1 |
dpavlin |
1.1 |
#!/usr/local/bin/perl |
2 |
|
|
|
3 |
dpavlin |
1.2 |
BEGIN { $APP_PATH="/home/httpd/html/webmail/cgi-bin/"; } |
4 |
dpavlin |
1.1 |
|
5 |
|
|
# @ ---------------------------------------------------------------------------------------------------------- |
6 |
|
|
# @ This code is (c) 1999 Alexandre Aufrere and NikoSoft. |
7 |
|
|
# @ Published under NPL rights, meaning you have the right |
8 |
|
|
# @ to use and modify this code freely, provided it |
9 |
|
|
# @ remains available and free. Any modified code should be |
10 |
|
|
# @ submitted to Nikopol Software Corp. or Alexandre Aufrere. |
11 |
|
|
# @ This code is protected by the French laws on Copyright. |
12 |
|
|
# @ Please note that there it comes with NO WARRANTY of any kind, |
13 |
|
|
# @ and especially for any damagbe it could cause to your computer |
14 |
|
|
# @ or network. |
15 |
|
|
# @ Using this code means you agree to this license agreement. |
16 |
|
|
# @ Further information at http://aufrere.citeweb.net/nsc/ |
17 |
|
|
# @ ---------------------------------------------------------------------------------------------------------- |
18 |
|
|
# @ |
19 |
|
|
# @ Project NS WebMail |
20 |
|
|
# @ |
21 |
|
|
# @ Filename inbox.pl |
22 |
|
|
# @ |
23 |
|
|
# @ Description inbox manager for NS WebMail |
24 |
|
|
# @ |
25 |
|
|
# @ Version 1.0 |
26 |
|
|
# @ |
27 |
|
|
# @ ---------------------------------------------------------------------------------------------------------- |
28 |
|
|
|
29 |
|
|
use Mail::POP3Client; |
30 |
|
|
require $APP_PATH."config.pl"; |
31 |
|
|
|
32 |
|
|
#use the $cgi object method param() to |
33 |
|
|
#acquire the FORM variables passed by |
34 |
|
|
#the client browser. |
35 |
|
|
&ReadParse; |
36 |
|
|
$loginname = $in{'loginname'}; |
37 |
|
|
$password = $in{'password'}; |
38 |
|
|
$POPserver = $in{'POPserver'}; |
39 |
|
|
$lastMsg = $in{'lastMsg'}; |
40 |
|
|
$deleteMsg = $in{'deleteMsg'}; |
41 |
|
|
$cache = $in{'cache'}; |
42 |
|
|
$status = $in{'status'}; |
43 |
|
|
|
44 |
|
|
#if deleteMsg is not null, then this script has been called by the |
45 |
|
|
#Delete Message button. We will open a POP client object, delete |
46 |
|
|
#the indicated message, then close the POP object to actually force |
47 |
|
|
#the POP server to make the deletion. The rest of the script will |
48 |
|
|
#then play out and re-open the POP object. By closing and reopening |
49 |
|
|
#we will obtain an updated count that correctly does not include the |
50 |
|
|
#recently deleted message. |
51 |
|
|
|
52 |
|
|
if ($deleteMsg) { |
53 |
|
|
$pop = new Mail::POP3Client($loginname, $password, $POPserver); |
54 |
|
|
$pop->Delete($deleteMsg); |
55 |
|
|
$pop->Close(); |
56 |
|
|
$deleteMsg = ""; |
57 |
|
|
$pop = ""; |
58 |
|
|
sleep(1); # Gives the POP time to close and be ready for another |
