b0a1e99ff2e6aa29f92fd088d78fdaacd0bcdad4
[squirrelmail.git] / src / compose.php
1 <?php
2 /**
3 * compose.php
4 *
5 * This code sends a mail.
6 *
7 * There are 4 modes of operation:
8 * - Start new mail
9 * - Add an attachment
10 * - Send mail
11 * - Save As Draft
12 *
13 * @copyright 1999-2013 The SquirrelMail Project Team
14 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
15 * @version $Id$
16 * @package squirrelmail
17 */
18
19 /** This is the compose page */
20 define('PAGE_NAME', 'compose');
21
22 /**
23 * Include the SquirrelMail initialization file.
24 */
25 require('../include/init.php');
26
27 /* If email_address not set and admin wants us to ask user for it,
28 * redirect to options page. */
29 if ( $ask_user_info && getPref($data_dir, $username,'email_address') == "" ) {
30 header("Location: " . get_location() . "/options.php?optpage=personal");
31 exit;
32 }
33
34 /* SquirrelMail required files. */
35 require_once(SM_PATH . 'functions/imap_general.php');
36 require_once(SM_PATH . 'functions/imap_messages.php');
37 require_once(SM_PATH . 'functions/date.php');
38 require_once(SM_PATH . 'functions/mime.php');
39 require_once(SM_PATH . 'functions/compose.php');
40 require_once(SM_PATH . 'class/deliver/Deliver.class.php');
41 require_once(SM_PATH . 'functions/addressbook.php');
42 require_once(SM_PATH . 'functions/forms.php');
43 require_once(SM_PATH . 'functions/identity.php');
44
45 /* --------------------- Get globals ------------------------------------- */
46
47 /** SESSION VARS */
48 sqgetGlobalVar('delimiter', $delimiter, SQ_SESSION);
49
50 sqgetGlobalVar('delayed_errors', $delayed_errors, SQ_SESSION);
51 sqgetGlobalVar('composesession', $composesession, SQ_SESSION);
52 sqgetGlobalVar('compose_messages', $compose_messages, SQ_SESSION);
53
54 // compose_messages only useful in SESSION when a forward-as-attachment
55 // has been preconstructed for us and passed in via that mechanism; once
56 // we have it, we can clear it from the SESSION
57 sqsession_unregister('compose_messages');
58
59 // Turn on delayed error handling in case we wind up redirecting below
60 $oErrorHandler->setDelayedErrors(true);
61
62 /** SESSION/POST/GET VARS */
63 sqgetGlobalVar('send_button_count', $send_button_count, SQ_POST, 1, SQ_TYPE_INT);
64 for ($i = 1; $i <= $send_button_count; $i++)
65 if (sqgetGlobalVar('send' . $i, $send, SQ_POST)) break;
66 // Send can only be achieved by setting $_POST var. If Send = true then
67 // retrieve other form fields from $_POST
68 if (isset($send) && $send) {
69 $SQ_GLOBAL = SQ_POST;
70 } else {
71 $SQ_GLOBAL = SQ_FORM;
72 }
73 sqgetGlobalVar('session',$session, $SQ_GLOBAL);
74 sqgetGlobalVar('mailbox',$mailbox, $SQ_GLOBAL);
75 if(!sqgetGlobalVar('identity',$identity, $SQ_GLOBAL)) {
76 $identity=0;
77 }
78 sqgetGlobalVar('send_to',$send_to, $SQ_GLOBAL);
79 sqgetGlobalVar('send_to_cc',$send_to_cc, $SQ_GLOBAL);
80 sqgetGlobalVar('send_to_bcc',$send_to_bcc, $SQ_GLOBAL);
81 sqgetGlobalVar('subject',$subject, $SQ_GLOBAL);
82 sqgetGlobalVar('body',$body, $SQ_GLOBAL);
83 sqgetGlobalVar('mailprio',$mailprio, $SQ_GLOBAL);
84 sqgetGlobalVar('request_mdn',$request_mdn, $SQ_GLOBAL);
85 sqgetGlobalVar('request_dr',$request_dr, $SQ_GLOBAL);
86 sqgetGlobalVar('html_addr_search',$html_addr_search, $SQ_GLOBAL);
87 sqgetGlobalVar('mail_sent',$mail_sent, $SQ_GLOBAL);
88 sqgetGlobalVar('passed_id',$passed_id, $SQ_GLOBAL, NULL, SQ_TYPE_BIGINT);
89 sqgetGlobalVar('passed_ent_id',$passed_ent_id, $SQ_GLOBAL);
90 sqgetGlobalVar('fwduid',$fwduid, $SQ_GLOBAL, '');
91
92 sqgetGlobalVar('attach',$attach, SQ_POST);
93 sqgetGlobalVar('draft',$draft, SQ_POST);
94 sqgetGlobalVar('draft_id',$draft_id, $SQ_GLOBAL);
95 sqgetGlobalVar('ent_num',$ent_num, $SQ_GLOBAL);
96 sqgetGlobalVar('saved_draft',$saved_draft, SQ_FORM);
97
98 if ( sqgetGlobalVar('delete_draft',$delete_draft) ) {
99 $delete_draft = (int)$delete_draft;
100 }
101
102 if ( sqgetGlobalVar('startMessage',$startMessage) ) {
103 $startMessage = (int)$startMessage;
104 } else {
105 $startMessage = 1;
106 }
107
108
109 /** POST VARS */
110 sqgetGlobalVar('sigappend', $sigappend, SQ_POST);
111 sqgetGlobalVar('from_htmladdr_search', $from_htmladdr_search, SQ_POST);
112 sqgetGlobalVar('addr_search_done', $html_addr_search_done, SQ_POST);
113 sqgetGlobalVar('addr_search_cancel', $html_addr_search_cancel, SQ_POST);
114 sqgetGlobalVar('send_to_search', $send_to_search, SQ_POST);
115 sqgetGlobalVar('do_delete', $do_delete, SQ_POST);
116 sqgetGlobalVar('delete', $delete, SQ_POST);
117 sqgetGlobalVar('attachments', $attachments, SQ_POST);
118 if ( sqgetGlobalVar('return', $temp, SQ_POST) ) {
119 $html_addr_search_done = 'Use Addresses';
120 }
121
122 /** GET VARS */
123 if ( sqgetGlobalVar('account', $temp, SQ_GET) ) {
124 $iAccount = (int) $temp;
125 } else {
126 $iAccount = 0;
127 }
128
129
130 /** get smaction */
131 if ( !sqgetGlobalVar('smaction',$action) )
132 {
133 if ( sqgetGlobalVar('smaction_reply',$tmp) ) $action = 'reply';
134 if ( sqgetGlobalVar('smaction_reply_all',$tmp) ) $action = 'reply_all';
135 if ( sqgetGlobalVar('smaction_forward',$tmp) ) $action = 'forward';
136 if ( sqgetGlobalVar('smaction_attache',$tmp) ) $action = 'forward_as_attachment';
137 if ( sqgetGlobalVar('smaction_draft',$tmp) ) $action = 'draft';
138 if ( sqgetGlobalVar('smaction_edit_new',$tmp) ) $action = 'edit_as_new';
139 }
140
141 sqgetGlobalVar('smtoken', $submitted_token, $SQ_GLOBAL, '');
142
143 /**
144 * Here we decode the data passed in from mailto.php.
145 */
146 if ( sqgetGlobalVar('mailtodata', $mailtodata, SQ_GET) ) {
147 $trtable = array('to' => 'send_to',
148 'cc' => 'send_to_cc',
149 'bcc' => 'send_to_bcc',
150 'body' => 'body',
151 'subject' => 'subject');
152 $mtdata = unserialize($mailtodata);
153
154 foreach ($trtable as $f => $t) {
155 if ( !empty($mtdata[$f]) ) {
156 $$t = $mtdata[$f];
157 }
158 }
159 unset($mailtodata,$mtdata, $trtable);
160 }
161
162 /* Location (For HTTP 1.1 header("Location: ...") redirects) */
163 $location = get_location();
164 /* Identities (fetch only once) */
165 $idents = get_identities();
166
167 /* --------------------- Specific Functions ------------------------------ */
168
169 function replyAllString($header) {
170 global $include_self_reply_all, $idents;
171 $excl_ar = array();
172 /**
173 * 1) Remove the addresses we'll be sending the message 'to'
174 */
175 if (isset($header->reply_to)) {
176 $excl_ar = $header->getAddr_a('reply_to');
177 }
178 /**
179 * 2) Remove our identities from the CC list (they still can be in the
180 * TO list) only if $include_self_reply_all is turned off
181 */
182 if (!$include_self_reply_all) {
183 foreach($idents as $id) {
184 $excl_ar[strtolower(trim($id['email_address']))] = '';
185 }
186 }
187
188 /**
189 * 3) get the addresses.
190 */
191 $url_replytoall_ar = $header->getAddr_a(array('to','cc'), $excl_ar);
192
193 /**
194 * 4) generate the string.
195 */
196 $url_replytoallcc = '';
197 foreach( $url_replytoall_ar as $email => $personal) {
198 if ($personal) {
199 // always quote personal name (can't just quote it if
200 // it contains a comma separator, since it might still
201 // be encoded)
202 $url_replytoallcc .= ", \"$personal\" <$email>";
203 } else {
204 $url_replytoallcc .= ', '. $email;
205 }
206 }
207 $url_replytoallcc = substr($url_replytoallcc,2);
208
209 return $url_replytoallcc;
210 }
211
212 /**
213 * creates top line in reply citations
214 *
215 * Line style depends on user preferences.
216 * $orig_date argument is available only from 1.4.3 and 1.5.1 version.
217 * @param object $orig_from From: header object.
