function showInputForm($session, $values = false) { global $send_to, $send_to_cc, $body, $startMessage, $passed_body, $color, $use_signature, $signature, $prefix_sig, $editor_size, $editor_height, $attachments, $subject, $newmail, $use_javascript_addr_book, $send_to_bcc, $passed_id, $mailbox, $from_htmladdr_search, $location_of_buttons, $attachment_dir, $username, $data_dir, $identity, $idents, $draft_id, $delete_draft, $mailprio, $default_use_mdn, $mdn_user_support, $compose_new_win, $saved_draft, $mail_sent, $sig_first, $edit_as_new, $action, $username, $compose_messages, $composesession, $default_charset; $composeMessage = $compose_messages[$session]; if ($values) { $send_to = $values['send_to']; $send_to_cc = $values['send_to_cc']; $send_to_bcc = $values['send_to_bcc']; $subject = $values['subject']; $mailprio = $values['mailprio']; $body = $values['body']; $identity = (int) $values['identity']; } else { $send_to = decodeHeader($send_to, true, false); $send_to_cc = decodeHeader($send_to_cc, true, false); $send_to_bcc = decodeHeader($send_to_bcc, true, false); } if ($use_javascript_addr_book) { echo "\n" . '<script language="JavaScript">' . "\n<!--\n" . 'function open_abook() { ' . "\n" . ' var nwin = window.open("addrbook_popup.php","abookpopup",' . '"width=670,height=300,resizable=yes,scrollbars=yes");' . "\n" . ' if((!nwin.opener) && (document.windows != null))' . "\n" . ' nwin.opener = document.windows;' . "\n" . "}\n" . "// -->\n</script>\n\n"; } echo "\n" . '<form name="compose" action="compose.php" method="post" ' . 'enctype="multipart/form-data"'; do_hook('compose_form'); echo ">\n"; echo addHidden('startMessage', $startMessage); if ($action == 'draft') { echo addHidden('delete_draft', $passed_id); } if (isset($delete_draft)) { echo addHidden('delete_draft', $delete_draft); } if (isset($session)) { echo addHidden('session', $session); } if (isset($passed_id)) { echo addHidden('passed_id', $passed_id); } if ($saved_draft == 'yes') { echo '<br /><center><b>' . _("Draft Saved") . '</center></b>'; } if ($mail_sent == 'yes') { echo '<br /><center><b>' . _("Your Message has been sent.") . '</center></b>'; } echo '<table align="center" cellspacing="0" border="0">' . "\n"; if ($compose_new_win == '1') { echo '<table align="center" bgcolor="' . $color[0] . '" width="100%" border="0">' . "\n" . ' <tr><td></td>' . html_tag('td', '', 'right') . '<input type="button" name="Close" onClick="return self.close()" value="' . _("Close") . '" /></td></tr>' . "\n"; } if ($location_of_buttons == 'top') { showComposeButtonRow(); } /* display select list for identities */ if (count($idents) > 1) { $ident_list = array(); foreach ($idents as $id => $data) { $ident_list[$id] = $data['full_name'] . ' <' . $data['email_address'] . '>'; } echo ' <tr>' . "\n" . html_tag('td', '', 'right', $color[4], 'width="10%"') . _("From:") . '</td>' . "\n" . html_tag('td', '', 'left', $color[4], 'width="90%"') . ' ' . addSelect('identity', $ident_list, $identity, TRUE); echo ' </td>' . "\n" . ' </tr>' . "\n"; } echo ' <tr>' . "\n" . html_tag('td', '', 'right', $color[4], 'width="10%"') . _("To") . ':</td>' . "\n" . html_tag('td', '', 'left', $color[4], 'width="90%"') . addInput('send_to', $send_to, 60) . '<br />' . "\n" . ' </td>' . "\n" . ' </tr>' . "\n" . ' <tr>' . "\n" . html_tag('td', '', 'right', $color[4]) . _("Cc") . ':</td>' . "\n" . html_tag('td', '', 'left', $color[4]) . addInput('send_to_cc', $send_to_cc, 60) . '<br />' . "\n" . ' </td>' . "\n" . ' </tr>' . "\n" . ' <tr>' . "\n" . html_tag('td', '', 'right', $color[4]) . _("Bcc") . ':</td>' . "\n" . html_tag('td', '', 'left', $color[4]) . addInput('send_to_bcc', $send_to_bcc, 60) . '<br />' . "\n" . ' </td>' . "\n" . ' </tr>' . "\n" . ' <tr>' . "\n" . html_tag('td', '', 'right', $color[4]) . _("Subject") . ':</td>' . "\n" . html_tag('td', '', 'left', $color[4]) . "\n"; echo ' ' . addInput('subject', $subject, 