
                else
                {
                    $body_ary[$i] = '> ' . $body_ary[$i];
                }
            }
            sqWordWrap($body_ary[$i], $editor_size - 1);
            $body .= $body_ary[$i] . "\n";
            $body_ary[$i] = '';
         }
         if ($forward_id)
         {
             $bodyTop =  "-------- " . _("Original Message") . " --------\n";
             $bodyTop .= _("Subject") . ": " . $orig_header->subject . "\n"; 
             $bodyTop .= _("From") . ": " . $orig_header->from . "\n"; 
             $bodyTop .= _("To") . ": " . $orig_header->to[0] . "\n"; 
             if (count($orig_header->to) > 1) {
                 for ($x=1; $x < count($orig_header->to); $x++) {
                     $bodyTop .= "         " . $orig_header->to[$x] . "\n";
                 }
             }
             $bodyTop .= "\n";
             $body = $bodyTop . $body;
         }
         
         $body = ereg_replace('\\\\', '\\\\', $body);

         sqimap_mailbox_close($imapConnection);
         return;
      }

      if (!$send_to) {
         $send_to = sqimap_find_email($send_to);
      }

      /** This formats a CC string if they hit "reply all" **/
      if ($send_to_cc != "") {
         $send_to_cc = ereg_replace( '"[^"]*"', "", $send_to_cc);
         $send_to_cc = ereg_replace(";", ",", $send_to_cc);
         $sendcc = explode(",", $send_to_cc);
         $send_to_cc = "";
         
         for ($i = 0; $i < count($sendcc); $i++) {
            $sendcc[$i] = trim($sendcc[$i]);
            if ($sendcc[$i] == "")
               continue;
            
            $sendcc[$i] = sqimap_find_email($sendcc[$i]);
            $whofrom = sqimap_find_displayable_name($msg["HEADER"]["FROM"]);
            $whoreplyto = sqimap_find_email($msg["HEADER"]["REPLYTO"]);
         
            if ((strtolower(trim($sendcc[$i])) != strtolower(trim($whofrom))) &&
                (strtolower(trim($sendcc[$i])) != strtolower(trim($whoreplyto))) &&
                (trim($sendcc[$i]) != "")) {
               $send_to_cc .= trim($sendcc[$i]) . ", ";
            }
         }
         $send_to_cc = trim($send_to_cc);
         if (substr($send_to_cc, -1) == ",") {
            $send_to_cc = substr($send_to_cc, 0, strlen($send_to_cc) - 1);
         }
      }
   } // function newMail()

   function showInputForm () {
      global $send_to, $send_to_cc, $reply_subj, $forward_subj, $body,
         $passed_body, $color, $use_signature, $signature, $editor_size,
         $attachments, $subject, $newmail, $use_javascript_addr_book,
         $send_to_bcc, $reply_id, $mailbox, $from_htmladdr_search,
         $location_of_buttons;

      $subject = sqStripSlashes(decodeHeader($subject));
      $reply_subj = decodeHeader($reply_subj);
      $forward_subj = decodeHeader($forward_subj);
      $body = sqStripSlashes($body);
      
      if ($use_javascript_addr_book) {
         echo "\n<SCRIPT LANGUAGE=JavaScript><!--\n";
         echo "function open_abook() { \n";
         echo "  var nwin = window.open(\"addrbook_popup.php\",\"abookpopup\",";
         echo "\"width=670,height=300,resizable=yes,scrollbars=yes\");\n";
         echo "  if((!nwin.opener) && (document.windows != null))\n";
         echo "    nwin.opener = document.windows;\n";
         echo "}\n";
         echo "// --></SCRIPT>\n\n";
      }

      echo "\n<FORM name=compose action=\"compose.php\" METHOD=POST ENCTYPE=\"multipart/form-data\">\n";
      //echo "\n<FORM name=compose action=\"compose.php\" METHOD=POST>\n";
      if ($reply_id) {
         echo "<input type=hidden name=reply_id value=$reply_id>\n";
      }                 
      printf("<INPUT TYPE=hidden NAME=mailbox VALUE=\"%s\">\n", htmlspecialchars($mailbox));
      echo "<TABLE WIDTH=\"100%\" ALIGN=center CELLSPACING=0 BORDER=0>\n";

      if ($location_of_buttons == 'top') showComposeButtonRow();

