[squirrelmail.git] / src / compose.php

<?php
   /** 
    ** compose.php
    **
    **  Copyright (c) 1999-2000 The SquirrelMail development team
    **  Licensed under the GNU GPL. For full terms see the file COPYING.
    **
    ** This code sends a mail.
    **
    ** There are 3 modes of operation:
    **  - Start new mail
    **  - Add an attachment
    **  - Send mail
    **/

   session_start();

   if (!isset($config_php))
      include("../config/config.php");
   if (!isset($strings_php))
      include("../functions/strings.php");
   if (!isset($page_header_php))
      include("../functions/page_header.php");
   if (!isset($imap_php))
      include("../functions/imap.php");
   if (!isset($date_php))
      include("../functions/date.php");
   if (!isset($mime_php))
      include("../functions/mime.php");
   if (!isset($smtp_php))
      include("../functions/smtp.php");
   if (!isset($display_messages_php))
      include("../functions/display_messages.php");
   if (!isset($auth_php))
      include ("../functions/auth.php");
   if (!isset($plugin_php))
      include ("../functions/plugin.php");

   include("../src/load_prefs.php");

   // This function is used when not sending or adding attachments
   function newMail () {
      global $forward_id, $imapConnection, $msg, $ent_num, $body_ary, $body,
         $reply_id, $send_to, $send_to_cc, $mailbox, $send_to_bcc, $editor_size;

      $send_to = sqStripSlashes(decodeHeader($send_to));
      $send_to_cc = sqStripSlashes(decodeHeader($send_to_cc));
      $send_to_bcc = sqStripSlashes(decodeHeader($send_to_bcc));

      if ($forward_id)
         $id = $forward_id;
      else if ($reply_id)
         $id = $reply_id;


      if ($id) {
         sqimap_mailbox_select($imapConnection, $mailbox);
         $message = sqimap_get_message($imapConnection, $id, $mailbox);
         $orig_header = $message->header;
         if ($ent_num)
            $message = getEntity($message, $ent_num);

         if ($message->header->type0 == "text" || $message->header->type1 == "message") {
            if ($ent_num)
               $body = decodeBody(mime_fetch_body($imapConnection, $id, $ent_num), $message->header->encoding);
            else
               $body = decodeBody(mime_fetch_body($imapConnection, $id, 1), $message->header->encoding);
         } else {
            $body = "";
         }
         
         if ($message->header->type1 == "html")
            $body = strip_tags($body);
         
         sqUnWordWrap($body);   
         $body_ary = explode("\n", $body);
         while (ereg("^[>\s]*$", $body_ary[count($body_ary) - 1])) {
            unset($body_ary[count($body_ary) - 1]);
         }
         $body = "";
         for ($i=0; $i < count($body_ary); $i++) {
            if (! $forward_id)
            {
                if (ereg('^[\s>]+', $body_ary[$i]))
                {
                    $body_ary[$i] = '>' . $body_ary[$i];
                }
                else
                {
                    $body_ary[$i] = '> ' . $body_ary[$i];
                }
            }
            sqWordWrap($body_ary[$i], $editor_size - 1);
            $body .= $body_ary[$i] . "\n";
            $body_ary[$i] = '';
         }
         if ($forward_id)
         {
             $bodyTop =  "-------- " . _("Original Message") . " --------\n";
             $bodyTop .= _("Subject") . ": " . $orig_header->subject . "\n"; 
             $bodyTop .= _("From") . ": " . $orig_header->from . "\n"; 
             $bodyTop .= _("To") . ": " . $orig_header->to[0] . "\n"; 
             if (count($orig_header->to) > 1) {
                 for ($x=1; $x < count($orig_header->to); $x++) {
                     $bodyTop .= "         " . $orig_header->to[$x] . "\n";
                 }
             }
             $bodyTop .= "\n";
             $body = $bodyTop . $body;
         }
         
         $body = ereg_replace('\\\\', '\\\\', $body);

         sqimap_mailbox_close($imapConnection);
         return;
      }

      if (!$send_to) {
         $send_to = sqimap_find_email($send_to);
      }

      /** This formats a CC string if they hit "reply all" **/
      if ($send_to_cc != "") {
         $send_to_cc = ereg_replace( '"[^"]*"', "", $send_to_cc);
         $send_to_cc = ereg_replace(";", ",", $send_to_cc);
         $sendcc = explode(",", $send_to_cc);
         $send_to_cc = "";
         
         for ($i = 0; $i < count($sendcc); $i++) {
            $sendcc[$i] = trim($sendcc[$i]);
            if ($sendcc[$i] == "")
               continue;
            
