| 1 | <?php |
| 2 | |
| 3 | /** |
| 4 | * page_header.php |
| 5 | * |
| 6 | * Prints the page header (duh) |
| 7 | * |
| 8 | * @copyright 1999-2010 The SquirrelMail Project Team |
| 9 | * @license http://opensource.org/licenses/gpl-license.php GNU Public License |
| 10 | * @version $Id$ |
| 11 | * @package squirrelmail |
| 12 | */ |
| 13 | |
| 14 | /** Include required files from SM */ |
| 15 | include_once(SM_PATH . 'functions/imap_mailbox.php'); |
| 16 | |
| 17 | /** |
| 18 | * Output a SquirrelMail page header, from <!doctype> to </head> |
| 19 | * Always set up the language before calling these functions. |
| 20 | * |
| 21 | * Since 1.5.1 function sends http headers. Function should be called |
| 22 | * before any output is started. |
| 23 | * @param string title the page title, default SquirrelMail. |
| 24 | * @param string xtra extra HTML to insert into the header |
| 25 | * @param bool do_hook whether to execute hooks, default true |
| 26 | * @param bool frames generate html frameset doctype (since 1.5.1) |
| 27 | * @param bool $browser_cache_ok When TRUE, it's OK to leave out the |
| 28 | * no-cache browser headers (OPTIONAL; |
| 29 | * default = FALSE, send no-cache headers) |
| 30 | * @return void |
| 31 | */ |
| 32 | function displayHtmlHeader( $title = 'SquirrelMail', $xtra = '', $do_hook = TRUE, $frames = FALSE, $browser_cache_ok=FALSE ) { |
| 33 | global $squirrelmail_language, $sTemplateID, $oErrorHandler, $oTemplate; |
| 34 | |
| 35 | if ( !sqgetGlobalVar('base_uri', $base_uri, SQ_SESSION) ) { |
| 36 | global $base_uri; |
| 37 | } |
| 38 | global $custom_css, $pageheader_sent, $theme, $theme_default, $text_direction, |
| 39 | $default_fontset, $chosen_fontset, $default_fontsize, $chosen_fontsize, |
| 40 | $chosen_theme, $chosen_theme_path, $user_themes, $user_theme_default; |
| 41 | |
| 42 | // add no cache headers here |
| 43 | // |
| 44 | if (!$browser_cache_ok) { |
| 45 | //FIXME: should change all header() calls in SM core to use $oTemplate->header()!! |
| 46 | $oTemplate->header('Pragma: no-cache'); // http 1.0 (rfc1945) |
| 47 | $oTemplate->header('Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0'); // http 1.1 (rfc2616) |
| 48 | $oTemplate->header('Expires: Sat, 1 Jan 2000 00:00:00 GMT'); |
| 49 | //TODO: is this needed? $oTemplate->header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . 'GMT'); |
| 50 | } |
| 51 | /* prevent information leakage about read emails by forbidding Firefox |
| 52 | * to do preemptive DNS requests for any links in the message body. */ |
| 53 | $oTemplate->header('X-DNS-Prefetch-Control: off'); |
| 54 | |
| 55 | // don't show version as a security measure |
| 56 | //$oTemplate->header('X-Powered-By: SquirrelMail/' . SM_VERSION, FALSE); |
| 57 | $oTemplate->header('X-Powered-By: SquirrelMail', FALSE); |
| 58 | |
| 59 | $oTemplate->assign('frames', $frames); |
| 60 | $oTemplate->assign('lang', $squirrelmail_language); |
| 61 | |
| 62 | $header_tags = ''; |
| 63 | |
| 64 | $header_tags .= "<meta name=\"robots\" content=\"noindex,nofollow\" />\n"; |
| 65 | |
| 66 | $used_fontset = (!empty($chosen_fontset) ? $chosen_fontset : $default_fontset); |
| 67 | $used_fontsize = (!empty($chosen_fontsize) ? $chosen_fontsize : $default_fontsize); |
| 68 | $used_theme = !isset($chosen_theme) && $user_theme_default != 'none' && is_dir($chosen_theme) && is_readable($chosen_theme)? $user_themes[$user_theme_default]['PATH'].'/default.css' : $chosen_theme_path; |
