X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=src%2Fcompose.php;h=d1df5c2bbf6385fe8cdaaba653de06f11ab64f71;hp=36a1fb86869e3614e5dc968b9d2ccbaa8059b1cc;hb=46f2284fbb63ffe6f1b5c3e73e3633201688622a;hpb=1d80c108a1d741b7dcb562ea1cf6d2214322b192

diff --git a/src/compose.php b/src/compose.php
index 36a1fb86..d1df5c2b 100644
--- a/src/compose.php
+++ b/src/compose.php
@@ -3,7 +3,7 @@
 /**
  * compose.php
  *
- * Copyright (c) 1999-2003 The SquirrelMail Project Team
+ * Copyright (c) 1999-2004 The SquirrelMail Project Team
  * Licensed under the GNU GPL. For full terms see the file COPYING.
  *
  * This code sends a mail.
@@ -32,6 +32,7 @@ require_once(SM_PATH . 'functions/display_messages.php');
 require_once(SM_PATH . 'class/deliver/Deliver.class.php');
 require_once(SM_PATH . 'functions/addressbook.php');
 require_once(SM_PATH . 'functions/identity.php');
+require_once(SM_PATH . 'functions/forms.php');
 
 /* --------------------- Get globals ------------------------------------- */
 /** COOKIE VARS */
@@ -47,12 +48,12 @@ sqgetGlobalVar('composesession',    $composesession,    SQ_SESSION);
 sqgetGlobalVar('compose_messages',  $compose_messages,  SQ_SESSION);
 
 /** SESSION/POST/GET VARS */
-sqgetGlobalVar('smaction',$action);
 sqgetGlobalVar('session',$session);
 sqgetGlobalVar('mailbox',$mailbox);
 if(!sqgetGlobalVar('identity',$identity)) {
     $identity=0;
 }
+sqgetGlobalVar('custom_from',$custom_from);
 sqgetGlobalVar('send_to',$send_to);
 sqgetGlobalVar('send_to_cc',$send_to_cc);
 sqgetGlobalVar('send_to_bcc',$send_to_bcc);
@@ -91,6 +92,17 @@ if ( sqgetGlobalVar('return', $temp, SQ_POST) ) {
 /** GET VARS */
 sqgetGlobalVar('attachedmessages', $attachedmessages, SQ_GET);
 
+/** get smaction */
+if ( !sqgetGlobalVar('smaction',$action) )
+{
+  if ( sqgetGlobalVar('smaction_reply',$tmp) )      $action = 'reply';
+  if ( sqgetGlobalVar('smaction_reply_all',$tmp) )  $action = 'reply_all';
+  if ( sqgetGlobalVar('smaction_forward',$tmp) )    $action = 'forward';
+  if ( sqgetGlobalVar('smaction_attache',$tmp) )    $action = 'forward_as_attachment';
+  if ( sqgetGlobalVar('smaction_draft',$tmp) )      $action = 'draft';
+  if ( sqgetGlobalVar('smaction_edit_new',$tmp) )   $action = 'edit_as_new';
+}
+
 /* Location (For HTTP 1.1 Header("Location: ...") redirects) */
 $location = get_location();
 /* Identities (fetch only once) */
@@ -144,9 +156,9 @@ function replyAllString($header) {
    return $url_replytoallcc;
 }
 
