Source for file page_header.php

Documentation is available at page_header.php

  1. <?php
  2.  
  3. /**
  4.  * page_header.php
  5.  *
  6.  * Prints the page header (duh)
  7.  *
  8.  * @copyright 1999-2020 The SquirrelMail Project Team
  9.  * @license http://opensource.org/licenses/gpl-license.php GNU Public License
  10.  * @version $Id: page_header.php 14840 2020-01-07 07:42:38Z pdontthink $
  11.  * @package squirrelmail
  12.  */
  13.  
  14. /** Include required files from SM */
  15. require_once(SM_PATH 'functions/strings.php');
  16. require_once(SM_PATH 'functions/html.php');
  17. require_once(SM_PATH 'functions/imap_mailbox.php');
  18. require_once(SM_PATH 'functions/global.php');
  19.  
  20. /* Always set up the language before calling these functions */
  21. /**
  22.  * @param string $title This is placed directly in the HTML <title> tag,
  23.  *                       so should be sanitized and ready to go
  24.  * @param boolean $xtra_param Any additional HTML code that should be
  25.  *                             included in the <head> tag - this is also
  26.  *                             sent to the browser as-is, so should be pre-
  27.  *                             sanitized
  28.  * @param boolean $do_hook When TRUE, the "generic_header" hook is fired
  29.  *                          herein.
  30.  * @param array $script_libs_param A list of strings which each point to
  31.  *                                  a script to be added to the <head> of
  32.  *                                  the page being built. Each string can
  33.  *                                  be:
  34.  *                                   - One of the pre-defined SM_SCRIPT_LIB_XXX
  35.  *                                     constants (see functions/constants.php)
  36.  *                                     that correspond to libraries that come
  37.  *                                     with SquirrelMail
  38.  *                                   - A path to a custom script (say, in a
  39.  *                                     plugin directory) (detected by the
  40.  *                                     existence of at least one path separator
  41.  *                                     in the string) - the script is assumed
  42.  *                                     to be and is included as JavaScript
  43.  *                                   - A full tag ("<script>", "<style>" or
  44.  *                                     other) that will be placed verbatim in
  45.  *                                     the page header (detected by the presence
  46.  *                                     of a "<" character at the beginning of
  47.  *                                     the string). NOTE that $xtra provides the
  48.  *                                     same function, without needing the string
  49.  *                                     to start with "<"
  50.  */
  51. function displayHtmlHeader($title='SquirrelMail'$xtra_param=''$do_hook=TRUE$script_libs_param=array()) {
  52.     global $squirrelmail_language$xtra$script_libs;
  53.  
  54.     // $script_libs and $xtra are globalized to allow plugins to
  55.     // modify them on the generic_header hook, but we also want to
  56.     // respect the values passed in from the function args, thus:
  57.     $xtra $xtra_param;
  58.     $script_libs $script_libs_param;
  59.     if (!is_array($script_libs))
  60.         $script_libs array($script_libs);
  61.  
  62.     if !sqgetGlobalVar('base_uri'$base_uriSQ_SESSION) ) {
  63.         global $base_uri;
  64.     }
  65.     global $theme_css$custom_css$pageheader_sent$browser_rendering_mode$head_tag_extra;
  66.  
  67.     // prevent clickjack attempts
  68. // FIXME: should we use DENY instead?  We can also make this a configurable value, including giving the admin the option of removing this entirely in case they WANT to be framed by an external domain
  69.     header('X-Frame-Options: SAMEORIGIN');
  70.  
  71.     echo ($browser_rendering_mode === 'standards'
  72.        ? '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">'
  73.        : ($browser_rendering_mode === 'almost'
  74.          ? '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">'
  75.          : /* "quirks" */ '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">')) .
  76.          "\n\n" html_tag'html' ,'' '''''' "\n<head>\n" .
  77.          "<meta name=\"robots\" content=\"noindex,nofollow\">\n" .
  78.          "<meta http-equiv=\"x-dns-prefetch-control\" content=\"off\">\n"
  79.  
  80.     // For adding a favicon or anything else that should be inserted in *ALL* <head> for *ALL* documents,
  81.     // define $head_tag_extra in config/config_local.php
  82.     // The string "###SM BASEURI###" will be replaced with the base URI for this SquirrelMail installation.
