* - Send mail
* - Save As Draft
*
- * @copyright © 1999-2007 The SquirrelMail Project Team
+ * @copyright 1999-2018 The SquirrelMail Project Team
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
* @version $Id$
* @package squirrelmail
require_once(SM_PATH . 'functions/addressbook.php');
require_once(SM_PATH . 'functions/forms.php');
require_once(SM_PATH . 'functions/identity.php');
+global $imap_stream_options; // in case not defined in config
/* --------------------- Get globals ------------------------------------- */
$oErrorHandler->setDelayedErrors(true);
/** SESSION/POST/GET VARS */
-sqgetGlobalVar('send', $send, SQ_POST);
+sqgetGlobalVar('send_button_count', $send_button_count, SQ_POST, 1, SQ_TYPE_INT);
+for ($i = 1; $i <= $send_button_count; $i++)
+ if (sqgetGlobalVar('send' . $i, $send, SQ_POST)) break;
// Send can only be achieved by setting $_POST var. If Send = true then
// retrieve other form fields from $_POST
if (isset($send) && $send) {
}
sqgetGlobalVar('session',$session, $SQ_GLOBAL);
sqgetGlobalVar('mailbox',$mailbox, $SQ_GLOBAL);
+sqgetGlobalVar('identity',$orig_identity, $SQ_GLOBAL);
if(!sqgetGlobalVar('identity',$identity, $SQ_GLOBAL)) {
$identity=0;
}
sqgetGlobalVar('request_dr',$request_dr, $SQ_GLOBAL);
sqgetGlobalVar('html_addr_search',$html_addr_search, $SQ_GLOBAL);
sqgetGlobalVar('mail_sent',$mail_sent, $SQ_GLOBAL);
-sqgetGlobalVar('passed_id',$passed_id, $SQ_GLOBAL);
+sqgetGlobalVar('passed_id',$passed_id, $SQ_GLOBAL, NULL, SQ_TYPE_BIGINT);
sqgetGlobalVar('passed_ent_id',$passed_ent_id, $SQ_GLOBAL);
+sqgetGlobalVar('fwduid',$fwduid, $SQ_GLOBAL, '');
sqgetGlobalVar('attach',$attach, SQ_POST);
sqgetGlobalVar('draft',$draft, SQ_POST);
if ( sqgetGlobalVar('smaction_edit_new',$tmp) ) $action = 'edit_as_new';
}
+sqgetGlobalVar('smtoken', $submitted_token, $SQ_GLOBAL, '');
+
/**
* Here we decode the data passed in from mailto.php.
*/
$url_replytoallcc = '';
foreach( $url_replytoall_ar as $email => $personal) {
if ($personal) {
- // if personal name contains address separator then surround
- // the personal name with double quotes.
- if (strpos($personal,',') !== false) {
- $personal = '"'.$personal.'"';
- }
- $url_replytoallcc .= ", $personal <$email>";
+ // always quote personal name (can't just quote it if
+ // it contains a comma separator, since it might still
+ // be encoded)
+ $url_replytoallcc .= ", \"$personal\" <$email>";
} else {
$url_replytoallcc .= ', '. $email;
}
/* Otherwise, try to select the desired citation style. */
switch ($reply_citation_style) {
case 'author_said':
- /**
- * To translators: %s is for author's name
- */
+ // i18n: %s is for author's name
$full_reply_citation = sprintf(_("%s wrote:"),$sOrig_from);
break;
case 'quote_who':
$full_reply_citation = $start . $sOrig_from . $end;
break;
case 'date_time_author':
- /**
- * To translators:
- * first %s is for date string, second %s is for author's name. Date uses
- * formating from "D, F j, Y g:i a" and "D, F j, Y H:i" translations.
- * Example string:
- * "On Sat, December 24, 2004 23:59, Santa wrote:"
- * If you have to put author's name in front of date string, check comments about
- * argument swapping at http://www.php.net/sprintf
- */
+ // i18n:
+ // The first %s is for date string, the second %s is for author's name.
+ // The date uses formating from "D, F j, Y g:i a" and "D, F j, Y H:i"
+ // translations.
+ // Example string:
+ // "On Sat, December 24, 2004 23:59, Santa wrote:"
+ // If you have to put author's name in front of date string, check comments about
+ // argument swapping at http://php.net/sprintf
$full_reply_citation = sprintf(_("On %s, %s wrote:"), getLongDateString($orig_date), $sOrig_from);
break;
case 'user-defined':
'subject', 'newmail', 'send_to_bcc', 'passed_id', 'mailbox',
'from_htmladdr_search', 'identity', 'draft_id', 'delete_draft',
'mailprio', 'edit_as_new', 'attachments', 'composesession',
- 'request_mdn', 'request_dr');
+ 'request_mdn', 'request_dr', 'fwduid');
foreach ($compo_var_list as $var) {
if ( isset($session_expired_post[$var]) && !isset($$var) ) {
} else {
$sHeaderJs = (isset($sHeaderJs)) ? $sHeaderJs : '';
if (strpos($action, 'reply') !== false && $reply_focus) {
- $sBodyTagJs = 'onload="checkForm(\''.$replyfocus.'\');"';
+ $sOnload = 'checkForm(\''.$replyfocus.'\');';
} else {
- $sBodyTagJs = 'onload="checkForm();"';
+ $sOnload = 'checkForm();';
}
- displayPageHeader($color, $mailbox,$sHeaderJs,$sBodyTagJs);
+ displayPageHeader($color, $mailbox,$sHeaderJs,$sOnload);
}
showInputForm($session, false);
exit();
}
if ($draft) {
+
+ // validate security token
+ //
+ sm_validate_security_token($submitted_token, -1, TRUE);
+
/*
* Set $default_charset to correspond with the user's selection
* of language interface.
