This commit has been accessed 646 times via Git panel.
commit afd97fe881d84c9774a3c6f57e14a7431d34235e
tree 50f1e46bed92389f2f417c371dbd44c950adb7a3
parent 9ff4fff0f690427118cfdcaa05dec5e51cb09e86
author Engels Antonio <engels@majcms.org> 1338991758 +0800
committer Engels Antonio <engels@majcms.org> 1338991758 +0800
Add simple address book
diff --git a/core.php b/core.php
index bd93bba..587455b 100644
--- a/core.php
+++ b/core.php
@@ -418,4 +418,52 @@ function kartero_dovecot_quota($quota) {
return $quota . $prefix;
}
+function kartero_resize_image($image,$max_height=70) {
+
+ $size = getimagesize($image);
+ $width = $size[0];
+ $height = $size[1];
+
+ if ($height > $max_height) {
+
+ $ratio = $max_height / $height;
+ $new_width = $width * $ratio;
+ $new_height = $max_height;
+
+ $put_image = imagecreatetruecolor($new_width,$new_height);
+ $mimetype = image_type_to_mime_type(exif_imagetype($image));
+
+ switch($mimetype) {
+ case "image/jpg":
+ case "image/jpeg":
+ $get_image = imagecreatefromjpeg($image);
+ break;
+ case "image/gif":
+ $get_image = imagecreatefromgif($image);
+ break;
+ case "image/png":
+ $get_image = imagecreatefrompng($image);
+ break;
+ }
+
+ imagecopyresampled($put_image,$get_image,0,0,0,0,$new_width,$new_height,$width,$height);
+
+ switch($mimetype) {
+ case "image/jpg":
+ case "image/jpeg":
+ imagejpeg($put_image,$image,80);
+ break;
+ case "image/gif":
+ imagegif($put_image,$image);
+ break;
+ case "image/png":
+ imagepng($put_image,$image,9);
+ break;
+ }
+
+ imagedestroy($put_image);
+ imagedestroy($get_image);
+ }
+}
+
?>
diff --git a/filedrop.php b/filedrop.php
index 8a0c001..42e6e0c 100644
--- a/filedrop.php
+++ b/filedrop.php
@@ -15,6 +15,7 @@ if (isset($_FILES['filedrop_obj']) and !empty($_FILES['filedrop_obj']) and isset
$filedrop_box = $_POST['filedrop_box'];
$filedrop_nom = str_replace(" ", "_", $_FILES['filedrop_obj']['name']);
+ $filedrop_nom = preg_replace("/[^a-zA-Z0-9.\-_]/u", "", $filedrop_nom);
if (!file_exists("attach/i/$fileUsr/$filedrop_box")) {
mkdir("attach/i/$fileUsr/$filedrop_box",0700,1);
diff --git a/folders.php b/folders.php
index 528b6c7..30ab524 100644
--- a/folders.php
+++ b/folders.php
@@ -159,6 +159,11 @@ echo "<div style=\"height: 4px;\"></div>";
echo "<div class=\"folders\"><table border=\"0\" cellspacing=\"0\" callpadding=\"0\">";
+echo "<form method=\"post\">";
+echo "<input type=\"hidden\" name=\"addr\" value=\"1\">";
+echo "<tr><td width=\"32\"><input type=\"image\" src=\"images/mail-contacts.png\"></td><td>Contacts</td></tr>";
+echo "</form>";
+
echo "<form method=\"post\">";
echo "<input type=\"hidden\" name=\"set\" value=\"1\">";
echo "<tr><td width=\"32\"><input type=\"image\" src=\"images/mail-settings.png\"></td><td>Settings</td></tr>";
diff --git a/images/mail-contacts.png b/images/mail-contacts.png
new file mode 100644
index 0000000..47657c0
Binary files /dev/null and b/images/mail-contacts.png differ
diff --git a/images/mail-redirect.png b/images/mail-redirect.png
new file mode 100644
index 0000000..b3c0dcb
Binary files /dev/null and b/images/mail-redirect.png differ
diff --git a/inbox.php b/inbox.php
index 049ce6b..384a0bd 100644
--- a/inbox.php
+++ b/inbox.php
@@ -66,7 +66,7 @@ foreach ($mail_images as $mail_image) {
echo "<title>Kartero - $folder ($msgCount) - " . $_SESSION['logged_uid'] . "</title>";
-echo "\n\n<table border=\"0\" cellspacing=\"1\" cellpadding=\"2\" bgcolor=\"#cccccc\" width=\"800\">";
+echo "\n\n<table border=\"0\" cellspacing=\"1\" cellpadding=\"2\" bgcolor=\"#cccccc\" width=\"100%\">";
echo "<tr bgcolor=\"#eeeeee\"><td align=\"center\" width=\"32\">";
diff --git a/index.php b/index.php
index f7c1e6b..233c1ca 100644
--- a/index.php
+++ b/index.php
@@ -88,9 +88,9 @@ if (!$db_query) {
$db_query = mysql_query("create database $db_name");
$db_query = mysql_query("use $db_name");
$db_query = mysql_query("create table admins (id varchar(16) not null, pw varchar(64) not null, primary key (id), unique key (id))");
- $db_query = mysql_query("create table domains (id varchar(128) not null, pw varchar(64) not null, max int(6) default '0', mode int(1) default '1', primary key (id), unique key (id), key id_2 (id))");
- $db_query = mysql_query("create table users (id varchar(255) not null, pw varchar(64) not null, maildir varchar(255) not null, name varchar(128), domain varchar(128), mode int(1) default '1', quota varchar(16), primary key (id), unique key(id), key id_2 (id))");
- $db_query = mysql_query("create table aliases (id varchar(255) not null, alias varchar(255) not null, domain varchar(128), mode int(1) default '1', primary key (id), unique key (id), key id_2 (id))");
+ $db_query = mysql_query("create table domains (id varchar(128) not null, pw varchar(64) not null, max int(6) default '0', mode int(1) default '1', primary key (id), unique key (id))");
+ $db_query = mysql_query("create table users (id varchar(255) not null, pw varchar(64) not null, maildir varchar(255) not null, name varchar(128), domain varchar(128), mode int(1) default '1', quota varchar(16), primary key (id), unique key(id))");
+ $db_query = mysql_query("create table aliases (id varchar(255) not null, alias varchar(255) not null, domain varchar(128), mode int(1) default '1', primary key (domain))");
$db_query = mysql_query("insert into admins values('$db_user','$pw_crypt')");
}
@@ -311,6 +311,114 @@ if (isset($_SESSION['logged_uid'])) {
}
}
+ if (isset($_POST['a_email']) and !empty($_POST['a_email']) and isset($_POST['a_fname']) and !empty($_POST['a_fname']) and isset($_POST['a_lname']) and !empty($_POST['a_lname'])) {
+
+ $a_email = strtolower(trim(strip_tags($_POST['a_email'])));
+
+ if (preg_match("/@/",$a_email) and preg_match("/\./",$a_email)) {
+
+ $a_fname = ucwords(trim(strip_tags($_POST['a_fname'])));
