function AtmailGlobal()
{
$this->Global_Base();
global $pref;
// Adjust memory limit
if (!$this->isset_chk($pref['memory_limit']) || $pref['memory_limit'] < 96) {
$pref['memory_limit'] = 96;
}
ini_set('memory_limit', "{$pref['memory_limit']}M");
// Adjust max message size
if (!$this->isset_chk($pref['max_msg_size'])) {
$pref['max_msg_size'] = '16';
}
// Max exectuion time, increase, for slow responding POP3/IMAP servers
ini_set('max_execution_time', "180");
AtmailGlobal::do_branding();
}
// +----------------------------------------------------------------+
// | videomail.php |
// +----------------------------------------------------------------+
// | Function: Get a Video-Stream ID from video.atmail.com |
// | This is a wrapper function to communicate to the Videomail |
// | server since Ajax calls do not allow cross domain due to |
// | security settings |
// +----------------------------------------------------------------+
// | AtMail Open - Licensed under the Apache 2.0 Open-source License|
// | http://opensource.org/licenses/apache2.0.php |
// +----------------------------------------------------------------+
require_once 'header.php';
require_once 'Global.php';
require_once 'Session.php';
session_start();
$atmail = new AtmailGlobal();
$auth =& $atmail->getAuthObj();
$atmail->httpheaders();
$atmail->status = $auth->getuser();
$atmail->username = $auth->get_username();
$atmail->pop3host = $auth->get_pop3host();
// Print the error screen if the account has auth errors, or session timeout.
if ($atmail->status == 1) {
$atmail->auth_error();
}
if ($atmail->status == 2) {
$atmail->session_error();
}
$func = $_REQUEST['func'];
// If we auth, grab the StreamID
$UniqueID = $_REQUEST['UniqueID'];
<?php
// +----------------------------------------------------------------+
// | showmail.php |
// +----------------------------------------------------------------+
// | AtMail Open - Licensed under the Apache 2.0 Open-source License|
// | http://opensource.org/licenses/apache2.0.php |
// +----------------------------------------------------------------+
require_once 'header.php';
require_once 'Global.php';
require_once 'GetMail.php';
require_once 'Language.php';
require_once 'Session.php';
session_start();
$var = $size = $msgmove = $d = $h = array();
$atmail = new AtmailGlobal();
$auth = $atmail->getAuthObj();
$atmail->status = $auth->getuser();
$atmail->username = $auth->get_username();
$atmail->pop3host = $auth->get_pop3host();
// check for language version
if (!isset($atmail->Language) && strlen($atmail->Language) > 0) {
$atmail->Language = $pref['Language'];
}
// Print the error screen if the account has auth errors, or session timeout.
if ($atmail->status == 1) {
$atmail->auth_error();
}
if ($atmail->status == 2) {
$atmail->session_error();
}
require_once 'Log.php';
require_once 'ReadMsg.php';
// We dont want to have a short session timeout for sendmail.php as
// the user may take a while to compose their message. Therefore
// we need to alter the $pref['session_timeout'] value. This must
// be done BEFORE session_start() is called so that session GC
// does not clear the session data. Lets give them 24 hours to
// compose their message.
if ($pref['session_timeout'] < 86400) {
$pref['session_timeout'] = 86400;
}
session_start();
// For IMAP append feature
require_once 'GetMail.php';
$var = array();
$atmail = new AtmailGlobal();
$auth =& $atmail->getAuthObj();
// Print the XML header for the Ajax interface
if ($atmail->Ajax) {
header('Content-Type: xml');
} else {
$atmail->httpheaders();
}
$atmail->status = $auth->getuser($atmail->SessionID);
$atmail->username = $auth->username;
$atmail->pop3host = $auth->pop3host;
// Print the error screen if the account has auth errors
if ($atmail->status == 1) {
$atmail->auth_error();
} elseif ($atmail->status == 2) {
$atmail->session_error();
<?php
// +----------------------------------------------------------------+
// | spell.php |
// +----------------------------------------------------------------+
// | Function: Spell check an email message |
// +----------------------------------------------------------------+
// | AtMail Open - Licensed under the Apache 2.0 Open-source License|
// | http://opensource.org/licenses/apache2.0.php |
// +----------------------------------------------------------------+
require_once 'header.php';
require_once 'Session.php';
require_once 'Global.php';
session_start();
$atmail = new AtmailGlobal();
$auth =& $atmail->getAuthObj();
$atmail->status = $auth->getuser($atmail->SessionID);
$atmail->username = $auth->username;
$atmail->pop3host = $auth->pop3host;
// Print the error screen if the account has auth errors, or session timeout.