      echo "   <TR>\n";
      echo "      <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
      echo _("To:");
      echo "      </TD><TD BGCOLOR=\"$color[4]\">\n";
      printf("         <INPUT TYPE=text NAME=\"send_to\" VALUE=\"%s\" SIZE=60><BR>\n",
             htmlspecialchars($send_to));
      echo "      </TD>\n";
      echo "   </TR>\n";
      echo "   <TR>\n";
      echo "      <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
      echo _("CC:");
      echo "      </TD><TD BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
      printf("         <INPUT TYPE=text NAME=\"send_to_cc\" SIZE=60 VALUE=\"%s\"><BR>\n",
             htmlspecialchars($send_to_cc));
      echo "      </TD>\n";
      echo "   </TR>\n";
      echo "   <TR>\n";
      echo "      <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
      echo _("BCC:");
      echo "      </TD><TD BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
      printf("         <INPUT TYPE=text NAME=\"send_to_bcc\" VALUE=\"%s\" SIZE=60><BR>\n",
             htmlspecialchars($send_to_bcc));
      echo "</TD></TR>\n";

      echo "   <TR>\n";
      echo "      <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
      echo _("Subject:");
      echo "      </TD><TD BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
      if ($reply_subj) {
         $reply_subj = str_replace("\"", "'", $reply_subj);
         $reply_subj = sqStripSlashes($reply_subj);
         $reply_subj = trim($reply_subj);
         if (substr(strtolower($reply_subj), 0, 3) != "re:")
            $reply_subj = "Re: $reply_subj";
         printf("         <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
                htmlspecialchars($reply_subj));
      } else if ($forward_subj) {
         $forward_subj = str_replace("\"", "'", $forward_subj);
         $forward_subj = sqStripSlashes($forward_subj);
         $forward_subj = trim($forward_subj);
         if ((substr(strtolower($forward_subj), 0, 4) != "fwd:") &&
             (substr(strtolower($forward_subj), 0, 5) != "[fwd:") &&
             (substr(strtolower($forward_subj), 0, 6) != "[ fwd:"))
            $forward_subj = "[Fwd: $forward_subj]";
         printf("         <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
                htmlspecialchars($forward_subj));
      } else {
          printf("         <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
                htmlspecialchars($subject));
      }
      echo "</td></tr>\n\n";

      if ($location_of_buttons == 'between') showComposeButtonRow();

      echo "   <TR>\n";
      echo "      <TD BGCOLOR=\"$color[4]\" COLSPAN=2>\n";
      echo "         &nbsp;&nbsp;<TEXTAREA NAME=body ROWS=20 COLS=\"$editor_size\" WRAP=HARD>";
      echo htmlspecialchars($body);
      if ($use_signature == true && $newmail == true && !isset($from_htmladdr_search)) {
         echo "\n\n-- \n" . htmlspecialchars($signature);
      }
      echo "</TEXTAREA><BR>\n";
      echo "      </TD>\n";
      echo "   </TR>\n";

      if ($location_of_buttons == 'bottom') 
         showComposeButtonRow();
      else {
         echo "   <TR><TD>&nbsp;</TD><TD ALIGN=LEFT><INPUT TYPE=SUBMIT NAME=send VALUE=\""._("Send")."\"></TD></TR>\n";
      }
      
      // This code is for attachments
      echo "   <tr>\n";
      echo "     <TD BGCOLOR=\"$color[0]\" VALIGN=TOP ALIGN=RIGHT>\n";
      echo "      <SMALL><BR></SMALL>"._("Attach:");
      echo "      </td><td ALIGN=left BGCOLOR=\"$color[0]\">\n";
      //      echo "      <INPUT TYPE=\"hidden\" name=\"MAX_FILE_SIZE\"\n";
      //      echo "      value=\"10000\">\n";
      echo "      <INPUT NAME=\"attachfile\" SIZE=48 TYPE=\"file\">\n";
      echo "      &nbsp;&nbsp;<input type=\"submit\" name=\"attach\"";
      echo " value=\"" . _("Add") ."\">\n";
      echo "     </td>\n";
      echo "   </tr>\n";
      if (isset($attachments) && count($attachments)>0) {
         echo "<tr><td bgcolor=\"$color[0]\" align=right>\n";
         echo "&nbsp;";
         echo "</td><td align=left bgcolor=\"$color[0]\">";
         while (list($localname, $remotename) = each($attachments)) {
            echo "<input type=\"checkbox\" name=\"delete[]\" value=\"$localname\">\n";
            echo "$remotename <input type=\"hidden\" name=\"attachments[$localname]\" value=\"$remotename\"><br>\n";
         }
         
         echo "<input type=\"submit\" name=\"do_delete\" value=\""._("Delete selected attachments")."\">\n";
         echo "</td></tr>";
      }
      // End of attachment code

