Viewing file:  page_header.php (15.11 KB) -rw-r--r--
Select action/file-type:
 (+) |  (+) |  (+) | Code (+) | Session (+) |  (+) | SDB (+) |  (+) |  (+) |  (+) |  (+) |  (+) |
<?php
/**
* page_header.php
*
* Prints the page header (duh)
*
* @copyright 1999-2010 The SquirrelMail Project Team
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
* @version $Id: page_header.php 13904 2010-02-13 16:28:10Z kink $
* @package squirrelmail
*/
/** Include required files from SM */
require_once(SM_PATH . 'functions/strings.php');
require_once(SM_PATH . 'functions/html.php');
require_once(SM_PATH . 'functions/imap_mailbox.php');
require_once(SM_PATH . 'functions/global.php');
/* Always set up the language before calling these functions */
function displayHtmlHeader( $title = 'SquirrelMail', $xtra = '', $do_hook = TRUE ) {
global $squirrelmail_language;
if ( !sqgetGlobalVar('base_uri', $base_uri, SQ_SESSION) ) {
global $base_uri;
}
global $theme_css, $custom_css, $pageheader_sent;
// prevent clickjack attempts
// FIXME: should we use DENY instead? We can also make this a configurable value, including giving the admin the option of removing this entirely in case they WANT to be framed by an external domain
header('X-Frame-Options: SAMEORIGIN');
echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">' .
"\n\n" . html_tag( 'html' ,'' , '', '', '' ) . "\n<head>\n" .
"<meta name=\"robots\" content=\"noindex,nofollow\">\n" .
"<meta http-equiv=\"x-dns-prefetch-control\" content=\"off\">\n";
// prevent clickjack attempts using JavaScript for browsers that
// don't support the X-Frame-Options header...
// we check to see if we are *not* the top page, and if not, check
// whether or not the top page is in the same domain as we are...
// if not, log out immediately -- this is an attempt to do the same
// thing that the X-Frame-Options does using JavaScript (never a good
// idea to rely on JavaScript-based solutions, though)
echo '<script type="text/javascript" language="JavaScript">'
. "\n<!--\n"
. 'if (self != top) { try { if (document.domain != top.document.domain) {'
. ' throw "Clickjacking security violation! Please log out immediately!"; /* this code should never execute - exception should already have been thrown since it\'s a security violation in this case to even try to access top.document.domain (but it\'s left here just to be extra safe) */ } } catch (e) { self.location = "'
. sqm_baseuri() . 'src/signout.php"; top.location = "'
. sqm_baseuri() . 'src/signout.php" } }'
. "\n// -->\n</script>\n";
if ( !isset( $custom_css ) || $custom_css == 'none' ) {
if ($theme_css != '') {
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"$theme_css\">";
}
} else {
echo '<link rel="stylesheet" type="text/css" href="' .
$base_uri . 'themes/css/'.$custom_css.'">';
}
if ($squirrelmail_language == 'ja_JP') {
// Why is it added here? Header ('Content-Type:..) is used in i18n.php
echo "<!-- \xfd\xfe -->\n";
echo '<meta http-equiv="Content-type" content="text/html; charset=euc-jp">' . "\n";
}
if ($do_hook) {
do_hook('generic_header');
}
echo "\n<title>$title</title>$xtra\n";
/* work around IE6's scrollbar bug */
echo <<<ECHO
<!--[if IE 6]>
<style type="text/css">
/* avoid stupid IE6 bug with frames and scrollbars */
body {
width: expression(document.documentElement.clientWidth - 30);
}
</style>
<![endif]-->
ECHO;
echo "\n</head>\n\n";
/* this is used to check elsewhere whether we should call this function */
$pageheader_sent = TRUE;
}
function makeInternalLink($path, $text, $target='') {
sqgetGlobalVar('base_uri', $base_uri, SQ_SESSION);
if ($target != '') {
$target = " target=\"$target\"";
}
return '<a href="'.$base_uri.$path.'"'.$target.'>'.$text.'</a>';
}
function displayInternalLink($path, $text, $target='') {
echo makeInternalLink($path, $text, $target);
}
function displayPageHeader($color, $mailbox, $xtra='', $session=false) {
global $hide_sm_attributions, $frame_top,
$compose_new_win, $compose_width, $compose_height,
$attachemessages, $provider_name, $provider_uri,
$javascript_on, $default_use_mdn, $mdn_user_support,
$startMessage, $org_title;
sqgetGlobalVar('base_uri', $base_uri, SQ_SESSION );
sqgetGlobalVar('delimiter', $delimiter, SQ_SESSION );
if (!isset($frame_top)) {
$frame_top = '_top';
}
if ($session) {
$compose_uri = $base_uri.'src/compose.php?mailbox='.urlencode($mailbox).'&session='."$session";
} else {
$compose_uri = $base_uri.'src/compose.php?newmessage=1';
$session = 0;
}
// only output JavaScript if actually turned on
if($javascript_on || strpos($xtra, 'new_js_autodetect_results.value') ) {
if ( !defined('PAGE_NAME') ) define('PAGE_NAME', NULL);
switch ( PAGE_NAME ) {
case 'read_body':
$js ='';
// compose in new window code
if ($compose_new_win == '1') {
if (!preg_match("/^[0-9]{3,4}$/", $compose_width)) {
$compose_width = '640';
}
if (!preg_match("/^[0-9]{3,4}$/", $compose_height)) {
$compose_height = '550';
}
$js .= "function comp_in_new(comp_uri) {\n".