| 69 | |
| 70 | /** |
| 71 | * Stylesheets are loaded in the following order: |
| 72 | * 1) All stylesheets provided by the template. Normally, these are |
| 73 | * stylsheets in templates/<template>/css/. This is accomplished by calling |
| 74 | * $oTemplate->fetch_standard_stylesheet_links(). |
| 75 | * 2) An optional user-defined stylesheet. This is set in the Display |
| 76 | * Preferences. |
| 77 | * 3) src/style.php which sets some basic font prefs. |
| 78 | * 4) If we are dealing with an RTL language, we load rtl.css from the |
| 79 | * template set. |
| 80 | */ |
| 81 | |
| 82 | // 1. Stylesheets from the template. |
| 83 | $header_tags .= $oTemplate->fetch_standard_stylesheet_links(); |
| 84 | |
| 85 | $aUserStyles = array(); |
| 86 | |
| 87 | // 2. Option user-defined stylesheet from preferences. |
| 88 | if (!empty($used_theme) && $used_theme != 'none') { |
| 89 | /** |
| 90 | * All styles (except "none" - ugh) just point to a directory, |
| 91 | * so we need to include all .css files in that directory. |
| 92 | */ |
| 93 | //FIXME: rid ourselves of "none" strings! I didn't do it here because I think the problem is that the theme itself should never be "none" (? well, what else would it be? if "none" theme is actually OK, then is there a constant to use below in stead of a hard-coded string?) |
| 94 | $styles = $used_theme == 'none' ? array() |
| 95 | : list_files($used_theme, '.css'); |
| 96 | foreach ($styles as $sheet) { |
| 97 | $aUserStyles[] = $used_theme .'/'.$sheet; |
| 98 | } |
| 99 | } |
| 100 | |
| 101 | // 3. src/style.php |
| 102 | $aUserStyles[] = $base_uri .'src/style.php?' |
| 103 | . (!empty($used_fontset) ? '&fontset='.$used_fontset : '') |
| 104 | . (!empty($used_fontsize) ? '&fontsize='.$used_fontsize : ''); |
| 105 | |
| 106 | // 3.1. Load the stylesheets we have already |
| 107 | $header_tags .= $oTemplate->fetch_external_stylesheet_links($aUserStyles); |
| 108 | |
| 109 | // 4. Optional rtl.css stylesheet |
| 110 | if ($text_direction == 'rtl') { |
| 111 | $header_tags .= $oTemplate->fetch_right_to_left_stylesheet_link(); |
| 112 | } |
| 113 | |
| 114 | // 5. Printer friendly stylesheet |
| 115 | $header_tags .= create_css_link($base_uri . 'css/print.css', 'printerfriendly', false, 'print'); |
| 116 | |
| 117 | if ($squirrelmail_language == 'ja_JP') { |
| 118 | /* |
| 119 | * force correct detection of charset, when browser does not follow |
| 120 | * http content-type and tries to detect charset from page content. |
| 121 | * Shooting of browser's creator can't be implemented in php. |
| 122 | * We might get rid of it, if we follow http://www.w3.org/TR/japanese-xml/ |
| 123 | * recommendations and switch to unicode. |
| 124 | */ |
| 125 | $header_tags .= "<!-- \xfd\xfe -->\n"; |
| 126 | $header_tags .= '<meta http-equiv="Content-type" content="' . $oTemplate->get_content_type() . '; charset=euc-jp" />' . "\n"; |
| 127 | } |
| 128 | if ($do_hook) { |
| 129 | // NOTE! plugins here MUST assign output to template |
| 130 | // and NOT echo anything directly!! A common |
| 131 | // approach is if a plugin decides it needs to |
| 132 | // put something at page-top after the standard |
| 133 | // SM page header, to dynamically add itself to |
| 134 | // the page_header_bottom and/or compose_header_bottom |
| 135 | // hooks for the current page request. See |
| 136 | // the Sent Confirmation v1.7 or Restrict Senders v1.2 |
