X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=src%2Fcompose.php;h=e0a7ca74c0041f3a295689ce90cfd09658a7aa23;hp=54d9314cccfbb729aa02053411b3029df34abb75;hb=8d8ab69aaf81e9fdd15396c783f0e40e698e839f;hpb=29d08a525118c05b2239f7bdca480a7422ef9190

diff --git a/src/compose.php b/src/compose.php
index 54d9314c..e0a7ca74 100644
--- a/src/compose.php
+++ b/src/compose.php
@@ -1,5 +1,11 @@
-<?
-   /** This code sends a mail.
+<?php
+   /** 
+    ** compose.php
+    **
+    **  Copyright (c) 1999-2000 The SquirrelMail development team
+    **  Licensed under the GNU GPL. For full terms see the file COPYING.
+    **
+    ** This code sends a mail.
     **
     ** There are 3 modes of operation:
     **  - Start new mail
@@ -25,92 +31,74 @@
       include("../functions/smtp.php");
    if (!isset($display_messages_php))
       include("../functions/display_messages.php");
+   if (!isset($auth_php))
+      include ("../functions/auth.php");
 
    include("../src/load_prefs.php");
 
    // This function is used when not sending or adding attachments
    function newMail () {
       global $forward_id, $imapConnection, $msg, $ent_num, $body_ary, $body,
-         $reply_id, $send_to, $send_to_cc, $mailbox;
+         $reply_id, $send_to, $send_to_cc, $mailbox, $send_to_bcc;
 
       $send_to = decodeHeader($send_to);
       $send_to_cc = decodeHeader($send_to_cc);
 
-      if ($forward_id) {
+      if ($forward_id)
+         $id = $forward_id;
+      else if ($reply_id)
+         $id = $reply_id;
+
+
+      if ($id) {
          sqimap_mailbox_select($imapConnection, $mailbox);
-         $msg = sqimap_get_message($imapConnection, $forward_id, $mailbox);
-         
-         if (containsType($msg, "text", "html", $ent_num)) {
-            $body = decodeBody($msg["ENTITIES"][$ent_num]["BODY"], $msg["ENTITIES"][$ent_num]["ENCODING"]);
-         } else if (containsType($msg, "text", "plain", $ent_num)) {
-            $body = decodeBody($msg["ENTITIES"][$ent_num]["BODY"], $msg["ENTITIES"][$ent_num]["ENCODING"]);
-         }
-         // add other primary displaying msg types here
-         else {
-            // find any type that's displayable
-            if (containsType($msg, "text", "any_type", $ent_num)) {
-               $body = decodeBody($msg["ENTITIES"][$ent_num]["BODY"], $msg["ENTITIES"][$ent_num]["ENCODING"]);
-            } else if (containsType($msg, "msg", "any_type", $ent_num)) {
-               $body = decodeBody($msg["ENTITIES"][$ent_num]["BODY"], $msg["ENTITIES"][$ent_num]["ENCODING"]);
-            } else {
-               $body = _("No Message");
-            }
+         $message = sqimap_get_message($imapConnection, $id, $mailbox);
+         $orig_header = $message->header;
+         if ($ent_num)
+            $message = getEntity($message, $ent_num);
+
+         if ($message->header->type0 == "text" || $message->header->type1 == "message") {
+            if ($ent_num)
+               $body = decodeBody(mime_fetch_body($imapConnection, $id, $ent_num), $message->header->encoding);
+            else
+               $body = decodeBody(mime_fetch_body($imapConnection, $id, 1), $message->header->encoding);
+         } else {
+            $body = "";
          }
          
