* -------------
* Squirrelspell module.
*
- * Copyright (c) 1999-2002 The SquirrelMail development team
+ * Copyright (c) 1999-2005 The SquirrelMail development team
* Licensed under the GNU GPL. For full terms see the file COPYING.
*
* This module is the main workhorse of SquirrelSpell. It submits
* the message to the spell-checker, parses the output, and loads
* the interface window.
*
- * $Id$
- *
- * @author Konstantin Riabitsev <icon@duke.edu> ($Author$)
- * @version $Date$
+ * @author Konstantin Riabitsev <icon@duke.edu>
+ * @version $Id$
+ * @package plugins
+ * @subpackage squirrelspell
*/
/**
/**
* Declaring globals for users with E_ALL set.
*/
-global $sqspell_text, $SQSPELL_APP, $sqspell_use_app, $attachment_dir,
- $username, $SQSPELL_EREG, $color;
+global $SQSPELL_APP, $attachment_dir, $SQSPELL_EREG, $color;
+
+$sqspell_text = $_POST['sqspell_text'];
+$sqspell_use_app = $_POST['sqspell_use_app'];
/**
* Now we explode the lines for three reasons:
if(substr($sqspell_raw_lines[$i], 0, 1) != '>'){
$sqspell_new_lines[$i] = ' ' . $sqspell_raw_lines[$i];
} else {
- $sqspell_new_lines[$i] = '';
+ $sqspell_new_lines[$i] = ' ';
}
}
/**
*/
$sqspell_command=$SQSPELL_APP[$sqspell_use_app];
/**
- * For the simplicity's sake we'll put all text into a file in
- * attachment_dir directory, then cat it and pipe it to
- * sqspell_command. There are other ways to do it, including popen(),
- * but it's unidirectional and no fun at all.
- *
- * The name of the file is an md5 hash of the message itself plus
- * microtime. This prevents symlink attacks. The loop is here to
- * further enhance this feature, and make sure we don't overwrite
- * someone else's data, although the possibility of this happening is
- * QUITE remote.
- */
-do {
- $floc = "$attachment_dir/" . md5($sqspell_new_text . microtime());
-} while (file_exists($floc));
-/**
- * Write the contents to the file.
- */
-$fp=fopen($floc, 'w');
-fwrite($fp, $sqspell_new_text);
-fclose($fp);
-/**
- * Execute ispell/aspell and catch the output.
- */
-exec("cat $floc | $sqspell_command 2>&1", $sqspell_output, $sqspell_exitcode);
-/**
- * Remove the temp file.
+ * If you have php >= 4.3.0, we can use proc_open and safe mode
+ * and not mess w/ temp files. Otherwise we will do it the old
+ * way, (minus the uneeded call to cat that messes up Wintel
+ * boxen.)
+ * Thanks Ray Ferguson for providing this patch.
*/
-unlink($floc);
+if( check_php_version ( 4, 3 ) ) {
+ $descriptorspec = array(
+ 0 => array('pipe', 'r'), // stdin is a pipe that the child will read from
+ 1 => array('pipe', 'w'), // stdout is a pipe that the child will write to
+ 2 => array('pipe', 'w'), // stderr is a pipe that the child will write to
+ );
+ $spell_proc = @proc_open($sqspell_command, $descriptorspec, $pipes);
+ if ( ! is_resource ( $spell_proc ) ) {
+ error_box ( _("Could not run the spellchecker command (%s).",
+ htmlspecialchars($sqspell_command) ) , $color );
+ }
+ if ( ! @fwrite($pipes[0], $sqspell_new_text) ) {
+ error_box ( _("Error while writing to pipe.",
+ htmlspecialchars($floc) ) , $color );
+ }
+ fclose($pipes[0]);
+ $sqspell_output = array();
+ for($i=1; $i<=2; $i++) {
+ while(!feof($pipes[$i])) {
+ array_push($sqspell_output, rtrim(fgetss($pipes[$i],999),"\n"));
+ }
+ fclose($pipes[$i]);
+ }
+ $sqspell_exitcode=proc_close($spell_proc);
+} else {
+ do {
+ $floc = "$attachment_dir/" . md5($sqspell_new_text . microtime());
+ } while (file_exists($floc));
+ $fp = @fopen($floc, 'w');
+ if ( ! is_resource ($fp) ) {
+ error_box ( _("Could not open temporary file '%s'.",
+ htmlspecialchars($floc) ) , $color );
+ }
+ if ( ! @fwrite($fp, $sqspell_new_text) ) {
+ error_box ( _("Error while writing to temporary file '%s'.",
+ htmlspecialchars($floc) ) , $color );
+ }
+ fclose($fp);
+ exec("$sqspell_command < $floc 2>&1", $sqspell_output, $sqspell_exitcode);
+ unlink($floc);
+}
/**
* Check if the execution was successful. Bail out if it wasn't.