218 * @param integer $orig_date email's timestamp
219 * @return string reply citation
220 */
221 function getReplyCitation($orig_from, $orig_date) {
222 global $reply_citation_style, $reply_citation_start, $reply_citation_end;
223
224 if (!is_object($orig_from)) {
225 $sOrig_from = '';
226 } else {
227 $sOrig_from = decodeHeader($orig_from->getAddress(false),false,false,true);
228 }
229
230 /* First, return an empty string when no citation style selected. */
231 if (($reply_citation_style == '') || ($reply_citation_style == 'none')) {
232 return '';
233 }
234
235 /* Make sure our final value isn't an empty string. */
236 if ($sOrig_from == '') {
237 return '';
238 }
239
240 /* Otherwise, try to select the desired citation style. */
241 switch ($reply_citation_style) {
242 case 'author_said':
243 // i18n: %s is for author's name
244 $full_reply_citation = sprintf(_("%s wrote:"),$sOrig_from);
245 break;
246 case 'quote_who':
247 $start = '<quote who="';
248 $end = '">';
249 $full_reply_citation = $start . $sOrig_from . $end;
250 break;
251 case 'date_time_author':
252 // i18n:
253 // The first %s is for date string, the second %s is for author's name.
254 // The date uses formating from "D, F j, Y g:i a" and "D, F j, Y H:i"
255 // translations.
256 // Example string:
257 // "On Sat, December 24, 2004 23:59, Santa wrote:"
258 // If you have to put author's name in front of date string, check comments about
259 // argument swapping at http://php.net/sprintf
260 $full_reply_citation = sprintf(_("On %s, %s wrote:"), getLongDateString($orig_date), $sOrig_from);
261 break;
262 case 'user-defined':
263 $start = $reply_citation_start .
264 ($reply_citation_start == '' ? '' : ' ');
265 $end = $reply_citation_end;
266 $full_reply_citation = $start . $sOrig_from . $end;
267 break;
268 default:
269 return '';
270 }
271
272 /* Add line feed and return the citation string. */
273 return ($full_reply_citation . "\n");
274 }
275
276 /**
277 * Creates header fields in forwarded email body
278 *
279 * $default_charset global must be set correctly before you call this function.
280 * @param object $orig_header
281 * @return $string
282 */
283 function getforwardHeader($orig_header) {
284 global $editor_size, $default_charset;
285
286 // using own strlen function in order to detect correct string length
287 $display = array( _("Subject") => sq_strlen(_("Subject"),$default_charset),
288 _("From") => sq_strlen(_("From"),$default_charset),
289 _("Date") => sq_strlen(_("Date"),$default_charset),
290 _("To") => sq_strlen(_("To"),$default_charset),
291 _("Cc") => sq_strlen(_("Cc"),$default_charset) );
292 $maxsize = max($display);
293 $indent = str_pad('',$maxsize+2);
294 foreach($display as $key => $val) {
295 $display[$key] = $key .': '. str_pad('', $maxsize - $val);
296 }
297 $from = decodeHeader($orig_header->getAddr_s('from',"\n$indent"),false,false,true);
298 $from = str_replace('&nbsp;',' ',$from);
299 $to = decodeHeader($orig_header->getAddr_s('to',"\n$indent"),false,false,true);
300 $to = str_replace('&nbsp;',' ',$to);
301 $subject = decodeHeader($orig_header->subject,false,false,true);
302 $subject = str_replace('&nbsp;',' ',$subject);
303
304 // using own str_pad function in order to create correct string pad
305 $bodyTop = sq_str_pad(' '._("Original Message").' ',$editor_size -2,'-',STR_PAD_BOTH,$default_charset) .
306 "\n". $display[_("Subject")] . $subject . "\n" .
307 $display[_("From")] . $from . "\n" .
308 $display[_("Date")] . getLongDateString( $orig_header->date, $orig_header->date_unparsed ). "\n" .
309 $display[_("To")] . $to . "\n";
310 if ($orig_header->cc != array() && $orig_header->cc !='') {
311 $cc = decodeHeader($orig_header->getAddr_s('cc',"\n$indent"),false,false,true);
312 $cc = str_replace('&nbsp;',' ',$cc);
313 $bodyTop .= $display[_("Cc")] .$cc . "\n";
314 }
315 $bodyTop .= str_pad('', $editor_size -2 , '-') .
316 "\n\n";
317 return $bodyTop;
318 }
319 /* ----------------------------------------------------------------------- */
320
321 /*
322 * If the session is expired during a post this restores the compose session
323 * vars.
324 */
325 $session_expired = false;
326 if (sqsession_is_registered('session_expired_post')) {
327 sqgetGlobalVar('session_expired_post', $session_expired_post, SQ_SESSION);
328 /*
329 * extra check for username so we don't display previous post data from
330 * another user during this session.
331 */
332 if (!empty($session_expired_post['username'])
333 && $session_expired_post['username'] == $username) {
334 // these are the vars that we can set from the expired composed session
335 $compo_var_list = array ('send_to', 'send_to_cc', 'body',
336 'startMessage', 'passed_body', 'use_signature', 'signature',
337 'subject', 'newmail', 'send_to_bcc', 'passed_id', 'mailbox',
338 'from_htmladdr_search', 'identity', 'draft_id', 'delete_draft',
339 'mailprio', 'edit_as_new', 'attachments', 'composesession',
340 'request_mdn', 'request_dr', 'fwduid');
341
342 foreach ($compo_var_list as $var) {
343 if ( isset($session_expired_post[$var]) && !isset($$var) ) {
344 $$var = $session_expired_post[$var];
345 }
346 }
347
348 if (!empty($attachments))
349 $attachments = unserialize(urldecode($attachments));
350
351 sqsession_register($composesession,'composesession');
352
353 if (isset($send)) {
354 unset($send);
355 }
356 $session_expired = true;
357 }
358 unset($session_expired_post);
359 sqsession_unregister('session_expired_post');
360 session_write_close();
361 if (!isset($mailbox)) {
362 $mailbox = '';
363 }
364 if ($compose_new_win == '1') {
365 compose_Header($color, $mailbox);
366 } else {
367 $sHeaderJs = (isset($sHeaderJs)) ? $sHeaderJs : '';
368 if (strpos($action, 'reply') !== false && $reply_focus) {
369 $sOnload = 'checkForm(\''.$replyfocus.'\');';
370 } else {
371 $sOnload = 'checkForm();';
372 }
373 displayPageHeader($color, $mailbox,$sHeaderJs,$sOnload);
374 }
375 showInputForm($session, false);
376 exit();
377 }
378
379 if (!isset($composesession)) {
380 $composesession = 0;
381 sqsession_register(0,'composesession');
382 } else {
383 $composesession = (int)$composesession;
384 }
385
386 if (!isset($session) || (isset($newmessage) && $newmessage)) {
387 sqsession_unregister('composesession');
388 $session = "$composesession" +1;
389 $composesession = $session;
390 sqsession_register($composesession,'composesession');
391 }
392 if (!empty($compose_messages[$session])) {
393 $composeMessage = $compose_messages[$session];
394 } else {
395 $composeMessage = new Message();
396 $rfc822_header = new Rfc822Header();
397 $composeMessage->rfc822_header = $rfc822_header;
398 $composeMessage->reply_rfc822_header = '';
399 }
400
401 // re-add attachments that were already in this message
402 // FIXME: note that technically this is very bad form -
403 // should never directly manipulate an object like this
404 if (!empty($attachments)) {
405 $attachments = unserialize(urldecode($attachments));
406 if (!empty($attachments) && is_array($attachments))
407 $composeMessage->entities = $attachments;
408 }
409
410 if (empty($mailbox)) {
411 $mailbox = 'INBOX';
412 }
413
414 if ($draft) {
415
416 // validate security token
417 //
418 sm_validate_security_token($submitted_token, -1, TRUE);
419
420 /*
421 * Set $default_charset to correspond with the user's selection
422 * of language interface.
423 */
424 set_my_charset();
425 if (! deliverMessage($composeMessage, true)) {
426 showInputForm($session);
427 exit();
428 } else {
429 $draft_message = _("Draft Email Saved");
430 /* If this is a resumed draft, then delete the original */
431 if(isset($delete_draft)) {
432 $imap_stream = sqimap_login($username, false, $imapServerAddress, $imapPort, false);
433 sqimap_mailbox_select($imap_stream, $draft_folder);
434 // force bypass_trash=true because message should be saved when deliverMessage() returns true.
435 // in current implementation of sqimap_msgs_list_flag() single message id can
436 // be submitted as string. docs state that it should be array.
437 sqimap_msgs_list_delete($imap_stream, $draft_folder, $delete_draft, true);
438 if ($auto_expunge) {
439 sqimap_mailbox_expunge($imap_stream, $draft_folder, true);
440 }
441 sqimap_logout($imap_stream);
442 }
443
444 $oErrorHandler->saveDelayedErrors();
445 session_write_close();
446
447 if ($compose_new_win == '1') {
448 if ( !isset($pageheader_sent) || !$pageheader_sent ) {
449 header("Location: $location/compose.php?saved_draft=yes&session=$composesession");
450 } else {
451 //FIXME: DON'T ECHO HTML FROM CORE!
452 echo ' <br><br><div style="text-align: center;"><a href="' . $location
453 . '/compose.php?saved_sent=yes&amp;session=' . $composesession . '">'
454 . _("Return") . '</a></div>';
455 }
456 exit();
457 } else {
458 if ( !isset($pageheader_sent) || !$pageheader_sent ) {
459 header("Location: $location/right_main.php?mailbox=" . urlencode($draft_folder) .
460 "&startMessage=1&note=".urlencode($draft_message));
461 } else {
462 //FIXME: DON'T ECHO HTML FROM CORE!
463 echo ' <br><br><div style="text-align: center;"><a href="' . $location
464 . '/right_main.php?mailbox=' . urlencode($draft_folder)
465 . '&amp;startMessage=1&amp;note=' . urlencode($draft_message) .'">'
466 . _("Return") . '</a></div>';
467 }
468 exit();
469 }
470 }
471 }
472
473 if ($send) {
474
475 // validate security token
476 //
477 sm_validate_security_token($submitted_token, -1, TRUE);
478
479 if (isset($_FILES['attachfile']) &&
480 $_FILES['attachfile']['tmp_name'] &&
481 $_FILES['attachfile']['tmp_name'] != 'none') {
482 $AttachFailure = saveAttachedFiles($session);
483 }
484
485 if (checkInput(false) && !isset($AttachFailure)) {
486 if ($mailbox == "All Folders") {
487 /* We entered compose via the search results page */
488 $mailbox = 'INBOX'; /* Send 'em to INBOX, that's safe enough */
489 }
490 $urlMailbox = urlencode($mailbox);
491 if (! isset($passed_id)) {
492 $passed_id = 0;
493 }
494 /**
495 * Set $default_charset to correspond with the user's selection
496 * of language interface.
