Ensure that Reply-To isn't missing domain - we already do the same for the From heade...
[squirrelmail.git] / src / compose.php
1 <?php
2 /**
3 * compose.php
4 *
5 * This code sends a mail.
6 *
7 * There are 4 modes of operation:
8 * - Start new mail
9 * - Add an attachment
10 * - Send mail
11 * - Save As Draft
12 *
13 * @copyright 1999-2011 The SquirrelMail Project Team
14 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
15 * @version $Id$
16 * @package squirrelmail
17 */
18
19 /** This is the compose page */
20 define('PAGE_NAME', 'compose');
21
22 /**
23 * Include the SquirrelMail initialization file.
24 */
25 require('../include/init.php');
26
27 /* If email_address not set and admin wants us to ask user for it,
28 * redirect to options page. */
29 if ( $ask_user_info && getPref($data_dir, $username,'email_address') == "" ) {
30 header("Location: " . get_location() . "/options.php?optpage=personal");
31 exit;
32 }
33
34 /* SquirrelMail required files. */
35 require_once(SM_PATH . 'functions/imap_general.php');
36 require_once(SM_PATH . 'functions/imap_messages.php');
37 require_once(SM_PATH . 'functions/date.php');
38 require_once(SM_PATH . 'functions/mime.php');
39 require_once(SM_PATH . 'functions/compose.php');
40 require_once(SM_PATH . 'class/deliver/Deliver.class.php');
41 require_once(SM_PATH . 'functions/addressbook.php');
42 require_once(SM_PATH . 'functions/forms.php');
43 require_once(SM_PATH . 'functions/identity.php');
44
45 /* --------------------- Get globals ------------------------------------- */
46
47 /** SESSION VARS */
48 sqgetGlobalVar('delimiter', $delimiter, SQ_SESSION);
49
50 sqgetGlobalVar('delayed_errors', $delayed_errors, SQ_SESSION);
51 sqgetGlobalVar('composesession', $composesession, SQ_SESSION);
52 sqgetGlobalVar('compose_messages', $compose_messages, SQ_SESSION);
53
54 // compose_messages only useful in SESSION when a forward-as-attachment
55 // has been preconstructed for us and passed in via that mechanism; once
56 // we have it, we can clear it from the SESSION
57 sqsession_unregister('compose_messages');
58
59 // Turn on delayed error handling in case we wind up redirecting below
60 $oErrorHandler->setDelayedErrors(true);
61
62 /** SESSION/POST/GET VARS */
63 sqgetGlobalVar('send_button_count', $send_button_count, SQ_POST, 1, SQ_TYPE_INT);
64 for ($i = 1; $i <= $send_button_count; $i++)
65 if (sqgetGlobalVar('send' . $i, $send, SQ_POST)) break;
66 // Send can only be achieved by setting $_POST var. If Send = true then
67 // retrieve other form fields from $_POST
68 if (isset($send) && $send) {
69 $SQ_GLOBAL = SQ_POST;
70 } else {
71 $SQ_GLOBAL = SQ_FORM;
72 }
73 sqgetGlobalVar('session',$session, $SQ_GLOBAL);
74 sqgetGlobalVar('mailbox',$mailbox, $SQ_GLOBAL);
75 if(!sqgetGlobalVar('identity',$identity, $SQ_GLOBAL)) {
76 $identity=0;
77 }
78 sqgetGlobalVar('send_to',$send_to, $SQ_GLOBAL);
79 sqgetGlobalVar('send_to_cc',$send_to_cc, $SQ_GLOBAL);
80 sqgetGlobalVar('send_to_bcc',$send_to_bcc, $SQ_GLOBAL);
81 sqgetGlobalVar('subject',$subject, $SQ_GLOBAL);
82 sqgetGlobalVar('body',$body, $SQ_GLOBAL);
83 sqgetGlobalVar('mailprio',$mailprio, $SQ_GLOBAL);
84 sqgetGlobalVar('request_mdn',$request_mdn, $SQ_GLOBAL);
85 sqgetGlobalVar('request_dr',$request_dr, $SQ_GLOBAL);
86 sqgetGlobalVar('html_addr_search',$html_addr_search, $SQ_GLOBAL);
87 sqgetGlobalVar('mail_sent',$mail_sent, $SQ_GLOBAL);
88 sqgetGlobalVar('passed_id',$passed_id, $SQ_GLOBAL, NULL, SQ_TYPE_BIGINT);
89 sqgetGlobalVar('passed_ent_id',$passed_ent_id, $SQ_GLOBAL);
90 sqgetGlobalVar('fwduid',$fwduid, $SQ_GLOBAL, '');
91
92 sqgetGlobalVar('attach',$attach, SQ_POST);
93 sqgetGlobalVar('draft',$draft, SQ_POST);
94 sqgetGlobalVar('draft_id',$draft_id, $SQ_GLOBAL);
95 sqgetGlobalVar('ent_num',$ent_num, $SQ_GLOBAL);
96 sqgetGlobalVar('saved_draft',$saved_draft, SQ_FORM);
97
98 if ( sqgetGlobalVar('delete_draft',$delete_draft) ) {
99 $delete_draft = (int)$delete_draft;
100 }
101
102 if ( sqgetGlobalVar('startMessage',$startMessage) ) {
103 $startMessage = (int)$startMessage;
104 } else {
105 $startMessage = 1;
106 }
107
108
109 /** POST VARS */
110 sqgetGlobalVar('sigappend', $sigappend, SQ_POST);
111 sqgetGlobalVar('from_htmladdr_search', $from_htmladdr_search, SQ_POST);
112 sqgetGlobalVar('addr_search_done', $html_addr_search_done, SQ_POST);
113 sqgetGlobalVar('addr_search_cancel', $html_addr_search_cancel, SQ_POST);
114 sqgetGlobalVar('send_to_search', $send_to_search, SQ_POST);
115 sqgetGlobalVar('do_delete', $do_delete, SQ_POST);
116 sqgetGlobalVar('delete', $delete, SQ_POST);
117 sqgetGlobalVar('attachments', $attachments, SQ_POST);
118 if ( sqgetGlobalVar('return', $temp, SQ_POST) ) {
119 $html_addr_search_done = 'Use Addresses';
120 }
121
122 /** GET VARS */
123 if ( sqgetGlobalVar('account', $temp, SQ_GET) ) {
124 $iAccount = (int) $temp;
125 } else {
126 $iAccount = 0;
127 }
128
129
130 /** get smaction */
131 if ( !sqgetGlobalVar('smaction',$action) )
132 {
133 if ( sqgetGlobalVar('smaction_reply',$tmp) ) $action = 'reply';
134 if ( sqgetGlobalVar('smaction_reply_all',$tmp) ) $action = 'reply_all';
135 if ( sqgetGlobalVar('smaction_forward',$tmp) ) $action = 'forward';
136 if ( sqgetGlobalVar('smaction_attache',$tmp) ) $action = 'forward_as_attachment';
137 if ( sqgetGlobalVar('smaction_draft',$tmp) ) $action = 'draft';
138 if ( sqgetGlobalVar('smaction_edit_new',$tmp) ) $action = 'edit_as_new';
139 }
140
141 sqgetGlobalVar('smtoken', $submitted_token, $SQ_GLOBAL, '');
142
143 /**
144 * Here we decode the data passed in from mailto.php.
145 */
146 if ( sqgetGlobalVar('mailtodata', $mailtodata, SQ_GET) ) {
147 $trtable = array('to' => 'send_to',
148 'cc' => 'send_to_cc',
149 'bcc' => 'send_to_bcc',
150 'body' => 'body',
151 'subject' => 'subject');
152 $mtdata = unserialize($mailtodata);
153
154 foreach ($trtable as $f => $t) {
155 if ( !empty($mtdata[$f]) ) {
156 $$t = $mtdata[$f];
157 }
158 }
159 unset($mailtodata,$mtdata, $trtable);
160 }
161
162 /* Location (For HTTP 1.1 header("Location: ...") redirects) */
163 $location = get_location();
164 /* Identities (fetch only once) */
165 $idents = get_identities();
166
167 /* --------------------- Specific Functions ------------------------------ */
168
169 function replyAllString($header) {
170 global $include_self_reply_all, $idents;
171 $excl_ar = array();
172 /**
173 * 1) Remove the addresses we'll be sending the message 'to'
174 */
175 if (isset($header->reply_to)) {
176 $excl_ar = $header->getAddr_a('reply_to');
177 }
178 /**
179 * 2) Remove our identities from the CC list (they still can be in the
180 * TO list) only if $include_self_reply_all is turned off
181 */
182 if (!$include_self_reply_all) {
183 foreach($idents as $id) {
184 $excl_ar[strtolower(trim($id['email_address']))] = '';
185 }
186 }
187
188 /**
189 * 3) get the addresses.
190 */
191 $url_replytoall_ar = $header->getAddr_a(array('to','cc'), $excl_ar);
192
193 /**
194 * 4) generate the string.
195 */
196 $url_replytoallcc = '';
197 foreach( $url_replytoall_ar as $email => $personal) {
198 if ($personal) {
199 // always quote personal name (can't just quote it if
200 // it contains a comma separator, since it might still
201 // be encoded)
202 $url_replytoallcc .= ", \"$personal\" <$email>";
203 } else {
204 $url_replytoallcc .= ', '. $email;
205 }
206 }
207 $url_replytoallcc = substr($url_replytoallcc,2);
208
209 return $url_replytoallcc;
210 }
211
212 /**
213 * creates top line in reply citations
214 *
215 * Line style depends on user preferences.
216 * $orig_date argument is available only from 1.4.3 and 1.5.1 version.
217 * @param object $orig_from From: header object.