$msg= "<div align='center'>"
. sprintf(_("I tried to execute '%s', but it returned:"),
$sqspell_command) . "<pre>"
- . nl2br(join("\n", $sqspell_output)) . "</pre>"
- . "<form onsubmit=\"return false\">"
- . "<input type=\"submit\" value=\" " . _("Close")
- . " \" onclick=\"self.close()\"></form></div>";
+ . htmlspecialchars(join("\n", $sqspell_output)) . '</pre>'
+ . '<form onsubmit="return false">'
+ . '<input type="submit" value=" ' . _("Close")
+ . ' " onclick="self.close()" /></form></div>';
sqspell_makeWindow(null, _("SquirrelSpell is misconfigured."), null, $msg);
exit;
}
}
if (isset($locations[$sqspell_word])){
$locations[$sqspell_word] .= ', ';
- } else {
+ } else {
$locations[$sqspell_word] = '';
}
$locations[$sqspell_word] .= "$current_line:$sqspell_symb";
$tmparray = explode(" ", $sqspell_output[$i]);
$sqspell_word=$tmparray[1];
/**
- *
+ *
* Check if the word is in user dictionary.
*/
if (!$SQSPELL_EREG("\n$sqspell_word\n", $words)){
$sqspell_symb=intval($tmparray[2])-1;
- if (!$misses[$sqspell_word]) {
- $misses[$sqspell_word] = '_NONE';
- $missed_words[$errors] = $sqspell_word;
- $errors++;
+ if (!isset($misses[$sqspell_word])) {
+ $misses[$sqspell_word] = '_NONE';
+ $missed_words[$errors] = $sqspell_word;
+ $errors++;
+ }
+ if (isset($locations[$sqspell_word])) {
+ $locations[$sqspell_word] .= ', ';
+ } else {
+ $locations[$sqspell_word] = '';
}
- if ($locations[$sqspell_word]) $locations[$sqspell_word] .= ', ';
$locations[$sqspell_word] .= "$current_line:$sqspell_symb";
}
break;
}
if ($errors){
- /**
- * So, there are errors
- * This is the only place where the generic GUI-wrapper is not
- * called, but generated right here. This is due to the complexity
- * of the output.
- */
- echo "<html>\n"
- . "<head>\n"
- . '<title>' . _("SquirrelSpell Results") . '</title>';
- /**
- * Check if there are user-defined stylesheets.
- */
- if ($theme_css != '') {
- echo "<LINK REL=\"stylesheet\" TYPE=\"text/css\" HREF=\"$theme_css\">\n";
- }
/**
* Load the spelling errors into JavaScript arrays
* (More dark magic!)
*/
- echo "<script type=\"text/javascript\">\n"
+ $extrajs="<script type=\"text/javascript\">\n"
. "<!--\n";
-
+
$sqspell_lines = explode("\n", $sqspell_text);
/**
* The javascript array sqspell_lines[] contains all lines of
* the message we've been checking.
*/
- echo "var sqspell_lines=new Array();\n";
+ $extrajs.= "var sqspell_lines=new Array();\n";
for ($i=0; $i<sizeof($sqspell_lines); $i++){
- echo "sqspell_lines[$i] = \""
+ $extrajs.= "sqspell_lines[$i] = \""
. chop(addslashes($sqspell_lines[$i])) . "\";\n";
- }
- echo "\n\n";
+ }
+ $extrajs.= "\n\n";
/**
* The javascript array misses[] contais all misspelled words.