if ($atmail->status == 1) {
header("Content-type: text/xml; charset: utf-8");
echo "<Error>Athentication Error</Error>";
$atmail->end();
}
if ($atmail->status == 2) {
header("Content-type: text/xml; charset: utf-8");
echo "<Error>Session errror</Error>";
$atmail->end();
}
// Load the account preferences
function rcptOK($user)
{
global $domains;
list($uname, $dom) = explode('@', $user);
if (empty($uname) || empty($dom)) {
return false;
}
if (AtmailGlobal::isset_chk($domains[$dom])) {
// Check for non-existant local users
if (!$this->sql->sqlgetfield("select Account from UserSession where Account=?", $user)) {
return false;
}
// Check if recipient has whitelist on
$res = $this->sql->sqlgetfield('select distinct value from SpamSettings where (username=? or username="******") and preference="whitelist_only" and value="1"', $user);
if ($res == 1) {
// Whitelisting is on so check for sender
$query = 'SELECT DISTINCT value from SpamSettings where ( username=? or username="******" ) and preference="whitelist_from" and ( value=? OR value=? )';
$senderDom = strstr($this->EmailFrom, '@');
$data = array($user, $this->EmailFrom, $senderDom);
$res = $this->sql->sqlgetfield($query, $data);
if (empty($res)) {
return false;
}
}
}
return true;
}
// | http://opensource.org/licenses/apache2.0.php |
// +----------------------------------------------------------------+
require_once 'header.php';
require_once 'Global.php';
// Check for account sent as one string
if (isset($_REQUEST['account'])) {
list($_REQUEST['username'], $_REQUEST['pop3host']) = explode('@', $_REQUEST['account']);
}
// sanitize some vars
if (isset($_REQUEST['username'])) {
$_REQUEST['username'] = htmlspecialchars($_REQUEST['username']);
}
if (isset($_REQUEST['pop3host'])) {
$_REQUEST['pop3host'] = htmlspecialchars($_REQUEST['pop3host']);
}
$atmail = new AtmailGlobal();
$atmail->getAuthObj(false);
$atmail->auth();
// Only start session if user is authentcated
require_once 'Session.php';
session_start();
// force refresh of imap folder cache
// so we see all folders once logged in
$_SESSION['ForceImapRefresh'] = 1;
$atmail->auth->update_session();
$_SESSION['auth'] =& $atmail->auth;
$lang = $atmail->logintype();
$atmail->loadprefs();
// Toggle which MailType to use. IMAP or POP3
$atmail->mailtype();
$atmail->Language = $lang ? $lang : $_REQUEST['Language'];
/** For future use
if (isset($_REQUEST['mode']) && !empty($_REQUEST['mode'])) {
$file = $_REQUEST['mode'] . '.php';
if (file_exists($file)) {
include($file);
$atmail->end();
}
}
*/
$var = array();
if (strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false) {
$var['browser'] = "ie";
} else {
$var['browser'] = "ns";
}
$atmail = new AtmailGlobal();
$var['func'] = $_REQUEST['func'];
$var['version'] = $pref['version'];
if (!$atmail->Language) {
$atmail->Language = $atmail->param('Language');
}
// If the user if logging off, print a cookie header with
// a blank SessionID. Delete the Session for the DB too
if ($var['func'] == "logout") {
require_once 'Session.php';
session_start();
$auth =& $atmail->getAuthObj();
// Find the users current settings, if to delete the trash on logout
//$atmail->cookie_read($auth);
//$auth->getuser();
$atmail->username = $auth->username;
// | Function: Read an email message |
// +----------------------------------------------------------------+
// | AtMail Open - Licensed under the Apache 2.0 Open-source License|
// | http://opensource.org/licenses/apache2.0.php |
// +----------------------------------------------------------------+
require_once 'header.php';
require_once 'Global.php';
require_once 'ReadMsg.php';
require_once 'SendMsg.php';
require_once 'Session.php';
session_start();
if (isset($_REQUEST['DisplayImages']) && $_REQUEST['DisplayImages'] == 1) {
$_SESSION['DisplayImages'][] = $_REQUEST['id'];
}
$var = array();
$atmail = new AtmailGlobal();
$auth =& $atmail->getAuthObj();
// If we are exporting an email, pring the correct header, otherwise proceed as normal
if (isset($_REQUEST['rawemail'])) {
require_once 'GetMail.php';
$getmail = new GetMail();
$time = time($getmail->calc_timezone(time()));
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Content-Type: message/rfc822; name=\"rawemail-{$time}.eml");
header("Content-Disposition: attachment; filename=\"rawemail-{$time}.eml");
header('Content-Transfer-Encoding: binary');
header("Pragma: ");
} else {
$atmail->httpheaders();
}
$atmail->status = $auth->getuser($atmail->SessionID);
function escape_pathname($path)
{
return AtmailGlobal::escape_pathname($path);
}
// +----------------------------------------------------------------+
require_once 'header.php';
require_once 'Session.php';
require_once 'Global.php';
require_once 'GetMail.php';
require_once 'Language.php';
session_start();
// get the requested function
$var['func'] = $_REQUEST['func'];
$func = "util_{$var['func']}";
if (!function_exists($func)) {
$func = str_replace("<", "<", $func);
$func = str_replace(">", ">", $func);
die("requested function '{$func}' does not exist");
}
$atmail = new AtmailGlobal();
$auth =& $atmail->getAuthObj();
$var = array();
$atmail->status = $auth->getuser($atmail->SessionID);
$atmail->username = $auth->username;
$atmail->pop3host = $auth->pop3host;
// Print the error screen if the account has auth errors, or session timeout.
