Allow more advanced element focusing
[squirrelmail.git] / class / deliver / Deliver.class.php
1 <?php
2
3 /**
4 * Deliver.class.php
5 *
6 * This contains all the functions needed to send messages through
7 * a delivery backend.
8 *
9 * @author Marc Groot Koerkamp
10 * @copyright 1999-2018 The SquirrelMail Project Team
11 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
12 * @version $Id$
13 * @package squirrelmail
14 */
15
16 /**
17 * Deliver Class - called to actually deliver the message
18 *
19 * This class is called by compose.php and other code that needs
20 * to send messages. All delivery functionality should be centralized
21 * in this class.
22 *
23 * Do not place UI code in this class, as UI code should be placed in templates
24 * going forward.
25 *
26 * @author Marc Groot Koerkamp
27 * @package squirrelmail
28 */
29 class Deliver {
30
31 /**
32 * function mail - send the message parts to the SMTP stream
33 *
34 * @param Message $message Message object to send
35 * NOTE that this is passed by
36 * reference and will be modified
37 * upon return with updated
38 * fields such as Message ID, References,
39 * In-Reply-To and Date headers.
40 * @param resource $stream Handle to the outgoing stream
41 * (when FALSE, nothing will be
42 * written to the stream; this can
43 * be used to determine the actual
44 * number of bytes that will be
45 * written to the stream)
46 * @param string $reply_id Identifies message being replied to
47 * (OPTIONAL; caller should ONLY specify
48 * a value for this when the message
49 * being sent is a reply)
50 * @param string $reply_ent_id Identifies message being replied to
51 * in the case it was an embedded/attached
52 * message inside another (OPTIONAL; caller
53 * should ONLY specify a value for this
54 * when the message being sent is a reply)
55 * @param resource $imap_stream If there is an open IMAP stream in
56 * the caller's context, it should be
57 * passed in here. This is OPTIONAL,
58 * as one will be created if not given,
59 * but as some IMAP servers may baulk
60 * at opening more than one connection
61 * at a time, the caller should always
62 * abide if possible. Currently, this
63 * stream is only used when $reply_id
64 * is also non-zero, but that is subject
65 * to change.
66 * @param mixed $extra Any implementation-specific variables
67 * can be passed in here and used in
68 * an overloaded version of this method
69 * if needed.
70 *
71 * @return integer The number of bytes written (or that would have been
72 * written) to the output stream.
73 *
74 */
75 function mail(&$message, $stream=false, $reply_id=0, $reply_ent_id=0,
76 $imap_stream=NULL, $extra=NULL) {
77
78 $rfc822_header = &$message->rfc822_header;
79
80 if (count($message->entities)) {
81 $boundary = $this->mimeBoundary();
82 $rfc822_header->content_type->properties['boundary']='"'.$boundary.'"';
83 } else {
84 $boundary='';
85 }
86 $raw_length = 0;
87
88
89 // calculate reply header if needed
90 //
91 if ($reply_id) {
92 global $imapConnection, $username, $imapServerAddress,
93 $imapPort, $imap_stream_options, $mailbox;
94
95 // try our best to use an existing IMAP handle
96 //
97 $close_imap_stream = FALSE;
98 if (is_resource($imap_stream)) {
99 $my_imap_stream = $imap_stream;
100
101 } else if (is_resource($imapConnection)) {
102 $my_imap_stream = $imapConnection;
103
104 } else {
105 $close_imap_stream = TRUE;
106 $my_imap_stream = sqimap_login($username, FALSE, $imapServerAddress,
107 $imapPort, 0, $imap_stream_options);
108 }
109
110 sqimap_mailbox_select($my_imap_stream, $mailbox);
111 $reply_message = sqimap_get_message($my_imap_stream, $reply_id, $mailbox);
112
113 if ($close_imap_stream) {
114 sqimap_logout($my_imap_stream);
115 }
116
117 if ($reply_ent_id) {
118 /* redefine the messsage in case of message/rfc822 */
119 $reply_message = $message->getEntity($reply_ent_id);
120 /* message is an entity which contains the envelope and type0=message
121 * and type1=rfc822. The actual entities are childs from
122 * $reply_message->entities[0]. That's where the encoding and is located
123 */
124
125 $orig_header = $reply_message->rfc822_header; /* here is the envelope located */
126
127 } else {
128 $orig_header = $reply_message->rfc822_header;
129 }
130 $message->reply_rfc822_header = $orig_header;
131 }
132
133
134 $reply_rfc822_header = (isset($message->reply_rfc822_header)
135 ? $message->reply_rfc822_header : '');
136 $header = $this->prepareRFC822_Header($rfc822_header, $reply_rfc822_header, $raw_length);
137
138 $this->send_mail($message, $header, $boundary, $stream, $raw_length, $extra);
139
140 return $raw_length;
141 }
142
143 /**
144 * function send_mail - send the message parts to the IMAP stream
145 *
146 * @param Message $message Message object to send
147 * @param string $header Headers ready to send
148 * @param string $boundary Message parts boundary
149 * @param resource $stream Handle to the SMTP stream
150 * (when FALSE, nothing will be
151 * written to the stream; this can
152 * be used to determine the actual
153 * number of bytes that will be
154 * written to the stream)
155 * @param int &$raw_length The number of bytes written (or that
156 * would have been written) to the
157 * output stream - NOTE that this is
158 * passed by reference
159 * @param mixed $extra Any implementation-specific variables
160 * can be passed in here and used in
161 * an overloaded version of this method
162 * if needed.
163 *
164 * @return void
165 *
166 */
167 function send_mail($message, $header, $boundary, $stream=false,
168 &$raw_length, $extra=NULL) {
169
170
171 if ($stream) {
172 $this->preWriteToStream($header);
173 $this->writeToStream($stream, $header);
174 }
175 $this->writeBody($message, $stream, $raw_length, $boundary);
176 }
177
178 /**
179 * function writeBody - generate and write the mime boundaries around each part to the stream
180 *
181 * Recursively formats and writes the MIME boundaries of the $message
182 * to the output stream.