      echo "</TABLE>\n";
      echo "</FORM>";
      do_hook("compose_bottom");
   }
   
   function showComposeButtonRow() {
      echo "   <TR><td>\n   </td><td>\n";
      if ($use_javascript_addr_book) {
         echo "      <SCRIPT LANGUAGE=JavaScript><!--\n document.write(\"";
         echo "         <input type=button value=\\\""._("Addresses")."\\\" onclick='javascript:open_abook();'>\");";
         echo "         // --></SCRIPT><NOSCRIPT>\n";
         echo "         <input type=submit name=\"html_addr_search\" value=\""._("Addresses")."\">";
         echo "      </NOSCRIPT>\n";
      } else {  
         echo "      <input type=submit name=\"html_addr_search\" value=\""._("Addresses")."\">";
      }   
      echo "\n    <INPUT TYPE=SUBMIT NAME=send VALUE=\"". _("Send") . "\">\n";
      
      do_hook("compose_button_row");

      echo "   </TD>\n";
      echo "   </TR>\n\n";
   }

   function showSentForm () {
      echo "<BR><BR><BR><CENTER><B>Message Sent!</B><BR><BR>";
      echo "You will be automatically forwarded.<BR>If not, <A HREF=\"right_main.php\">click here</A>";
      echo "</CENTER>";
   }

   function checkInput ($show) {
      /** I implemented the $show variable because the error messages
          were getting sent before the page header.  So, I check once
          using $show=false, and then when i'm ready to display the
          error message, show=true **/
      global $body, $send_to, $subject, $color;

      if ($send_to == "") {
         if ($show)
            plain_error_message(_("You have not filled in the \"To:\" field."), $color);
         return false;
      }
      return true;
   } // function checkInput()


   if (($mailbox == "") || ($mailbox == "None"))
      $mailbox = "INBOX";

   if(isset($send)) {
      if (checkInput(false)) {
         $urlMailbox = urlencode ($mailbox);
         sendMessage($send_to, $send_to_cc, $send_to_bcc, $subject, $body, $reply_id);
         header ("Location: right_main.php?mailbox=$urlMailbox&sort=$sort&startMessage=1");
      } else {
         //$imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
         displayPageHeader($color, $mailbox);
         checkInput(true);
         
         showInputForm();
         //sqimap_logout($imapConnection);
      }
   } else if ($html_addr_search_done) {
      is_logged_in();
      displayPageHeader($color, $mailbox);

      $send_to = sqStripSlashes($send_to);
      $send_to_cc = sqStripSlashes($send_to_cc);
      $send_to_bcc = sqStripSlashes($send_to_bcc);
      
      for ($i=0; $i < count($send_to_search); $i++) {
         if ($send_to)
            $send_to .= ", ";
         $send_to .= $send_to_search[$i];   
      }
      
      for ($i=0; $i < count($send_to_cc_search); $i++) {
         if ($send_to_cc)
            $send_to_cc .= ", ";
         $send_to_cc .= $send_to_cc_search[$i];   
      }
      
      showInputForm();
   } else if ($html_addr_search) {
      // I am using an include so as to elminiate an extra unnecessary click.  If you
      // can think of a better way, please implement it.
      include ("addrbook_search_html.php");
   } else if (isset($attach)) {
      is_logged_in();
      displayPageHeader($color, $mailbox);

      $localfilename = md5($HTTP_POST_FILES['attachfile']['tmp_name'].", ".$HTTP_POST_FILES['attachfile']['name'].", $REMOTE_IP, $REMOTE_PORT, $UNIQUE_ID, and everything else that may add entropy");
//      $localfilename = $localfilename; // ??
      
      // Put the file in a better place
      // This shouldn't be here... Ondrej Sury <ondrej@sury.cz>
      //$tmp=explode('/',$attachfile);
      //$attachfile=$tmp[count($tmp)-1];
      //$attachfile=ereg_replace('\.{2,}','',$attachfile);

      //error_reporting(0); // Rename will produce error output if it fails
      //if (!rename($attachfile, $attachment_dir.$localfilename)) {
      //   if (!copy($attachfile, $attachment_dir.$localfilename)) {
      if (!@rename($HTTP_POST_FILES['attachfile']['tmp_name'], $attachment_dir.$localfilename)) {
         if (!@copy($HTTP_POST_FILES['attachfile']['tmp_name'], $attachment_dir.$localfilename)) {
            plain_error_message(_("Could not move/copy file. File not attached"), $color);
            $failed = true;
         }
      }
      // If it still exists, PHP will remove the original file

      if (!$failed) {
         // Write information about the file
         $fp = fopen ($attachment_dir.$localfilename.".info", "w");
         fputs ($fp, $HTTP_POST_FILES['attachfile']['type']."\n".$HTTP_POST_FILES['attachfile']['name']."\n");
         fclose ($fp);