218 * @param integer $orig_date email's timestamp
219 * @return string reply citation
220 */
221 function getReplyCitation($orig_from, $orig_date) {
222 global $reply_citation_style, $reply_citation_start, $reply_citation_end;
223
224 if (!is_object($orig_from)) {
225 $sOrig_from = '';
226 } else {
227 $sOrig_from = decodeHeader($orig_from->getAddress(false),false,false,true);
228 }
229
230 /* First, return an empty string when no citation style selected. */
231 if (($reply_citation_style == '') || ($reply_citation_style == 'none')) {
232 return '';
233 }
234
235 /* Make sure our final value isn't an empty string. */
236 if ($sOrig_from == '') {
237 return '';
238 }
239
240 /* Otherwise, try to select the desired citation style. */
241 switch ($reply_citation_style) {
242 case 'author_said':
243 // i18n: %s is for author's name
244 $full_reply_citation = sprintf(_("%s wrote:"),$sOrig_from);
245 break;
246 case 'quote_who':
247 $start = '<quote who="';
248 $end = '">';
249 $full_reply_citation = $start . $sOrig_from . $end;
250 break;
251 case 'date_time_author':
252 // i18n:
253 // The first %s is for date string, the second %s is for author's name.
254 // The date uses formating from "D, F j, Y g:i a" and "D, F j, Y H:i"
255 // translations.
256 // Example string:
257 // "On Sat, December 24, 2004 23:59, Santa wrote:"
258 // If you have to put author's name in front of date string, check comments about
259 // argument swapping at http://php.net/sprintf
260 $full_reply_citation = sprintf(_("On %s, %s wrote:"), getLongDateString($orig_date), $sOrig_from);
261 break;
262 case 'user-defined':
263 $start = $reply_citation_start .
264 ($reply_citation_start == '' ? '' : ' ');
265 $end = $reply_citation_end;
266 $full_reply_citation = $start . $sOrig_from . $end;
267 break;
268 default:
269 return '';
270 }
271
272 /* Add line feed and return the citation string. */
273 return ($full_reply_citation . "\n");
274 }
275
276 /**
277 * Creates header fields in forwarded email body
278 *
279 * $default_charset global must be set correctly before you call this function.
280 * @param object $orig_header
281 * @return $string
282 */
283 function getforwardHeader($orig_header) {
284 global $editor_size, $default_charset;
285
286 // using own strlen function in order to detect correct string length
287 $display = array( _("Subject") => sq_strlen(_("Subject"),$default_charset),
288 _("From") => sq_strlen(_("From"),$default_charset),
289 _("Date") => sq_strlen(_("Date"),$default_charset),
290 _("To") => sq_strlen(_("To"),$default_charset),
291 _("Cc") => sq_strlen(_("Cc"),$default_charset) );
292 $maxsize = max($display);
293 $indent = str_pad('',$maxsize+2);
294 foreach($display as $key => $val) {
295 $display[$key] = $key .': '. str_pad('', $maxsize - $val);
296 }
297 $from = decodeHeader($orig_header->getAddr_s('from',"\n$indent"),false,false,true);
298 $from = str_replace('&nbsp;',' ',$from);
299 $to = decodeHeader($orig_header->getAddr_s('to',"\n$indent"),false,false,true);
300 $to = str_replace('&nbsp;',' ',$to);
301 $subject = decodeHeader($orig_header->subject,false,false,true);
302 $subject = str_replace('&nbsp;',' ',$subject);
303
304 // using own str_pad function in order to create correct string pad
305 $bodyTop = sq_str_pad(' '._("Original Message").' ',$editor_size -2,'-',STR_PAD_BOTH,$default_charset) .
306 "\n". $display[_("Subject")] . $subject . "\n" .
307 $display[_("From")] . $from . "\n" .
308 $display[_("Date")] . getLongDateString( $orig_header->date, $orig_header->date_unparsed ). "\n" .
309 $display[_("To")] . $to . "\n";
310 if ($orig_header->cc != array() && $orig_header->cc !='') {
311 $cc = decodeHeader($orig_header->getAddr_s('cc',"\n$indent"),false,false,true);
312 $cc = str_replace('&nbsp;',' ',$cc);
313 $bodyTop .= $display[_("Cc")] .$cc . "\n";
314 }
315 $bodyTop .= str_pad('', $editor_size -2 , '-') .
316 "\n\n";
317 return $bodyTop;
318 }
319 /* ----------------------------------------------------------------------- */
320
321 /*
322 * If the session is expired during a post this restores the compose session
323 * vars.
324 */
325 $session_expired = false;
326 if (sqsession_is_registered('session_expired_post')) {
327 sqgetGlobalVar('session_expired_post', $session_expired_post, SQ_SESSION);
328 /*
329 * extra check for username so we don't display previous post data from
330 * another user during this session.
331 */
332 if (!empty($session_expired_post['username'])
333 && $session_expired_post['username'] == $username) {
334 // these are the vars that we can set from the expired composed session
335 $compo_var_list = array ('send_to', 'send_to_cc', 'body',
336 'startMessage', 'passed_body', 'use_signature', 'signature',
337 'subject', 'newmail', 'send_to_bcc', 'passed_id', 'mailbox',
338 'from_htmladdr_search', 'identity', 'draft_id', 'delete_draft',
339 'mailprio', 'edit_as_new', 'attachments', 'composesession',
340 'request_mdn', 'request_dr', 'fwduid');
341
342 foreach ($compo_var_list as $var) {
343 if ( isset($session_expired_post[$var]) && !isset($$var) ) {
344 $$var = $session_expired_post[$var];
345 }
346 }
347
348 if (!empty($attachments))
349 $attachments = unserialize(urldecode($attachments));
350
351 sqsession_register($composesession,'composesession');
352
353 if (isset($send)) {
354 unset($send);
355 }
356 $session_expired = true;
357 }
358 unset($session_expired_post);
359 sqsession_unregister('session_expired_post');
360 session_write_close();
361 if (!isset($mailbox)) {
362 $mailbox = '';
363 }
364 if ($compose_new_win == '1') {
365 compose_Header($color, $mailbox);
366 } else {
367 $sHeaderJs = (isset($sHeaderJs)) ? $sHeaderJs : '';
368 if (strpos($action, 'reply') !== false && $reply_focus) {
369 $sOnload = 'checkForm(\''.$replyfocus.'\');';
370 } else {
371 $sOnload = 'checkForm();';
372 }
373 displayPageHeader($color, $mailbox,$sHeaderJs,$sOnload);
374 }
375 showInputForm($session, false);
376 exit();
377 }
378
379 if (!isset($composesession)) {
380 $composesession = 0;
381 sqsession_register(0,'composesession');
382 } else {
383 $composesession = (int)$composesession;
384 }
385
386 if (!isset($session) || (isset($newmessage) && $newmessage)) {
387 sqsession_unregister('composesession');
388 $session = "$composesession" +1;
389 $composesession = $session;
390 sqsession_register($composesession,'composesession');
391 }
392 if (!empty($compose_messages[$session])) {
393 $composeMessage = $compose_messages[$session];
394 } else {
395 $composeMessage = new Message();
396 $rfc822_header = new Rfc822Header();
397 $composeMessage->rfc822_header = $rfc822_header;
398 $composeMessage->reply_rfc822_header = '';
399 }
400
401 // re-add attachments that were already in this message
402 // FIXME: note that technically this is very bad form -
403 // should never directly manipulate an object like this
404 if (!empty($attachments)) {
405 $attachments = unserialize(urldecode($attachments));
406 if (!empty($attachments) && is_array($attachments))
407 $composeMessage->entities = $attachments;
408 }
409
410 if (empty($mailbox)) {
411 $mailbox = 'INBOX';
412 }
413
414 if ($draft) {
415
416 // validate security token
417 //
418 sm_validate_security_token($submitted_token, 3600, TRUE);
419
420 /*
421 * Set $default_charset to correspond with the user's selection
422 * of language interface.
423 */
424 set_my_charset();
425 if (! deliverMessage($composeMessage, true)) {
426 showInputForm($session);
427 exit();
428 } else {
429 $draft_message = _("Draft Email Saved");
430 /* If this is a resumed draft, then delete the original */
431 if(isset($delete_draft)) {
432 $imap_stream = sqimap_login($username, false, $imapServerAddress, $imapPort, false);
433 sqimap_mailbox_select($imap_stream, $draft_folder);
434 // force bypass_trash=true because message should be saved when deliverMessage() returns true.
435 // in current implementation of sqimap_msgs_list_flag() single message id can
436 // be submitted as string. docs state that it should be array.
437 sqimap_msgs_list_delete($imap_stream, $draft_folder, $delete_draft, true);
438 if ($auto_expunge) {
439 sqimap_mailbox_expunge($imap_stream, $draft_folder, true);
440 }
441 sqimap_logout($imap_stream);
442 }
443
444 $oErrorHandler->saveDelayedErrors();
445 session_write_close();
446
447 if ($compose_new_win == '1') {
448 if ( !isset($pageheader_sent) || !$pageheader_sent ) {
449 header("Location: $location/compose.php?saved_draft=yes&session=$composesession");
450 } else {
451 //FIXME: DON'T ECHO HTML FROM CORE!
452 echo ' <br><br><div style="text-align: center;"><a href="' . $location
453 . '/compose.php?saved_sent=yes&amp;session=' . $composesession . '">'
454 . _("Return") . '</a></div>';
455 }
456 exit();
457 } else {
458 if ( !isset($pageheader_sent) || !$pageheader_sent ) {
459 header("Location: $location/right_main.php?mailbox=" . urlencode($draft_folder) .
460 "&startMessage=1&note=".urlencode($draft_message));
461 } else {
462 //FIXME: DON'T ECHO HTML FROM CORE!