-function getReplyCitation($orig_from) {
+function getReplyCitation($orig_from, $orig_date) {
     global $reply_citation_style, $reply_citation_start, $reply_citation_end;
-    $orig_from = decodeHeader($orig_from->getAddress(false),false,false);
+    $orig_from = decodeHeader($orig_from->getAddress(false),false,false,true);
 //    $from = decodeHeader($orig_header->getAddr_s('from',"\n$indent"),false,false);
     /* First, return an empty string when no citation style selected. */
     if (($reply_citation_style == '') || ($reply_citation_style == 'none')) {
@@ -168,6 +180,10 @@ function getReplyCitation($orig_from) {
         $start = '<' . _("quote") . ' ' . _("who") . '="';
         $end   = '">';
         break;
+    case 'date_time_author':
+        $start = 'On ' . getLongDateString($orig_date) . ', ';
+        $end = ' ' . _("said") . ':';
+        break;
     case 'user-defined':
         $start = $reply_citation_start .
          ($reply_citation_start == '' ? '' : ' ');
@@ -194,11 +210,11 @@ function getforwardHeader($orig_header) {
    foreach($display as $key => $val) {
       $display[$key] = $key .': '. str_pad('', $maxsize - $val);
    }
-   $from = decodeHeader($orig_header->getAddr_s('from',"\n$indent"),false,false);
+   $from = decodeHeader($orig_header->getAddr_s('from',"\n$indent"),false,false,true);
    $from = str_replace('&nbsp;',' ',$from);
-   $to = decodeHeader($orig_header->getAddr_s('to',"\n$indent"),false,false);
+   $to = decodeHeader($orig_header->getAddr_s('to',"\n$indent"),false,false,true);
    $to = str_replace('&nbsp;',' ',$to);
-   $subject = decodeHeader($orig_header->subject,false,false);
+   $subject = decodeHeader($orig_header->subject,false,false,true);
    $subject = str_replace('&nbsp;',' ',$subject);
    $bodyTop =  str_pad(' '._("Original Message").' ',$editor_size -2,'-',STR_PAD_BOTH) .
                "\n". $display[_("Subject")] . $subject . "\n" .
@@ -206,7 +222,7 @@ function getforwardHeader($orig_header) {
                $display[_("Date")] . getLongDateString( $orig_header->date ). "\n" .
                $display[_("To")] . $to . "\n";
    if ($orig_header->cc != array() && $orig_header->cc !='') {
-      $cc = decodeHeader($orig_header->getAddr_s('cc',"\n$indent"),false,false);
+      $cc = decodeHeader($orig_header->getAddr_s('cc',"\n$indent"),false,false,true);
       $cc = str_replace('&nbsp;',' ',$cc);
      $bodyTop .= $display[_("Cc")] .$cc . "\n";
   }
@@ -623,17 +639,17 @@ function newMail ($mailbox='', $passed_id='', $passed_ent_id='', $action='', $se
                     $bodypart = $languages[$squirrelmail_language]['XTRA_CODE']('decode', $bodypart);
                 }
             }
-	    
-	    if (isset($body_part_entity->header->parameters['charset'])) {
+
+        if (isset($body_part_entity->header->parameters['charset'])) {
             $actual = $body_part_entity->header->parameters['charset'];
         } else {
             $actual = 'us-ascii';
         }
 
-	    if ( $actual && is_conversion_safe($actual) && $actual != $default_charset){
-		$bodypart = charset_decode($actual,$bodypart);
-	    }
-	    
+        if ( $actual && is_conversion_safe($actual) && $actual != $default_charset){
+        $bodypart = charset_decode($actual,$bodypart);
+        }
+
             $body .= $bodypart;
         }
         if ($default_use_priority) {
@@ -669,26 +685,35 @@ function newMail ($mailbox='', $passed_id='', $passed_ent_id='', $action='', $se
             if ($identity_match) {
                 $identity = $identity_match;
             }
-	    // we need identiy here fore draft case #845290
-	    // echo $identity."leer";
+        // we need identiy here fore draft case #845290
+        // echo $identity."leer";
         }
 