            $sendcc[$i] = sqimap_find_email($sendcc[$i]);
            $whofrom = sqimap_find_displayable_name($msg["HEADER"]["FROM"]);
            $whoreplyto = sqimap_find_email($msg["HEADER"]["REPLYTO"]);
         
            if ((strtolower(trim($sendcc[$i])) != strtolower(trim($whofrom))) &&
                (strtolower(trim($sendcc[$i])) != strtolower(trim($whoreplyto))) &&
                (trim($sendcc[$i]) != "")) {
               $send_to_cc .= trim($sendcc[$i]) . ", ";
            }
         }
         $send_to_cc = trim($send_to_cc);
         if (substr($send_to_cc, -1) == ",") {
            $send_to_cc = substr($send_to_cc, 0, strlen($send_to_cc) - 1);
         }
      }
   } // function newMail()

   function showInputForm () {
      global $send_to, $send_to_cc, $reply_subj, $forward_subj, $body,
         $passed_body, $color, $use_signature, $signature, $editor_size,
         $attachments, $subject, $newmail, $use_javascript_addr_book,
         $send_to_bcc, $reply_id, $mailbox, $from_htmladdr_search,
         $location_of_buttons;

      $subject = sqStripSlashes(decodeHeader($subject));
      $reply_subj = decodeHeader($reply_subj);
      $forward_subj = decodeHeader($forward_subj);
      $body = sqStripSlashes($body);
      
      if ($use_javascript_addr_book) {
         echo "\n<SCRIPT LANGUAGE=JavaScript><!--\n";
         echo "function open_abook() { \n";
         echo "  var nwin = window.open(\"addrbook_popup.php\",\"abookpopup\",";
         echo "\"width=670,height=300,resizable=yes,scrollbars=yes\");\n";
         echo "  if((!nwin.opener) && (document.windows != null))\n";
         echo "    nwin.opener = document.windows;\n";
         echo "}\n";
         echo "// --></SCRIPT>\n\n";
      }

      echo "\n<FORM name=compose action=\"compose.php\" METHOD=POST ENCTYPE=\"multipart/form-data\">\n";
      //echo "\n<FORM name=compose action=\"compose.php\" METHOD=POST>\n";
      if ($reply_id) {
         echo "<input type=hidden name=reply_id value=$reply_id>\n";
      }                 
      printf("<INPUT TYPE=hidden NAME=mailbox VALUE=\"%s\">\n", htmlspecialchars($mailbox));
      echo "<TABLE WIDTH=\"100%\" ALIGN=center CELLSPACING=0 BORDER=0>\n";

      if ($location_of_buttons == 'top') showComposeButtonRow();

      echo "   <TR>\n";
      echo "      <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
      echo _("To:");
      echo "      </TD><TD BGCOLOR=\"$color[4]\">\n";
      printf("         <INPUT TYPE=text NAME=\"send_to\" VALUE=\"%s\" SIZE=60><BR>\n",
             htmlspecialchars($send_to));
      echo "      </TD>\n";
      echo "   </TR>\n";
      echo "   <TR>\n";
      echo "      <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
      echo _("CC:");
      echo "      </TD><TD BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
      printf("         <INPUT TYPE=text NAME=\"send_to_cc\" SIZE=60 VALUE=\"%s\"><BR>\n",
             htmlspecialchars($send_to_cc));
      echo "      </TD>\n";
      echo "   </TR>\n";
      echo "   <TR>\n";
      echo "      <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
      echo _("BCC:");
      echo "      </TD><TD BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
      printf("         <INPUT TYPE=text NAME=\"send_to_bcc\" VALUE=\"%s\" SIZE=60><BR>\n",
             htmlspecialchars($send_to_bcc));
      echo "</TD></TR>\n";

      echo "   <TR>\n";
      echo "      <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
      echo _("Subject:");
      echo "      </TD><TD BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
      if ($reply_subj) {
         $reply_subj = str_replace("\"", "'", $reply_subj);
         $reply_subj = sqStripSlashes($reply_subj);
         $reply_subj = trim($reply_subj);
         if (substr(strtolower($reply_subj), 0, 3) != "re:")
            $reply_subj = "Re: $reply_subj";
         printf("         <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
                htmlspecialchars($reply_subj));
      } else if ($forward_subj) {
         $forward_subj = str_replace("\"", "'", $forward_subj);
         $forward_subj = sqStripSlashes($forward_subj);
         $forward_subj = trim($forward_subj);
         if ((substr(strtolower($forward_subj), 0, 4) != "fwd:") &&
             (substr(strtolower($forward_subj), 0, 5) != "[fwd:") &&
             (substr(strtolower($forward_subj), 0, 6) != "[ fwd:"))
            $forward_subj = "[Fwd: $forward_subj]";
         printf("         <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
                htmlspecialchars($forward_subj));
      } else {
          printf("         <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
                htmlspecialchars($subject));
      }
      echo "</td></tr>\n\n";

      if ($location_of_buttons == 'between') showComposeButtonRow();

      echo "   <TR>\n";
      echo "      <TD BGCOLOR=\"$color[4]\" COLSPAN=2>\n";
      echo "         &nbsp;&nbsp;<TEXTAREA NAME=body ROWS=20 COLS=\"$editor_size\" WRAP=HARD>";
      echo htmlspecialchars($body);
      if ($use_signature == true && $newmail == true && !isset($from_htmladdr_search)) {
         echo "\n\n-- \n" . htmlspecialchars($signature);
      }
      echo "</TEXTAREA><BR>\n";
      echo "      </TD>\n";
      echo "   </TR>\n";

      if ($location_of_buttons == 'bottom') 
         showComposeButtonRow();
      else {
         echo "   <TR><TD>&nbsp;</TD><TD ALIGN=LEFT><INPUT TYPE=SUBMIT NAME=send VALUE=\""._("Send")."\"></TD></TR>\n";
      }
      