+ $a_lname = ucwords(trim(strip_tags($_POST['a_lname'])));
+
+ $addr_query = mysql_query("create table if not exists contacts (id varchar(255) not null, lname varchar(64) not null, fname varchar(64) not null, email varchar(255) not null);");
+
+ $addr_query = mysql_query("select * from contacts where id='{$_SESSION['logged_uid']}' and email='$a_email';");
+
+ if (mysql_num_rows($addr_query) > 0) {
+ nak("$a_email exists");
+ }
+ else {
+ $addr_query = mysql_query("insert into contacts values('{$_SESSION['logged_uid']}','$a_lname','$a_fname','$a_email');");
+
+ if (isset($_FILES['a_photo']) and !empty($_FILES['a_photo'])) {
+
+ if (is_uploaded_file($_FILES['a_photo']['tmp_name'])) {
+
+ if (($_FILES['a_photo']['type']=="image/gif") || ($_FILES['a_photo']['type']=="image/pjpeg") || ($_FILES['a_photo']['type']=="image/jpeg") || ($_FILES['a_photo']['type']=="image/png")) {
+
+ $a_path = sha1($_SESSION['logged_uid']);
+ $a_file = sha1($a_email);
+
+ if (file_exists("images/contacts/$a_path/{$a_file}.gif")) {
+ unlink("images/contacts/$a_path/{$a_file}.gif");
+ }
+
+ if (file_exists("images/contacts/$a_path/{$a_file}.jpg")) {
+ unlink("images/contacts/$a_path/{$a_file}.jpg");
+ }
+
+ if (file_exists("images/contacts/$a_path/{$a_file}.png")) {
+ unlink("images/contacts/$a_path/{$a_file}.png");
+ }
+
+ if (!file_exists("images/contacts/$a_path")) {
+ mkdir("images/contacts/$a_path",0700,true);
+ }
+
+ if ($_FILES['a_photo']['type']=="image/gif") {
+ $res = copy($_FILES['a_photo']['tmp_name'], "images/contacts/$a_path/{$a_file}.gif");
+ kartero_resize_image("images/contacts/$a_path/{$a_file}.gif");
+ unlink($_FILES['a_photo']['tmp_name']);
+ }
+
+ if (($_FILES['a_photo']['type']=="image/jpeg") or ($_FILES['a_photo']['type']=="image/pjpeg")) {
+ $res = copy($_FILES['a_photo']['tmp_name'], "images/contacts/$a_path/{$a_file}.jpg");
+ kartero_resize_image("images/contacts/$a_path/{$a_file}.jpg");
+ unlink($_FILES['a_photo']['tmp_name']);
+ }
+
+ if ($_FILES['a_photo']['type']=="image/png") {
+ $res = copy($_FILES['a_photo']['tmp_name'], "images/contacts/$a_path/{$a_file}.png");
+ kartero_resize_image("images/contacts/$a_path/{$a_file}.png");
+ unlink($_FILES['a_photo']['tmp_name']);
+ }
+ }
+ else {
+ unlink($_FILES['a_photo']['tmp_name']);
+ }
+ }
+ else {
+ unlink($_FILES['a_photo']['tmp_name']);
+ }
+ }
+
+ ack("$a_email added to contacts");
+ }
+ }
+ else {
+ nak("invalid email");
+ }
+ }
+
+ if (isset($_POST['a_del']) and !empty($_POST['a_del'])) {
+
+ $a_del = strtolower(trim(strip_tags($_POST['a_del'])));
+
+ $a_del_query = mysql_query("delete from contacts where id='{$_SESSION['logged_uid']}' and email='$a_del';");
+
+ if (!$a_del_query) {
+ nak(strtolower(mysql_error()));
+ }
+ else {
+ $a_path = sha1($_SESSION['logged_uid']);
+ $a_file = sha1($a_del);
+
+ if (file_exists("images/contacts/$a_path/{$a_file}.gif")) {
+ unlink("images/contacts/$a_path/{$a_file}.gif");
+ }
+
+ if (file_exists("images/contacts/$a_path/{$a_file}.jpg")) {
+ unlink("images/contacts/$a_path/{$a_file}.jpg");
+ }
+
+ if (file_exists("images/contacts/$a_path/{$a_file}.png")) {
+ unlink("images/contacts/$a_path/{$a_file}.png");
+ }
+
+ ack("$a_del removed from contacts");
+ }
+ }
+
if ($_SESSION['logged_lvl'] == "postmaster") {
$dom_query = mysql_query("select mode from domains where id='{$_SESSION['logged_uid']}'");
@@ -879,20 +987,20 @@ if (isset($_SESSION['logged_uid'])) {
$reply_to = trim($_POST['reply_to']);
$reply_subj = trim($_POST['reply_subj']);
$reply_body = trim($_POST['reply_body']);
- $reply_headers = "From: $reply_from\r\nX-Mailer: Kartero/1.0 (PHP/" . phpversion() . ")";
+ $reply_headers = "From: $reply_from\nX-Mailer: Kartero/1.0 (PHP/" . phpversion() . ")";
if (isset($_POST['reply_cc']) and !empty($_POST['reply_cc'])) {
$reply_cc = trim($_POST['reply_cc']);
- $reply_headers = "$reply_headers\r\nCc: $reply_cc";
+ $reply_headers = "$reply_headers\nCc: $reply_cc";
}
if (isset($_POST['reply_bcc']) and !empty($_POST['reply_bcc'])) {
$reply_bcc = trim($_POST['reply_bcc']);
- $reply_headers = "$reply_headers\r\nBcc: $reply_bcc";
+ $reply_headers = "$reply_headers\nBcc: $reply_bcc";
}
if (isset($_POST['filedrop_box']) and !empty($_POST['filedrop_box'])) {
@@ -903,10 +1011,10 @@ if (isset($_SESSION['logged_uid'])) {
$mime_boundary = md5(microtime(true));
- $reply_headers .= "\r\nMIME-Version: 1.0";
- $reply_headers .= "\r\nContent-Type: multipart/mixed; boundary=\"{$mime_boundary}\"";
+ $reply_headers .= "\nMIME-Version: 1.0";
+ $reply_headers .= "\nContent-Type: multipart/mixed; boundary=\"{$mime_boundary}\"";
- $reply_body = "\r\nThis is a multi-part message in MIME format.\r\n\r\n--{$mime_boundary}\r\nContent-type: text/plain; charset=UTF-8\r\nContent-Transfer-Encoding: 8bit\r\n\r\n{$reply_body}";
+ $reply_body = "\nThis is a multi-part message in MIME format.\n\n--{$mime_boundary}\nContent-type: text/plain; charset=UTF-8\nContent-Transfer-Encoding: 8bit\n\n{$reply_body}";
$do_reply_from = extract_emails_from($reply_from);
$do_reply_to = extract_emails_from($reply_to);
@@ -920,7 +1028,7 @@ if (isset($_SESSION['logged_uid'])) {
$do_filedrop_nom = str_replace("attach/i/$fileUsr/$do_filedrop_box/","",$do_filedrop_put);
- $reply_body = $reply_body . "\r\n\r\n--{$mime_boundary}\r\nContent-Type: application/octet-stream; name=\"$do_filedrop_nom\"\r\nContent-Disposition: attachment; filename=\"$do_filedrop_nom\"\r\nContent-Transfer-Encoding: base64\r\n\r\n" . chunk_split(base64_encode(file_get_contents($do_filedrop_put)));
+ $reply_body = $reply_body . "\n\n--{$mime_boundary}\nContent-Type: application/octet-stream; name=\"$do_filedrop_nom\"\nContent-Disposition: attachment; filename=\"$do_filedrop_nom\"\nContent-Transfer-Encoding: base64\n\n" . chunk_split(base64_encode(file_get_contents($do_filedrop_put)));