$draft_message = _("Draft Email Saved");
/* If this is a resumed draft, then delete the original */
if(isset($delete_draft)) {
- $imap_stream = sqimap_login($username, false, $imapServerAddress, $imapPort, false);
+ $imap_stream = sqimap_login($username, false, $imapServerAddress, $imapPort, false, $imap_stream_options);
sqimap_mailbox_select($imap_stream, $draft_folder);
// force bypass_trash=true because message should be saved when deliverMessage() returns true.
// in current implementation of sqimap_msgs_list_flag() single message id can
}
if ($send) {
+
+ // validate security token
+ //
+ sm_validate_security_token($submitted_token, -1, TRUE);
+
if (isset($_FILES['attachfile']) &&
$_FILES['attachfile']['tmp_name'] &&
$_FILES['attachfile']['tmp_name'] != 'none') {
$AttachFailure = saveAttachedFiles($session);
}
+
if (checkInput(false) && !isset($AttachFailure)) {
if ($mailbox == "All Folders") {
/* We entered compose via the search results page */
/* if it is resumed draft, delete draft message */
if ( isset($delete_draft)) {
- $imap_stream = sqimap_login($username, false, $imapServerAddress, $imapPort, false);
+ $imap_stream = sqimap_login($username, false, $imapServerAddress, $imapPort, false, $imap_stream_options);
sqimap_mailbox_select($imap_stream, $draft_folder);
// bypass_trash=true because message should be saved when deliverMessage() returns true.
// in current implementation of sqimap_msgs_list_flag() single message id can
exit();
} else {
if ( !isset($pageheader_sent) || !$pageheader_sent ) {
- header("Location: $location/right_main.php?mailbox=$urlMailbox".
- "&startMessage=$startMessage&mail_sent=$mail_sent");
+ global $return_to_message_after_reply;
+ if (($action === 'reply' || $action === 'reply_all' || $action === 'forward' || $action === 'forward_as_attachment')
+ && $return_to_message_after_reply && $passed_id)
+ header("Location: $location/read_body.php?passed_id=$passed_id&mailbox=$urlMailbox".
+ "&startMessage=$startMessage&mail_sent=$mail_sent");
+ else
+ header("Location: $location/right_main.php?mailbox=$urlMailbox".
+ "&startMessage=$startMessage&mail_sent=$mail_sent");
} else {
//FIXME: DON'T ECHO HTML FROM CORE!
echo ' <br><br><div style="text-align: center;"><a href="' . $location
/* sqimap_logout($imapConnection); */
}
} elseif (isset($html_addr_search_done)) {
+
+ // validate security token
+ //
+ sm_validate_security_token($submitted_token, -1, TRUE);
+
if ($compose_new_win == '1') {
compose_Header($color, $mailbox);
}
*/
include_once('./addrbook_search_html.php');
} elseif (isset($attach)) {
+
+ // validate security token
+ //
+ sm_validate_security_token($submitted_token, -1, TRUE);
+
if ($compose_new_win == '1') {
compose_Header($color, $mailbox);
} else {
showInputForm($session);
}
elseif (isset($sigappend)) {
+
+ // validate security token
+ //
+ sm_validate_security_token($submitted_token, -1, TRUE);
+
$signature = $idents[$identity]['signature'];
$body .= "\n\n".($prefix_sig==true? "-- \n":'').$signature;
}
showInputForm($session);
} elseif (isset($do_delete)) {
+
+ // validate security token
+ //
+ sm_validate_security_token($submitted_token, -1, TRUE);
+
if ($compose_new_win == '1') {
compose_Header($color, $mailbox);
} else {
foreach($delete as $index) {
if (!empty($composeMessage->entities) && isset($composeMessage->entities[$index])) {
$composeMessage->entities[$index]->purgeAttachments();
+ // FIXME: one person reported that unset() didn't do anything at all here, so this is a work-around... but it triggers PHP notices if the unset() doesn't work, which should be fixed... but bigger question is if unset() doesn't work here, what about everywhere else? Anyway, uncomment this if you think you need it
+ //$composeMessage->entities[$index] = NULL;
unset ($composeMessage->entities[$index]);
}
}
$values = newMail($mailbox,$passed_id,$passed_ent_id, $action, $session);
+ // forward as attachment - subject is in the message in session
+ //
+ if ($action == 'forward_as_attachment' && empty($values['subject']))
+ $subject = $composeMessage->rfc822_header->subject;
+
/* in case the origin is not read_body.php */
if (isset($send_to)) {
$values['send_to'] = $send_to;
if (isset($subject)) {
$values['subject'] = $subject;
}
+ if (isset($mailprio)) {
+ $values['mailprio'] = $mailprio;
