", $dsp);
- $dsp = eregi_replace("<excerpt>", "
", $dsp);
- $dsp = eregi_replace("</excerpt>", "
", $dsp);
- /* Lang: Language is ignored */
- $dsp = eregi_replace("<lang><param>[^&]*</param>", "", $dsp);
- $dsp = eregi_replace("</lang>", "", $dsp);
- /* FontFamily */
- $dsp = eregi_replace("<fontfamily><param>([^&]*)</param>", "", $dsp);
- $dsp = eregi_replace("</fontfamily>", "", $dsp);
- /* color */
- while (eregi("<color><param>([^&]*)</param>", $dsp, $regs))
- {
- // regs[1] = xxxx,yyyy,zzzz or colorname
- $c = explode(",", $regs[1]);
- if (count($c) == 1)
- $color = $c[0];
- else
- {
- // First 2 chars of 4char hex string is string /256
- $color = "#" .
- substr($c[0], 0, 2) .
- substr($c[1], 0, 2) .
- substr($c[2], 0, 2);
- }
- $dsp = eregi_replace("<color><param>[^&]*</param>", "", $dsp);
- }
- $dsp = eregi_replace("</color>", "", $dsp);
- /* Now remove any unrecognised s */
- $dsp = eregi_replace("<param>[^&]*</param>", "", $dsp);
- /* And last, remove any unknown tags */
- $dsp = eregi_replace("<[^&]*>", "", $dsp);
- /* Now finish the work on << */
- $dsp = eregi_replace("<", "<", $dsp);
- /* Do the newlines */
- while (ereg("\n\n", $dsp))
- $dsp = ereg_replace("\n\n", "
\n", $dsp);
- while (ereg("\r\n\r\n", $dsp))
- $dsp = ereg_replace("\r\n\r\n", "
\r\n", $dsp);
- /* text/enriched must start with filled text according to RFC */
- $dsp = "$dsp
";
- return $dsp;
-}
-
-function make_safe_html($dsp)
-{
- $hidetag = array (
- '!doctype',
- 'html',
- 'head',
- 'meta',
- 'body'
- );
- foreach ($hidetag as $tag)
- {
- $dsp = eregi_replace("<\\s*(/?)\\s*$tag([^>]*)>",
- "", $dsp);
- }
- $hideelt = array (
- 'title',
- 'style'
- );
- foreach ($hideelt as $tag)
- {
- $dsp = eregi_replace("<\\s*$tag([^>]*)>",
- "", $dsp);
- }
- return $dsp;
-}
-
-function do_inline_display($msgnum, $part_no, $encoding, $charset, $type, $safe = 0)
-{
- global $mailbox, $msgnum;
- global $folder;
-
- /* $safe means: Safe to display in an HTML form.
- not safe is largely unchanged. */
-
- $dsp = imap_fetchbody($mailbox, $msgnum, $part_no);
- if ($encoding == "base64") {
- $dsp = imap_base64($dsp);
- }
- if ($encoding == "qprint") {
- $dsp = my_imap_qprint($dsp);
- }
- if (!$safe)
- {
- /* Done, no further processing. */
- echo $dsp;
- }
- else
- {
- $dsp = make_utf8($dsp, $charset);
- if (strtolower($type) == "text/plain")
- {
- /* For text/plain we assume the user took care of line breaks;
- */
- $dsp = htmlspecialchars($dsp);
- $dsp = make_clickable($dsp);
- echo "$dsp
";
- }
- else if (strtolower($type) == "text/enriched")
- {
- $dsp = enriched_to_html($dsp);
- echo $dsp;
- }
- else if (strtolower($type) == "text/html")
- {
- $struct = imap_fetchstructure($mailbox, $msgnum);
- while (ereg("cid:([^\"]*)", $dsp, $regs))
- {
- $dsp = ereg_replace("cid:" . $regs[1], cid_name($struct, $regs[1]), $dsp);
- }
- $dsp = make_safe_html($dsp);
- echo $dsp;
- }
- else
- {
- /* For unknown types, we just display exactly as sent, so here
- we do use . */
- $dsp = htmlspecialchars($dsp);
- echo "\n$dsp
\n";
- }
- }
-}
-
-function inline_display($de_part, $part_no)
-{
- global $mailbox, $msgnum, $folder;
-
-
- $mime_type = get_mime_type($de_part);
- $type = $mime_type . "/" . $de_part->subtype;
- $mime_encoding = get_mime_encoding($de_part);
- $charset = get_charset($de_part);
-
- /* Default, simple mail */
- if (strtolower($type) == "text/plain")
- {
- $ret = 1;
- }
- /* Smart types we know of */
- elseif ((strtolower($type) == "text/enriched") or
- (strtolower($type) == "text/html"))
- {
- output_bound(L_MIME_SECTION . ":" , "$mime_type/$de_part->subtype");
- $ret = 1;
- }
- /* All other types: return 0 as we don't know whether we displayed
- anything useful for the user. */
- else
- {
- output_bound(L_MIME_SECTION . ":" , "$mime_type/$de_part->subtype");
- $ret = 0;
- }
- /* This is not really useful
- print "" . L_MESSAGE . "
\n";
- */
-
- /* Embedded objects have a fixed height, which means embedded scrolbars.