59 |
|
|
# open attempt. |
60 |
|
|
} |
61 |
|
|
|
62 |
|
|
|
63 |
|
|
|
64 |
|
|
#Begin production of HTML code. |
65 |
|
|
print "Content-type: text/html\n\n"; |
66 |
|
|
print "<HTML><HEAD><TITLE>NS WM Message Retrieval</TITLE>"; |
67 |
|
|
|
68 |
|
|
print "<SCRIPT LANGUAGE='JavaScript'>\n"; |
69 |
|
|
print "function closeThisWindow() { \n"; |
70 |
|
|
print "window.close()\n"; |
71 |
|
|
print "}\n"; |
72 |
|
|
print "</SCRIPT>\n"; |
73 |
|
|
|
74 |
|
|
$onloadcode=""; |
75 |
|
|
if ($status eq "firstlogin") { $onloadcode="parent.menu.location='$PATH_NSWM/menu.htm';"; } |
76 |
|
|
if ($cache eq "No") { print "<META HTTP-EQUIV='Pragma' CONTENT='no-cache'>"; |
77 |
|
|
print "</HEAD>\n<BODY BGCOLOR='#FFFFFF' OnLoad=\"$onloadcode\">"; |
78 |
|
|
} |
79 |
|
|
else { print "</HEAD>\n<BODY BGCOLOR='FF8F8F'>"; |
80 |
|
|
} |
81 |
|
|
|
82 |
|
|
#print "<b><font size='+2'>NikoSoft WebMail</font></b><hr>"; |
83 |
|
|
print "<center>\n"; |
84 |
|
|
|
85 |
|
|
|
86 |
|
|
#Create a (possibly new) POP connection with the POP3Client object. |
87 |
|
|
$pop = new Mail::POP3Client($loginname, $password, $POPserver); |
88 |
|
|
|
89 |
|
|
#How many messages are there in the inbox provided by the $pop object? |
90 |
|
|
$MessageCount = $pop->Count; |
91 |
|
|
|
92 |
|
|
|
93 |
|
|
print "<table><tr><td>"; |
94 |
|
|
#if $pop->count is -1, then the POP connection failed. |
95 |
|
|
if ($MessageCount == -1) { |
96 |
|
|
print "</table><font size=+1>$POPserver: $loginname, $incorrectlogin"; |
97 |
|
|
print "</body></html>"; |
98 |
|
|
exit; |
99 |
|
|
} |
100 |
|
|
#if $pop->count is 0, there are no messages in the POP account |
101 |
|
|
elsif ($MessageCount == 0) { |
102 |
|
|
print "<b> $nomailon <i>$POPserver</i></b>"; |
103 |
|
|
} |
104 |
|
|
#if $pop->count is >0, then that is the number of messages in the |
105 |
|
|
#POP account inbox. |
106 |
|
|
else { print "<img src=$MAIL_IMG valign=middle> "; |
107 |
|
|
print "<b>$MessageCount $messagesininbox.</b>\n"; |
108 |
|
|
} |
109 |
|
|
|
110 |
|
|
#print "</td><td width=300 align=center>\n"; |
111 |
|
|
|
112 |
|
|
if ($MessageCount != -1) { #equivalent to knowing a valid POP account was used... |
113 |
|
|
#place a button that will allow the user to create a new mail message |
114 |
|
|
#without having to "reply" to a previously received one. This also |
115 |
|
|
#permits people to don't get much mail to be able to send something. |
116 |
|
|
print "<FORM METHOD='POST' ACTION='".$CGI_PATH_NSWM."sendform.pl' name=newMailForm>\n"; |
117 |
|
|
print "<INPUT TYPE='hidden' NAME='loginname' VALUE=$loginname>\n"; |
118 |
|
|
print "<INPUT TYPE='hidden' NAME='password' VALUE=$password>\n"; |
119 |
|
|
print "<INPUT TYPE='hidden' NAME='POPserver' VALUE=$POPserver>\n"; |
120 |
|
|