| 137 | // plugins for examples of this approach. |
| 138 | ob_start(); |
| 139 | $temp = array(&$header_tags); |
| 140 | do_hook('generic_header', $temp); |
| 141 | $output = ob_get_contents(); |
| 142 | ob_end_clean(); |
| 143 | // plugin authors can debug their errors with one of the following: |
| 144 | //sm_print_r($output); |
| 145 | //echo $output; |
| 146 | if (!empty($output)) trigger_error('A plugin on the "generic_header" hook has attempted to output directly to the browser', E_USER_ERROR); |
| 147 | } |
| 148 | |
| 149 | $header_tags .= $xtra; |
| 150 | $oTemplate->assign('page_title', $title); |
| 151 | |
| 152 | /* work around IE6's scrollbar bug */ |
| 153 | $header_tags .= <<<EOS |
| 154 | <!--[if IE 6]> |
| 155 | <style type="text/css"> |
| 156 | /* avoid stupid IE6 bug with frames and scrollbars */ |
| 157 | body { |
| 158 | width: expression(document.documentElement.clientWidth - 30); |
| 159 | } |
| 160 | </style> |
| 161 | <![endif]--> |
| 162 | |
| 163 | EOS; |
| 164 | |
| 165 | $oTemplate->assign('header_tags', $header_tags); |
| 166 | $oTemplate->display('protocol_header.tpl'); |
| 167 | |
| 168 | /* this is used to check elsewhere whether we should call this function */ |
| 169 | $pageheader_sent = TRUE; |
| 170 | if (isset($oErrorHandler)) { |
| 171 | $oErrorHandler->HeaderSent(); |
| 172 | } |
| 173 | |
| 174 | } |
| 175 | |
| 176 | /** |
| 177 | * Given a path to a SquirrelMail file, return a HTML link to it |
| 178 | * |
| 179 | * @param string $path The SquirrelMail file to link to |
| 180 | * (should start with something like "src/..." or |
| 181 | * "functions/..." or "plugins/..." etc.) |
| 182 | * @param string $text The link text |
| 183 | * @param string $target The target frame for this link |
| 184 | * @param string $accesskey The access key to be used, if any |
| 185 | */ |
| 186 | function makeInternalLink($path, $text, $target='', $accesskey='NONE') { |
| 187 | global $base_uri, $oTemplate; |
| 188 | // sqgetGlobalVar('base_uri', $base_uri, SQ_SESSION); |
| 189 | |
| 190 | // This is an inefficient hook and is only used by |
| 191 | // one plugin that still needs to patch this code, |
| 192 | // plus if we are templat-izing SM, visual hooks |
| 193 | // are not needed. However, I am leaving the code |
| 194 | // here just in case we find a good (non-visual?) |
| 195 | // use for the internal_link hook. |
| 196 | // |
| 197 | //do_hook('internal_link', $text); |
| 198 | |
| 199 | return create_hyperlink($base_uri . $path, $text, $target, |
| 200 | '', '', '', '', |
| 201 | ($accesskey == 'NONE' |
| 202 | ? array() |
| 203 | : array('accesskey' => $accesskey))); |
| 204 | } |
| 205 | |
| 206 | /** |
| 207 | * Outputs a complete SquirrelMail page header, starting with <!doctype> and |
| 208 | * including the default menu bar. Uses displayHtmlHeader and takes |
| 209 | * JavaScript and locale settings into account. |
| 210 | * |
| 211 | * @param array color the array of theme colors |
| 212 | * @param string mailbox the current mailbox name to display |
| 213 | * @param string sHeaderJs javascipt code to be inserted in a script block in the header |
| 214 | * @param string sOnload JavaScript code to be added inside the body's onload handler |
| 215 | * as of 1.5.2, this replaces $sBodyTagJs argument |
| 216 | * @return void |
| 217 | */ |
| 218 | function displayPageHeader($color, $mailbox='', $sHeaderJs='', $sOnload = '') { |
| 219 | |
