<?php
/**
- ** webmail.php -- Displays the main frameset
- **
- ** Copyright (c) 1999-2001 The SquirrelMail development team
- ** Licensed under the GNU GPL. For full terms see the file COPYING.
- **
- ** This file generates the main frameset. The files that are
- ** shown can be given as parameters. If the user is not logged in
- ** this file will verify username and password.
- **
- ** $Id$
- **/
-
-require_once('../functions/strings.php');
-require_once('../config/config.php');
-require_once('../functions/prefs.php');
-require_once('../functions/imap.php');
-require_once('../functions/plugin.php');
-require_once('../functions/i18n.php');
-require_once('../functions/auth.php');
-
-ereg( '(^.*/)[^/]+/[^/]+$', $PHP_SELF, $regs);
-$base_uri = $regs[1];
-
-session_start();
+ * webmail.php -- Displays the main frameset
+ *
+ * This file generates the main frameset. The files that are
+ * shown can be given as parameters. If the user is not logged in
+ * this file will verify username and password.
+ *
+ * @copyright © 1999-2006 The SquirrelMail Project Team
+ * @license http://opensource.org/licenses/gpl-license.php GNU Public License
+ * @version $Id$
+ * @package squirrelmail
+ */
+
+/**
+ * Path for SquirrelMail required files.
+ * @ignore
+ */
+define('SM_PATH','../');
+
+/* SquirrelMail required files. */
+require_once(SM_PATH . 'functions/strings.php');
+require_once(SM_PATH . 'config/config.php');
+require_once(SM_PATH . 'functions/prefs.php');
+require_once(SM_PATH . 'functions/imap.php');
+require_once(SM_PATH . 'functions/plugin.php');
+require_once(SM_PATH . 'functions/i18n.php');
+require_once(SM_PATH . 'functions/auth.php');
+require_once(SM_PATH . 'functions/global.php');
+
+if (!function_exists('sqm_baseuri')){
+ require_once(SM_PATH . 'functions/display_messages.php');
+}
+$base_uri = sqm_baseuri();
+
+sqsession_is_active();
+
+sqgetGlobalVar('username', $username, SQ_SESSION);
+sqgetGlobalVar('delimiter', $delimiter, SQ_SESSION);
+sqgetGlobalVar('onetimepad', $onetimepad, SQ_SESSION);
+
+if (sqgetGlobalVar('sort', $sort)) {
+ $sort = (int) $sort;
+}
+
+if (sqgetGlobalVar('startMessage', $startMessage)) {
+ $startMessage = (int) $startMessage;
+}
+
+if (!sqgetGlobalVar('mailbox', $mailbox)) {
+ $mailbox = 'INBOX';
+}
+
+sqgetGlobalVar('right_frame', $right_frame, SQ_GET);
+
+if ( isset($_SESSION['session_expired_post']) ) {
+ sqsession_unregister('session_expired_post');
+}
+if(!sqgetGlobalVar('mailto', $mailto)) {
+ $mailto = '';
+}
+
is_logged_in();
-checkForPrefs($data_dir, $username);
-/*
+do_hook('webmail_top');
+
+/**
* We'll need this to later have a noframes version
*
* Check if the user has a language preference, but no cookie.
*/
$my_language = getPref($data_dir, $username, 'language');
if ($my_language != $squirrelmail_language) {
- setcookie('squirrelmail_language', $my_language, time()+2592000, $base_uri);
+ sqsetcookie('squirrelmail_language', $my_language, time()+2592000, $base_uri);
}
-set_up_language(getPref($data_dir, $username, 'language'));
+$err=set_up_language(getPref($data_dir, $username, 'language'));
+
+$output = "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Frameset//EN\"\n".
+ " \"http://www.w3.org/TR/1999/REC-html401-19991224/frameset.dtd\">\n".
+ "<html><head>\n" .
+ "<meta name=\"robots\" content=\"noindex,nofollow\">\n" .
+ "<title>$org_title</title>\n".
+ "</head>";
+
+// Japanese translation used without mbstring support
+if ($err==2) {
+ echo $output.
+ "<body>\n".
+ "<p>You need to have PHP installed with the multibyte string function \n".
+ "enabled (using configure option --enable-mbstring).</p>\n".
+ "<p>System assumed that you accidently switched to Japanese translation \n".
+ "and reverted your language preference to English.</p>\n".
+ "<p>Please refresh this page in order to use webmail.</p>\n".
