include("../functions/display_messages.php");
if (!isset($auth_php))
include ("../functions/auth.php");
+ if (!isset($plugin_php))
+ include ("../functions/plugin.php");
include("../src/load_prefs.php");
global $forward_id, $imapConnection, $msg, $ent_num, $body_ary, $body,
$reply_id, $send_to, $send_to_cc, $mailbox, $send_to_bcc;
- $send_to = decodeHeader($send_to);
- $send_to_cc = decodeHeader($send_to_cc);
+ $send_to = sqStripSlashes(decodeHeader($send_to));
+ $send_to_cc = sqStripSlashes(decodeHeader($send_to_cc));
+ $send_to_bcc = sqStripSlashes(decodeHeader($send_to_bcc));
if ($forward_id)
$id = $forward_id;
$body = "";
for ($i=0; $i < count($body_ary); $i++) {
if ($i==0 && $forward_id) {
- $tmp = _("-------- Original Message ---------\n");
+ $tmp = "-------- " . _("Original Message") . " --------\n";
$tmp .= _("Subject") . ": " . $orig_header->subject . "\n";
$tmp .= " " . _("From") . ": " . $orig_header->from . "\n";
$tmp .= " " . _("To") . ": " . $orig_header->to[0] . "\n";
else
$body = "$body> $tmp\n";
}
+ sqimap_mailbox_close($imapConnection);
return $body;
}
$send_to = sqimap_find_email($send_to);
}
-// $send_to = ereg_replace("\"", "", $send_to);
- $send_to = stripslashes($send_to);
-
/** This formats a CC string if they hit "reply all" **/
if ($send_to_cc != "") {
+ $send_to_cc = ereg_replace( '"[^"]*"', "", $send_to_cc);
$send_to_cc = ereg_replace(";", ",", $send_to_cc);
$sendcc = explode(",", $send_to_cc);
$send_to_cc = "";
global $send_to, $send_to_cc, $reply_subj, $forward_subj, $body,
$passed_body, $color, $use_signature, $signature, $editor_size,
$attachments, $subject, $newmail, $use_javascript_addr_book,
- $send_to_bcc, $reply_id, $mailbox;
+ $send_to_bcc, $reply_id, $mailbox, $from_htmladdr_search;
- $subject = decodeHeader($subject);
+ $subject = sqStripSlashes(decodeHeader($subject));
$reply_subj = decodeHeader($reply_subj);
$forward_subj = decodeHeader($forward_subj);
+ $body = sqStripSlashes($body);
if ($use_javascript_addr_book) {
echo "\n<SCRIPT LANGUAGE=JavaScript><!--\n";
}
echo "\n<FORM name=compose action=\"compose.php\" METHOD=POST ENCTYPE=\"multipart/form-data\">\n";
+ //echo "\n<FORM name=compose action=\"compose.php\" METHOD=POST>\n";
if ($reply_id) {
echo "<input type=hidden name=reply_id value=$reply_id>\n";
- }
+ }
printf("<INPUT TYPE=hidden NAME=mailbox VALUE=\"%s\">\n", htmlspecialchars($mailbox));
- echo "<TABLE WIDTH=50 ALIGN=center CELLSPACING=0 BORDER=0>\n";
+ echo "<TABLE WIDTH=\"100%\" ALIGN=center CELLSPACING=0 BORDER=0>\n";
echo " <TR>\n";
- echo " <TD WIDTH=50 BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
+ echo " <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
echo _("To:");
- echo " </TD><TD colspan=2 WIDTH=\"100%\" BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
+ echo " </TD><TD BGCOLOR=\"$color[4]\">\n";
printf(" <INPUT TYPE=text NAME=\"send_to\" VALUE=\"%s\" SIZE=60><BR>\n",
- htmlspecialchars($send_to));
+ htmlspecialchars($send_to));
echo " </TD>\n";
echo " </TR>\n";
echo " <TR>\n";
- echo " <TD WIDTH=50 BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
+ echo " <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
echo _("CC:");
- echo " </TD><TD colspan=2 BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