if ($atmail->status == 1) {
$atmail->auth_error();
}
if ($atmail->status == 2) {
$atmail->session_error();
}
// Load the account preferences
$atmail->loadprefs(1);
if ($var['func'] != 'rename' && $var['func'] != 'delfolderxp') {
// +----------------------------------------------------------------+
// | parse.php |
// +----------------------------------------------------------------+
// | Function: Open a file, parse embeded $vars and customize for |
// | user |
// +----------------------------------------------------------------+
// | AtMail Open - Licensed under the Apache 2.0 Open-source License|
// | http://opensource.org/licenses/apache2.0.php |
// +----------------------------------------------------------------+
require_once 'header.php';
require_once 'GetMail.php';
require_once 'Session.php';
require_once 'Global.php';
session_start();
$type = $var = array();
$atmail = new AtmailGlobal();
$auth =& $atmail->getAuthObj();
$filename = preg_replace("/[^a-z0-9\\-\\/._\$>]/i", "", $_REQUEST['file']);
$redirect = $_REQUEST['redirect'];
$_REQUEST['func'] = preg_replace("/[^a-z0-9]/i", "", $_REQUEST['func']);
// No auth necessary to display login page
if ($filename == 'html/login-light.html') {
echo $atmail->parse('html/login-light.html');
$atmail->end();
}
$atmail->status = $auth->getuser();
// Print the error screen if the account has auth errors, or session timeout.
// Ignore if user not authenticated, but wants to view the help documentation
if (preg_match('/html\\/(.*?)\\/help\\/(.*?\\.html)/', $filename)) {
} elseif ($atmail->status == 1) {
$atmail->auth_error();
// | Add / Edit / Delete users in the address-book |
// +----------------------------------------------------------------+
// | AtMail Open - Licensed under the Apache 2.0 Open-source License|
// | http://opensource.org/licenses/apache2.0.php |
// +----------------------------------------------------------------+
require_once 'header.php';
require_once 'Session.php';
require_once 'Global.php';
require_once 'Abook.class.php';
require_once 'GetMail.php';
session_start();
// Set some override for $abook->limit
// useful for contact pane in adv int
// and select list in group creation
$abookLimitOverride = is_numeric($pref['AbookLimitOverride']) ? $pref['AbookLimitOverride'] : '99999';
$atmail = new AtmailGlobal();
$auth =& $atmail->getAuthObj();
$var = array();
// Load which function we run
$var['func'] = $_REQUEST['func'];
// If exporting the addressbook print a different content-type
if ($var['func'] == 'export') {
header("Content-Type: application/octet-stream; name=\"abook.csv\"\n");
header("Content-Disposition: attachment; filename=\"abook.csv\"\n\n");
header("Pragma: ");
} elseif ($var['func'] == 'quicksearch') {
// Print an XML header for the quicksearch ( required for some setups )
if (strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false) {
header('Content-Type: text/html');
} else {
header('Content-Type: xml');
// | http://opensource.org/licenses/apache2.0.php |
// +----------------------------------------------------------------+
require_once 'header.php';
require_once 'Session.php';
require_once 'Global.php';
require_once 'GetMail.php';
session_start();
// Keep a storage of the months in a hash. Used to reformat the search date
$month = array('01' => 'Jan', '02' => 'Feb', '03' => 'Mar', '04' => 'Apr', '05' => 'May', '06' => 'Jun', '07' => 'Jul', '08' => 'Aug', '09' => 'Sep', '10' => 'Oct', '11' => 'Nov', '12' => 'Dec');
// Load which function we run
if (isset($_REQUEST['func'])) {
$func = $_REQUEST['func'];
} else {
$func = '';
}
$atmail = new AtmailGlobal();
$auth =& $atmail->getAuthObj();
$atmail->httpheaders();
$atmail->status = $auth->getuser($atmail->SessionID);
$atmail->username = $auth->username;
$atmail->pop3host = $auth->pop3host;
// check for language version
if (!$atmail->Language) {
$atmail->Language = $pref['Language'];
}
// Load the account preferences