497 */
498 set_my_charset();
499 /**
500 * This is to change all newlines to \n
501 * We'll change them to \r\n later (in the sendMessage function)
502 */
503 $body = str_replace("\r\n", "\n", $body);
504 $body = str_replace("\r", "\n", $body);
505
506 /**
507 * Rewrap $body so that no line is bigger than $editor_size
508 */
509 $body = explode("\n", $body);
510 $newBody = '';
511 foreach ($body as $line) {
512 if( $line <> '-- ' ) {
513 $line = rtrim($line);
514 }
515 if (sq_strlen($line, $default_charset) <= $editor_size + 1) {
516 $newBody .= $line . "\n";
517 } else {
518 sqWordWrap($line, $editor_size, $default_charset);
519 $newBody .= $line . "\n";
520
521 }
522
523 }
524 $body = $newBody;
525
526 $Result = deliverMessage($composeMessage);
527
528 if ($Result)
529 $mail_sent = 'yes';
530 else
531 $mail_sent = 'no';
532
533 // NOTE: this hook changed in 1.5.2 from sending $Result and
534 // $composeMessage as args #2 and #3 to being in an array
535 // under arg #2
536 $temp = array(&$Result, &$composeMessage, &$mail_sent);
537 do_hook('compose_send_after', $temp);
538 if (! $Result) {
539 showInputForm($session);
540 exit();
541 }
542
543 /* if it is resumed draft, delete draft message */
544 if ( isset($delete_draft)) {
545 $imap_stream = sqimap_login($username, false, $imapServerAddress, $imapPort, false);
546 sqimap_mailbox_select($imap_stream, $draft_folder);
547 // bypass_trash=true because message should be saved when deliverMessage() returns true.
548 // in current implementation of sqimap_msgs_list_flag() single message id can
549 // be submitted as string. docs state that it should be array.
550 sqimap_msgs_list_delete($imap_stream, $draft_folder, $delete_draft, true);
551 if ($auto_expunge) {
552 sqimap_mailbox_expunge($imap_stream, $draft_folder, true);
553 }
554 sqimap_logout($imap_stream);
555 }
556 /*
557 * Store the error array in the session because they will be lost on a redirect
558 */
559 $oErrorHandler->saveDelayedErrors();
560 session_write_close();
561
562 if ($compose_new_win == '1') {
563 if ( !isset($pageheader_sent) || !$pageheader_sent ) {
564 header("Location: $location/compose.php?mail_sent=$mail_sent");
565 } else {
566 //FIXME: DON'T ECHO HTML FROM CORE!
567 echo ' <br><br><div style="text-align: center;"><a href="' . $location
568 . '/compose.php?mail_sent=$mail_sent">'
569 . _("Return") . '</a></div>';
570 }
571 exit();
572 } else {
573 if ( !isset($pageheader_sent) || !$pageheader_sent ) {
574 header("Location: $location/right_main.php?mailbox=$urlMailbox".
575 "&startMessage=$startMessage&mail_sent=$mail_sent");
576 } else {
577 //FIXME: DON'T ECHO HTML FROM CORE!
578 echo ' <br><br><div style="text-align: center;"><a href="' . $location
579 . "/right_main.php?mailbox=$urlMailbox"
580 . "&amp;startMessage=$startMessage&amp;mail_sent=$mail_sent\">"
581 . _("Return") . '</a></div>';
582 }
583 exit();
584 }
585 } else {
586 if ($compose_new_win == '1') {
587 compose_Header($color, $mailbox);
588 }
589 else {
590 displayPageHeader($color, $mailbox);
591 }
592 if (isset($AttachFailure)) {
593 plain_error_message(_("Could not move/copy file. File not attached"),
594 $color);
595 }
596 checkInput(true);
597 showInputForm($session);
598 /* sqimap_logout($imapConnection); */
599 }
600 } elseif (isset($html_addr_search_done)) {
601
602 // validate security token
603 //
604 sm_validate_security_token($submitted_token, -1, TRUE);
605
606 if ($compose_new_win == '1') {
607 compose_Header($color, $mailbox);
608 }
609 else {
610 displayPageHeader($color, $mailbox);
611 }
612
613 if (isset($send_to_search) && is_array($send_to_search)) {
614 foreach ($send_to_search as $k => $v) {
615 if (substr($k, 0, 1) == 'T') {
616 if ($send_to) {
617 $send_to .= ', ';
618 }
619 $send_to .= $v;
620 }
621 elseif (substr($k, 0, 1) == 'C') {
622 if ($send_to_cc) {
623 $send_to_cc .= ', ';
624 }
625 $send_to_cc .= $v;
626 }
627 elseif (substr($k, 0, 1) == 'B') {
628 if ($send_to_bcc) {
629 $send_to_bcc .= ', ';
630 }
631 $send_to_bcc .= $v;
632 }
633 }
634 }
635 showInputForm($session);
636 } elseif (isset($html_addr_search) && !isset($html_addr_search_cancel)) {
637 if (isset($_FILES['attachfile']) &&
638 $_FILES['attachfile']['tmp_name'] &&
639 $_FILES['attachfile']['tmp_name'] != 'none') {
640 if(saveAttachedFiles($session)) {
641 plain_error_message(_("Could not move/copy file. File not attached"));
642 }
643 }
644 /*
645 * I am using an include so as to elminiate an extra unnecessary
646 * click. If you can think of a better way, please implement it.
647 */
648 include_once('./addrbook_search_html.php');
649 } elseif (isset($attach)) {
650
651 // validate security token
652 //
653 sm_validate_security_token($submitted_token, -1, TRUE);
654
655 if ($compose_new_win == '1') {
656 compose_Header($color, $mailbox);
657 } else {
658 displayPageHeader($color, $mailbox);
659 }
660 if (saveAttachedFiles($session)) {
661 plain_error_message(_("Could not move/copy file. File not attached"));
662 }
663 showInputForm($session);
664 }
665 elseif (isset($sigappend)) {
666
667 // validate security token
668 //
669 sm_validate_security_token($submitted_token, -1, TRUE);
670
671 $signature = $idents[$identity]['signature'];
672
673 $body .= "\n\n".($prefix_sig==true? "-- \n":'').$signature;
674 if ($compose_new_win == '1') {
675 compose_Header($color, $mailbox);
676 } else {
677 displayPageHeader($color, $mailbox);
678 }
679 showInputForm($session);
680 } elseif (isset($do_delete)) {
681
682 // validate security token
683 //
684 sm_validate_security_token($submitted_token, -1, TRUE);
685
686 if ($compose_new_win == '1') {
687 compose_Header($color, $mailbox);
688 } else {
689 displayPageHeader($color, $mailbox);
690 }
691
692 if (isset($delete) && is_array($delete)) {
693 foreach($delete as $index) {
694 if (!empty($composeMessage->entities) && isset($composeMessage->entities[$index])) {
695 $composeMessage->entities[$index]->purgeAttachments();
696 // FIXME: one person reported that unset() didn't do anything at all here, so this is a work-around... but it triggers PHP notices if the unset() doesn't work, which should be fixed... but bigger question is if unset() doesn't work here, what about everywhere else? Anyway, uncomment this if you think you need it
697 //$composeMessage->entities[$index] = NULL;
698 unset ($composeMessage->entities[$index]);
699 }
700 }
701 $new_entities = array();
702 foreach ($composeMessage->entities as $entity) {
703 $new_entities[] = $entity;
704 }
705 $composeMessage->entities = $new_entities;
706 }
707 showInputForm($session);
708 } else {
709 /*
710 * This handles the default case as well as the error case
711 * (they had the same code) --> if (isset($smtpErrors))
712 */
713
714 if ($compose_new_win == '1') {
715 compose_Header($color, $mailbox);
716 } else {
717 displayPageHeader($color, $mailbox);
718 }
719
720 $newmail = true;
721
722 if (!isset($passed_ent_id)) {
723 $passed_ent_id = '';
724 }
725 if (!isset($passed_id)) {
726 $passed_id = '';
727 }
728 if (!isset($mailbox)) {
729 $mailbox = '';
730 }
731 if (!isset($action)) {
732 $action = '';
733 }
734
735 $values = newMail($mailbox,$passed_id,$passed_ent_id, $action, $session);
736
737 // forward as attachment - subject is in the message in session
738 //
739 if ($action == 'forward_as_attachment' && empty($values['subject']))
740 $subject = $composeMessage->rfc822_header->subject;
741
742 /* in case the origin is not read_body.php */
743 if (isset($send_to)) {
744 $values['send_to'] = $send_to;
745 }
746 if (isset($send_to_cc)) {
747 $values['send_to_cc'] = $send_to_cc;
748 }
749 if (isset($send_to_bcc)) {
750 $values['send_to_bcc'] = $send_to_bcc;
751 }
752 if (isset($subject)) {
753 $values['subject'] = $subject;
754 }
755 showInputForm($session, $values);
756 }
757
758 exit();
759
760 /**************** Only function definitions go below *************/
761
762 function getforwardSubject($subject)
763 {
764 if ((substr(strtolower($subject), 0, 4) != 'fwd:') &&
765 (substr(strtolower($subject), 0, 5) != '[fwd:') &&
766 (substr(strtolower($subject), 0, 6) != '[ fwd:')) {
767 $subject = '[Fwd: ' . $subject . ']';
768 }
769 return $subject;
770 }
771
772 /* This function is used when not sending or adding attachments */
773 function newMail ($mailbox='', $passed_id='', $passed_ent_id='', $action='', $session='') {
774 global $editor_size, $default_use_priority, $body, $idents,
775 $use_signature, $data_dir, $username,
776 $key, $imapServerAddress, $imapPort,
777 $composeMessage, $body_quote, $request_mdn, $request_dr,
778 $mdn_user_support, $languages, $squirrelmail_language,
779 $default_charset, $do_not_reply_to_self;
780
781 /*
782 * Set $default_charset to correspond with the user's selection
783 * of language interface. $default_charset global is not correct,
784 * if message is composed in new window.