183 *
184 * @param Message $message Message object to transform
185 * @param resource $stream SMTP output stream
186 * (when FALSE, nothing will be
187 * written to the stream; this can
188 * be used to determine the actual
189 * number of bytes that will be
190 * written to the stream)
191 * @param integer &$length_raw raw length of the message (part)
192 * as returned by mail fn
193 * @param string $boundary custom boundary to call, usually for subparts
194 *
195 * @return void
196 */
197 function writeBody($message, $stream, &$length_raw, $boundary='') {
198 // calculate boundary in case of multidimensional mime structures
199 if ($boundary && $message->entity_id && count($message->entities)) {
200 if (strpos($boundary,'_part_')) {
201 $boundary = substr($boundary,0,strpos($boundary,'_part_'));
202
203 // the next four lines use strrev to reverse any nested boundaries
204 // because RFC 2046 (5.1.1) says that if a line starts with the outer
205 // boundary string (doesn't matter what the line ends with), that
206 // can be considered a match for the outer boundary; thus the nested
207 // boundary needs to be unique from the outer one
208 //
209 } else if (strpos($boundary,'_trap_')) {
210 $boundary = substr(strrev($boundary),0,strpos(strrev($boundary),'_part_'));
211 }
212 $boundary_new = strrev($boundary . '_part_'.$message->entity_id);
213 } else {
214 $boundary_new = $boundary;
215 }
216 if ($boundary && !$message->rfc822_header) {
217 $s = '--'.$boundary."\r\n";
218 $s .= $this->prepareMIME_Header($message, $boundary_new);
219 $length_raw += strlen($s);
220 if ($stream) {
221 $this->preWriteToStream($s);
222 $this->writeToStream($stream, $s);
223 }
224 }
225 $this->writeBodyPart($message, $stream, $length_raw);
226
227 $last = false;
228 for ($i=0, $entCount=count($message->entities);$i<$entCount;$i++) {
229 $msg = $this->writeBody($message->entities[$i], $stream, $length_raw, $boundary_new);
230 if ($i == $entCount-1) $last = true;
231 }
232 if ($boundary && $last) {
233 $s = "--".$boundary_new."--\r\n\r\n";
234 $length_raw += strlen($s);
235 if ($stream) {
236 $this->preWriteToStream($s);
237 $this->writeToStream($stream, $s);
238 }
239 }
240 }
241
242 /**
243 * function writeBodyPart - write each individual mimepart
244 *
245 * Recursively called by WriteBody to write each mime part to the SMTP stream
246 *
247 * @param Message $message Message object to transform
248 * @param resource $stream SMTP output stream
249 * (when FALSE, nothing will be
250 * written to the stream; this can
251 * be used to determine the actual
252 * number of bytes that will be
253 * written to the stream)
254 * @param integer &$length length of the message part
255 * as returned by mail fn
256 *
257 * @return void
258 */
259 function writeBodyPart($message, $stream, &$length) {
260 if ($message->mime_header) {
261 $type0 = $message->mime_header->type0;
262 } else {
263 $type0 = $message->rfc822_header->content_type->type0;
264 }
265
266 $body_part_trailing = $last = '';
267 switch ($type0)
268 {
269 case 'text':
270 case 'message':
271 if ($message->body_part) {
272 $body_part = $message->body_part;
273 // remove NUL characters
274 $body_part = str_replace("\0",'',$body_part);
275 $length += $this->clean_crlf($body_part);
276 if ($stream) {
277 $this->preWriteToStream($body_part);
278 $this->writeToStream($stream, $body_part);
279 }
280 $last = $body_part;
281 } elseif ($message->att_local_name) {
282 global $username, $attachment_dir;
283 $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
284 $filename = $message->att_local_name;
285
286 // inspect attached file for lines longer than allowed by RFC,
287 // in which case we'll be using base64 encoding (so we can split
288 // the lines up without corrupting them) instead of 8bit unencoded...
289 // (see RFC 2822/2.1.1)
290 //
291 // using 990 because someone somewhere is folding lines at
292 // 990 instead of 998 and I'm too lazy to find who it is
293 //
294 $file_has_long_lines = file_has_long_lines($hashed_attachment_dir
295 . '/' . $filename, 990);
296
297 $file = fopen ($hashed_attachment_dir . '/' . $filename, 'rb');
298
299 // long lines were found, need to use base64 encoding
300 //
301 if ($file_has_long_lines) {
302 while ($tmp = fread($file, 570)) {
303 $body_part = chunk_split(base64_encode($tmp));
304 // Up to 4.3.10 chunk_split always appends a newline,
305 // while in 4.3.11 it doesn't if the string to split
306 // is shorter than the chunk length.
307 if( substr($body_part, -1 , 1 ) != "\n" )
308 $body_part .= "\n";
309 $length += $this->clean_crlf($body_part);
310 if ($stream) {
311 $this->writeToStream($stream, $body_part);
312 }
313 }
314 }
315
316 // no excessively long lines - normal 8bit
317 //
318 else {
319 while ($body_part = fgets($file, 4096)) {
320 // remove NUL characters
321 $body_part = str_replace("\0",'',$body_part);
322 $length += $this->clean_crlf($body_part);
323 if ($stream) {
324 $this->preWriteToStream($body_part);
325 $this->writeToStream($stream, $body_part);
326 }
327 $last = $body_part;
328 }
329 }
330
331 fclose($file);
332 }
333 break;
334 default:
335 if ($message->body_part) {
336 $body_part = $message->body_part;
337 // remove NUL characters
338 $body_part = str_replace("\0",'',$body_part);
339 $length += $this->clean_crlf($body_part);
340 if ($stream) {
341 $this->writeToStream($stream, $body_part);
342 }
343 } elseif ($message->att_local_name) {
344 global $username, $attachment_dir;
345 $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
346 $filename = $message->att_local_name;
347 $file = fopen ($hashed_attachment_dir . '/' . $filename, 'rb');
348 while ($tmp = fread($file, 570)) {
349 $body_part = chunk_split(base64_encode($tmp));
350 // Up to 4.3.10 chunk_split always appends a newline,
351 // while in 4.3.11 it doesn't if the string to split
352 // is shorter than the chunk length.