+ echo " </TD><TD BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
printf(" <INPUT TYPE=text NAME=\"send_to_cc\" SIZE=60 VALUE=\"%s\"><BR>\n",
- htmlspecialchars($send_to_cc));
+ htmlspecialchars($send_to_cc));
echo " </TD>\n";
echo " </TR>\n";
echo " <TR>\n";
- echo " <TD WIDTH=50 BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
+ echo " <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
echo _("BCC:");
echo " </TD><TD BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
printf(" <INPUT TYPE=text NAME=\"send_to_bcc\" VALUE=\"%s\" SIZE=60><BR>\n",
- htmlspecialchars($send_to_bcc));
+ htmlspecialchars($send_to_bcc));
echo "</TD></TR>\n";
echo " <TR>\n";
- echo " <TD WIDTH=50 BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
+ echo " <TD BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
echo _("Subject:");
echo " </TD><TD BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
if ($reply_subj) {
$reply_subj = str_replace("\"", "'", $reply_subj);
- $reply_subj = stripslashes($reply_subj);
+ $reply_subj = sqStripSlashes($reply_subj);
$reply_subj = trim($reply_subj);
if (substr(strtolower($reply_subj), 0, 3) != "re:")
$reply_subj = "Re: $reply_subj";
printf(" <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
- htmlspecialchars($reply_subj));
+ htmlspecialchars($reply_subj));
} else if ($forward_subj) {
$forward_subj = str_replace("\"", "'", $forward_subj);
- $forward_subj = stripslashes($forward_subj);
+ $forward_subj = sqStripSlashes($forward_subj);
$forward_subj = trim($forward_subj);
if ((substr(strtolower($forward_subj), 0, 4) != "fwd:") &&
(substr(strtolower($forward_subj), 0, 5) != "[fwd:") &&
(substr(strtolower($forward_subj), 0, 6) != "[ fwd:"))
$forward_subj = "[Fwd: $forward_subj]";
printf(" <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
- htmlspecialchars($forward_subj));
+ htmlspecialchars($forward_subj));
} else {
- printf(" <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
- htmlspecialchars($subject));
+ printf(" <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
+ htmlspecialchars($subject));
}
echo "</td></tr>\n\n";
echo " <input type=submit name=\"html_addr_search\" value=\""._("Addresses")."\">";
}
echo "\n <INPUT TYPE=SUBMIT NAME=send VALUE=\"". _("Send") . "\">\n";
+
+ do_hook("compose_button_row");
+
echo " </TD>\n";
echo " </TR>\n\n";
echo " <TR>\n";
- echo " <TD BGCOLOR=\"$color[4]\" COLSPAN=3>\n";
+ echo " <TD BGCOLOR=\"$color[4]\" COLSPAN=2>\n";
echo " <TEXTAREA NAME=body ROWS=20 COLS=\"$editor_size\" WRAP=HARD>";
- if ($use_signature == true && $newmail == true) {
- echo htmlspecialchars($body) . "\n\n-- \n" . htmlspecialchars($signature);
+ if ($use_signature == true && $newmail == true && !isset($from_htmladdr_search)) {
+ echo (htmlspecialchars($body)) . "\n\n-- \n" . htmlspecialchars($signature);
} else {
- echo htmlspecialchars($body);
+ echo (htmlspecialchars($body));
}
echo "</TEXTAREA><BR>\n";
echo " </TD>\n";
echo " </TR>\n";
- echo " <TR><TD COLSPAN=3 ALIGN=CENTER><INPUT TYPE=SUBMIT NAME=send VALUE=\"";
+ echo " <TR><TD COLSPAN=2 ALIGN=CENTER><INPUT TYPE=SUBMIT NAME=send VALUE=\"";
echo _("Send");
echo "\"></TD></TR>\n";
// This code is for attachments
echo " <tr>\n";
- echo " <TD WIDTH=50 BGCOLOR=\"$color[0]\" VALIGN=TOP ALIGN=RIGHT>\n";