         $attachments[$localfilename] = $HTTP_POST_FILES['attachfile']['name'];
      }
      
      showInputForm();
   } else if (isset($do_delete)) {
      is_logged_in();
      displayPageHeader($color, $mailbox);

      while (list($lkey, $localname) = each($delete)) {
         unset ($attachments[$localname]);
         unlink ($attachment_dir.$localname);
         unlink ($attachment_dir.$localname.".info");
      }

      showInputForm();
   } else {
      $imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
      displayPageHeader($color, $mailbox);

      $newmail = true;
      newMail();
      showInputForm();
      sqimap_logout($imapConnection);
   }
?>
Commit	Line	Data
59177427	1	<?php
ef870322	2	/**
	3	** compose.php
	4	**
	5	** Copyright (c) 1999-2000 The SquirrelMail development team
	6	** Licensed under the GNU GPL. For full terms see the file COPYING.
	7	**
	8	** This code sends a mail.
df15de21	9	**
	10	** There are 3 modes of operation:
	11	** - Start new mail
	12	** - Add an attachment
	13	** - Send mail
	14	**/
	15
2a32fc83	16	session_start();
2a32fc83	17
d068c0ec	18	if (!isset($config_php))
	19	include("../config/config.php");
	20	if (!isset($strings_php))
	21	include("../functions/strings.php");
	22	if (!isset($page_header_php))
	23	include("../functions/page_header.php");
	24	if (!isset($imap_php))
	25	include("../functions/imap.php");
	26	if (!isset($date_php))
	27	include("../functions/date.php");
	28	if (!isset($mime_php))
	29	include("../functions/mime.php");
	30	if (!isset($smtp_php))
	31	include("../functions/smtp.php");
	32	if (!isset($display_messages_php))
	33	include("../functions/display_messages.php");
3c13b9fb	34	if (!isset($auth_php))
3c13b9fb	35	include ("../functions/auth.php");
15bfc1bc	36	if (!isset($plugin_php))
15bfc1bc	37	include ("../functions/plugin.php");
f7fb20fe	38
d3cdb279	39	include("../src/load_prefs.php");
8467bf00	40
4ba45d11	41	// This function is used when not sending or adding attachments
df15de21	42	function newMail () {
df15de21	43	global $forward_id, $imapConnection, $msg, $ent_num, $body_ary, $body,
a794e82c	44	$reply_id, $send_to, $send_to_cc, $mailbox, $send_to_bcc, $editor_size;
e39d73e5	45
7aaa81fc	46	$send_to = sqStripSlashes(decodeHeader($send_to));
7aaa81fc	47	$send_to_cc = sqStripSlashes(decodeHeader($send_to_cc));
6e79bfe2	48	$send_to_bcc = sqStripSlashes(decodeHeader($send_to_bcc));
a53e5469	49
429f8906	50	if ($forward_id)
	51	$id = $forward_id;
	52	else if ($reply_id)
	53	$id = $reply_id;
	54
1195c340	55
429f8906	56	if ($id) {
813eba2f	57	sqimap_mailbox_select($imapConnection, $mailbox);
429f8906	58	$message = sqimap_get_message($imapConnection, $id, $mailbox);
8d8ab69a	59	$orig_header = $message->header;
1195c340	60	if ($ent_num)
1195c340	61	$message = getEntity($message, $ent_num);
429f8906	62
429f8906	63	if ($message->header->type0 == "text" \|\| $message->header->type1 == "message") {
1195c340	64	if ($ent_num)
	65	$body = decodeBody(mime_fetch_body($imapConnection, $id, $ent_num), $message->header->encoding);
	66	else
	67	$body = decodeBody(mime_fetch_body($imapConnection, $id, 1), $message->header->encoding);
429f8906	68	} else {
429f8906	69	$body = "";
df15de21	70	}
df15de21	71
429f8906	72	if ($message->header->type1 == "html")
429f8906	73	$body = strip_tags($body);
01aab860	74
01aab860	75	sqUnWordWrap($body);
a794e82c	76	$body_ary = explode("\n", $body);
fb6ce88e	77	$i = count($body_ary) - 1;
	78	while (isset($body_ary[$i]) && ereg("^[>\s]*$", $body_ary[$i])) {
	79	unset($body_ary[$i]);
	80	$i --;
441f2d33	81	}
a794e82c	82	$body = "";
a794e82c	83	for ($i=0; $i < count($body_ary); $i++) {