         switch ($action) {
         case ('draft'):
             $use_signature = FALSE;
             $composeMessage->rfc822_header = $orig_header;
-            $send_to = decodeHeader($orig_header->getAddr_s('to'),false,true);
-            $send_to_cc = decodeHeader($orig_header->getAddr_s('cc'),false,true);
-            $send_to_bcc = decodeHeader($orig_header->getAddr_s('bcc'),false,true);
-            $subject = decodeHeader($orig_header->subject,false,true);
+            $send_to = decodeHeader($orig_header->getAddr_s('to'),false,false,true);
+            $send_to_cc = decodeHeader($orig_header->getAddr_s('cc'),false,false,true);
+            $send_to_bcc = decodeHeader($orig_header->getAddr_s('bcc'),false,false,true);
+            $send_from = $orig_header->getAddr_s('from');
+            $send_from_parts = new AddressStructure();
+            $send_from_parts = $orig_header->parseAddress($send_from);
+            $send_from_add = $send_from_parts->mailbox . '@' . $send_from_parts->host;
+            $identities = get_identities();
+            if (count($identities) > 0) {
+                foreach($identities as $iddata) {
+                    if ($send_from_add == $iddata['email_address']) {
+                        $identity = $iddata['index'];
+                        break;
+                    }
+                }
+            }
+            $subject = decodeHeader($orig_header->subject,false,false,true);
 //            /* remember the references and in-reply-to headers in case of an reply */
             $composeMessage->rfc822_header->more_headers['References'] = $orig_header->references;
             $composeMessage->rfc822_header->more_headers['In-Reply-To'] = $orig_header->in_reply_to;
             $body_ary = explode("\n", $body);
-/*	   echo "debug: $identity"; #845290
-	   $identity='2'; */
-            echo "header".decodeHeader($orig_header->getAddr_s('from'),false,true)."<BR>";
-	    print_r($identities);
             $cnt = count($body_ary) ;
             $body = '';
             for ($i=0; $i < $cnt; $i++) {
@@ -702,10 +727,10 @@ function newMail ($mailbox='', $passed_id='', $passed_ent_id='', $action='', $se
             $composeMessage = getAttachments($message, $composeMessage, $passed_id, $entities, $imapConnection);
             break;
         case ('edit_as_new'):
-            $send_to = decodeHeader($orig_header->getAddr_s('to'),false,true);
-            $send_to_cc = decodeHeader($orig_header->getAddr_s('cc'),false,true);
-            $send_to_bcc = decodeHeader($orig_header->getAddr_s('bcc'),false,true);
-            $subject = decodeHeader($orig_header->subject,false,true);
+            $send_to = decodeHeader($orig_header->getAddr_s('to'),false,false,true);
+            $send_to_cc = decodeHeader($orig_header->getAddr_s('cc'),false,false,true);
+            $send_to_bcc = decodeHeader($orig_header->getAddr_s('bcc'),false,false,true);
+            $subject = decodeHeader($orig_header->subject,false,false,true);
             $mailprio = $orig_header->priority;
             $orig_from = '';
             $composeMessage = getAttachments($message, $composeMessage, $passed_id, $entities, $imapConnection);
@@ -713,14 +738,14 @@ function newMail ($mailbox='', $passed_id='', $passed_ent_id='', $action='', $se
             break;
         case ('forward'):
             $send_to = '';
-            $subject = getforwardSubject(decodeHeader($orig_header->subject,false,true));
+            $subject = getforwardSubject(decodeHeader($orig_header->subject,false,false,true));
             $body = getforwardHeader($orig_header) . $body;
             sqUnWordWrap($body);
             $composeMessage = getAttachments($message, $composeMessage, $passed_id, $entities, $imapConnection);
             $body = "\n" . $body;
             break;
         case ('forward_as_attachment'):
-            $subject = getforwardSubject(decodeHeader($orig_header->subject,false,true));
+            $subject = getforwardSubject(decodeHeader($orig_header->subject,false,false,true));
             $composeMessage = getMessage_RFC822_Attachment($message, $composeMessage, $passed_id, $passed_ent_id, $imapConnection);
             $body = '';
             break;
@@ -729,7 +754,7 @@ function newMail ($mailbox='', $passed_id='', $passed_ent_id='', $action='', $se
                 $send_to = $orig_header->getAddr_s('mail_followup_to');
             } else {
                 $send_to_cc = replyAllString($orig_header);
-                $send_to_cc = decodeHeader($send_to_cc,false,true);
+                $send_to_cc = decodeHeader($send_to_cc,false,false,true);
             }
         case ('reply'):
             // skip this if send_to was already set right above here
@@ -743,8 +768,8 @@ function newMail ($mailbox='', $passed_id='', $passed_ent_id='', $action='', $se
                     $send_to = $orig_header->getAddr_s('from');
                 }
             }
-            $send_to = decodeHeader($send_to,false,true);
-            $subject = decodeHeader($orig_header->subject,false,true);
+            $send_to = decodeHeader($send_to,false,false,true);
+            $subject = decodeHeader($orig_header->subject,false,false,true);
             $subject = str_replace('"', "'", $subject);
             $subject = trim($subject);
             if (substr(strtolower($subject), 0, 3) != 're:') {
@@ -753,12 +778,12 @@ function newMail ($mailbox='', $passed_id='', $passed_ent_id='', $action='', $se
             /* this corrects some wrapping/quoting problems on replies */
             $rewrap_body = explode("\n", $body);
             $from =  (is_array($orig_header->from)) ? $orig_header->from[0] : $orig_header->from;
-            sqUnWordWrap($body);	// unwrap and then reset it?!
+            sqUnWordWrap($body);    // unwrap and then reset it?!
             $body = '';
             $strip_sigs = getPref($data_dir, $username, 'strip_sigs');
             foreach ($rewrap_body as $line) {
                 if ($strip_sigs && substr($line,0,3) == '-- ') {
-			break;
+            break;
                 }
                 sqWordWrap($line, ($editor_size));
                 if (preg_match("/^(>+)/", $line, $matches)) {
@@ -768,7 +793,7 @@ function newMail ($mailbox='', $passed_id='', $passed_ent_id='', $action='', $se
                     $body .= '> ' . str_replace("\n", "\n> ", rtrim($line)) . "\n";
                 }
             }
-            $body = getReplyCitation($from) . $body;
+            $body = getReplyCitation($from , $orig_header->date) . $body;
             $composeMessage->reply_rfc822_header = $orig_header;
 
