/* SquirrelMail required files. */
require_once(SM_PATH . 'include/validate.php');
+require_once(SM_PATH . 'functions/global.php');
require_once(SM_PATH . 'functions/imap.php');
require_once(SM_PATH . 'functions/date.php');
require_once(SM_PATH . 'functions/mime.php');
require_once(SM_PATH . 'functions/addressbook.php');
/* --------------------- Get globals ------------------------------------- */
-$username = $_SESSION['username'];
-$onetimepad = $_SESSION['onetimepad'];
-$base_uri = $_SESSION['base_uri'];
-$delimiter = $_SESSION['delimiter'];
+/** COOKIE VARS */
+sqgetGlobalVar('key', $key, SQ_COOKIE);
-if (isset($_POST['return'])) {
- $html_addr_search_done = 'Use Addresses';
-}
-if ( isset($_SESSION['composesession']) ) {
- $composesession = $_SESSION['composesession'];
-}
+/** SESSION VARS */
+sqgetGlobalVar('username', $username, SQ_SESSION);
+sqgetGlobalVar('onetimepad',$onetimepad, SQ_SESSION);
+sqgetGlobalVar('base_uri', $base_uri, SQ_SESSION);
+sqgetGlobalVar('delimiter', $delimiter, SQ_SESSION);
+
+sqgetGlobalVar('composesession', $composesession, SQ_SESSION);
+sqgetGlobalVar('compose_messages', $compose_messages, SQ_SESSION);
+
+/** SESSION/POST/GET VARS */
sqgetGlobalVar('action',$action);
sqgetGlobalVar('session',$session);
sqgetGlobalVar('mailbox',$mailbox);
sqgetGlobalVar('passed_ent_id',$passed_ent_id);
sqgetGlobalVar('send',$send);
-if ( isset($_POST['sigappend']) ) {
- $sigappend = $_POST['sigappend'];
-}
-/* From addressbook search */
-if ( isset($_POST['from_htmladdr_search']) ) {
- $from_htmladdr_search = $_POST['from_htmladdr_search'];
-}
-if ( isset($_POST['addr_search_done']) ) {
- $html_addr_search_done = $_POST['addr_search_done'];
-}
-if ( isset($_POST['send_to_search']) ) {
- $send_to_search = &$_POST['send_to_search'];
-}
-
-/* Attachments */
sqgetGlobalVar('attach',$attach);
-if ( isset($_POST['do_delete']) ) {
- $do_delete = $_POST['do_delete'];
-}
-if ( isset($_POST['delete']) ) {
- $delete = &$_POST['delete'];
-}
-if ( isset($_SESSION['compose_messages']) ) {
- $compose_messages = &$_SESSION['compose_messages'];
-}
-
-
-/* Forward message as attachment */
-if ( isset($_GET['attachedmessages']) ) {
- $attachedmessages = $_GET['attachedmessages'];
-}
-/* Drafts */
sqgetGlobalVar('draft',$draft);
sqgetGlobalVar('draft_id',$draft_id);
sqgetGlobalVar('ent_num',$ent_num);
sqgetGlobalVar('saved_draft',$saved_draft);
sqgetGlobalVar('delete_draft',$delete_draft);
-$key = $_COOKIE['key'];
+
+/** POST VARS */
+sqgetGlobalVar('sigappend', $sigappend, SQ_POST);
+sqgetGlobalVar('from_htmladdr_search', $from_htmladdr_search, SQ_POST);
+sqgetGlobalVar('addr_search_done', $html_addr_search_done, SQ_POST);
+sqgetGlobalVar('send_to_search', $send_to_search, SQ_POST);
+sqgetGlobalVar('do_delete', $do_delete, SQ_POST);
+sqgetGlobalVar('delete', $delete, SQ_POST);
+sqgetGlobalVar('restoremessages', $restoremessages, SQ_POST);
+if ( sqgetGlobalVar('return', $temp, SQ_POST) ) {
+ $html_addr_search_done = 'Use Addresses';
+}
+
+/** GET VARS */
+sqgetGlobalVar('attachedmessages', $attachedmessages, SQ_GET);
/* --------------------- Specific Functions ------------------------------ */
$subject = decodeHeader($orig_header->subject,false,false);
$subject = str_replace(' ',' ',$subject);
$bodyTop = str_pad(' '._("Original Message").' ',$editor_size -2,'-',STR_PAD_BOTH) .