}
$reply_body = $reply_body . "--{$mime_boundary}--";
@@ -937,21 +1045,21 @@ if (isset($_SESSION['logged_uid'])) {
$redirect_date = date("D, j M Y H:i:s O (T)");
- $reply_headers = "Resent-Date: $redirect_date\r\nResent-To: $reply_to\r\n";
+ $reply_headers = "Resent-Date: $redirect_date\nResent-To: $reply_to\n";
if (isset($_POST['reply_cc']) and !empty($_POST['reply_cc'])) {
$reply_cc = trim($_POST['reply_cc']);
- $reply_headers = $reply_headers . "Resent-Cc: $reply_cc\r\n";
+ $reply_headers = $reply_headers . "Resent-Cc: $reply_cc\n";
}
if (isset($_POST['reply_bcc']) and !empty($_POST['reply_bcc'])) {
$reply_bcc = trim($_POST['reply_bcc']);
- $reply_headers = $reply_headers . "Resent-Bcc: $reply_bcc\r\n";
+ $reply_headers = $reply_headers . "Resent-Bcc: $reply_bcc\n";
}
$reply_headers = $reply_headers . imap_fetchheader($mbox,$_POST['msg'],FT_UID|FT_PREFETCHTEXT);
@@ -963,10 +1071,10 @@ if (isset($_SESSION['logged_uid'])) {
$reply_date = date ("d-M-Y H:i:s O");
- $reply_body = preg_replace("#(?<!\r)\n#si", "\r\n", $reply_body);
- $reply_headers = preg_replace('#(?<!\r)\n#si', "\r\n", $reply_headers);
+ $reply_body = preg_replace("#(?<!\r)\n#si", "\n", $reply_body);
+ $reply_headers = preg_replace('#(?<!\r)\n#si', "\n", $reply_headers);
- imap_append($mbox,"{$host}Sent","To: $reply_to\r\nSubject: $reply_subj\r\nDate: $reply_date\r\n$reply_headers\r\n\r\n$reply_body\r\n");
+ imap_append($mbox,"{$host}Sent","To: $reply_to\nSubject: $reply_subj\nDate: $reply_date\n$reply_headers\n\n$reply_body\n");
$reply_fenv = extract_emails_from($reply_from);
@@ -990,7 +1098,7 @@ if (isset($_SESSION['logged_uid'])) {
imap_expunge($mbox);
}
- echo "<tr><td valign=\"top\" width=\"700\"><div id=\"main\" class=\"main\">";
+ echo "<tr><td valign=\"top\" width=\"800\"><div id=\"main\" class=\"main\">";
if (isset($_POST['get']) and !empty($_POST['get'])) {
include("read.php");
@@ -1004,6 +1112,90 @@ if (isset($_SESSION['logged_uid'])) {
elseif (isset($_POST['dig']) and !empty($_POST['dig'])) {
include("search.php");
}
+ elseif (isset($_POST['addr']) and !empty($_POST['addr'])) {
+
+ echo "<title>Kartero - Contacts</title>";
+
+ echo "<style> .hide { display: none; } </style>";
+
+ echo "<div class=\"message\">";
+ echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\"><tr><td>";
+
+ echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">";
+
+ echo "<tr>";
+ echo "<td class=\"label\"><img src=\"images/mail-contacts.png\" border=\"0\" width=\"32\" height=\"32\" onclick=\"document.getElementById('list').className ='';document.getElementById('add').className='hide'\"></td>";
+ echo "<td class=\"label\"><img src=\"images/mail-contacts.png\" border=\"0\" width=\"32\" height=\"32\" onclick=\"document.getElementById('list').className ='hide';document.getElementById('add').className=''\"></td>";
+echo "</tr>";
+
+ echo "<tr><td class=\"label\">list</td><td class=\"label\">add</td></tr>";
+
+ echo "</table>";
+
+ echo "</td></tr></table>";
+ echo "</div>";
+
+ $addr_query = mysql_query("select * from contacts where id='{$_SESSION['logged_uid']}' order by lname, fname, email;");
+
+ if (($_POST['addr'] == "add") or (mysql_num_rows($addr_query) < 1)) {
+ echo "<div id=\"add\">";
+ }
+ else {
+ echo "<div id=\"add\" class=\"hide\">";
+ }
+
+ echo "<div class=\"spacer\"></div>";
+ echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"1\" width=\400\">";
+ echo "<form method=\"post\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" name=\"addr\" value=\"add\">";
+
+ echo "<tr><td><input class=\"input\" type=\"text\" name=\"a_email\" maxlength=\"255\" autocomplete=\"off\" required autofocus></td><td>email address</td></tr>";
+ echo "<tr><td><input class=\"input\" type=\"text\" name=\"a_fname\" maxlength=\"64\" autocomplete=\"off\" required></td><td>first name</td></tr>";
+ echo "<tr><td><input class=\"input\" type=\"text\" name=\"a_lname\" maxlength=\"64\" autocomplete=\"off\" required></td><td>last name</td></tr>";
+ echo "<tr><td><input type=\"file\" name=\"a_photo\"></td><td>optional photo</td></tr>";
+ echo "<tr><td><input class=\"button\" type=\"submit\" value=\"add contact\"></td><td></td></tr>";
+
+ echo "</form>";
+ echo "</table>";
+ echo "</div>";
+
+ if ($_POST['addr'] == "list") {
+ echo "<div id=\"list\">";
+ }
+ else {
+ echo "<div id=\"list\" class=\"hide\">";
+ }
+
+ if (mysql_num_rows($addr_query) > 0) {
+
+ echo "<div class=\"spacer\"></div>";
+ echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"2\" bgcolor=\"#cccccc\">";
+
+ while ($addr_row = mysql_fetch_array($addr_query)) {
+
+ if ($bgColor == "#ffffff") {
+ $bgColor = "#fdfdfd";
+ }
+ else {
+ $bgColor = "#ffffff";
+ }
+
+ echo "<form method=\"post\">";
+ echo "<input type=\"hidden\" name=\"addr\" value=\"list\">";
+ echo "<input type=\"hidden\" name=\"a_del\" value=\"{$addr_row[email]}\">";
+ echo "<tr bgcolor=\"$bgColor\">";
+ echo "<td valign=\"bottom\" width=\"24\"><input type=\"image\" src=\"images/sieve-del.png\"></td>";
+ echo "<td>{$addr_row[fname]} {$addr_row[lname]}</td><td>{$addr_row[email]}</td>";
+ echo "</tr>";
+ echo "</form>";
+ }
+
+ echo "</table>";
+ echo "</div>";
+
+ unset($bgColor);
+ }
+ }
elseif (isset($_POST['set']) and !empty($_POST['set'])) {
echo "<title>Kartero - Settings</title>";
@@ -1011,7 +1203,7 @@ if (isset($_SESSION['logged_uid'])) {
echo "<style> .hide { display: none; } </style>";
echo "<div class=\"message\">";
- echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"800\"><tr><td>";
+ echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\"><tr><td>";
echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">";
diff --git a/post.php b/post.php
index 0fc1ffc..e1279da 100644
--- a/post.php
+++ b/post.php
