projects / squirrelmail.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
-fix for Bug 112604
[squirrelmail.git] / src / compose.php
1 <?php
2 /**
3 ** compose.php
4 **
5 ** Copyright (c) 1999-2000 The SquirrelMail development team
6 ** Licensed under the GNU GPL. For full terms see the file COPYING.
7 **
8 ** This code sends a mail.
9 **
10 ** There are 3 modes of operation:
11 ** - Start new mail
12 ** - Add an attachment
13 ** - Send mail
14 **/
15
16 session_start();
17
18 if (!isset($config_php))
19 include("../config/config.php");
20 if (!isset($strings_php))
21 include("../functions/strings.php");
22 if (!isset($page_header_php))
23 include("../functions/page_header.php");
24 if (!isset($imap_php))
25 include("../functions/imap.php");
26 if (!isset($date_php))
27 include("../functions/date.php");
28 if (!isset($mime_php))
29 include("../functions/mime.php");
30 if (!isset($smtp_php))
31 include("../functions/smtp.php");
32 if (!isset($display_messages_php))
33 include("../functions/display_messages.php");
34 if (!isset($auth_php))
35 include ("../functions/auth.php");
36 if (!isset($plugin_php))
37 include ("../functions/plugin.php");
38
39 include("../src/load_prefs.php");
40
41 // This function is used when not sending or adding attachments
42 function newMail () {
43 global $forward_id, $imapConnection, $msg, $ent_num, $body_ary, $body,
44 $reply_id, $send_to, $send_to_cc, $mailbox, $send_to_bcc;
45
46 $send_to = sqStripSlashes(decodeHeader($send_to));
47 $send_to_cc = sqStripSlashes(decodeHeader($send_to_cc));
48 $send_to_bcc = sqStripSlashes(decodeHeader($send_to_bcc));
49
50 if ($forward_id)
51 $id = $forward_id;
52 else if ($reply_id)
53 $id = $reply_id;
54
55
56 if ($id) {
57 sqimap_mailbox_select($imapConnection, $mailbox);
58 $message = sqimap_get_message($imapConnection, $id, $mailbox);
59 $orig_header = $message->header;
60 if ($ent_num)
61 $message = getEntity($message, $ent_num);
62
63 if ($message->header->type0 == "text" || $message->header->type1 == "message") {
64 if ($ent_num)
65 $body = decodeBody(mime_fetch_body($imapConnection, $id, $ent_num), $message->header->encoding);
66 else
67 $body = decodeBody(mime_fetch_body($imapConnection, $id, 1), $message->header->encoding);
68 } else {
69 $body = "";
70 }
71
72 if ($message->header->type1 == "html")
73 $body = strip_tags($body);
74
75 $body_ary = explode("\n", $body);
76 $body = "";
77 for ($i=0; $i < count($body_ary); $i++) {
78 if ($i==0 && $forward_id) {
79 $tmp = "-------- " . _("Original Message") . " --------\n";
80 $tmp .= _("Subject") . ": " . $orig_header->subject . "\n";
81 $tmp .= " " . _("From") . ": " . $orig_header->from . "\n";
82 $tmp .= " " . _("To") . ": " . $orig_header->to[0] . "\n";
83 if (count($orig_header->to) > 1) {
84 for ($x=1; $x < count($orig_header->to); $x++) {
85 $tmp .= " " . $orig_header->to[$x] . "\n";
86 }
87 }
88 $tmp .= "\n" . $body_ary[$i];
89 } else {
90 $tmp = $body_ary[$i];
91 }
92 if ($forward_id)
93 $body = "$body$tmp\n";
94 else
95 $body = "$body> $tmp\n";
96 }
97 sqimap_mailbox_close($imapConnection);
98 return $body;
99 }
100
101 if (!$send_to) {
102 $send_to = sqimap_find_email($send_to);
103 }
104
105 /** This formats a CC string if they hit "reply all" **/
106 if ($send_to_cc != "") {
107 $send_to_cc = ereg_replace( '"[^"]*"', "", $send_to_cc);
108 $send_to_cc = ereg_replace(";", ",", $send_to_cc);
109 $sendcc = explode(",", $send_to_cc);
110 $send_to_cc = "";
111
112 for ($i = 0; $i < count($sendcc); $i++) {
