Viewing file:  compose.attachments.php (19.4 KB) -rwxr-xr-x
Select action/file-type:
 (+) |  (+) |  (+) | Code (+) | Session (+) |  (+) | SDB (+) |  (+) |  (+) |  (+) |  (+) |  (+) |
<?php
/*
############################################################################
# DWmail
# - version 4.0.2
# - Copyright (c) 2003-2006 Dominion Web Design
# - http://www.dominion-web.com/products/dwmail/
############################################################################
#
# The contents of this file are subject to the DWmail License version
# 2.2 ('License'). You may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.dominion-web.com/products/dwmail/license.php
# Software distributed under the License is distributed on an "AS IS" basis,
# without warranty of any kind, either express or implied.
#
# This code is Copyright (c) 2003-2006 Dominion Web Design.
# All rights reserved.
#
# This software may not be redistributed outside the terms of the
# license agreement.
#
############################################################################
*/
require ("./includes/init.inc.php");
require ("./includes/global.inc.php");
require ("./includes/imap.inc.php");
require ("./includes/functions.inc.php");
require ("./includes/config.inc.php");
$MainSettings = new GlobalInit();
$TransIDEnabled = $MainSettings->INIGet('session.use_trans_sid');
session_cache_limiter($DefaultSessionCache);
session_start();
if (!$_SESSION['DefaultLang']) {
$_SESSION['DefaultLang'] = $DefaultLang;
}
require ("./lang/" . strip_tags(str_replace("..", "", trim($_SESSION['DefaultLang']))) . "/global.inc.php");
require ("./lang/" . strip_tags(str_replace("..", "", trim($_SESSION['DefaultLang']))) . "/compose.inc.php");
@setlocale(LC_TIME, $AvailLangs[$_SESSION['DefaultLang']]['locale']);
require ("./includes/options.inc.php");
$_SESSION['tpl'] = strip_tags(trim($_SESSION['tpl']));
$getFile = new fileProperties($_SESSION['tpl']);
$PageHeader = $getFile->fileRead('composeattachments');
$PageAttachment = $getFile->fileRead('composeattachment');
$PageAttachment2 = $getFile->fileRead('composeattachment2');
$PageShowAttachments = $getFile->fileRead('composeshowattachments');
$PageShowAttachments2 = $getFile->fileRead('composeshowattachments2');
$PageHeader = str_replace("[displayattachments]", $PageShowAttachments, $PageHeader);
$PageHeader = str_replace("[displayattachments2]", $PageShowAttachments2, $PageHeader);
$PageHeader = str_replace("[session]", $MainSettings->SessAppend_noecho($TransIDEnabled, 1), $PageHeader);
$PageHeader = str_replace("[session_append]", $MainSettings->SessAppend_noecho($TransIDEnabled, 0), $PageHeader);
$PageHeader = str_replace("[session_form]", $MainSettings->SessAppend_form($TransIDEnabled), $PageHeader);
$PageAttachment = str_replace("[session]", $MainSettings->SessAppend_noecho($TransIDEnabled, 1), $PageAttachment);
$PageAttachment = str_replace("[session_append]", $MainSettings->SessAppend_noecho($TransIDEnabled, 0), $PageAttachment);
$PageAttachment = str_replace("[session_form]", $MainSettings->SessAppend_form($TransIDEnabled), $PageAttachment);
$PageHeader = str_replace("[charset]", $_SESSION['DefaultCharSet'], $PageHeader);
$PageHeader = str_replace("[lang]", $_SESSION['DefaultLang'], $PageHeader);
$PageHeader = str_replace("[langdir]", $AvailLangs[$_SESSION['DefaultLang']]['dir'], $PageHeader);
$PageHeader = str_replace("[pagetitle]", " - " . $lang['SCompose']['Title'], $PageHeader);
$genericerror = $getFile->fileRead('generic_message');
$genericerror = str_replace ('[pagetitle]', $lang['SErrors']['Title'], $genericerror);
$error_session = str_replace ('[pagemessage]', $lang['SErrors']['Session'], $genericerror);
CheckValidSession($_SESSION, $PageFooter, $error_session, $PageHeader, $lang);
$IMAPConnection = new WM_IMAPConnection($_SESSION);
$securitycheck = $IMAPConnection->WM_IMAPCheckSecurity();
$error_ipfailuresession = str_replace ('[pagemessage]', $lang['SErrors']['IP'], $genericerror);
CheckSessionSecurity($securitycheck, $PageFooter, $error_ipfailure, $PageHeader, $lang);
