}
if ($func != 'searchhelp') {
// Print the error screen if the account has auth errors, or session timeout.
if ($atmail->status == 1) {
$atmail->auth_error();
}
if ($atmail->status == 2) {
$atmail->session_error();
}
}
if (!$atmail->Langage && !$atmail->LoginType) {
$atmail->Language = $settings['Language'];
$atmail->LoginType = 'xp';
}
$var['newfolder'] = $_REQUEST['NewFolder'];
$var['atmailstyle'] = $atmail->parse("html/{$atmail->Language}/{$atmail->LoginType}/atmailstyle.css");
$var['atmailstyle'] .= $atmail->parse("html/{$atmail->Language}/{$atmail->LoginType}/atmailstyle-form.css");
$var['mailstyle'] = $atmail->parse("html/{$atmail->Language}/{$atmail->LoginType}/atmailstyle-mail.css");
// Make a new mail object, used to search and list the users folders
$mail = new GetMail(array('Username' => $atmail->username, 'Pop3host' => $atmail->pop3host, 'Password' => $auth->password, 'Type' => $atmail->MailType, 'Mode' => $atmail->Mode));
// Load an array of msgs selected to be moved
$msgs = $_REQUEST['id'];
// If a value exists in the array, start to move the messages.
if ($msgs[0]) {
$mail->login();
// Loop through the selected msgs to move, the new folder to move to
// is seperated by :: . e.g 56::Trash , msg 56 from the Trash folder
foreach ($msgs as $id) {
if (preg_match('/::(.*)/', $id, $m)) {
$folder = $m[1];
}
$atmail->auth_error();
}
if ($atmail->status == 2) {
$atmail->session_error();
}
// Which function
$var['func'] = $_REQUEST['func'];
// Check for an attachment upload that has gone over post_max_size
// Set func to 'attachment' as $_POST will be empty.
if (isset($_GET['sending_attachment']) && !count($_POST) && !count($_FILES)) {
$var['func'] = 'attachment';
}
// Load the account preferences
$atmail->loadprefs();
// Parse the users custom stylesheet
$var['atmailstyle'] = $atmail->parse("html/{$atmail->Language}/{$atmail->LoginType}/atmailstyle.css");
// Load the time to display in the compose window
$var['localtime'] = strftime("%c");
// Create a unique number - Each compose screen is unique. Used to
// reference which attachments are for what window. Based on the
// PID and a random number.
$var['unique'] = $atmail->param_escape('unique');
$var['delete'] = $_REQUEST['delete'];
if (!$var['unique']) {
$var['unique'] = getmypid() + rand(0, 1000);
}
// Avoid any fake/malformed unique ID, e.g ../ in pathname
$var['unique'] = basename($var['unique']);
// see if something is cached
if (file_exists($atmail->tmpdir . ".ht{$auth->SessionID}")) {
$var['PgpPass'] = 1;
} else {
$atmail->httpheaders();
}
$atmail->status = $auth->getuser($atmail->SessionID);
$atmail->username = $auth->username;
$atmail->pop3host = $auth->pop3host;
// Print the error screen if the account has auth errors
if ($atmail->status == 1) {
$atmail->auth_error();
} elseif ($atmail->status == 2) {
$atmail->session_error();
}
// Load the account preferences
$atmail->loadprefs();
// Parse the users custom stylesheet
$var['atmailstyle'] = $atmail->parse("html/{$atmail->Language}/{$atmail->LoginType}/atmailstyle.css");
// Create a new log object
if (!$_REQUEST['Draft']) {
$log = new Log(array('Account' => "{$atmail->username}@{$atmail->pop3host}"));
$num = $log->logcheck('SendMail', $_SERVER['REMOTE_ADDR'], "{$atmail->username}@{$atmail->pop3host}");
if ($num > $pref['filter_max_msgs'] && $pref['filter_max_msgs'] > 1) {
print $atmail->parse("html/{$atmail->Language}/auth_spammer.html");
$log->write_log('Error', "Spam Detected from {$_SERVER['REMOTE_ADDR']} : {$num} msgs sent");
$atmail->end();
}
}
// Calculate the height of the menubar ( if the Webadmin user toggles off certain features )
$h = $atmail->calcmenu_height();
foreach ($h as $k => $v) {
$var[$k] = $v;
}
// check for language version
if (!isset($atmail->Language) && strlen($atmail->Language) > 0) {
$atmail->Language = $pref['Language'];
}
// Print the error screen if the account has auth errors, or session timeout.