353 if( substr($body_part, -1 , 1 ) != "\n" )
354 $body_part .= "\n";
355 $length += $this->clean_crlf($body_part);
356 if ($stream) {
357 $this->writeToStream($stream, $body_part);
358 }
359 }
360 fclose($file);
361 }
362 break;
363 }
364 $body_part_trailing = '';
365 if ($last && substr($last,-1) != "\n") {
366 $body_part_trailing = "\r\n";
367 }
368 if ($body_part_trailing) {
369 $length += strlen($body_part_trailing);
370 if ($stream) {
371 $this->preWriteToStream($body_part_trailing);
372 $this->writeToStream($stream, $body_part_trailing);
373 }
374 }
375 }
376
377 /**
378 * function clean_crlf - change linefeeds and newlines to legal characters
379 *
380 * The SMTP format only allows CRLF as line terminators.
381 * This function replaces illegal teminators with the correct terminator.
382 *
383 * @param string &$s string to clean linefeeds on
384 *
385 * @return void
386 */
387 function clean_crlf(&$s) {
388 $s = str_replace("\r\n", "\n", $s);
389 $s = str_replace("\r", "\n", $s);
390 $s = str_replace("\n", "\r\n", $s);
391 return strlen($s);
392 }
393
394 /**
395 * function strip_crlf - strip linefeeds and newlines from a string
396 *
397 * The SMTP format only allows CRLF as line terminators.
398 * This function strips all line terminators from the string.
399 *
400 * @param string &$s string to clean linefeeds on
401 *
402 * @return void
403 */
404 function strip_crlf(&$s) {
405 $s = str_replace("\r\n ", '', $s);
406 $s = str_replace("\r", '', $s);
407 $s = str_replace("\n", '', $s);
408 }
409
410 /**
411 * function preWriteToStream - reserved for extended functionality
412 *
413 * This function is not yet implemented.
414 * Reserved for extended functionality.
415 *
416 * @param string &$s string to operate on
417 *
418 * @return void
419 */
420 function preWriteToStream(&$s) {
421 }
422
423 /**
424 * function writeToStream - write data to the SMTP stream
425 *
426 * @param resource $stream SMTP output stream
427 * @param string $data string with data to send to the SMTP stream
428 *
429 * @return void
430 */
431 function writeToStream($stream, $data) {
432 fputs($stream, $data);
433 }
434
435 /**
436 * function initStream - reserved for extended functionality
437 *
438 * This function is not yet implemented.
439 * Reserved for extended functionality.
440 * UPDATE: It is implemented in Deliver_SMTP and Deliver_SendMail classes,
441 * but it remains unimplemented in this base class (and thus not
442 * in Deliver_IMAP or other child classes that don't define it)
443 *
444 * NOTE: some parameters are specific to the child class
445 * that is implementing this method
446 *
447 * @param Message $message Message object
448 * @param string $domain
449 * @param integer $length
450 * @param string $host host name or IP to connect to
451 * @param integer $port
452 * @param string $user username to log into the SMTP server with
453 * @param string $pass password to log into the SMTP server with
454 * @param boolean $authpop whether or not to use POP-before-SMTP authorization
455 * @param string $pop_host host name or IP to connect to for POP-before-SMTP authorization
456 * @param array $stream_options Stream context options, see config_local.example.php for more details (OPTIONAL)
457 *
458 * @return handle $stream file handle resource to SMTP stream
459 */
460 function initStream($message, $domain, $length=0, $host='', $port='', $user='', $pass='', $authpop=false, $pop_host='', $stream_options=array()) {
461 return $stream;
462 }
463
464 /**
465 * function getBCC - reserved for extended functionality
466 *
467 * This function is not yet implemented.
468 * Reserved for extended functionality.
469 *
470 */
471 function getBCC() {
472 return false;
473 }
474
475 /**
476 * function prepareMIME_Header - creates the mime header
477 *
478 * @param Message $message Message object to act on
479 * @param string $boundary mime boundary from fn MimeBoundary
480 *
481 * @return string $header properly formatted mime header
482 */
483 function prepareMIME_Header($message, $boundary) {
484 $mime_header = $message->mime_header;
485 $rn="\r\n";
486 $header = array();
487
488 $contenttype = 'Content-Type: '. $mime_header->type0 .'/'.
489 $mime_header->type1;
490 if (count($message->entities)) {
491 $contenttype .= ';' . 'boundary="'.$boundary.'"';
492 }
493 if (isset($mime_header->parameters['name'])) {
494 $contenttype .= '; name="'.
495 encodeHeader($mime_header->parameters['name']). '"';
496 }
497 if (isset($mime_header->parameters['charset'])) {
498 $charset = $mime_header->parameters['charset'];
499 $contenttype .= '; charset="'.
500 encodeHeader($charset). '"';
501 }
502
503 $header[] = $contenttype . $rn;
504 if ($mime_header->description) {
505 $header[] = 'Content-Description: ' . $mime_header->description . $rn;
506 }
507 if ($mime_header->encoding) {
508 $header[] = 'Content-Transfer-Encoding: ' . $mime_header->encoding . $rn;
509 } else {
510
511 // inspect attached file for lines longer than allowed by RFC,
512 // in which case we'll be using base64 encoding (so we can split
513 // the lines up without corrupting them) instead of 8bit unencoded...