785 */
786 set_my_charset();
787
788 $send_to = $send_to_cc = $send_to_bcc = $subject = $identity = '';
789 $mailprio = 3;
790
791 if ($passed_id) {
792 $imapConnection = sqimap_login($username, false, $imapServerAddress,
793 $imapPort, 0);
794
795 sqimap_mailbox_select($imapConnection, $mailbox);
796 $message = sqimap_get_message($imapConnection, $passed_id, $mailbox);
797
798 $body = '';
799 if ($passed_ent_id) {
800 /* redefine the messsage in case of message/rfc822 */
801 $message = $message->getEntity($passed_ent_id);
802 /* message is an entity which contains the envelope and type0=message
803 * and type1=rfc822. The actual entities are childs from
804 * $message->entities[0]. That's where the encoding and is located
805 */
806
807 $entities = $message->entities[0]->findDisplayEntity
808 (array(), $alt_order = array('text/plain'));
809 if (!count($entities)) {
810 $entities = $message->entities[0]->findDisplayEntity
811 (array(), $alt_order = array('text/plain','text/html'));
812 }
813 $orig_header = $message->rfc822_header; /* here is the envelope located */
814 /* redefine the message for picking up the attachments */
815 $message = $message->entities[0];
816
817 } else {
818 $entities = $message->findDisplayEntity (array(), $alt_order = array('text/plain'));
819 if (!count($entities)) {
820 $entities = $message->findDisplayEntity (array(), $alt_order = array('text/plain','text/html'));
821 }
822 $orig_header = $message->rfc822_header;
823 }
824
825 $type0 = $message->type0;
826 $type1 = $message->type1;
827 foreach ($entities as $ent) {
828 $msg = $message->getEntity($ent);
829 $type0 = $msg->type0;
830 $type1 = $msg->type1;
831 $unencoded_bodypart = mime_fetch_body($imapConnection, $passed_id, $ent);
832 $body_part_entity = $message->getEntity($ent);
833 $bodypart = decodeBody($unencoded_bodypart,
834 $body_part_entity->header->encoding);
835 if ($type1 == 'html') {
836 $bodypart = str_replace("\n", ' ', $bodypart);
837 $bodypart = preg_replace(array('/<\/?p>/i','/<div><\/div>/i','/<br\s*(\/)*>/i','/<\/?div>/i'), "\n", $bodypart);
838 $bodypart = str_replace(array('&nbsp;','&gt;','&lt;'),array(' ','>','<'),$bodypart);
839 $bodypart = strip_tags($bodypart);
840 }
841 if (isset($languages[$squirrelmail_language]['XTRA_CODE']) &&
842 function_exists($languages[$squirrelmail_language]['XTRA_CODE'] . '_decode')) {
843 if (mb_detect_encoding($bodypart) != 'ASCII') {
844 $bodypart = call_user_func($languages[$squirrelmail_language]['XTRA_CODE'] . '_decode', $bodypart);
845 }
846 }
847
848 // charset encoding in compose form stuff
849 if (isset($body_part_entity->header->parameters['charset'])) {
850 $actual = $body_part_entity->header->parameters['charset'];
851 } else {
852 $actual = 'us-ascii';
853 }
854
855 if ( $actual && is_conversion_safe($actual) && $actual != $default_charset){
856 $bodypart = charset_convert($actual,$bodypart,$default_charset,false);
857 }
858 // end of charset encoding in compose
859
860 $body .= $bodypart;
861 }
862 if ($default_use_priority) {
863 $mailprio = substr($orig_header->priority,0,1);
864 if (!$mailprio) {
865 $mailprio = 3;
866 }
867 } else {
868 $mailprio = '';
869 }
870
871 $from_o = $orig_header->from;
872 if (is_array($from_o)) {
873 if (isset($from_o[0])) {
874 $from_o = $from_o[0];
875 }
876 }
877 if (is_object($from_o)) {
878 $orig_from = $from_o->getAddress();
879 } else {
880 $orig_from = '';
881 }
882
883 $identities = array();
884 if (count($idents) > 1) {
885 foreach($idents as $nr=>$data) {
886 $enc_from_name = '"'.$data['full_name'].'" <'. $data['email_address'].'>';
887 $identities[] = $enc_from_name;
888 }
889
890 $identity_match = $orig_header->findAddress($identities);
891 if ($identity_match !== FALSE) {
892 $identity = $identity_match;
893 }
894 }
895
896 switch ($action) {
897 case ('draft'):
898 $use_signature = FALSE;
899 $composeMessage->rfc822_header = $orig_header;
900 $send_to = decodeHeader($orig_header->getAddr_s('to'),false,false,true);
901 $send_to_cc = decodeHeader($orig_header->getAddr_s('cc'),false,false,true);
902 $send_to_bcc = decodeHeader($orig_header->getAddr_s('bcc'),false,false,true);
903 $send_from = $orig_header->getAddr_s('from');
904 $send_from_parts = new AddressStructure();
905 $send_from_parts = $orig_header->parseAddress($send_from);
906 $send_from_add = $send_from_parts->mailbox . '@' . $send_from_parts->host;
907 $identity = find_identity(array($send_from_add));
908 $subject = decodeHeader($orig_header->subject,false,false,true);
909
910 // Remember the receipt settings
911 $request_mdn = $mdn_user_support && !empty($orig_header->dnt) ? '1' : '0';
912 $request_dr = $mdn_user_support && !empty($orig_header->drnt) ? '1' : '0';
913
914 /* remember the references and in-reply-to headers in case of an reply */
915 //FIXME: it would be better to fiddle with headers inside of the message object or possibly when delivering the message to its destination (drafts folder?); is this possible?
916 $composeMessage->rfc822_header->more_headers['References'] = $orig_header->references;
917 $composeMessage->rfc822_header->more_headers['In-Reply-To'] = $orig_header->in_reply_to;
918 // rewrap the body to clean up quotations and line lengths
919 sqBodyWrap($body, $editor_size);
920 $composeMessage = getAttachments($message, $composeMessage, $passed_id, $entities, $imapConnection);
921 break;
922 case ('edit_as_new'):
923 $send_to = decodeHeader($orig_header->getAddr_s('to'),false,false,true);
924 $send_to_cc = decodeHeader($orig_header->getAddr_s('cc'),false,false,true);
925 $send_to_bcc = decodeHeader($orig_header->getAddr_s('bcc'),false,false,true);
926 $subject = decodeHeader($orig_header->subject,false,false,true);
927 $mailprio = $orig_header->priority;
928 $orig_from = '';
929 $composeMessage = getAttachments($message, $composeMessage, $passed_id, $entities, $imapConnection);
930 // rewrap the body to clean up quotations and line lengths
931 sqBodyWrap($body, $editor_size);
932 break;
933 case ('forward'):
934 $send_to = '';
935 $subject = getforwardSubject(decodeHeader($orig_header->subject,false,false,true));
936 $body = getforwardHeader($orig_header) . $body;
937 // the logic for calling sqUnWordWrap here would be to allow the browser to wrap the lines
938 // forwarded message text should be as undisturbed as possible, so commenting out this call
939 // sqUnWordWrap($body);
940 $composeMessage = getAttachments($message, $composeMessage, $passed_id, $entities, $imapConnection);
941
942 //add a blank line after the forward headers
943 $body = "\n" . $body;
944 break;
945 case ('forward_as_attachment'):
946 $subject = getforwardSubject(decodeHeader($orig_header->subject,false,false,true));
947 $composeMessage = getMessage_RFC822_Attachment($message, $composeMessage, $passed_id, $passed_ent_id, $imapConnection);
948 $subject = decodeHeader($orig_header->subject,false,false,true);
949 $subject = str_replace('"', "'", $subject);
950 $subject = trim($subject);
951 if (substr(strtolower($subject), 0, 4) != 'fwd:') {
952 $subject = 'Fwd: ' . $subject;
953 }
954 $body = '';
955 break;
956 case ('reply_all'):
957 if(isset($orig_header->mail_followup_to) && $orig_header->mail_followup_to) {
958 $send_to = $orig_header->getAddr_s('mail_followup_to');
959 } else {
960 $send_to_cc = replyAllString($orig_header);
961 $send_to_cc = decodeHeader($send_to_cc,false,false,true);
962 $send_to_cc = str_replace('""', '"', $send_to_cc);
963 }
964 case ('reply'):
965 // skip this if send_to was already set right above here
966 if(!$send_to) {
967 $send_to = $orig_header->reply_to;
968 if (is_array($send_to) && count($send_to)) {
969 $send_to = $orig_header->getAddr_s('reply_to', ',', FALSE, TRUE);
970 } else if (is_object($send_to)) { /* unneccesarry, just for failsafe purpose */
971 $send_to = $orig_header->getAddr_s('reply_to', ',', FALSE, TRUE);
972 } else {
973 $send_to = $orig_header->getAddr_s('from', ',', FALSE, TRUE);
974 }
975 }
976 $send_to = decodeHeader($send_to,false,false,true);
977 $send_to = str_replace('""', '"', $send_to);
978
979
980 // If user doesn't want replies to her own messages
981 // going back to herself (instead send again to the
982 // original recipient of the message being replied to),
983 // then iterate through identities, checking if the TO
984 // field is one of them (if the reply is to ourselves)
985 //
986 // Note we don't bother if the original message doesn't
987 // have anything in the TO field itself (because that's
988 // what we use if we change the recipient to be that of
989 // the previous message)
990 //
991 if ($do_not_reply_to_self && !empty($orig_header->to)) {
992
993 $orig_to = '';
994
995 foreach($idents as $id) {
996
997 if (!empty($id['email_address'])
998 && strpos($send_to, $id['email_address']) !== FALSE) {
999
1000 // if this is a reply-all, the original recipient
1001 // is already in the CC field, so we can just blank
1002 // the recipient (TO field) (as long as the CC field
1003 // isn't empty that is) and we're done
1004 //
1005 if ($action == 'reply_all' && !empty($send_to_cc)) {
1006 $send_to = '';
1007 break;
1008 }
1009
1010 $orig_to = $orig_header->to;
1011 if (is_array($orig_to) && count($orig_to)) {
1012 $orig_to = $orig_header->getAddr_s('to', ',', FALSE, TRUE);
1013 } else if (is_object($orig_to)) { /* unneccesarry, just for failsafe purpose */
1014 $orig_to = $orig_header->getAddr_s('to', ',', FALSE, TRUE);
1015 } else {
1016 $orig_to = '';
1017 }
1018 $orig_to = decodeHeader($orig_to,false,false,true);
1019 $orig_to = str_replace('""', '"', $orig_to);
1020
1021 break;
1022 }
1023 }
1024
1025 // if the reply was addressed back to ourselves,
1026 // we will send it to the TO of the previous message
1027 //
1028 if (!empty($orig_to)) {
1029
1030 $send_to = $orig_to;
1031
1032 // in this case, we also want to reset the FROM
1033 // identity as well (it should match the original
1034 // *FROM* header instead of TO or CC)
1035 //
1036 if (count($idents) > 1) {
1037 $identity = '';
1038 foreach($idents as $i => $id) {
1039 if (!empty($id['email_address'])
1040 && strpos($orig_from, $id['email_address']) !== FALSE) {
1041 $identity = $i;
1042 break;
1043 }
1044 }
1045 }
1046
1047 }
1048
1049 }
1050
1051
1052 $subject = decodeHeader($orig_header->subject,false,false,true);
1053 $subject = str_replace('"', "'", $subject);
1054 $subject = trim($subject);
1055 if (substr(strtolower($subject), 0, 3) != 're:') {
1056 $subject = 'Re: ' . $subject;
1057 }
1058 /* this corrects some wrapping/quoting problems on replies */
1059 $rewrap_body = explode("\n", $body);
1060 $from = (is_array($orig_header->from) && !empty($orig_header->from)) ? $orig_header->from[0] : $orig_header->from;
1061 $body = '';
1062 $strip_sigs = getPref($data_dir, $username, 'strip_sigs');
1063 foreach ($rewrap_body as $line) {
1064 if ($strip_sigs && rtrim($line, "\r\n") == '-- ') {
1065 break;
1066 }
1067 if (preg_match("/^(>+)/", $line, $matches)) {
1068 $gt = $matches[1];
1069 $body .= $body_quote . str_replace("\n", "\n$body_quote$gt ", rtrim($line)) ."\n";
1070 } else {
1071 $body .= $body_quote . (!empty($body_quote) ? ' ' : '') . str_replace("\n", "\n$body_quote" . (!empty($body_quote) ? ' ' : ''), rtrim($line)) . "\n";
1072 }
1073 }
1074
1075 //rewrap the body to clean up quotations and line lengths
1076 $body = sqBodyWrap ($body, $editor_size);
1077
1078 $body = getReplyCitation($from , $orig_header->date) . $body;
1079 $composeMessage->reply_rfc822_header = $orig_header;
1080
1081 break;
1082 default:
1083 break;
1084 }
1085 //FIXME: we used to register $compose_messages in the session here, but not any more - so do we still need the session_write_close() and sqimap_logout() here? We probably need the IMAP logout, but what about the session closure?
