1<?php
2   /**
3    **  spamcop.php -- SpamCop plugin
4    **
5    **  Copyright (c) 1999-2021 The SquirrelMail Project Team
6    **  Licensed under the GNU GPL. For full terms see the file COPYING.
7    **
8    **  $Id: spamcop.php 14885 2021-02-05 19:19:32Z pdontthink $
9    **/
10
11define('SM_PATH','../../');
12
13 /* SquirrelMail required files. */
14require_once(SM_PATH . 'include/validate.php');
15require_once(SM_PATH . 'functions/imap.php');
16
17function getMessage_RFC822_Attachment($message, $composeMessage, $passed_id,
18                                      $passed_ent_id='', $imapConnection) {
19    global $attachments, $attachment_dir, $username, $data_dir, $uid_support;
20
21    $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
22    $localfilename = GenerateRandomString(32, 'FILE', 7);
23
24    if (!$passed_ent_id) {
25        $body_a = sqimap_run_command($imapConnection,
26                                    'FETCH '.$passed_id.' RFC822',
27                                    TRUE, $response, $readmessage,
28                                    $uid_support);
29    } else {
30        $body_a = sqimap_run_command($imapConnection,
31                                     'FETCH '.$passed_id.' BODY['.$passed_ent_id.']',
32                                     TRUE, $response, $readmessage, $uid_support);
33        $message = $message->parent;
34    }
35    if ($response == 'OK') {
36        $subject = encodeHeader($message->rfc822_header->subject);
37        array_shift($body_a);
38        $body = implode('', $body_a) . "\r\n";
39
40        $full_localfilename = "$hashed_attachment_dir/$localfilename";
41        $fp = fopen( $full_localfilename, 'w');
42        fwrite ($fp, $body);
43        fclose($fp);
44
45        $composeMessage->initAttachment('message/rfc822','email.txt', $localfilename);
46    }
47    return $composeMessage;
48}
49
50
51/* GLOBALS */
52
53sqgetGlobalVar('username', $username, SQ_SESSION);
54sqgetGlobalVar('key',      $key,      SQ_COOKIE);
55sqgetGlobalVar('onetimepad', $onetimepad, SQ_SESSION);
56
57sqgetGlobalVar('mailbox', $mailbox, SQ_GET);
58sqgetGlobalVar('passed_id', $passed_id, SQ_GET);
59
60if (! sqgetGlobalVar('startMessage', $startMessage, SQ_GET) ) {
61    $startMessage = 1;
62}
63if (! sqgetGlobalVar('passed_ent_id', $passed_ent_id, SQ_GET) ) {
64    $passed_ent_id = 0;
65}
66
67sqgetGlobalVar('compose_messages', $compose_messages, SQ_SESSION);
68
69if(! sqgetGlobalVar('composesession', $composesession, SQ_SESSION) ) {
70    $composesession = 0;
71    sqsession_register($composesession, 'composesession');
72}
73global $imap_stream_options; // in case not defined in config
74/* END GLOBALS */
75
76
77    displayPageHeader($color, $mailbox);
78
79    $imap_stream = sqimap_login($username, $key, $imapServerAddress,
80       $imapPort, 0, $imap_stream_options);
81    sqimap_mailbox_select($imap_stream, $mailbox);
82
83    if ($spamcop_method == 'quick_email' ||
84        $spamcop_method == 'thorough_email') {
85       // Use email-based reporting -- save as an attachment
86       $session = "$composesession"+1;
87       $composesession = $session;
88       sqsession_register($composesession,'composesession');
89       if (!isset($compose_messages)) {
90          $compose_messages = array();
91       }
92       if (!isset($compose_messages[$session]) || ($compose_messages[$session] == NULL)) {
93          $composeMessage = new Message();
94          $rfc822_header = new Rfc822Header();
95          $composeMessage->rfc822_header = $rfc822_header;
96          $composeMessage->reply_rfc822_header = '';
97          $compose_messages[$session] = $composeMessage;
98          sqsession_register($compose_messages,'compose_messages');
99       } else {
100          $composeMessage=$compose_messages[$session];
101       }
102
103
104        $message = sqimap_get_message($imap_stream, $passed_id, $mailbox);