@@ -8,14 +8,14 @@ if (!isset($_SESSION['logged_uid']) or !isset($_SESSION['logged_lvl']) or !isset
if (isset($_POST['new']) and !empty($_POST['new']) and is_numeric($_POST['new'])) {
- $reply_from = "\"$usr_name\" <{$_SESSION['logged_uid']}>";
+ $reply_from = "$usr_name <{$_SESSION['logged_uid']}>";
$reply_from = htmlentities($reply_from,ENT_QUOTES);
$post_alias_query = mysql_query("select domains.id, aliases.id from aliases, domains where aliases.alias='{$_SESSION['logged_uid']}' and aliases.mode='1' and aliases.domain=domains.id and domains.mode='1' order by aliases.domain, aliases.id");
echo "<title>Kartero - Compose - {$_SESSION['logged_uid']}</title>";
- echo "<table border=\"0\" cellspacing=\"0\" callpadding=\"0\" width=\"800\"><tr><td valign=\"top\">";
+ echo "<table border=\"0\" cellspacing=\"0\" callpadding=\"0\" width=\"100%\"><tr><td valign=\"top\">";
echo "<table border=\"0\" cellspacing=\"2\" cellpadding=\"0\" width=\"100%\">";
@@ -29,7 +29,7 @@ if (isset($_POST['new']) and !empty($_POST['new']) and is_numeric($_POST['new'])
echo "<option>$reply_from</option>";
while ($row = mysql_fetch_assoc($post_alias_query)) {
- echo "<option>\"$usr_name\" <$row[id]></option>";
+ echo "<option>$usr_name <$row[id]></option>";
}
echo "</select>";
diff --git a/read.php b/read.php
index ca2c68f..b821546 100644
--- a/read.php
+++ b/read.php
@@ -74,7 +74,7 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
echo "<title>Kartero - $folder - $header_subject</title>";
- echo "<table border=\"0\" cellspacing=\"0\" callpadding=\"0\" width=\"800\"><tr><td valign=\"top\">";
+ echo "<table border=\"0\" cellspacing=\"0\" callpadding=\"0\" width=\"100%\"><tr><td valign=\"top\">";
echo "<div class=\"message\">";
@@ -101,7 +101,9 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
$filePicSize = getimagesize($filePic);
if (($filePicSize[0] > 0) and ($filePicSize[1] > 0)) {
- echo "<img src=\"$filePic\" border=\"0\" width=\"{$filePicSize[0]}\" height=\"{$filePicSize[1]}\" align=\"right\">";
+
+ //echo "<style> .apic { padding: 3px; background: #fff; -moz-box-shadow: 1px 1px 3px #222; -khtml-box-shadow: 1px 1px 3px #222; -webkit-box-shadow: 1px 1px 3px #222; box-shadow: 1px 1px 3px #222; } </style>";
+ echo "<img class=\"apic\" src=\"$filePic\" border=\"0\" width=\"{$filePicSize[0]}\" height=\"{$filePicSize[1]}\" align=\"right\">";
}
}
@@ -183,7 +185,7 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
echo "<input type=\"hidden\" name=\"imap_search_where\" value=\"{$_POST['imap_search_where']}\">";
}
- echo "<input type=\"image\" src=\"images/mail-forward.png\">";
+ echo "<input type=\"image\" src=\"images/mail-redirect.png\">";
echo "</td></form>";
echo "<td width=\"5\"></td>";
@@ -380,6 +382,9 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
$fileName = $attachment[filename];
}
+ $fileName = str_replace(" ", "_", $fileName);
+ $fileName = preg_replace("/[^a-zA-Z0-9.\-_]/u", "", $fileName);
+
if (!file_exists("$filePath/$fileName") and (mb_strlen($fileContent,"8bit") > 0)) {
file_put_contents("$filePath/$fileName",$fileContent);
}
diff --git a/search.php b/search.php
index 671054a..57a8e17 100644
--- a/search.php
+++ b/search.php
@@ -12,7 +12,7 @@ if (is_array($search_folders)) {
echo "<title>Kartero - Search $folder</title>";
- echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"800\"><tr>";
+ echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\"><tr>";
echo "<form method=\"post\">";
echo "<td><select class=\"input\" name=\"box\">";
diff --git a/send.php b/send.php
index b3edb0d..e4c50ff 100644
--- a/send.php
+++ b/send.php
@@ -33,7 +33,7 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
$reply_quote_rows = count($reply_quote_lines) + 1;
}
- $reply_from = "\"$usr_name\" <{$_SESSION['logged_uid']}>";
+ $reply_from = "$usr_name <{$_SESSION['logged_uid']}>";
$reply_to = $header->reply_toaddress;
@@ -81,6 +81,13 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
$reply_subject = htmlentities($reply_subject,ENT_QUOTES);
$reply_cc = htmlentities($reply_cc,ENT_QUOTES);
+ if ($folder == "Sent") {
+ $header_tos = extract_emails_from($header_fromaddress);
+ }
+ else {
+ $header_tos = extract_emails_from($header_toaddress);
+ }
+
$header_fetch = imap_fetchheader($mbox,$msgno,FT_UID);
$header_raw_lines = explode("\r\n",$header_fetch);
@@ -89,14 +96,25 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
if (strstr($header_raw_line,"X-Original-To:")) {
- $header_tos[] = str_replace("X-Original-To: ","",$header_raw_line);
- }
-/*
- if (strstr($header_raw_line,"Delivered-To:")) {
+ $header_x2 = str_replace("X-Original-To: ","",$header_raw_line);
+
+ if ($header_x2 != $_SESSION['logged_uid']) {
+ $header_tos[] = $header_x2;
+ }
- $header_tos[] = str_replace("Delivered-To: ","",$header_raw_line);
+ unset($header_x2);
}
-*/
+
+ if (strstr($header_raw_line,"Delivered-To:")) {
+
+ $header_d2 = str_replace("Delivered-To: ","",$header_raw_line);
+
+ if ($header_d2 != $_SESSION['logged_uid']) {
+ $header_tos[] = $header_d2;
+ }
+
+ unset($header_d2);
+ }
}
$header_tos = array_values(array_unique($header_tos));
@@ -105,7 +123,7 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
echo "<title>Kartero - $folder - $reply_subject</title>";
- echo "<table border=\"0\" cellspacing=\"0\" callpadding=\"0\" width=\"800\"><tr><td valign=\"top\">";
+ echo "<table border=\"0\" cellspacing=\"0\" callpadding=\"0\" width=\"100%\"><tr><td valign=\"top\">";
echo "<table border=\"0\" cellspacing=\"2\" cellpadding=\"0\" width=\"100%\">";
@@ -130,13 +148,14 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
while ($row = mysql_fetch_assoc($send_alias_query)) {
- echo "<option";
-
if ($row[id] == $header_tos[0]) {
- echo " selected";
+ echo "<option selected>";
+ }
+ else {
+ echo "<option>";
}
- echo ">\"$usr_name\" <$row[id]>";