- "\n\n". $display[_("Subject")] . $subject . "\n" .
+ "\n". $display[_("Subject")] . $subject . "\n" .
$display[_("From")] . $from . "\n" .
$display[_("Date")] . getLongDateString( $orig_header->date ). "\n" .
$display[_("To")] . $to . "\n";
* vars.
*/
if (sqsession_is_registered('session_expired_post')) {
- $session_expired_post = $_SESSION['session_expired_post'];
+ sqgetGlobalVar('session_expired_post', $session_expired_post, SQ_SESSION);
/*
* extra check for username so we don't display previous post data from
* another user during this session.
if (isset($send_to_bcc)) {
$values['send_to_bcc'] = $send_to_bcc;
}
+ if (isset($subject)) {
+ $values['subject'] = $subject;
+ }
showInputForm($session, $values);
}
$mailprio = $values['mailprio'];
$body = $values['body'];
$identity = (int) $values['identity'];
+ } else {
+ $send_to = decodeHeader($send_to);
+ $send_to_cc = decodeHeader($send_to_cc);
+ $send_to_bcc = decodeHeader($send_to_bcc);
}
if ($use_javascript_addr_book) {
showComposeButtonRow();
}
+ /* display select list for identities */
$idents = getPref($data_dir, $username, 'identities', 0);
if ($idents > 1) {
- echo ' <TR>' . "\n" .
- html_tag( 'td', '', 'right', $color[4], 'WIDTH="10%"' ) .
- _("From:") . '</TD>' . "\n" .
- html_tag( 'td', '', 'left', $color[4], 'WIDTH="90%"' ) .
- ' <select name=identity>' . "\n" .
- ' <option value=default>' .
- htmlspecialchars(getPref($data_dir, $username, 'full_name'));
+ $fn = getPref($data_dir, $username, 'full_name');
$em = getPref($data_dir, $username, 'email_address');
+ echo ' <tr>' . "\n" .
+ html_tag( 'td', '', 'right', $color[4], 'width="10%"' ) .
+ _("From:") . '</td>' . "\n" .
+ html_tag( 'td', '', 'left', $color[4], 'width="90%"' ) .
+ ' <select name="identity">' . "\n" .
+ ' <option value="default">' .
+ htmlspecialchars($fn);
if ($em != '') {
- echo htmlspecialchars(' <' . $em . '>') . "\n";
+ if($fn != '') {
+ echo htmlspecialchars(' <' . $em . '>') . "\n";
+ } else {
+ echo htmlspecialchars($em) . "\n";
+ }
}
for ($i = 1; $i < $idents; $i ++) {
+ $fn = getPref($data_dir, $username, 'full_name' . $i);
+ $em = getPref($data_dir, $username, 'email_address' . $i);
+
echo '<option value="' . $i . '"';
if (isset($identity) && $identity == $i) {
- echo ' SELECTED';
+ echo ' selected';
}
- echo '>' . htmlspecialchars(getPref($data_dir, $username,
- 'full_name' . $i));
- $em = getPref($data_dir, $username, 'email_address' . $i);
+ echo '>' . htmlspecialchars($fn);
if ($em != '') {
- echo htmlspecialchars(' <' . $em . '>') . "\n";
+ if($fn != '') {
+ echo htmlspecialchars(' <' . $em . '>') . "\n";
+ } else {
+ echo htmlspecialchars($em) . "\n";
+ }
}
echo '</option>';
}
echo '</select>' . "\n" .
- ' </TD>' . "\n" .
- ' </TR>' . "\n";
+ ' </td>' . "\n" .
+ ' </tr>' . "\n";
}
- echo ' <TR>' . "\n" .
- html_tag( 'td', '', 'right', $color[4], 'WIDTH="10%"' ) .
+ echo ' <tr>' . "\n" .
+ html_tag( 'td', '', 'right', $color[4], 'width="10%"' ) .
_("To:") . '</TD>' . "\n" .
- html_tag( 'td', '', 'left', $color[4], 'WIDTH="90%"' ) .
- ' <INPUT TYPE=text NAME="send_to" VALUE="' .