             break;
@@ -816,7 +841,7 @@ function getAttachments($message, &$composeMessage, $passed_id, $entities, $imap
              $filename = $message->getFilename();
              break;
            }
-           $filename = str_replace('&nbsp;', ' ', decodeHeader($filename));
+           $filename = str_replace('&#32;', ' ', decodeHeader($filename));
            if (isset($languages[$squirrelmail_language]['XTRA_CODE']) &&
                function_exists($languages[$squirrelmail_language]['XTRA_CODE'])) {
                 $filename =  $languages[$squirrelmail_language]['XTRA_CODE']('encode', $filename);
@@ -829,7 +854,7 @@ function getAttachments($message, &$composeMessage, $passed_id, $entities, $imap
            }
            $message->att_local_name = $full_localfilename;
 
-	   $composeMessage->initAttachment($message->type0.'/'.$message->type1,$filename,
+       $composeMessage->initAttachment($message->type0.'/'.$message->type1,$filename,
              $full_localfilename);
 
            /* Write Attachment to file */
@@ -849,17 +874,17 @@ function getAttachments($message, &$composeMessage, $passed_id, $entities, $imap
 
 function getMessage_RFC822_Attachment($message, $composeMessage, $passed_id,
                                       $passed_ent_id='', $imapConnection) {
-    global $attachments, $attachment_dir, $username, $data_dir, $uid_support;
+    global $attachments, $attachment_dir, $username, $data_dir;
     $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
     if (!$passed_ent_id) {
         $body_a = sqimap_run_command($imapConnection,
                                     'FETCH '.$passed_id.' RFC822',
                                     TRUE, $response, $readmessage,
-                                    $uid_support);
+                                    TRUE);
     } else {
         $body_a = sqimap_run_command($imapConnection,
                                      'FETCH '.$passed_id.' BODY['.$passed_ent_id.']',
-                                     TRUE, $response, $readmessage, $uid_support);
+                                     TRUE, $response, $readmessage, TRUE);
         $message = $message->parent;
     }
     if ($response == 'OK') {
@@ -883,7 +908,7 @@ function getMessage_RFC822_Attachment($message, $composeMessage, $passed_id,
 function showInputForm ($session, $values=false) {
     global $send_to, $send_to_cc, $body, $startMessage,
            $passed_body, $color, $use_signature, $signature, $prefix_sig,
-           $editor_size, $attachments, $subject, $newmail,
+           $editor_size, $editor_height, $attachments, $subject, $newmail,
            $use_javascript_addr_book, $send_to_bcc, $passed_id, $mailbox,
            $from_htmladdr_search, $location_of_buttons, $attachment_dir,
            $username, $data_dir, $identity, $idents, $draft_id, $delete_draft,
@@ -892,7 +917,6 @@ function showInputForm ($session, $values=false) {
            $username, $compose_messages, $composesession, $default_charset;
 
     $composeMessage = $compose_messages[$session];
-
     if ($values) {
        $send_to = $values['send_to'];
        $send_to_cc = $values['send_to_cc'];
@@ -902,9 +926,9 @@ function showInputForm ($session, $values=false) {
        $body = $values['body'];
        $identity = (int) $values['identity'];
     } else {
-       $send_to = decodeHeader($send_to);
-       $send_to_cc = decodeHeader($send_to_cc);
-       $send_to_bcc = decodeHeader($send_to_bcc);
+       $send_to = decodeHeader($send_to, true, false);
+       $send_to_cc = decodeHeader($send_to_cc, true, false);
+       $send_to_bcc = decodeHeader($send_to_bcc, true, false);
     }
 
     if ($use_javascript_addr_book) {
@@ -924,20 +948,20 @@ function showInputForm ($session, $values=false) {
 
     echo ">\n";
 