print "<INPUT TYPE='hidden' NAME='cache' VALUE=$cache>\n"; |
121 |
|
|
print "<INPUT TYPE='hidden' NAME='to' VALUE=''>\n"; |
122 |
|
|
print "<INPUT TYPE='hidden' NAME='subject' VALUE=''>\n"; |
123 |
|
|
print "</FORM>"; |
124 |
|
|
print "<FORM METHOD='POST' ACTION='".$CGI_PATH_NSWM."sentmail.pl' name=sentForm>\n"; |
125 |
|
|
print "<INPUT TYPE='hidden' NAME='loginname' VALUE=$loginname>\n"; |
126 |
|
|
print "<INPUT TYPE='hidden' NAME='password' VALUE=$password>\n"; |
127 |
|
|
print "<INPUT TYPE='hidden' NAME='POPserver' VALUE=$POPserver>\n"; |
128 |
|
|
print "<INPUT TYPE='hidden' NAME='cache' VALUE=$cache>\n"; |
129 |
|
|
print "</FORM>"; |
130 |
|
|
} |
131 |
|
|
print "</td></tr></table><br>\n"; |
132 |
|
|
|
133 |
|
|
|
134 |
|
|
#Parse the message headers to output a list of message |
135 |
|
|
#header info including SUBJECT,FROM,DATE,and TO. |
136 |
|
|
#each message will have a read & delete button as well |
137 |
|
|
#and these three elements will be organized in a table |
138 |
|
|
|
139 |
|
|
if ($MessageCount > 0) { |
140 |
|
|
print "<table border=0 cellpadding=2 cellspacing=0 width=90% align=center>"; |
141 |
|
|
print "<tr bgcolor=darkblue><td><b><font color=white>$fromtext</b></td><td><b><font color=white>$subjecttext</b></td><td><b><font color=white>$datetext</b></td><td> </td>"; |
142 |
|
|
&ParseHeaders(); |
143 |
|
|
print "</table>"; |
144 |
|
|
} |
145 |
|
|
|
146 |
|
|
# At the end of the form, we will place a button which can obtain |
147 |
|
|
# more 'n' more mail messages. Note that the button makes a "recursive" |
148 |
|
|
# call. (In other words, it represents a perl script calling itself, |
149 |
|
|
# but with different variable values.) |
150 |
|
|
# |
151 |
|
|
# The only value that is different is the 'lastMsg' variable |
152 |
|
|
# which is Null in the posting from the "Check Your Mail" button, but is |
153 |
|
|
# set to a non-null value on posting from this ("Get More Messages") button. |
154 |
|
|
print "<FORM METHOD='POST' ACTION='".$CGI_PATH_NSWM."inbox.pl' name=inboxForm>\n"; |
155 |
|
|
print "<INPUT TYPE='hidden' NAME='loginname' VALUE=$loginname >\n"; |
156 |
|
|
print "<INPUT TYPE='hidden' NAME='POPserver' VALUE=$POPserver >\n"; |
157 |
|
|
print "<INPUT TYPE='hidden' NAME='password' VALUE=$password >\n"; |
158 |
|
|
print "<INPUT TYPE='hidden' NAME='cache' VALUE=$cache >\n"; |
159 |
|
|
print "</FORM></center>"; |
160 |
|
|
|
161 |
|
|
|
162 |
|
|
# Lastly, provide a button which will let the user 'Logout'. This |
163 |
|
|
# actually closes the window in use in order to destroy the history log |
164 |
|
|
# which contains the all previously viewed email, plus the clear text |
165 |
|
|
# login/password/host information that would allow an intruder access |
166 |
|
|
# to the account in the future. |
167 |
|
|