-         $type1 = $msg["ENTITIES"][$ent_num]["TYPE1"];
-         
-         $tmp = _("-------- Original Message ---------\n");
+         if ($message->header->type1 == "html")
+            $body = strip_tags($body);
+            
          $body_ary = explode("\n", $body);
          $body = "";
-         for ($i=0;$i < count($body_ary);$i++) {
-            if ($type1 == "html")
-               $tmp .= strip_tags($body_ary[$i]);
-            else
-               $tmp .= $body_ary[$i];
-            $body = "$body$tmp\n";
-            $tmp = "";
-         }
-      }
-      
-      if ($reply_id) {
-         sqimap_mailbox_select($imapConnection, $mailbox);
-         $msg = sqimap_get_message($imapConnection, $reply_id, $mailbox);
-         
-         if (containsType($msg, "text", "html", $ent_num)) {
-            $body = decodeBody($msg["ENTITIES"][$ent_num]["BODY"], $msg["ENTITIES"][$ent_num]["ENCODING"], false);
-         } else if (containsType($msg, "text", "plain", $ent_num)) {
-            $body = decodeBody($msg["ENTITIES"][$ent_num]["BODY"], $msg["ENTITIES"][$ent_num]["ENCODING"], false);
-         }
-         // add other primary displaying msg types here
-         else {
-            // find any type that's displayable
-            if (containsType($msg, "text", "any_type", $ent_num)) {
-               $body = decodeBody($msg["ENTITIES"][$ent_num]["BODY"], $msg["ENTITIES"][$ent_num]["ENCODING"], false);
-            } else if (containsType($msg, "msg", "any_type", $ent_num)) {
-               $body = decodeBody($msg["ENTITIES"][$ent_num]["BODY"], $msg["ENTITIES"][$ent_num]["ENCODING"], false);
+         for ($i=0; $i < count($body_ary); $i++) {
+            if ($i==0 && $forward_id) {
+               $tmp = _("-------- Original Message ---------\n");
+               $tmp .= _("Subject") . ": " . $orig_header->subject . "\n"; 
+               $tmp .= "   " . _("From") . ": " . $orig_header->from . "\n"; 
+               $tmp .= "     " . _("To") . ": " . $orig_header->to[0] . "\n"; 
+               if (count($orig_header->to) > 1) {
+                  for ($x=1; $x < count($orig_header->to); $x++) {
+                     $tmp .= "         " . $orig_header->to[$x] . "\n";
+                  }
+               }
+               $tmp .= "\n" . $body_ary[$i];
             } else {
-               $body = _("No Message");
+               $tmp = $body_ary[$i];
             }
-         }
-         
-         $type1 = $msg["ENTITIES"][$ent_num]["TYPE1"];
-         
-         $body_ary = explode("\n", $body);
-         $body = "";
-         for ($i=0;$i < count($body_ary);$i++) {
-            if ($type1 == "html")
-               $tmp = strip_tags($body_ary[$i]);
+            if ($forward_id)
+               $body = "$body$tmp\n";
             else
-               $tmp = $body_ary[$i];
-            $body = "$body> $tmp\n";
+               $body = "$body> $tmp\n";
          }
+         return $body;   
       }
-      
+
       if (!$send_to) {
          $send_to = sqimap_find_email($send_to);
       }
 
-      $send_to = ereg_replace("\"", "", $send_to);
+//      $send_to = ereg_replace("\"", "", $send_to);
       $send_to = stripslashes($send_to);
       
       /** This formats a CC string if they hit "reply all" **/
@@ -144,74 +132,66 @@
    function showInputForm () {
       global $send_to, $send_to_cc, $reply_subj, $forward_subj, $body,
          $passed_body, $color, $use_signature, $signature, $editor_size,
-         $attachments, $subject, $newmail, $PHPSESSID;
+         $attachments, $subject, $newmail, $use_javascript_addr_book,
+         $send_to_bcc, $reply_id, $mailbox;
 
       $subject = decodeHeader($subject);
       $reply_subj = decodeHeader($reply_subj);
       $forward_subj = decodeHeader($forward_subj);
 