| 220 | global $reply_focus, $hide_sm_attributions, $frame_top, |
| 221 | $provider_name, $provider_uri, $startMessage, |
| 222 | $action, $oTemplate, $org_title, $base_uri, |
| 223 | $data_dir, $username; |
| 224 | |
| 225 | if (empty($sOnload)) { |
| 226 | if (strpos($action, 'reply') !== FALSE && $reply_focus) { |
| 227 | if ($reply_focus == 'select') |
| 228 | $sOnload = 'checkForm(\'select\');'; |
| 229 | else if ($reply_focus == 'focus') |
| 230 | $sOnload = 'checkForm(\'focus\');'; |
| 231 | else if ($reply_focus != 'none') |
| 232 | $sOnload = 'checkForm();'; |
| 233 | } |
| 234 | else |
| 235 | $sOnload = 'checkForm();'; |
| 236 | } |
| 237 | |
| 238 | $startMessage = (int)$startMessage; |
| 239 | |
| 240 | sqgetGlobalVar('delimiter', $delimiter, SQ_SESSION ); |
| 241 | |
| 242 | if (!isset($frame_top)) { |
| 243 | $frame_top = '_top'; |
| 244 | } |
| 245 | |
| 246 | //FIXME: does checkForJavascript() make the 2nd part of the if() below unneccessary?? (that is, I think checkForJavascript() might already look for new_js_autodetect_results...(?)) |
| 247 | if( checkForJavascript() || strpos($sHeaderJs, 'new_js_autodetect_results.value') ) { |
| 248 | $js_includes = $oTemplate->get_javascript_includes(TRUE); |
| 249 | $sJsBlock = ''; |
| 250 | foreach ($js_includes as $js_file) { |
| 251 | $sJsBlock .= '<script src="'.$js_file.'" type="text/javascript"></script>' ."\n"; |
| 252 | } |
| 253 | if ($sHeaderJs) { |
| 254 | $sJsBlock .= "\n<script type=\"text/javascript\">" . |
| 255 | "\n<!--\n" . |
| 256 | $sHeaderJs . "\n\n// -->\n</script>\n"; |
| 257 | } |
| 258 | displayHtmlHeader ($org_title, $sJsBlock); |
| 259 | } else { |
| 260 | /* do not use JavaScript */ |
| 261 | displayHtmlHeader ($org_title); |
| 262 | $sOnload = ''; |
| 263 | } |
| 264 | if ($mailbox) { |
| 265 | /* |
| 266 | * this explains the imap_mailbox.php dependency. We should instead store |
| 267 | * the selected mailbox in the session and fallback to the session var. |
| 268 | */ |
| 269 | $shortBoxName = htmlspecialchars(imap_utf7_decode_local( |
| 270 | readShortMailboxName($mailbox, $delimiter))); |
| 271 | if (getPref($data_dir, $username, 'translate_special_folders')) { |
| 272 | global $sent_folder, $trash_folder, $draft_folder; |
| 273 | if ($mailbox == $sent_folder) |
| 274 | $shortBoxName = _("Sent"); |
| 275 | else if ($mailbox == $trash_folder) |
| 276 | $shortBoxName = _("Trash"); |
| 277 | else if ($mailbox == $sent_folder) |
| 278 | $shortBoxName = _("Drafts"); |
| 279 | } |
| 280 | $urlMailbox = urlencode($mailbox); |
| 281 | } else { |
| 282 | $shortBoxName = ''; |
| 283 | $urlMailbox = ''; |
| 284 | } |
| 285 | |
| 286 | $provider_link = ''; |
| 287 | if (!empty($provider_uri) && !empty($provider_name) && $provider_name != 'SquirrelMail') { |
| 288 | $provider_link = create_hyperlink($provider_uri, $provider_name, '_blank'); |
| 289 | } |
| 290 | |
| 291 | $oTemplate->assign('onload', $sOnload); |
| 292 | $oTemplate->assign('shortBoxName', $shortBoxName); |
| 293 | $oTemplate->assign('provider_link', $provider_link); |
| 294 | $oTemplate->assign('frame_top', $frame_top); |
| 295 | $oTemplate->assign('urlMailbox', $urlMailbox); |
| 296 | $oTemplate->assign('startMessage', $startMessage); |
| 297 | $oTemplate->assign('hide_sm_attributions', $hide_sm_attributions); |
| 298 | |
| 299 | // access keys |
| 300 | // |
| 301 | global $accesskey_menubar_compose, $accesskey_menubar_addresses, |