+ echo " <TD BGCOLOR=\"$color[0]\" VALIGN=TOP ALIGN=RIGHT>\n";
echo " <SMALL><BR></SMALL>"._("Attach:");
- echo " </td><td colspan=2 ALIGN=left BGCOLOR=\"$color[0]\">\n";
+ echo " </td><td ALIGN=left BGCOLOR=\"$color[0]\">\n";
// echo " <INPUT TYPE=\"hidden\" name=\"MAX_FILE_SIZE\"\n";
// echo " value=\"10000\">\n";
echo " <INPUT NAME=\"attachfile\" TYPE=\"file\">\n";
- echo " <input type=\"submit\" name=\"attach\"\n";
- echo " value=\"" . _("Add") ."\">\n";
+ echo " <input type=\"submit\" name=\"attach\"";
+ echo " value=\"" . _("Add") ."\">\n";
echo " </td>\n";
echo " </tr>\n";
if (isset($attachments) && count($attachments)>0) {
- echo "</tr><tr><td width=50 bgcolor=\"$color[0]\" align=right>\n";
+ echo "<tr><td bgcolor=\"$color[0]\" align=right>\n";
echo " ";
- echo "</td><td align=left colspan=2 bgcolor=\"$color[0]\">";
+ echo "</td><td align=left bgcolor=\"$color[0]\">";
while (list($localname, $remotename) = each($attachments)) {
echo "<input type=\"checkbox\" name=\"delete[]\" value=\"$localname\">\n";
echo "$remotename <input type=\"hidden\" name=\"attachments[$localname]\" value=\"$remotename\"><br>\n";
echo "</TABLE>\n";
echo "</FORM>";
+ do_hook("compose_bottom");
}
function showSentForm () {
error message, show=true **/
global $body, $send_to, $subject, $color;
- if ($body == "" && $subject == "") {
- if ($show)
- plain_error_message(_("You have not entered a message body or a subject."), $color);
- return false;
- } else if ($send_to == "") {
+ if ($send_to == "") {
if ($show)
plain_error_message(_("You have not filled in the \"To:\" field."), $color);
return false;
is_logged_in();
displayPageHeader($color, $mailbox);
- $body = stripslashes($body);
- $send_to = stripslashes($send_to);
- $send_to_cc = stripslashes($send_to_cc);
- $send_to_bcc = stripslashes($send_to_bcc);
- $subject = stripslashes($subject);
+ $send_to = sqStripSlashes($send_to);
+ $send_to_cc = sqStripSlashes($send_to_cc);
+ $send_to_bcc = sqStripSlashes($send_to_bcc);
for ($i=0; $i < count($send_to_search); $i++) {
if ($send_to)
$localfilename = $localfilename;
// Put the file in a better place
- error_reporting(0); // Rename will produce error output if it fails
- if (!rename($attachfile, $attachment_dir.$localfilename)) {
- if (!copy($attachfile, $attachment_dir.$localfilename)) {
- plain_error_message(_("Could not move/copy file. File not attached"));
+ // This shouldn't be here... Ondrej Sury <ondrej@sury.cz>
+ //$tmp=explode('/',$attachfile);
+ //$attachfile=$tmp[count($tmp)-1];
+ //$attachfile=ereg_replace('\.{2,}','',$attachfile);
+
+ //error_reporting(0); // Rename will produce error output if it fails
+ //if (!rename($attachfile, $attachment_dir.$localfilename)) {
+ // if (!copy($attachfile, $attachment_dir.$localfilename)) {
+ if (!@rename($attachfile, $attachment_dir.$localfilename)) {
+ if (!@copy($attachfile, $attachment_dir.$localfilename)) {
+ plain_error_message(_("Could not move/copy file. File not attached"), $color);
$failed = true;
}
}
is_logged_in();
displayPageHeader($color, $mailbox);
- while (list($key, $localname) = each($delete)) {
- array_splice ($attachments, $key, 1);
+ while (list($lkey, $localname) = each($delete)) {
+ array_splice ($attachments, $lkey, 1);
unlink ($attachment_dir.$localname);
unlink ($attachment_dir.$localname.".info");
}