463 echo ' <br><br><div style="text-align: center;"><a href="' . $location
464 . '/right_main.php?mailbox=' . urlencode($draft_folder)
465 . '&amp;startMessage=1&amp;note=' . urlencode($draft_message) .'">'
466 . _("Return") . '</a></div>';
467 }
468 exit();
469 }
470 }
471 }
472
473 if ($send) {
474
475 // validate security token
476 //
477 sm_validate_security_token($submitted_token, 3600, TRUE);
478
479 if (isset($_FILES['attachfile']) &&
480 $_FILES['attachfile']['tmp_name'] &&
481 $_FILES['attachfile']['tmp_name'] != 'none') {
482 $AttachFailure = saveAttachedFiles($session);
483 }
484
485 if (checkInput(false) && !isset($AttachFailure)) {
486 if ($mailbox == "All Folders") {
487 /* We entered compose via the search results page */
488 $mailbox = 'INBOX'; /* Send 'em to INBOX, that's safe enough */
489 }
490 $urlMailbox = urlencode($mailbox);
491 if (! isset($passed_id)) {
492 $passed_id = 0;
493 }
494 /**
495 * Set $default_charset to correspond with the user's selection
496 * of language interface.
497 */
498 set_my_charset();
499 /**
500 * This is to change all newlines to \n
501 * We'll change them to \r\n later (in the sendMessage function)
502 */
503 $body = str_replace("\r\n", "\n", $body);
504 $body = str_replace("\r", "\n", $body);
505
506 /**
507 * Rewrap $body so that no line is bigger than $editor_size
508 */
509 $body = explode("\n", $body);
510 $newBody = '';
511 foreach ($body as $line) {
512 if( $line <> '-- ' ) {
513 $line = rtrim($line);
514 }
515 if (sq_strlen($line, $default_charset) <= $editor_size + 1) {
516 $newBody .= $line . "\n";
517 } else {
518 sqWordWrap($line, $editor_size, $default_charset);
519 $newBody .= $line . "\n";
520
521 }
522
523 }
524 $body = $newBody;
525
526 $Result = deliverMessage($composeMessage);
527
528 if ($Result)
529 $mail_sent = 'yes';
530 else
531 $mail_sent = 'no';
532
533 // NOTE: this hook changed in 1.5.2 from sending $Result and
534 // $composeMessage as args #2 and #3 to being in an array
535 // under arg #2
536 $temp = array(&$Result, &$composeMessage, &$mail_sent);
537 do_hook('compose_send_after', $temp);
538 if (! $Result) {
539 showInputForm($session);
540 exit();
541 }
542
543 /* if it is resumed draft, delete draft message */
544 if ( isset($delete_draft)) {
545 $imap_stream = sqimap_login($username, false, $imapServerAddress, $imapPort, false);
546 sqimap_mailbox_select($imap_stream, $draft_folder);
547 // bypass_trash=true because message should be saved when deliverMessage() returns true.
548 // in current implementation of sqimap_msgs_list_flag() single message id can
549 // be submitted as string. docs state that it should be array.
550 sqimap_msgs_list_delete($imap_stream, $draft_folder, $delete_draft, true);
551 if ($auto_expunge) {
552 sqimap_mailbox_expunge($imap_stream, $draft_folder, true);
553 }
554 sqimap_logout($imap_stream);
555 }
556 /*
557 * Store the error array in the session because they will be lost on a redirect
558 */
559 $oErrorHandler->saveDelayedErrors();
560 session_write_close();
561
562 if ($compose_new_win == '1') {
563 if ( !isset($pageheader_sent) || !$pageheader_sent ) {
564 header("Location: $location/compose.php?mail_sent=$mail_sent");
565 } else {
566 //FIXME: DON'T ECHO HTML FROM CORE!
567 echo ' <br><br><div style="text-align: center;"><a href="' . $location
568 . '/compose.php?mail_sent=$mail_sent">'
569 . _("Return") . '</a></div>';
570 }
571 exit();
572 } else {
573 if ( !isset($pageheader_sent) || !$pageheader_sent ) {
574 header("Location: $location/right_main.php?mailbox=$urlMailbox".
575 "&startMessage=$startMessage&mail_sent=$mail_sent");
576 } else {
577 //FIXME: DON'T ECHO HTML FROM CORE!
578 echo ' <br><br><div style="text-align: center;"><a href="' . $location
579 . "/right_main.php?mailbox=$urlMailbox"
580 . "&amp;startMessage=$startMessage&amp;mail_sent=$mail_sent\">"
581 . _("Return") . '</a></div>';
582 }
583 exit();
584 }
585 } else {
586 if ($compose_new_win == '1') {
587 compose_Header($color, $mailbox);
588 }
589 else {
590 displayPageHeader($color, $mailbox);
591 }
592 if (isset($AttachFailure)) {
593 plain_error_message(_("Could not move/copy file. File not attached"),
594 $color);
595 }
596 checkInput(true);
597 showInputForm($session);
598 /* sqimap_logout($imapConnection); */
599 }
600 } elseif (isset($html_addr_search_done)) {
601
602 // validate security token
603 //
604 sm_validate_security_token($submitted_token, 3600, TRUE);
605
606 if ($compose_new_win == '1') {
607 compose_Header($color, $mailbox);
608 }
609 else {
610 displayPageHeader($color, $mailbox);
611 }
612
613 if (isset($send_to_search) && is_array($send_to_search)) {
614 foreach ($send_to_search as $k => $v) {
615 if (substr($k, 0, 1) == 'T') {
616 if ($send_to) {
617 $send_to .= ', ';
618 }
619 $send_to .= $v;
620 }
621 elseif (substr($k, 0, 1) == 'C') {
622 if ($send_to_cc) {
623 $send_to_cc .= ', ';
624 }
625 $send_to_cc .= $v;
626 }
627 elseif (substr($k, 0, 1) == 'B') {
628 if ($send_to_bcc) {
629 $send_to_bcc .= ', ';
630 }
631 $send_to_bcc .= $v;
632 }
633 }
634 }
635 showInputForm($session);
636 } elseif (isset($html_addr_search) && !isset($html_addr_search_cancel)) {
637 if (isset($_FILES['attachfile']) &&
638 $_FILES['attachfile']['tmp_name'] &&
639 $_FILES['attachfile']['tmp_name'] != 'none') {
640 if(saveAttachedFiles($session)) {
641 plain_error_message(_("Could not move/copy file. File not attached"));
642 }
643 }
644 /*
645 * I am using an include so as to elminiate an extra unnecessary
646 * click. If you can think of a better way, please implement it.
647 */
648 include_once('./addrbook_search_html.php');
649 } elseif (isset($attach)) {
650
651 // validate security token
652 //
653 sm_validate_security_token($submitted_token, 3600, TRUE);
654
655 if ($compose_new_win == '1') {
656 compose_Header($color, $mailbox);
657 } else {
658 displayPageHeader($color, $mailbox);
659 }
660 if (saveAttachedFiles($session)) {
661 plain_error_message(_("Could not move/copy file. File not attached"));
662 }
663 showInputForm($session);
664 }
665 elseif (isset($sigappend)) {
666
667 // validate security token
668 //
669 sm_validate_security_token($submitted_token, 3600, TRUE);
670
671 $signature = $idents[$identity]['signature'];
672
673 $body .= "\n\n".($prefix_sig==true? "-- \n":'').$signature;
674 if ($compose_new_win == '1') {
675 compose_Header($color, $mailbox);
676 } else {
677 displayPageHeader($color, $mailbox);
678 }
679 showInputForm($session);
680 } elseif (isset($do_delete)) {
681
682 // validate security token
683 //
684 sm_validate_security_token($submitted_token, 3600, TRUE);
685
686 if ($compose_new_win == '1') {
687 compose_Header($color, $mailbox);
688 } else {
689 displayPageHeader($color, $mailbox);
690 }
691
692 if (isset($delete) && is_array($delete)) {
693 foreach($delete as $index) {
694 if (!empty($composeMessage->entities) && isset($composeMessage->entities[$index])) {
695 $composeMessage->entities[$index]->purgeAttachments();
696 // FIXME: one person reported that unset() didn't do anything at all here, so this is a work-around... but it triggers PHP notices if the unset() doesn't work, which should be fixed... but bigger question is if unset() doesn't work here, what about everywhere else? Anyway, uncomment this if you think you need it
697 //$composeMessage->entities[$index] = NULL;
698 unset ($composeMessage->entities[$index]);
699 }
700 }
701 $new_entities = array();
702 foreach ($composeMessage->entities as $entity) {
703 $new_entities[] = $entity;
704 }
705 $composeMessage->entities = $new_entities;
706 }
707 showInputForm($session);
708 } else {
709 /*
710 * This handles the default case as well as the error case
711 * (they had the same code) --> if (isset($smtpErrors))
712 */
713
714 if ($compose_new_win == '1') {
715 compose_Header($color, $mailbox);
716 } else {
717 displayPageHeader($color, $mailbox);
718 }
719
720 $newmail = true;
721
722 if (!isset($passed_ent_id)) {
723 $passed_ent_id = '';
724 }
725 if (!isset($passed_id)) {
726 $passed_id = '';
727 }
728 if (!isset($mailbox)) {
729 $mailbox = '';
730 }
731 if (!isset($action)) {
732 $action = '';
733 }
734
735 $values = newMail($mailbox,$passed_id,$passed_ent_id, $action, $session);
736
737 // forward as attachment - subject is in the message in session
738 //
739 if ($action == 'forward_as_attachment' && empty($values['subject']))
740 $subject = $composeMessage->rfc822_header->subject;
741
742 /* in case the origin is not read_body.php */
743 if (isset($send_to)) {
744 $values['send_to'] = $send_to;
745 }
746 if (isset($send_to_cc)) {
747 $values['send_to_cc'] = $send_to_cc;
748 }
749 if (isset($send_to_bcc)) {
750 $values['send_to_bcc'] = $send_to_bcc;
751 }
752 if (isset($subject)) {
753 $values['subject'] = $subject;
754 }
755 showInputForm($session, $values);
756 }
757
758 exit();
759
760 /**************** Only function definitions go below *************/
761
762 function getforwardSubject($subject)
763 {
764 if ((substr(strtolower($subject), 0, 4) != 'fwd:') &&
765 (substr(strtolower($subject), 0, 5) != '[fwd:') &&
766 (substr(strtolower($subject), 0, 6) != '[ fwd:')) {
767 $subject = '[Fwd: ' . $subject . ']';
768 }
769 return $subject;
770 }
771
772 /* This function is used when not sending or adding attachments */
773 function newMail ($mailbox='', $passed_id='', $passed_ent_id='', $action='', $session='') {
774 global $editor_size, $default_use_priority, $body, $idents,
775 $use_signature, $data_dir, $username,
776 $key, $imapServerAddress, $imapPort,
777 $composeMessage, $body_quote, $request_mdn, $request_dr,
778 $mdn_user_support, $languages, $squirrelmail_language,
779 $default_charset;
780
781 /*
782 * Set $default_charset to correspond with the user's selection
783 * of language interface. $default_charset global is not correct,
784 * if message is composed in new window.