$atmail->loadprefs();
// If using the XUL interface, toggle to use the XP HTML templates
if ($atmail->LoginType == 'xul') {
$atmail->LoginType = 'xp';
if (!$func) {
function importupload()
{
global $pref, $atmail;
//check file size is not too large
if ($_FILES['fileupload']['size'] > $pref['max_msg_size'] * 1048576) {
$this->jsalert = 'csv_import_file_oversize';
return false;
}
// Check file extension
if (!preg_match('/\\.(csv|txt)$/i', $_FILES['fileupload']['name'])) {
$this->jsalert = 'csv_import_bad_filetype';
return false;
}
// Lets do a further (lame) check to test that this IS a csv file
// Just read in first few lines and check format - we require
// at least 2 entries (e.g email_address, first_name) per line
$fh = fopen($_FILES['fileupload']['tmp_name'], 'r');
$del = $this->_get_csv_delimiter($fh);
$row = 0;
while ($row < 5 && ($data = fgetcsv($fh, 10000, $del)) !== FALSE) {
// ignore bank lines
if (is_null($data[0]) || count($data) == 1 && empty($data[0])) {
continue;
}
if (count($data) < 2) {
$this->jsalert = 'csv_import_bad_filetype';
return false;
}
$row++;
}
fclose($fh);
// File appears empty
if ($row == 0 || $row == 1 && isset($_REQUEST['ColumnType'])) {
$this->jsalert = 'csv_import_file_empty';
return false;
}
$filename = $_FILES['fileupload']['name'];
$pathname = AtmailGlobal::escape_pathname($atmail->tmpdir . "{$atmail->Account}-{$filename}");
if (file_exists($pathname)) {
$pathname = AtmailGlobal::escape_pathname($atmail->tmpdir . "{$atmail->Account}" . getmypid() . $filename);
}
if (move_uploaded_file($_FILES['fileupload']['tmp_name'], $pathname)) {
$this->Import = str_replace($atmail->tmpdir, '', $pathname);
} else {
$this->jsalert = 'csv_import_failed';
return false;
}
return true;
}
// | compose.php |
// +----------------------------------------------------------------+
// | AtMail Open - Licensed under the Apache 2.0 Open-source License|
// | http://opensource.org/licenses/apache2.0.php |
// +----------------------------------------------------------------+
require_once 'header.php';
require_once 'Session.php';
require_once 'Global.php';
require_once 'Log.php';
require_once 'SendMsg.php';
require_once 'Mail/RFC822.php';
session_start();
// get global settings from config file
global $settings, $pref;
$var = array();
$atmail = new AtmailGlobal();
$auth =& $atmail->getAuthObj();
$atmail->httpheaders();
$atmail->status = $auth->getuser($atmail->SessionID);
$atmail->username = $auth->username;
$atmail->pop3host = $auth->pop3host;
// check for language version
if (!$atmail->Language) {
$atmail->Language = $pref['Language'];
}
// Print the error screen if the account has auth errors, or session timeout.
if ($atmail->status == 1) {
$atmail->auth_error();
}
if ($atmail->status == 2) {
$atmail->session_error();
$mime['rtx'] = "text/richtext";
$mime['tsv'] = "text/tab-separated-values";
$mime['etx'] = "text/x-setext";
$mime['sgml'] = "text/x-sgml";
$mime['sgm'] = "text/x-sgml";
$mime['mpeg'] = "video/mpeg";
$mime['mpg'] = "video/mpeg";
$mime['mpe'] = "video/mpeg";
$mime['qt'] = "video/quicktime";
$mime['mov'] = "video/quicktime";
$mime['avi'] = "video/x-msvideo";
$mime['movie'] = "video/x-sgi-movie";
$mime['ice'] = "x-conference/x-cooltalk";
$mime['wrl'] = "x-world/x-vrml";
$mime['vrml'] = "x-world/x-vrml";
$atmail = new AtmailGlobal();
$auth =& $atmail->getAuthObj();
$atmail->status = $auth->getuser($atmail->SessionID);
// Print the error screen if the account has auth errors, or session timeout.
if ($atmail->status == 1) {
$atmail->auth_error();
}
if ($atmail->status == 2 && !preg_match('/xhtml/i', $_REQUEST['whoscalling'])) {
$atmail->session_error();
}
$var['src'] = rawurldecode($_REQUEST['file']);
$var['src'] = preg_replace('/^.+[\\\\\\/]/', '', $var['src']);
// Don't allow to go down a dir, sanity check
$tmpfile = $pref['user_dir'] . "/tmp/" . $atmail->auth->get_account() . "/" . $var['src'];
// Exit if no pathname is defined
if (!$var['src']) {