  83.     // When not defined, a default is provided that displays the default favicon.ico.
  84.     // If you override this and still want to use the default favicon.ico, you'll have to include the following
  85.     // following in your $head_tag_extra string:
  86.     // $head_tag_extra = '<link rel="shortcut icon" href="###SM BASEURI###favicon.ico" />...<YOUR CONTENT HERE>...';
  87.     //
  88.        . (empty($head_tag_extra'<link rel="shortcut icon" href="' sqm_baseuri('favicon.ico" />'
  89.        : str_replace('###SM BASEURI###'sqm_baseuri()$head_tag_extra))
  90.  
  91.     // prevent clickjack attempts using JavaScript for browsers that
  92.     // don't support the X-Frame-Options header...
  93.     // we check to see if we are *not* the top page, and if not, check
  94.     // whether or not the top page is in the same domain as we are...
  95.     // if not, log out immediately -- this is an attempt to do the same
  96.     // thing that the X-Frame-Options does using JavaScript (never a good
  97.     // idea to rely on JavaScript-based solutions, though)
  98.        . '<script type="text/javascript" language="JavaScript">'
  99.        . "\n<!--\n"
  100.        . 'if (self != top) { try { if (document.domain != top.document.domain) {'
  101.        . ' throw "Clickjacking security violation! Please log out immediately!"; /* this code should never execute - exception should already have been thrown since it\'s a security violation in this case to even try to access top.document.domain (but it\'s left here just to be extra safe) */ } } catch (e) { self.location = "'
  102.        . sqm_baseuri('src/signout.php"; top.location = "'
  103.        . sqm_baseuri('src/signout.php" } }'
  104.        . "\n// -->\n</script>\n";
  105.  
  106.     if !isset$custom_css || $custom_css == 'none' {
  107.         if ($theme_css != ''{
  108.             echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"$theme_css\">";
  109.         }
  110.     else {
  111.         echo '<link rel="stylesheet" type="text/css" href="' .
  112.              $base_uri 'themes/css/'.$custom_css.'">';
  113.     }
  114.  
  115.     if ($squirrelmail_language == 'ja_JP'{
  116.         // Why is it added here? Header ('Content-Type:..) is used in i18n.php
  117.         echo "<!-- \xfd\xfe -->\n";
  118.         echo '<meta http-equiv="Content-type" content="text/html; charset=euc-jp">' "\n";
  119.     }
  120.  
  121.     if ($do_hook{
  122.         do_hook('generic_header');
  123.     }
  124.  
  125.     echo "\n<title>$title</title>$xtra\n";
  126.  
  127.     // output <script> tags as needed (use array_unique so
  128.     // more than one plugin can ask for the same library)
  129.     // 
  130.     // usage of $script_libs is discussed in the docs for this function above
  131.     // 
  132.     foreach (array_unique($script_libsas $item{
  133.         if ($item{0=== '<')
  134.             echo $item "\n";
  135.         else if (strpos($item'/'!== FALSE || strpos($item'\\'!== FALSE)
  136.             echo '<script language="JavaScript" type="text/javascript" src="' $item '"></script>' "\n";
  137.         else
  138.             echo '<script language="JavaScript" type="text/javascript" src="' $base_uri 'scripts/' $item '"></script>' "\n";
  139.     }
  140.  
  141.     /* work around IE6's scrollbar bug */
  142.     echo <<<ECHO
  143. <!--[if IE 6]>
  144. <style type="text/css">
  145. /* avoid stupid IE6 bug with frames and scrollbars */
  146. body {
  147.     width: expression(document.documentElement.clientWidth - 30);
  148. }
  149. </style>
  150. <![endif]-->
  151.  
  152. ECHO;
  153.  
  154.     echo "\n</head>\n\n";
  155.  
  156.     /* this is used to check elsewhere whether we should call this function */
  157.     $pageheader_sent TRUE;
  158. }
  159.  