785 */
786 set_my_charset();
787
788 $send_to = $send_to_cc = $send_to_bcc = $subject = $identity = '';
789 $mailprio = 3;
790
791 if ($passed_id) {
792 $imapConnection = sqimap_login($username, false, $imapServerAddress,
793 $imapPort, 0);
794
795 sqimap_mailbox_select($imapConnection, $mailbox);
796 $message = sqimap_get_message($imapConnection, $passed_id, $mailbox);
797
798 $body = '';
799 if ($passed_ent_id) {
800 /* redefine the messsage in case of message/rfc822 */
801 $message = $message->getEntity($passed_ent_id);
802 /* message is an entity which contains the envelope and type0=message
803 * and type1=rfc822. The actual entities are childs from
804 * $message->entities[0]. That's where the encoding and is located
805 */
806
807 $entities = $message->entities[0]->findDisplayEntity
808 (array(), $alt_order = array('text/plain'));
809 if (!count($entities)) {
810 $entities = $message->entities[0]->findDisplayEntity
811 (array(), $alt_order = array('text/plain','text/html'));
812 }
813 $orig_header = $message->rfc822_header; /* here is the envelope located */
814 /* redefine the message for picking up the attachments */
815 $message = $message->entities[0];
816
817 } else {
818 $entities = $message->findDisplayEntity (array(), $alt_order = array('text/plain'));
819 if (!count($entities)) {
820 $entities = $message->findDisplayEntity (array(), $alt_order = array('text/plain','text/html'));
821 }
822 $orig_header = $message->rfc822_header;
823 }
824
825 $type0 = $message->type0;
826 $type1 = $message->type1;
827 foreach ($entities as $ent) {
828 $msg = $message->getEntity($ent);
829 $type0 = $msg->type0;
830 $type1 = $msg->type1;
831 $unencoded_bodypart = mime_fetch_body($imapConnection, $passed_id, $ent);
832 $body_part_entity = $message->getEntity($ent);
833 $bodypart = decodeBody($unencoded_bodypart,
834 $body_part_entity->header->encoding);
835 if ($type1 == 'html') {
836 $bodypart = str_replace("\n", ' ', $bodypart);
837 $bodypart = preg_replace(array('/<\/?p>/i','/<div><\/div>/i','/<br\s*(\/)*>/i','/<\/?div>/i'), "\n", $bodypart);
838 $bodypart = str_replace(array('&nbsp;','&gt;','&lt;'),array(' ','>','<'),$bodypart);
839 $bodypart = strip_tags($bodypart);
840 }
841 if (isset($languages[$squirrelmail_language]['XTRA_CODE']) &&
842 function_exists($languages[$squirrelmail_language]['XTRA_CODE'] . '_decode')) {
843 if (mb_detect_encoding($bodypart) != 'ASCII') {
844 $bodypart = call_user_func($languages[$squirrelmail_language]['XTRA_CODE'] . '_decode', $bodypart);
845 }
846 }
847
848 // charset encoding in compose form stuff
849 if (isset($body_part_entity->header->parameters['charset'])) {
850 $actual = $body_part_entity->header->parameters['charset'];
851 } else {
852 $actual = 'us-ascii';
853 }
854
855 if ( $actual && is_conversion_safe($actual) && $actual != $default_charset){
856 $bodypart = charset_convert($actual,$bodypart,$default_charset,false);
857 }
858 // end of charset encoding in compose
859
860 $body .= $bodypart;
861 }
862 if ($default_use_priority) {
863 $mailprio = substr($orig_header->priority,0,1);
864 if (!$mailprio) {
865 $mailprio = 3;
866 }
867 } else {
868 $mailprio = '';
869 }
870
871 $from_o = $orig_header->from;
872 if (is_array($from_o)) {
873 if (isset($from_o[0])) {
874 $from_o = $from_o[0];
875 }
876 }
877 if (is_object($from_o)) {
878 $orig_from = $from_o->getAddress();
879 } else {
880 $orig_from = '';
881 }
882
883 $identities = array();
884 if (count($idents) > 1) {
885 foreach($idents as $nr=>$data) {
886 $enc_from_name = '"'.$data['full_name'].'" <'. $data['email_address'].'>';
887 if(strtolower($enc_from_name) == strtolower($orig_from)) {
888 $identity = $nr;
889 // don't stop! need to build $identities array for idents match below
890 //break;
891 }
892 $identities[] = $enc_from_name;
893 }
894
895 $identity_match = $orig_header->findAddress($identities);
896 if ($identity_match) {
897 $identity = $identity_match;
898 }
899 }
900
901 switch ($action) {
902 case ('draft'):
903 $use_signature = FALSE;
904 $composeMessage->rfc822_header = $orig_header;
905 $send_to = decodeHeader($orig_header->getAddr_s('to'),false,false,true);
906 $send_to_cc = decodeHeader($orig_header->getAddr_s('cc'),false,false,true);
907 $send_to_bcc = decodeHeader($orig_header->getAddr_s('bcc'),false,false,true);
908 $send_from = $orig_header->getAddr_s('from');
909 $send_from_parts = new AddressStructure();
910 $send_from_parts = $orig_header->parseAddress($send_from);
911 $send_from_add = $send_from_parts->mailbox . '@' . $send_from_parts->host;
912 $identity = find_identity(array($send_from_add));
913 $subject = decodeHeader($orig_header->subject,false,false,true);
914
915 // Remember the receipt settings
916 $request_mdn = $mdn_user_support && !empty($orig_header->dnt) ? '1' : '0';
917 $request_dr = $mdn_user_support && !empty($orig_header->drnt) ? '1' : '0';
918
919 /* remember the references and in-reply-to headers in case of an reply */
920 //FIXME: it would be better to fiddle with headers inside of the message object or possibly when delivering the message to its destination (drafts folder?); is this possible?
921 $composeMessage->rfc822_header->more_headers['References'] = $orig_header->references;
922 $composeMessage->rfc822_header->more_headers['In-Reply-To'] = $orig_header->in_reply_to;
923 // rewrap the body to clean up quotations and line lengths
924 sqBodyWrap($body, $editor_size);
925 $composeMessage = getAttachments($message, $composeMessage, $passed_id, $entities, $imapConnection);
926 break;
927 case ('edit_as_new'):
928 $send_to = decodeHeader($orig_header->getAddr_s('to'),false,false,true);
929 $send_to_cc = decodeHeader($orig_header->getAddr_s('cc'),false,false,true);
930 $send_to_bcc = decodeHeader($orig_header->getAddr_s('bcc'),false,false,true);
931 $subject = decodeHeader($orig_header->subject,false,false,true);
932 $mailprio = $orig_header->priority;
933 $orig_from = '';
934 $composeMessage = getAttachments($message, $composeMessage, $passed_id, $entities, $imapConnection);
935 // rewrap the body to clean up quotations and line lengths
936 sqBodyWrap($body, $editor_size);
937 break;
938 case ('forward'):
939 $send_to = '';
940 $subject = getforwardSubject(decodeHeader($orig_header->subject,false,false,true));
941 $body = getforwardHeader($orig_header) . $body;
942 // the logic for calling sqUnWordWrap here would be to allow the browser to wrap the lines
943 // forwarded message text should be as undisturbed as possible, so commenting out this call
944 // sqUnWordWrap($body);
945 $composeMessage = getAttachments($message, $composeMessage, $passed_id, $entities, $imapConnection);
946
947 //add a blank line after the forward headers
948 $body = "\n" . $body;
949 break;
950 case ('forward_as_attachment'):
951 $subject = getforwardSubject(decodeHeader($orig_header->subject,false,false,true));
952 $composeMessage = getMessage_RFC822_Attachment($message, $composeMessage, $passed_id, $passed_ent_id, $imapConnection);
953 $subject = decodeHeader($orig_header->subject,false,false,true);
954 $subject = str_replace('"', "'", $subject);
955 $subject = trim($subject);
956 if (substr(strtolower($subject), 0, 4) != 'fwd:') {
957 $subject = 'Fwd: ' . $subject;
958 }
959 $body = '';
960 break;
961 case ('reply_all'):
962 if(isset($orig_header->mail_followup_to) && $orig_header->mail_followup_to) {
963 $send_to = $orig_header->getAddr_s('mail_followup_to');
964 } else {
965 $send_to_cc = replyAllString($orig_header);
966 $send_to_cc = decodeHeader($send_to_cc,false,false,true);
967 $send_to_cc = str_replace('""', '"', $send_to_cc);
968 }
969 case ('reply'):
970 // skip this if send_to was already set right above here
971 if(!$send_to) {
972 $send_to = $orig_header->reply_to;
973 if (is_array($send_to) && count($send_to)) {
974 $send_to = $orig_header->getAddr_s('reply_to', ',', FALSE, TRUE);
975 } else if (is_object($send_to)) { /* unneccesarry, just for failsafe purpose */
976 $send_to = $orig_header->getAddr_s('reply_to', ',', FALSE, TRUE);
977 } else {
978 $send_to = $orig_header->getAddr_s('from', ',', FALSE, TRUE);
979 }
980 }
981 $send_to = decodeHeader($send_to,false,false,true);
982 $send_to = str_replace('""', '"', $send_to);
983 $subject = decodeHeader($orig_header->subject,false,false,true);
984 $subject = str_replace('"', "'", $subject);
985 $subject = trim($subject);
986 if (substr(strtolower($subject), 0, 3) != 're:') {
987 $subject = 'Re: ' . $subject;
988 }
989 /* this corrects some wrapping/quoting problems on replies */
990 $rewrap_body = explode("\n", $body);
991 $from = (is_array($orig_header->from) && !empty($orig_header->from)) ? $orig_header->from[0] : $orig_header->from;
992 $body = '';
993 $strip_sigs = getPref($data_dir, $username, 'strip_sigs');
994 foreach ($rewrap_body as $line) {
995 if ($strip_sigs && rtrim($line, "\r\n") == '-- ') {
996 break;
997 }
998 if (preg_match("/^(>+)/", $line, $matches)) {
999 $gt = $matches[1];
1000 $body .= $body_quote . str_replace("\n", "\n$body_quote$gt ", rtrim($line)) ."\n";
1001 } else {
1002 $body .= $body_quote . (!empty($body_quote) ? ' ' : '') . str_replace("\n", "\n$body_quote" . (!empty($body_quote) ? ' ' : ''), rtrim($line)) . "\n";
1003 }
1004 }
1005
1006 //rewrap the body to clean up quotations and line lengths
1007 $body = sqBodyWrap ($body, $editor_size);
1008
1009 $body = getReplyCitation($from , $orig_header->date) . $body;
1010 $composeMessage->reply_rfc822_header = $orig_header;
1011
1012 break;
1013 default:
1014 break;
1015 }
1016 //FIXME: we used to register $compose_messages in the session here, but not any more - so do we still need the session_write_close() and sqimap_logout() here? We probably need the IMAP logout, but what about the session closure?