514 // (see RFC 2822/2.1.1)
515 //
516 if (!empty($message->att_local_name)) { // is this redundant? I have no idea
517 global $username, $attachment_dir;
518 $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
519 $filename = $hashed_attachment_dir . '/' . $message->att_local_name;
520
521 // using 990 because someone somewhere is folding lines at
522 // 990 instead of 998 and I'm too lazy to find who it is
523 //
524 $file_has_long_lines = file_has_long_lines($filename, 990);
525 } else
526 $file_has_long_lines = FALSE;
527
528 if ($mime_header->type0 == 'multipart' || $mime_header->type0 == 'alternative') {
529 /* no-op; no encoding needed */
530 } else if (($mime_header->type0 == 'text' || $mime_header->type0 == 'message')
531 && !$file_has_long_lines) {
532 $header[] = 'Content-Transfer-Encoding: 8bit' . $rn;
533 } else {
534 $header[] = 'Content-Transfer-Encoding: base64' . $rn;
535 }
536 }
537 if ($mime_header->id) {
538 $header[] = 'Content-ID: ' . $mime_header->id . $rn;
539 }
540 if ($mime_header->disposition) {
541 $disposition = $mime_header->disposition;
542 $contentdisp = 'Content-Disposition: ' . $disposition->name;
543 if ($disposition->getProperty('filename')) {
544 $contentdisp .= '; filename="'.
545 encodeHeader($disposition->getProperty('filename')). '"';
546 }
547 $header[] = $contentdisp . $rn;
548 }
549 if ($mime_header->md5) {
550 $header[] = 'Content-MD5: ' . $mime_header->md5 . $rn;
551 }
552 if ($mime_header->language) {
553 $header[] = 'Content-Language: ' . $mime_header->language . $rn;
554 }
555
556 $cnt = count($header);
557 $hdr_s = '';
558 for ($i = 0 ; $i < $cnt ; $i++) {
559 $hdr_s .= $this->foldLine($header[$i], 78);
560 }
561 $header = $hdr_s;
562 $header .= $rn; /* One blank line to separate mimeheader and body-entity */
563 return $header;
564 }
565
566 /**
567 * function prepareRFC822_Header - prepares the RFC822 header string from Rfc822Header object(s)
568 *
569 * This function takes the Rfc822Header object(s) and formats them
570 * into the RFC822Header string to send to the SMTP server as part
571 * of the SMTP message.
572 *
573 * @param Rfc822Header $rfc822_header
574 * @param Rfc822Header $reply_rfc822_header
575 * @param integer &$raw_length length of the message
576 *
577 * @return string $header
578 */
579 function prepareRFC822_Header(&$rfc822_header, $reply_rfc822_header, &$raw_length) {
580 global $domain, $username, $encode_header_key,
581 $edit_identity, $hide_auth_header;
582
583 /* if server var SERVER_NAME not available, or contains
584 ":" (e.g. IPv6) which is illegal in a Message-ID, use $domain */
585 if(!sqGetGlobalVar('SERVER_NAME', $SERVER_NAME, SQ_SERVER) ||
586 strpos($SERVER_NAME,':') !== FALSE) {
587 $SERVER_NAME = $domain;
588 }
589
590 sqGetGlobalVar('REMOTE_ADDR', $REMOTE_ADDR, SQ_SERVER);
591 sqGetGlobalVar('REMOTE_PORT', $REMOTE_PORT, SQ_SERVER);
592 sqGetGlobalVar('REMOTE_HOST', $REMOTE_HOST, SQ_SERVER);
593 sqGetGlobalVar('HTTP_VIA', $HTTP_VIA, SQ_SERVER);
594 sqGetGlobalVar('HTTP_X_FORWARDED_FOR', $HTTP_X_FORWARDED_FOR, SQ_SERVER);
595
596 $rn = "\r\n";
597
598 /* This creates an RFC 822 date */
599 $date = date('D, j M Y H:i:s ', time()) . $this->timezone();
600
601 /* Create a message-id */
602 $message_id = 'MESSAGE ID GENERATION ERROR! PLEASE CONTACT SQUIRRELMAIL DEVELOPERS';
603 if (empty($rfc822_header->message_id)) {
604 $message_id = '<'
605 . md5(GenerateRandomString(16, '', 7) . uniqid(mt_rand(),true))
606 . '.squirrel@' . $SERVER_NAME .'>';
607 }
608
609 /* Make an RFC822 Received: line */
610 if (isset($REMOTE_HOST)) {
611 $received_from = "$REMOTE_HOST ([$REMOTE_ADDR])";
612 } else {
613 $received_from = $REMOTE_ADDR;
614 }
615 if (isset($HTTP_VIA) || isset ($HTTP_X_FORWARDED_FOR)) {
616 if (!isset($HTTP_X_FORWARDED_FOR) || $HTTP_X_FORWARDED_FOR == '') {
617 $HTTP_X_FORWARDED_FOR = 'unknown';
618 }
619 $received_from .= " (proxying for $HTTP_X_FORWARDED_FOR)";
620 }
621 $header = array();
622
623 /**
624 * SquirrelMail header
625 *
626 * This Received: header provides information that allows to track
627 * user and machine that was used to send email. Don't remove it
628 * unless you understand all possible forging issues or your
629 * webmail installation does not prevent changes in user's email address.
630 * See SquirrelMail bug tracker #847107 for more details about it.
631 *
632 * Add hide_squirrelmail_header as a candidate for config_local.php
633 * (must be defined as a constant: define('hide_squirrelmail_header', 1);
634 * to allow completely hiding SquirrelMail participation in message
635 * processing; This is dangerous, especially if users can modify their
636 * account information, as it makes mapping a sent message back to the
637 * original sender almost impossible.