-    echo '<input type="hidden" name="startMessage" value="' . $startMessage . "\">\n";
+    echo addHidden('startMessage', $startMessage);
 
     if ($action == 'draft') {
-        echo '<input type="hidden" name="delete_draft" value="' . $passed_id . "\">\n";
+        echo addHidden('delete_draft', $passed_id);
     }
     if (isset($delete_draft)) {
-        echo '<input type="hidden" name="delete_draft" value="' . $delete_draft. "\">\n";
+        echo addHidden('delete_draft', $delete_draft);
     }
     if (isset($session)) {
-        echo '<input type="hidden" name="session" value="' . $session . "\">\n";
+        echo addHidden('session', $session);
     }
 
     if (isset($passed_id)) {
-        echo '<input type="hidden" name="passed_id" value="' . $passed_id . "\">\n";
+        echo addHidden('passed_id', $passed_id);
     }
 
     if ($saved_draft == 'yes') {
@@ -955,13 +979,31 @@ function showInputForm ($session, $values=false) {
         showComposeButtonRow();
     }
 
+    // additions for custom from plugin
+    //
+    $use_custom_from = getPref($data_dir, $username, 'use_custom_from', '0');
+    global $restrict_access_to_users_file;
+    include_once(SM_PATH . 'plugins/custom_from/config/config.php');
+    include_once(SM_PATH . 'plugins/custom_from/functions.php');
+    if (!empty($restrict_access_to_users_file)
+       && file_exists($restrict_access_to_users_file))
+    {
+       $use_custom_from = findUser($username, $restrict_access_to_users_file);
+    }
+
     /* display select list for identities */
     if (count($idents) > 1) {
+    	$ident_list = array();
+    	foreach($idents as $id => $data) {
+		$ident_list[$id] =
+			$data['full_name'].' <'.$data['email_address'].'>';
+	}
         echo '   <tr>' . "\n" .
                     html_tag( 'td', '', 'right', $color[4], 'width="10%"' ) .
                     _("From:") . '</td>' . "\n" .
                     html_tag( 'td', '', 'left', $color[4], 'width="90%"' ) .
-             '         <select name="identity">' . "\n" ;
+             '         <select name="identity" '
+             ($use_custom_from ? 'onChange="for (i=0; i<document.forms[0].identity.length; i++) { if (document.forms[0].identity.options[i].selected) { document.forms[0].custom_from.value=document.forms[0].identity.options[i].text; break; } }"' : '') . '>' . "\n";
         foreach($idents as $id=>$data) {
             echo '<option value="'.$id.'"';
             if($id == $identity) {
@@ -971,40 +1013,67 @@ function showInputForm ($session, $values=false) {
                  "</option>\n";
         }
 
-        echo '</select>' . "\n" .
+        echo '      </td>' . "\n" .
+             '   </tr>' . "\n";
+    }
+
+    // additions for custom from plugin
+    //
+    if ($use_custom_from)
+    {
+        echo '   <tr>' . "\n" .
+                    html_tag( 'td', '', 'right', $color[4], 'width="10%"' ) .
+                    _("From:") . '</td>' . "\n" .
+             '   <td align="left" bgcolor="' . $color[4] . '" width="90%">' .
+             '     <input type="text" name="custom_from" size="60" value="';
+        global $custom_from;
+        if (isset($custom_from))
+            echo $custom_from;
+        else
+        {
+            $fn = getPref($data_dir, $username, 'full_name');
+            $em = getPref($data_dir, $username, 'email_address');
+            echo htmlspecialchars($fn);
+            if ($em != '') {
+                if($fn != '') {
+                    echo htmlspecialchars(' <' . $em . '>');
+                } else {
+                    echo htmlspecialchars($em);
+                }
+            }
+        }
+
+        echo '">' .
              '      </td>' . "\n" .
              '   </tr>' . "\n";
     }
+
     echo '   <tr>' . "\n" .
                 html_tag( 'td', '', 'right', $color[4], 'width="10%"' ) .
                 _("To:") . '</TD>' . "\n" .
                 html_tag( 'td', '', 'left', $color[4], 'width="90%"' ) .
-         '         <input type="text" name="send_to" value="' .
-                   $send_to . '" size="60" /><br />' . "\n" .
+                addInput('send_to', $send_to, 60). '<br />' . "\n" .
          '      </td>' . "\n" .
          '   </tr>' . "\n" .
          '   <tr>' . "\n" .
                 html_tag( 'td', '', 'right', $color[4] ) .
                 _("CC:") . '</td>' . "\n" .
                 html_tag( 'td', '', 'left', $color[4] ) .
-         '         <input type="text" name="send_to_cc" size="60" value="' .
-                   $send_to_cc . '" /><br />' . "\n" .
+		addInput('send_to_cc', $send_to_cc, 60). '<br />' . "\n" .
          '      </td>' . "\n" .
          '   </tr>' . "\n" .
          '   <tr>' . "\n" .
                 html_tag( 'td', '', 'right', $color[4] ) .
                 _("BCC:") . '</td>' . "\n" .
                 html_tag( 'td', '', 'left', $color[4] ) .
-         '         <input type="text" name="send_to_bcc" value="' .
-                $send_to_bcc . '" size="60" /><br />' . "\n" .
+		addInput('send_to_bcc', $send_to_bcc, 60).'<br />' . "\n" .
          '      </td>' . "\n" .
          '   </tr>' . "\n" .
          '   <tr>' . "\n" .
                 html_tag( 'td', '', 'right', $color[4] ) .
                 _("Subject:") . '</td>' . "\n" .
                 html_tag( 'td', '', 'left', $color[4] ) . "\n";
-    echo '         <input type="text" name="subject" size="60" value="' .
-                   $subject . '" />' . "\n" .
+    echo '         '.addInput('subject', $subject, 60).
          '      </td>' . "\n" .
          '   </tr>' . "\n\n";
 