-      echo "\n<SCRIPT LANGUAGE=JavaScript><!--\n";
-      echo "function open_abook() { \n";
-      echo "  var nwin = window.open(\"addrbook_popup.php?PHPSESSID=$PHPSESSID\",\"abookpopup\",";
-      echo "\"width=670,height=300,resizable=yes,scrollbars=yes\");\n";
-      echo "  if((!nwin.opener) && (document.windows != null))\n";
-      echo "    nwin.opener = document.windows;\n";
-      echo "}\n";
-      echo "// --></SCRIPT>\n\n";
-
-      echo "\n<FORM name=compose action=\"compose.php?PHPSESSID=$PHPSESSID\" METHOD=POST\n";
-      echo "ENCTYPE=\"multipart/form-data\">\n";
-      echo "<TABLE COLS=2 WIDTH=50 ALIGN=center CELLSPACING=0 BORDER=0>\n";
+      if ($use_javascript_addr_book) {
+         echo "\n<SCRIPT LANGUAGE=JavaScript><!--\n";
+         echo "function open_abook() { \n";
+         echo "  var nwin = window.open(\"addrbook_popup.php\",\"abookpopup\",";
+         echo "\"width=670,height=300,resizable=yes,scrollbars=yes\");\n";
+         echo "  if((!nwin.opener) && (document.windows != null))\n";
+         echo "    nwin.opener = document.windows;\n";
+         echo "}\n";
+         echo "// --></SCRIPT>\n\n";
+      }
+
+      echo "\n<FORM name=compose action=\"compose.php\" METHOD=POST ENCTYPE=\"multipart/form-data\">\n";
+      if ($reply_id) {
+         echo "<input type=hidden name=reply_id value=$reply_id>\n";
+      }		 
+      printf("<INPUT TYPE=hidden NAME=mailbox VALUE=\"%s\">\n", htmlspecialchars($mailbox));
+      echo "<TABLE WIDTH=50 ALIGN=center CELLSPACING=0 BORDER=0>\n";
       echo "   <TR>\n";
       echo "      <TD WIDTH=50 BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
       echo _("To:");
-      echo "      </TD><TD WIDTH=% BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
-      if ($send_to)
-         echo "         <INPUT TYPE=TEXT NAME=send_to VALUE=\"$send_to\" SIZE=60><BR>";
-      else
-         echo "         <INPUT TYPE=TEXT NAME=send_to SIZE=60><BR>";
+      echo "      </TD><TD colspan=2 WIDTH=\"100%\" BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
+      printf("         <INPUT TYPE=text NAME=\"send_to\" VALUE=\"%s\" SIZE=60><BR>\n",
+	     htmlspecialchars($send_to));
       echo "      </TD>\n";
       echo "   </TR>\n";
       echo "   <TR>\n";
       echo "      <TD WIDTH=50 BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
       echo _("CC:");
-      echo "      </TD><TD WIDTH=% BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
-      if ($send_to_cc)
-         echo "         <INPUT TYPE=TEXT NAME=send_to_cc SIZE=60 VALUE=\"$send_to_cc\"><BR>";
-      else
-         echo "         <INPUT TYPE=TEXT NAME=send_to_cc SIZE=60><BR>";
+      echo "      </TD><TD colspan=2 BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
+      printf("         <INPUT TYPE=text NAME=\"send_to_cc\" SIZE=60 VALUE=\"%s\"><BR>\n",
+	     htmlspecialchars($send_to_cc));
       echo "      </TD>\n";
       echo "   </TR>\n";
       echo "   <TR>\n";
       echo "      <TD WIDTH=50 BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
       echo _("BCC:");
-      echo "      </TD><TD WIDTH=% BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
-      if ($send_to_bcc)
-         echo "         <INPUT TYPE=TEXT NAME=send_to_bcc VALUE=\"$send_to_bcc\" SIZE=60><BR>";
-      else
-         echo "         <INPUT TYPE=TEXT NAME=send_to_bcc SIZE=60><BR>";
-      echo "      </TD>\n";
-      echo "   </TR>\n";
-
-      echo "<SCRIPT LANGUAGE=JavaScript><!--\n document.write(\"";
-      echo "<TR><TD BGCOLOR=\\\"$color[4]\\\">&nbsp;</TD>";
-      echo "</TD><TD BGCOLOR=\\\"$color[4]\\\" ALIGN=LEFT>";
-      printf("<A HREF=\\\"javascript:open_abook();\\\">%s</A>",
-	     _("Lookup recipients in addressbook.")."<BR>");
-      echo "</TD></TR>\");\n";
-      echo "// --></SCRIPT>\n";
+      echo "      </TD><TD BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
+      printf("         <INPUT TYPE=text NAME=\"send_to_bcc\" VALUE=\"%s\" SIZE=60><BR>\n",
+	     htmlspecialchars($send_to_bcc));
+      echo "</TD></TR>\n";
 
