<?php
/*
PHPwebmail is a webmail client written in php.
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
Addressbook JavaScript by Mirko Holler <hide@address.com>
*/
session_start();
require("not_registered.php");
?>
<html>
<head>
<meta http-equiv="content-type" content="text/html;charset=iso-8859-1">
<script type="text/javascript">
<!--
function Addto(Value) {
if(window.document.Newmail.to.value=='')
{
window.document.Newmail.to.value = Value;
}
else
{
window.document.Newmail.to.value = window.document.Newmail.to.value + ", " + Value;
}
}
function Addcc(Value) {
if(window.document.Newmail.cc.value=='')
{
window.document.Newmail.cc.value = Value;
}
else
{
window.document.Newmail.cc.value = window.document.Newmail.cc.value + ", " + Value;
}
}
function Addbcc(Value) {
if(window.document.Newmail.bcc.value=='')
{
window.document.Newmail.bcc.value = Value;
}
else
{
window.document.Newmail.bcc.value = window.document.Newmail.bcc.value + ", " + Value;
}
}
//-->
</script>
</head>
<body bgcolor="<?php echo $bg_color_main; ?>" text="<?php echo $fg_color; ?>" link="<?php echo $link_color; ?>" vlink="<?php echo $link_color; ?>" alink="<?php echo $alink_color; ?>">
<font face="courier, fixed" size=2>
<?php
function send_mail () {
global $name;
global $passwd;
global $to;
global $from;
global $subject;
global $body;
global $error;
global $version;
global $cc;
global $bcc;
global $server;
global $userfile, $userfile_name, $userfile_type, $userfile_size;
global $sql_host, $sql_user, $sql_pw, $user_sent;
// the "To:" field must be filled in
if ($to == "") {
$error="to";
} else {
$error="ok";
//Compute the extra header information.
$extraheader = "From:".$from."\n";
$extraheader .= "X-Mailer: PHPwebmail/".$version."\n";
if ($cc != "") $extraheader .= "Cc:".$cc."\n";
if ($bcc != "") $extraheader .= "Bcc:".$bcc."\n";
// handle attachment
if ($userfile == "")
$mailfile = new CMailFile(stripslashes($subject),$to,$extraheader,stripslashes($body),"nope","");
else {
// check if attachment is too big
if ($userfile_size > 1048576) $file_error=1;
else {
$file_error=0;
// copy the file temporaryly
move_uploaded_file($userfile,"tmp/".$userfile_name);
$mailfile = new CMailFile($subject,$to,$extraheader,$body,"tmp/".$userfile_name,$userfile_type,$userfile_name);
}
}
if (!$file_error) {
if (!$mailfile->sendfile()) {
print("<font face=\"arial\" size=2><b>Message sent to ".$to."<BR>
<script language=\"JavaScript\">parent.frames[1].location.href='mail_index.php?<?=SID?>'</script>");
if ($cc != "") print("Message sent cc to ".$cc."<BR>");
if ($bcc != "") print("Message sent bcc to ".$bcc."<BR>");
// finally delete the uploaded file
if ($userfile != "none" && !$file_error) unlink ("tmp/".$userfile_name);
//write everything into the database if set in preferences
if ($user_sent != "imap")
if ($db_link = mysql_connect($sql_host,$sql_user,$sql_pw)) {
@mysql_select_db("phpwebmail");
$sql_query = "INSERT INTO history (user,mailto, cc, bcc, subject, body, attachment, date)
VALUES('".$name."','".$to."','".$cc."','".$bcc."','".$subject."','".$body."','".$userfile_name."','".time()."');";
$result = mysql_query($sql_query);
mysql_close($db_link);
}
} else {
print("<font face=\"arial\" size=2><B>Error</B> Sending message to ".$to." failed.");
}
} else print ("<font face=\"arial\" size=2><B>Error</B>: File to big, message not sent.");
}
} // function send_mail ends
function split_addresses ($adds) {
$add_array = split(" |,|;",$adds);
$add_counter = 1;
foreach ($add_array as $this_add)
if (ereg("@", $this_add)) {
$this_add = ereg_replace("<","",$this_add);
$this_add = ereg_replace(">","",$this_add);