+ }
+ if (isset($orig_identity)) {
+ $values['identity'] = $orig_identity;
+ }
showInputForm($session, $values);
}
function newMail ($mailbox='', $passed_id='', $passed_ent_id='', $action='', $session='') {
global $editor_size, $default_use_priority, $body, $idents,
$use_signature, $data_dir, $username,
- $key, $imapServerAddress, $imapPort,
+ $key, $imapServerAddress, $imapPort, $imap_stream_options,
$composeMessage, $body_quote, $request_mdn, $request_dr,
$mdn_user_support, $languages, $squirrelmail_language,
- $default_charset;
+ $default_charset, $do_not_reply_to_self;
/*
* Set $default_charset to correspond with the user's selection
if ($passed_id) {
$imapConnection = sqimap_login($username, false, $imapServerAddress,
- $imapPort, 0);
+ $imapPort, 0, $imap_stream_options);
sqimap_mailbox_select($imapConnection, $mailbox);
$message = sqimap_get_message($imapConnection, $passed_id, $mailbox);
if (count($idents) > 1) {
foreach($idents as $nr=>$data) {
$enc_from_name = '"'.$data['full_name'].'" <'. $data['email_address'].'>';
- if(strtolower($enc_from_name) == strtolower($orig_from)) {
- $identity = $nr;
- break;
- }
$identities[] = $enc_from_name;
}
$identity_match = $orig_header->findAddress($identities);
- if ($identity_match) {
+ if ($identity_match !== FALSE) {
$identity = $identity_match;
}
}
// rewrap the body to clean up quotations and line lengths
sqBodyWrap($body, $editor_size);
$composeMessage = getAttachments($message, $composeMessage, $passed_id, $entities, $imapConnection);
+ if (!empty($orig_header->x_sm_flag_reply))
+ $composeMessage->rfc822_header->more_headers['X-SM-Flag-Reply'] = $orig_header->x_sm_flag_reply;
+//TODO: completely unclear if should be using $compose_session instead of $session below
+ $compose_messages[$session] = $composeMessage;
+ sqsession_register($compose_messages,'compose_messages');
break;
case ('edit_as_new'):
$send_to = decodeHeader($orig_header->getAddr_s('to'),false,false,true);
case ('forward_as_attachment'):
$subject = getforwardSubject(decodeHeader($orig_header->subject,false,false,true));
$composeMessage = getMessage_RFC822_Attachment($message, $composeMessage, $passed_id, $passed_ent_id, $imapConnection);
+ $subject = decodeHeader($orig_header->subject,false,false,true);
+ $subject = str_replace('"', "'", $subject);
+ $subject = trim($subject);
+ if (substr(strtolower($subject), 0, 4) != 'fwd:') {
+ $subject = 'Fwd: ' . $subject;
+ }
$body = '';
break;
case ('reply_all'):
} else {
$send_to_cc = replyAllString($orig_header);
$send_to_cc = decodeHeader($send_to_cc,false,false,true);
+ $send_to_cc = str_replace('""', '"', $send_to_cc);
}
case ('reply'):
// skip this if send_to was already set right above here
if(!$send_to) {
$send_to = $orig_header->reply_to;
if (is_array($send_to) && count($send_to)) {
- $send_to = $orig_header->getAddr_s('reply_to');
+ $send_to = $orig_header->getAddr_s('reply_to', ',', FALSE, TRUE);
} else if (is_object($send_to)) { /* unneccesarry, just for failsafe purpose */
- $send_to = $orig_header->getAddr_s('reply_to');
+ $send_to = $orig_header->getAddr_s('reply_to', ',', FALSE, TRUE);
} else {
- $send_to = $orig_header->getAddr_s('from');
+ $send_to = $orig_header->getAddr_s('from', ',', FALSE, TRUE);
}
}
$send_to = decodeHeader($send_to,false,false,true);
+ $send_to = str_replace('""', '"', $send_to);
+
+
+ // If user doesn't want replies to her own messages
+ // going back to herself (instead send again to the
+ // original recipient of the message being replied to),
+ // then iterate through identities, checking if the TO
+ // field is one of them (if the reply is to ourselves)
+ //
+ // Note we don't bother if the original message doesn't
+ // have anything in the TO field itself (because that's
+ // what we use if we change the recipient to be that of
+ // the previous message)
+ //
+ if ($do_not_reply_to_self && !empty($orig_header->to)) {
+
+ $orig_to = '';
+
+ foreach($idents as $id) {
+
+ if (!empty($id['email_address'])
+ && strpos($send_to, $id['email_address']) !== FALSE) {
+
+ // if this is a reply-all, the original recipient
+ // is already in the CC field, so we can just blank
+ // the recipient (TO field) (as long as the CC field
+ // isn't empty that is)... but then move the CC into
+ // the TO, so TO isn't empty