       echo "   <TR>\n";
       echo "      <TD WIDTH=50 BGCOLOR=\"$color[4]\" ALIGN=RIGHT>\n";
       echo _("Subject:");
-      echo "      </TD><TD WIDTH=% BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
+      echo "      </TD><TD BGCOLOR=\"$color[4]\" ALIGN=LEFT>\n";
       if ($reply_subj) {
          $reply_subj = str_replace("\"", "'", $reply_subj);
          $reply_subj = stripslashes($reply_subj);
          $reply_subj = trim($reply_subj);
          if (substr(strtolower($reply_subj), 0, 3) != "re:")
             $reply_subj = "Re: $reply_subj";
-         echo "         <INPUT TYPE=TEXT NAME=subject SIZE=60 VALUE=\"$reply_subj\">";
+         printf("         <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
+		htmlspecialchars($reply_subj));
       } else if ($forward_subj) {
          $forward_subj = str_replace("\"", "'", $forward_subj);
          $forward_subj = stripslashes($forward_subj);
@@ -220,23 +200,41 @@
              (substr(strtolower($forward_subj), 0, 5) != "[fwd:") &&
              (substr(strtolower($forward_subj), 0, 6) != "[ fwd:"))
             $forward_subj = "[Fwd: $forward_subj]";
-         echo "         <INPUT TYPE=TEXT NAME=subject SIZE=50 VALUE=\"$forward_subj\">";
+         printf("         <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
+		htmlspecialchars($forward_subj));
       } else {
-         echo "         <INPUT TYPE=TEXT NAME=subject VALUE=\"$subject\" SIZE=50>";
+ 	 printf("         <INPUT TYPE=text NAME=subject SIZE=60 VALUE=\"%s\">",
+		htmlspecialchars($subject));
       }
-      echo "&nbsp;&nbsp;<INPUT TYPE=SUBMIT NAME=send VALUE=\"". _("Send") . "\">";
-      echo "      </TD>\n";
-      echo "   </TR>\n";
+      echo "</td></tr>\n\n";
+
+      echo "   <TR><td>\n   </td><td>\n";
+      if ($use_javascript_addr_book) {
+         echo "      <SCRIPT LANGUAGE=JavaScript><!--\n document.write(\"";
+         echo "         <input type=button value=\\\""._("Addresses")."\\\" onclick='javascript:open_abook();'>\");";
+         echo "         // --></SCRIPT><NOSCRIPT>\n";
+         echo "         <input type=submit name=\"html_addr_search\" value=\""._("Addresses")."\">";
+         echo "      </NOSCRIPT>\n";
+      } else {  
+         echo "      <input type=submit name=\"html_addr_search\" value=\""._("Addresses")."\">";
+      }   
+      echo "\n    <INPUT TYPE=SUBMIT NAME=send VALUE=\"". _("Send") . "\">\n";
+      echo "   </TD>\n";
+      echo "   </TR>\n\n";
+
 