- That's not worth it.
- print "\n";
- */
- return $ret;
-}
-
-function output_bound($title, $str)
-{
- body_left_end();
- body_row_end();
-
- title_start();
- title_left();
- echo $title;
- title_left_end();
- title_data();
- echo $str;
- title_data_end();
- body_row('class="rowon"');
- body_left('colspan="2" class="body"');
-}
-
-
-function cid_name($struct, $cid_to_find, $numprefix="")
-{
- global $folder, $msgnum;
- global $cidsdone;
- $name = "";
- $numparts = !$struct->parts ? "1" : count($struct->parts);
- for($i = 0; $i < $numparts; $i++)
- {
- $part = !$struct->parts[$i] ? $part = $struct : $part = $struct->parts[$i];
-
- if ($part->parts)
- {
- $subpartnum = $i + 1;
- $name .= cid_name($part, $cid_to_find, $numprefix . $subpartnum . ".");
- if ($name)
- {
- return $name;
- }
- }
- else
- {
- $cid = $part->ifid ? $part->id : "";
- if ($cid == $cid_to_find || $cid == "<$cid_to_find>")
- {
- $subpartnum = $i + 1;
- $att_name = get_att_name($part);
- $name .= "view_image.php?folder=" . $folder
- . "&msgnum=$msgnum&part_no=" . $numprefix
- . $subpartnum
- . "&type=$part->subtype&name=$att_name";
- $cidsdone[$cid] = 1;
- return $name;
- }
- }
- }
- // Not found, leave it as it is
- return $cid_to_find;
-}
-
-/* ciddone is set for an inline image that is processed. If the image data
- appears later in the message, it doesn't have to be displayed again.
- This is not entirely correct, because when the image data appears first,
- it is displayed, and again later as inline.
-*/
-function ciddone($part)
-{
- global $cidsdone;
- $cid = $part->ifid ? $part->id : "";
- if ($cid == "")
- return 0;
- return $cidsdone[$cid];
-}
-
-function image_display($folder, $msgnum, $de_part, $part_no, $att_name)
-{
- output_bound(L_IMAGE . ":" , $att_name);
- echo "\n![](\"";)
subtype&name=$att_name\">\n
\n";
-}
-
-// function make_clickable rewritten to follow
-// RFC 1738 (URLs)
-// RFC 2822 (Internet Message formats)
-function make_clickable($text)
-{
- global $folder;
-
- // schemes in URLs that we will recognise. These are schemes commonly
- // supported by browsers, others are not necessary.
- $schemes = array (
- // official
- "ftp",
- "http",
- "gopher",
- "news",
- "nntp",
- "telnet",
- "wais",
- "file",
- "https",
- "tn3270",
- // common?
- "aim",
- "irc"
- // DON'T include script types for security
- );
-
- // Turn & into st that does not contain an &, and is
- // not appearing in text. Then the URL matcher can exclude &s; so > and
- // < are not matched.