113 $sendcc[$i] = trim($sendcc[$i]);
114 if ($sendcc[$i] == "")
115 continue;
116
117 $sendcc[$i] = sqimap_find_email($sendcc[$i]);
118 $whofrom = sqimap_find_displayable_name($msg["HEADER"]["FROM"]);
119 $whoreplyto = sqimap_find_email($msg["HEADER"]["REPLYTO"]);
120
121 if ((strtolower(trim($sendcc[$i])) != strtolower(trim($whofrom))) &&
122 (strtolower(trim($sendcc[$i])) != strtolower(trim($whoreplyto))) &&
123 (trim($sendcc[$i]) != "")) {
124 $send_to_cc .= trim($sendcc[$i]) . ", ";
125 }
126 }
127 $send_to_cc = trim($send_to_cc);
128 if (substr($send_to_cc, -1) == ",") {
129 $send_to_cc = substr($send_to_cc, 0, strlen($send_to_cc) - 1);
130 }
131 }
132 } // function newMail()
133
134 function showInputForm () {
135 global $send_to, $send_to_cc, $reply_subj, $forward_subj, $body,
136 $passed_body, $color, $use_signature, $signature, $editor_size,
137 $attachments, $subject, $newmail, $use_javascript_addr_book,
138 $send_to_bcc, $reply_id, $mailbox, $from_htmladdr_search;
139
140 $subject = sqStripSlashes(decodeHeader($subject));
141 $reply_subj = decodeHeader($reply_subj);
142 $forward_subj = decodeHeader($forward_subj);
143
144 if ($use_javascript_addr_book) {
145 echo "\n<SCRIPT LANGUAGE=JavaScript><!--\n";
146 echo "function open_abook() { \n";
147 echo " var nwin = window.open(\"addrbook_popup.php\",\"abookpopup\",";
148 echo "\"width=670,height=300,resizable=yes,scrollbars=yes\");\n";
149 echo " if((!nwin.opener) && (document.windows != null))\n";
150 echo " nwin.opener = document.windows;\n";
151 echo "}\n";
152 echo "// --></SCRIPT>\n\n";
153 }
154
155 echo "\n<FORM name=compose action=\"compose.php\" METHOD=POST ENCTYPE=\"multipart/form-data\">\n";
156 //echo "\n<FORM name=compose action=\"compose.php\" METHOD=POST>\n";
157 if ($reply_id) {
158 echo "<input type=hidden name=reply_id value=$reply_id>\n";
159 }
160 printf("<INPUT TYPE=hidden NAME=mailbox VALUE=\"%s\">\n", htmlspecialchars($mailbox));
161 echo "<TABLE WIDTH=\"100%\" ALIGN=center CELLSPACING=0 BORDER=0>\n";
162 echo " <TR>\n";
163 echo " <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
164 echo _("To:");
165 echo " </TD><TD BGCOLOR=\"$color[4]\">\n";
166 printf(" <INPUT TYPE=text NAME=\"send_to\" VALUE=\"%s\" SIZE=60><BR>\n",
167 htmlspecialchars($send_to));
168 echo " </TD>\n";
169 echo " </TR>\n";
170 echo " <TR>\n";
171 echo " <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
172 echo _("CC:");
173 echo " </TD><TD BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
174 printf(" <INPUT TYPE=text NAME=\"send_to_cc\" SIZE=60 VALUE=\"%s\"><BR>\n",
175 htmlspecialchars($send_to_cc));
176 echo " </TD>\n";
177 echo " </TR>\n";
178 echo " <TR>\n";
179 echo " <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
180 echo _("BCC:");
181 echo " </TD><TD BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
182 printf(" <INPUT TYPE=text NAME=\"send_to_bcc\" VALUE=\"%s\" SIZE=60><BR>\n",
183 htmlspecialchars($send_to_bcc));
184 echo "</TD></TR>\n";
185
186 echo " <TR>\n";
187 echo " <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
188 echo _("Subject:");
189 echo " </TD><TD BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
190 if ($reply_subj) {
191 $reply_subj = str_replace("\"", "'", $reply_subj);
192 $reply_subj = sqStripSlashes($reply_subj);
193 $reply_subj = trim($reply_subj);
194 if (substr(strtolower($reply_subj), 0, 3) != "re:")
195 $reply_subj = "Re: $reply_subj";
196 printf(" <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