1086 session_write_close();
1087 sqimap_logout($imapConnection);
1088 }
1089 $ret = array( 'send_to' => $send_to,
1090 'send_to_cc' => $send_to_cc,
1091 'send_to_bcc' => $send_to_bcc,
1092 'subject' => $subject,
1093 'mailprio' => $mailprio,
1094 'body' => $body,
1095 'identity' => $identity );
1096
1097 return ($ret);
1098 } /* function newMail() */
1099
1100 /**
1101 * downloads attachments from original message, stores them in attachment directory and adds
1102 * them to composed message.
1103 * @param object $message
1104 * @param object $composeMessage
1105 * @param integer $passed_id
1106 * @param mixed $entities
1107 * @param mixed $imapConnection
1108 * @return object
1109 */
1110 function getAttachments($message, &$composeMessage, $passed_id, $entities, $imapConnection) {
1111 global $squirrelmail_language, $languages, $username, $attachment_dir;
1112
1113 if (!count($message->entities) ||
1114 ($message->type0 == 'message' && $message->type1 == 'rfc822')) {
1115 if ( !in_array($message->entity_id, $entities) && $message->entity_id) {
1116 switch ($message->type0) {
1117 case 'message':
1118 if ($message->type1 == 'rfc822') {
1119 $filename = $message->rfc822_header->subject;
1120 if ($filename == "") {
1121 $filename = "untitled-".$message->entity_id;
1122 }
1123 $filename .= '.eml';
1124 } else {
1125 $filename = $message->getFilename();
1126 }
1127 break;
1128 default:
1129 if (!$message->mime_header) { /* temporary hack */
1130 $message->mime_header = $message->header;
1131 }
1132 $filename = $message->getFilename();
1133 break;
1134 }
1135 //FIXME: added three args to the following, so as to set the last one to TRUE, to mimick a fix in 1.4.21 (#2994865), but didn't test this (note that in 1.4.21, the 2nd and 3rd args are FALSE, but here in this code, they weren't being specified (thus defaulting to TRUE), so I don't know if that means this code is outdated and should have been changed to FALSE, FALSE or if this code is completely different and the addition of the TRUE for arg #4 is wrong
1136 $filename = str_replace('&#32;', ' ', decodeHeader($filename, true, true, true));
1137 if (isset($languages[$squirrelmail_language]['XTRA_CODE']) &&
1138 function_exists($languages[$squirrelmail_language]['XTRA_CODE'] . '_encode')) {
1139 $filename = call_user_func($languages[$squirrelmail_language]['XTRA_CODE'] . '_encode', $filename);
1140 }
1141
1142 $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
1143 $localfilename = sq_get_attach_tempfile();
1144 $message->att_local_name = $localfilename;
1145
1146 $composeMessage->initAttachment($message->type0.'/'.$message->type1,$filename,
1147 $localfilename);
1148
1149 /* Write Attachment to file */
1150 $fp = fopen ($hashed_attachment_dir . '/' . $localfilename, 'wb');
1151 mime_print_body_lines ($imapConnection, $passed_id, $message->entity_id, $message->header->encoding, $fp);
1152 fclose ($fp);
1153 }
1154 } else {
1155 for ($i=0, $entCount=count($message->entities); $i<$entCount;$i++) {
1156 $composeMessage=getAttachments($message->entities[$i], $composeMessage, $passed_id, $entities, $imapConnection);
1157 }
1158 }
1159 return $composeMessage;
1160 }
1161
1162 function getMessage_RFC822_Attachment($message, $composeMessage, $passed_id,
1163 $passed_ent_id='', $imapConnection) {
1164 if (!$passed_ent_id) {
1165 $body_a = sqimap_run_command($imapConnection,
1166 'FETCH '.$passed_id.' RFC822',
1167 TRUE, $response, $readmessage,
1168 TRUE);
1169 } else {
1170 $body_a = sqimap_run_command($imapConnection,
1171 'FETCH '.$passed_id.' BODY['.$passed_ent_id.']',
1172 TRUE, $response, $readmessage, TRUE);
1173 $message = $message->parent;
1174 }
1175 if ($response == 'OK') {
1176 $subject = encodeHeader($message->rfc822_header->subject);
1177 array_shift($body_a);
1178 array_pop($body_a);
1179 $body = implode('', $body_a) . "\r\n";
1180
1181 global $username, $attachment_dir;
1182 $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
1183 $localfilename = sq_get_attach_tempfile();
1184 $fp = fopen($hashed_attachment_dir . '/' . $localfilename, 'wb');
1185 fwrite ($fp, $body);
1186 fclose($fp);
1187 $composeMessage->initAttachment('message/rfc822',$subject.'.eml',
1188 $localfilename);
1189 }
1190 return $composeMessage;
1191 }
1192
1193 function showInputForm ($session, $values=false) {
1194 global $send_to, $send_to_cc, $send_to_bcc,
1195 $body, $startMessage, $action, $attachments,
1196 $use_signature, $signature, $prefix_sig, $session_expired,
1197 $editor_size, $editor_height, $subject, $newmail,
1198 $use_javascript_addr_book, $passed_id, $mailbox, $fwduid,
1199 $from_htmladdr_search, $location_of_buttons, $attachment_dir,
1200 $username, $data_dir, $identity, $idents, $delete_draft,
1201 $mailprio, $compose_new_win, $saved_draft, $mail_sent, $sig_first,
1202 $composeMessage, $composesession, $default_charset,
1203 $compose_onsubmit, $oTemplate, $oErrorHandler;
1204
1205 if (checkForJavascript()) {
1206 $onfocus = ' onfocus="alreadyFocused=true;"';
1207 $onfocus_array = array('onfocus' => 'alreadyFocused=true;');
1208 }
1209 else {
1210 $onfocus = '';
1211 $onfocus_array = array();
1212 }
1213
1214 if ($values) {
1215 $send_to = $values['send_to'];
1216 $send_to_cc = $values['send_to_cc'];
1217 $send_to_bcc = $values['send_to_bcc'];
1218 $subject = $values['subject'];
1219 $mailprio = $values['mailprio'];
1220 $body = $values['body'];
1221 $identity = (int) $values['identity'];
1222 } else {
1223 $send_to = decodeHeader($send_to, true, false);
1224 $send_to_cc = decodeHeader($send_to_cc, true, false);
1225 $send_to_bcc = decodeHeader($send_to_bcc, true, false);
1226 }
1227
1228 if ($use_javascript_addr_book) {
1229 //FIXME: NO HTML IN CORE!
1230 echo "\n". '<script type="text/javascript">'."\n<!--\n" .
1231 'function open_abook() { ' . "\n" .
1232 ' var nwin = window.open("addrbook_popup.php","abookpopup",' .
1233 '"width=670,height=300,resizable=yes,scrollbars=yes");' . "\n" .
1234 ' if((!nwin.opener) && (document.windows != null))' . "\n" .
1235 ' nwin.opener = document.windows;' . "\n" .
1236 "}\n" .
1237 "// -->\n</script>\n\n";
1238 }
1239
1240 //FIXME: NO HTML IN CORE!
1241 echo "\n" . '<form name="compose" action="compose.php" method="post" ' .
1242 'enctype="multipart/form-data"';
1243
1244 $compose_onsubmit = array();
1245 global $null;
1246 do_hook('compose_form', $null);
1247
1248 // Plugins that use compose_form hook can add an array entry
1249 // to the globally scoped $compose_onsubmit; we add them up
1250 // here and format the form tag's full onsubmit handler.