638 */
639 $show_sm_header = ( defined('hide_squirrelmail_header') ? ! hide_squirrelmail_header : 1 );
640
641 // FIXME: The following headers may generate slightly differently between the message sent to the destination and that stored in the Sent folder because this code will be called before both actions. This is not necessarily a big problem, but other headers such as Message-ID and Date are preserved between both actions
642 if ( $show_sm_header ) {
643 if (isset($encode_header_key) &&
644 trim($encode_header_key)!='') {
645 // use encoded headers, if encryption key is set and not empty
646 $header[] = 'X-Squirrel-UserHash: '.OneTimePadEncrypt($username,base64_encode($encode_header_key)).$rn;
647 $header[] = 'X-Squirrel-FromHash: '.OneTimePadEncrypt($this->ip2hex($REMOTE_ADDR),base64_encode($encode_header_key)).$rn;
648 if (isset($HTTP_X_FORWARDED_FOR))
649 $header[] = 'X-Squirrel-ProxyHash:'.OneTimePadEncrypt($this->ip2hex($HTTP_X_FORWARDED_FOR),base64_encode($encode_header_key)).$rn;
650 } else {
651 // use default received headers
652 $header[] = "Received: from $received_from" . $rn;
653 if (!isset($hide_auth_header) || !$hide_auth_header)
654 $header[] = " (SquirrelMail authenticated user $username)" . $rn;
655 $header[] = " by $SERVER_NAME with HTTP;" . $rn;
656 $header[] = " $date" . $rn;
657 }
658 }
659
660 /* Insert the rest of the header fields */
661
662 if (!empty($rfc822_header->message_id)) {
663 $header[] = 'Message-ID: '. $rfc822_header->message_id . $rn;
664 } else {
665 $header[] = 'Message-ID: '. $message_id . $rn;
666 $rfc822_header->message_id = $message_id;
667 }
668
669 if (is_object($reply_rfc822_header) &&
670 isset($reply_rfc822_header->message_id) &&
671 $reply_rfc822_header->message_id) {
672 $rep_message_id = $reply_rfc822_header->message_id;
673 $header[] = 'In-Reply-To: '.$rep_message_id . $rn;
674 $rfc822_header->in_reply_to = $rep_message_id;
675 $references = $this->calculate_references($reply_rfc822_header);
676 $header[] = 'References: '.$references . $rn;
677 $rfc822_header->references = $references;
678 }
679
680 if (!empty($rfc822_header->date) && $rfc822_header->date != -1) {
681 $header[] = 'Date: '. $rfc822_header->date . $rn;
682 } else {
683 $header[] = "Date: $date" . $rn;
684 $rfc822_header->date = $date;
685 }
686
687 $header[] = 'Subject: '.encodeHeader($rfc822_header->subject) . $rn;
688 $header[] = 'From: '. $rfc822_header->getAddr_s('from',",$rn ",true) . $rn;
689
690 // folding address list [From|To|Cc|Bcc] happens by using ",$rn<space>"
691 // as delimiter
692 // Do not use foldLine for that.
693
694 // RFC2822 if from contains more then 1 address
695 if (count($rfc822_header->from) > 1) {
696 $header[] = 'Sender: '. $rfc822_header->getAddr_s('sender',',',true) . $rn;
697 }
698 if (count($rfc822_header->to)) {
699 $header[] = 'To: '. $rfc822_header->getAddr_s('to',",$rn ",true) . $rn;
700 }
701 if (count($rfc822_header->cc)) {
702 $header[] = 'Cc: '. $rfc822_header->getAddr_s('cc',",$rn ",true) . $rn;
703 }
704 if (count($rfc822_header->reply_to)) {
705 $header[] = 'Reply-To: '. $rfc822_header->getAddr_s('reply_to',',',true) . $rn;
706 }
707 /* Sendmail should return true. Default = false */
708 $bcc = $this->getBcc();
709 if (count($rfc822_header->bcc)) {
710 $s = 'Bcc: '. $rfc822_header->getAddr_s('bcc',",$rn ",true) . $rn;
711 if (!$bcc) {
712 $raw_length += strlen($s);
713 } else {
714 $header[] = $s;
715 }
716 }
717 /* Identify SquirrelMail */
718 $header[] = 'User-Agent: SquirrelMail/' . SM_VERSION . $rn;
719 /* Do the MIME-stuff */
720 $header[] = 'MIME-Version: 1.0' . $rn;
721 $contenttype = 'Content-Type: '. $rfc822_header->content_type->type0 .'/'.