       echo "   <TR>\n";
-      echo "      <TD BGCOLOR=\"$color[4]\" COLSPAN=2>\n";
-      if ($use_signature == true && $newmail == true)
-         echo "         &nbsp;&nbsp;<TEXTAREA NAME=body ROWS=20 COLS=\"$editor_size\" WRAP=HARD>". $body . "\n\n-- \n".$signature."</TEXTAREA><BR>";
-      else
-         echo "         &nbsp;&nbsp;<TEXTAREA NAME=body ROWS=20 COLS=\"$editor_size\" WRAP=HARD>".$body."</TEXTAREA><BR>\n";
+      echo "      <TD BGCOLOR=\"$color[4]\" COLSPAN=3>\n";
+      echo "         &nbsp;&nbsp;<TEXTAREA NAME=body ROWS=20 COLS=\"$editor_size\" WRAP=HARD>";
+      if ($use_signature == true && $newmail == true) {
+	 echo htmlspecialchars($body) . "\n\n-- \n" . htmlspecialchars($signature);
+      } else {
+	 echo htmlspecialchars($body);
+      }
+      echo "</TEXTAREA><BR>\n";
       echo "      </TD>\n";
       echo "   </TR>\n";
-      echo "   <TR><TD COLSPAN=2 ALIGN=CENTER><INPUT TYPE=SUBMIT NAME=send VALUE=\"";
+      echo "   <TR><TD COLSPAN=3 ALIGN=CENTER><INPUT TYPE=SUBMIT NAME=send VALUE=\"";
       echo _("Send");
       echo "\"></TD></TR>\n";
       
@@ -244,19 +242,18 @@
       echo "   <tr>\n";
       echo "     <TD WIDTH=50 BGCOLOR=\"$color[0]\" VALIGN=TOP ALIGN=RIGHT>\n";
       echo "      <SMALL><BR></SMALL>"._("Attach:");
-      echo "      </td><td width=% ALIGN=left BGCOLOR=\"$color[0]\">\n";
+      echo "      </td><td colspan=2 ALIGN=left BGCOLOR=\"$color[0]\">\n";
       //      echo "      <INPUT TYPE=\"hidden\" name=\"MAX_FILE_SIZE\"\n";
       //      echo "      value=\"10000\">\n";
       echo "      <INPUT NAME=\"attachfile\" TYPE=\"file\">\n";
       echo "      &nbsp;&nbsp;<input type=\"submit\" name=\"attach\"\n";
       echo "      value=\"" . _("Add") ."\">\n";
       echo "     </td>\n";
-      echo "     </font>\n";
       echo "   </tr>\n";
       if (isset($attachments) && count($attachments)>0) {
          echo "</tr><tr><td width=50 bgcolor=\"$color[0]\" align=right>\n";
          echo "&nbsp;";
-         echo "</td><td width=% align=left bgcolor=\"$color[0]\">";
+         echo "</td><td align=left colspan=2 bgcolor=\"$color[0]\">";
          while (list($localname, $remotename) = each($attachments)) {
             echo "<input type=\"checkbox\" name=\"delete[]\" value=\"$localname\">\n";
             echo "$remotename <input type=\"hidden\" name=\"attachments[$localname]\" value=\"$remotename\"><br>\n";
@@ -272,10 +269,8 @@
    }
 
    function showSentForm () {
-      global $PHPSESSID;
-
       echo "<BR><BR><BR><CENTER><B>Message Sent!</B><BR><BR>";
-      echo "You will be automatically forwarded.<BR>If not, <A HREF=\"right_main.php?PHPSESSID=$PHPSESSID\">click here</A>";
+      echo "You will be automatically forwarded.<BR>If not, <A HREF=\"right_main.php\">click here</A>";
       echo "</CENTER>";
    }
 
@@ -286,38 +281,65 @@
           error message, show=true **/
       global $body, $send_to, $subject, $color;
 
-      if ($body == "") {
+      if ($body == "" && $subject == "") {
          if ($show)
-            plain_error_message(_("You have not entered a message body."), $color);
+            plain_error_message(_("You have not entered a message body or a subject."), $color);
          return false;
       } else if ($send_to == "") {
          if ($show)
             plain_error_message(_("You have not filled in the \"To:\" field."), $color);
          return false;
-      } else if ($subject == "") {
-         if ($show)
-            plain_error_message(_("You have not entered a subject."), $color);
-         return false;
       }
       return true;
    } // function checkInput()
 