" if (!comp_uri) {\n".
' comp_uri = "'.$compose_uri."\";\n".
' }'. "\n".
' var newwin = window.open(comp_uri' .
', "_blank",'.
'"width='.$compose_width. ',height='.$compose_height.
',scrollbars=yes,resizable=yes,status=yes");'."\n".
"}\n\n";
}
// javascript for sending read receipts
if($default_use_mdn && $mdn_user_support) {
$js .= "function sendMDN() {\n".
" mdnuri=window.location+'&sendreceipt=1';\n" .
" window.location = mdnuri;\n" .
"\n}\n\n";
}
// if any of the above passes, add the JS tags too.
if($js) {
$js = "\n".'<script language="JavaScript" type="text/javascript">' .
"\n<!--\n" . $js . "// -->\n</script>\n";
}
displayHtmlHeader($org_title, $js);
$onload = $xtra;
break;
case 'compose':
$js = '<script language="JavaScript" type="text/javascript">' .
"\n<!--\n" .
"var alreadyFocused = false;\n" .
"function checkForm() {\n" .
"\n if (alreadyFocused) return;\n";
global $action, $reply_focus;
if (strpos($action, 'reply') !== FALSE && $reply_focus)
{
if ($reply_focus == 'select') $js .= "document.forms['compose'].body.select();}\n";
else if ($reply_focus == 'focus') $js .= "document.forms['compose'].body.focus();}\n";
else if ($reply_focus == 'none') $js .= "}\n";
}
// no reply focus also applies to composing new messages
else if ($reply_focus == 'none')
{
$js .= "}\n";
}
else
$js .= " var f = document.forms.length;\n".
" var i = 0;\n".
" var pos = -1;\n".
" while( pos == -1 && i < f ) {\n".
" var e = document.forms[i].elements.length;\n".
" var j = 0;\n".
" while( pos == -1 && j < e ) {\n".
" if ( document.forms[i].elements[j].type == 'text' ) {\n".
" pos = j;\n".
" }\n".
" j++;\n".
" }\n".
" i++;\n".
" }\n".
" if( pos >= 0 ) {\n".
" document.forms[i-1].elements[pos].focus();\n".
" }\n".
"}\n";
$js .= "// -->\n".
"</script>\n";
$onload = 'onload="checkForm();"';
displayHtmlHeader($org_title, $js);
break;
default:
$js = '<script language="JavaScript" type="text/javascript">' .
"\n<!--\n" .
"function checkForm() {\n".
" var f = document.forms.length;\n".
" var i = 0;\n".
" var pos = -1;\n".
" while( pos == -1 && i < f ) {\n".
" var e = document.forms[i].elements.length;\n".
" var j = 0;\n".
" while( pos == -1 && j < e ) {\n".
" if ( document.forms[i].elements[j].type == 'text' " .
" || document.forms[i].elements[j].type == 'password' ) {\n".
" pos = j;\n".
" }\n".
" j++;\n".
" }\n".
" i++;\n".
" }\n".
" if( pos >= 0 ) {\n".
" document.forms[i-1].elements[pos].focus();\n".
" }\n".
" $xtra\n".
"}\n";
if ($compose_new_win == '1') {
if (!preg_match("/^[0-9]{3,4}$/", $compose_width)) {
$compose_width = '640';
}
if (!preg_match("/^[0-9]{3,4}$/", $compose_height)) {
$compose_height = '550';
}
$js .= "function comp_in_new(comp_uri) {\n".
" if (!comp_uri) {\n".
' comp_uri = "'.$compose_uri."\";\n".
' }'. "\n".
' var newwin = window.open(comp_uri' .
', "_blank",'.
'"width='.$compose_width. ',height='.$compose_height.
',scrollbars=yes,resizable=yes,status=yes");'."\n".