722 $rfc822_header->content_type->type1;
723 if (count($rfc822_header->content_type->properties)) {
724 foreach ($rfc822_header->content_type->properties as $k => $v) {
725 if ($k && $v) {
726 $contenttype .= ';' .$k.'='.$v;
727 }
728 }
729 }
730 $header[] = $contenttype . $rn;
731 if ($encoding = $rfc822_header->encoding) {
732 $header[] = 'Content-Transfer-Encoding: ' . $encoding . $rn;
733 }
734 if (isset($rfc822_header->dnt) && $rfc822_header->dnt) {
735 $dnt = $rfc822_header->getAddr_s('dnt');
736 /* Pegasus Mail */
737 $header[] = 'X-Confirm-Reading-To: '.$dnt. $rn;
738 /* RFC 2298 */
739 $header[] = 'Disposition-Notification-To: '.$dnt. $rn;
740 }
741 if ($rfc822_header->priority) {
742 switch($rfc822_header->priority)
743 {
744 case 1:
745 $header[] = 'X-Priority: 1 (Highest)'.$rn;
746 $header[] = 'Importance: High'. $rn; break;
747 case 5:
748 $header[] = 'X-Priority: 5 (Lowest)'.$rn;
749 $header[] = 'Importance: Low'. $rn; break;
750 default: break;
751 }
752 }
753 /* Insert headers from the $more_headers array */
754 if(count($rfc822_header->more_headers)) {
755 reset($rfc822_header->more_headers);
756 foreach ($rfc822_header->more_headers as $k => $v) {
757 $header[] = $k.': '.$v .$rn;
758 }
759 }
760 $cnt = count($header);
761 $hdr_s = '';
762
763 for ($i = 0 ; $i < $cnt ; $i++) {
764 $sKey = substr($header[$i],0,strpos($header[$i],':'));
765 switch ($sKey)
766 {
767 case 'Message-ID':
768 case 'In-Reply_To':
769 $hdr_s .= $header[$i];
770 break;
771 case 'References':
772 $sRefs = substr($header[$i],12);
773 $aRefs = explode(' ',$sRefs);
774 $sLine = 'References:';
775 foreach ($aRefs as $sReference) {
776 if ( trim($sReference) == '' ) {
777 /* Don't add spaces. */
778 } elseif (strlen($sLine)+strlen($sReference) >76) {
779 $hdr_s .= $sLine;
780 $sLine = $rn . ' ' . $sReference;
781 } else {
782 $sLine .= ' '. $sReference;
783 }
784 }
785 $hdr_s .= $sLine;
786 break;
787 case 'To':
788 case 'Cc':
789 case 'Bcc':
790 case 'From':
791 $hdr_s .= $header[$i];
792 break;
793 default: $hdr_s .= $this->foldLine($header[$i], 78); break;
794 }
795 }
796 $header = $hdr_s;
797 $header .= $rn; /* One blank line to separate header and body */
798 $raw_length += strlen($header);
799 return $header;
800 }
801
802 /**
803 * Fold header lines per RFC 2822/2.2.3 and RFC 822/3.1.1
804 *
805 * Herein "soft" folding/wrapping (with whitespace tokens) is
806 * what we refer to as the preferred method of wrapping - that
807 * which we'd like to do within the $soft_wrap limit, but if
808 * not possible, we will try to do as soon as possible after
809 * $soft_wrap up to the $hard_wrap limit. Encoded words don't
810 * need to be detected in this phase, since they cannot contain
811 * spaces.
812 *
813 * "Hard" folding/wrapping (with "hard" tokens) is what we refer
814 * to as less ideal wrapping that will be done to keep within
815 * the $hard_wrap limit. This adds other syntactical breaking
816 * elements such as commas and encoded words.
817 *
818 * @param string $header The header content being folded
819 * @param integer $soft_wrap The desirable maximum line length
820 * (OPTIONAL; default is 78, per RFC)
821 * @param string $indent Wrapped lines will already have
822 * whitespace following the CRLF wrap,
823 * but you can add more indentation (or
824 * whatever) with this. The use of this
825 * parameter is DISCOURAGED, since it
826 * can corrupt the redisplay (unfolding)
827 * of headers whose content is space-
828 * sensitive, like subjects, etc.
829 * (OPTIONAL; default is an empty string)
830 * @param string $hard_wrap The absolute maximum line length
831 * (OPTIONAL; default is 998, per RFC)
832 *
833 * @return string The folded header content, with a trailing CRLF.
834 *
835 */
836 function foldLine($header, $soft_wrap=78, $indent='', $hard_wrap=998) {
837
838 // the "hard" token list can be altered if desired,
839 // for example, by adding ":"
840 // (in the future, we can take optional arguments
841 // for overriding or adding elements to the "hard"
842 // token list if we want to get fancy)
843 //
844 // the order of these is significant - preferred
845 // fold points should be listed first
846 //
847 // it is advised that the "=" always come first
848 // since it also finds encoded words, thus if it
849 // comes after some other token that happens to
850 // fall within the encoded word, the encoded word
851 // could be inadvertently broken in half, which
852 // is not allowable per RFC
853 //
854 $hard_break_tokens = array(
855 '=', // includes encoded word detection
856 ',',
857 ';',
858 );
859
860 // the order of these is significant too
861 //
862 $whitespace = array(
863 ' ',
864 "\t",
865 );
866
867 $CRLF = "\r\n";
868
869 $folded_header = '';
870
871 // if using an indent string, reduce wrap limits by its size
872 //
873 if (!empty($indent)) {
874 $soft_wrap -= strlen($indent);
875 $hard_wrap -= strlen($indent);
876 }
877
878 while (strlen($header) > $soft_wrap) {
879
880 $soft_wrapped_line = substr($header, 0, $soft_wrap);
881
882 // look for a token as close to the end of the soft wrap limit as possible
883 //
884 foreach ($whitespace as $token) {
885
886 // note that this if statement also fails when $pos === 0,
887 // which is intended, since blank lines are not allowed
888 //
889 if ($pos = strrpos($soft_wrapped_line, $token))
890 {
891 $new_fold = substr($header, 0, $pos);
892
893 // make sure proposed fold doesn't create a blank line
894 //
895 if (!trim($new_fold)) continue;
896
897 // with whitespace breaks, we fold BEFORE the token
898 //
899 $folded_header .= $new_fold . $CRLF . $indent;
900 $header = substr($header, $pos);
901
902 // ready for next while() iteration
903 //
904 continue 2;
905
906 }
907
908 }
909
910 // we were unable to find a wrapping point within the soft
911 // wrap limit, so now we'll try to find the first possible
912 // soft wrap point within the hard wrap limit
913 //