@@ -1016,14 +1085,14 @@ function showInputForm ($session, $values=false) {
     if ($compose_new_win == '1') {
         echo '   <TR>' . "\n" .
              '      <TD BGCOLOR="' . $color[0] . '" COLSPAN=2 ALIGN=CENTER>' . "\n" .
-             '         <TEXTAREA NAME=body ID=body ROWS=20 COLS="' .
-                       $editor_size . '" WRAP="VIRTUAL">';
+             '         <TEXTAREA NAME="body" ID="body" ROWS="' . (int)$editor_height .
+             '" COLS="' . (int)$editor_size . '" WRAP="VIRTUAL">';
     }
     else {
         echo '   <TR>' . "\n" .
             '      <TD BGCOLOR="' . $color[4] . '" COLSPAN=2>' . "\n" .
-            '         &nbsp;&nbsp;<TEXTAREA NAME=body ID=body ROWS=20 COLS="' .
-                      $editor_size . '" WRAP="VIRTUAL">';
+            '         &nbsp;&nbsp;<TEXTAREA NAME="body" ID="body" ROWS="' . (int)$editor_height .
+            '" COLS="' . (int)$editor_size . '" WRAP="VIRTUAL">';
     }
 
     if ($use_signature == true && $newmail == true && !isset($from_htmladdr_search)) {
@@ -1035,10 +1104,10 @@ function showInputForm ($session, $values=false) {
             } else {
             echo "\n\n".($prefix_sig==true? "-- \n":'').decodeHeader($signature,false,false);
             }
-            echo "\n\n".decodeHeader($body,false,false);
+            echo "\n\n".htmlspecialchars(decodeHeader($body,false,false));
         }
         else {
-            echo "\n\n".decodeHeader($body,false,false);
+            echo "\n\n".htmlspecialchars(decodeHeader($body,false,false));
             if ($default_charset == 'iso-2022-jp') {
                 echo "\n\n".($prefix_sig==true? "-- \n":'').mb_convert_encoding($signature, 'EUC-JP');
             }else{
@@ -1047,7 +1116,7 @@ function showInputForm ($session, $values=false) {
     }
     }
     else {
-       echo decodeHeader($body,false,false);
+       echo htmlspecialchars(decodeHeader($body,false,false));
     }
     echo '</textarea><br />' . "\n" .
          '      </td>' . "\n" .
@@ -1086,7 +1155,7 @@ function showInputForm ($session, $values=false) {
     } else {
         $maxsize = '';
     }
-    echo '<INPUT TYPE="hidden" name="MAX_FILE_SIZE" value="'.min( $sizes ).'">';
+    echo addHidden('MAX_FILE_SIZE', min( $sizes ));
     echo '   <tr>' . "\n" .
          '      <td colspan="2">' . "\n" .
          '         <table width="100%" cellpadding="1" cellspacing="0" align="center"'.
@@ -1117,8 +1186,9 @@ function showInputForm ($session, $values=false) {
                         $attachment->mime_header->type1;
 