1017 session_write_close();
1018 sqimap_logout($imapConnection);
1019 }
1020 $ret = array( 'send_to' => $send_to,
1021 'send_to_cc' => $send_to_cc,
1022 'send_to_bcc' => $send_to_bcc,
1023 'subject' => $subject,
1024 'mailprio' => $mailprio,
1025 'body' => $body,
1026 'identity' => $identity );
1027
1028 return ($ret);
1029 } /* function newMail() */
1030
1031 /**
1032 * downloads attachments from original message, stores them in attachment directory and adds
1033 * them to composed message.
1034 * @param object $message
1035 * @param object $composeMessage
1036 * @param integer $passed_id
1037 * @param mixed $entities
1038 * @param mixed $imapConnection
1039 * @return object
1040 */
1041 function getAttachments($message, &$composeMessage, $passed_id, $entities, $imapConnection) {
1042 global $squirrelmail_language, $languages, $username, $attachment_dir;
1043
1044 if (!count($message->entities) ||
1045 ($message->type0 == 'message' && $message->type1 == 'rfc822')) {
1046 if ( !in_array($message->entity_id, $entities) && $message->entity_id) {
1047 switch ($message->type0) {
1048 case 'message':
1049 if ($message->type1 == 'rfc822') {
1050 $filename = $message->rfc822_header->subject;
1051 if ($filename == "") {
1052 $filename = "untitled-".$message->entity_id;
1053 }
1054 $filename .= '.eml';
1055 } else {
1056 $filename = $message->getFilename();
1057 }
1058 break;
1059 default:
1060 if (!$message->mime_header) { /* temporary hack */
1061 $message->mime_header = $message->header;
1062 }
1063 $filename = $message->getFilename();
1064 break;
1065 }
1066 //FIXME: added three args to the following, so as to set the last one to TRUE, to mimick a fix in 1.4.21 (#2994865), but didn't test this (note that in 1.4.21, the 2nd and 3rd args are FALSE, but here in this code, they weren't being specified (thus defaulting to TRUE), so I don't know if that means this code is outdated and should have been changed to FALSE, FALSE or if this code is completely different and the addition of the TRUE for arg #4 is wrong
1067 $filename = str_replace('&#32;', ' ', decodeHeader($filename, true, true, true));
1068 if (isset($languages[$squirrelmail_language]['XTRA_CODE']) &&
1069 function_exists($languages[$squirrelmail_language]['XTRA_CODE'] . '_encode')) {
1070 $filename = call_user_func($languages[$squirrelmail_language]['XTRA_CODE'] . '_encode', $filename);
1071 }
1072
1073 $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
1074 $localfilename = sq_get_attach_tempfile();
1075 $message->att_local_name = $localfilename;
1076
1077 $composeMessage->initAttachment($message->type0.'/'.$message->type1,$filename,
1078 $localfilename);
1079
1080 /* Write Attachment to file */
1081 $fp = fopen ($hashed_attachment_dir . '/' . $localfilename, 'wb');
1082 mime_print_body_lines ($imapConnection, $passed_id, $message->entity_id, $message->header->encoding, $fp);
1083 fclose ($fp);
1084 }
1085 } else {
1086 for ($i=0, $entCount=count($message->entities); $i<$entCount;$i++) {
1087 $composeMessage=getAttachments($message->entities[$i], $composeMessage, $passed_id, $entities, $imapConnection);
1088 }
1089 }
1090 return $composeMessage;
1091 }
1092
1093 function getMessage_RFC822_Attachment($message, $composeMessage, $passed_id,
1094 $passed_ent_id='', $imapConnection) {
1095 if (!$passed_ent_id) {
1096 $body_a = sqimap_run_command($imapConnection,
1097 'FETCH '.$passed_id.' RFC822',
1098 TRUE, $response, $readmessage,
1099 TRUE);
1100 } else {
1101 $body_a = sqimap_run_command($imapConnection,
1102 'FETCH '.$passed_id.' BODY['.$passed_ent_id.']',
1103 TRUE, $response, $readmessage, TRUE);
1104 $message = $message->parent;
1105 }
1106 if ($response == 'OK') {
1107 $subject = encodeHeader($message->rfc822_header->subject);
1108 array_shift($body_a);
1109 array_pop($body_a);
1110 $body = implode('', $body_a) . "\r\n";
1111
1112 global $username, $attachment_dir;
1113 $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
1114 $localfilename = sq_get_attach_tempfile();
1115 $fp = fopen($hashed_attachment_dir . '/' . $localfilename, 'wb');
1116 fwrite ($fp, $body);
1117 fclose($fp);
1118 $composeMessage->initAttachment('message/rfc822',$subject.'.eml',
1119 $localfilename);
1120 }
1121 return $composeMessage;
1122 }
1123
1124 function showInputForm ($session, $values=false) {
1125 global $send_to, $send_to_cc, $send_to_bcc,
1126 $body, $startMessage, $action, $attachments,
1127 $use_signature, $signature, $prefix_sig, $session_expired,
1128 $editor_size, $editor_height, $subject, $newmail,
1129 $use_javascript_addr_book, $passed_id, $mailbox, $fwduid,
1130 $from_htmladdr_search, $location_of_buttons, $attachment_dir,
1131 $username, $data_dir, $identity, $idents, $delete_draft,
1132 $mailprio, $compose_new_win, $saved_draft, $mail_sent, $sig_first,
1133 $composeMessage, $composesession, $default_charset,
1134 $compose_onsubmit, $oTemplate, $oErrorHandler;
1135
1136 if (checkForJavascript()) {
1137 $onfocus = ' onfocus="alreadyFocused=true;"';
1138 $onfocus_array = array('onfocus' => 'alreadyFocused=true;');
1139 }
1140 else {
1141 $onfocus = '';
1142 $onfocus_array = array();
1143 }
1144
1145 if ($values) {
1146 $send_to = $values['send_to'];
1147 $send_to_cc = $values['send_to_cc'];
1148 $send_to_bcc = $values['send_to_bcc'];
1149 $subject = $values['subject'];
1150 $mailprio = $values['mailprio'];
1151 $body = $values['body'];
1152 $identity = (int) $values['identity'];
1153 } else {
1154 $send_to = decodeHeader($send_to, true, false);
1155 $send_to_cc = decodeHeader($send_to_cc, true, false);
1156 $send_to_bcc = decodeHeader($send_to_bcc, true, false);
1157 }
1158
1159 if ($use_javascript_addr_book) {
1160 //FIXME: NO HTML IN CORE!
1161 echo "\n". '<script type="text/javascript">'."\n<!--\n" .
1162 'function open_abook() { ' . "\n" .
1163 ' var nwin = window.open("addrbook_popup.php","abookpopup",' .
1164 '"width=670,height=300,resizable=yes,scrollbars=yes");' . "\n" .
1165 ' if((!nwin.opener) && (document.windows != null))' . "\n" .
1166 ' nwin.opener = document.windows;' . "\n" .
1167 "}\n" .
1168 "// -->\n</script>\n\n";
1169 }
1170
1171 //FIXME: NO HTML IN CORE!
1172 echo "\n" . '<form name="compose" action="compose.php" method="post" ' .
1173 'enctype="multipart/form-data"';
1174
1175 $compose_onsubmit = array();
1176 global $null;
1177 do_hook('compose_form', $null);
1178
1179 // Plugins that use compose_form hook can add an array entry
1180 // to the globally scoped $compose_onsubmit; we add them up
1181 // here and format the form tag's full onsubmit handler.
1182 // Each plugin should use "return false" if they need to
1183 // stop form submission but otherwise should NOT use "return
1184 // true" to give other plugins the chance to do what they need
1185 // to do; SquirrelMail itself will add the final "return true".
1186 // Onsubmit text is enclosed inside of double quotes, so plugins
1187 // need to quote accordingly.