914 $hard_wrapped_line = substr($header, 0, $hard_wrap);
915
916 // look for a *SOFT* token as close to the
917 // beginning of the hard wrap limit as possible
918 //
919 foreach ($whitespace as $token) {
920
921 // use while loop instead of if block because it
922 // is possible we don't want the first one we find
923 //
924 $pos = $soft_wrap - 1; // -1 is corrected by +1 on next line
925 while ($pos = strpos($hard_wrapped_line, $token, $pos + 1))
926 {
927
928 $new_fold = substr($header, 0, $pos);
929
930 // make sure proposed fold doesn't create a blank line
931 //
932 if (!trim($new_fold)) continue;
933
934 // with whitespace breaks, we fold BEFORE the token
935 //
936 $folded_header .= $new_fold . $CRLF . $indent;
937 $header = substr($header, $pos);
938
939 // ready for next outter while() iteration
940 //
941 continue 3;
942
943 }
944
945 }
946
947 // we were still unable to find a soft wrapping point within
948 // both the soft and hard wrap limits, so if the length of
949 // what is left is no more than the hard wrap limit, we'll
950 // simply take the whole thing
951 //
952 if (strlen($header) <= strlen($hard_wrapped_line))
953 break;
954
955 // otherwise, we can't quit yet - look for a "hard" token
956 // as close to the end of the hard wrap limit as possible
957 //
958 foreach ($hard_break_tokens as $token) {
959
960 // note that this if statement also fails when $pos === 0,
961 // which is intended, since blank lines are not allowed
962 //
963 if ($pos = strrpos($hard_wrapped_line, $token))
964 {
965
966 // if we found a "=" token, we must determine whether,
967 // if it is part of an encoded word, it is the beginning
968 // or middle of one, where we need to readjust $pos a bit
969 //
970 if ($token == '=') {
971
972 // if we found the beginning of an encoded word,
973 // we want to break BEFORE the token
974 //
975 if (preg_match('/^(=\?([^?]*)\?(Q|B)\?([^?]*)\?=)/Ui',
976 substr($header, $pos))) {
977 $pos--;
978 }
979
980 // check if we found this token in the *middle*
981 // of an encoded word, in which case we have to
982 // ignore it, pushing back to the token that
983 // starts the encoded word instead
984 //
985 // of course, this is only possible if there is
986 // more content after the next hard wrap
987 //
988 // then look for the end of an encoded word in
989 // the next part (past the next hard wrap)
990 //
991 // then see if it is in fact part of a legitimate
992 // encoded word
993 //
994 else if (strlen($header) > $hard_wrap
995 && ($end_pos = strpos(substr($header, $hard_wrap), '?=')) !== FALSE
996 && preg_match('/(=\?([^?]*)\?(Q|B)\?([^?]*)\?=)$/Ui',
997 substr($header, 0, $hard_wrap + $end_pos + 2),
998 $matches)) {
999
1000 $pos = $hard_wrap + $end_pos + 2 - strlen($matches[1]) - 1;
1001
1002 }
1003
1004 }
1005
1006 // $pos could have been changed; make sure it's
1007 // not at the beginning of the line, as blank
1008 // lines are not allowed
1009 //
1010 if ($pos === 0) continue;
1011
1012 // we are dealing with a simple token break...
1013 //
1014 // for non-whitespace breaks, we fold AFTER the token
1015 // and add a space after the fold if not immediately
1016 // followed by a whitespace character in the next part
1017 //
1018 $folded_header .= substr($header, 0, $pos + 1) . $CRLF;
1019
1020 // don't go beyond end of $header, though
1021 //
1022 if (strlen($header) > $pos + 1) {
1023 $header = substr($header, $pos + 1);
1024 if (!in_array($header{0}, $whitespace))
1025 $header = ' ' . $indent . $header;
1026 } else {
1027 $header = '';
1028 }
1029
1030 // ready for next while() iteration
1031 //
1032 continue 2;
1033
1034 }
1035
1036 }
1037
1038 // finally, we just couldn't find anything to fold on, so we
1039 // have to just cut it off at the hard limit
1040 //
1041 $folded_header .= $hard_wrapped_line . $CRLF;
1042
1043 // is there more?
1044 //
1045 if (strlen($header) > strlen($hard_wrapped_line)) {
1046 $header = substr($header, strlen($hard_wrapped_line));
1047 if (!in_array($header{0}, $whitespace))
1048 $header = ' ' . $indent . $header;
1049 } else {
1050 $header = '';
1051 }
1052
1053 }
1054
1055
1056 // add any left-overs
1057 //
1058 $folded_header .= $header;
1059
1060
1061 // make sure it ends with a CRLF
1062 //
1063 if (substr($folded_header, -2) != $CRLF) $folded_header .= $CRLF;
1064
1065
1066 return $folded_header;
1067 }
1068
1069 /**
1070 * function mimeBoundary - calculates the mime boundary to use
1071 *
1072 * This function will generate a random mime boundary base part
1073 * for the message if the boundary has not already been set.
1074 *
1075 * @return string $mimeBoundaryString random mime boundary string
1076 */
1077 function mimeBoundary () {
1078 static $mimeBoundaryString;
1079
1080 if ( !isset( $mimeBoundaryString ) ||
1081 $mimeBoundaryString == '') {
1082 $mimeBoundaryString = '----=_' . date( 'YmdHis' ) . '_' .
1083 mt_rand( 10000, 99999 );
1084 }
1085 return $mimeBoundaryString;
1086 }
1087
1088 /**
1089 * function timezone - Time offset for correct timezone
1090 *
1091 * @return string $result with timezone and offset
1092 */
1093 function timezone () {
1094 global $invert_time, $show_timezone_name;
1095
1096 $diff_second = date('Z');
1097 if ($invert_time) {
1098 $diff_second = - $diff_second;
1099 }
1100 if ($diff_second > 0) {
1101 $sign = '+';
1102 } else {
1103 $sign = '-';
1104 }
1105 $diff_second = abs($diff_second);
1106 $diff_hour = floor ($diff_second / 3600);
1107 $diff_minute = floor (($diff_second-3600*$diff_hour) / 60);
1108
1109 // If an administrator wants to add the timezone name to the
1110 // end of the date header, they can set $show_timezone_name
1111 // to boolean TRUE in config/config_local.php, but that is
1112 // NOT RFC-822 compliant (see section 5.1). Moreover, some
1113 // Windows users reported that strftime('%Z') was returning
1114 // the full zone name (not the abbreviation) which in some
1115 // cases included 8-bit characters (not allowed as is in headers).