105        $composeMessage = getMessage_RFC822_Attachment($message, $composeMessage, $passed_id,
106                                      $passed_ent_id, $imap_stream);
107
108        $compose_messages[$session] = $composeMessage;
109        sqsession_register($compose_messages, 'compose_messages');
110
111        $fn = getPref($data_dir, $username, 'full_name');
112        $em = getPref($data_dir, $username, 'email_address');
113
114        $HowItLooks = $fn . ' ';
115        if ($em != '')
116            $HowItLooks .= '<' . $em . '>';
117     }
118
119
120echo "<p>";
121echo _("Sending this spam report will give you back a reply with URLs that you can click on to properly report this spam message to the proper authorities. This is a free service. By pressing the \"Send Spam Report\" button, you agree to follow SpamCop's rules/terms of service/etc.");
122echo "</p>";
123
124?>
125
126<table align="center" width="75%" border="0" cellpadding="0" cellspacing="0">
127<tr>
128<td align="left" valign="top">
129<?php if (isset($js_web) && $js_web) {
130  echo "<form method=\"post\" action=\"javascript:return false\">\n";
131  echo '<input type="button" value="' . _("Close Window") . "\" onClick=\"window.close(); return true;\" />\n";
132} else {
133   ?><form method="post" action="<?php echo sqm_baseuri(); ?>src/right_main.php">
134  <input type="hidden" name="mailbox" value="<?php echo sm_encode_html_special_chars($mailbox) ?>" />
135  <input type="hidden" name="startMessage" value="<?php echo sm_encode_html_special_chars($startMessage) ?>" />
136   <?php
137  echo '<input type="submit" value="' . _("Cancel / Done") . "\" />\n";
138}
139  ?></form>
140</td>
141<td align="right" valign="top">
142<?php if ($spamcop_method == 'thorough_email' ||
143          $spamcop_method == 'quick_email') {
144   if ($spamcop_method == 'thorough_email')
145      $report_email = 'submit.' . $spamcop_id . '@spam.spamcop.net';
146   else
147      $report_email = 'quick.' . $spamcop_id . '@spam.spamcop.net';
148   $form_action = sqm_baseuri() . 'src/compose.php';
149?>  <form method="post" action="<?php echo $form_action?>">
150  <input type="hidden" name="smtoken" value="<?php echo sm_generate_security_token(); ?>" />
151  <input type="hidden" name="mailbox" value="<?php echo sm_encode_html_special_chars($mailbox) ?>" />
152  <input type="hidden" name="spamcop_is_composing" value="<?php echo sm_encode_html_special_chars($passed_id) ?>" />
153  <input type="hidden" name="send_to" value="<?php echo sm_encode_html_special_chars($report_email)?>" />
154  <input type="hidden" name="subject" value="reply anyway" />
155  <input type="hidden" name="identity" value="0" />
156  <input type="hidden" name="session" value="<?php echo $session?>" />
157<?php
158  echo '<input type="submit" name="send" value="' . _("Send Spam Report") . "\" />\n";
159 } else {
160   $spam_message = mime_fetch_body ($imap_stream, $passed_id, $passed_ent_id, 50000);
161
162   if (strlen($spam_message) == 50000) {
163      $Warning = "\n[truncated by SpamCop]\n";
164      $spam_message = substr($spam_message, 0, 50000 - strlen($Warning)) . $Warning;
165   }
166   if (isset($js_web) && $js_web) {
167?>  <form method="post" action="http://members.spamcop.net/sc" name="submitspam"
168    enctype="multipart/form-data"><?php
169   } else {
170?>  <form method="post" action="http://members.spamcop.net/sc" name="submitspam"
171    enctype="multipart/form-data" target="_top"><?php
172   } ?>
173  <input type="hidden" name="action" value="submit" />
174  <input type="hidden" name="oldverbose" value="1" />
175  <input type="hidden" name="spam" value="<?php echo sm_encode_html_special_chars($spam_message); ?>" />
176<?php
177  echo '<input type="submit" name="x1" value="' . _("Send Spam Report") . "\" />";
178 }
179?>
180</form>
181</td></tr>
182</table>
183</body></html>
184