1188 if (checkForJavascript()) {
1189 if (empty($compose_onsubmit))
1190 $compose_onsubmit = array();
1191 else if (!is_array($compose_onsubmit))
1192 $compose_onsubmit = array($compose_onsubmit);
1193
1194 $onsubmit_text = '';
1195 foreach ($compose_onsubmit as $text) {
1196 $text = trim($text);
1197 if (!empty($text)) {
1198 if (substr($text, -1) != ';' && substr($text, -1) != '}')
1199 $text .= '; ';
1200 $onsubmit_text .= $text;
1201 }
1202 }
1203
1204 if (!empty($onsubmit_text))
1205 //FIXME: DON'T ECHO HTML FROM CORE!
1206 echo ' onsubmit="' . $onsubmit_text . ' return true;"';
1207 }
1208
1209
1210 //FIXME: NO HTML IN CORE!
1211 echo ">\n";
1212
1213 //FIXME: DON'T ECHO HTML FROM CORE!
1214 echo addHidden('smtoken', sm_generate_security_token());
1215
1216 //FIXME: DON'T ECHO HTML FROM CORE!
1217 echo addHidden('startMessage', $startMessage);
1218
1219 if ($action == 'draft') {
1220 //FIXME: DON'T ECHO HTML FROM CORE!
1221 echo addHidden('delete_draft', $passed_id);
1222 }
1223 if (isset($delete_draft)) {
1224 //FIXME: DON'T ECHO HTML FROM CORE!
1225 echo addHidden('delete_draft', $delete_draft);
1226 }
1227 if (isset($session)) {
1228 //FIXME: DON'T ECHO HTML FROM CORE!
1229 echo addHidden('session', $session);
1230 }
1231
1232 if (isset($passed_id)) {
1233 //FIXME: DON'T ECHO HTML FROM CORE!
1234 echo addHidden('passed_id', $passed_id);
1235 }
1236
1237 if (isset($fwduid)) {
1238 //FIXME: DON'T ECHO HTML FROM CORE!
1239 echo addHidden('fwduid', $fwduid);
1240 }
1241
1242 if ($saved_draft == 'yes') {
1243 $oTemplate->assign('note', _("Your draft has been saved."));
1244 $oTemplate->display('note.tpl');
1245 }
1246 if ($mail_sent == 'yes') {
1247 $oTemplate->assign('note', _("Your mail has been sent."));
1248 $oTemplate->display('note.tpl');
1249 }
1250 if ($compose_new_win == '1') {
1251 $oTemplate->display('compose_newwin_close.tpl');
1252 }
1253
1254 if ($location_of_buttons == 'top') {
1255 //FIXME: DON'T ECHO HTML FROM CORE!
1256 showComposeButtonRow();
1257 }
1258
1259 $identities = array();
1260 if (count($idents) > 1) {
1261 reset($idents);
1262 foreach($idents as $id => $data) {
1263 $identities[$id] = $data['full_name'].' &lt;'.$data['email_address'].'&gt;';
1264 }
1265 }
1266
1267 $oTemplate->assign('identities', $identities);
1268 $oTemplate->assign('identity_def', $identity);
1269 $oTemplate->assign('input_onfocus', 'onfocus="'.join(' ', $onfocus_array).'"');
1270
1271 $oTemplate->assign('to', htmlspecialchars($send_to));
1272 $oTemplate->assign('cc', htmlspecialchars($send_to_cc));
1273 $oTemplate->assign('bcc', htmlspecialchars($send_to_bcc));
1274 $oTemplate->assign('subject', htmlspecialchars($subject));
1275
1276 // access keys...
1277 //
1278 global $accesskey_compose_to, $accesskey_compose_cc,
1279 $accesskey_compose_identity, $accesskey_compose_bcc,
1280 $accesskey_compose_subject;
1281 $oTemplate->assign('accesskey_compose_identity', $accesskey_compose_identity);
1282 $oTemplate->assign('accesskey_compose_to', $accesskey_compose_to);
1283 $oTemplate->assign('accesskey_compose_cc', $accesskey_compose_cc);
1284 $oTemplate->assign('accesskey_compose_bcc', $accesskey_compose_bcc);
1285 $oTemplate->assign('accesskey_compose_subject', $accesskey_compose_subject);
1286
1287 $oTemplate->display('compose_header.tpl');
1288
1289 if ($location_of_buttons == 'between') {
1290 //FIXME: DON'T ECHO HTML FROM CORE!
1291 showComposeButtonRow();
1292 }
1293
1294 $body_str = '';
1295 if ($use_signature == true && $newmail == true && !isset($from_htmladdr_search)) {
1296 $signature = $idents[$identity]['signature'];
1297
1298 if ($sig_first == '1') {
1299 /*
1300 * FIXME: test is specific to ja_JP translation implementation.
1301 * This test might apply incorrect conversion to other translations, but
1302 * use of 7bit iso-2022-jp charset in other translations might have other
1303 * issues too.
1304 */
1305 if ($default_charset == 'iso-2022-jp') {
1306 $body_str = "\n\n".($prefix_sig==true? "-- \n":'').mb_convert_encoding($signature, 'EUC-JP');
1307 } else {
1308 $body_str = "\n\n".($prefix_sig==true? "-- \n":'').decodeHeader($signature,false,false);
1309 }
1310 $body_str .= "\n\n".htmlspecialchars(decodeHeader($body,false,false));
1311 } else {
1312 $body_str = "\n\n".htmlspecialchars(decodeHeader($body,false,false));
1313 // FIXME: test is specific to ja_JP translation implementation. See above comments.
1314 if ($default_charset == 'iso-2022-jp') {
1315 $body_str .= "\n\n".($prefix_sig==true? "-- \n":'').mb_convert_encoding($signature, 'EUC-JP');
1316 } else {
1317 $body_str .= "\n\n".($prefix_sig==true? "-- \n":'').decodeHeader($signature,false,false);
1318 }
1319 }
1320 } else {
1321 $body_str = htmlspecialchars(decodeHeader($body,false,false));
1322 }
1323
1324 $oTemplate->assign('editor_width', (int)$editor_size);
1325 $oTemplate->assign('editor_height', (int)$editor_height);
1326 $oTemplate->assign('input_onfocus', 'onfocus="'.join(' ', $onfocus_array).'"');
1327 $oTemplate->assign('body', $body_str);
1328 $oTemplate->assign('show_bottom_send', $location_of_buttons!='bottom');
1329
1330 // access keys...
1331 //
1332 global $accesskey_compose_body, $accesskey_compose_send;
1333 $oTemplate->assign('accesskey_compose_body', $accesskey_compose_body);
1334 $oTemplate->assign('accesskey_compose_send', $accesskey_compose_send);
1335
1336 $oTemplate->display ('compose_body.tpl');
1337
1338 if ($location_of_buttons == 'bottom') {
1339 //FIXME: DON'T ECHO HTML FROM CORE!
1340 showComposeButtonRow();
1341 }
1342
1343 // composeMessage can be empty when coming from a restored session
1344 if (is_object($composeMessage) && $composeMessage->entities)
1345 $attach_array = $composeMessage->entities;
1346 if ($session_expired && !empty($attachments) && is_array($attachments))
1347 $attach_array = $attachments;
1348
1349 /* This code is for attachments */
1350 if ((bool) ini_get('file_uploads')) {
1351
1352 /* Calculate the max size for an uploaded file.
1353 * This is advisory for the user because we can't actually prevent
1354 * people to upload too large files. */
1355 $sizes = array();
1356 /* php.ini vars which influence the max for uploads */
1357 $configvars = array('post_max_size', 'memory_limit', 'upload_max_filesize');
1358 foreach($configvars as $var) {
1359 /* skip 0 or empty values, and -1 which means 'unlimited' */
1360 if( $size = getByteSize(ini_get($var)) ) {
1361 if ( $size != '-1' ) {
1362 $sizes[] = $size;
1363 }
1364 }
1365 }
1366
1367 $attach = array();
1368 global $username, $attachment_dir;
1369 $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
1370 if (!empty($attach_array)) {
1371 foreach ($attach_array as $key => $attachment) {
1372 $attached_file = $attachment->att_local_name;
1373 if ($attachment->att_local_name || $attachment->body_part) {
1374 $attached_filename = decodeHeader($attachment->mime_header->getParameter('name'));
1375 $type = $attachment->mime_header->type0.'/'.
1376 $attachment->mime_header->type1;
1377
1378 $a = array();
1379 $a['Key'] = $key;
1380 $a['FileName'] = $attached_filename;
1381 $a['ContentType'] = $type;
1382 $a['Size'] = filesize($hashed_attachment_dir . '/' . $attached_file);
1383 $attach[$key] = $a;
1384 }
1385 }
1386 }
1387
1388 $max = min($sizes);
1389 $oTemplate->assign('max_file_size', empty($max) ? -1 : $max);
1390 $oTemplate->assign('attachments', $attach);
1391
1392 // access keys...
1393 //
1394 global $accesskey_compose_attach_browse, $accesskey_compose_attach,
1395 $accesskey_compose_delete_attach;
1396 $oTemplate->assign('accesskey_compose_attach_browse', $accesskey_compose_attach_browse);
1397 $oTemplate->assign('accesskey_compose_attach', $accesskey_compose_attach);
1398 $oTemplate->assign('accesskey_compose_delete_attach', $accesskey_compose_delete_attach);
1399
1400 $oTemplate->display('compose_attachments.tpl');
1401 } // End of file_uploads if-block
1402 /* End of attachment code */
1403
1404 $oTemplate->assign('username', $username);
1405 $oTemplate->assign('smaction', $action);
1406 $oTemplate->assign('mailbox', $mailbox);
1407 sqgetGlobalVar('QUERY_STRING', $queryString, SQ_SERVER);
1408 $oTemplate->assign('querystring', $queryString);
1409 $oTemplate->assign('composesession', $composesession);
1410 $oTemplate->assign('send_button_count', unique_widget_name('send', TRUE));
1411 if (!empty($attach_array))
1412 $oTemplate->assign('attachments', urlencode(serialize($attach_array)));
1413
1414 $aUserNotices = array();
1415
1416 // File uploads are off, so we didn't show that part of the form.
1417 // To avoid bogus bug reports, tell the user why.