60) . ' </td>' . "\n" . ' </tr>' . "\n\n"; if ($location_of_buttons == 'between') { showComposeButtonRow(); } /* why this distinction? */ if ($compose_new_win == '1') { echo ' <tr>' . "\n" . ' <td bgcolor="' . $color[0] . '" colspan="2" align="center">' . "\n" . ' <textarea name="body" id="body" rows="' . (int) $editor_height . '" cols="' . (int) $editor_size . '" wrap="virtual">'; } else { echo ' <tr>' . "\n" . ' <td bgcolor="' . $color[4] . '" colspan="2">' . "\n" . ' <textarea name="body" id="body" rows="' . (int) $editor_height . '" cols="' . (int) $editor_size . '" wrap="virtual">'; } if ($use_signature == true && $newmail == true && !isset($from_htmladdr_search)) { $signature = $idents[$identity]['signature']; if ($sig_first == '1') { if ($default_charset == 'iso-2022-jp') { echo "\n\n" . ($prefix_sig == true ? "-- \n" : '') . mb_convert_encoding($signature, 'EUC-JP'); } else { echo "\n\n" . ($prefix_sig == true ? "-- \n" : '') . decodeHeader($signature, false, false); } echo "\n\n" . htmlspecialchars(decodeHeader($body, false, false)); } else { echo "\n\n" . htmlspecialchars(decodeHeader($body, false, false)); if ($default_charset == 'iso-2022-jp') { echo "\n\n" . ($prefix_sig == true ? "-- \n" : '') . mb_convert_encoding($signature, 'EUC-JP'); } else { echo "\n\n" . ($prefix_sig == true ? "-- \n" : '') . decodeHeader($signature, false, false); } } } else { echo htmlspecialchars(decodeHeader($body, false, false)); } echo '</textarea><br />' . "\n" . ' </td>' . "\n" . ' </tr>' . "\n"; if ($location_of_buttons == 'bottom') { showComposeButtonRow(); } else { echo ' <tr>' . "\n" . html_tag('td', '', 'right', '', 'colspan="2"') . "\n" . ' ' . addSubmit(_("Send"), 'send') . ' <br /><br />' . "\n" . ' </td>' . "\n" . ' </tr>' . "\n"; } /* This code is for attachments */ if ((bool) ini_get('file_uploads')) { /* Calculate the max size for an uploaded file. * This is advisory for the user because we can't actually prevent * people to upload too large files. */ $sizes = array(); /* php.ini vars which influence the max for uploads */ $configvars = array('post_max_size', 'memory_limit', 'upload_max_filesize'); foreach ($configvars as $var) { /* skip 0 or empty values */ if ($size = getByteSize(ini_get($var))) { $sizes[] = $size; } } if (count($sizes) > 0) { $maxsize = '(max. ' . show_readable_size(min($sizes)) . ')'; } else { $maxsize = ''; } echo addHidden('MAX_FILE_SIZE', min($sizes)) . ' <tr>' . "\n" . ' <td colspan="2">' . "\n" . ' <table width="100%" cellpadding="1" cellspacing="0" align="center"' . ' border="0" bgcolor="' . $color[9] . '">' . "\n" . ' <tr>' . "\n" . ' <td>' . "\n" . ' <table width="100%" cellpadding="3" cellspacing="0" align="center"' . ' border="0">' . "\n" . ' <tr>' . "\n" . html_tag('td', '', 'right', '', 'valign="middle"') . _("Attach:") . '</td>' . "\n" . html_tag('td', '', 'left', '', 'valign="middle"') . ' <input name="attachfile" size="48" type="file" />' . "\n" . ' <input type="submit" name="attach"' . ' value="' . _("Add") . '" />' . "\n" . $maxsize . ' </td>' . "\n" . ' </tr>' . "\n"; $s_a = array(); if ($composeMessage->entities) { foreach ($composeMessage->entities as $key => $attachment) { $attached_file = $attachment->att_local_name; if ($attachment->att_local_name || $attachment->body_part) { $attached_filename = decodeHeader($attachment->mime_header->getParameter('name')); $type = $attachment->mime_header->type0 . '/' . $attachment->mime_header->type1; $s_a[] = '<table bgcolor="' . $color[0] . '" border="0"><tr><td>' . addCheckBox('delete[]', FALSE, $key) . "</td><td>\n" . $attached_filename . '</td><td>-</td><td> ' . $type . '</td><td>(' . show_readable_size(filesize($attached_file)) . ')</td></tr></table>' . "\n"; } } } if (count($s_a)) { foreach ($s_a as $s) { echo '<tr>' . html_tag('td', '', 'left', $color[0], 'colspan="2"') . $s . '</td></tr>'; } echo '<tr><td colspan="2"><input type="submit" name="do_delete" value="' . _("Delete selected