*/
- echo "var misses=new Array();\n";
+ $extrajs.= "var misses=new Array();\n";
for ($i=0; $i<sizeof($missed_words); $i++){
- echo "misses[$i] = \"" . $missed_words[$i] . "\";\n";
+ $extrajs.= "misses[$i] = \"" . $missed_words[$i] . "\";\n";
}
- echo "\n\n";
-
+ $extrajs.= "\n\n";
+
/**
* Suggestions are (guess what!) suggestions for misspellings
*/
- echo "var suggestions = new Array();\n";
+ $extrajs.= "var suggestions = new Array();\n";
$i=0;
while (list($word, $value) = each($misses)){
if ($value=='_NONE') $value='';
- echo "suggestions[$i] = \"$value\";\n";
+ $extrajs.= "suggestions[$i] = \"$value\";\n";
$i++;
}
- echo "\n\n";
+ $extrajs.= "\n\n";
/**
* Locations are where those misspellings are located, line:symbol
*/
- echo "var locations= new Array();\n";
+ $extrajs.= "var locations= new Array();\n";
$i=0;
while (list($word, $value) = each($locations)){
- echo "locations[$i] = \"$value\";\n";
+ $extrajs.= "locations[$i] = \"$value\";\n";
$i++;
}
- /**
+ /**
* Add some strings so they can be i18n'd.
*/
- echo "var ui_completed = \"" . _("Spellcheck completed. Commit changes?")
+ $extrajs.= "var ui_completed = \"" . _("Spellcheck completed. Commit changes?")
. "\";\n";
- echo "var ui_nochange = \"" . _("No changes were made.") . "\";\n";
- echo "var ui_wait = \""
+ $extrajs.= "var ui_nochange = \"" . _("No changes were made.") . "\";\n";
+ $extrajs.= "var ui_wait = \""
. _("Now saving your personal dictionary... Please wait.")
. "\";\n";
-
+
/**
* Did I mention that I hate dots on the end of contcatenated lines?
* Dots at the beginning make so much more sense!
*/
- echo "//-->\n"
+ $extrajs.= "//-->\n"
. "</script>\n"
- . "<script src=\"js/check_me.js\" type=\"text/javascript\"></script>\n"
- . "</head>\n";
-
+ . "<script src=\"js/check_me.js\" type=\"text/javascript\"></script>\n";
+
+
+ displayHtmlHeader(_("SquirrelSpell Results"),$extrajs);
+
echo "<body bgcolor=\"$color[4]\" text=\"$color[8]\" link=\"$color[7]\" "
. "alink=\"$color[7]\" vlink=\"$color[7]\" "
. "onload=\"populateSqspellForm()\">\n";
</tr>
<tr>
<td>
- <hr>
+ <hr />
</td>
</tr>
<tr>
<form method="post">
<input type="hidden" name="MOD" value="forget_me_not" />
<input type="hidden" name="words" value="" />
- <input type="hidden" name="sqspell_use_app"
+ <input type="hidden" name="sqspell_use_app"
value="<?php echo $sqspell_use_app ?>" />
<table border="0" width="100%">
<tr align="center">
echo $sptag . _("Line with an error:") . '</span>';
?>
<br />
- <textarea name="sqspell_line_area" cols="50" rows="3"
+ <textarea name="sqspell_line_area" cols="50" rows="3"
wrap="hard" onfocus="this.blur()"></textarea>
</td>
</tr>
?>
</td>
<td align="left" width="25%">
- <input name="sqspell_error" size="10" value=""
+ <input name="sqspell_error" size="10" value=""
onfocus="this.blur()" />
</td>
<td align="right" width="25%">
?>
</td>
<td align="left" width="25%">
- <select name="sqspell_suggestion"
+ <select name="sqspell_suggestion"
onchange="if (this.options[this.selectedIndex].value != '_NONE') document.forms[0].sqspell_oruse.value=this.options[this.selectedIndex].value">
<?php
echo '<option>' . _("Suggestions") . '</option>';
</td>
<td align="left">