1251 // Each plugin should use "return false" if they need to
1252 // stop form submission but otherwise should NOT use "return
1253 // true" to give other plugins the chance to do what they need
1254 // to do; SquirrelMail itself will add the final "return true".
1255 // Onsubmit text is enclosed inside of double quotes, so plugins
1256 // need to quote accordingly.
1257 //
1258 // Also, plugin authors should try to retain compatibility with
1259 // the Compose Extras plugin by resetting its compose submit
1260 // counter when preventing form submit. Use this code:
1261 // if (your-code-here) { submit_count = 0; return false; }
1262 //
1263 if (checkForJavascript()) {
1264 if (empty($compose_onsubmit))
1265 $compose_onsubmit = array();
1266 else if (!is_array($compose_onsubmit))
1267 $compose_onsubmit = array($compose_onsubmit);
1268
1269 $onsubmit_text = '';
1270 foreach ($compose_onsubmit as $text) {
1271 $text = trim($text);
1272 if (!empty($text)) {
1273 if (substr($text, -1) != ';' && substr($text, -1) != '}')
1274 $text .= '; ';
1275 $onsubmit_text .= $text;
1276 }
1277 }
1278
1279 if (!empty($onsubmit_text))
1280 //FIXME: DON'T ECHO HTML FROM CORE!
1281 echo ' onsubmit="' . $onsubmit_text . ' return true;"';
1282 }
1283
1284
1285 //FIXME: NO HTML IN CORE!
1286 echo ">\n";
1287
1288 //FIXME: DON'T ECHO HTML FROM CORE!
1289 echo addHidden('smtoken', sm_generate_security_token());
1290
1291 //FIXME: DON'T ECHO HTML FROM CORE!
1292 echo addHidden('startMessage', $startMessage);
1293
1294 if ($action == 'draft') {
1295 //FIXME: DON'T ECHO HTML FROM CORE!
1296 echo addHidden('delete_draft', $passed_id);
1297 }
1298 if (isset($delete_draft)) {
1299 //FIXME: DON'T ECHO HTML FROM CORE!
1300 echo addHidden('delete_draft', $delete_draft);
1301 }
1302 if (isset($session)) {
1303 //FIXME: DON'T ECHO HTML FROM CORE!
1304 echo addHidden('session', $session);
1305 }
1306
1307 if (isset($passed_id)) {
1308 //FIXME: DON'T ECHO HTML FROM CORE!
1309 echo addHidden('passed_id', $passed_id);
1310 }
1311
1312 if (isset($fwduid)) {
1313 //FIXME: DON'T ECHO HTML FROM CORE!
1314 echo addHidden('fwduid', $fwduid);
1315 }
1316
1317 if ($saved_draft == 'yes') {
1318 $oTemplate->assign('note', _("Your draft has been saved."));
1319 $oTemplate->display('note.tpl');
1320 }
1321 if ($mail_sent == 'yes') {
1322 $oTemplate->assign('note', _("Your mail has been sent."));
1323 $oTemplate->display('note.tpl');
1324 }
1325 if ($compose_new_win == '1') {
1326 $oTemplate->display('compose_newwin_close.tpl');
1327 }
1328
1329 if ($location_of_buttons == 'top') {
1330 //FIXME: DON'T ECHO HTML FROM CORE!
1331 showComposeButtonRow();
1332 }
1333
1334 $identities = array();
1335 if (count($idents) > 1) {
1336 reset($idents);
1337 foreach($idents as $id => $data) {
1338 $identities[$id] = $data['full_name'].' &lt;'.$data['email_address'].'&gt;';
1339 }
1340 }
1341
1342 $oTemplate->assign('identities', $identities);
1343 $oTemplate->assign('identity_def', $identity);
1344 $oTemplate->assign('input_onfocus', 'onfocus="'.join(' ', $onfocus_array).'"');
1345
1346 $oTemplate->assign('to', sm_encode_html_special_chars($send_to));
1347 $oTemplate->assign('cc', sm_encode_html_special_chars($send_to_cc));
1348 $oTemplate->assign('bcc', sm_encode_html_special_chars($send_to_bcc));
1349 $oTemplate->assign('subject', sm_encode_html_special_chars($subject));
1350
1351 // access keys...
1352 //
1353 global $accesskey_compose_to, $accesskey_compose_cc,
1354 $accesskey_compose_identity, $accesskey_compose_bcc,
1355 $accesskey_compose_subject;
1356 $oTemplate->assign('accesskey_compose_identity', $accesskey_compose_identity);
1357 $oTemplate->assign('accesskey_compose_to', $accesskey_compose_to);
1358 $oTemplate->assign('accesskey_compose_cc', $accesskey_compose_cc);
1359 $oTemplate->assign('accesskey_compose_bcc', $accesskey_compose_bcc);
1360 $oTemplate->assign('accesskey_compose_subject', $accesskey_compose_subject);
1361
1362 $oTemplate->display('compose_header.tpl');
1363
1364 if ($location_of_buttons == 'between') {
1365 //FIXME: DON'T ECHO HTML FROM CORE!
1366 showComposeButtonRow();
1367 }
1368
1369 $body_str = '';
1370 if ($use_signature == true && $newmail == true && !isset($from_htmladdr_search)) {
1371 $signature = $idents[$identity]['signature'];
1372
1373 if ($sig_first == '1') {
1374 /*
1375 * FIXME: test is specific to ja_JP translation implementation.
1376 * This test might apply incorrect conversion to other translations, but
1377 * use of 7bit iso-2022-jp charset in other translations might have other
1378 * issues too.
1379 */
1380 if ($default_charset == 'iso-2022-jp') {
1381 $body_str = "\n\n".($prefix_sig==true? "-- \n":'').mb_convert_encoding($signature, 'EUC-JP');
1382 } else {
1383 $body_str = "\n\n".($prefix_sig==true? "-- \n":'').decodeHeader($signature,false,false);
1384 }
1385 $body_str .= "\n\n".sm_encode_html_special_chars(decodeHeader($body,false,false));
1386 } else {
1387 $body_str = "\n\n".sm_encode_html_special_chars(decodeHeader($body,false,false));
1388 // FIXME: test is specific to ja_JP translation implementation. See above comments.
1389 if ($default_charset == 'iso-2022-jp') {
1390 $body_str .= "\n\n".($prefix_sig==true? "-- \n":'').mb_convert_encoding($signature, 'EUC-JP');
1391 } else {
1392 $body_str .= "\n\n".($prefix_sig==true? "-- \n":'').decodeHeader($signature,false,false);
1393 }
1394 }
1395 } else {
1396 $body_str = sm_encode_html_special_chars(decodeHeader($body,false,false));
1397 }
1398
1399 $oTemplate->assign('editor_width', (int)$editor_size);
1400 $oTemplate->assign('editor_height', (int)$editor_height);
1401 $oTemplate->assign('input_onfocus', 'onfocus="'.join(' ', $onfocus_array).'"');
1402 $oTemplate->assign('body', $body_str);
1403 $oTemplate->assign('show_bottom_send', $location_of_buttons!='bottom');
1404
1405 // access keys...
1406 //
1407 global $accesskey_compose_body, $accesskey_compose_send;
1408 $oTemplate->assign('accesskey_compose_body', $accesskey_compose_body);
1409 $oTemplate->assign('accesskey_compose_send', $accesskey_compose_send);
1410
1411 $oTemplate->display ('compose_body.tpl');
1412
1413 if ($location_of_buttons == 'bottom') {
1414 //FIXME: DON'T ECHO HTML FROM CORE!
1415 showComposeButtonRow();
1416 }
1417
1418 // composeMessage can be empty when coming from a restored session
1419 if (is_object($composeMessage) && $composeMessage->entities)
1420 $attach_array = $composeMessage->entities;
1421 if ($session_expired && !empty($attachments) && is_array($attachments))
1422 $attach_array = $attachments;
1423
1424 /* This code is for attachments */
1425 if ((bool) ini_get('file_uploads')) {
1426
1427 /* Calculate the max size for an uploaded file.
1428 * This is advisory for the user because we can't actually prevent
1429 * people to upload too large files. */
1430 $sizes = array();
1431 /* php.ini vars which influence the max for uploads */
1432 $configvars = array('post_max_size', 'memory_limit', 'upload_max_filesize');
1433 foreach($configvars as $var) {
1434 /* skip 0 or empty values, and -1 which means 'unlimited' */
1435 if( $size = getByteSize(ini_get($var)) ) {
1436 if ( $size != '-1' ) {
1437 $sizes[] = $size;
1438 }
1439 }
1440 }
1441
1442 $attach = array();
1443 global $username, $attachment_dir;
1444 $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
1445 if (!empty($attach_array)) {
1446 foreach ($attach_array as $key => $attachment) {
1447 $attached_file = $attachment->att_local_name;
1448 if ($attachment->att_local_name || $attachment->body_part) {
1449 $attached_filename = decodeHeader($attachment->mime_header->getParameter('name'));
1450 $type = $attachment->mime_header->type0.'/'.
1451 $attachment->mime_header->type1;
1452
1453 $a = array();
1454 $a['Key'] = $key;
1455 $a['FileName'] = $attached_filename;
1456 $a['ContentType'] = $type;
1457 $a['Size'] = filesize($hashed_attachment_dir . '/' . $attached_file);
1458 $attach[$key] = $a;
1459 }
1460 }
1461 }
1462
1463 $max = min($sizes);
1464 $oTemplate->assign('max_file_size', empty($max) ? -1 : $max);
1465 $oTemplate->assign('attachments', $attach);
1466
1467 // access keys...
1468 //
1469 global $accesskey_compose_attach_browse, $accesskey_compose_attach,
1470 $accesskey_compose_delete_attach;
1471 $oTemplate->assign('accesskey_compose_attach_browse', $accesskey_compose_attach_browse);
1472 $oTemplate->assign('accesskey_compose_attach', $accesskey_compose_attach);
1473 $oTemplate->assign('accesskey_compose_delete_attach', $accesskey_compose_delete_attach);
1474
1475 $oTemplate->display('compose_attachments.tpl');
1476 } // End of file_uploads if-block
1477 /* End of attachment code */
1478
1479 $oTemplate->assign('username', $username);
1480 $oTemplate->assign('smaction', $action);
1481 $oTemplate->assign('mailbox', $mailbox);
1482 sqgetGlobalVar('QUERY_STRING', $queryString, SQ_SERVER);
1483 $oTemplate->assign('querystring', $queryString);
1484 $oTemplate->assign('composesession', $composesession);
1485 $oTemplate->assign('send_button_count', unique_widget_name('send', TRUE));
1486 if (!empty($attach_array))
1487 $oTemplate->assign('attachments', urlencode(serialize($attach_array)));
1488
1489 $aUserNotices = array();
1490
1491 // File uploads are off, so we didn't show that part of the form.