      // This code is for attachments
      echo "   <tr>\n";
      echo "     <TD BGCOLOR=\"$color[0]\" VALIGN=TOP ALIGN=RIGHT>\n";
      echo "      <SMALL><BR></SMALL>"._("Attach:");
      echo "      </td><td ALIGN=left BGCOLOR=\"$color[0]\">\n";
      //      echo "      <INPUT TYPE=\"hidden\" name=\"MAX_FILE_SIZE\"\n";
      //      echo "      value=\"10000\">\n";
      echo "      <INPUT NAME=\"attachfile\" SIZE=48 TYPE=\"file\">\n";
      echo "      &nbsp;&nbsp;<input type=\"submit\" name=\"attach\"";
      echo " value=\"" . _("Add") ."\">\n";
      echo "     </td>\n";
      echo "   </tr>\n";
      if (isset($attachments) && count($attachments)>0) {
         echo "<tr><td bgcolor=\"$color[0]\" align=right>\n";
         echo "&nbsp;";
         echo "</td><td align=left bgcolor=\"$color[0]\">";
         while (list($localname, $remotename) = each($attachments)) {
            echo "<input type=\"checkbox\" name=\"delete[]\" value=\"$localname\">\n";
            echo "$remotename <input type=\"hidden\" name=\"attachments[$localname]\" value=\"$remotename\"><br>\n";
         }
         
         echo "<input type=\"submit\" name=\"do_delete\" value=\""._("Delete selected attachments")."\">\n";
         echo "</td></tr>";
      }
      // End of attachment code

      echo "</TABLE>\n";
      echo "</FORM>";
      do_hook("compose_bottom");
   }
   
   function showComposeButtonRow() {
      echo "   <TR><td>\n   </td><td>\n";
      if ($use_javascript_addr_book) {
         echo "      <SCRIPT LANGUAGE=JavaScript><!--\n document.write(\"";
         echo "         <input type=button value=\\\""._("Addresses")."\\\" onclick='javascript:open_abook();'>\");";
         echo "         // --></SCRIPT><NOSCRIPT>\n";
         echo "         <input type=submit name=\"html_addr_search\" value=\""._("Addresses")."\">";
         echo "      </NOSCRIPT>\n";
      } else {  
         echo "      <input type=submit name=\"html_addr_search\" value=\""._("Addresses")."\">";
      }   
      echo "\n    <INPUT TYPE=SUBMIT NAME=send VALUE=\"". _("Send") . "\">\n";
      
      do_hook("compose_button_row");

      echo "   </TD>\n";
      echo "   </TR>\n\n";
   }

   function showSentForm () {
      echo "<BR><BR><BR><CENTER><B>Message Sent!</B><BR><BR>";
      echo "You will be automatically forwarded.<BR>If not, <A HREF=\"right_main.php\">click here</A>";
      echo "</CENTER>";
   }

   function checkInput ($show) {
      /** I implemented the $show variable because the error messages
          were getting sent before the page header.  So, I check once
          using $show=false, and then when i'm ready to display the
          error message, show=true **/
      global $body, $send_to, $subject, $color;

      if ($send_to == "") {
         if ($show)
            plain_error_message(_("You have not filled in the \"To:\" field."), $color);
         return false;
      }
      return true;
   } // function checkInput()


   if (($mailbox == "") || ($mailbox == "None"))
      $mailbox = "INBOX";

   if(isset($send)) {
      if (checkInput(false)) {
         $urlMailbox = urlencode ($mailbox);
         sendMessage($send_to, $send_to_cc, $send_to_bcc, $subject, $body, $reply_id);
         header ("Location: right_main.php?mailbox=$urlMailbox&sort=$sort&startMessage=1");
      } else {
         //$imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
         displayPageHeader($color, $mailbox);
         checkInput(true);
         
         showInputForm();
         //sqimap_logout($imapConnection);
      }
   } else if ($html_addr_search_done) {
      is_logged_in();
      displayPageHeader($color, $mailbox);

      $send_to = sqStripSlashes($send_to);
      $send_to_cc = sqStripSlashes($send_to_cc);
      $send_to_bcc = sqStripSlashes($send_to_bcc);
      
      for ($i=0; $i < count($send_to_search); $i++) {
         if ($send_to)
            $send_to .= ", ";
         $send_to .= $send_to_search[$i];   
      }
      
      for ($i=0; $i < count($send_to_cc_search); $i++) {
         if ($send_to_cc)
            $send_to_cc .= ", ";
         $send_to_cc .= $send_to_cc_search[$i];   
      }
      
      showInputForm();
   } else if ($html_addr_search) {
      // I am using an include so as to elminiate an extra unnecessary click.  If you
      // can think of a better way, please implement it.
      include ("addrbook_search_html.php");
   } else if (isset($attach)) {
      is_logged_in();
      displayPageHeader($color, $mailbox);

      $localfilename = md5($HTTP_POST_FILES['attachfile']['tmp_name'].", ".$HTTP_POST_FILES['attachfile']['name'].", $REMOTE_IP, $REMOTE_PORT, $UNIQUE_ID, and everything else that may add entropy");
//      $localfilename = $localfilename; // ??
      