  160. function makeInternalLink($path$text$target=''{
  161.     sqgetGlobalVar('base_uri'$base_uriSQ_SESSION);
  162.     if ($target != ''{
  163.         $target " target=\"$target\"";
  164.     }
  165.     return '<a href="'.$base_uri.$path.'"'.$target.'>'.$text.'</a>';
  166. }
  167.  
  168. function displayInternalLink($path$text$target=''{
  169.     echo makeInternalLink($path$text$target);
  170. }
  171.  
  172. function displayPageHeader($color$mailbox$xtra=''$session=false{
  173.  
  174.            $compose_new_win$compose_width$compose_height,
  175.            $attachemessages$provider_name$provider_uri,
  176.            $javascript_on$default_use_mdn$mdn_user_support,
  177.            $startMessage$org_title;
  178.  
  179.     sqgetGlobalVar('base_uri'$base_uriSQ_SESSION );
  180.     sqgetGlobalVar('delimiter'$delimiterSQ_SESSION );
  181.     if (!isset($frame_top)) {
  182.         $frame_top '_top';
  183.     }
  184.  
  185.     if ($session{
  186.         $compose_uri $base_uri.'src/compose.php?mailbox='.urlencode($mailbox).'&amp;session='."$session";
  187.     else {
  188.         $compose_uri $base_uri.'src/compose.php?newmessage=1';
  189.         $session 0;
  190.     }
  191.  
  192.     // only output JavaScript if actually turned on
  193.     if($javascript_on || strpos($xtra'new_js_autodetect_results.value') ) {
  194.         if !defined('PAGE_NAME') ) define('PAGE_NAME'NULL);
  195.         switch PAGE_NAME {
  196.         case 'read_body':
  197.             $js ='';
  198.  
  199.             // compose in new window code
  200.             if ($compose_new_win == '1'{
  201.                 if (!preg_match("/^[0-9]{3,4}$/"$compose_width)) {
  202.                     $compose_width '640';
  203.                 }
  204.                 if (!preg_match("/^[0-9]{3,4}$/"$compose_height)) {
  205.                     $compose_height '550';
  206.                 }
  207.                 $js .= "function comp_in_new(comp_uri) {\n".
  208.                      "       if (!comp_uri) {\n".
  209.                      '           comp_uri = "'.$compose_uri."\";\n".
  210.                      '       }'"\n".
  211.                      '    var newwin = window.open(comp_uri' .
  212.                      ', "_blank",'.
  213.                      '"width='.$compose_width',height='.$compose_height.
  214.                      ',scrollbars=yes,resizable=yes,status=yes");'."\n".
  215.                      "}\n\n";
  216.             }
  217.  
  218.             // javascript for sending read receipts
  219.             if($default_use_mdn && $mdn_user_support{
  220.                 $js .= "function sendMDN() {\n".
  221.                          "    mdnuri=window.location+'&sendreceipt=1';\n" .
  222.                          "    window.location = mdnuri;\n" .
  223.                        "\n}\n\n";
  224.             }
  225.  
  226.             // if any of the above passes, add the JS tags too.
  227.             if($js{
  228.                 $js "\n".'<script language="JavaScript" type="text/javascript">' .
  229.                       "\n<!--\n" $js "// -->\n</script>\n";
  230.             }
  231.  
  232.             displayHtmlHeader($org_title$js);
  233.             $onload $xtra;
  234.           break;
  235.         case 'compose':
  236.             $js '<script language="JavaScript" type="text/javascript">' .
  237.              "\n<!--\n" .
  238.              "var alreadyFocused = false;\n" .
  239.              "function cursorToTop(element) {\n" .
  240.              "    if (typeof element.selectionStart == 'number')\n" .
  241.              // also works:
  242.              // "        element.setSelectionRange(0, 0);\n" .
  243.              "        element.selectionStart = element.selectionEnd = 0;\n" .
  244.              "    else if (typeof element.createTextRange != 'undefined') {\n" .
  245.              "        var selectionRange = element.createTextRange();\n" .
  246.              // also works, but maybe more recent?:
  247.              // "        selectionRange.collapse(true);\n" .
  248.              "        selectionRange.moveStart('character', 0);\n" .
  249.              "        selectionRange.select();\n" .
  250.              "    }\n" .
  251.              "}\n" .
  252.              "function checkForm() {\n" .