1492 // To avoid bogus bug reports, tell the user why.
1493 if (!(bool) ini_get('file_uploads')) {
1494 $aUserNotices[] = _("Because PHP file uploads are turned off, you can not attach files to this message. Please see your system administrator for details.");
1495 }
1496
1497 $oTemplate->assign('user_notices', $aUserNotices);
1498
1499 $oTemplate->display('compose_form_close.tpl');
1500
1501 if ($compose_new_win=='1') {
1502 $oTemplate->display('compose_newwin_close.tpl');
1503 }
1504
1505 $oErrorHandler->setDelayedErrors(false);
1506 $oTemplate->display('footer.tpl');
1507 }
1508
1509
1510 function showComposeButtonRow() {
1511 global $use_javascript_addr_book, $save_as_draft,
1512 $default_use_priority, $mailprio, $default_use_mdn,
1513 $request_mdn, $request_dr,
1514 $data_dir, $username;
1515
1516 global $oTemplate, $buffer_hook;
1517
1518 if ($default_use_priority) {
1519 $priorities = array('1'=>_("High"), '3'=>_("Normal"), '5'=>_("Low"));
1520 $priority = isset($mailprio) ? $mailprio : 3;
1521 } else {
1522 $priorities = array();
1523 $priority = NULL;
1524 }
1525
1526 $mdn_user_support=getPref($data_dir, $username, 'mdn_user_support',$default_use_mdn);
1527
1528 $address_book_button_attribs = array();
1529 global $accesskey_compose_addresses;
1530 if ($accesskey_compose_addresses != 'NONE')
1531 $address_book_button_attribs['accesskey'] = $accesskey_compose_addresses;
1532 if ($use_javascript_addr_book && checkForJavascript()) {
1533 $addr_book = addButton(_("Addresses"),
1534 null,
1535 array_merge($address_book_button_attribs, array('onclick' => 'javascript:open_abook();')));
1536 } else {
1537 $addr_book = addSubmit(_("Addresses"), 'html_addr_search', $address_book_button_attribs);
1538 }
1539
1540 $oTemplate->assign('allow_priority', $default_use_priority==1);
1541 $oTemplate->assign('priority_list', $priorities);
1542 $oTemplate->assign('current_priority', $priority);
1543
1544 $oTemplate->assign('notifications_enabled', $mdn_user_support==1);
1545 $oTemplate->assign('read_receipt', $request_mdn=='1');
1546 $oTemplate->assign('delivery_receipt', $request_dr=='1');
1547
1548 $oTemplate->assign('drafts_enabled', $save_as_draft);
1549 $oTemplate->assign('address_book_button', $addr_book);
1550
1551 // access keys...
1552 //
1553 global $accesskey_compose_priority, $accesskey_compose_on_read,
1554 $accesskey_compose_on_delivery, $accesskey_compose_signature,
1555 $accesskey_compose_save_draft, $accesskey_compose_send;
1556 $oTemplate->assign('accesskey_compose_priority', $accesskey_compose_priority);
1557 $oTemplate->assign('accesskey_compose_on_read', $accesskey_compose_on_read);
1558 $oTemplate->assign('accesskey_compose_on_delivery', $accesskey_compose_on_delivery);
1559 $oTemplate->assign('accesskey_compose_signature', $accesskey_compose_signature);
1560 $oTemplate->assign('accesskey_compose_save_draft', $accesskey_compose_save_draft);
1561 $oTemplate->assign('accesskey_compose_send', $accesskey_compose_send);
1562
1563 $oTemplate->display('compose_buttons.tpl');
1564 }
1565
1566 function checkInput ($show) {
1567 /*
1568 * I implemented the $show variable because the error messages
1569 * were getting sent before the page header. So, I check once
1570 * using $show=false, and then when i'm ready to display the error
1571 * message, show=true
1572 */
1573 global $send_to, $send_to_cc, $send_to_bcc;
1574
1575 $send_to = trim($send_to);
1576 $send_to_cc = trim($send_to_cc);
1577 $send_to_bcc = trim($send_to_bcc);
1578 if (empty($send_to) && empty($send_to_cc) && empty($send_to_bcc)) {
1579 if ($show) {
1580 plain_error_message(_("You have not filled in the \"To:\" field."));
1581 }
1582 return false;
1583 }
1584 return true;
1585 } /* function checkInput() */
1586
1587
1588 /* True if FAILURE */
1589 function saveAttachedFiles($session) {
1590 global $composeMessage, $username, $attachment_dir;
1591
1592 /* get out of here if no file was attached at all */
1593 if (! is_uploaded_file($_FILES['attachfile']['tmp_name']) ) {
1594 return true;
1595 }
1596
1597 $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
1598 $localfilename = sq_get_attach_tempfile();
1599 $fullpath = $hashed_attachment_dir . '/' . $localfilename;
1600
1601 // m_u_f works better with restricted PHP installs (safe_mode, open_basedir),
1602 // if that doesn't work, try a simple rename.
1603 if (!sq_call_function_suppress_errors('move_uploaded_file', array($_FILES['attachfile']['tmp_name'], $fullpath))) {
1604 if (!sq_call_function_suppress_errors('rename', array($_FILES['attachfile']['tmp_name'], $fullpath))) {
1605 return true;
1606 }
1607 }
1608 $type = strtolower($_FILES['attachfile']['type']);
1609 $name = $_FILES['attachfile']['name'];
1610 $composeMessage->initAttachment($type, $name, $localfilename);
1611 }
1612
1613 /**
1614 * Parse strings such as "8M" and "2k" into their corresponding size in bytes
1615 *
1616 * NOTE: This function only recognizes the suffixes "K", "M" and "G"
1617 * and will probably break very easily if the given size is in
1618 * some completely different format.
1619 *
1620 * @param string $ini_size The input string to be converted
1621 *
1622 * @return mixed Boolean FALSE if something went wrong (the value passed in
1623 * was empty?, the suffix was not recognized?), otherwise, the
1624 * converted size in bytes (just the number (as an integer),
1625 * no unit identifier included)
1626 *
1627 */
1628 function getByteSize($ini_size) {
1629
1630 if(!$ini_size) {
1631 return FALSE;
1632 }
1633
1634 $ini_size = trim($ini_size);
1635
1636 // if there's some kind of letter at the end of the string we need to multiply.
1637 if(!is_numeric(substr($ini_size, -1))) {
1638
1639 switch(strtoupper(substr($ini_size, -1))) {
1640 case 'G':
1641 $bytesize = 1073741824;
1642 break;
1643 case 'M':
1644 $bytesize = 1048576;
1645 break;
1646 case 'K':
1647 $bytesize = 1024;
1648 break;
1649 default:
1650 return FALSE;
1651 }
1652
1653 return ($bytesize * (int)substr($ini_size, 0, -1));
1654 }
1655
1656 return $ini_size;
1657 }
1658
1659
1660 /**
1661 * temporary function to make use of the deliver class.
1662 * In the future the responsible backend should be automaticly loaded
1663 * and conf.pl should show a list of available backends.
1664 * The message also should be constructed by the message class.
1665 *
1666 * @param object $composeMessage The message being sent. Please note
1667 * that it is passed by reference and
1668 * will be returned modified, with additional
1669 * headers, such as Message-ID, Date, In-Reply-To,
1670 * References, and so forth.
1671 *
1672 * @return boolean FALSE if delivery failed, or some non-FALSE value
1673 * upon success.
1674 *
1675 */
1676 function deliverMessage(&$composeMessage, $draft=false) {
1677 global $send_to, $send_to_cc, $send_to_bcc, $mailprio, $subject, $body,
1678 $username, $identity, $idents, $data_dir,
1679 $request_mdn, $request_dr, $default_charset, $useSendmail,
1680 $domain, $action, $default_move_to_sent, $move_to_sent,
1681 $imapServerAddress, $imapPort, $sent_folder, $key;
1682
1683 $rfc822_header = $composeMessage->rfc822_header;
1684
1685 $abook = addressbook_init(false, true);
1686 $rfc822_header->to = $rfc822_header->parseAddress($send_to,true, array(), '', $domain, array(&$abook,'lookup'));
1687 $rfc822_header->cc = $rfc822_header->parseAddress($send_to_cc,true,array(), '',$domain, array(&$abook,'lookup'));
1688 $rfc822_header->bcc = $rfc822_header->parseAddress($send_to_bcc,true, array(), '',$domain, array(&$abook,'lookup'));
1689 $rfc822_header->priority = $mailprio;
1690 $rfc822_header->subject = $subject;
1691
1692 $special_encoding='';
1693 if (strtolower($default_charset) == 'iso-2022-jp') {
1694 if (mb_detect_encoding($body) == 'ASCII') {
1695 $special_encoding = '8bit';
1696 } else {
1697 $body = mb_convert_encoding($body, 'JIS');
1698 $special_encoding = '7bit';
1699 }
1700 }
1701 $composeMessage->setBody($body);
1702
1703 $reply_to = '';
1704 $reply_to = $idents[$identity]['reply_to'];
1705 if ($reply_to && strpos($reply_to, '@') === FALSE)
1706 $reply_to .= '@' . $domain;
1707
1708 $from_addr = build_from_header($identity);
1709 $rfc822_header->from = $rfc822_header->parseAddress($from_addr,true);
1710 if ($reply_to) {
1711 $rfc822_header->reply_to = $rfc822_header->parseAddress($reply_to,true);
1712 }
1713 /* Receipt: On Read */
1714 if (isset($request_mdn) && $request_mdn) {
1715 $rfc822_header->dnt = $rfc822_header->parseAddress($from_addr,true);
1716 } elseif (isset($rfc822_header->dnt)) {
1717 unset($rfc822_header->dnt);
1718 }
1719
1720 /* Receipt: On Delivery */
1721 if (!empty($request_dr)) {
1722 //FIXME: it would be better to fiddle with headers inside of the message object or possibly when delivering the message to its destination; is this possible?