      // Put the file in a better place
      // This shouldn't be here... Ondrej Sury <ondrej@sury.cz>
      //$tmp=explode('/',$attachfile);
      //$attachfile=$tmp[count($tmp)-1];
      //$attachfile=ereg_replace('\.{2,}','',$attachfile);

      //error_reporting(0); // Rename will produce error output if it fails
      //if (!rename($attachfile, $attachment_dir.$localfilename)) {
      //   if (!copy($attachfile, $attachment_dir.$localfilename)) {
      if (!@rename($HTTP_POST_FILES['attachfile']['tmp_name'], $attachment_dir.$localfilename)) {
         if (!@copy($HTTP_POST_FILES['attachfile']['tmp_name'], $attachment_dir.$localfilename)) {
            plain_error_message(_("Could not move/copy file. File not attached"), $color);
            $failed = true;
         }
      }
      // If it still exists, PHP will remove the original file

      if (!$failed) {
         // Write information about the file
         $fp = fopen ($attachment_dir.$localfilename.".info", "w");
         fputs ($fp, $HTTP_POST_FILES['attachfile']['type']."\n".$HTTP_POST_FILES['attachfile']['name']."\n");
         fclose ($fp);

         $attachments[$localfilename] = $HTTP_POST_FILES['attachfile']['name'];
      }
      
      showInputForm();
   } else if (isset($do_delete)) {
      is_logged_in();
      displayPageHeader($color, $mailbox);

      while (list($lkey, $localname) = each($delete)) {
         array_splice ($attachments, $lkey, 1);
         unlink ($attachment_dir.$localname);
         unlink ($attachment_dir.$localname.".info");
      }

      showInputForm();
   } else {
      $imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
      displayPageHeader($color, $mailbox);