+ //
+ if ($action == 'reply_all' && !empty($send_to_cc)) {
+ $orig_to = $send_to_cc;
+ $send_to_cc = '';
+ break;
+ }
+
+ $orig_to = $orig_header->to;
+ if (is_array($orig_to) && count($orig_to)) {
+ $orig_to = $orig_header->getAddr_s('to', ',', FALSE, TRUE);
+ } else if (is_object($orig_to)) { /* unneccesarry, just for failsafe purpose */
+ $orig_to = $orig_header->getAddr_s('to', ',', FALSE, TRUE);
+ } else {
+ $orig_to = '';
+ }
+ $orig_to = decodeHeader($orig_to,false,false,true);
+ $orig_to = str_replace('""', '"', $orig_to);
+
+ break;
+ }
+ }
+
+ // if the reply was addressed back to ourselves,
+ // we will send it to the TO of the previous message
+ //
+ if (!empty($orig_to)) {
+
+ $send_to = $orig_to;
+
+ // in this case, we also want to reset the FROM
+ // identity as well (it should match the original
+ // *FROM* header instead of TO or CC)
+ //
+ if (count($idents) > 1) {
+ $identity = '';
+ foreach($idents as $i => $id) {
+ if (!empty($id['email_address'])
+ && strpos($orig_from, $id['email_address']) !== FALSE) {
+ $identity = $i;
+ break;
+ }
+ }
+ }
+
+ }
+
+ }
+
+
$subject = decodeHeader($orig_header->subject,false,false,true);
$subject = str_replace('"', "'", $subject);
$subject = trim($subject);
$body = '';
$strip_sigs = getPref($data_dir, $username, 'strip_sigs');
foreach ($rewrap_body as $line) {
- if ($strip_sigs && substr($line,0,3) == '-- ') {
+ if ($strip_sigs && rtrim($line, "\r\n") == '-- ') {
break;
}
if (preg_match("/^(>+)/", $line, $matches)) {
$filename = $message->getFilename();
break;
}
- $filename = str_replace(' ', ' ', decodeHeader($filename));
+//FIXME: added three args to the following, so as to set the last one to TRUE, to mimick a fix in 1.4.21 (#2994865), but didn't test this (note that in 1.4.21, the 2nd and 3rd args are FALSE, but here in this code, they weren't being specified (thus defaulting to TRUE), so I don't know if that means this code is outdated and should have been changed to FALSE, FALSE or if this code is completely different and the addition of the TRUE for arg #4 is wrong
+ $filename = str_replace(' ', ' ', decodeHeader($filename, true, true, true));
if (isset($languages[$squirrelmail_language]['XTRA_CODE']) &&
function_exists($languages[$squirrelmail_language]['XTRA_CODE'] . '_encode')) {
$filename = call_user_func($languages[$squirrelmail_language]['XTRA_CODE'] . '_encode', $filename);
$body, $startMessage, $action, $attachments,
$use_signature, $signature, $prefix_sig, $session_expired,
$editor_size, $editor_height, $subject, $newmail,
- $use_javascript_addr_book, $passed_id, $mailbox,
+ $use_javascript_addr_book, $passed_id, $mailbox, $fwduid,
$from_htmladdr_search, $location_of_buttons, $attachment_dir,
$username, $data_dir, $identity, $idents, $delete_draft,
$mailprio, $compose_new_win, $saved_draft, $mail_sent, $sig_first,
// to do; SquirrelMail itself will add the final "return true".
// Onsubmit text is enclosed inside of double quotes, so plugins
// need to quote accordingly.
+ //
+ // Also, plugin authors should try to retain compatibility with
+ // the Compose Extras plugin by resetting its compose submit
+ // counter when preventing form submit. Use this code:
+ // if (your-code-here) { submit_count = 0; return false; }
+ //
if (checkForJavascript()) {
- $onsubmit_text = ' onsubmit="';
if (empty($compose_onsubmit))
$compose_onsubmit = array();
else if (!is_array($compose_onsubmit))
$compose_onsubmit = array($compose_onsubmit);
+ $onsubmit_text = '';
foreach ($compose_onsubmit as $text) {
$text = trim($text);
- if (substr($text, -1) != ';' && substr($text, -1) != '}')
- $text .= '; ';
- $onsubmit_text .= $text;
+ if (!empty($text)) {
+ if (substr($text, -1) != ';' && substr($text, -1) != '}')
+ $text .= '; ';
+ $onsubmit_text .= $text;
+ }
}
+ if (!empty($onsubmit_text))
//FIXME: DON'T ECHO HTML FROM CORE!
- echo $onsubmit_text . ' return true;"';
+ echo ' onsubmit="' . $onsubmit_text . ' return true;"';
}
//FIXME: NO HTML IN CORE!
echo ">\n";
+//FIXME: DON'T ECHO HTML FROM CORE!
+ echo addHidden('smtoken', sm_generate_security_token());
+
//FIXME: DON'T ECHO HTML FROM CORE!
echo addHidden('startMessage', $startMessage);
echo addHidden('passed_id', $passed_id);
}
+ if (isset($fwduid)) {
+//FIXME: DON'T ECHO HTML FROM CORE!