attachments") . "\" />\n" . '</td></tr>'; } echo ' </table>' . "\n" . ' </td>' . "\n" . ' </tr>' . "\n" . ' </table>' . "\n" . ' </td>' . "\n" . ' </tr>' . "\n"; } // End of file_uploads if-block /* End of attachment code */ if ($compose_new_win == '1') { echo '</table>' . "\n"; } echo '</table>' . "\n" . addHidden('username', $username) . addHidden('smaction', $action) . addHidden('mailbox', $mailbox); /* store the complete ComposeMessages array in a hidden input value so we can restore them in case of a session timeout. */ sqgetGlobalVar('QUERY_STRING', $queryString, SQ_SERVER); echo addHidden('restoremessages', serialize($compose_messages)) . addHidden('composesession', $composesession) . addHidden('querystring', $queryString) . "</form>\n"; if (!(bool) ini_get('file_uploads')) { /* File uploads are off, so we didn't show that part of the form. To avoid bogus bug reports, tell the user why. */ echo 'Because PHP file uploads are turned off, you can not attach files '; echo "to this message. Please see your system administrator for details.\r\n"; } do_hook('compose_bottom'); echo '</body></html>' . "\n"; }
function showInputForm($session, $values = false) { global $send_to, $send_to_cc, $send_to_bcc, $body, $startMessage, $action, $attachments, $use_signature, $signature, $prefix_sig, $session_expired, $editor_size, $editor_height, $subject, $newmail, $use_javascript_addr_book, $passed_id, $mailbox, $fwduid, $from_htmladdr_search, $location_of_buttons, $attachment_dir, $username, $data_dir, $identity, $idents, $delete_draft, $mailprio, $compose_new_win, $saved_draft, $mail_sent, $sig_first, $composeMessage, $composesession, $default_charset, $compose_onsubmit, $oTemplate, $oErrorHandler; if (checkForJavascript()) { $onfocus = ' onfocus="alreadyFocused=true;"'; $onfocus_array = array('onfocus' => 'alreadyFocused=true;'); } else { $onfocus = ''; $onfocus_array = array(); } if ($values) { $send_to = $values['send_to']; $send_to_cc = $values['send_to_cc']; $send_to_bcc = $values['send_to_bcc']; $subject = $values['subject']; $mailprio = $values['mailprio']; $body = $values['body']; $identity = (int) $values['identity']; } else { $send_to = decodeHeader($send_to, true, false); $send_to_cc = decodeHeader($send_to_cc, true, false); $send_to_bcc = decodeHeader($send_to_bcc, true, false); } if ($use_javascript_addr_book) { //FIXME: NO HTML IN CORE! echo "\n" . '<script type="text/javascript">' . "\n<!--\n" . 'function open_abook() { ' . "\n" . ' var nwin = window.open("addrbook_popup.php","abookpopup",' . '"width=670,height=300,resizable=yes,scrollbars=yes");' . "\n" . ' if((!nwin.opener) && (document.windows != null))' . "\n" . ' nwin.opener = document.windows;' . "\n" . "}\n" . "// -->\n</script>\n\n"; } //FIXME: NO HTML IN CORE! echo "\n" . '<form name="compose" action="compose.php" method="post" ' . 'enctype="multipart/form-data"'; $compose_onsubmit = array(); global $null; do_hook('compose_form', $null); // Plugins that use compose_form hook can add an array entry // to the globally scoped $compose_onsubmit; we add them up // here and format the form tag's full onsubmit handler. // Each plugin should use "return false" if they need to // stop form submission but otherwise should NOT use "return // true" to give other plugins the chance to do what they need // to do; SquirrelMail itself will add the final "return true". // Onsubmit text is enclosed inside of double quotes, so plugins // need to quote accordingly. // // Also, plugin authors should try to retain compatibility with // the Compose Extras plugin by resetting its compose submit // counter when preventing form submit. Use this code: // if (your-code-here) { submit_count = 0; return false; } // if (checkForJavascript()) { if (empty($compose_onsubmit)) { $compose_onsubmit = array(); } else { if (!is_array($compose_onsubmit)) { $compose_onsubmit = array($compose_onsubmit); } } $onsubmit_text = ''; foreach ($compose_onsubmit as $text) { $text = trim($text); if (!empty($text)) { if (substr($text, -1) != ';' && substr($text, -1) != '}') { $text .