      $newmail = true;
      newMail();
      showInputForm();
      sqimap_logout($imapConnection);
   }
?>
Commit	Line	Data
59177427	1	<?php
ef870322	2	/**
	3	** compose.php
	4	**
	5	** Copyright (c) 1999-2000 The SquirrelMail development team
	6	** Licensed under the GNU GPL. For full terms see the file COPYING.
	7	**
	8	** This code sends a mail.
df15de21	9	**
	10	** There are 3 modes of operation:
	11	** - Start new mail
	12	** - Add an attachment
	13	** - Send mail
	14	**/
	15
2a32fc83	16	session_start();
2a32fc83	17
d068c0ec	18	if (!isset($config_php))
	19	include("../config/config.php");
	20	if (!isset($strings_php))
	21	include("../functions/strings.php");
	22	if (!isset($page_header_php))
	23	include("../functions/page_header.php");
	24	if (!isset($imap_php))
	25	include("../functions/imap.php");
	26	if (!isset($date_php))
	27	include("../functions/date.php");
	28	if (!isset($mime_php))
	29	include("../functions/mime.php");
	30	if (!isset($smtp_php))
	31	include("../functions/smtp.php");
	32	if (!isset($display_messages_php))
	33	include("../functions/display_messages.php");
3c13b9fb	34	if (!isset($auth_php))
3c13b9fb	35	include ("../functions/auth.php");
15bfc1bc	36	if (!isset($plugin_php))
15bfc1bc	37	include ("../functions/plugin.php");
f7fb20fe	38
d3cdb279	39	include("../src/load_prefs.php");
8467bf00	40
4ba45d11	41	// This function is used when not sending or adding attachments
df15de21	42	function newMail () {
df15de21	43	global $forward_id, $imapConnection, $msg, $ent_num, $body_ary, $body,
a794e82c	44	$reply_id, $send_to, $send_to_cc, $mailbox, $send_to_bcc, $editor_size;
e39d73e5	45
7aaa81fc	46	$send_to = sqStripSlashes(decodeHeader($send_to));
7aaa81fc	47	$send_to_cc = sqStripSlashes(decodeHeader($send_to_cc));
6e79bfe2	48	$send_to_bcc = sqStripSlashes(decodeHeader($send_to_bcc));
a53e5469	49
429f8906	50	if ($forward_id)
	51	$id = $forward_id;
	52	else if ($reply_id)
	53	$id = $reply_id;
	54
1195c340	55
429f8906	56	if ($id) {
813eba2f	57	sqimap_mailbox_select($imapConnection, $mailbox);
429f8906	58	$message = sqimap_get_message($imapConnection, $id, $mailbox);
8d8ab69a	59	$orig_header = $message->header;
1195c340	60	if ($ent_num)
1195c340	61	$message = getEntity($message, $ent_num);
429f8906	62
429f8906	63	if ($message->header->type0 == "text" \|\| $message->header->type1 == "message") {
1195c340	64	if ($ent_num)
	65	$body = decodeBody(mime_fetch_body($imapConnection, $id, $ent_num), $message->header->encoding);
	66	else
	67	$body = decodeBody(mime_fetch_body($imapConnection, $id, 1), $message->header->encoding);
429f8906	68	} else {
429f8906	69	$body = "";
df15de21	70	}
df15de21	71
429f8906	72	if ($message->header->type1 == "html")
429f8906	73	$body = strip_tags($body);
01aab860	74
01aab860	75	sqUnWordWrap($body);
a794e82c	76	$body_ary = explode("\n", $body);
441f2d33	77	while (ereg("^[>\s]*$", $body_ary[count($body_ary) - 1])) {
	78	unset($body_ary[count($body_ary) - 1]);
	79	}
a794e82c	80	$body = "";
a794e82c	81	for ($i=0; $i < count($body_ary); $i++) {
01aab860	82	if (! $forward_id)
01aab860	83	{
441f2d33	84	if (ereg('^[\s>]+', $body_ary[$i]))
01aab860	85	{
	86	$body_ary[$i] = '>' . $body_ary[$i];
	87	}
	88	else
	89	{
	90	$body_ary[$i] = '> ' . $body_ary[$i];
	91	}
	92	}
a794e82c	93	sqWordWrap($body_ary[$i], $editor_size - 1);
01aab860	94	$body .= $body_ary[$i] . "\n";
01aab860	95	$body_ary[$i] = '';
a794e82c	96	}
01aab860	97	if ($forward_id)
	98	{
	99	$bodyTop = "-------- " . _("Original Message") . " --------\n";
	100	$bodyTop .= _("Subject") . ": " . $orig_header->subject . "\n";
	101	$bodyTop .= _("From") . ": " . $orig_header->from . "\n";
	102	$bodyTop .= _("To") . ": " . $orig_header->to[0] . "\n";
	103	if (count($orig_header->to) > 1) {
	104	for ($x=1; $x < count($orig_header->to); $x++) {
	105	$bodyTop .= " " . $orig_header->to[$x] . "\n";
	106	}
	107	}
	108	$bodyTop .= "\n";
	109	$body = $bodyTop . $body;
78509c54	110	}
441f2d33	111
441f2d33	112	$body = ereg_replace('\\\\', '\\\\', $body);
a794e82c	113
a2790a61	114	sqimap_mailbox_close($imapConnection);
01aab860	115	return;
78509c54	116	}
429f8906	117
29d08a52	118	if (!$send_to) {
	119	$send_to = sqimap_find_email($send_to);
	120	}
	121
df15de21	122	/ This formats a CC string if they hit "reply all" /
df15de21	123	if ($send_to_cc != "") {
a48fbf9b	124	$send_to_cc = ereg_replace( '"[^"]*"', "", $send_to_cc);
