Context Navigation

source: subversion/trunk/roundcubemail/program/steps/mail/attachments.inc @ 3261

Last change on this file since 3261 was 3261, checked in by alec, 3 years ago
Fix attachment excessive memory use, support messages of any size (#1484660)
Property svn:keywords set to `Author Date Id Revision`
File size: 5.3 KB

Line
1	<?php
2
3	/*
4	+-----------------------------------------------------------------------+
5	\| program/steps/mail/attachments.inc \|
6	\| \|
7	\| This file is part of the RoundCube Webmail client \|
8	\| Copyright (C) 2005-2009, RoundCube Dev. - Switzerland \|
9	\| Licensed under the GNU GPL \|
10	\| \|
11	\| PURPOSE: \|
12	\| Upload, remove, display attachments in compose form \|
13	\| \|
14	+-----------------------------------------------------------------------+
15	\| Author: Thomas Bruederli <roundcube@gmail.com> \|
16	+-----------------------------------------------------------------------+
17
18	$Id$
19
20	*/
21
22
23	if (!$_SESSION['compose']) {
24	die("Invalid session var!");
25	}
26
27
28	// remove an attachment
29	if ($RCMAIL->action=='remove-attachment')
30	{
31	$id = 'undefined';
32	if (preg_match('/^rcmfile(\w+)$/', $_POST['_file'], $regs))
33	$id = $regs[1];
34	if ($attachment = $_SESSION['compose']['attachments'][$id])
35	$attachment = $RCMAIL->plugins->exec_hook('remove_attachment', $attachment);
36	if ($attachment['status']) {
37	if (is_array($_SESSION['compose']['attachments'][$id])) {
38	unset($_SESSION['compose']['attachments'][$id]);
39	$OUTPUT->command('remove_from_attachment_list', "rcmfile$id");
40	}
41	}
42
43	$OUTPUT->send();
44	exit;
45	}
46
47	if ($RCMAIL->action=='display-attachment')
48	{
49	$id = 'undefined';
50	if (preg_match('/^rcmfile(\w+)$/', $_GET['_file'], $regs))
51	$id = $regs[1];
52	if ($attachment = $_SESSION['compose']['attachments'][$id])
53	$attachment = $RCMAIL->plugins->exec_hook('display_attachment', $attachment);
54
55	if ($attachment['status']) {
56	if (empty($attachment['size']))
57	$attachment['size'] = $attachment['data'] ? strlen($attachment['data']) : @filesize($attachment['path']);
58
59	header('Content-Type: ' . $attachment['mimetype']);
60	header('Content-Length: ' . $attachment['size']);
61
62	if ($attachment['data'])
63	echo $attachment['data'];
64	else if ($attachment['path'])
65	readfile($attachment['path']);
66	}
67	exit;
68	}
69
70	// attachment upload action
71
72	if (!is_array($_SESSION['compose']['attachments'])) {
73	$_SESSION['compose']['attachments'] = array();
74	}
75
76	// clear all stored output properties (like scripts and env vars)
77	$OUTPUT->reset();
78
79	$uploadid = get_input_value('_uploadid', RCUBE_INPUT_GET);
80
81	if (is_array($_FILES['_attachments']['tmp_name'])) {
82	foreach ($_FILES['_attachments']['tmp_name'] as $i => $filepath) {
83	$attachment = array(
84	'path' => $filepath,
85	'size' => $_FILES['_attachments']['size'][$i],
86	'name' => $_FILES['_attachments']['name'][$i],
87	'mimetype' => rc_mime_content_type($filepath, $_FILES['_attachments']['name'][$i], $_FILES['_attachments']['type'][$i])
88	);
89
90	$attachment = $RCMAIL->plugins->exec_hook('upload_attachment', $attachment);
91
92	if ($attachment['status'] && !$attachment['abort']) {
93	$id = $attachment['id'];
94
95	// store new attachment in session
96	unset($attachment['status'], $attachment['abort']);
97	$_SESSION['compose']['attachments'][$id] = $attachment;
98
99	if (($icon = $_SESSION['compose']['deleteicon']) && is_file($icon)) {
100	$button = html::img(array(
101	'src' => $icon,
102	'alt' => rcube_label('delete')
103	));
104	}
105	else {
106	$button = Q(rcube_label('delete'));
107	}
108
109	$content = html::a(array(
110	'href' => "#delete",
111	'onclick' => sprintf("return %s.command('remove-attachment','rcmfile%s', this)", JS_OBJECT_NAME, $id),
112	'title' => rcube_label('delete'),
113	), $button);
114
115	$content .= Q($attachment['name']);
116
117	$OUTPUT->command('add2attachment_list', "rcmfile$id", array(
118	'html' => $content,
119	'name' => $attachment['name'],
120	'mimetype' => $attachment['mimetype'],
121	'complete' => true), $uploadid);
122	}
123	else { // upload failed
124	$err = $_FILES['_attachments']['error'][$i];
125	if ($err == UPLOAD_ERR_INI_SIZE \|\| $err == UPLOAD_ERR_FORM_SIZE) {
126	$msg = rcube_label(array('name' => 'filesizeerror', 'vars' => array('size' => show_bytes(parse_bytes(ini_get('upload_max_filesize'))))));
127	}
128	else if ($attachment['error']) {
129	$msg = $attachment['error'];
130	}
131	else {
132	$msg = rcube_label('fileuploaderror');
133	}
134
135	$OUTPUT->command('display_message', $msg, 'error');
136	$OUTPUT->command('remove_from_attachment_list', $uploadid);
137	}
138	}
139	}
140	else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
141	// if filesize exceeds post_max_size then $_FILES array is empty,
142	// show filesizeerror instead of fileuploaderror
143	if ($maxsize = ini_get('post_max_size'))
144	$msg = rcube_label(array('name' => 'filesizeerror', 'vars' => array('size' => show_bytes(parse_bytes($maxsize)))));
145	else
146	$msg = rcube_label('fileuploaderror');
147	$OUTPUT->command('display_message', $msg, 'error');
148	$OUTPUT->command('remove_from_attachment_list', $uploadid);
149	}
150
151	// send html page with JS calls as response
152	$OUTPUT->command('auto_save_start', false);
153	$OUTPUT->send('iframe');
154
155	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats:

Original Format