- $send_to . '" SIZE=60><BR>' . "\n" .
- ' </TD>' . "\n" .
- ' </TR>' . "\n" .
- ' <TR>' . "\n" .
+ html_tag( 'td', '', 'left', $color[4], 'width="90%"' ) .
+ ' <input type="text" name="send_to" value="' .
+ $send_to . '" size="60" /><br />' . "\n" .
+ ' </td>' . "\n" .
+ ' </tr>' . "\n" .
+ ' <tr>' . "\n" .
html_tag( 'td', '', 'right', $color[4] ) .
- _("CC:") . '</TD>' . "\n" .
+ _("CC:") . '</td>' . "\n" .
html_tag( 'td', '', 'left', $color[4] ) .
- ' <INPUT TYPE=text NAME="send_to_cc" SIZE=60 VALUE="' .
- $send_to_cc . '"><BR>' . "\n" .
- ' </TD>' . "\n" .
- ' </TR>' . "\n" .
- ' <TR>' . "\n" .
+ ' <input type="text" name="send_to_cc" size="60" value="' .
+ $send_to_cc . '" /><br />' . "\n" .
+ ' </td>' . "\n" .
+ ' </tr>' . "\n" .
+ ' <tr>' . "\n" .
html_tag( 'td', '', 'right', $color[4] ) .
- _("BCC:") . '</TD>' . "\n" .
+ _("BCC:") . '</td>' . "\n" .
html_tag( 'td', '', 'left', $color[4] ) .
- ' <INPUT TYPE=text NAME="send_to_bcc" VALUE="' .
- $send_to_bcc . '" SIZE=60><BR>' . "\n" .
- ' </TD>' . "\n" .
- ' </TR>' . "\n" .
- ' <TR>' . "\n" .
+ ' <input type="text" name="send_to_bcc" value="' .
+ $send_to_bcc . '" size="60" /><br />' . "\n" .
+ ' </td>' . "\n" .
+ ' </tr>' . "\n" .
+ ' <tr>' . "\n" .
html_tag( 'td', '', 'right', $color[4] ) .
- _("Subject:") . '</TD>' . "\n" .
+ _("Subject:") . '</td>' . "\n" .
html_tag( 'td', '', 'left', $color[4] ) . "\n";
- echo ' <INPUT TYPE=text NAME=subject SIZE=60 VALUE="' .
- $subject . '">' . "\n" .
- ' </TD>' . "\n" .
- ' </TR>' . "\n\n";
+ echo ' <input type="text" name="subject" size="60" value="' .
+ $subject . '" />' . "\n" .
+ ' </td>' . "\n" .
+ ' </tr>' . "\n\n";
if ($location_of_buttons == 'between') {
showComposeButtonRow();
}
+ /* why this distinction? */
if ($compose_new_win == '1') {
echo ' <TR>' . "\n" .
' <TD BGCOLOR="' . $color[0] . '" COLSPAN=2 ALIGN=CENTER>' . "\n" .
' <TEXTAREA NAME=body ROWS=20 COLS="' .
$editor_size . '" WRAP="VIRTUAL">';
}
+
if ($use_signature == true && $newmail == true && !isset($from_htmladdr_search)) {
if ($idents > 1) {
if ($identity == 'default') {
else {
echo decodeHeader($body,false,true);
}
- echo '</TEXTAREA><BR>' . "\n" .
- ' </TD>' . "\n" .
- ' </TR>' . "\n";
+ echo '</textarea><br />' . "\n" .
+ ' </td>' . "\n" .
+ ' </tr>' . "\n";
if ($location_of_buttons == 'bottom') {
showComposeButtonRow();
} else {
- echo ' <TR>' . "\n" .
- html_tag( 'td', '', 'right', '', 'COLSPAN=2' ) . "\n" .
- ' <INPUT TYPE=SUBMIT NAME=send VALUE="' . _("Send") . '">' . "\n" .
- ' <BR><BR>' . "\n" .
- ' </TD>' . "\n" .
- ' </TR>' . "\n";
+ echo ' <tr>' . "\n" .
+ html_tag( 'td', '', 'right', '', 'colspan="2"' ) . "\n" .
+ ' <input type="submit" name="send" value="' . _("Send") . '" />' . "\n" .
+ ' <br /><br />' . "\n" .