if ($atmail->status == 1) {
$atmail->auth_error();
}
if ($atmail->status == 2) {
$atmail->session_error();
}
$atmail->httpheaders();
// Load the account preferences
$atmail->loadprefs();
// Parse the users custom stylesheet
$var['atmailstyle'] = $atmail->parse("html/{$atmail->Language}/{$atmail->LoginType}/atmailstyle.css");
$var['mailstyle'] = $atmail->parse("html/{$atmail->Language}/{$atmail->LoginType}/atmailstyle-mail.css");
$var['folder'] = $atmail->escape_html($_REQUEST['Folder'], false);
$var['newfolder'] = $atmail->escape_html(urldecode($_REQUEST['NewFolder']), false);
$var['acc'] = $acc;
if ($_REQUEST['sort']) {
$var['sort'] = $_REQUEST['sort'];
} elseif ($atmail->MboxOrder) {
$var['sort'] = $atmail->MboxOrder;
} else {
$var['sort'] = 'id';
}
$var['order'] = $_REQUEST['order'] ? $_REQUEST['order'] : '';
$var['order'] = Filter::stringMatch($var['order'], array('desc', 'asc'));
$var['flag'] = $_REQUEST['Flag'];
$var['XML'] = $_REQUEST['XML'];
}
// If the user if logging off, print a cookie header with
// a blank SessionID. Delete the Session for the DB too
if ($var['func'] == "logout") {
require_once 'Session.php';
session_start();
$auth =& $atmail->getAuthObj();
// Find the users current settings, if to delete the trash on logout
//$atmail->cookie_read($auth);
//$auth->getuser();
$atmail->username = $auth->username;
$atmail->pop3host = $auth->pop3host;
$atmail->SessionID = $auth->SessionID;
//$atmail->cookie_header_delete();
if (!$pref['opensource']) {
$var['ErrorHead'] = $atmail->parse("html/{$atmail->Language}/msg/logoff.html");
$var['ErrorHead'] .= "<script language='Javascript'>window.focus();</script>";
}
$atmail->clean_tmp();
// clear tmp directory
if ($handle = opendir($pref['install_dir'] . '/tmp/')) {
while (false !== ($file_name = readdir($handle))) {
if ($file_name != "." && $file_name != ".." && $file_name != '.htaccess' && is_file($file_name)) {
if (strtotime("+ 180 seconds") > fileatime($file_name)) {
unlink($file_name);
}
}
}
closedir($handle);
}
// If we have expunge on logout ( e.g PDMF IMAP server)
if ($_REQUEST['ignore'] || $_REQUEST['change'] && $_REQUEST['wordreplace']) {
// Ignore the word
$spellChecker->ignoreWord($_REQUEST['wordreplace']);
}
// spell check the email
$_REQUEST['emailmessage'] = str_replace(array('<br>', '<BR>', '<br/>', '<BR/>', '</p>', '</P>'), "\n", $_REQUEST['emailmessage']);
// Remove any html entities and tags
$_REQUEST['emailmessage'] = preg_replace('/&\\w+;/', '', $_REQUEST['emailmessage']);
$_REQUEST['emailmessage'] = strip_tags($_REQUEST['emailmessage']);
// Remove punctuation such as , ; :
//$_REQUEST['emailmessage'] = preg_replace('/[^a-zA-Z\-]+/', ' ', $_REQUEST['emailmessage']);
foreach (explode("\n", $_REQUEST['emailmessage']) as $line) {
$words = array_unique(preg_split('/\\s+/', $line));
foreach ($words as $word) {
if (preg_match('/[a-zA-Z]+/', $word)) {
$spellChecker->check($word);
}
}
}
if ($spellChecker->haveErrors()) {
$result = $spellChecker->getSuggestions();
if (is_array($result)) {
$var['atmailstyle'] = $atmail->parse("html/{$atmail->Language}/simple/atmailstyle.css");
echo $atmail->parse("html/{$atmail->Language}/{$atmail->LoginType}/spellcheck.html", $result, $var);
} else {
header("Content-type: text/xml; charset: utf-8");
echo $result;
}
}
$spellChecker->close();
$atmail->end();
$var = array();
$atmail->httpheaders();
$atmail->status = $auth->getuser($atmail->SessionID);
$atmail->username = $auth->username;
$atmail->pop3host = $auth->pop3host;
// Print the error screen if the account has auth errors, or session timeout.