197 htmlspecialchars($reply_subj));
198 } else if ($forward_subj) {
199 $forward_subj = str_replace("\"", "'", $forward_subj);
200 $forward_subj = sqStripSlashes($forward_subj);
201 $forward_subj = trim($forward_subj);
202 if ((substr(strtolower($forward_subj), 0, 4) != "fwd:") &&
203 (substr(strtolower($forward_subj), 0, 5) != "[fwd:") &&
204 (substr(strtolower($forward_subj), 0, 6) != "[ fwd:"))
205 $forward_subj = "[Fwd: $forward_subj]";
206 printf(" <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
207 htmlspecialchars($forward_subj));
208 } else {
209 printf(" <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
210 htmlspecialchars($subject));
211 }
212 echo "</td></tr>\n\n";
213
214 echo " <TR><td>\n </td><td>\n";
215 if ($use_javascript_addr_book) {
216 echo " <SCRIPT LANGUAGE=JavaScript><!--\n document.write(\"";
217 echo " <input type=button value=\\\""._("Addresses")."\\\" onclick='javascript:open_abook();'>\");";
218 echo " // --></SCRIPT><NOSCRIPT>\n";
219 echo " <input type=submit name=\"html_addr_search\" value=\""._("Addresses")."\">";
220 echo " </NOSCRIPT>\n";
221 } else {
222 echo " <input type=submit name=\"html_addr_search\" value=\""._("Addresses")."\">";
223 }
224 echo "\n <INPUT TYPE=SUBMIT NAME=send VALUE=\"". _("Send") . "\">\n";
225
226 do_hook("compose_button_row");
227
228 echo " </TD>\n";
229 echo " </TR>\n\n";
230
231
232 echo " <TR>\n";
233 echo " <TD BGCOLOR=\"$color[4]\" COLSPAN=2>\n";
234 echo " &nbsp;&nbsp;<TEXTAREA NAME=body ROWS=20 COLS=\"$editor_size\" WRAP=HARD>";
235 if ($use_signature == true && $newmail == true && !isset($from_htmladdr_search)) {
236 echo (htmlspecialchars($body)) . "\n\n-- \n" . htmlspecialchars($signature);
237 } else {
238 echo (htmlspecialchars($body));
239 }
240 echo "</TEXTAREA><BR>\n";
241 echo " </TD>\n";
242 echo " </TR>\n";
243 echo " <TR><TD COLSPAN=2 ALIGN=CENTER><INPUT TYPE=SUBMIT NAME=send VALUE=\"";
244 echo _("Send");
245 echo "\"></TD></TR>\n";
246
247 // This code is for attachments
248 echo " <tr>\n";
249 echo " <TD BGCOLOR=\"$color[0]\" VALIGN=TOP ALIGN=RIGHT>\n";
250 echo " <SMALL><BR></SMALL>"._("Attach:");
251 echo " </td><td ALIGN=left BGCOLOR=\"$color[0]\">\n";
252 // echo " <INPUT TYPE=\"hidden\" name=\"MAX_FILE_SIZE\"\n";
253 // echo " value=\"10000\">\n";
254 echo " <INPUT NAME=\"attachfile\" TYPE=\"file\">\n";
255 echo " &nbsp;&nbsp;<input type=\"submit\" name=\"attach\"";
256 echo " value=\"" . _("Add") ."\">\n";
257 echo " </td>\n";
258 echo " </tr>\n";
259 if (isset($attachments) && count($attachments)>0) {
260 echo "</tr><tr><td bgcolor=\"$color[1]\" align=right>\n";
261 echo "&nbsp;";
262 echo "</td><td align=left bgcolor=\"$color[0]\">";
263 while (list($localname, $remotename) = each($attachments)) {
264 echo "<input type=\"checkbox\" name=\"delete[]\" value=\"$localname\">\n";
265 echo "$remotename <input type=\"hidden\" name=\"attachments[$localname]\" value=\"$remotename\"><br>\n";
266 }
267
268 echo "<input type=\"submit\" name=\"do_delete\" value=\""._("Delete selected attachments")."\">\n";
269 echo "</td></tr>";
270 }
271 // End of attachment code
272
273 echo "</TABLE>\n";
274 echo "</FORM>";
275 do_hook("compose_bottom");
276 }
277
278 function showSentForm () {
279 echo "<BR><BR><BR><CENTER><B>Message Sent!</B><BR><BR>";
280 echo "You will be automatically forwarded.<BR>If not, <A HREF=\"right_main.php\">click here</A>";
281 echo "</CENTER>";
282 }
283
284 function checkInput ($show) {