| 302 | $accesskey_menubar_folders, $accesskey_menubar_options, |
| 303 | $accesskey_menubar_search, $accesskey_menubar_help, |
| 304 | $accesskey_menubar_signout; |
| 305 | $oTemplate->assign('accesskey_menubar_compose', $accesskey_menubar_compose); |
| 306 | $oTemplate->assign('accesskey_menubar_addresses', $accesskey_menubar_addresses); |
| 307 | $oTemplate->assign('accesskey_menubar_folders', $accesskey_menubar_folders); |
| 308 | $oTemplate->assign('accesskey_menubar_options', $accesskey_menubar_options); |
| 309 | $oTemplate->assign('accesskey_menubar_search', $accesskey_menubar_search); |
| 310 | $oTemplate->assign('accesskey_menubar_help', $accesskey_menubar_help); |
| 311 | $oTemplate->assign('accesskey_menubar_signout', $accesskey_menubar_signout); |
| 312 | |
| 313 | $oTemplate->display('page_header.tpl'); |
| 314 | |
| 315 | global $null; |
| 316 | do_hook('page_header_bottom', $null); |
| 317 | } |
| 318 | |
| 319 | /** |
| 320 | * Blatantly copied/truncated/modified from displayPageHeader. |
| 321 | * Outputs a page header specifically for the compose_in_new popup window |
| 322 | * |
| 323 | * @param array color the array of theme colors |
| 324 | * @param string mailbox the current mailbox name to display |
| 325 | * @param string sHeaderJs javascipt code to be inserted in a script block in the header |
| 326 | * @param string sOnload JavaScript code to be added inside the body's onload handler |
| 327 | * as of 1.5.2, this replaces $sBodyTagJs argument |
| 328 | * @return void |
| 329 | */ |
| 330 | function compose_Header($color, $mailbox, $sHeaderJs='', $sOnload = '') { |
| 331 | |
| 332 | global $reply_focus, $action, $oTemplate; |
| 333 | |
| 334 | if (empty($sOnload)) { |
| 335 | if (strpos($action, 'reply') !== FALSE && $reply_focus) { |
| 336 | if ($reply_focus == 'select') |
| 337 | $sOnload = 'checkForm(\'select\');'; |
| 338 | else if ($reply_focus == 'focus') |
| 339 | $sOnload = 'checkForm(\'focus\');'; |
| 340 | else if ($reply_focus != 'none') |
| 341 | $sOnload = 'checkForm();'; |
| 342 | } |
| 343 | else |
| 344 | $sOnload = 'checkForm();'; |
| 345 | } |
| 346 | |
| 347 | |
| 348 | /* |
| 349 | * Locate the first displayable form element (only when JavaScript on) |
| 350 | */ |
| 351 | if(checkForJavascript()) { |
| 352 | if ($sHeaderJs) { |
| 353 | $sJsBlock = "\n<script type=\"text/javascript\">" . |
| 354 | "\n<!--\n" . |
| 355 | $sHeaderJs . "\n\n// -->\n</script>\n"; |
| 356 | } else { |
| 357 | $sJsBlock = ''; |
| 358 | } |
| 359 | $sJsBlock .= "\n"; |
| 360 | |
| 361 | $js_includes = $oTemplate->get_javascript_includes(TRUE); |
| 362 | foreach ($js_includes as $js_file) { |
| 363 | $sJsBlock .= '<script src="'.$js_file.'" type="text/javascript"></script>' ."\n"; |
| 364 | } |
| 365 | |
| 366 | displayHtmlHeader (_("Compose"), $sJsBlock); |
| 367 | } else { |
| 368 | /* javascript off */ |
| 369 | displayHtmlHeader(_("Compose")); |
| 370 | $sOnload = ''; |
| 371 | } |
| 372 | |
| 373 | // FIXME: change the colorization attributes below to a CSS class! |
| 374 | $class = ''; |
| 375 | $aAttribs = array('text' => $color[8], 'bgcolor' => $color[4], |
| 376 | 'link' => $color[7], 'vlink' => $color[7], |
| 377 | 'alink' => $color[7]); |
| 378 | |
| 379 | // this is template-safe (see create_body() function) |
| 380 | echo create_body($sOnload, $class, $aAttribs); |
| 381 | |
| 382 | global $null; |
| 383 | do_hook('compose_header_bottom', $null); |
| 384 | } |