  253.              "\n    if (alreadyFocused) return;\n";
  254.  
  255.             global $action$reply_focus;
  256.             if (strpos($action'reply'!== FALSE && $reply_focus)
  257.             {
  258.                 if ($reply_focus == 'select'$js .= "document.forms['compose'].body.select();}\n";
  259.                 else if ($reply_focus == 'focus'$js .= "document.forms['compose'].body.focus(); cursorToTop(document.forms['compose'].body);}\n";
  260.                 else if ($reply_focus == 'none'$js .= "}\n";
  261.             }
  262.             // no reply focus also applies to composing new messages
  263.             else if ($reply_focus == 'none')
  264.             {
  265.                 $js .= "}\n";
  266.             }
  267.             else
  268.                 $js .= "    var f = document.forms.length;\n".
  269.                 "    var i = 0;\n".
  270.                 "    var remembered_form = -1;\n".
  271.                 "    var pos = -1;\n".
  272.                 "    var remembered_pos = -1;\n".
  273.                 "    while( pos == -1 && i < f ) {\n".
  274.                 "        var e = document.forms[i].elements.length;\n".
  275.                 "        var j = 0;\n".
  276.                 "        while( pos == -1 && j < e ) {\n".
  277.                 "            if ( document.forms[i].elements[j].type == 'text' ) {\n".
  278.                 "                if ( document.forms[i].elements[j].id.substring(0, 13) == '__lastfocus__' ) {\n".
  279.                 "                    remembered_pos = j;\n".
  280.                 "                    remembered_form = i;\n".
  281.                 "                } else if ( document.forms[i].elements[j].id.substring(0, 11) != '__nofocus__' ) {\n".
  282.                 "                    pos = j;\n".
  283.                 "                }\n".
  284.                 "            }\n".
  285.                 "            j++;\n".
  286.                 "        }\n".
  287.                 "        i++;\n".
  288.                 "    }\n".
  289.                 "    if( pos >= 0 ) {\n".
  290.                 "        document.forms[i-1].elements[pos].focus();\n".
  291.                 "    } else if ( remembered_pos >= 0 ) {\n".
  292.                 "        document.forms[remembered_form].elements[remembered_pos].focus();\n".
  293.                 "    }\n".
  294.                 "}\n";
  295.  
  296.             $js .= "// -->\n".
  297.                  "</script>\n";
  298.             $onload 'onload="checkForm();"';
  299.             displayHtmlHeader($org_title$js);
  300.             break;
  301.  
  302.         default:
  303.             $js '<script language="JavaScript" type="text/javascript">' .
  304.              "\n<!--\n" .
  305.              "var alreadyFocused = false;\n" .
  306.              "function checkForm() {\n".
  307.              "   if (alreadyFocused) return;\n".
  308.              "   var f = document.forms.length;\n".
  309.              "   var i = 0;\n".
  310.              "   var remembered_form = -1;\n".
  311.              "   var pos = -1;\n".
  312.              "   var remembered_pos = -1;\n".
  313.              "   while( pos == -1 && i < f ) {\n".
  314.              "       var e = document.forms[i].elements.length;\n".
  315.              "       var j = 0;\n".
  316.              "       while( pos == -1 && j < e ) {\n".
  317.              "           if ( document.forms[i].elements[j].type == 'text' " .
  318.              "            || document.forms[i].elements[j].type == 'password' ) {\n".
  319.              "               if ( document.forms[i].elements[j].id.substring(0, 13) == '__lastfocus__' ) {\n".
  320.              "                   remembered_pos = j;\n".
  321.              "                   remembered_form = i;\n".
  322.              "               } else if ( document.forms[i].elements[j].id.substring(0, 11) != '__nofocus__' ) {\n".
  323.              "                   pos = j;\n".
  324.              "               }\n".
  325.              "           }\n".
  326.              "           j++;\n".
  327.              "       }\n".
  328.              "       i++;\n".
  329.              "   }\n".
  330.              "   if( pos >= 0 ) {\n".
  331.              "       document.forms[i-1].elements[pos].focus();\n".
  332.              "   } else if ( remembered_pos >= 0 ) {\n".