01aab860	84	if (! $forward_id)
01aab860	85	{
441f2d33	86	if (ereg('^[\s>]+', $body_ary[$i]))
01aab860	87	{
	88	$body_ary[$i] = '>' . $body_ary[$i];
	89	}
	90	else
	91	{
	92	$body_ary[$i] = '> ' . $body_ary[$i];
	93	}
	94	}
a794e82c	95	sqWordWrap($body_ary[$i], $editor_size - 1);
01aab860	96	$body .= $body_ary[$i] . "\n";
01aab860	97	$body_ary[$i] = '';
a794e82c	98	}
01aab860	99	if ($forward_id)
	100	{
	101	$bodyTop = "-------- " . _("Original Message") . " --------\n";
	102	$bodyTop .= _("Subject") . ": " . $orig_header->subject . "\n";
	103	$bodyTop .= _("From") . ": " . $orig_header->from . "\n";
	104	$bodyTop .= _("To") . ": " . $orig_header->to[0] . "\n";
	105	if (count($orig_header->to) > 1) {
	106	for ($x=1; $x < count($orig_header->to); $x++) {
	107	$bodyTop .= " " . $orig_header->to[$x] . "\n";
	108	}
	109	}
	110	$bodyTop .= "\n";
	111	$body = $bodyTop . $body;
78509c54	112	}
441f2d33	113
441f2d33	114	$body = ereg_replace('\\\\', '\\\\', $body);
a794e82c	115
a2790a61	116	sqimap_mailbox_close($imapConnection);
01aab860	117	return;
78509c54	118	}
429f8906	119
29d08a52	120	if (!$send_to) {
	121	$send_to = sqimap_find_email($send_to);
	122	}
	123
df15de21	124	/ This formats a CC string if they hit "reply all" /
df15de21	125	if ($send_to_cc != "") {
a48fbf9b	126	$send_to_cc = ereg_replace( '"[^"]*"', "", $send_to_cc);
df15de21	127	$send_to_cc = ereg_replace(";", ",", $send_to_cc);
	128	$sendcc = explode(",", $send_to_cc);
	129	$send_to_cc = "";
	130
	131	for ($i = 0; $i < count($sendcc); $i++) {
	132	$sendcc[$i] = trim($sendcc[$i]);
	133	if ($sendcc[$i] == "")
	134	continue;
	135
a53e5469	136	$sendcc[$i] = sqimap_find_email($sendcc[$i]);
813eba2f	137	$whofrom = sqimap_find_displayable_name($msg["HEADER"]["FROM"]);
813eba2f	138	$whoreplyto = sqimap_find_email($msg["HEADER"]["REPLYTO"]);
df15de21	139
	140	if ((strtolower(trim($sendcc[$i])) != strtolower(trim($whofrom))) &&
	141	(strtolower(trim($sendcc[$i])) != strtolower(trim($whoreplyto))) &&
	142	(trim($sendcc[$i]) != "")) {
	143	$send_to_cc .= trim($sendcc[$i]) . ", ";
	144	}
	145	}
	146	$send_to_cc = trim($send_to_cc);
	147	if (substr($send_to_cc, -1) == ",") {
	148	$send_to_cc = substr($send_to_cc, 0, strlen($send_to_cc) - 1);
	149	}
	150	}
	151	} // function newMail()
78509c54	152
df15de21	153	function showInputForm () {
df15de21	154	global $send_to, $send_to_cc, $reply_subj, $forward_subj, $body,
4ba45d11	155	$passed_body, $color, $use_signature, $signature, $editor_size,
3806fa52	156	$attachments, $subject, $newmail, $use_javascript_addr_book,
441f2d33	157	$send_to_bcc, $reply_id, $mailbox, $from_htmladdr_search,
441f2d33	158	$location_of_buttons;
78509c54	159
5f104808	160	$subject = sqStripSlashes(decodeHeader($subject));
2e434774	161	$reply_subj = decodeHeader($reply_subj);
2e434774	162	$forward_subj = decodeHeader($forward_subj);
162efb6f	163	$body = sqStripSlashes($body);
01aab860	164
3806fa52	165	if ($use_javascript_addr_book) {
	166	echo "\n<SCRIPT LANGUAGE=JavaScript><!--\n";
	167	echo "function open_abook() { \n";
	168	echo " var nwin = window.open(\"addrbook_popup.php\",\"abookpopup\",";
	169	echo "\"width=670,height=300,resizable=yes,scrollbars=yes\");\n";
	170	echo " if((!nwin.opener) && (document.windows != null))\n";
	171	echo " nwin.opener = document.windows;\n";
	172	echo "}\n";
	173	echo "// --></SCRIPT>\n\n";
	174	}
5100704d	175
cacf2747	176	echo "\n<FORM name=compose action=\"compose.php\" METHOD=POST ENCTYPE=\"multipart/form-data\">\n";
cacf2747	177	//echo "\n<FORM name=compose action=\"compose.php\" METHOD=POST>\n";
966286ae	178	if ($reply_id) {