+
+   if (($mailbox == "") || ($mailbox == "None"))
+      $mailbox = "INBOX";
+
    if(isset($send)) {
       if (checkInput(false)) {
-         sendMessage($send_to, $send_to_cc, $send_to_bcc, $subject, $body);
-         header ("Location: right_main.php?PHPSESSID=$PHPSESSID");
+         $urlMailbox = urlencode ($mailbox);
+         sendMessage($send_to, $send_to_cc, $send_to_bcc, $subject, $body, $reply_id);
+         header ("Location: right_main.php?mailbox=$urlMailbox&sort=$sort&startMessage=1");
       } else {
-         echo "<HTML><BODY TEXT=\"$color[8]\" BGCOLOR=\"$color[4]\" LINK=\"$color[7]\" VLINK=\"$color[7]\" ALINK=\"$color[7]\">\n";
          $imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
-         displayPageHeader($color, "None");
+         displayPageHeader($color, $mailbox);
          checkInput(true);
          
          showInputForm();
+         sqimap_logout($imapConnection);
+      }
+   } else if ($html_addr_search_done) {
+      is_logged_in();
+      displayPageHeader($color, $mailbox);
+
+      $body = stripslashes($body);
+      $send_to = stripslashes($send_to);
+      $send_to_cc = stripslashes($send_to_cc);
+      $send_to_bcc = stripslashes($send_to_bcc);
+      $subject = stripslashes($subject);
+      
+      for ($i=0; $i < count($send_to_search); $i++) {
+         if ($send_to)
+            $send_to .= ", ";
+         $send_to .= $send_to_search[$i];   
+      }
+      
+      for ($i=0; $i < count($send_to_cc_search); $i++) {
+         if ($send_to_cc)
+            $send_to_cc .= ", ";
+         $send_to_cc .= $send_to_cc_search[$i];   
       }
+      
+      showInputForm();
+   } else if ($html_addr_search) {
+      // I am using an include so as to elminiate an extra unnecessary click.  If you
+      // can think of a better way, please implement it.
+      include ("addrbook_search_html.php");
    } else if (isset($attach)) {
-      echo "<HTML><BODY TEXT=\"$color[8]\" BGCOLOR=\"$color[4]\" LINK=\"$color[7]\" VLINK=\"$color[7]\" ALINK=\"$color[7]\">\n";
-      $imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
-      displayPageHeader($color, "None");
+      is_logged_in();
+      displayPageHeader($color, $mailbox);
 
       $localfilename = md5("$attachfile, $attachfile_name, $REMOTE_IP, $REMOTE_PORT, $UNIQUE_ID, and everything else that may add entropy");
       $localfilename = $localfilename;
@@ -343,9 +365,8 @@
       
       showInputForm();
    } else if (isset($do_delete)) {
-      echo "<HTML><BODY TEXT=\"$color[8]\" BGCOLOR=\"$color[4]\" LINK=\"$color[7]\" VLINK=\"$color[7]\" ALINK=\"$color[7]\">\n";
-      $imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
-      displayPageHeader($color, "None");
+      is_logged_in();
+      displayPageHeader($color, $mailbox);
 
       while (list($key, $localname) = each($delete)) {
          array_splice ($attachments, $key, 1);
@@ -355,12 +376,12 @@
 
       showInputForm();
    } else {
-      echo "<HTML><BODY TEXT=\"$color[8]\" BGCOLOR=\"$color[4]\" LINK=\"$color[7]\" VLINK=\"$color[7]\" ALINK=\"$color[7]\">\n";
       $imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
-      displayPageHeader($color, "None");
+      displayPageHeader($color, $mailbox);
 
       $newmail = true;
       newMail();
       showInputForm();
+      sqimap_logout($imapConnection);
    }
 ?>