#print "<FORM METHOD='Post'>"; |
168 |
|
|
#print "<INPUT TYPE='button' VALUE='Quitter' onClick='closeThisWindow()'>"; |
169 |
|
|
#print "</FORM>\n"; |
170 |
|
|
|
171 |
|
|
|
172 |
|
|
#close the POP connection smoothly. |
173 |
|
|
$pop->Close; |
174 |
|
|
|
175 |
|
|
#send the ending html code (/body and /head tags) |
176 |
|
|
print "</BODY></HTML>"; |
177 |
|
|
exit; |
178 |
|
|
|
179 |
|
|
#----------------------------------SUBROUTINES------------------------- |
180 |
|
|
|
181 |
dpavlin |
1.3 |
# Decode quoted strings (in From: and Subject) |
182 |
|
|
|
183 |
|
|
sub DecodeQuoted { |
184 |
|
|
my $tmp = $_[0]; |
185 |
|
|
if ($tmp =~ /=?ISO-8859-[1-2]?(.)?/i) { |
186 |
|
|
$tmp =~ s/=([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; |
187 |
|
|
$tmp =~ s/=\?ISO-8859-[1-2]\?.\?(.*)\?=/$1/i; |
188 |
|
|
} |
189 |
|
|
return $tmp; |
190 |
|
|
} |
191 |
dpavlin |
1.1 |
|
192 |
|
|
#-----------------------------Sub ParseHeaders----------------------------- |
193 |
|
|
#Subroutine to parse the headers on each message to exctract the TO:, FROM:, |
194 |
|
|
# DATE:, and SUBJECT: information. |
195 |
|
|
#-------------------------------------------------------------------------- |
196 |
|
|
sub ParseHeaders { |
197 |
|
|
#loop through the messages in the POP account space |
198 |
|
|
|
199 |
|
|
#loop backwards, displaying most recent messages first |
200 |
|
|
#Also note that only the most recent 100 messages will be displayed from |
201 |
|
|
# |
202 |
|
|
|
203 |
|
|
if ($lastMsg == "") { $lastMsg = $MessageCount }; |
204 |
|
|
|
205 |
|
|
for ($i=$lastMsg; $i >= 1 && $i> $lastMsg-100; $i--) { |
206 |
|
|
|
207 |
|
|
|
208 |
|
|
#for each message header, provide a FORM button to |
209 |
|
|
#invoke getmessage.pl and hand that routine the message |
210 |
|
|
#number. Pass the login,pass,server info again since |
211 |
|
|
#the web protocol does not provide for continued connections. |
212 |
|
|
if ( (($i)/2) == int(($i)/2) ) { |
213 |
|
|
print "<tr>\n"; |
214 |
|
|
} else { |
215 |
|
|
print "<tr bgcolor=lightblue>\n"; |
216 |
|
|
} |
217 |
|
|
print "<FORM METHOD='POST' ACTION='".$CGI_PATH_NSWM."getmsg.pl' NAME='lire$i'>\n"; |
218 |
|
|
print "<INPUT TYPE='hidden' NAME='id' VALUE=$i >\n"; |
219 |
|
|
print "<INPUT TYPE='hidden' NAME='loginname' VALUE=$loginname >\n"; |
220 |
|
|
print "<INPUT TYPE='hidden' NAME='password' VALUE=$password >\n"; |
221 |
|
|
print "<INPUT TYPE='hidden' NAME='POPserver' VALUE=$POPserver >\n"; |
222 |
|
|
print "<INPUT TYPE='hidden' NAME='cache' VALUE=$cache >\n"; |
223 |
|
|
print "</FORM>\n"; |
224 |
|
|
|
225 |
|
|
|
226 |
|
|
$sub = ''; |
227 |
|
|
$from = ''; |
228 |
|
|
$to = ''; |
229 |
|
|
$date = ''; |
230 |
|
|
$replyto = ''; |
231 |
|
|
|
232 |
|
|
#obtain each header with the head() method in POP3Client. |