"}\n\n";
}
$js .= "// -->\n". "</script>\n";
$onload = 'onload="checkForm();"';
displayHtmlHeader($org_title, $js);
} // end switch module
} else {
// JavaScript off
displayHtmlHeader($org_title);
$onload = '';
}
echo "<body text=\"$color[8]\" bgcolor=\"$color[4]\" link=\"$color[7]\" vlink=\"$color[7]\" alink=\"$color[7]\" $onload>\n\n";
/** Here is the header and wrapping table **/
$shortBoxName = htmlspecialchars(imap_utf7_decode_local(
readShortMailboxName($mailbox, $delimiter)));
if ( $shortBoxName == 'INBOX' ) {
$shortBoxName = _("INBOX");
}
echo "<a name=\"pagetop\"></a>\n"
. html_tag( 'table', '', '', $color[4], 'border="0" width="100%" cellspacing="0" cellpadding="2"' ) ."\n"
. html_tag( 'tr', '', '', $color[9] ) ."\n"
. html_tag( 'td', '', 'left' ) ."\n";
if ( $shortBoxName <> '' && strtolower( $shortBoxName ) <> 'none' ) {
echo ' ' . _("Current Folder") . ": <b>$shortBoxName </b>\n";
} else {
echo ' ';
}
echo " </td>\n"
. html_tag( 'td', '', 'right' ) ."<b>\n";
displayInternalLink ('src/signout.php', _("Sign Out"), $frame_top);
echo "</b></td>\n"
. " </tr>\n"
. html_tag( 'tr', '', '', $color[4] ) ."\n"
. ($hide_sm_attributions ? html_tag( 'td', '', 'left', '', 'colspan="2"' )
: html_tag( 'td', '', 'left' ) )
. "\n";
$urlMailbox = urlencode($mailbox);
$startMessage = (int)$startMessage;
echo makeComposeLink('src/compose.php?mailbox='.$urlMailbox.'&startMessage='.$startMessage);
echo " \n";
displayInternalLink ('src/addressbook.php', _("Addresses"));
echo " \n";
displayInternalLink ('src/folders.php', _("Folders"));
echo " \n";
displayInternalLink ('src/options.php', _("Options"));
echo " \n";
displayInternalLink ("src/search.php?mailbox=$urlMailbox", _("Search"));
echo " \n";
displayInternalLink ('src/help.php', _("Help"));
echo " \n";
do_hook('menuline');
echo " </td>\n";
if (!$hide_sm_attributions)
{
echo html_tag( 'td', '', 'right' ) ."\n";
if (!isset($provider_uri)) $provider_uri= 'http://squirrelmail.org/';
if (!isset($provider_name)) $provider_name= 'SquirrelMail';
echo '<a href="'.$provider_uri.'" target="_blank">'.$provider_name.'</a>';
echo "</td>\n";
}
echo " </tr>\n".
"</table><br>\n\n";
}
/* blatently copied/truncated/modified from the above function */
function compose_Header($color, $mailbox) {
global $delimiter, $hide_sm_attributions, $base_uri,
$data_dir, $username, $frame_top, $compose_new_win;
if (!isset($frame_top)) {
$frame_top = '_top';
}
/*
Locate the first displayable form element
*/
if ( !defined('PAGE_NAME') ) define('PAGE_NAME', NULL);
switch ( PAGE_NAME ) {
case 'search':
$pos = getPref($data_dir, $username, 'search_pos', 0 ) - 1;
$onload = "onload=\"document.forms[$pos].elements[2].focus();\"";
displayHtmlHeader (_("Compose"));
break;
default:
$js = '<script language="JavaScript" type="text/javascript">' .
"\n<!--\n" .
"var alreadyFocused = false;\n" .
"function checkForm() {\n" .
"\n if (alreadyFocused) return;\n";
global $action, $reply_focus;
if (strpos($action, 'reply') !== FALSE && $reply_focus)
{
if ($reply_focus == 'select') $js .= "document.forms['compose'].body.select();}\n";
else if ($reply_focus == 'focus') $js .= "document.forms['compose'].body.focus();}\n";
else if ($reply_focus == 'none') $js .= "}\n";
}
// no reply focus also applies to composing new messages
else if ($reply_focus == 'none')
{
$js .= "}\n";
}
else
$js .= "var f = document.forms.length;\n".
"var i = 0;\n".
"var pos = -1;\n".
"while( pos == -1 && i < f ) {\n".
"var e = document.forms[i].elements.length;\n".
"var j = 0;\n".
"while( pos == -1 && j < e ) {\n".
"if ( document.forms[i].elements[j].type == 'text' ) {\n".
"pos = j;\n".
"}\n".
"j++;\n".
"}\n".
"i++;\n".
"}\n".
"if( pos >= 0 ) {\n".
"document.forms[i-1].elements[pos].focus();\n".
"}\n".
"}\n";
$js .= "// -->\n".
"</script>\n";
$onload = 'onload="checkForm();"';
displayHtmlHeader (_("Compose"), $js);
break;
}
echo "<body text=\"$color[8]\" bgcolor=\"$color[4]\" link=\"$color[7]\" vlink=\"$color[7]\" alink=\"$color[7]\" $onload>\n\n";
}
|