+ echo "$usr_name <$row[id]>";
echo "</option>";
}
tree 50f1e46bed92389f2f417c371dbd44c950adb7a3
parent 9ff4fff0f690427118cfdcaa05dec5e51cb09e86
author Engels Antonio <engels@majcms.org> 1338991758 +0800
committer Engels Antonio <engels@majcms.org> 1338991758 +0800
Add simple address book
diff --git a/core.php b/core.php
index bd93bba..587455b 100644
--- a/core.php
+++ b/core.php
@@ -418,4 +418,52 @@ function kartero_dovecot_quota($quota) {
return $quota . $prefix;
}
+function kartero_resize_image($image,$max_height=70) {
+
+ $size = getimagesize($image);
+ $width = $size[0];
+ $height = $size[1];
+
+ if ($height > $max_height) {
+
+ $ratio = $max_height / $height;
+ $new_width = $width * $ratio;
+ $new_height = $max_height;
+
+ $put_image = imagecreatetruecolor($new_width,$new_height);
+ $mimetype = image_type_to_mime_type(exif_imagetype($image));
+
+ switch($mimetype) {
+ case "image/jpg":
+ case "image/jpeg":
+ $get_image = imagecreatefromjpeg($image);
+ break;
+ case "image/gif":
+ $get_image = imagecreatefromgif($image);
+ break;
+ case "image/png":
+ $get_image = imagecreatefrompng($image);
+ break;
+ }
+
+ imagecopyresampled($put_image,$get_image,0,0,0,0,$new_width,$new_height,$width,$height);
+
+ switch($mimetype) {
+ case "image/jpg":
+ case "image/jpeg":
+ imagejpeg($put_image,$image,80);
+ break;
+ case "image/gif":
+ imagegif($put_image,$image);
+ break;
+ case "image/png":
+ imagepng($put_image,$image,9);
+ break;
+ }
+
+ imagedestroy($put_image);
+ imagedestroy($get_image);
+ }
+}
+
?>
diff --git a/filedrop.php b/filedrop.php
index 8a0c001..42e6e0c 100644
--- a/filedrop.php
+++ b/filedrop.php
@@ -15,6 +15,7 @@ if (isset($_FILES['filedrop_obj']) and !empty($_FILES['filedrop_obj']) and isset
$filedrop_box = $_POST['filedrop_box'];
$filedrop_nom = str_replace(" ", "_", $_FILES['filedrop_obj']['name']);
+ $filedrop_nom = preg_replace("/[^a-zA-Z0-9.\-_]/u", "", $filedrop_nom);
if (!file_exists("attach/i/$fileUsr/$filedrop_box")) {
mkdir("attach/i/$fileUsr/$filedrop_box",0700,1);
diff --git a/folders.php b/folders.php
index 528b6c7..30ab524 100644
--- a/folders.php
+++ b/folders.php
@@ -159,6 +159,11 @@ echo "<div style=\"height: 4px;\"></div>";
echo "<div class=\"folders\"><table border=\"0\" cellspacing=\"0\" callpadding=\"0\">";
+echo "<form method=\"post\">";
+echo "<input type=\"hidden\" name=\"addr\" value=\"1\">";
+echo "<tr><td width=\"32\"><input type=\"image\" src=\"images/mail-contacts.png\"></td><td>Contacts</td></tr>";
+echo "</form>";
+
echo "<form method=\"post\">";
echo "<input type=\"hidden\" name=\"set\" value=\"1\">";
echo "<tr><td width=\"32\"><input type=\"image\" src=\"images/mail-settings.png\"></td><td>Settings</td></tr>";
diff --git a/images/mail-contacts.png b/images/mail-contacts.png
new file mode 100644
index 0000000..47657c0
Binary files /dev/null and b/images/mail-contacts.png differ
diff --git a/images/mail-redirect.png b/images/mail-redirect.png
new file mode 100644
index 0000000..b3c0dcb
Binary files /dev/null and b/images/mail-redirect.png differ
diff --git a/inbox.php b/inbox.php
index 049ce6b..384a0bd 100644
--- a/inbox.php
+++ b/inbox.php
@@ -66,7 +66,7 @@ foreach ($mail_images as $mail_image) {
echo "<title>Kartero - $folder ($msgCount) - " . $_SESSION['logged_uid'] . "</title>";
-echo "\n\n<table border=\"0\" cellspacing=\"1\" cellpadding=\"2\" bgcolor=\"#cccccc\" width=\"800\">";
+echo "\n\n<table border=\"0\" cellspacing=\"1\" cellpadding=\"2\" bgcolor=\"#cccccc\" width=\"100%\">";
echo "<tr bgcolor=\"#eeeeee\"><td align=\"center\" width=\"32\">";
diff --git a/index.php b/index.php
index f7c1e6b..233c1ca 100644
--- a/index.php
+++ b/index.php
@@ -88,9 +88,9 @@ if (!$db_query) {
$db_query = mysql_query("create database $db_name");
$db_query = mysql_query("use $db_name");
$db_query = mysql_query("create table admins (id varchar(16) not null, pw varchar(64) not null, primary key (id), unique key (id))");
- $db_query = mysql_query("create table domains (id varchar(128) not null, pw varchar(64) not null, max int(6) default '0', mode int(1) default '1', primary key (id), unique key (id), key id_2 (id))");
- $db_query = mysql_query("create table users (id varchar(255) not null, pw varchar(64) not null, maildir varchar(255) not null, name varchar(128), domain varchar(128), mode int(1) default '1', quota varchar(16), primary key (id), unique key(id), key id_2 (id))");
- $db_query = mysql_query("create table aliases (id varchar(255) not null, alias varchar(255) not null, domain varchar(128), mode int(1) default '1', primary key (id), unique key (id), key id_2 (id))");
+ $db_query = mysql_query("create table domains (id varchar(128) not null, pw varchar(64) not null, max int(6) default '0', mode int(1) default '1', primary key (id), unique key (id))");
+ $db_query = mysql_query("create table users (id varchar(255) not null, pw varchar(64) not null, maildir varchar(255) not null, name varchar(128), domain varchar(128), mode int(1) default '1', quota varchar(16), primary key (id), unique key(id))");
+ $db_query = mysql_query("create table aliases (id varchar(255) not null, alias varchar(255) not null, domain varchar(128), mode int(1) default '1', primary key (domain))");
$db_query = mysql_query("insert into admins values('$db_user','$pw_crypt')");
}
@@ -311,6 +311,114 @@ if (isset($_SESSION['logged_uid'])) {
}
}
+ if (isset($_POST['a_email']) and !empty($_POST['a_email']) and isset($_POST['a_fname']) and !empty($_POST['a_fname']) and isset($_POST['a_lname']) and !empty($_POST['a_lname'])) {
+
+ $a_email = strtolower(trim(strip_tags($_POST['a_email'])));
+
+ if (preg_match("/@/",$a_email) and preg_match("/\./",$a_email)) {
+
+ $a_fname = ucwords(trim(strip_tags($_POST['a_fname'])));
+ $a_lname = ucwords(trim(strip_tags($_POST['a_lname'])));