if ($add_counter > 1) $add_list = $add_list.", ".$this_add;
else $add_list = $this_add;
$add_counter++;
}
return $add_list;
} // function split_addresses ends
function mail_form () {
// remember the passed login information
global $name;
global $action;
global $passwd;
global $message;
global $to, $cc, $bcc;
global $from;
global $subject;
global $body;
global $error;
global $server;
global $imap_server;
global $userfile, $userfile_name, $userfile_type;
global $sql_host, $sql_user, $sql_pw;
if ($error == "to") { $error = ""; echo ("<B>ERROR - \"To:\" field empty</B><BR><BR><BR>"); }
if (ereg ("reply",$action)) {
echo ("<font face=\"arial\" size=2><B>Reply to e-mail message:</B><BR>");
} else if ($action == "forward") {
echo ("<font face=\"arial\" size=2><B>Forward an e-mail message:</B><BR>");
} else {
echo ("<font face=\"arial\" size=2><B>Send an e-mail message:</B><BR>");
}
echo "<font face=\"courier, fixed\" size=2>";
// get user prefs account from DB
if ($db_link = mysql_connect($sql_host,$sql_user,$sql_pw)) {
@mysql_select_db("phpwebmail");
$sql_query = "SELECT name, email, sent, textmode FROM prefs WHERE user='$name'";
$result = mysql_query($sql_query);
// catch SQL errors
if (mysql_errno()) echo ("ERROR ".mysql_error());
$row = mysql_fetch_row($result);
$username = strip_tags(htmlspecialchars($row[0]));
$usermail = strip_tags(htmlspecialchars($row[1]));
$from = $username." <".$usermail."> ";
$user_sent = $row[2];
$textmode = $row[3];
} // if db_link ends
// NOTE: quotes and <> around the mailaddress need a lot of care for the To: field
// For attachment handling, we need a special ENCTYPE
echo ("<FORM name=\"Newmail\" ENCTYPE=\"multipart/form-data\" action=\"send_mail.php?".SID."\" METHOD=POST>
<TABLE><TR><TD><font face=\"courier\" size=2><B>From:<B></TD><TD><font face=\"courier\" size=2>
<INPUT TYPE=TEXT NAME=from SIZE=40 VALUE=\"".$from."\"></TD>");
echo "<TD align=\"center\"><font face=\"courier\" size=2><b>Your address book:</b></TD></TR>";
if ($db_link = mysql_connect($sql_host,$sql_user,$sql_pw)) {
@mysql_select_db("phpwebmail");
$sql_query = "SELECT nr, name, email FROM addresses WHERE user='$name' ORDER BY name";
$result = mysql_query($sql_query);
// catch SQL errors
if (mysql_errno()) echo ("<p class=\"standard_forms\">ERROR ".mysql_error());
$addresses = "";
while ($row = mysql_fetch_row($result)) {
$the_nr = $row[0];
$the_name = $row[1];
$the_email = $row[2];
$addresses .= "<option value=\"".$the_email."\">".$the_name."\n";
} // while ends
mysql_close($db_link);
} // if db_link ends
$subject = urldecode(stripslashes($subject));
echo "<TR><TD><font face=\"courier\" size=2><B>To:</B></TD>
<TD><font face=\"courier\" size=2><INPUT TYPE=TEXT NAME=to SIZE=40 VALUE=\"".stripslashes(strip_tags(htmlspecialchars($to)))."\"></TD><TD>";
?>
<select size=1 name="Chooseto" onChange="Addto(this.form.Chooseto.options[this.form.Chooseto.options.selectedIndex].value)">
<option value="">____TO____
<?php
echo "$addresses </select></TD></TR>";
echo "<TR><TD><font face=\"courier\" size=2><B>CC:</B></TD><TD><font face=\"courier\" size=2><INPUT TYPE=TEXT NAME=cc SIZE=40 VALUE=\"".stripslashes(strip_tags(htmlspecialchars($cc)))."\"></TD><TD>";
?>
<select size=1 name="Choosecc" onChange="Addcc(this.form.Choosecc.options[this.form.Choosecc.options.selectedIndex].value)">
<option value="">____CC____
<?php
echo "$addresses </select></TD></TR>
<TR><TD><font face=\"courier\" size=2><B>BCC:</B></TD><TD><font face=\"courier\" size=2><INPUT TYPE=TEXT NAME=bcc SIZE=40 VALUE=\"".stripslashes(strip_tags(htmlspecialchars($bcc)))."\"></TD><TD>";
?>