+ echo addHidden('fwduid', $fwduid);
+ }
+
if ($saved_draft == 'yes') {
$oTemplate->assign('note', _("Your draft has been saved."));
$oTemplate->display('note.tpl');
$oTemplate->assign('identity_def', $identity);
$oTemplate->assign('input_onfocus', 'onfocus="'.join(' ', $onfocus_array).'"');
- $oTemplate->assign('to', htmlspecialchars($send_to));
- $oTemplate->assign('cc', htmlspecialchars($send_to_cc));
- $oTemplate->assign('bcc', htmlspecialchars($send_to_bcc));
- $oTemplate->assign('subject', htmlspecialchars($subject));
+ $oTemplate->assign('to', sm_encode_html_special_chars($send_to));
+ $oTemplate->assign('cc', sm_encode_html_special_chars($send_to_cc));
+ $oTemplate->assign('bcc', sm_encode_html_special_chars($send_to_bcc));
+ $oTemplate->assign('subject', sm_encode_html_special_chars($subject));
+
+ // access keys...
+ //
+ global $accesskey_compose_to, $accesskey_compose_cc,
+ $accesskey_compose_identity, $accesskey_compose_bcc,
+ $accesskey_compose_subject;
+ $oTemplate->assign('accesskey_compose_identity', $accesskey_compose_identity);
+ $oTemplate->assign('accesskey_compose_to', $accesskey_compose_to);
+ $oTemplate->assign('accesskey_compose_cc', $accesskey_compose_cc);
+ $oTemplate->assign('accesskey_compose_bcc', $accesskey_compose_bcc);
+ $oTemplate->assign('accesskey_compose_subject', $accesskey_compose_subject);
$oTemplate->display('compose_header.tpl');
} else {
$body_str = "\n\n".($prefix_sig==true? "-- \n":'').decodeHeader($signature,false,false);
}
- $body_str .= "\n\n".htmlspecialchars(decodeHeader($body,false,false));
+ $body_str .= "\n\n".sm_encode_html_special_chars(decodeHeader($body,false,false));
} else {
- $body_str = "\n\n".htmlspecialchars(decodeHeader($body,false,false));
+ $body_str = "\n\n".sm_encode_html_special_chars(decodeHeader($body,false,false));
// FIXME: test is specific to ja_JP translation implementation. See above comments.
if ($default_charset == 'iso-2022-jp') {
$body_str .= "\n\n".($prefix_sig==true? "-- \n":'').mb_convert_encoding($signature, 'EUC-JP');
}
}
} else {
- $body_str = htmlspecialchars(decodeHeader($body,false,false));
+ $body_str = sm_encode_html_special_chars(decodeHeader($body,false,false));
}
$oTemplate->assign('editor_width', (int)$editor_size);
$oTemplate->assign('body', $body_str);
$oTemplate->assign('show_bottom_send', $location_of_buttons!='bottom');
+ // access keys...
+ //
+ global $accesskey_compose_body, $accesskey_compose_send;
+ $oTemplate->assign('accesskey_compose_body', $accesskey_compose_body);
+ $oTemplate->assign('accesskey_compose_send', $accesskey_compose_send);
+
$oTemplate->display ('compose_body.tpl');
if ($location_of_buttons == 'bottom') {
$oTemplate->assign('max_file_size', empty($max) ? -1 : $max);
$oTemplate->assign('attachments', $attach);
+ // access keys...
+ //
+ global $accesskey_compose_attach_browse, $accesskey_compose_attach,
+ $accesskey_compose_delete_attach;
+ $oTemplate->assign('accesskey_compose_attach_browse', $accesskey_compose_attach_browse);
+ $oTemplate->assign('accesskey_compose_attach', $accesskey_compose_attach);
+ $oTemplate->assign('accesskey_compose_delete_attach', $accesskey_compose_delete_attach);
+
$oTemplate->display('compose_attachments.tpl');
} // End of file_uploads if-block
/* End of attachment code */
-//FIXME: no direct echoing to browser, no HTML output in core!
- echo addHidden('username', $username).
- addHidden('smaction', $action).
- addHidden('mailbox', $mailbox);
+ $oTemplate->assign('username', $username);
+ $oTemplate->assign('smaction', $action);
+ $oTemplate->assign('mailbox', $mailbox);
sqgetGlobalVar('QUERY_STRING', $queryString, SQ_SERVER);
-//FIXME: no direct echoing to browser, no HTML output in core!
- echo addHidden('composesession', $composesession).
- addHidden('querystring', $queryString).
- (!empty($attach_array) ?
- addHidden('attachments', urlencode(serialize($attach_array))) : '').
- "</form>\n";
+ $oTemplate->assign('querystring', $queryString);
+ $oTemplate->assign('composesession', $composesession);
+ $oTemplate->assign('send_button_count', unique_widget_name('send', TRUE));
+ if (!empty($attach_array))
+ $oTemplate->assign('attachments', urlencode(serialize($attach_array)));
+
+ $aUserNotices = array();
+
+ // File uploads are off, so we didn't show that part of the form.