966286ae	179	echo "<input type=hidden name=reply_id value=$reply_id>\n";
6e79bfe2	180	}
cf8758c7	181	printf("<INPUT TYPE=hidden NAME=mailbox VALUE=\"%s\">\n", htmlspecialchars($mailbox));
c5d828b3	182	echo "<TABLE WIDTH=\"100%\" ALIGN=center CELLSPACING=0 BORDER=0>\n";
441f2d33	183
	184	if ($location_of_buttons == 'top') showComposeButtonRow();
	185
df15de21	186	echo " <TR>\n";
c5d828b3	187	echo " <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
df15de21	188	echo _("To:");
c5d828b3	189	echo " </TD><TD BGCOLOR=\"$color[4]\">\n";
cf8758c7	190	printf(" <INPUT TYPE=text NAME=\"send_to\" VALUE=\"%s\" SIZE=60><BR>\n",
6e79bfe2	191	htmlspecialchars($send_to));
df15de21	192	echo " </TD>\n";
	193	echo " </TR>\n";
	194	echo " <TR>\n";
c5d828b3	195	echo " <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
aae41ae9	196	echo _("CC:");
c5d828b3	197	echo " </TD><TD BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
cf8758c7	198	printf(" <INPUT TYPE=text NAME=\"send_to_cc\" SIZE=60 VALUE=\"%s\"><BR>\n",
6e79bfe2	199	htmlspecialchars($send_to_cc));
df15de21	200	echo " </TD>\n";
	201	echo " </TR>\n";
	202	echo " <TR>\n";
c5d828b3	203	echo " <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
aae41ae9	204	echo _("BCC:");
761d149e	205	echo " </TD><TD BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
cf8758c7	206	printf(" <INPUT TYPE=text NAME=\"send_to_bcc\" VALUE=\"%s\" SIZE=60><BR>\n",
6e79bfe2	207	htmlspecialchars($send_to_bcc));
3806fa52	208	echo "</TD></TR>\n";
5100704d	209
df15de21	210	echo " <TR>\n";
c5d828b3	211	echo " <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
df15de21	212	echo _("Subject:");
761d149e	213	echo " </TD><TD BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
df15de21	214	if ($reply_subj) {
df15de21	215	$reply_subj = str_replace("\"", "'", $reply_subj);
7aaa81fc	216	$reply_subj = sqStripSlashes($reply_subj);
df15de21	217	$reply_subj = trim($reply_subj);
	218	if (substr(strtolower($reply_subj), 0, 3) != "re:")
	219	$reply_subj = "Re: $reply_subj";
cf8758c7	220	printf(" <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
6e79bfe2	221	htmlspecialchars($reply_subj));
df15de21	222	} else if ($forward_subj) {
df15de21	223	$forward_subj = str_replace("\"", "'", $forward_subj);
7aaa81fc	224	$forward_subj = sqStripSlashes($forward_subj);
df15de21	225	$forward_subj = trim($forward_subj);
	226	if ((substr(strtolower($forward_subj), 0, 4) != "fwd:") &&
	227	(substr(strtolower($forward_subj), 0, 5) != "[fwd:") &&
	228	(substr(strtolower($forward_subj), 0, 6) != "[ fwd:"))
	229	$forward_subj = "[Fwd: $forward_subj]";
cf8758c7	230	printf(" <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
6e79bfe2	231	htmlspecialchars($forward_subj));
df15de21	232	} else {
6e79bfe2	233	printf(" <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
6e79bfe2	234	htmlspecialchars($subject));
31f3d7c0	235	}
480feea7	236	echo "</td></tr>\n\n";
480feea7	237
441f2d33	238	if ($location_of_buttons == 'between') showComposeButtonRow();
4ba45d11	239
e5b23ff2	240	echo " <TR>\n";
c5d828b3	241	echo " <TD BGCOLOR=\"$color[4]\" COLSPAN=2>\n";
cf8758c7	242	echo "   <TEXTAREA NAME=body ROWS=20 COLS=\"$editor_size\" WRAP=HARD>";
441f2d33	243	echo htmlspecialchars($body);
6e79bfe2	244	if ($use_signature == true && $newmail == true && !isset($from_htmladdr_search)) {
441f2d33	245	echo "\n\n-- \n" . htmlspecialchars($signature);
cf8758c7	246	}
cf8758c7	247	echo "</TEXTAREA><BR>\n";
e5b23ff2	248	echo " </TD>\n";
e5b23ff2	249	echo " </TR>\n";
441f2d33	250
	251	if ($location_of_buttons == 'bottom')
	252	showComposeButtonRow();
	253	else {