285 /** I implemented the $show variable because the error messages
286 were getting sent before the page header. So, I check once
287 using $show=false, and then when i'm ready to display the
288 error message, show=true **/
289 global $body, $send_to, $subject, $color;
290
291 if ($send_to == "") {
292 if ($show)
293 plain_error_message(_("You have not filled in the \"To:\" field."), $color);
294 return false;
295 }
296 return true;
297 } // function checkInput()
298
299
300 if (($mailbox == "") || ($mailbox == "None"))
301 $mailbox = "INBOX";
302
303 if(isset($send)) {
304 if (checkInput(false)) {
305 $urlMailbox = urlencode ($mailbox);
306 sendMessage($send_to, $send_to_cc, $send_to_bcc, $subject, $body, $reply_id);
307 header ("Location: right_main.php?mailbox=$urlMailbox&sort=$sort&startMessage=1");
308 } else {
309 $imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
310 displayPageHeader($color, $mailbox);
311 checkInput(true);
312
313 showInputForm();
314 sqimap_logout($imapConnection);
315 }
316 } else if ($html_addr_search_done) {
317 is_logged_in();
318 displayPageHeader($color, $mailbox);
319
320 $send_to = sqStripSlashes($send_to);
321 $send_to_cc = sqStripSlashes($send_to_cc);
322 $send_to_bcc = sqStripSlashes($send_to_bcc);
323
324 for ($i=0; $i < count($send_to_search); $i++) {
325 if ($send_to)
326 $send_to .= ", ";
327 $send_to .= $send_to_search[$i];
328 }
329
330 for ($i=0; $i < count($send_to_cc_search); $i++) {
331 if ($send_to_cc)
332 $send_to_cc .= ", ";
333 $send_to_cc .= $send_to_cc_search[$i];
334 }
335
336 showInputForm();
337 } else if ($html_addr_search) {
338 // I am using an include so as to elminiate an extra unnecessary click. If you
339 // can think of a better way, please implement it.
340 include ("addrbook_search_html.php");
341 } else if (isset($attach)) {
342 is_logged_in();
343 displayPageHeader($color, $mailbox);
344
345 $localfilename = md5("$attachfile, $attachfile_name, $REMOTE_IP, $REMOTE_PORT, $UNIQUE_ID, and everything else that may add entropy");
346 $localfilename = $localfilename;
347
348 // Put the file in a better place
349 $tmp=explode('/',$attachfile);
350 $attachfile=$tmp[count($tmp)-1];
351 $attachfile=ereg_replace('\.{2,}','',$attachfile);
352
353 error_reporting(0); // Rename will produce error output if it fails
354 if (!rename($attachfile, $attachment_dir.$localfilename)) {
355 if (!copy($attachfile, $attachment_dir.$localfilename)) {
356 plain_error_message(_("Could not move/copy file. File not attached"), $color);
357 $failed = true;
358 }
359 }
360 // If it still exists, PHP will remove the original file
361
362 if (!$failed) {
363 // Write information about the file
364 $fp = fopen ($attachment_dir.$localfilename.".info", "w");
365 fputs ($fp, "$attachfile_type\n$attachfile_name\n");
366 fclose ($fp);
367
368 $attachments[$localfilename] = $attachfile_name;
369 }
370
371 showInputForm();
372 } else if (isset($do_delete)) {
373 is_logged_in();
374 displayPageHeader($color, $mailbox);
375
376 while (list($lkey, $localname) = each($delete)) {
377 array_splice ($attachments, $lkey, 1);
378 unlink ($attachment_dir.$localname);
379 unlink ($attachment_dir.$localname.".info");
380 }
381
382 showInputForm();
383 } else {
384 $imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
385 displayPageHeader($color, $mailbox);
386
387 $newmail = true;
388 newMail();
389 showInputForm();
390 sqimap_logout($imapConnection);
391 }
392 ?>
Unnamed repository; edit this file 'description' to name the repository.