if ($_REQUEST['type'] == 'standard' && $_REQUEST['amode'] == 'remove' && $_REQUEST['fileid'] <> '') {
unset ($_SESSION['ca'][$_REQUEST['fileid']]);
sort($_SESSION['ca']);
reset($_SESSION['ca']);
}
elseif ($_REQUEST['type'] == 'fwd' && $_REQUEST['amode'] == 'remove' && $_REQUEST['fileid'] <> '') {
unset ($_SESSION['cafwd'][$_REQUEST['fileid']]);
sort($_SESSION['cafwd']);
reset($_SESSION['cafwd']);
}
$preattachments = 0;
$embedattachments = 0;
if (($mode == "fwd" || ($_SESSION['folder'] == $IMAPDrafts && !empty($_GET['$id']))) && sizeof($_SESSION['cafwd']) >= 1) {
$preattachments = 1;
$pretmp = $_SESSION['cafwd'];
if (is_array($pretmp)) {
while(list($key, $value) = each($pretmp)) {
$filedisplay = $PageAttachment;
$filedisplay = str_replace("[attachment_id]", $key, $filedisplay);
$filedisplay = str_replace("[attachment_pid]", '', $filedisplay);
$filedisplay = str_replace("[iflink]", '', $filedisplay);
$filedisplay = str_replace("[/iflink]", '', $filedisplay);
$filedisplay = str_replace("[ifremoveable]", '', $filedisplay);
$filedisplay = str_replace("[/ifremoveable]", '', $filedisplay);
if ($_SESSION['cafwd'][$key]["type"] == 'message/rfc822') {
$filedisplay = str_replace("[attachment_link]", "view.rfc822.php?id=" . $_REQUEST['id'] . "&pid=" . $_SESSION['cafwd'][$key]["pid"] . "&f=" . urlencode($_SESSION['folder']) . $MainSettings->SessAppend_noecho($TransIDEnabled, 0), $filedisplay);
}
elseif ($_SESSION['cafwd'][$key]["type"] == 'text/calendar') {
$filedisplay = str_replace("[attachment_link]", "view.ics.php?id=" . $_REQUEST['id'] . "&pid=" . $_SESSION['cafwd'][$key]["pid"] . "&f=" . urlencode($_SESSION['folder']) . $MainSettings->SessAppend_noecho($TransIDEnabled, 0), $filedisplay);
}
else {
$filedisplay = str_replace("[attachment_link]", "attachment.php?id=" . $_REQUEST['id'] . "&pid=" . $_SESSION['cafwd'][$key]["pid"] . "&f=" . urlencode($_SESSION['folder']) . $MainSettings->SessAppend_noecho($TransIDEnabled, 0), $filedisplay);
}
if ($_SESSION['cafwd'][$x]["type"] == 'message/rfc822' && $loadedrfc822 == 0) {
$mailbox = $IMAPConnection->WM_IMAPConnect();
require_once ("./includes/rfc822.inc.php");
require_once ("./includes/3rdparty/MIME/mimeDecode.inc.php");
$loadedrfc822 = 1;
$headerfull = $IMAPConnection->WM_IMAPRFCHeader($_REQUEST['id']);
$bodyfull = $IMAPConnection->WM_IMAPGetBody($_REQUEST['id'], -1, -1, 1);
$RFC822Message = new RFC822($_SESSION);
$RFC822Parts = $RFC822Message->GetParts($headerfull, $bodyfull);
$params['include_bodies'] = true;
$params['decode_bodies'] = true;
$params['decode_headers'] = true;
$IMAPConnection->WM_IMAPClose();
}
if ($_SESSION['cafwd'][$key]["type"] == 'message/rfc822') {
$RFC822Content = $RFC822Parts[$_SESSION['cafwd'][$key]["pid"]];
$RFCDecode = new Mail_mimeDecode($RFC822Content);
$ReturnMessage = $RFCDecode->decode($params);
}
if (isset($_SESSION['cafwd'][$key]["name"])) {
$filename = $_SESSION['cafwd'][$key]["name"];
}
else {
if (isset($_SESSION['cafwd'][$key]["description"])) {
$filename = $_SESSION['cafwd'][$key]["description"];
}
else {
$filename = $lang['SCompose']['NoAttachmentName'];
}
}
$filedisplay = str_replace("[attachment_filename]", $filename, $filedisplay);
$filedisplay = str_replace("[attachment_size]", ceil($_SESSION['cafwd'][$key]["size"]/1024) . " Kb", $filedisplay);
$filedisplay = str_replace("[attachment_type]", strip_tags($_REQUEST['mode']), $filedisplay);
include_once ("./includes/files.inc.php");
$filedisplay = str_replace("[attachment_icon]",'<img src="' . attachmentIcons($_SESSION['cafwd'][$key]["type"]) . '" alt="' . $_SESSION['cafwd'][$key]["type"] . '" />', $filedisplay);
$preattachedlist .= $filedisplay;
unset($filedisplay);
$filedisplay = $PageAttachment2;
$filedisplay = str_replace("[attachment_id]", $key, $filedisplay);
$filedisplay = str_replace("[attachment_pid]", '', $filedisplay);
$filedisplay = str_replace("[iflink]", '', $filedisplay);
$filedisplay = str_replace("[/iflink]", '', $filedisplay);
$filedisplay = str_replace("[ifremoveable]", '', $filedisplay);
$filedisplay = str_replace("[/ifremoveable]", '', $filedisplay);