  333.              "       document.forms[remembered_form].elements[remembered_pos].focus();\n".
  334.              "   }\n".
  335.              "   $xtra\n".
  336.              "}\n";
  337.  
  338.             if ($compose_new_win == '1'{
  339.                 if (!preg_match("/^[0-9]{3,4}$/"$compose_width)) {
  340.                     $compose_width '640';
  341.                 }
  342.                 if (!preg_match("/^[0-9]{3,4}$/"$compose_height)) {
  343.                     $compose_height '550';
  344.                 }
  345.                 $js .= "function comp_in_new(comp_uri) {\n".
  346.                      "       if (!comp_uri) {\n".
  347.                      '           comp_uri = "'.$compose_uri."\";\n".
  348.                      '       }'"\n".
  349.                      '    var newwin = window.open(comp_uri' .
  350.                      ', "_blank",'.
  351.                      '"width='.$compose_width',height='.$compose_height.
  352.                      ',scrollbars=yes,resizable=yes,status=yes");'."\n".
  353.                      "}\n\n";
  354.  
  355.             }
  356.         $js .= "// -->\n""</script>\n";
  357.  
  358.  
  359.         $onload 'onload="checkForm();"';
  360.         displayHtmlHeader($org_title$js);
  361.       // end switch module
  362.     else {
  363.         // JavaScript off
  364.         displayHtmlHeader($org_title);
  365.         $onload '';
  366.     }
  367.  
  368.     echo "<body text=\"$color[8]\" bgcolor=\"$color[4]\" link=\"$color[7]\" vlink=\"$color[7]\" alink=\"$color[7]\" $onload>\n\n";
  369.     /** Here is the header and wrapping table **/
  370.                       readShortMailboxName($mailbox$delimiter)));
  371.     if $shortBoxName == 'INBOX' {
  372.         $shortBoxName _("INBOX");
  373.     }
  374.     echo "<a name=\"pagetop\"></a>\n"
  375.         . html_tag'table'''''$color[4]'border="0" width="100%" cellspacing="0" cellpadding="2"' ."\n"
  376.         . html_tag'tr'''''$color[9."\n"
  377.         . html_tag'td''''left' ."\n";
  378.     if $shortBoxName <> '' && strtolower$shortBoxName <> 'none' {
  379.         echo '         ' _("Current Folder"": <b>$shortBoxName&nbsp;</b>\n";
  380.     else {
  381.         echo '&nbsp;';
  382.     }
  383.     echo  "      </td>\n"
  384.         . html_tag'td''''right' ."<b>\n";
  385.     displayInternalLink ('src/signout.php'_("Sign Out")$frame_top);
  386.     echo "</b></td>\n"
  387.         . "   </tr>\n"
  388.         . html_tag'tr'''''$color[4."\n"
  389.         . ($hide_sm_attributions html_tag'td''''left''''colspan="2"' )
  390.                                  : html_tag'td''''left' ) )
  391.         . "\n";
  392.     $urlMailbox urlencode($mailbox);
  393.     $startMessage = (int)$startMessage;
  394.     echo makeComposeLink('src/compose.php?mailbox='.$urlMailbox.'&amp;startMessage='.$startMessage);
  395.     echo "&nbsp;&nbsp;\n";
  396.     displayInternalLink ('src/addressbook.php'_("Addresses"));
  397.     echo "&nbsp;&nbsp;\n";
  398.     displayInternalLink ('src/folders.php'_("Folders"));
  399.     echo "&nbsp;&nbsp;\n";
  400.     displayInternalLink ('src/options.php'_("Options"));
  401.     echo "&nbsp;&nbsp;\n";
  402.     displayInternalLink ("src/search.php?mailbox=$urlMailbox&amp;what="_("Search"));
  403.     echo "&nbsp;&nbsp;\n";
  404.     displayInternalLink ('src/help.php'_("Help"));
  405.     echo "&nbsp;&nbsp;\n";
  406.  
  407.     do_hook('menuline');
  408.  
  409.     echo "      </td>\n";
  410.  