+ ' </td>' . "\n" .
+ ' </tr>' . "\n";
}
/* This code is for attachments */
if ((bool) ini_get('file_uploads')) {
- echo ' <TR>' . "\n" .
- ' <TD COLSPAN=2>' . "\n" .
+
+ /* Calculate the max size for an uploaded file.
+ * This is advisory for the user because we can't actually prevent
+ * people to upload too large files. */
+ $sizes = array();
+ /* php.ini vars which influence the max for uploads */
+ $configvars = array('post_max_size', 'memory_limit', 'upload_max_filesize');
+ foreach($configvars as $var) {
+ /* skip 0 or empty values */
+ if( $size = getByteSize(ini_get($var)) ) {
+ $sizes[] = $size;
+ }
+ }
+
+ if(count($sizes) > 0) {
+ $maxsize = '(max. ' . show_readable_size( min( $sizes ) ) . ')';
+ } else {
+ $maxsize = '';
+ }
+
+ echo ' <tr>' . "\n" .
+ ' <td colspan="2">' . "\n" .
' <table width="100%" cellpadding="1" cellspacing="0" align="center"'.
' border="0" bgcolor="'.$color[9].'">' . "\n" .
- ' <TR>' . "\n" .
- ' <TD>' . "\n" .
+ ' <tr>' . "\n" .
+ ' <td>' . "\n" .
' <table width="100%" cellpadding="3" cellspacing="0" align="center"'.
' border="0">' . "\n" .
- ' <TR>' . "\n" .
- html_tag( 'td', '', 'right', '', 'VALIGN=MIDDLE' ) .
- _("Attach:") . '</TD>' . "\n" .
- html_tag( 'td', '', 'left', '', 'VALIGN=MIDDLE' ) .
- ' <INPUT NAME="attachfile" SIZE=48 TYPE="file">' . "\n" .
+ ' <tr>' . "\n" .
+ html_tag( 'td', '', 'right', '', 'valign="middle"' ) .
+ _("Attach:") . '</td>' . "\n" .
+ html_tag( 'td', '', 'left', '', 'valign="middle"' ) .
+ ' <input name="attachfile" size="48" type="file" />' . "\n" .
' <input type="submit" name="attach"' .
' value="' . _("Add") .'">' . "\n" .
- ' </TD>' . "\n" .
- ' </TR>' . "\n";
+ $maxsize .
+ ' </td>' . "\n" .
+ ' </tr>' . "\n";
$s_a = array();
store the complete ComposeMessages array in a hidden input value
so we can restore them in case of a session timeout.
*/
+ sqgetGlobalVar('QUERY_STRING', $queryString, SQ_SERVER);
echo '<input type=hidden name=restoremessages value="' . urlencode(serialize($compose_messages)) . "\">\n";
echo '<input type=hidden name=composesession value="' . $composesession . "\">\n";
- echo '<input type=hidden name=querystring value="' . $_SERVER['QUERY_STRING'] . "\">\n";
+ echo '<input type=hidden name=querystring value="' . $queryString . "\">\n";
echo '</FORM>';
if (!(bool) ini_get('file_uploads')) {
/* File uploads are off, so we didn't show that part of the form.
echo "to this message. Please see your system administrator for details.\r\n";
}
-
do_hook('compose_bottom');
echo '</BODY></HTML>' . "\n";
}
$name = $_FILES['attachfile']['name'];
$message->initAttachment($type, $name, $full_localfilename);
$compose_messages[$session] = $message;
+ sqsession_register($compose_messages , 'compose_messages');
}
function ClearAttachments($composeMessage) {
}
}
+/* parse values like 8M and 2k into bytes */
+function getByteSize($ini_size) {
+
+ if(!$ini_size) return FALSE;
+ $ini_size = trim($ini_size);
+
+ switch(strtoupper(substr($ini_size, -1))) {
+ case 'G':
+ $bytesize = 1073741824;
+ break;
+ case 'M':
+ $bytesize = 1048576;
+ break;
+ case 'K':
+ $bytesize = 1024;
+ break;
+ default:
+ $bytesize = 1;
+ }
+
+ $bytesize *= (int)substr($ini_size, 0, -1);
+
+ return $bytesize;
+}
/* temporary function to make use of the deliver class.