+
+ $addr_query = mysql_query("create table if not exists contacts (id varchar(255) not null, lname varchar(64) not null, fname varchar(64) not null, email varchar(255) not null);");
+
+ $addr_query = mysql_query("select * from contacts where id='{$_SESSION['logged_uid']}' and email='$a_email';");
+
+ if (mysql_num_rows($addr_query) > 0) {
+ nak("$a_email exists");
+ }
+ else {
+ $addr_query = mysql_query("insert into contacts values('{$_SESSION['logged_uid']}','$a_lname','$a_fname','$a_email');");
+
+ if (isset($_FILES['a_photo']) and !empty($_FILES['a_photo'])) {
+
+ if (is_uploaded_file($_FILES['a_photo']['tmp_name'])) {
+
+ if (($_FILES['a_photo']['type']=="image/gif") || ($_FILES['a_photo']['type']=="image/pjpeg") || ($_FILES['a_photo']['type']=="image/jpeg") || ($_FILES['a_photo']['type']=="image/png")) {
+
+ $a_path = sha1($_SESSION['logged_uid']);
+ $a_file = sha1($a_email);
+
+ if (file_exists("images/contacts/$a_path/{$a_file}.gif")) {
+ unlink("images/contacts/$a_path/{$a_file}.gif");
+ }
+
+ if (file_exists("images/contacts/$a_path/{$a_file}.jpg")) {
+ unlink("images/contacts/$a_path/{$a_file}.jpg");
+ }
+
+ if (file_exists("images/contacts/$a_path/{$a_file}.png")) {
+ unlink("images/contacts/$a_path/{$a_file}.png");
+ }
+
+ if (!file_exists("images/contacts/$a_path")) {
+ mkdir("images/contacts/$a_path",0700,true);
+ }
+
+ if ($_FILES['a_photo']['type']=="image/gif") {
+ $res = copy($_FILES['a_photo']['tmp_name'], "images/contacts/$a_path/{$a_file}.gif");
+ kartero_resize_image("images/contacts/$a_path/{$a_file}.gif");
+ unlink($_FILES['a_photo']['tmp_name']);
+ }
+
+ if (($_FILES['a_photo']['type']=="image/jpeg") or ($_FILES['a_photo']['type']=="image/pjpeg")) {
+ $res = copy($_FILES['a_photo']['tmp_name'], "images/contacts/$a_path/{$a_file}.jpg");
+ kartero_resize_image("images/contacts/$a_path/{$a_file}.jpg");
+ unlink($_FILES['a_photo']['tmp_name']);
+ }
+
+ if ($_FILES['a_photo']['type']=="image/png") {
+ $res = copy($_FILES['a_photo']['tmp_name'], "images/contacts/$a_path/{$a_file}.png");
+ kartero_resize_image("images/contacts/$a_path/{$a_file}.png");
+ unlink($_FILES['a_photo']['tmp_name']);
+ }
+ }
+ else {
+ unlink($_FILES['a_photo']['tmp_name']);
+ }
+ }
+ else {
+ unlink($_FILES['a_photo']['tmp_name']);
+ }
+ }
+
+ ack("$a_email added to contacts");
+ }
+ }
+ else {
+ nak("invalid email");
+ }
+ }
+
+ if (isset($_POST['a_del']) and !empty($_POST['a_del'])) {
+
+ $a_del = strtolower(trim(strip_tags($_POST['a_del'])));
+
+ $a_del_query = mysql_query("delete from contacts where id='{$_SESSION['logged_uid']}' and email='$a_del';");
+
+ if (!$a_del_query) {
+ nak(strtolower(mysql_error()));
+ }
+ else {
+ $a_path = sha1($_SESSION['logged_uid']);
+ $a_file = sha1($a_del);
+
+ if (file_exists("images/contacts/$a_path/{$a_file}.gif")) {
+ unlink("images/contacts/$a_path/{$a_file}.gif");
+ }
+
+ if (file_exists("images/contacts/$a_path/{$a_file}.jpg")) {
+ unlink("images/contacts/$a_path/{$a_file}.jpg");
+ }
+
+ if (file_exists("images/contacts/$a_path/{$a_file}.png")) {
+ unlink("images/contacts/$a_path/{$a_file}.png");
+ }
+
+ ack("$a_del removed from contacts");
+ }
+ }
+
if ($_SESSION['logged_lvl'] == "postmaster") {
$dom_query = mysql_query("select mode from domains where id='{$_SESSION['logged_uid']}'");
@@ -879,20 +987,20 @@ if (isset($_SESSION['logged_uid'])) {
$reply_to = trim($_POST['reply_to']);
$reply_subj = trim($_POST['reply_subj']);
$reply_body = trim($_POST['reply_body']);
- $reply_headers = "From: $reply_from\r\nX-Mailer: Kartero/1.0 (PHP/" . phpversion() . ")";
+ $reply_headers = "From: $reply_from\nX-Mailer: Kartero/1.0 (PHP/" . phpversion() . ")";
if (isset($_POST['reply_cc']) and !empty($_POST['reply_cc'])) {
$reply_cc = trim($_POST['reply_cc']);
- $reply_headers = "$reply_headers\r\nCc: $reply_cc";
+ $reply_headers = "$reply_headers\nCc: $reply_cc";
}
if (isset($_POST['reply_bcc']) and !empty($_POST['reply_bcc'])) {
$reply_bcc = trim($_POST['reply_bcc']);
- $reply_headers = "$reply_headers\r\nBcc: $reply_bcc";
+ $reply_headers = "$reply_headers\nBcc: $reply_bcc";
}
if (isset($_POST['filedrop_box']) and !empty($_POST['filedrop_box'])) {
@@ -903,10 +1011,10 @@ if (isset($_SESSION['logged_uid'])) {
$mime_boundary = md5(microtime(true));
- $reply_headers .= "\r\nMIME-Version: 1.0";
- $reply_headers .= "\r\nContent-Type: multipart/mixed; boundary=\"{$mime_boundary}\"";
+ $reply_headers .= "\nMIME-Version: 1.0";
+ $reply_headers .= "\nContent-Type: multipart/mixed; boundary=\"{$mime_boundary}\"";
- $reply_body = "\r\nThis is a multi-part message in MIME format.\r\n\r\n--{$mime_boundary}\r\nContent-type: text/plain; charset=UTF-8\r\nContent-Transfer-Encoding: 8bit\r\n\r\n{$reply_body}";
+ $reply_body = "\nThis is a multi-part message in MIME format.\n\n--{$mime_boundary}\nContent-type: text/plain; charset=UTF-8\nContent-Transfer-Encoding: 8bit\n\n{$reply_body}";
$do_reply_from = extract_emails_from($reply_from);
$do_reply_to = extract_emails_from($reply_to);
@@ -920,7 +1028,7 @@ if (isset($_SESSION['logged_uid'])) {
$do_filedrop_nom = str_replace("attach/i/$fileUsr/$do_filedrop_box/","",$do_filedrop_put);
- $reply_body = $reply_body . "\r\n\r\n--{$mime_boundary}\r\nContent-Type: application/octet-stream; name=\"$do_filedrop_nom\"\r\nContent-Disposition: attachment; filename=\"$do_filedrop_nom\"\r\nContent-Transfer-Encoding: base64\r\n\r\n" . chunk_split(base64_encode(file_get_contents($do_filedrop_put)));
+ $reply_body = $reply_body . "\n\n--{$mime_boundary}\nContent-Type: application/octet-stream; name=\"$do_filedrop_nom\"\nContent-Disposition: attachment; filename=\"$do_filedrop_nom\"\nContent-Transfer-Encoding: base64\n\n" . chunk_split(base64_encode(file_get_contents($do_filedrop_put)));
}