+ // To avoid bogus bug reports, tell the user why.
if (!(bool) ini_get('file_uploads')) {
- /* File uploads are off, so we didn't show that part of the form.
- To avoid bogus bug reports, tell the user why. */
-//FIXME: no direct echoing to browser, no HTML output in core!
- echo '<p style="text-align:center">'
- . _("Because PHP file uploads are turned off, you can not attach files to this message. Please see your system administrator for details.")
- . "</p>\r\n";
+ $aUserNotices[] = _("Because PHP file uploads are turned off, you can not attach files to this message. Please see your system administrator for details.");
}
+ $oTemplate->assign('user_notices', $aUserNotices);
+
+ $oTemplate->display('compose_form_close.tpl');
+
if ($compose_new_win=='1') {
$oTemplate->display('compose_newwin_close.tpl');
}
- do_hook('compose_bottom', $null);
-
$oErrorHandler->setDelayedErrors(false);
$oTemplate->display('footer.tpl');
}
$mdn_user_support=getPref($data_dir, $username, 'mdn_user_support',$default_use_mdn);
+ $address_book_button_attribs = array();
+ global $accesskey_compose_addresses;
+ if ($accesskey_compose_addresses != 'NONE')
+ $address_book_button_attribs['accesskey'] = $accesskey_compose_addresses;
if ($use_javascript_addr_book && checkForJavascript()) {
- $addr_book = addButton(_("Addresses"), null, array('onclick' => 'javascript:open_abook();'));
+ $addr_book = addButton(_("Addresses"),
+ null,
+ array_merge($address_book_button_attribs, array('onclick' => 'javascript:open_abook();')));
} else {
- $addr_book = addSubmit(_("Addresses"), 'html_addr_search');
+ $addr_book = addSubmit(_("Addresses"), 'html_addr_search', $address_book_button_attribs);
}
$oTemplate->assign('allow_priority', $default_use_priority==1);
$oTemplate->assign('drafts_enabled', $save_as_draft);
$oTemplate->assign('address_book_button', $addr_book);
+ // access keys...
+ //
+ global $accesskey_compose_priority, $accesskey_compose_on_read,
+ $accesskey_compose_on_delivery, $accesskey_compose_signature,
+ $accesskey_compose_save_draft, $accesskey_compose_send;
+ $oTemplate->assign('accesskey_compose_priority', $accesskey_compose_priority);
+ $oTemplate->assign('accesskey_compose_on_read', $accesskey_compose_on_read);
+ $oTemplate->assign('accesskey_compose_on_delivery', $accesskey_compose_on_delivery);
+ $oTemplate->assign('accesskey_compose_signature', $accesskey_compose_signature);
+ $oTemplate->assign('accesskey_compose_save_draft', $accesskey_compose_save_draft);
+ $oTemplate->assign('accesskey_compose_send', $accesskey_compose_send);
+
$oTemplate->display('compose_buttons.tpl');
}
$composeMessage->initAttachment($type, $name, $localfilename);
}
-/* parse values like 8M and 2k into bytes */
+/**
+ * Parse strings such as "8M" and "2k" into their corresponding size in bytes
+ *
+ * NOTE: This function only recognizes the suffixes "K", "M" and "G"
+ * and will probably break very easily if the given size is in
+ * some completely different format.
+ *
+ * @param string $ini_size The input string to be converted
+ *
+ * @return mixed Boolean FALSE if something went wrong (the value passed in
+ * was empty?, the suffix was not recognized?), otherwise, the
+ * converted size in bytes (just the number (as an integer),
+ * no unit identifier included)
+ *
+ */
function getByteSize($ini_size) {
if(!$ini_size) {
case 'K':
$bytesize = 1024;
break;
+ default:
+ return FALSE;
}
return ($bytesize * (int)substr($ini_size, 0, -1));
$username, $identity, $idents, $data_dir,
$request_mdn, $request_dr, $default_charset, $useSendmail,
$domain, $action, $default_move_to_sent, $move_to_sent,
- $imapServerAddress, $imapPort, $sent_folder, $key;
+ $imapServerAddress, $imapPort, $imap_stream_options, $sent_folder, $key;
$rfc822_header = $composeMessage->rfc822_header;
$reply_to = '';
$reply_to = $idents[$identity]['reply_to'];
+ if ($reply_to && strpos($reply_to, '@') === FALSE)
+ $reply_to .= '@' . $domain;
$from_addr = build_from_header($identity);
$rfc822_header->from = $rfc822_header->parseAddress($from_addr,true);
/* Receipt: On Delivery */
if (!empty($request_dr)) {
//FIXME: it would be better to fiddle with headers inside of the message object or possibly when delivering the message to its destination; is this possible?