233 |
|
|
|
234 |
|
|
foreach ($pop->Head($i)){ |
235 |
|
|
#for each line within the message header retrieved, parse |
236 |
|
|
#the From,To,Date,Subject fields by finding |
237 |
|
|
#the appropriate strings at the beginning |
238 |
|
|
#of each line |
239 |
|
|
if (/^From:/ ){ |
240 |
|
|
$from = $'; #Get string following the succesful match. |
241 |
dpavlin |
1.3 |
$from = DecodeQuoted($from); |
242 |
dpavlin |
1.1 |
$from =~ s/</<\;/; #Strip out angled brackets to prevent browsers |
243 |
|
|
$from =~ s/>/>\;/; #from interpreting them as unknown HTML codes. |
244 |
|
|
} |
245 |
|
|
elsif (/^To:/) { |
246 |
|
|
$to = $'; |
247 |
|
|
} |
248 |
|
|
elsif (/^Subject:/) { |
249 |
|
|
$sub = $'; |
250 |
dpavlin |
1.3 |
$sub = DecodeQuoted($sub); |
251 |
dpavlin |
1.1 |
} |
252 |
|
|
elsif (/^Date:/) { |
253 |
|
|
$date = $'; |
254 |
|
|
} |
255 |
|
|
} |
256 |
|
|
$date=~ s/.*\,(.*)\+.*/$1/; |
257 |
dpavlin |
1.3 |
$date="<small>$date</small>"; |
258 |
dpavlin |
1.1 |
print "<td><a href='.' OnClick='document.lire$i.submit();return false;'>$from </a></td><td><b>$sub </b></td><td>$date </td>"; |
259 |
|
|
|
260 |
|
|
#for each message header, also provide a FORM button to |
261 |
|
|
#delete using inbox.pl As above, pass in the needed vars |
262 |
|
|
#using hidden types. |
263 |
|
|
print "<td><FORM METHOD='POST' ACTION='".$CGI_PATH_NSWM."inbox.pl' >\n"; |
264 |
|
|
print "<INPUT TYPE='hidden' NAME='loginname' VALUE=$loginname >\n"; |
265 |
|
|
print "<INPUT TYPE='hidden' NAME='password' VALUE=$password >\n"; |
266 |
|
|
print "<INPUT TYPE='hidden' NAME='POPserver' VALUE=$POPserver >\n"; |
267 |
|
|
print "<INPUT TYPE='hidden' NAME='deleteMsg' VALUE=$i >\n"; |
268 |
|
|
print "<INPUT TYPE='hidden' NAME='cache' VALUE=$cache >\n"; |
269 |
|
|
print "<INPUT TYPE='submit' VALUE='$deletetext' OnClick=\"return confirm('$deleteconfirmtext');\">\n"; |
270 |
|
|
print "</td></FORM></tr>\n"; |
271 |
|
|
} |
272 |
|
|
} |
273 |
|
|
|
274 |
|
|
############################################################################### |
275 |
|
|
sub ReadParse { |
276 |
|
|
local(*in)=@_ if @_; |
277 |
|
|
local ($i,$key,$val); |
278 |
|
|
|
279 |
|
|
if ($ENV{'REQUEST_METHOD'} eq "GET") { |
280 |
|
|
$in=$ENV{'QUERY_STRING'}; |
281 |
|
|
} |
282 |
|
|
elsif ($ENV{'REQUEST_METHOD'} eq "POST") { |
283 |
|
|
read(STDIN,$in,$ENV{'CONTENT_LENGTH'}); |
284 |
|
|
} |
285 |
|
|
|
286 |
|
|
@in=split(/&/,$in); |
287 |
|
|
|
288 |
|
|
foreach $i (0 .. $#in) { |
289 |
|
|
$in[$i] =~ s/\+/ /g; |
290 |
|
|
($key,$val)=split(/=/,$in[$i],2); |
291 |
|
|
$key =~ s/%(..)/pack("c",hex($1))/ge; |
292 |
|
|
$val =~ s/%(..)/pack("c",hex($1))/ge; |
293 |
|
|
$in{$key} .= "\0" if (defined($in{$key})); |
294 |
|
|
$in{$key} .=$val; |
295 |
|
|
} |
296 |
|
|
return length($in); |
297 |
|
|
} |