df15de21	125	$send_to_cc = ereg_replace(";", ",", $send_to_cc);
	126	$sendcc = explode(",", $send_to_cc);
	127	$send_to_cc = "";
	128
	129	for ($i = 0; $i < count($sendcc); $i++) {
	130	$sendcc[$i] = trim($sendcc[$i]);
	131	if ($sendcc[$i] == "")
	132	continue;
	133
a53e5469	134	$sendcc[$i] = sqimap_find_email($sendcc[$i]);
813eba2f	135	$whofrom = sqimap_find_displayable_name($msg["HEADER"]["FROM"]);
813eba2f	136	$whoreplyto = sqimap_find_email($msg["HEADER"]["REPLYTO"]);
df15de21	137
	138	if ((strtolower(trim($sendcc[$i])) != strtolower(trim($whofrom))) &&
	139	(strtolower(trim($sendcc[$i])) != strtolower(trim($whoreplyto))) &&
	140	(trim($sendcc[$i]) != "")) {
	141	$send_to_cc .= trim($sendcc[$i]) . ", ";
	142	}
	143	}
	144	$send_to_cc = trim($send_to_cc);
	145	if (substr($send_to_cc, -1) == ",") {
	146	$send_to_cc = substr($send_to_cc, 0, strlen($send_to_cc) - 1);
	147	}
	148	}
	149	} // function newMail()
78509c54	150
df15de21	151	function showInputForm () {
df15de21	152	global $send_to, $send_to_cc, $reply_subj, $forward_subj, $body,
4ba45d11	153	$passed_body, $color, $use_signature, $signature, $editor_size,
3806fa52	154	$attachments, $subject, $newmail, $use_javascript_addr_book,
441f2d33	155	$send_to_bcc, $reply_id, $mailbox, $from_htmladdr_search,
441f2d33	156	$location_of_buttons;
78509c54	157
5f104808	158	$subject = sqStripSlashes(decodeHeader($subject));
2e434774	159	$reply_subj = decodeHeader($reply_subj);
2e434774	160	$forward_subj = decodeHeader($forward_subj);
162efb6f	161	$body = sqStripSlashes($body);
01aab860	162
3806fa52	163	if ($use_javascript_addr_book) {
	164	echo "\n<SCRIPT LANGUAGE=JavaScript><!--\n";
	165	echo "function open_abook() { \n";
	166	echo " var nwin = window.open(\"addrbook_popup.php\",\"abookpopup\",";
	167	echo "\"width=670,height=300,resizable=yes,scrollbars=yes\");\n";
	168	echo " if((!nwin.opener) && (document.windows != null))\n";
	169	echo " nwin.opener = document.windows;\n";
	170	echo "}\n";
	171	echo "// --></SCRIPT>\n\n";
	172	}
5100704d	173
cacf2747	174	echo "\n<FORM name=compose action=\"compose.php\" METHOD=POST ENCTYPE=\"multipart/form-data\">\n";
cacf2747	175	//echo "\n<FORM name=compose action=\"compose.php\" METHOD=POST>\n";
966286ae	176	if ($reply_id) {
966286ae	177	echo "<input type=hidden name=reply_id value=$reply_id>\n";
6e79bfe2	178	}
cf8758c7	179	printf("<INPUT TYPE=hidden NAME=mailbox VALUE=\"%s\">\n", htmlspecialchars($mailbox));
c5d828b3	180	echo "<TABLE WIDTH=\"100%\" ALIGN=center CELLSPACING=0 BORDER=0>\n";
441f2d33	181
	182	if ($location_of_buttons == 'top') showComposeButtonRow();
	183
df15de21	184	echo " <TR>\n";
c5d828b3	185	echo " <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
df15de21	186	echo _("To:");
c5d828b3	187	echo " </TD><TD BGCOLOR=\"$color[4]\">\n";
cf8758c7	188	printf(" <INPUT TYPE=text NAME=\"send_to\" VALUE=\"%s\" SIZE=60><BR>\n",
6e79bfe2	189	htmlspecialchars($send_to));
df15de21	190	echo " </TD>\n";
	191	echo " </TR>\n";
	192	echo " <TR>\n";
c5d828b3	193	echo " <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
aae41ae9	194	echo _("CC:");
c5d828b3	195	echo " </TD><TD BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
cf8758c7	196	printf(" <INPUT TYPE=text NAME=\"send_to_cc\" SIZE=60 VALUE=\"%s\"><BR>\n",
6e79bfe2	197	htmlspecialchars($send_to_cc));
df15de21	198	echo " </TD>\n";
	199	echo " </TR>\n";
	200	echo " <TR>\n";
c5d828b3	201	echo " <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
aae41ae9	202	echo _("BCC:");
761d149e	203	echo " </TD><TD BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
cf8758c7	204	printf(" <INPUT TYPE=text NAME=\"send_to_bcc\" VALUE=\"%s\" SIZE=60><BR>\n",
6e79bfe2	205	htmlspecialchars($send_to_bcc));
3806fa52	206	echo "</TD></TR>\n";
5100704d	207
df15de21	208	echo " <TR>\n";
c5d828b3	209	echo " <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
df15de21	210	echo _("Subject:");
761d149e	211	echo " </TD><TD BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
df15de21	212	if ($reply_subj) {
df15de21	213	$reply_subj = str_replace("\"", "'", $reply_subj);
7aaa81fc	214	$reply_subj = sqStripSlashes($reply_subj);
df15de21	215	$reply_subj = trim($reply_subj);
	216	if (substr(strtolower($reply_subj), 0, 3) != "re:")
	217	$reply_subj = "Re: $reply_subj";
cf8758c7	218	printf(" <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