  411.     if (!$hide_sm_attributions)
  412.     {
  413.         echo html_tag'td''''right' ."\n";
  414.         if (!isset($provider_uri)) $provider_uri'http://squirrelmail.org/';
  415.         if (!isset($provider_name)) $provider_name'SquirrelMail';
  416.         echo '<a href="'.$provider_uri.'" target="_blank">'.$provider_name.'</a>';
  417.         echo "</td>\n";
  418.     }
  419.     echo "   </tr>\n".
  420.         "</table><br>\n\n";
  421. }
  422.  
  423. /* blatently copied/truncated/modified from the above function */
  424. function compose_Header($color$mailbox{
  425.  
  426.     global $delimiter$hide_sm_attributions$base_uri,
  427.            $data_dir$username$frame_top$compose_new_win;
  428.  
  429.  
  430.     if (!isset($frame_top)) {
  431.         $frame_top '_top';
  432.     }
  433.  
  434.     /*
  435.         Locate the first displayable form element
  436.     */
  437.     if !defined('PAGE_NAME') ) define('PAGE_NAME'NULL);
  438.     switch PAGE_NAME {
  439.     case 'search':
  440.         $pos getPref($data_dir$username'search_pos'1;
  441.         $onload "onload=\"document.forms[$pos].elements[2].focus();\"";
  442.         displayHtmlHeader (_("Compose"));
  443.         break;
  444.     default:
  445.         $js '<script language="JavaScript" type="text/javascript">' .
  446.              "\n<!--\n" .
  447.              "var alreadyFocused = false;\n" .
  448.              "function checkForm() {\n" .
  449.              "\n    if (alreadyFocused) return;\n";
  450.  
  451.             global $action$reply_focus;
  452.             if (strpos($action'reply'!== FALSE && $reply_focus)
  453.             {
  454.                 if ($reply_focus == 'select'$js .= "document.forms['compose'].body.select();}\n";
  455.                 else if ($reply_focus == 'focus'$js .= "document.forms['compose'].body.focus();}\n";
  456.                 else if ($reply_focus == 'none'$js .= "}\n";
  457.             }
  458.             // no reply focus also applies to composing new messages
  459.             else if ($reply_focus == 'none')
  460.             {
  461.                 $js .= "}\n";
  462.             }
  463.             else
  464.                 $js .= "var f = document.forms.length;\n".
  465.                 "var i = 0;\n".
  466.                 "var remembered_form = -1;\n".
  467.                 "var pos = -1;\n".
  468.                 "var remembered_pos = -1;\n".
  469.                 "while( pos == -1 && i < f ) {\n".
  470.                     "var e = document.forms[i].elements.length;\n".
  471.                     "var j = 0;\n".
  472.                     "while( pos == -1 && j < e ) {\n".
  473.                         "if ( document.forms[i].elements[j].type == 'text' ) {\n".
  474.                             "if ( document.forms[i].elements[j].id.substring(0, 13) == '__lastfocus__' ) {\n".
  475.                                 "remembered_pos = j;\n".
  476.                                 "remembered_form = i;\n".
  477.                             "} else if ( document.forms[i].elements[j].id.substring(0, 11) != '__nofocus__' ) {\n".
  478.                                 "pos = j;\n".
  479.                             "}\n".
  480.                         "}\n".
  481.                         "j++;\n".
  482.                     "}\n".
  483.                 "i++;\n".
  484.                 "}\n".
  485.                 "if( pos >= 0 ) {\n".
  486.                     "document.forms[i-1].elements[pos].focus();\n".
  487.                 "} else if ( remembered_pos >= 0 ) {\n".
  488.                     "document.forms[remembered_form].elements[remembered_pos].focus();\n".
  489.                 "}\n".
  490.             "}\n";
  491.         $js .= "// -->\n".
  492.                  "</script>\n";
  493.         $onload 'onload="checkForm();"';
  494.         displayHtmlHeader (_("Compose")$js);
  495.         break;
  496.  
  497.     }
  498.  
  499.     echo "<body text=\"$color[8]\" bgcolor=\"$color[4]\" link=\"$color[7]\" vlink=\"$color[7]\" alink=\"$color[7]\" $onload>\n\n";
  500. }

Documentation generated on Mon, 13 Jan 2020 04:25:09 +0100 by phpDocumentor 1.4.3