- do {
- $rep = "!=!" . rand() . "!=!";
- } while (eregi($rep, $text));
- $ret = eregi_replace("&", $rep, $text);
- // RFC 1738, but restrict to common schemes
- $schemere = implode("|", $schemes);
- $ret = eregi_replace(
- '(' . "($schemere)" . ':[-$_.+!*\'(),;/?:@=~[:alnum:]#]+)',
- "\\1", $ret);
- // One more as it is used a lot: something without a scheme, which is
- // always http://.
- // Try not to match too much, so demand . and /
- // make sure it is surrounded by blanks
- $ret = eregi_replace(
- '(^|[[:space:]])([[:alnum:]]+\.[[:alnum:]\.]+/[-$_.+!*\'(),;/?:@=~[:alnum:]#]+)([[:space:]]|$)',
- "\\1\\2\\3", $ret);
- $ret = eregi_replace($rep, "&", $ret);
- $ret = eregi_replace(
- '([-!#$%&\'*+/=?^_`{|}~[:alnum:]]+@[-a-zA-Z0-9.]+)',
- "\\1", $ret);
- return($ret);
-}
-
-
-function self_with_param($paramname, $value)
-{
- global $HTTP_SERVER_VARS;
- $url = $HTTP_SERVER_VARS["REQUEST_URI"];
- /* first strip out the old value of $paramname */
- $url = ereg_replace("\&$paramname=[^&]*", "", $url);
- $url = ereg_replace("$paramname=[^&]*\&", "", $url);
- $url = ereg_replace("\?$paramname=[^&]*", "", $url);
- /* Then insert the new one */
- /* Note: $value != "" is FALSE when $value is the string "0". You gotta
- love PHP... */
- if ($value != "" or $value == "0")
- {
- if (strpos($url, "?"))
- $url .= "&";
- else
- $url .= "?";
- $url .= "$paramname=$value";
- }
- return htmlspecialchars($url);
-}
-
-function login_prompt()
-{
- Header("WWW-Authenticate: Basic realm=\"" . PROG_NAME . "\"");
- Header("HTTP/1.0 401 Unauthorized");
- echo "";
- exit;
-}
-
-include('layout.inc');
-
-if ((!$PHP_AUTH_USER) or (!$PHP_AUTH_PW) or ($time > time()))
-{
- login_prompt();
-}
-else
-{
- if($PHP_AUTH_USER && $PHP_AUTH_PW)
- {
- $user = $PHP_AUTH_USER;
- $pass = $PHP_AUTH_PW;
- $folder = !$folder ? "INBOX" : $folder;
- $mailbox = mailbox_log_in($folder);
-
- if(!$mailbox)
- {
- login_prompt();
- }
- }
-}
-
-?>
+charset == "default")
+ $output .= $element[$i]->text;
+ else
+ {
+ $output .= make_utf8($element[$i]->text, $element[$i]->charset);
+ }
+ }
+ }
+ return $output;
+}
+
+function make_address_list($header_arr)
+{
+ $out = array();
+ if (is_array($header_arr) && count($header_arr))
+ {
+ foreach ($header_arr as $adr)
+ {
+ $out[] = imap_rfc822_write_address($adr->mailbox, $adr->host, $adr->personal);
+ }
+ }
+ return $out;
+}
+
+function make_formaddress_list($header_arr)
+{
+ $list = make_address_list($header_arr);
+ $l = array();
+ foreach ($list as $adr)
+ {
+ $l[] = htmlentities(decode_header_string($adr));
+ }
+ return implode(", ", $l);
+}
+
+
+function make_clickable_list($header_arr, $folder)
+{
+ $list = make_address_list($header_arr);
+ $l = array();
+ foreach ($list as $adr)
+ {
+ if (DISPLAY_FULL_ADDR)
+ $linkdisplay = hemlspecialchars(decode_header_string($adr));
+ else
+ $linkdisplay = strip_tags(str_replace("\"","",$adr));
+ $l[] = ""
+ . "$linkdisplay";
+ }
+ return implode(", ", $l);
+}
+
+function list_folders( $mailbox )
+{
+ $mailboxes = imap_listmailbox($mailbox, IMAP_STR, FILTER . "*");
+ if($mailboxes)
+ {
+ sort($mailboxes);
+ $num_boxes = count($mailboxes);
+ if (FILTER != "INBOX" && NO_INBOX_EXPLICIT != 1) { echo "