1723 $rfc822_header->more_headers['Return-Receipt-To'] = $from_addr;
1724 } elseif (isset($rfc822_header->more_headers['Return-Receipt-To'])) {
1725 unset($rfc822_header->more_headers['Return-Receipt-To']);
1726 }
1727
1728 /* multipart messages */
1729 if (count($composeMessage->entities)) {
1730 $message_body = new Message();
1731 $message_body->body_part = $composeMessage->body_part;
1732 $composeMessage->body_part = '';
1733 $mime_header = new MessageHeader;
1734 $mime_header->type0 = 'text';
1735 $mime_header->type1 = 'plain';
1736 if ($special_encoding) {
1737 $mime_header->encoding = $special_encoding;
1738 } else {
1739 $mime_header->encoding = '8bit';
1740 }
1741 if ($default_charset) {
1742 $mime_header->parameters['charset'] = $default_charset;
1743 }
1744 $message_body->mime_header = $mime_header;
1745 array_unshift($composeMessage->entities, $message_body);
1746 $content_type = new ContentType('multipart/mixed');
1747 } else {
1748 $content_type = new ContentType('text/plain');
1749 if ($special_encoding) {
1750 $rfc822_header->encoding = $special_encoding;
1751 } else {
1752 $rfc822_header->encoding = '8bit';
1753 }
1754 if ($default_charset) {
1755 $content_type->properties['charset']=$default_charset;
1756 }
1757 }
1758
1759 $rfc822_header->content_type = $content_type;
1760 $composeMessage->rfc822_header = $rfc822_header;
1761 if ($action == 'reply' || $action == 'reply_all') {
1762 global $passed_id, $passed_ent_id;
1763 $reply_id = $passed_id;
1764 $reply_ent_id = $passed_ent_id;
1765 } else {
1766 $reply_id = '';
1767 $reply_ent_id = '';
1768 }
1769
1770 /* Here you can modify the message structure just before we hand
1771 it over to deliver; plugin authors note that $composeMessage
1772 is sent and modified by reference since 1.5.2 */
1773 do_hook('compose_send', $composeMessage);
1774
1775 if (!$useSendmail && !$draft) {
1776 require_once(SM_PATH . 'class/deliver/Deliver_SMTP.class.php');
1777 $deliver = new Deliver_SMTP();
1778 global $smtpServerAddress, $smtpPort, $pop_before_smtp, $pop_before_smtp_host;
1779
1780 $authPop = (isset($pop_before_smtp) && $pop_before_smtp) ? true : false;
1781 if (empty($pop_before_smtp_host)) $pop_before_smtp_host = $smtpServerAddress;
1782 get_smtp_user($user, $pass);
1783 $stream = $deliver->initStream($composeMessage,$domain,0,
1784 $smtpServerAddress, $smtpPort, $user, $pass, $authPop, $pop_before_smtp_host);
1785 } elseif (!$draft) {
1786 require_once(SM_PATH . 'class/deliver/Deliver_SendMail.class.php');
1787 global $sendmail_path, $sendmail_args;
1788 // Check for outdated configuration
1789 if (!isset($sendmail_args)) {
1790 if ($sendmail_path=='/var/qmail/bin/qmail-inject') {
1791 $sendmail_args = '';
1792 } else {
1793 $sendmail_args = '-i -t';
1794 }
1795 }
1796 $deliver = new Deliver_SendMail(array('sendmail_args'=>$sendmail_args));
1797 $stream = $deliver->initStream($composeMessage,$sendmail_path);
1798 } elseif ($draft) {
1799 global $draft_folder;
1800 $imap_stream = sqimap_login($username, false, $imapServerAddress,
1801 $imapPort, 0);
1802 if (sqimap_mailbox_exists ($imap_stream, $draft_folder)) {
1803 require_once(SM_PATH . 'class/deliver/Deliver_IMAP.class.php');
1804 $imap_deliver = new Deliver_IMAP();
1805 $success = $imap_deliver->mail($composeMessage, $imap_stream, $reply_id, $reply_ent_id, $imap_stream, $draft_folder);
1806 sqimap_logout($imap_stream);
1807 unset ($imap_deliver);
1808 $composeMessage->purgeAttachments();
1809 return $success;
1810 } else {
1811 $msg = '<br />'.sprintf(_("Error: Draft folder %s does not exist."), sm_encode_html_special_chars($draft_folder));
1812 plain_error_message($msg);
1813 return false;
1814 }
1815 }
1816 $success = false;
1817 if ($stream) {
1818 $deliver->mail($composeMessage, $stream, $reply_id, $reply_ent_id);
1819 $success = $deliver->finalizeStream($stream);
1820 }
1821 if (!$success) {
1822 // $deliver->dlv_server_msg is not always server's reply
1823 $msg = _("Message not sent.")
1824 . "<br />\n"
1825 . (isset($deliver->dlv_msg) ? $deliver->dlv_msg : '');
1826 if (!empty($deliver->dlv_server_msg)) {
1827 // add 'server replied' part only when it is not empty.
1828 // Delivery error can be generated by delivery class itself
1829 $msg .= '<br />'
1830 . _("Server replied:") . ' '
1831 . (isset($deliver->dlv_ret_nr) ? $deliver->dlv_ret_nr . ' ' : '')
1832 . nl2br(sm_encode_html_special_chars($deliver->dlv_server_msg));
1833 }
1834 plain_error_message($msg);
1835 } else {
1836 unset ($deliver);
1837 $imap_stream = sqimap_login($username, false, $imapServerAddress, $imapPort, 0);
1838
1839
1840 // mark as replied or forwarded if applicable
1841 //
1842 global $what, $iAccount, $startMessage, $passed_id, $fwduid, $mailbox;
1843
1844 if ($action=='reply' || $action=='reply_all' || $action=='forward' || $action=='forward_as_attachment') {
1845 require(SM_PATH . 'functions/mailbox_display.php');
1846 $aMailbox = sqm_api_mailbox_select($imap_stream, $iAccount, $mailbox,array('setindex' => $what, 'offset' => $startMessage),array());
1847 switch($action) {
1848 case 'reply':
1849 case 'reply_all':
1850 // check if we are allowed to set the \\Answered flag
1851 if (in_array('\\answered',$aMailbox['PERMANENTFLAGS'], true)) {
1852 $aUpdatedMsgs = sqimap_toggle_flag($imap_stream, array($passed_id), '\\Answered', true, false);
1853 if (isset($aUpdatedMsgs[$passed_id]['FLAGS'])) {
1854 /**
1855 * Only update the cached headers if the header is
1856 * cached.
1857 */
1858 if (isset($aMailbox['MSG_HEADERS'][$passed_id])) {
1859 $aMailbox['MSG_HEADERS'][$passed_id]['FLAGS'] = $aMsg['FLAGS'];
1860 }
1861 }
1862 }
1863 break;
1864 case 'forward':
1865 case 'forward_as_attachment':
1866 // check if we are allowed to set the $Forwarded flag (RFC 4550 paragraph 2.8)
1867 if (in_array('$forwarded',$aMailbox['PERMANENTFLAGS'], true) ||
1868 in_array('\\*',$aMailbox['PERMANENTFLAGS'])) {
1869
1870 // when forwarding as an attachment from the message
1871 // list, passed_id is not used, need to get UID(s)
1872 // from the query string
1873 //
1874 if (empty($passed_id) && !empty($fwduid))
1875 $ids = explode('_', $fwduid);
1876 else
1877 $ids = array($passed_id);
1878
1879 $aUpdatedMsgs = sqimap_toggle_flag($imap_stream, $ids, '$Forwarded', true, false);
1880
1881 foreach ($ids as $id) {
1882 if (isset($aUpdatedMsgs[$id]['FLAGS'])) {
1883 if (isset($aMailbox['MSG_HEADERS'][$id])) {
1884 $aMailbox['MSG_HEADERS'][$id]['FLAGS'] = $aMsg['FLAGS'];
1885 }
1886 }
1887 }
1888 }
1889 break;
1890 }
1891
1892 /**
1893 * Write mailbox with updated seen flag information back to cache.
1894 */
1895 if(isset($aUpdatedMsgs[$passed_id])) {
1896 $mailbox_cache[$iAccount.'_'.$aMailbox['NAME']] = $aMailbox;
1897 sqsession_register($mailbox_cache,'mailbox_cache');
1898 }
1899
1900 }
1901
1902
1903 // move to sent folder
1904 //
1905 $move_to_sent = getPref($data_dir,$username,'move_to_sent');
1906 if (isset($default_move_to_sent) && ($default_move_to_sent != 0)) {
1907 $svr_allow_sent = true;
1908 } else {
1909 $svr_allow_sent = false;
1910 }
1911
1912 if (isset($sent_folder) && (($sent_folder != '') || ($sent_folder != 'none'))
1913 && sqimap_mailbox_exists( $imap_stream, $sent_folder)) {
1914 $fld_sent = true;
1915 } else {
1916 $fld_sent = false;
1917 }
1918
1919 if ((isset($move_to_sent) && ($move_to_sent != 0)) || (!isset($move_to_sent))) {
1920 $lcl_allow_sent = true;
1921 } else {
1922 $lcl_allow_sent = false;
1923 }
1924
1925 if (($fld_sent && $svr_allow_sent && !$lcl_allow_sent) || ($fld_sent && $lcl_allow_sent)) {
1926 if ($action == 'reply' || $action == 'reply_all') {
1927 $save_reply_with_orig=getPref($data_dir,$username,'save_reply_with_orig');
1928 if ($save_reply_with_orig) {
1929 $sent_folder = $mailbox;
1930 }
1931 }
1932 require_once(SM_PATH . 'class/deliver/Deliver_IMAP.class.php');
1933 $imap_deliver = new Deliver_IMAP();
1934 $imap_deliver->mail($composeMessage, $imap_stream, $reply_id, $reply_ent_id, $imap_stream, $sent_folder);
1935 unset ($imap_deliver);
1936 }
1937
1938
1939 // final cleanup
1940 //
1941 $composeMessage->purgeAttachments();
1942 sqimap_logout($imap_stream);
1943
1944 }
1945 return $success;
1946 }