1418 if (!(bool) ini_get('file_uploads')) {
1419 $aUserNotices[] = _("Because PHP file uploads are turned off, you can not attach files to this message. Please see your system administrator for details.");
1420 }
1421
1422 $oTemplate->assign('user_notices', $aUserNotices);
1423
1424 $oTemplate->display('compose_form_close.tpl');
1425
1426 if ($compose_new_win=='1') {
1427 $oTemplate->display('compose_newwin_close.tpl');
1428 }
1429
1430 $oErrorHandler->setDelayedErrors(false);
1431 $oTemplate->display('footer.tpl');
1432 }
1433
1434
1435 function showComposeButtonRow() {
1436 global $use_javascript_addr_book, $save_as_draft,
1437 $default_use_priority, $mailprio, $default_use_mdn,
1438 $request_mdn, $request_dr,
1439 $data_dir, $username;
1440
1441 global $oTemplate, $buffer_hook;
1442
1443 if ($default_use_priority) {
1444 $priorities = array('1'=>_("High"), '3'=>_("Normal"), '5'=>_("Low"));
1445 $priority = isset($mailprio) ? $mailprio : 3;
1446 } else {
1447 $priorities = array();
1448 $priority = NULL;
1449 }
1450
1451 $mdn_user_support=getPref($data_dir, $username, 'mdn_user_support',$default_use_mdn);
1452
1453 $address_book_button_attribs = array();
1454 global $accesskey_compose_addresses;
1455 if ($accesskey_compose_addresses != 'NONE')
1456 $address_book_button_attribs['accesskey'] = $accesskey_compose_addresses;
1457 if ($use_javascript_addr_book && checkForJavascript()) {
1458 $addr_book = addButton(_("Addresses"),
1459 null,
1460 array_merge($address_book_button_attribs, array('onclick' => 'javascript:open_abook();')));
1461 } else {
1462 $addr_book = addSubmit(_("Addresses"), 'html_addr_search', $address_book_button_attribs);
1463 }
1464
1465 $oTemplate->assign('allow_priority', $default_use_priority==1);
1466 $oTemplate->assign('priority_list', $priorities);
1467 $oTemplate->assign('current_priority', $priority);
1468
1469 $oTemplate->assign('notifications_enabled', $mdn_user_support==1);
1470 $oTemplate->assign('read_receipt', $request_mdn=='1');
1471 $oTemplate->assign('delivery_receipt', $request_dr=='1');
1472
1473 $oTemplate->assign('drafts_enabled', $save_as_draft);
1474 $oTemplate->assign('address_book_button', $addr_book);
1475
1476 // access keys...
1477 //
1478 global $accesskey_compose_priority, $accesskey_compose_on_read,
1479 $accesskey_compose_on_delivery, $accesskey_compose_signature,
1480 $accesskey_compose_save_draft, $accesskey_compose_send;
1481 $oTemplate->assign('accesskey_compose_priority', $accesskey_compose_priority);
1482 $oTemplate->assign('accesskey_compose_on_read', $accesskey_compose_on_read);
1483 $oTemplate->assign('accesskey_compose_on_delivery', $accesskey_compose_on_delivery);
1484 $oTemplate->assign('accesskey_compose_signature', $accesskey_compose_signature);
1485 $oTemplate->assign('accesskey_compose_save_draft', $accesskey_compose_save_draft);
1486 $oTemplate->assign('accesskey_compose_send', $accesskey_compose_send);
1487
1488 $oTemplate->display('compose_buttons.tpl');
1489 }
1490
1491 function checkInput ($show) {
1492 /*
1493 * I implemented the $show variable because the error messages
1494 * were getting sent before the page header. So, I check once
1495 * using $show=false, and then when i'm ready to display the error
1496 * message, show=true
1497 */
1498 global $send_to, $send_to_cc, $send_to_bcc;
1499
1500 $send_to = trim($send_to);
1501 $send_to_cc = trim($send_to_cc);
1502 $send_to_bcc = trim($send_to_bcc);
1503 if (empty($send_to) && empty($send_to_cc) && empty($send_to_bcc)) {
1504 if ($show) {
1505 plain_error_message(_("You have not filled in the \"To:\" field."));
1506 }
1507 return false;
1508 }
1509 return true;
1510 } /* function checkInput() */
1511
1512
1513 /* True if FAILURE */
1514 function saveAttachedFiles($session) {
1515 global $composeMessage, $username, $attachment_dir;
1516
1517 /* get out of here if no file was attached at all */
1518 if (! is_uploaded_file($_FILES['attachfile']['tmp_name']) ) {
1519 return true;
1520 }
1521
1522 $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
1523 $localfilename = sq_get_attach_tempfile();
1524 $fullpath = $hashed_attachment_dir . '/' . $localfilename;
1525
1526 // m_u_f works better with restricted PHP installs (safe_mode, open_basedir),
1527 // if that doesn't work, try a simple rename.
1528 if (!sq_call_function_suppress_errors('move_uploaded_file', array($_FILES['attachfile']['tmp_name'], $fullpath))) {
1529 if (!sq_call_function_suppress_errors('rename', array($_FILES['attachfile']['tmp_name'], $fullpath))) {
1530 return true;
1531 }
1532 }
1533 $type = strtolower($_FILES['attachfile']['type']);
1534 $name = $_FILES['attachfile']['name'];
1535 $composeMessage->initAttachment($type, $name, $localfilename);
1536 }
1537
1538 /**
1539 * Parse strings such as "8M" and "2k" into their corresponding size in bytes
1540 *
1541 * NOTE: This function only recognizes the suffixes "K", "M" and "G"
1542 * and will probably break very easily if the given size is in
1543 * some completely different format.
1544 *
1545 * @param string $ini_size The input string to be converted
1546 *
1547 * @return mixed Boolean FALSE if something went wrong (the value passed in
1548 * was empty?, the suffix was not recognized?), otherwise, the
1549 * converted size in bytes (just the number (as an integer),
1550 * no unit identifier included)
1551 *
1552 */
1553 function getByteSize($ini_size) {
1554
1555 if(!$ini_size) {
1556 return FALSE;
1557 }
1558
1559 $ini_size = trim($ini_size);
1560
1561 // if there's some kind of letter at the end of the string we need to multiply.
1562 if(!is_numeric(substr($ini_size, -1))) {
1563
1564 switch(strtoupper(substr($ini_size, -1))) {
1565 case 'G':
1566 $bytesize = 1073741824;
1567 break;
1568 case 'M':
1569 $bytesize = 1048576;
1570 break;
1571 case 'K':
1572 $bytesize = 1024;
1573 break;
1574 default:
1575 return FALSE;
1576 }
1577
1578 return ($bytesize * (int)substr($ini_size, 0, -1));
1579 }
1580
1581 return $ini_size;
1582 }
1583
1584
1585 /**
1586 * temporary function to make use of the deliver class.
1587 * In the future the responsible backend should be automaticly loaded
1588 * and conf.pl should show a list of available backends.
1589 * The message also should be constructed by the message class.
1590 *
1591 * @param object $composeMessage The message being sent. Please note
1592 * that it is passed by reference and
1593 * will be returned modified, with additional
1594 * headers, such as Message-ID, Date, In-Reply-To,
1595 * References, and so forth.
1596 *
1597 * @return boolean FALSE if delivery failed, or some non-FALSE value
1598 * upon success.
1599 *
1600 */
1601 function deliverMessage(&$composeMessage, $draft=false) {
1602 global $send_to, $send_to_cc, $send_to_bcc, $mailprio, $subject, $body,
1603 $username, $identity, $idents, $data_dir,
1604 $request_mdn, $request_dr, $default_charset, $useSendmail,
1605 $domain, $action, $default_move_to_sent, $move_to_sent,
1606 $imapServerAddress, $imapPort, $sent_folder, $key;
1607
1608 $rfc822_header = $composeMessage->rfc822_header;
1609
1610 $abook = addressbook_init(false, true);
1611 $rfc822_header->to = $rfc822_header->parseAddress($send_to,true, array(), '', $domain, array(&$abook,'lookup'));
1612 $rfc822_header->cc = $rfc822_header->parseAddress($send_to_cc,true,array(), '',$domain, array(&$abook,'lookup'));
1613 $rfc822_header->bcc = $rfc822_header->parseAddress($send_to_bcc,true, array(), '',$domain, array(&$abook,'lookup'));
1614 $rfc822_header->priority = $mailprio;
1615 $rfc822_header->subject = $subject;
1616
1617 $special_encoding='';
1618 if (strtolower($default_charset) == 'iso-2022-jp') {
1619 if (mb_detect_encoding($body) == 'ASCII') {
1620 $special_encoding = '8bit';
1621 } else {
1622 $body = mb_convert_encoding($body, 'JIS');
1623 $special_encoding = '7bit';
1624 }
1625 }
1626 $composeMessage->setBody($body);
1627
1628 $reply_to = '';
1629 $reply_to = $idents[$identity]['reply_to'];
1630 if (strpos($reply_to, '@') === FALSE)
1631 $reply_to .= '@' . $domain;
1632
1633 $from_addr = build_from_header($identity);
1634 $rfc822_header->from = $rfc822_header->parseAddress($from_addr,true);
1635 if ($reply_to) {
1636 $rfc822_header->reply_to = $rfc822_header->parseAddress($reply_to,true);
1637 }
1638 /* Receipt: On Read */
1639 if (isset($request_mdn) && $request_mdn) {
1640 $rfc822_header->dnt = $rfc822_header->parseAddress($from_addr,true);
1641 } elseif (isset($rfc822_header->dnt)) {
1642 unset($rfc822_header->dnt);
1643 }
1644
1645 /* Receipt: On Delivery */
1646 if (!empty($request_dr)) {
1647 //FIXME: it would be better to fiddle with headers inside of the message object or possibly when delivering the message to its destination; is this possible?