- $rfc822_header->more_headers['Return-Receipt-To'] = $from->mailbox.'@'.$from->domain;
+ $rfc822_header->more_headers['Return-Receipt-To'] = $from_addr;
} elseif (isset($rfc822_header->more_headers['Return-Receipt-To'])) {
unset($rfc822_header->more_headers['Return-Receipt-To']);
}
it over to deliver; plugin authors note that $composeMessage
is sent and modified by reference since 1.5.2 */
do_hook('compose_send', $composeMessage);
+//TODO: need to migrate to the following, but it neessitates changes in existing plugins, since the args are now an array
+ //$temp = array(&$composeMessage, &$draft);
+ //do_hook('compose_send', $temp);
+
+ // remove special header if present and prepare to mark
+ // a message that a draft was composed in reply to
+ if (!empty($composeMessage->rfc822_header->x_sm_flag_reply) && !$draft) {
+ global $passed_id, $mailbox;
+ // tricks the code below that marks the reply
+ list($action, $passed_id, $mailbox) = explode('::', $rfc822_header->x_sm_flag_reply, 3);
+ unset($composeMessage->rfc822_header->x_sm_flag_reply);
+ unset($composeMessage->rfc822_header->more_headers['X-SM-Flag-Reply']);
+ }
if (!$useSendmail && !$draft) {
require_once(SM_PATH . 'class/deliver/Deliver_SMTP.class.php');
$deliver = new Deliver_SMTP();
- global $smtpServerAddress, $smtpPort, $pop_before_smtp;
+ global $smtpServerAddress, $smtpPort, $smtp_stream_options, $pop_before_smtp, $pop_before_smtp_host;
$authPop = (isset($pop_before_smtp) && $pop_before_smtp) ? true : false;
+ if (empty($pop_before_smtp_host)) $pop_before_smtp_host = $smtpServerAddress;
get_smtp_user($user, $pass);
$stream = $deliver->initStream($composeMessage,$domain,0,
- $smtpServerAddress, $smtpPort, $user, $pass, $authPop);
+ $smtpServerAddress, $smtpPort, $user, $pass, $authPop, $pop_before_smtp_host, $smtp_stream_options);
} elseif (!$draft) {
require_once(SM_PATH . 'class/deliver/Deliver_SendMail.class.php');
global $sendmail_path, $sendmail_args;
} elseif ($draft) {
global $draft_folder;
$imap_stream = sqimap_login($username, false, $imapServerAddress,
- $imapPort, 0);
+ $imapPort, 0, $imap_stream_options);
if (sqimap_mailbox_exists ($imap_stream, $draft_folder)) {
+//TODO: this can leak private information about folders and message IDs if messages are accessed/sent from another client --- should this feature be optional?
+ // make note of the message to mark as having been replied to
+ global $passed_id, $mailbox;
+ if ($action == 'reply' || $action == 'reply_all' || $action == 'forward' || $action == 'forward_as_attachment') {
+ $composeMessage->rfc822_header->more_headers['X-SM-Flag-Reply'] = $action . '::' . $passed_id . '::' . $mailbox;
+ }
+
require_once(SM_PATH . 'class/deliver/Deliver_IMAP.class.php');
$imap_deliver = new Deliver_IMAP();
- $success = $imap_deliver->mail($composeMessage, $imap_stream, $reply_id, $reply_ent_id, $draft_folder);
+ $success = $imap_deliver->mail($composeMessage, $imap_stream, $reply_id, $reply_ent_id, $imap_stream, $draft_folder);
sqimap_logout($imap_stream);
unset ($imap_deliver);
$composeMessage->purgeAttachments();
return $success;
} else {
- $msg = '<br />'.sprintf(_("Error: Draft folder %s does not exist."), htmlspecialchars($draft_folder));
+ $msg = '<br />'.sprintf(_("Error: Draft folder %s does not exist."), sm_encode_html_special_chars($draft_folder));
plain_error_message($msg);
return false;
}
}
if (!$success) {
// $deliver->dlv_server_msg is not always server's reply
- $msg = _("Message not sent.") . "<br />\n" .
- $deliver->dlv_msg;
+ $msg = _("Message not sent.")
+ . "<br />\n"
+ . (isset($deliver->dlv_msg) ? $deliver->dlv_msg : '');
if (!empty($deliver->dlv_server_msg)) {
// add 'server replied' part only when it is not empty.
// Delivery error can be generated by delivery class itself
- $msg.='<br />' .
- _("Server replied:") . ' ' . $deliver->dlv_ret_nr . ' ' .
- nl2br(htmlspecialchars($deliver->dlv_server_msg));
+ $msg .= '<br />'
+ . _("Server replied:") . ' '
+ . (isset($deliver->dlv_ret_nr) ? $deliver->dlv_ret_nr . ' ' : '')
+ . nl2br(sm_encode_html_special_chars($deliver->dlv_server_msg));
}
plain_error_message($msg);
} else {
unset ($deliver);
- $imap_stream = sqimap_login($username, false, $imapServerAddress, $imapPort, 0);
+ $imap_stream = sqimap_login($username, false, $imapServerAddress, $imapPort, 0, $imap_stream_options);
// mark as replied or forwarded if applicable
//
- global $what, $iAccount, $startMessage, $passed_id, $mailbox;
+ global $what, $iAccount, $startMessage, $passed_id, $fwduid, $mailbox;
if ($action=='reply' || $action=='reply_all' || $action=='forward' || $action=='forward_as_attachment') {
require(SM_PATH . 'functions/mailbox_display.php');
- $aMailbox = sqm_api_mailbox_select($imap_stream, $iAccount, $mailbox,array('setindex' => $what, 'offset' => $startMessage),array());
- switch($action) {
- case 'reply':
- case 'reply_all':
- // check if we are allowed to set the \\Answered flag
- if (in_array('\\answered',$aMailbox['PERMANENTFLAGS'], true)) {
- $aUpdatedMsgs = sqimap_toggle_flag($imap_stream, array($passed_id), '\\Answered', true, false);
- if (isset($aUpdatedMsgs[$passed_id]['FLAGS'])) {
- /**
- * Only update the cached headers if the header is
- * cached.