                 $s_a[] = '<table bgcolor="'.$color[0].
-                '" border="0"><tr><td><input type="checkbox" name="delete[]" value="' .
-                    $key . "\"></td><td>\n" . $attached_filename .
+                '" border="0"><tr><td>'.
+		addCheckBox('delete[]', FALSE, $key).
+		    "</td><td>\n" . $attached_filename .
                     '</td><td>-</td><td> ' . $type . '</td><td>('.
                     show_readable_size( filesize( $attached_file ) ) . ')</td></tr></table>'."\n";
            }
@@ -1145,19 +1215,18 @@ function showInputForm ($session, $values=false) {
     }
 
     echo '</TABLE>' . "\n" .
-         '<input type="hidden" name="username" value="'. $username . "\">\n" .
-         '<input type=hidden name=smaction value="' . $action . "\">\n" .
-         '<INPUT TYPE=hidden NAME=mailbox VALUE="' . htmlspecialchars($mailbox) .
-         "\">\n";
+         addHidden('username', $username).
+	 addHidden('smaction', $action).
+	 addHidden('mailbox', $mailbox);
     /*
        store the complete ComposeMessages array in a hidden input value
        so we can restore them in case of a session timeout.
     */
     sqgetGlobalVar('QUERY_STRING', $queryString, SQ_SERVER);
-    echo '<input type=hidden name=restoremessages value="' . urlencode(serialize($compose_messages)) . "\">\n";
-    echo '<input type=hidden name=composesession value="' . $composesession . "\">\n";
-    echo '<input type=hidden name=querystring value="' . $queryString . "\">\n";
-    echo '</FORM>';
+    echo addHidden('restoremessages', serialize($compose_messages)).
+         addHidden('composesession', $composesession).
+	 addHidden('querystring', $queryString).
+	 "</form>\n";
     if (!(bool) ini_get('file_uploads')) {
       /* File uploads are off, so we didn't show that part of the form.
          To avoid bogus bug reports, tell the user why. */
@@ -1166,8 +1235,7 @@ function showInputForm ($session, $values=false) {
     }
 
     do_hook('compose_bottom');
-    if ($compose_new_win != '1')
-       noframes_bottom();
+    echo '</BODY></HTML>' . "\n";
 }
 
 
@@ -1182,22 +1250,20 @@ function showComposeButtonRow() {
          '      <TD>' . "\n";
     if ($default_use_priority) {
         if(!isset($mailprio)) {
-            $mailprio = "3";
-    }
-    echo '          ' . _("Priority") .': <select name="mailprio">'.
-         '<option value="1"'.($mailprio=='1'?' selected':'').'>'. _("High") .'</option>'.
-         '<option value="3"'.($mailprio=='3'?' selected':'').'>'. _("Normal") .'</option>'.
-         '<option value="5"'.($mailprio=='5'?' selected':'').'>'. _("Low").'</option>'.
-         '</select>' . "\n";
+            $mailprio = '3';
+        }
+        echo '          ' . _("Priority") .
+             addSelect('mailprio', array(
+	         '1' => _("High"),
+	         '3' => _("Normal"),
+	         '5' => _("Low") ), $mailprio, TRUE);
     }
     $mdn_user_support=getPref($data_dir, $username, 'mdn_user_support',$default_use_mdn);
     if ($default_use_mdn) {
         if ($mdn_user_support) {
             echo '          ' . _("Receipt") .': '.
-            '<input type="checkbox" name="request_mdn" value=1'.
-        ($request_mdn=='1'?' checked':'') .'>'. _("On Read").
-            ' <input type="checkbox" name="request_dr" value=1'.
-        ($request_dr=='1'?' checked':'') .'>'. _("On Delivery");
+	    addCheckBox('request_mdn', $request_mdn == '1', '1'). _("On Read").
+	    addCheckBox('request_dr',  $request_dr  == '1', '1'). _("On Delivery");
         }
     }
 
@@ -1336,17 +1402,21 @@ function deliverMessage($composeMessage, $draft=false) {
     global $send_to, $send_to_cc, $send_to_bcc, $mailprio, $subject, $body,
            $username, $popuser, $usernamedata, $identity, $idents, $data_dir,
            $request_mdn, $request_dr, $default_charset, $color, $useSendmail,
-           $domain, $action, $default_move_to_sent, $move_to_sent;
+           $domain, $action, $default_move_to_sent, $move_to_sent,
+           $custom_from;
     global $imapServerAddress, $imapPort, $sent_folder, $key;
 