if ($atmail->status == 1) {
$atmail->auth_error();
}
if ($atmail->status == 2) {
$atmail->session_error();
}
// Load the account preferences
$atmail->loadprefs();
// Parse the users custom stylesheet
$var['atmailstyle'] = $atmail->parse("html/{$atmail->Language}/{$atmail->LoginType}/atmailstyle.css");
$var['atmailstyle'] .= $atmail->parse("html/{$atmail->Language}/{$atmail->LoginType}/atmailstyle-form.css");
$var['atmailstyle'] .= $atmail->parse("html/{$atmail->Language}/{$atmail->LoginType}/atmailstyle-mail.css");
include 'snippets/quota_bar.php';
if (!$_REQUEST['func']) {
$var['search'] = $_REQUEST['search'];
echo $atmail->parse("html/{$atmail->Language}/{$atmail->LoginType}/ldap.html", $var);
$atmail->end();
}
// apend '_ldap_' to the function name passed via $_REQUEST so that
// user cannot call some arbitrary function such as 'phpinfo()'
$func = '_ldap_' . $_REQUEST['func'];
// check that the requested function exists then call it
if (function_exists($func)) {
$func();
} else {
$atmail->pop3host = $auth->pop3host;
// check for language version
if (!$atmail->Language) {
$atmail->Language = $pref['Language'];
}
// Print the error screen if the account has auth errors, or session timeout.
if ($atmail->status == 1) {
$atmail->auth_error();
}
if ($atmail->status == 2) {
$atmail->session_error();
}
// Load the account preferences
$atmail->loadprefs();
// Parse the users custom stylesheet
$var['atmailstyle'] = $atmail->parse("html/{$atmail->Language}/{$atmail->LoginType}/atmailstyle.css");
$var['atmailstyle'] .= $atmail->parse("html/{$atmail->Language}/{$atmail->LoginType}/atmailstyle-form.css");
// Which email to read
$var['id'] = $_REQUEST['id'];
$var['folder'] = urldecode($_REQUEST['folder']);
$var['print'] = $_REQUEST['print'];
$var['cache'] = $_REQUEST['cache'];
$var['head'] = $_REQUEST['head'];
$var['rawemail'] = $_REQUEST['rawemail'];
if (file_exists($atmail->tmpdir . ".ht." . $auth->SessionID) || $_REQUEST['pgppass']) {
$var['PgpPass'] = 1;
}
// LeaveMsgs = 0 is not spported as yet
$atmail->LeaveMsgs = 1;
// Specify to open mail messages in new window, or parent location
$type = $atmail->LoginType == "simple" ? 1 : 0;
if ($atmail->status == 1) {
$atmail->auth_error();
}
if ($atmail->status == 2) {
$atmail->session_error();
}
// Load the account preferences
$atmail->loadprefs(1);
if ($var['func'] != 'rename' && $var['func'] != 'delfolderxp') {
$atmail->httpheaders();
}
$var['languagebox'] = $atmail->languages(2);
$var['languagebox'] = str_replace("value='{$atmail->Language}'", "value='{$atmail->Language}' selected", $var['languagebox']);
$var['languagebox'] = str_replace("<select", "<select class=\"select\"", $var['languagebox']);
$mail = new GetMail(array('Username' => $atmail->username, 'Pop3host' => $atmail->pop3host, 'Password' => $auth->password, 'Mode' => $atmail->Mode, 'Type' => $atmail->MailType));
$var['atmailstyle'] = $atmail->parse("html/{$atmail->Language}/{$atmail->LoginType}/atmailstyle.css");
$var['atmailstyle'] .= $atmail->parse("html/{$atmail->Language}/{$atmail->LoginType}/atmailstyle-form.css");
include 'snippets/quota_bar.php';
// now call the requested function
$func();
$atmail->end();
function util_info()
{
global $mail, $atmail, $var, $domains;