1648 $rfc822_header->more_headers['Return-Receipt-To'] = $from_addr;
1649 } elseif (isset($rfc822_header->more_headers['Return-Receipt-To'])) {
1650 unset($rfc822_header->more_headers['Return-Receipt-To']);
1651 }
1652
1653 /* multipart messages */
1654 if (count($composeMessage->entities)) {
1655 $message_body = new Message();
1656 $message_body->body_part = $composeMessage->body_part;
1657 $composeMessage->body_part = '';
1658 $mime_header = new MessageHeader;
1659 $mime_header->type0 = 'text';
1660 $mime_header->type1 = 'plain';
1661 if ($special_encoding) {
1662 $mime_header->encoding = $special_encoding;
1663 } else {
1664 $mime_header->encoding = '8bit';
1665 }
1666 if ($default_charset) {
1667 $mime_header->parameters['charset'] = $default_charset;
1668 }
1669 $message_body->mime_header = $mime_header;
1670 array_unshift($composeMessage->entities, $message_body);
1671 $content_type = new ContentType('multipart/mixed');
1672 } else {
1673 $content_type = new ContentType('text/plain');
1674 if ($special_encoding) {
1675 $rfc822_header->encoding = $special_encoding;
1676 } else {
1677 $rfc822_header->encoding = '8bit';
1678 }
1679 if ($default_charset) {
1680 $content_type->properties['charset']=$default_charset;
1681 }
1682 }
1683
1684 $rfc822_header->content_type = $content_type;
1685 $composeMessage->rfc822_header = $rfc822_header;
1686 if ($action == 'reply' || $action == 'reply_all') {
1687 global $passed_id, $passed_ent_id;
1688 $reply_id = $passed_id;
1689 $reply_ent_id = $passed_ent_id;
1690 } else {
1691 $reply_id = '';
1692 $reply_ent_id = '';
1693 }
1694
1695 /* Here you can modify the message structure just before we hand
1696 it over to deliver; plugin authors note that $composeMessage
1697 is sent and modified by reference since 1.5.2 */
1698 do_hook('compose_send', $composeMessage);
1699
1700 if (!$useSendmail && !$draft) {
1701 require_once(SM_PATH . 'class/deliver/Deliver_SMTP.class.php');
1702 $deliver = new Deliver_SMTP();
1703 global $smtpServerAddress, $smtpPort, $pop_before_smtp, $pop_before_smtp_host;
1704
1705 $authPop = (isset($pop_before_smtp) && $pop_before_smtp) ? true : false;
1706 if (empty($pop_before_smtp_host)) $pop_before_smtp_host = $smtpServerAddress;
1707 get_smtp_user($user, $pass);
1708 $stream = $deliver->initStream($composeMessage,$domain,0,
1709 $smtpServerAddress, $smtpPort, $user, $pass, $authPop, $pop_before_smtp_host);
1710 } elseif (!$draft) {
1711 require_once(SM_PATH . 'class/deliver/Deliver_SendMail.class.php');
1712 global $sendmail_path, $sendmail_args;
1713 // Check for outdated configuration
1714 if (!isset($sendmail_args)) {
1715 if ($sendmail_path=='/var/qmail/bin/qmail-inject') {
1716 $sendmail_args = '';
1717 } else {
1718 $sendmail_args = '-i -t';
1719 }
1720 }
1721 $deliver = new Deliver_SendMail(array('sendmail_args'=>$sendmail_args));
1722 $stream = $deliver->initStream($composeMessage,$sendmail_path);
1723 } elseif ($draft) {
1724 global $draft_folder;
1725 $imap_stream = sqimap_login($username, false, $imapServerAddress,
1726 $imapPort, 0);
1727 if (sqimap_mailbox_exists ($imap_stream, $draft_folder)) {
1728 require_once(SM_PATH . 'class/deliver/Deliver_IMAP.class.php');
1729 $imap_deliver = new Deliver_IMAP();
1730 $success = $imap_deliver->mail($composeMessage, $imap_stream, $reply_id, $reply_ent_id, $imap_stream, $draft_folder);
1731 sqimap_logout($imap_stream);
1732 unset ($imap_deliver);
1733 $composeMessage->purgeAttachments();
1734 return $success;
1735 } else {
1736 $msg = '<br />'.sprintf(_("Error: Draft folder %s does not exist."), htmlspecialchars($draft_folder));
1737 plain_error_message($msg);
1738 return false;
1739 }
1740 }
1741 $success = false;
1742 if ($stream) {
1743 $deliver->mail($composeMessage, $stream, $reply_id, $reply_ent_id);
1744 $success = $deliver->finalizeStream($stream);
1745 }
1746 if (!$success) {
1747 // $deliver->dlv_server_msg is not always server's reply
1748 $msg = _("Message not sent.") . "<br />\n" .
1749 $deliver->dlv_msg;
1750 if (!empty($deliver->dlv_server_msg)) {
1751 // add 'server replied' part only when it is not empty.
1752 // Delivery error can be generated by delivery class itself
1753 $msg.='<br />' .
1754 _("Server replied:") . ' ' . $deliver->dlv_ret_nr . ' ' .
1755 nl2br(htmlspecialchars($deliver->dlv_server_msg));
1756 }
1757 plain_error_message($msg);
1758 } else {
1759 unset ($deliver);
1760 $imap_stream = sqimap_login($username, false, $imapServerAddress, $imapPort, 0);
1761
1762
1763 // mark as replied or forwarded if applicable
1764 //
1765 global $what, $iAccount, $startMessage, $passed_id, $fwduid, $mailbox;
1766
1767 if ($action=='reply' || $action=='reply_all' || $action=='forward' || $action=='forward_as_attachment') {
1768 require(SM_PATH . 'functions/mailbox_display.php');
1769 $aMailbox = sqm_api_mailbox_select($imap_stream, $iAccount, $mailbox,array('setindex' => $what, 'offset' => $startMessage),array());
1770 switch($action) {
1771 case 'reply':
1772 case 'reply_all':
1773 // check if we are allowed to set the \\Answered flag
1774 if (in_array('\\answered',$aMailbox['PERMANENTFLAGS'], true)) {
1775 $aUpdatedMsgs = sqimap_toggle_flag($imap_stream, array($passed_id), '\\Answered', true, false);
1776 if (isset($aUpdatedMsgs[$passed_id]['FLAGS'])) {
1777 /**
1778 * Only update the cached headers if the header is
1779 * cached.
1780 */
1781 if (isset($aMailbox['MSG_HEADERS'][$passed_id])) {
1782 $aMailbox['MSG_HEADERS'][$passed_id]['FLAGS'] = $aMsg['FLAGS'];
1783 }
1784 }
1785 }
1786 break;
1787 case 'forward':
1788 case 'forward_as_attachment':
1789 // check if we are allowed to set the $Forwarded flag (RFC 4550 paragraph 2.8)
1790 if (in_array('$forwarded',$aMailbox['PERMANENTFLAGS'], true) ||
1791 in_array('\\*',$aMailbox['PERMANENTFLAGS'])) {
1792
1793 // when forwarding as an attachment from the message
1794 // list, passed_id is not used, need to get UID(s)
1795 // from the query string
1796 //
1797 if (empty($passed_id) && !empty($fwduid))
1798 $ids = explode('_', $fwduid);
1799 else
1800 $ids = array($passed_id);
1801
1802 $aUpdatedMsgs = sqimap_toggle_flag($imap_stream, $ids, '$Forwarded', true, false);
1803
1804 foreach ($ids as $id) {
1805 if (isset($aUpdatedMsgs[$id]['FLAGS'])) {
1806 if (isset($aMailbox['MSG_HEADERS'][$id])) {
1807 $aMailbox['MSG_HEADERS'][$id]['FLAGS'] = $aMsg['FLAGS'];
1808 }
1809 }
1810 }
1811 }
1812 break;
1813 }
1814
1815 /**
1816 * Write mailbox with updated seen flag information back to cache.
1817 */
1818 if(isset($aUpdatedMsgs[$passed_id])) {
1819 $mailbox_cache[$iAccount.'_'.$aMailbox['NAME']] = $aMailbox;
1820 sqsession_register($mailbox_cache,'mailbox_cache');
1821 }
1822
1823 }
1824
1825
1826 // move to sent folder
1827 //
1828 $move_to_sent = getPref($data_dir,$username,'move_to_sent');
1829 if (isset($default_move_to_sent) && ($default_move_to_sent != 0)) {
1830 $svr_allow_sent = true;
1831 } else {
1832 $svr_allow_sent = false;
1833 }
1834
1835 if (isset($sent_folder) && (($sent_folder != '') || ($sent_folder != 'none'))
1836 && sqimap_mailbox_exists( $imap_stream, $sent_folder)) {
1837 $fld_sent = true;
1838 } else {
1839 $fld_sent = false;
1840 }
1841
1842 if ((isset($move_to_sent) && ($move_to_sent != 0)) || (!isset($move_to_sent))) {
1843 $lcl_allow_sent = true;
1844 } else {
1845 $lcl_allow_sent = false;
1846 }
1847
1848 if (($fld_sent && $svr_allow_sent && !$lcl_allow_sent) || ($fld_sent && $lcl_allow_sent)) {
1849 if ($action == 'reply' || $action == 'reply_all') {
1850 $save_reply_with_orig=getPref($data_dir,$username,'save_reply_with_orig');
1851 if ($save_reply_with_orig) {
1852 $sent_folder = $mailbox;
1853 }
1854 }
1855 require_once(SM_PATH . 'class/deliver/Deliver_IMAP.class.php');
1856 $imap_deliver = new Deliver_IMAP();
1857 $imap_deliver->mail($composeMessage, $imap_stream, $reply_id, $reply_ent_id, $imap_stream, $sent_folder);
1858 unset ($imap_deliver);
1859 }
1860
1861
1862 // final cleanup
1863 //
1864 $composeMessage->purgeAttachments();
1865 sqimap_logout($imap_stream);
1866
1867 }
1868 return $success;
1869 }