source: subversion/trunk/roundcubemail/program/steps/mail/attachments.inc @ 2313

Last change on this file since 2313 was 2313, checked in by thomasb, 4 years ago

Fix mime-type detection using a hard-coded map (#1485311)
File size: 4.2 KB
Line 
1<?php
2
3/*
4 +-----------------------------------------------------------------------+
5 | program/steps/mail/attachments.inc                                    |
6 |                                                                       |
7 | This file is part of the RoundCube Webmail client                     |
8 | Copyright (C) 2005-2009, RoundCube Dev. - Switzerland                 |
9 | Licensed under the GNU GPL                                            |
10 |                                                                       |
11 | PURPOSE:                                                              |
12 |   Upload, remove, display attachments in compose form                 |
13 |                                                                       |
14 +-----------------------------------------------------------------------+
15 | Author: Thomas Bruederli <roundcube@gmail.com>                        |
16 +-----------------------------------------------------------------------+
17
18 $Id: compose.inc 2081 2008-11-23 12:38:44Z thomasb $
19
20*/
21
22
23if (!$_SESSION['compose']) {
24  die("Invalid session var!");
25}
26
27
28// remove an attachment
29if ($RCMAIL->action=='remove-attachment')
30{
31  if (preg_match('/^rcmfile([0-9]+)$/', $_POST['_file'], $regs))
32  {
33    $id = $regs[1];
34    if (is_array($_SESSION['compose']['attachments'][$id]))
35    {
36      @unlink($_SESSION['compose']['attachments'][$id]['path']);
37      unset($_SESSION['compose']['attachments'][$id]);
38      $OUTPUT->command('remove_from_attachment_list', "rcmfile$id");
39      $OUTPUT->send();
40    }
41  }
42  exit;
43}
44
45if ($RCMAIL->action=='display-attachment')
46{
47  if (preg_match('/^rcmfile([0-9]+)$/', $_GET['_file'], $regs))
48  {
49    $id = $regs[1];
50    if (is_array($_SESSION['compose']['attachments'][$id]))
51    {
52      $apath = $_SESSION['compose']['attachments'][$id]['path'];
53      header('Content-Type: ' . $_SESSION['compose']['attachments'][$id]['mimetype']);
54      header('Content-Length: ' . filesize($apath));
55      readfile($apath);
56    }
57  }
58  exit;
59}
60
61// attachment upload action
62
63// use common temp dir for file uploads
64$temp_dir = unslashify($CONFIG['temp_dir']);
65
66if (!is_array($_SESSION['compose']['attachments'])) {
67  $_SESSION['compose']['attachments'] = array();
68}
69
70// clear all stored output properties (like scripts and env vars)
71$OUTPUT->reset();
72
73if (is_array($_FILES['_attachments']['tmp_name'])) {
74  foreach ($_FILES['_attachments']['tmp_name'] as $i => $filepath) {
75    $tmpfname = tempnam($temp_dir, 'rcmAttmnt');
76    if (move_uploaded_file($filepath, $tmpfname)) {
77      $id = count($_SESSION['compose']['attachments']);
78      $_SESSION['compose']['attachments'][] = array(
79        'name' => $_FILES['_attachments']['name'][$i],
80        'mimetype' => rc_mime_content_type($tmpfname, $_FILES['_attachments']['name'][$i], $_FILES['_attachments']['type'][$i]),
81        'path' => $tmpfname,
82      );
83
84      if (is_file($icon = $CONFIG['skin_path'] . '/images/icons/remove-attachment.png')) {
85        $button = html::img(array(
86          'src' => $icon,
87          'alt' => rcube_label('delete'),
88          'style' => "padding-right:2px;vertical-align:middle",
89        ));
90      }
91      else {
92        $button = Q(rcube_label('delete'));
93      }
94
95      $content = html::a(array(
96        'href' => "#delete",
97        'onclick' => sprintf("return %s.command('remove-attachment','rcmfile%d', this)", JS_OBJECT_NAME, $id),
98        'title' => rcube_label('delete'),
99      ), $button);
100     
101      $content .= Q($_FILES['_attachments']['name'][$i]);
102     
103      $OUTPUT->command('add2attachment_list', "rcmfile$id", $content);
104    }
105    else {  // upload failed
106      $err = $_FILES['_attachments']['error'][$i];
107      if ($err == UPLOAD_ERR_INI_SIZE || $err == UPLOAD_ERR_FORM_SIZE) {
108        $msg = rcube_label(array('name' => 'filesizeerror', 'vars' => array('size' => show_bytes(parse_bytes(ini_get('upload_max_filesize'))))));
109      }
110      else {
111        $msg = rcube_label('fileuploaderror');
112      }
113   
114      $OUTPUT->command('display_message', $msg, 'error');
115    }
116  }
117}
118else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
119  $OUTPUT->command('display_message', rcube_label('fileuploaderror'), 'error');
120}
121
122// send html page with JS calls as response
123$OUTPUT->command('show_attachment_form', false);
124$OUTPUT->command('auto_save_start', false);
125$OUTPUT->send('iframe');
126
127?>
Note: See TracBrowser for help on using the repository browser.