<select size=1 name="Choosebcc" onChange="Addbcc(this.form.Choosebcc.options[this.form.Choosebcc.options.selectedIndex].value)">
<option value="">____BCC___
<?php
echo "$addresses </select></TD></TR>
<TR><TD><font face=\"courier\" size=2><B>Subject:</B></TD><TD><font face=\"courier\" size=2><INPUT TYPE=TEXT NAME=subject SIZE=40 VALUE=\"".$subject."\"></TD><TD align=\"right\">";
if ($textmode) echo "<input type=submit value=\" send \">"; else echo "<INPUT TYPE=\"image\" src=\"images/_send.gif\" border=0 alt=\"send\">";
echo "</TD></TR></TABLE><BR>";
echo "<TEXTAREA NAME=body ROWS=15 COLS=80>".$body."</TEXTAREA> <BR><BR>";
if (!$textmode) echo "<img src=\"images/attach.gif\"> ";
echo "<b>Attachment (max. 1MB): <INPUT NAME=\"userfile\" TYPE=\"file\" VALUE=\"".$userfile."\"><br><br>";
echo "<INPUT TYPE=HIDDEN NAME=user_sent VALUE=\"".$user_sent."\"><INPUT TYPE=HIDDEN NAME=action VALUE=\"send\"><INPUT TYPE=HIDDEN NAME=message VALUE=".$message."><INPUT TYPE=HIDDEN NAME=error VALUE=".$error."></b></FORM>";
} // function mail_form ends
// this is the main entry point
// use mime decoding-encoding functions
require("mime.php");
if (empty($body)) $body = "\n\n\n".$send_message;
if (!isset($action)) $action="";
if ($action == "send") {
send_mail();
if ($error == "to") mail_form();
} else {
if (ereg ("reply",$action) || $action == "forward") {
// set flag for replies
if (ereg ("reply",$action)) {
$mbox1 = imap_open("{".$imap_server.":143}".$folder,$name,$passwd);
imap_setflag_full($mbox1,imap_uid($mbox1,$message),'\\ANSWERED',SE_UID);
$dummy = imap_close($mbox1);
}
$mbox = imap_open("{".$imap_server.":143}".$folder,$name,$passwd);
if ($mbox == 0) {
print("<B>Error</B> opening mailbox for ".$name);
} else {
$head = imap_headerinfo($mbox,$message,40,40,$imap_server);
// get the original contents
$to = $head->fromaddress;
$date = $head->date;
$subject = decode_mime_string($head->subject);
$orig_to = $head->toaddress;
$orig_cc = $head->ccaddress;
if ($action == "reply")
$to = split_addresses ($to);
if ($action == "replyall") {
$to = split_addresses ($to." ".$orig_to);
$cc = split_addresses ($orig_cc);
}
if ($action == "forward") $subject = "Fwd: ".decode_mime_string($head->subject);
else $subject = "Re: ".decode_mime_string($head->subject);
$full_header = imap_fetchbody($mbox, $message, 0);
if (eregi ("Content-Type: multipart/alternative", $full_header)) $body_part = 2; else $body_part = 1;
// but what if there is no message text, just an attachment (MS Outlook)
if (eregi ("Content-Type: application/", $full_header)) $no_text = 1;
if (!$no_text) {
// get the original body
$body = imap_fetchbody($mbox, $message, $body_part);
$body = stripslashes(quoted_printable_decode($body));
// reverse unnecessary linebreaks "=CR"
$body = preg_replace ("'=\n'", "", $body);
// remove unwanted MIME headers from body (MS OE HTML mail!)
$body = eregi_replace("------=_NextPart_.*quoted-printable.*------=_NextPart_.*quoted-printable","",$body);
$body = eregi_replace("------=_NextPart_.*--","",$body);
// HTML mail show the formatted part nicely
if (eregi("<html>", $body)) {
$begin_html = strpos(strtoupper($body),"<HTML>");
$end_html = strpos(strtoupper($body),"</HTML>");
$body = substr($body, $begin_html, $end_html - $begin_html);
$body = strip_tags($body);
}
// we are quoting inline
$body = "\n\n\n".$send_message."\n\n--- original message ---\n".
"Date: ".$date."\n".
"From: ".$from."\n".
"To: ".$orig_to."\n".
"Cc: ".$orig_cc."\n".
"Subject: ".$subject."\n\n".$body;
$dummy = imap_close($mbox);
} // if text ends
if ($action == "forward") {
$to = "";
$cc = "";
}
}
}
mail_form();
}
?>
</BODY></HTML>