$mail->login();
$reload = false;
// We keep the folder info in session to speed up page loading as
// when we have large folders this can take a while. Data stays valid
// for 15 minutes
//if (isset($_SESSION['folderinfo']) && ($_SESSION['folderinfo']['created'] < (time() - 900))) {
// unset($_SESSION['folderinfo']);
// | http://opensource.org/licenses/apache2.0.php |
// +----------------------------------------------------------------+
require_once 'header.php';
require_once 'GetMail.php';
require_once 'Session.php';
require_once 'Global.php';
session_start();
$type = $var = array();
$atmail = new AtmailGlobal();
$auth =& $atmail->getAuthObj();
$filename = preg_replace("/[^a-z0-9\\-\\/._\$>]/i", "", $_REQUEST['file']);
$redirect = $_REQUEST['redirect'];
$_REQUEST['func'] = preg_replace("/[^a-z0-9]/i", "", $_REQUEST['func']);
// No auth necessary to display login page
if ($filename == 'html/login-light.html') {
echo $atmail->parse('html/login-light.html');
$atmail->end();
}
$atmail->status = $auth->getuser();
// Print the error screen if the account has auth errors, or session timeout.
// Ignore if user not authenticated, but wants to view the help documentation
if (preg_match('/html\\/(.*?)\\/help\\/(.*?\\.html)/', $filename)) {
} elseif ($atmail->status == 1) {
$atmail->auth_error();
} elseif ($atmail->status == 2) {
$atmail->session_error();
}
if ($redirect) {
$redirect = str_replace('&', '&', $redirect);
$redirect = str_replace('$', '/', $redirect);
// Unsure why this is implemented, might be used, verify
$var['UserInfo'] = strip_tags($var['UserInfo']);
// Take away any HTML characters
$var['UserPgpKey'] = htmlentities($_REQUEST['UserPgpKey']);
$var['WriteSelectedGroups'] = htmlentities($_REQUEST['WriteSelectedGroups']);
$var['WriteSelectedUsers'] = htmlentities($_REQUEST['WriteSelectedUsers']);
$var['ReadSelectedGroups'] = htmlentities($_REQUEST['ReadSelectedGroups']);
$var['ReadSelectedUsers'] = htmlentities($_REQUEST['ReadSelectedUsers']);
$var['abookview'] = $_REQUEST['type'] ? $_REQUEST['type'] : $_REQUEST['abookview'];
$var['abookview'] = Filter::stringMatch(strtolower($var['abookview']), array('global', 'shared', 'personal'));
$var['order'] = htmlentities($_REQUEST['order']);
include 'snippets/quota_bar.php';
$abook = new Abook(array('Account' => "{$atmail->username}@{$atmail->pop3host}"));
// Decide the amount of entries to display
$amount = '50';
$abook->limit = $amount;
$var['atmailstyle'] = $atmail->parse("html/{$atmail->Language}/{$atmail->LoginType}/atmailstyle.css");
$var['atmailstyle'] .= $atmail->parse("html/{$atmail->Language}/{$atmail->LoginType}/atmailstyle-mail.css");
// Append the form/input/select stylesheet
$var['atmailstyle'] .= $atmail->parse("html/{$atmail->Language}/{$atmail->LoginType}/atmailstyle-form.css");
// Delete any users
if ($_REQUEST['del'] && (!$atmail->XUL && !$_REQUEST['delmulti'])) {
$var['user'] = $_REQUEST['email'];
$abook->delete($var['user'], $var['id']);
// Delete the group if specified
if ($_REQUEST['group']) {
$abook->deletegroup($var['user']);
}
$var['status'] = "Deleted {$var['user']} - ";
}
// delete group(s)/user(s) from address books
if (($_REQUEST['del'] || $_REQUEST['delgroup']) && ($atmail->XUL || $_REQUEST['delmulti'])) {