     /* some browsers replace <space> by nonbreaking spaces &nbsp;
        by replacing them back to spaces addressparsing works */
     /* FIXME: How to handle in case of other charsets where "\240"
        is not a non breaking space ??? */
+    /* THEFIX: browsers don't replace space with nbsp. SM replaces
+       space with nbsp when decodes headers. If problem still happens,
+       use cleanup_nbsp() */
 
-    $send_to = str_replace("\240",' ',$send_to);
-    $send_to_cc = str_replace("\240",' ',$send_to_cc);
-    $send_to_bcc = str_replace("\240",' ',$send_to_bcc);
+//    $send_to = str_replace("\240",' ',$send_to);
+//    $send_to_cc = str_replace("\240",' ',$send_to_cc);
+//    $send_to_bcc = str_replace("\240",' ',$send_to_bcc);
 
     $rfc822_header = $composeMessage->rfc822_header;
 
@@ -1378,7 +1448,14 @@ function deliverMessage($composeMessage, $draft=false) {
     $from_mail = $idents[$identity]['email_address'];
     $full_name = $idents[$identity]['full_name'];
     $reply_to  = $idents[$identity]['reply_to'];
-    if (!$from_mail) {
+
+    // additions for custom from plugin
+    //
+    if (isset($custom_from) && !empty($custom_from)) {
+        $from_mail = $custom_from;
+        $full_name = '';
+        $reply_to = $custom_from;
+    } else if (!$from_mail) {
        $from_mail = "$popuser@$domain";
     }
     $rfc822_header->from = $rfc822_header->parseAddress($from_mail,true);
@@ -1432,7 +1509,7 @@ function deliverMessage($composeMessage, $draft=false) {
         }
         if ($default_charset) {
             $content_type->properties['charset']=$default_charset;
-	}
+    }
     }
 
     $rfc822_header->content_type = $content_type;
@@ -1451,16 +1528,8 @@ function deliverMessage($composeMessage, $draft=false) {
         $deliver = new Deliver_SMTP();
         global $smtpServerAddress, $smtpPort, $pop_before_smtp, $smtp_auth_mech;
 
-        if ($smtp_auth_mech == 'none') {
-                $user = '';
-                $pass = '';
-        } else {
-                global $key, $onetimepad;
-                $user = $username;
-                $pass = OneTimePadDecrypt($key, $onetimepad);
-        }
-
         $authPop = (isset($pop_before_smtp) && $pop_before_smtp) ? true : false;
+        get_smtp_user($user, $pass);
         $stream = $deliver->initStream($composeMessage,$domain,0,
                           $smtpServerAddress, $smtpPort, $user, $pass, $authPop);
     } elseif (!$draft) {
@@ -1484,7 +1553,7 @@ function deliverMessage($composeMessage, $draft=false) {
            unset ($imap_deliver);
            return $length;
         } else {
-           $msg  = '<br>Error: '._("Draft folder")." $draft_folder" . ' does not exist.';
+           $msg  = '<br />'.sprintf(_("Error: Draft folder %s does not exist."), $draft_folder);
            plain_error_message($msg, $color);
            return false;
         }
@@ -1495,7 +1564,7 @@ function deliverMessage($composeMessage, $draft=false) {
         $succes = $deliver->finalizeStream($stream);
     }
     if (!$succes) {
-        $msg  = $deliver->dlv_msg . '<br>' .
+        $msg  = $deliver->dlv_msg . '<br />' .
                 _("Server replied: ") . $deliver->dlv_ret_nr . ' '.
                 $deliver->dlv_server_msg;
         plain_error_message($msg, $color);
@@ -1525,6 +1594,13 @@ function deliverMessage($composeMessage, $draft=false) {
         }
 
         if (($fld_sent && $svr_allow_sent && !$lcl_allow_sent) || ($fld_sent && $lcl_allow_sent)) {
+            global $passed_id, $mailbox, $action;
+            if ($action == 'reply' || $action == 'reply_all') {
+                $save_reply_with_orig=getPref($data_dir,$username,'save_reply_with_orig');
+                if ($save_reply_with_orig) {
+                    $sent_folder = $mailbox;
+                }
+            }
             sqimap_append ($imap_stream, $sent_folder, $length);
             require_once(SM_PATH . 'class/deliver/Deliver_IMAP.class.php');
             $imap_deliver = new Deliver_IMAP();