= '; '; } $onsubmit_text .= $text; } } if (!empty($onsubmit_text)) { //FIXME: DON'T ECHO HTML FROM CORE! echo ' onsubmit="' . $onsubmit_text . ' return true;"'; } } //FIXME: NO HTML IN CORE! echo ">\n"; //FIXME: DON'T ECHO HTML FROM CORE! echo addHidden('smtoken', sm_generate_security_token()); //FIXME: DON'T ECHO HTML FROM CORE! echo addHidden('startMessage', $startMessage); if ($action == 'draft') { //FIXME: DON'T ECHO HTML FROM CORE! echo addHidden('delete_draft', $passed_id); } if (isset($delete_draft)) { //FIXME: DON'T ECHO HTML FROM CORE! echo addHidden('delete_draft', $delete_draft); } if (isset($session)) { //FIXME: DON'T ECHO HTML FROM CORE! echo addHidden('session', $session); } if (isset($passed_id)) { //FIXME: DON'T ECHO HTML FROM CORE! echo addHidden('passed_id', $passed_id); } if (isset($fwduid)) { //FIXME: DON'T ECHO HTML FROM CORE! echo addHidden('fwduid', $fwduid); } if ($saved_draft == 'yes') { $oTemplate->assign('note', _("Your draft has been saved.")); $oTemplate->display('note.tpl'); } if ($mail_sent == 'yes') { $oTemplate->assign('note', _("Your mail has been sent.")); $oTemplate->display('note.tpl'); } if ($compose_new_win == '1') { $oTemplate->display('compose_newwin_close.tpl'); } if ($location_of_buttons == 'top') { //FIXME: DON'T ECHO HTML FROM CORE! showComposeButtonRow(); } $identities = array(); if (count($idents) > 1) { reset($idents); foreach ($idents as $id => $data) { $identities[$id] = $data['full_name'] . ' <' . $data['email_address'] . '>'; } } $oTemplate->assign('identities', $identities); $oTemplate->assign('identity_def', $identity); $oTemplate->assign('input_onfocus', 'onfocus="' . join(' ', $onfocus_array) . '"'); $oTemplate->assign('to', sm_encode_html_special_chars($send_to)); $oTemplate->assign('cc', sm_encode_html_special_chars($send_to_cc)); $oTemplate->assign('bcc', sm_encode_html_special_chars($send_to_bcc)); $oTemplate->assign('subject', sm_encode_html_special_chars($subject)); // access keys... // global $accesskey_compose_to, $accesskey_compose_cc, $accesskey_compose_identity, $accesskey_compose_bcc, $accesskey_compose_subject; $oTemplate->assign('accesskey_compose_identity', $accesskey_compose_identity); $oTemplate->assign('accesskey_compose_to', $accesskey_compose_to); $oTemplate->assign('accesskey_compose_cc', $accesskey_compose_cc); $oTemplate->assign('accesskey_compose_bcc', $accesskey_compose_bcc); $oTemplate->assign('accesskey_compose_subject', $accesskey_compose_subject); $oTemplate->display('compose_header.tpl'); if ($location_of_buttons == 'between') { //FIXME: DON'T ECHO HTML FROM CORE! showComposeButtonRow(); } $body_str = ''; if ($use_signature == true && $newmail == true && !isset($from_htmladdr_search)) { $signature = $idents[$identity]['signature']; if ($sig_first == '1') { /* * FIXME: test is specific to ja_JP translation implementation. * This test might apply incorrect conversion to other translations, but * use of 7bit iso-2022-jp charset in other translations might have other * issues too. */ if ($default_charset == 'iso-2022-jp') { $body_str = "\n\n" . ($prefix_sig == true ? "-- \n" : '') . mb_convert_encoding($signature, 'EUC-JP'); } else { $body_str = "\n\n" . ($prefix_sig == true ? "-- \n" : '') . decodeHeader($signature, false, false); } $body_str .= "\n\n" . sm_encode_html_special_chars(decodeHeader($body, false, false)); } else { $body_str = "\n\n" . sm_encode_html_special_chars(decodeHeader($body, false, false)); // FIXME: test is specific to ja_JP translation implementation. See above comments. if ($default_charset == 'iso-2022-jp') { $body_str .= "\n\n" . ($prefix_sig == true ? "-- \n" : '') . mb_convert_encoding($signature, 'EUC-JP'); } else { $body_str .