- */
- if (isset($aMailbox['MSG_HEADERS'][$passed_id])) {
- $aMailbox['MSG_HEADERS'][$passed_id]['FLAGS'] = $aMsg['FLAGS'];
+ // select errors here could be due to a draft reply being sent
+ // after the original message's mailbox is moved or deleted
+ $aMailbox = sqm_api_mailbox_select($imap_stream, $iAccount, $mailbox,array('setindex' => $what, 'offset' => $startMessage),array(), false);
+ // a non-empty return from above means we can proceed
+ if (!empty($aMailbox)) {
+ switch($action) {
+ case 'reply':
+ case 'reply_all':
+ // check if we are allowed to set the \\Answered flag
+ if (in_array('\\answered',$aMailbox['PERMANENTFLAGS'], true)) {
+ $aUpdatedMsgs = sqimap_toggle_flag($imap_stream, array($passed_id), '\\Answered', true, false);
+ if (isset($aUpdatedMsgs[$passed_id]['FLAGS'])) {
+ /**
+ * Only update the cached headers if the header is
+ * cached.
+ */
+ if (isset($aMailbox['MSG_HEADERS'][$passed_id])) {
+ $aMailbox['MSG_HEADERS'][$passed_id]['FLAGS'] = $aMsg['FLAGS'];
+ }
}
}
- }
- break;
- case 'forward':
- case 'forward_as_attachment':
- // check if we are allowed to set the $Forwarded flag (RFC 4550 paragraph 2.8)
- if (in_array('$forwarded',$aMailbox['PERMANENTFLAGS'], true) ||
- in_array('\\*',$aMailbox['PERMANENTFLAGS'])) {
-
- $aUpdatedMsgs = sqimap_toggle_flag($imap_stream, array($passed_id), '$Forwarded', true, false);
- if (isset($aUpdatedMsgs[$passed_id]['FLAGS'])) {
- if (isset($aMailbox['MSG_HEADERS'][$passed_id])) {
- $aMailbox['MSG_HEADERS'][$passed_id]['FLAGS'] = $aMsg['FLAGS'];
+ break;
+ case 'forward':
+ case 'forward_as_attachment':
+ // check if we are allowed to set the $Forwarded flag (RFC 4550 paragraph 2.8)
+ if (in_array('$forwarded',$aMailbox['PERMANENTFLAGS'], true) ||
+ in_array('\\*',$aMailbox['PERMANENTFLAGS'])) {
+
+ // when forwarding as an attachment from the message
+ // list, passed_id is not used, need to get UID(s)
+ // from the query string
+ //
+ if (empty($passed_id) && !empty($fwduid))
+ $ids = explode('_', $fwduid);
+ else
+ $ids = array($passed_id);
+
+ $aUpdatedMsgs = sqimap_toggle_flag($imap_stream, $ids, '$Forwarded', true, false);
+
+ foreach ($ids as $id) {
+ if (isset($aUpdatedMsgs[$id]['FLAGS'])) {
+ if (isset($aMailbox['MSG_HEADERS'][$id])) {
+ $aMailbox['MSG_HEADERS'][$id]['FLAGS'] = $aMsg['FLAGS'];
+ }
+ }
}
}
+ break;
}
- break;
- }
- /**
- * Write mailbox with updated seen flag information back to cache.
- */
- if(isset($aUpdatedMsgs[$passed_id])) {
- $mailbox_cache[$iAccount.'_'.$aMailbox['NAME']] = $aMailbox;
- sqsession_register($mailbox_cache,'mailbox_cache');
+ /**
+ * Write mailbox with updated seen flag information back to cache.
+ */
+ if(isset($aUpdatedMsgs[$passed_id])) {
+ $mailbox_cache[$iAccount.'_'.$aMailbox['NAME']] = $aMailbox;
+ sqsession_register($mailbox_cache,'mailbox_cache');
+ }
}
-
}
}
require_once(SM_PATH . 'class/deliver/Deliver_IMAP.class.php');
$imap_deliver = new Deliver_IMAP();
- $imap_deliver->mail($composeMessage, $imap_stream, $reply_id, $reply_ent_id, $sent_folder, $imap_stream);
+ $imap_deliver->mail($composeMessage, $imap_stream, $reply_id, $reply_ent_id, $imap_stream, $sent_folder);
unset ($imap_deliver);
}
projects / squirrelmail.git / blobdiff