	254	echo " <TR><TD> </TD><TD ALIGN=LEFT><INPUT TYPE=SUBMIT NAME=send VALUE=\""._("Send")."\"></TD></TR>\n";
	255	}
e5b23ff2	256
4ba45d11	257	// This code is for attachments
4ba45d11	258	echo " <tr>\n";
c5d828b3	259	echo " <TD BGCOLOR=\"$color[0]\" VALIGN=TOP ALIGN=RIGHT>\n";
aae41ae9	260	echo " <SMALL><BR></SMALL>"._("Attach:");
c5d828b3	261	echo " </td><td ALIGN=left BGCOLOR=\"$color[0]\">\n";
4ba45d11	262	// echo " <INPUT TYPE=\"hidden\" name=\"MAX_FILE_SIZE\"\n";
4ba45d11	263	// echo " value=\"10000\">\n";
944eb785	264	echo " <INPUT NAME=\"attachfile\" SIZE=48 TYPE=\"file\">\n";
95de6c91	265	echo "   <input type=\"submit\" name=\"attach\"";
95de6c91	266	echo " value=\"" . _("Add") ."\">\n";
469eb37b	267	echo " </td>\n";
469eb37b	268	echo " </tr>\n";
4ba45d11	269	if (isset($attachments) && count($attachments)>0) {
162efb6f	270	echo "<tr><td bgcolor=\"$color[0]\" align=right>\n";
e5b23ff2	271	echo " ";
c5d828b3	272	echo "</td><td align=left bgcolor=\"$color[0]\">";
4ba45d11	273	while (list($localname, $remotename) = each($attachments)) {
	274	echo "<input type=\"checkbox\" name=\"delete[]\" value=\"$localname\">\n";
	275	echo "$remotename <input type=\"hidden\" name=\"attachments[$localname]\" value=\"$remotename\"><br>\n";
	276	}
	277
	278	echo "<input type=\"submit\" name=\"do_delete\" value=\""._("Delete selected attachments")."\">\n";
469eb37b	279	echo "</td></tr>";
4ba45d11	280	}
4ba45d11	281	// End of attachment code
4ba45d11	282
ffc2ccbc	283	echo "</TABLE>\n";
df15de21	284	echo "</FORM>";
d7d3c4d4	285	do_hook("compose_bottom");
31f3d7c0	286	}
441f2d33	287
	288	function showComposeButtonRow() {
	289	echo " <TR><td>\n </td><td>\n";
	290	if ($use_javascript_addr_book) {
	291	echo " <SCRIPT LANGUAGE=JavaScript><!--\n document.write(\"";
	292	echo " <input type=button value=\\\""._("Addresses")."\\\" onclick='javascript:open_abook();'>\");";
	293	echo " // --></SCRIPT><NOSCRIPT>\n";
	294	echo " <input type=submit name=\"html_addr_search\" value=\""._("Addresses")."\">";
	295	echo " </NOSCRIPT>\n";
	296	} else {
	297	echo " <input type=submit name=\"html_addr_search\" value=\""._("Addresses")."\">";
	298	}
	299	echo "\n <INPUT TYPE=SUBMIT NAME=send VALUE=\"". _("Send") . "\">\n";
	300
	301	do_hook("compose_button_row");
	302
	303	echo " </TD>\n";
	304	echo " </TR>\n\n";
	305	}
8467bf00	306
df15de21	307	function showSentForm () {
df15de21	308	echo "<BR><BR><BR><CENTER><B>Message Sent!</B><BR><BR>";
9f2215a1	309	echo "You will be automatically forwarded.<BR>If not, <A HREF=\"right_main.php\">click here</A>";
aae41ae9	310	echo "</CENTER>";
df15de21	311	}
b278172f	312
0ad7dbda	313	function checkInput ($show) {
	314	/** I implemented the $show variable because the error messages
	315	were getting sent before the page header. So, I check once
	316	using $show=false, and then when i'm ready to display the
	317	error message, show=true **/
	318	global $body, $send_to, $subject, $color;
b278172f	319
99fa2b21	320	if ($send_to == "") {
0ad7dbda	321	if ($show)
0ad7dbda	322	plain_error_message(_("You have not filled in the \"To:\" field."), $color);
df15de21	323	return false;
b278172f	324	}
df15de21	325	return true;
	326	} // function checkInput()
	327
3806fa52	328
ecf51658	329	if (($mailbox == "") \|\| ($mailbox == "None"))
dcb7f454	330	$mailbox = "INBOX";
3806fa52	331
4ba45d11	332	if(isset($send)) {
0ad7dbda	333	if (checkInput(false)) {
966286ae	334	$urlMailbox = urlencode ($mailbox);
	335	sendMessage($send_to, $send_to_cc, $send_to_bcc, $subject, $body, $reply_id);
	336	header ("Location: right_main.php?mailbox=$urlMailbox&sort=$sort&startMessage=1");
df15de21	337	} else {