<input name="sqspell_oruse" size="15" value=""
- onfocus="if(!this.value) this.value=document.forms[0].sqspell_error.value">
+ onfocus="if(!this.value) this.value=document.forms[0].sqspell_error.value" />
</td>
<td align="right">
<?php
?>
</td>
<td align="left">
- <input name="sqspell_likethis" size=3 value="" onfocus="this.blur()">
+ <input name="sqspell_likethis" size=3 value="" onfocus="this.blur()" />
</td>
</tr>
<!-- hello? What is this? </td></tr> -->
<tr>
- <td colspan="4"><hr></td>
+ <td colspan="4"><hr /></td>
</tr>
<tr>
<td colspan="4">
<table border="0" cellpadding="0" cellspacing="3" width="100%">
- <tr align="center" bgcolor="<?php echo $color[9] ?>">
+ <tr align="center" bgcolor="<?php echo $color[9] ?>">
<?php
- SpellLink('sqspellChange()',
- _("Change this word"),
- _("Change"));
- SpellLink('sqspellChangeAll()',
- _("Change ALL occurances of this word"),
- _("Change All"));
- SpellLink('sqspellIgnore()',
- _("Ignore this word"),
- _("Ignore"));
- SpellLink('sqspellIgnoreAll()',
- _("Ignore ALL occurances this word"),
- _("Ignore All"));
- SpellLink('sqspellRemember()',
- _("Add this word to your personal dictionary"),
- _("Add to Dic"));
+ SpellLink('sqspellChange()',
+ _("Change this word"),
+ _("Change"));
+ SpellLink('sqspellChangeAll()',
+ _("Change ALL occurances of this word"),
+ _("Change All"));
+ SpellLink('sqspellIgnore()',
+ _("Ignore this word"),
+ _("Ignore"));
+ SpellLink('sqspellIgnoreAll()',
+ _("Ignore ALL occurances this word"),
+ _("Ignore All"));
+ SpellLink('sqspellRemember()',
+ _("Add this word to your personal dictionary"),
+ _("Add to Dic"));
?>
</tr>
</table>
</td>
</tr>
<tr>
- <td colspan="4"><hr></td>
+ <td colspan="4"><hr /></td>
</tr>
<tr>
- <td colspan="4" align="center" bgcolor="<?php echo $color[9] ?>">
- <?php
- echo '<input type="button" value=" '
- . _("Close and Commit")
- . ' " onclick="if (confirm(\''
- . _("The spellcheck is not finished. Really close and commit changes?")
- . '\')) sqspellCommitChanges()">'
- . ' <input type="button" value=" '
- . _("Close and Cancel")
- . ' " onclick="if (confirm(\''
- . _("The spellcheck is not finished. Really close and discard changes?")
- . '\')) self.close()">';
+ <td colspan="4" align="center" bgcolor="<?php echo $color[9] ?>">
+ <?php
+ echo '<input type="button" value=" '
+ . _("Close and Commit")
+ . ' " onclick="if (confirm(\''
+ . _("The spellcheck is not finished. Really close and commit changes?")
+ . '\')) sqspellCommitChanges()" />'
+ . ' <input type="button" value=" '
+ . _("Close and Cancel")
+ . ' " onclick="if (confirm(\''
+ . _("The spellcheck is not finished. Really close and discard changes?")
+ . '\')) self.close()" />';
?>
</td>
</tr>
/**
* AREN'T YOU SUCH A KNOW-IT-ALL!
*/
- $msg="<form onsubmit=\"return false\"><div align=\"center\">"
- . "<input type=\"submit\" value=\" " . _("Close")
- . " \" onclick=\"self.close()\"></div></form>";
+ $msg='<form onsubmit="return false"><div align="center">'.
+ '<input type="submit" value=" ' . _("Close") .
+ ' " onclick="self.close()" /></div></form>';
sqspell_makeWindow(null, _("No errors found"), null, $msg);
}
* Local variables:
* mode: php
* End:
+ * vim: syntax=php et ts=4
*/
?>