= "\n\n" . ($prefix_sig == true ? "-- \n" : '') . decodeHeader($signature, false, false); } } } else { $body_str = sm_encode_html_special_chars(decodeHeader($body, false, false)); } $oTemplate->assign('editor_width', (int) $editor_size); $oTemplate->assign('editor_height', (int) $editor_height); $oTemplate->assign('input_onfocus', 'onfocus="' . join(' ', $onfocus_array) . '"'); $oTemplate->assign('body', $body_str); $oTemplate->assign('show_bottom_send', $location_of_buttons != 'bottom'); // access keys... // global $accesskey_compose_body, $accesskey_compose_send; $oTemplate->assign('accesskey_compose_body', $accesskey_compose_body); $oTemplate->assign('accesskey_compose_send', $accesskey_compose_send); $oTemplate->display('compose_body.tpl'); if ($location_of_buttons == 'bottom') { //FIXME: DON'T ECHO HTML FROM CORE! showComposeButtonRow(); } // composeMessage can be empty when coming from a restored session if (is_object($composeMessage) && $composeMessage->entities) { $attach_array = $composeMessage->entities; } if ($session_expired && !empty($attachments) && is_array($attachments)) { $attach_array = $attachments; } /* This code is for attachments */ if ((bool) ini_get('file_uploads')) { /* Calculate the max size for an uploaded file. * This is advisory for the user because we can't actually prevent * people to upload too large files. */ $sizes = array(); /* php.ini vars which influence the max for uploads */ $configvars = array('post_max_size', 'memory_limit', 'upload_max_filesize'); foreach ($configvars as $var) { /* skip 0 or empty values, and -1 which means 'unlimited' */ if ($size = getByteSize(ini_get($var))) { if ($size != '-1') { $sizes[] = $size; } } } $attach = array(); global $username, $attachment_dir; $hashed_attachment_dir = getHashedDir($username, $attachment_dir); if (!empty($attach_array)) { foreach ($attach_array as $key => $attachment) { $attached_file = $attachment->att_local_name; if ($attachment->att_local_name || $attachment->body_part) { $attached_filename = decodeHeader($attachment->mime_header->getParameter('name')); $type = $attachment->mime_header->type0 . '/' . $attachment->mime_header->type1; $a = array(); $a['Key'] = $key; $a['FileName'] = $attached_filename; $a['ContentType'] = $type; $a['Size'] = filesize($hashed_attachment_dir . '/' . $attached_file); $attach[$key] = $a; } } } $max = min($sizes); $oTemplate->assign('max_file_size', empty($max) ? -1 : $max); $oTemplate->assign('attachments', $attach); // access keys... // global $accesskey_compose_attach_browse, $accesskey_compose_attach, $accesskey_compose_delete_attach; $oTemplate->assign('accesskey_compose_attach_browse', $accesskey_compose_attach_browse); $oTemplate->assign('accesskey_compose_attach', $accesskey_compose_attach); $oTemplate->assign('accesskey_compose_delete_attach', $accesskey_compose_delete_attach); $oTemplate->display('compose_attachments.tpl'); } // End of file_uploads if-block /* End of attachment code */ $oTemplate->assign('username', $username); $oTemplate->assign('smaction', $action); $oTemplate->assign('mailbox', $mailbox); sqgetGlobalVar('QUERY_STRING', $queryString, SQ_SERVER); $oTemplate->assign('querystring', $queryString); $oTemplate->assign('composesession', $composesession); $oTemplate->assign('send_button_count', unique_widget_name('send', TRUE)); if (!empty($attach_array)) { $oTemplate->assign('attachments', urlencode(serialize($attach_array))); } $aUserNotices = array(); // File uploads are off, so we didn't show that part of the form. // To avoid bogus bug reports, tell the user why. if (!(bool) ini_get('file_uploads')) { $aUserNotices[] = _("Because PHP file uploads are turned off, you can not attach files to this message. Please see your system administrator for details."); } $oTemplate->assign('user_notices', $aUserNotices); $oTemplate->display('compose_form_close.tpl'); if ($compose_new_win == '1') { $oTemplate->display('compose_newwin_close.tpl'); } $oErrorHandler->setDelayedErrors(false); $oTemplate->display('footer.tpl'); }