1116 // The PHP manual actually does NOT promise what %Z will return
1117 // for strftime!: "The time zone offset/abbreviation option NOT
1118 // given by %z (depends on operating system)"
1119 //
1120 if ($show_timezone_name) {
1121 $zonename = '('.strftime('%Z').')';
1122 $result = sprintf ("%s%02d%02d %s", $sign, $diff_hour, $diff_minute, $zonename);
1123 } else {
1124 $result = sprintf ("%s%02d%02d", $sign, $diff_hour, $diff_minute);
1125 }
1126 return ($result);
1127 }
1128
1129 /**
1130 * function calculate_references - calculate correct References string
1131 * Adds the current message ID, and makes sure it doesn't grow forever,
1132 * to that extent it drops message-ID's in a smart way until the string
1133 * length is under the recommended value of 1000 ("References: <986>\r\n").
1134 * It always keeps the first and the last three ID's.
1135 *
1136 * @param Rfc822Header $hdr message header to calculate from
1137 *
1138 * @return string $refer concatenated and trimmed References string
1139 */
1140 function calculate_references($hdr) {
1141 $aReferences = preg_split('/\s+/', $hdr->references);
1142 $message_id = $hdr->message_id;
1143 $in_reply_to = $hdr->in_reply_to;
1144
1145 // if References already exists, add the current message ID at the end.
1146 // no References exists; if we know a IRT, add that aswell
1147 if (count($aReferences) == 0 && $in_reply_to) {
1148 $aReferences[] = $in_reply_to;
1149 }
1150 $aReferences[] = $message_id;
1151
1152 // sanitize the array: trim whitespace, remove dupes
1153 array_walk($aReferences, 'sq_trim_value');
1154 $aReferences = array_unique($aReferences);
1155
1156 while ( count($aReferences) > 4 && strlen(implode(' ', $aReferences)) >= 986 ) {
1157 $aReferences = array_merge(array_slice($aReferences,0,1),array_slice($aReferences,2));
1158 }
1159 return implode(' ', $aReferences);
1160 }
1161
1162 /**
1163 * Converts ip address to hexadecimal string
1164 *
1165 * Function is used to convert ipv4 and ipv6 addresses to hex strings.
1166 * It removes all delimiter symbols from ip addresses, converts decimal
1167 * ipv4 numbers to hex and pads strings in order to present full length
1168 * address. ipv4 addresses are represented as 8 byte strings, ipv6 addresses
1169 * are represented as 32 byte string.
1170 *
1171 * If function fails to detect address format, it returns unprocessed string.
1172 * @param string $string ip address string
1173 * @return string processed ip address string
1174 * @since 1.5.1 and 1.4.5
1175 */
1176 function ip2hex($string) {
1177 if (preg_match("/^(\d+)\.(\d+)\.(\d+)\.(\d+)$/",$string,$match)) {
1178 // ipv4 address
1179 $ret = str_pad(dechex($match[1]),2,'0',STR_PAD_LEFT)
1180 . str_pad(dechex($match[2]),2,'0',STR_PAD_LEFT)
1181 . str_pad(dechex($match[3]),2,'0',STR_PAD_LEFT)
1182 . str_pad(dechex($match[4]),2,'0',STR_PAD_LEFT);
1183 } elseif (preg_match("/^([0-9a-h]+)\:([0-9a-h]+)\:([0-9a-h]+)\:([0-9a-h]+)\:([0-9a-h]+)\:([0-9a-h]+)\:([0-9a-h]+)\:([0-9a-h]+)$/i",$string,$match)) {
1184 // full ipv6 address
1185 $ret = str_pad($match[1],4,'0',STR_PAD_LEFT)
1186 . str_pad($match[2],4,'0',STR_PAD_LEFT)
1187 . str_pad($match[3],4,'0',STR_PAD_LEFT)
1188 . str_pad($match[4],4,'0',STR_PAD_LEFT)
1189 . str_pad($match[5],4,'0',STR_PAD_LEFT)
1190 . str_pad($match[6],4,'0',STR_PAD_LEFT)
1191 . str_pad($match[7],4,'0',STR_PAD_LEFT)
1192 . str_pad($match[8],4,'0',STR_PAD_LEFT);
1193 } elseif (preg_match("/^\:\:([0-9a-h\:]+)$/i",$string,$match)) {
1194 // short ipv6 with all starting symbols nulled
1195 $aAddr=explode(':',$match[1]);
1196 $ret='';
1197 foreach ($aAddr as $addr) {
1198 $ret.=str_pad($addr,4,'0',STR_PAD_LEFT);
1199 }
1200 $ret=str_pad($ret,32,'0',STR_PAD_LEFT);
1201 } elseif (preg_match("/^([0-9a-h\:]+)::([0-9a-h\:]+)$/i",$string,$match)) {
1202 // short ipv6 with middle part nulled
1203 $aStart=explode(':',$match[1]);
1204 $sStart='';
1205 foreach($aStart as $addr) {
1206 $sStart.=str_pad($addr,4,'0',STR_PAD_LEFT);
1207 }
1208 $aEnd = explode(':',$match[2]);
1209 $sEnd='';
1210 foreach($aEnd as $addr) {
1211 $sEnd.=str_pad($addr,4,'0',STR_PAD_LEFT);
1212 }
1213 $ret = $sStart
1214 . str_pad('',(32 - strlen($sStart . $sEnd)),'0',STR_PAD_LEFT)
1215 . $sEnd;
1216 } else {
1217 // unknown addressing
1218 $ret = $string;
1219 }
1220 return $ret;
1221 }
1222 }