$reply_body = $reply_body . "--{$mime_boundary}--";
@@ -937,21 +1045,21 @@ if (isset($_SESSION['logged_uid'])) {
$redirect_date = date("D, j M Y H:i:s O (T)");
- $reply_headers = "Resent-Date: $redirect_date\r\nResent-To: $reply_to\r\n";
+ $reply_headers = "Resent-Date: $redirect_date\nResent-To: $reply_to\n";
if (isset($_POST['reply_cc']) and !empty($_POST['reply_cc'])) {
$reply_cc = trim($_POST['reply_cc']);
- $reply_headers = $reply_headers . "Resent-Cc: $reply_cc\r\n";
+ $reply_headers = $reply_headers . "Resent-Cc: $reply_cc\n";
}
if (isset($_POST['reply_bcc']) and !empty($_POST['reply_bcc'])) {
$reply_bcc = trim($_POST['reply_bcc']);
- $reply_headers = $reply_headers . "Resent-Bcc: $reply_bcc\r\n";
+ $reply_headers = $reply_headers . "Resent-Bcc: $reply_bcc\n";
}
$reply_headers = $reply_headers . imap_fetchheader($mbox,$_POST['msg'],FT_UID|FT_PREFETCHTEXT);
@@ -963,10 +1071,10 @@ if (isset($_SESSION['logged_uid'])) {
$reply_date = date ("d-M-Y H:i:s O");
- $reply_body = preg_replace("#(?<!\r)\n#si", "\r\n", $reply_body);
- $reply_headers = preg_replace('#(?<!\r)\n#si', "\r\n", $reply_headers);
+ $reply_body = preg_replace("#(?<!\r)\n#si", "\n", $reply_body);
+ $reply_headers = preg_replace('#(?<!\r)\n#si', "\n", $reply_headers);
- imap_append($mbox,"{$host}Sent","To: $reply_to\r\nSubject: $reply_subj\r\nDate: $reply_date\r\n$reply_headers\r\n\r\n$reply_body\r\n");
+ imap_append($mbox,"{$host}Sent","To: $reply_to\nSubject: $reply_subj\nDate: $reply_date\n$reply_headers\n\n$reply_body\n");
$reply_fenv = extract_emails_from($reply_from);
@@ -990,7 +1098,7 @@ if (isset($_SESSION['logged_uid'])) {
imap_expunge($mbox);
}
- echo "<tr><td valign=\"top\" width=\"700\"><div id=\"main\" class=\"main\">";
+ echo "<tr><td valign=\"top\" width=\"800\"><div id=\"main\" class=\"main\">";
if (isset($_POST['get']) and !empty($_POST['get'])) {
include("read.php");
@@ -1004,6 +1112,90 @@ if (isset($_SESSION['logged_uid'])) {
elseif (isset($_POST['dig']) and !empty($_POST['dig'])) {
include("search.php");
}
+ elseif (isset($_POST['addr']) and !empty($_POST['addr'])) {
+
+ echo "<title>Kartero - Contacts</title>";
+
+ echo "<style> .hide { display: none; } </style>";
+
+ echo "<div class=\"message\">";
+ echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\"><tr><td>";
+
+ echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">";
+
+ echo "<tr>";
+ echo "<td class=\"label\"><img src=\"images/mail-contacts.png\" border=\"0\" width=\"32\" height=\"32\" onclick=\"document.getElementById('list').className ='';document.getElementById('add').className='hide'\"></td>";
+ echo "<td class=\"label\"><img src=\"images/mail-contacts.png\" border=\"0\" width=\"32\" height=\"32\" onclick=\"document.getElementById('list').className ='hide';document.getElementById('add').className=''\"></td>";
+echo "</tr>";
+
+ echo "<tr><td class=\"label\">list</td><td class=\"label\">add</td></tr>";
+
+ echo "</table>";
+
+ echo "</td></tr></table>";
+ echo "</div>";
+
+ $addr_query = mysql_query("select * from contacts where id='{$_SESSION['logged_uid']}' order by lname, fname, email;");
+
+ if (($_POST['addr'] == "add") or (mysql_num_rows($addr_query) < 1)) {
+ echo "<div id=\"add\">";
+ }
+ else {
+ echo "<div id=\"add\" class=\"hide\">";
+ }
+
+ echo "<div class=\"spacer\"></div>";
+ echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"1\" width=\400\">";
+ echo "<form method=\"post\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" name=\"addr\" value=\"add\">";
+
+ echo "<tr><td><input class=\"input\" type=\"text\" name=\"a_email\" maxlength=\"255\" autocomplete=\"off\" required autofocus></td><td>email address</td></tr>";
+ echo "<tr><td><input class=\"input\" type=\"text\" name=\"a_fname\" maxlength=\"64\" autocomplete=\"off\" required></td><td>first name</td></tr>";
+ echo "<tr><td><input class=\"input\" type=\"text\" name=\"a_lname\" maxlength=\"64\" autocomplete=\"off\" required></td><td>last name</td></tr>";
+ echo "<tr><td><input type=\"file\" name=\"a_photo\"></td><td>optional photo</td></tr>";
+ echo "<tr><td><input class=\"button\" type=\"submit\" value=\"add contact\"></td><td></td></tr>";
+
+ echo "</form>";
+ echo "</table>";
+ echo "</div>";
+
+ if ($_POST['addr'] == "list") {
+ echo "<div id=\"list\">";
+ }
+ else {
+ echo "<div id=\"list\" class=\"hide\">";
+ }
+
+ if (mysql_num_rows($addr_query) > 0) {
+
+ echo "<div class=\"spacer\"></div>";
+ echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"2\" bgcolor=\"#cccccc\">";
+
+ while ($addr_row = mysql_fetch_array($addr_query)) {
+
+ if ($bgColor == "#ffffff") {
+ $bgColor = "#fdfdfd";
+ }
+ else {
+ $bgColor = "#ffffff";
+ }
+
+ echo "<form method=\"post\">";
+ echo "<input type=\"hidden\" name=\"addr\" value=\"list\">";
+ echo "<input type=\"hidden\" name=\"a_del\" value=\"{$addr_row[email]}\">";
+ echo "<tr bgcolor=\"$bgColor\">";
+ echo "<td valign=\"bottom\" width=\"24\"><input type=\"image\" src=\"images/sieve-del.png\"></td>";
+ echo "<td>{$addr_row[fname]} {$addr_row[lname]}</td><td>{$addr_row[email]}</td>";
+ echo "</tr>";
+ echo "</form>";
+ }
+
+ echo "</table>";
+ echo "</div>";
+
+ unset($bgColor);
+ }
+ }
elseif (isset($_POST['set']) and !empty($_POST['set'])) {
echo "<title>Kartero - Settings</title>";
@@ -1011,7 +1203,7 @@ if (isset($_SESSION['logged_uid'])) {
echo "<style> .hide { display: none; } </style>";
echo "<div class=\"message\">";
- echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"800\"><tr><td>";
+ echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\"><tr><td>";
echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">";
diff --git a/post.php b/post.php
index 0fc1ffc..e1279da 100644
--- a/post.php
+++ b/post.php
@@ -8,14 +8,14 @@ if (!isset($_SESSION['logged_uid']) or !isset($_SESSION['logged_lvl']) or !isset