+ "</body></html>";
+ return;
+}
-echo "<html><head>\n";
-echo '<TITLE>';
-echo $org_title;
-echo '</TITLE>';
-
$left_size = getPref($data_dir, $username, 'left_size');
$location_of_bar = getPref($data_dir, $username, 'location_of_bar');
+
+if (isset($languages[$squirrelmail_language]['DIR']) &&
+ strtolower($languages[$squirrelmail_language]['DIR']) == 'rtl') {
+ $temp_location_of_bar = 'right';
+} else {
+ $temp_location_of_bar = 'left';
+}
+
if ($location_of_bar == '') {
- $location_of_bar = 'left';
+ $location_of_bar = $temp_location_of_bar;
}
+$temp_location_of_bar = '';
+
if ($left_size == "") {
if (isset($default_left_size)) {
$left_size = $default_left_size;
else {
$left_size = 200;
}
-}
-
+}
+
if ($location_of_bar == 'right') {
- echo "<FRAMESET COLS=\"*, $left_size\" BORDER=0>";
+ $output .= "<frameset cols=\"*, $left_size\" id=\"fs1\">\n";
}
else {
- echo "<FRAMESET COLS=\"$left_size, *\" BORDER=0>";
+ $output .= "<frameset cols=\"$left_size, *\" id=\"fs1\">\n";
}
/*
*
* This was done to create a pure HTML way of refreshing the folder list since
* we would like to use as little Javascript as possible.
+ *
+ * The test for // should catch any attempt to include off-site webpages into
+ * our frameset.
*/
-if (!isset($right_frame)) {
- $right_frame = "";
-}
-if ($right_frame == 'right_main.php') {
- $urlMailbox = urlencode($mailbox);
- $right_frame_url =
- "right_main.php?mailbox=$urlMailbox&sort=$sort&startMessage=$startMessage";
-}
-elseif ($right_frame == 'options.php') {
- $right_frame_url = 'options.php';
-}
-elseif ($right_frame == 'folders.php') {
- $right_frame_url = 'folders.php';
-}
-elseif ($right_frame == 'compose.php') {
- $right_frame_url = "compose.php?send_to=$rcptaddress";
+if (empty($right_frame) || (strpos(urldecode($right_frame), '//') !== false)) {
+ $right_frame = '';
}
-else {
- $right_frame_url = 'right_main.php';
+
+if ( strpos($right_frame,'?') ) {
+ $right_frame_file = substr($right_frame,0,strpos($right_frame,'?'));
+} else {
+ $right_frame_file = $right_frame;
}
+switch($right_frame) {
+ case 'right_main.php':
+ $right_frame_url = "right_main.php?mailbox=".urlencode($mailbox)
+ . (!empty($sort)?"&sort=$sort":'')
+ . (!empty($startMessage)?"&startMessage=$startMessage":'');
+ break;
+ case 'options.php':
+ $right_frame_url = 'options.php';
+ break;
+ case 'folders.php':
+ $right_frame_url = 'folders.php';
+ break;
+ case 'compose.php':
+ $right_frame_url = 'compose.php?' . $mailto;
+ break;
+ case '':
+ $right_frame_url = 'right_main.php';
+ break;
+ default:
+ $right_frame_url = urlencode($right_frame);
+ break;
+}
+
+$left_frame = '<frame src="left_main.php" name="left" frameborder="1" title="'.
+ _("Folder List") ."\" />\n";
+$right_frame = '<frame src="'.$right_frame_url.'" name="right" frameborder="1" title="'.
+ _("Message List") ."\" />\n";
+
if ($location_of_bar == 'right') {
- echo "<FRAME SRC=\"$right_frame_url\" NORESIZE NAME=\"right\">";
- echo '<FRAME SRC="left_main.php" NORESIZE NAME="left">';
+ $output .= $right_frame . $left_frame;
}
else {
- echo '<FRAME SRC="left_main.php" NORESIZE NAME="left">';
- echo "<FRAME SRC=\"$right_frame_url\" NORESIZE NAME=\"right\">";
+ $output .= $left_frame . $right_frame;
+}
+$ret = concat_hook_function('webmail_bottom', $output);
+if($ret != '') {
+ $output = $ret;
}
+echo $output;
?>
-</FRAMESET>
-</HEAD></HTML>
+</frameset>
+</html>
projects / squirrelmail.git / blobdiff