6e79bfe2	219	htmlspecialchars($reply_subj));
df15de21	220	} else if ($forward_subj) {
df15de21	221	$forward_subj = str_replace("\"", "'", $forward_subj);
7aaa81fc	222	$forward_subj = sqStripSlashes($forward_subj);
df15de21	223	$forward_subj = trim($forward_subj);
	224	if ((substr(strtolower($forward_subj), 0, 4) != "fwd:") &&
	225	(substr(strtolower($forward_subj), 0, 5) != "[fwd:") &&
	226	(substr(strtolower($forward_subj), 0, 6) != "[ fwd:"))
	227	$forward_subj = "[Fwd: $forward_subj]";
cf8758c7	228	printf(" <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
6e79bfe2	229	htmlspecialchars($forward_subj));
df15de21	230	} else {
6e79bfe2	231	printf(" <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
6e79bfe2	232	htmlspecialchars($subject));
31f3d7c0	233	}
480feea7	234	echo "</td></tr>\n\n";
480feea7	235
441f2d33	236	if ($location_of_buttons == 'between') showComposeButtonRow();
4ba45d11	237
e5b23ff2	238	echo " <TR>\n";
c5d828b3	239	echo " <TD BGCOLOR=\"$color[4]\" COLSPAN=2>\n";
cf8758c7	240	echo "   <TEXTAREA NAME=body ROWS=20 COLS=\"$editor_size\" WRAP=HARD>";
441f2d33	241	echo htmlspecialchars($body);
6e79bfe2	242	if ($use_signature == true && $newmail == true && !isset($from_htmladdr_search)) {
441f2d33	243	echo "\n\n-- \n" . htmlspecialchars($signature);
cf8758c7	244	}
cf8758c7	245	echo "</TEXTAREA><BR>\n";
e5b23ff2	246	echo " </TD>\n";
e5b23ff2	247	echo " </TR>\n";
441f2d33	248
	249	if ($location_of_buttons == 'bottom')
	250	showComposeButtonRow();
	251	else {
	252	echo " <TR><TD> </TD><TD ALIGN=LEFT><INPUT TYPE=SUBMIT NAME=send VALUE=\""._("Send")."\"></TD></TR>\n";
	253	}
e5b23ff2	254
4ba45d11	255	// This code is for attachments
4ba45d11	256	echo " <tr>\n";
c5d828b3	257	echo " <TD BGCOLOR=\"$color[0]\" VALIGN=TOP ALIGN=RIGHT>\n";
aae41ae9	258	echo " <SMALL><BR></SMALL>"._("Attach:");
c5d828b3	259	echo " </td><td ALIGN=left BGCOLOR=\"$color[0]\">\n";
4ba45d11	260	// echo " <INPUT TYPE=\"hidden\" name=\"MAX_FILE_SIZE\"\n";
4ba45d11	261	// echo " value=\"10000\">\n";
944eb785	262	echo " <INPUT NAME=\"attachfile\" SIZE=48 TYPE=\"file\">\n";
95de6c91	263	echo "   <input type=\"submit\" name=\"attach\"";
95de6c91	264	echo " value=\"" . _("Add") ."\">\n";
469eb37b	265	echo " </td>\n";
469eb37b	266	echo " </tr>\n";
4ba45d11	267	if (isset($attachments) && count($attachments)>0) {
162efb6f	268	echo "<tr><td bgcolor=\"$color[0]\" align=right>\n";
e5b23ff2	269	echo " ";
c5d828b3	270	echo "</td><td align=left bgcolor=\"$color[0]\">";
4ba45d11	271	while (list($localname, $remotename) = each($attachments)) {
	272	echo "<input type=\"checkbox\" name=\"delete[]\" value=\"$localname\">\n";
	273	echo "$remotename <input type=\"hidden\" name=\"attachments[$localname]\" value=\"$remotename\"><br>\n";
	274	}
	275
	276	echo "<input type=\"submit\" name=\"do_delete\" value=\""._("Delete selected attachments")."\">\n";
469eb37b	277	echo "</td></tr>";
4ba45d11	278	}
4ba45d11	279	// End of attachment code
4ba45d11	280
ffc2ccbc	281	echo "</TABLE>\n";
df15de21	282	echo "</FORM>";
d7d3c4d4	283	do_hook("compose_bottom");
31f3d7c0	284	}
441f2d33	285
	286	function showComposeButtonRow() {
	287	echo " <TR><td>\n </td><td>\n";
	288	if ($use_javascript_addr_book) {
	289	echo " <SCRIPT LANGUAGE=JavaScript><!--\n document.write(\"";
	290	echo " <input type=button value=\\\""._("Addresses")."\\\" onclick='javascript:open_abook();'>\");";
	291	echo " // --></SCRIPT><NOSCRIPT>\n";
	292	echo " <input type=submit name=\"html_addr_search\" value=\""._("Addresses")."\">";
	293	echo " </NOSCRIPT>\n";
	294	} else {
	295	echo " <input type=submit name=\"html_addr_search\" value=\""._("Addresses")."\">";
	296	}
	297	echo "\n <INPUT TYPE=SUBMIT NAME=send VALUE=\"". _("Send") . "\">\n";
	298
	299	do_hook("compose_button_row");
	300
	301	echo " </TD>\n";
	302	echo " </TR>\n\n";
	303	}
8467bf00	304
df15de21	305	function showSentForm () {
df15de21	306	echo "<BR><BR><BR><CENTER><B>Message Sent!</B><BR><BR>";
9f2215a1	307	echo "You will be automatically forwarded.<BR>If not, <A HREF=\"right_main.php\">click here</A>";
aae41ae9	308	echo "</CENTER>";
df15de21	309	}
b278172f	310
0ad7dbda	311	function checkInput ($show) {
	312	/** I implemented the $show variable because the error messages
	313	were getting sent before the page header. So, I check once
	314	using $show=false, and then when i'm ready to display the
	315	error message, show=true **/