if (isset($_POST['new']) and !empty($_POST['new']) and is_numeric($_POST['new'])) {
- $reply_from = "\"$usr_name\" <{$_SESSION['logged_uid']}>";
+ $reply_from = "$usr_name <{$_SESSION['logged_uid']}>";
$reply_from = htmlentities($reply_from,ENT_QUOTES);
$post_alias_query = mysql_query("select domains.id, aliases.id from aliases, domains where aliases.alias='{$_SESSION['logged_uid']}' and aliases.mode='1' and aliases.domain=domains.id and domains.mode='1' order by aliases.domain, aliases.id");
echo "<title>Kartero - Compose - {$_SESSION['logged_uid']}</title>";
- echo "<table border=\"0\" cellspacing=\"0\" callpadding=\"0\" width=\"800\"><tr><td valign=\"top\">";
+ echo "<table border=\"0\" cellspacing=\"0\" callpadding=\"0\" width=\"100%\"><tr><td valign=\"top\">";
echo "<table border=\"0\" cellspacing=\"2\" cellpadding=\"0\" width=\"100%\">";
@@ -29,7 +29,7 @@ if (isset($_POST['new']) and !empty($_POST['new']) and is_numeric($_POST['new'])
echo "<option>$reply_from</option>";
while ($row = mysql_fetch_assoc($post_alias_query)) {
- echo "<option>\"$usr_name\" <$row[id]></option>";
+ echo "<option>$usr_name <$row[id]></option>";
}
echo "</select>";
diff --git a/read.php b/read.php
index ca2c68f..b821546 100644
--- a/read.php
+++ b/read.php
@@ -74,7 +74,7 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
echo "<title>Kartero - $folder - $header_subject</title>";
- echo "<table border=\"0\" cellspacing=\"0\" callpadding=\"0\" width=\"800\"><tr><td valign=\"top\">";
+ echo "<table border=\"0\" cellspacing=\"0\" callpadding=\"0\" width=\"100%\"><tr><td valign=\"top\">";
echo "<div class=\"message\">";
@@ -101,7 +101,9 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
$filePicSize = getimagesize($filePic);
if (($filePicSize[0] > 0) and ($filePicSize[1] > 0)) {
- echo "<img src=\"$filePic\" border=\"0\" width=\"{$filePicSize[0]}\" height=\"{$filePicSize[1]}\" align=\"right\">";
+
+ //echo "<style> .apic { padding: 3px; background: #fff; -moz-box-shadow: 1px 1px 3px #222; -khtml-box-shadow: 1px 1px 3px #222; -webkit-box-shadow: 1px 1px 3px #222; box-shadow: 1px 1px 3px #222; } </style>";
+ echo "<img class=\"apic\" src=\"$filePic\" border=\"0\" width=\"{$filePicSize[0]}\" height=\"{$filePicSize[1]}\" align=\"right\">";
}
}
@@ -183,7 +185,7 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
echo "<input type=\"hidden\" name=\"imap_search_where\" value=\"{$_POST['imap_search_where']}\">";
}
- echo "<input type=\"image\" src=\"images/mail-forward.png\">";
+ echo "<input type=\"image\" src=\"images/mail-redirect.png\">";
echo "</td></form>";
echo "<td width=\"5\"></td>";
@@ -380,6 +382,9 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
$fileName = $attachment[filename];
}
+ $fileName = str_replace(" ", "_", $fileName);
+ $fileName = preg_replace("/[^a-zA-Z0-9.\-_]/u", "", $fileName);
+
if (!file_exists("$filePath/$fileName") and (mb_strlen($fileContent,"8bit") > 0)) {
file_put_contents("$filePath/$fileName",$fileContent);
}
diff --git a/search.php b/search.php
index 671054a..57a8e17 100644
--- a/search.php
+++ b/search.php
@@ -12,7 +12,7 @@ if (is_array($search_folders)) {
echo "<title>Kartero - Search $folder</title>";
- echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"800\"><tr>";
+ echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\"><tr>";
echo "<form method=\"post\">";
echo "<td><select class=\"input\" name=\"box\">";
diff --git a/send.php b/send.php
index b3edb0d..e4c50ff 100644
--- a/send.php
+++ b/send.php
@@ -33,7 +33,7 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
$reply_quote_rows = count($reply_quote_lines) + 1;
}
- $reply_from = "\"$usr_name\" <{$_SESSION['logged_uid']}>";
+ $reply_from = "$usr_name <{$_SESSION['logged_uid']}>";
$reply_to = $header->reply_toaddress;
@@ -81,6 +81,13 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
$reply_subject = htmlentities($reply_subject,ENT_QUOTES);
$reply_cc = htmlentities($reply_cc,ENT_QUOTES);
+ if ($folder == "Sent") {
+ $header_tos = extract_emails_from($header_fromaddress);
+ }
+ else {
+ $header_tos = extract_emails_from($header_toaddress);
+ }
+
$header_fetch = imap_fetchheader($mbox,$msgno,FT_UID);
$header_raw_lines = explode("\r\n",$header_fetch);
@@ -89,14 +96,25 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
if (strstr($header_raw_line,"X-Original-To:")) {
- $header_tos[] = str_replace("X-Original-To: ","",$header_raw_line);
- }
-/*
- if (strstr($header_raw_line,"Delivered-To:")) {
+ $header_x2 = str_replace("X-Original-To: ","",$header_raw_line);
+
+ if ($header_x2 != $_SESSION['logged_uid']) {
+ $header_tos[] = $header_x2;
+ }
- $header_tos[] = str_replace("Delivered-To: ","",$header_raw_line);
+ unset($header_x2);
}
-*/
+
+ if (strstr($header_raw_line,"Delivered-To:")) {
+
+ $header_d2 = str_replace("Delivered-To: ","",$header_raw_line);
+
+ if ($header_d2 != $_SESSION['logged_uid']) {
+ $header_tos[] = $header_d2;
+ }
+
+ unset($header_d2);
+ }
}
$header_tos = array_values(array_unique($header_tos));
@@ -105,7 +123,7 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
echo "<title>Kartero - $folder - $reply_subject</title>";
- echo "<table border=\"0\" cellspacing=\"0\" callpadding=\"0\" width=\"800\"><tr><td valign=\"top\">";
+ echo "<table border=\"0\" cellspacing=\"0\" callpadding=\"0\" width=\"100%\"><tr><td valign=\"top\">";
echo "<table border=\"0\" cellspacing=\"2\" cellpadding=\"0\" width=\"100%\">";
@@ -130,13 +148,14 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
while ($row = mysql_fetch_assoc($send_alias_query)) {
- echo "<option";
-
if ($row[id] == $header_tos[0]) {
- echo " selected";
+ echo "<option selected>";
+ }
+ else {
+ echo "<option>";
}
- echo ">\"$usr_name\" <$row[id]>";
+ echo "$usr_name <$row[id]>";
echo "</option>";
}