01aab860	338	//$imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
dcb7f454	339	displayPageHeader($color, $mailbox);
0ad7dbda	340	checkInput(true);
0ad7dbda	341
df15de21	342	showInputForm();
01aab860	343	//sqimap_logout($imapConnection);
7c6cb7ca	344	}
3806fa52	345	} else if ($html_addr_search_done) {
3c13b9fb	346	is_logged_in();
dcb7f454	347	displayPageHeader($color, $mailbox);
3806fa52	348
7aaa81fc	349	$send_to = sqStripSlashes($send_to);
	350	$send_to_cc = sqStripSlashes($send_to_cc);
	351	$send_to_bcc = sqStripSlashes($send_to_bcc);
3806fa52	352
6c7fd6ca	353	for ($i=0; $i < count($send_to_search); $i++) {
	354	if ($send_to)
	355	$send_to .= ", ";
	356	$send_to .= $send_to_search[$i];
	357	}
	358
	359	for ($i=0; $i < count($send_to_cc_search); $i++) {
	360	if ($send_to_cc)
	361	$send_to_cc .= ", ";
	362	$send_to_cc .= $send_to_cc_search[$i];
	363	}
	364
3806fa52	365	showInputForm();
6c7fd6ca	366	} else if ($html_addr_search) {
591d2a88	367	// I am using an include so as to elminiate an extra unnecessary click. If you
591d2a88	368	// can think of a better way, please implement it.
6c7fd6ca	369	include ("addrbook_search_html.php");
4ba45d11	370	} else if (isset($attach)) {
3c13b9fb	371	is_logged_in();
dcb7f454	372	displayPageHeader($color, $mailbox);
fc3348ac	373
6519e12b	374	$localfilename = md5($HTTP_POST_FILES['attachfile']['tmp_name'].", ".$HTTP_POST_FILES['attachfile']['name'].", $REMOTE_IP, $REMOTE_PORT, $UNIQUE_ID, and everything else that may add entropy");
6519e12b	375	// $localfilename = $localfilename; // ??
4ba45d11	376
4ba45d11	377	// Put the file in a better place
162efb6f	378	// This shouldn't be here... Ondrej Sury <ondrej@sury.cz>
	379	//$tmp=explode('/',$attachfile);
	380	//$attachfile=$tmp[count($tmp)-1];
	381	//$attachfile=ereg_replace('\.{2,}','',$attachfile);
cacf2747	382
162efb6f	383	//error_reporting(0); // Rename will produce error output if it fails
	384	//if (!rename($attachfile, $attachment_dir.$localfilename)) {
	385	// if (!copy($attachfile, $attachment_dir.$localfilename)) {
6519e12b	386	if (!@rename($HTTP_POST_FILES['attachfile']['tmp_name'], $attachment_dir.$localfilename)) {
6519e12b	387	if (!@copy($HTTP_POST_FILES['attachfile']['tmp_name'], $attachment_dir.$localfilename)) {
22ef7536	388	plain_error_message(_("Could not move/copy file. File not attached"), $color);
c3c37167	389	$failed = true;
4ba45d11	390	}
	391	}
	392	// If it still exists, PHP will remove the original file
	393
c3c37167	394	if (!$failed) {
	395	// Write information about the file
	396	$fp = fopen ($attachment_dir.$localfilename.".info", "w");
6519e12b	397	fputs ($fp, $HTTP_POST_FILES['attachfile']['type']."\n".$HTTP_POST_FILES['attachfile']['name']."\n");
c3c37167	398	fclose ($fp);
4ba45d11	399
6519e12b	400	$attachments[$localfilename] = $HTTP_POST_FILES['attachfile']['name'];
c3c37167	401	}
4ba45d11	402
	403	showInputForm();
	404	} else if (isset($do_delete)) {
3c13b9fb	405	is_logged_in();
dcb7f454	406	displayPageHeader($color, $mailbox);
fc3348ac	407
fb16d219	408	while (list($lkey, $localname) = each($delete)) {
90555fe7	409	unset ($attachments[$localname]);
c3c37167	410	unlink ($attachment_dir.$localname);
c3c37167	411	unlink ($attachment_dir.$localname.".info");
4ba45d11	412	}
4bfed9f3	413
4ba45d11	414	showInputForm();
4ba45d11	415	} else {
a60b9989	416	$imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
dcb7f454	417	displayPageHeader($color, $mailbox);
fc3348ac	418
b57c4e63	419	$newmail = true;
1220e677	420	newMail();
4ba45d11	421	showInputForm();
1195c340	422	sqimap_logout($imapConnection);
4ba45d11	423	}
da79853a	424	?>