	316	global $body, $send_to, $subject, $color;
b278172f	317
99fa2b21	318	if ($send_to == "") {
0ad7dbda	319	if ($show)
0ad7dbda	320	plain_error_message(_("You have not filled in the \"To:\" field."), $color);
df15de21	321	return false;
b278172f	322	}
df15de21	323	return true;
	324	} // function checkInput()
	325
3806fa52	326
ecf51658	327	if (($mailbox == "") \|\| ($mailbox == "None"))
dcb7f454	328	$mailbox = "INBOX";
3806fa52	329
4ba45d11	330	if(isset($send)) {
0ad7dbda	331	if (checkInput(false)) {
966286ae	332	$urlMailbox = urlencode ($mailbox);
	333	sendMessage($send_to, $send_to_cc, $send_to_bcc, $subject, $body, $reply_id);
	334	header ("Location: right_main.php?mailbox=$urlMailbox&sort=$sort&startMessage=1");
df15de21	335	} else {
01aab860	336	//$imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
dcb7f454	337	displayPageHeader($color, $mailbox);
0ad7dbda	338	checkInput(true);
0ad7dbda	339
df15de21	340	showInputForm();
01aab860	341	//sqimap_logout($imapConnection);
7c6cb7ca	342	}
3806fa52	343	} else if ($html_addr_search_done) {
3c13b9fb	344	is_logged_in();
dcb7f454	345	displayPageHeader($color, $mailbox);
3806fa52	346
7aaa81fc	347	$send_to = sqStripSlashes($send_to);
	348	$send_to_cc = sqStripSlashes($send_to_cc);
	349	$send_to_bcc = sqStripSlashes($send_to_bcc);
3806fa52	350
6c7fd6ca	351	for ($i=0; $i < count($send_to_search); $i++) {
	352	if ($send_to)
	353	$send_to .= ", ";
	354	$send_to .= $send_to_search[$i];
	355	}
	356
	357	for ($i=0; $i < count($send_to_cc_search); $i++) {
	358	if ($send_to_cc)
	359	$send_to_cc .= ", ";
	360	$send_to_cc .= $send_to_cc_search[$i];
	361	}
	362
3806fa52	363	showInputForm();
6c7fd6ca	364	} else if ($html_addr_search) {
591d2a88	365	// I am using an include so as to elminiate an extra unnecessary click. If you
591d2a88	366	// can think of a better way, please implement it.
6c7fd6ca	367	include ("addrbook_search_html.php");
4ba45d11	368	} else if (isset($attach)) {
3c13b9fb	369	is_logged_in();
dcb7f454	370	displayPageHeader($color, $mailbox);
fc3348ac	371
6519e12b	372	$localfilename = md5($HTTP_POST_FILES['attachfile']['tmp_name'].", ".$HTTP_POST_FILES['attachfile']['name'].", $REMOTE_IP, $REMOTE_PORT, $UNIQUE_ID, and everything else that may add entropy");
6519e12b	373	// $localfilename = $localfilename; // ??
4ba45d11	374
4ba45d11	375	// Put the file in a better place
162efb6f	376	// This shouldn't be here... Ondrej Sury <ondrej@sury.cz>
	377	//$tmp=explode('/',$attachfile);
	378	//$attachfile=$tmp[count($tmp)-1];
	379	//$attachfile=ereg_replace('\.{2,}','',$attachfile);
cacf2747	380
162efb6f	381	//error_reporting(0); // Rename will produce error output if it fails
	382	//if (!rename($attachfile, $attachment_dir.$localfilename)) {
	383	// if (!copy($attachfile, $attachment_dir.$localfilename)) {
6519e12b	384	if (!@rename($HTTP_POST_FILES['attachfile']['tmp_name'], $attachment_dir.$localfilename)) {
6519e12b	385	if (!@copy($HTTP_POST_FILES['attachfile']['tmp_name'], $attachment_dir.$localfilename)) {
22ef7536	386	plain_error_message(_("Could not move/copy file. File not attached"), $color);
c3c37167	387	$failed = true;
4ba45d11	388	}
	389	}
	390	// If it still exists, PHP will remove the original file
	391
c3c37167	392	if (!$failed) {
	393	// Write information about the file
	394	$fp = fopen ($attachment_dir.$localfilename.".info", "w");
6519e12b	395	fputs ($fp, $HTTP_POST_FILES['attachfile']['type']."\n".$HTTP_POST_FILES['attachfile']['name']."\n");
c3c37167	396	fclose ($fp);
4ba45d11	397
6519e12b	398	$attachments[$localfilename] = $HTTP_POST_FILES['attachfile']['name'];
c3c37167	399	}
4ba45d11	400
	401	showInputForm();
	402	} else if (isset($do_delete)) {
3c13b9fb	403	is_logged_in();
dcb7f454	404	displayPageHeader($color, $mailbox);
fc3348ac	405
fb16d219	406	while (list($lkey, $localname) = each($delete)) {
fb16d219	407	array_splice ($attachments, $lkey, 1);
c3c37167	408	unlink ($attachment_dir.$localname);
c3c37167	409	unlink ($attachment_dir.$localname.".info");
4ba45d11	410	}
4bfed9f3	411
4ba45d11	412	showInputForm();
4ba45d11	413	} else {
a60b9989	414	$imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
dcb7f454	415	displayPageHeader($color, $mailbox);
fc3348ac	416
b57c4e63	417	$newmail = true;
1220e677	418	newMail();
4ba45d11	419	showInputForm();
1195c340	420	sqimap_logout($imapConnection);
4ba45d11	421	}
da79853a	422	?>