if ($_SESSION['cafwd'][$key]["type"] == 'message/rfc822') {
$filedisplay = str_replace("[attachment_link]", "view.rfc822.php?id=" . $_REQUEST['id'] . "&pid=" . $_SESSION['cafwd'][$key]["pid"] . "&f=" . urlencode($_SESSION['folder']) . $MainSettings->SessAppend_noecho($TransIDEnabled, 0), $filedisplay);
}
elseif ($_SESSION['cafwd'][$key]["type"] == 'text/calendar') {
$filedisplay = str_replace("[attachment_link]", "view.ics.php?id=" . $_REQUEST['id'] . "&pid=" . $_SESSION['cafwd'][$key]["pid"] . "&f=" . urlencode($_SESSION['folder']) . $MainSettings->SessAppend_noecho($TransIDEnabled, 0), $filedisplay);
}
else {
$filedisplay = str_replace("[attachment_link]", "attachment.php?id=" . $_REQUEST['id'] . "&pid=" . $_SESSION['cafwd'][$key]["pid"] . "&f=" . urlencode($_SESSION['folder']) . $MainSettings->SessAppend_noecho($TransIDEnabled, 0), $filedisplay);
}
$filedisplay = str_replace("[attachment_filename]", $filename, $filedisplay);
$filedisplay = str_replace("[attachment_size]", ceil($_SESSION['cafwd'][$key]["size"]/1024) . " Kb", $filedisplay);
$filedisplay = str_replace("[attachment_type]", strip_tags($_REQUEST['mode']), $filedisplay);
include_once ("./includes/files.inc.php");
$filedisplay = str_replace("[attachment_icon]",'<img src="' . attachmentIcons($_SESSION['cafwd'][$key]["type"]) . '" alt="' . $_SESSION['cafwd'][$key]["type"] . '" />', $filedisplay);
$preattachedlist2 .= $filedisplay;
unset($filedisplay);
}
}
unset ($pretmp);
$PageHeader = str_replace("[preattached]", $preattachedlist, $PageHeader);
unset ($preattachedlist);
$PageHeader = str_replace("[ifpreattached]", '', $PageHeader);
$PageHeader = str_replace("[/ifpreattached]", '', $PageHeader);
$PageHeader = str_replace("[preattached2]", $preattachedlist2, $PageHeader);
unset ($preattachedlist2);
$PageHeader = preg_replace("/(\[)(ifembeddedattached)(])(\r\n)*(.*)(\[\/ifembeddedattached\])/siU", "", $PageHeader);
}
elseif ($_REQUEST['id'] <> "") {
$pretmp = $_SESSION['cafwd'];
if (is_array($pretmp)) {
while(list($key, $value) = each($pretmp)) {
$filedisplay = $PageAttachment2;
$filedisplay = str_replace("[attachment_id]", $key, $filedisplay);
$filedisplay = str_replace("[attachment_pid]", '', $filedisplay);
$filedisplay = preg_replace("/(\[)(iflink)(])(\r\n)*(.*)(\[\/iflink\])/siU", "", $filedisplay);
if (isset($_SESSION['cafwd'][$key]["name"])) {
$filename = $_SESSION['cafwd'][$key]["name"];
}
else {
if (isset($_SESSION['cafwd'][$key]["description"])) {
$filename = $_SESSION['cafwd'][$key]["description"];
}
else {
$filename = $lang['SCompose']['NoAttachmentName'];
}
}
$filedisplay = str_replace("[attachment_filename]", $filename, $filedisplay);
$filedisplay = str_replace("[attachment_size]", ceil($_SESSION['cafwd'][$key]["size"]/1024) . " Kb", $filedisplay);
include_once ("./includes/files.inc.php");
$filedisplay = str_replace("[attachment_icon]",'<img src="' . attachmentIcons($_SESSION['cafwd'][$key]["type"]) . '" alt="' . $_SESSION['cafwd'][$key]["type"] . '" />', $filedisplay);
$embedattachedlist .= $filedisplay;
unset($filedisplay);
}
}
unset ($pretmp);
$PageHeader = str_replace("[embeddedattached]", $embedattachedlist, $PageHeader);
$PageHeader = str_replace("[embeddedattached2]", $embedattachedlist, $PageHeader);
$PageHeader = preg_replace("/(\[)(ifpreattached)(])(\r\n)*(.*)(\[\/ifpreattached\])/siU", "", $PageHeader);
unset ($embedattachedlist);
if ($embedattachedlist <> "") {
$PageHeader = str_replace("[ifembeddedattached]", '', $PageHeader);
$PageHeader = str_replace("[/ifembeddedattached]", '', $PageHeader);
}
else {
$PageHeader = preg_replace("/(\[)(ifembeddedattached)(])(\r\n)*(.*)(\[\/ifembeddedattached\])/siU", "", $PageHeader);
}
}
else {
$PageHeader = preg_replace("/(\[)(ifpreattached)(])(\r\n)*(.*)(\[\/ifpreattached\])/siU", "", $PageHeader);
$PageHeader = preg_replace("/(\[)(ifembeddedattached)(])(\r\n)*(.*)(\[\/ifembeddedattached\])/siU", "", $PageHeader);
}
$raiseexterror = 0;
if ($_POST['type'] && $_POST['type'] == 'file') {
// Add new attachment to the session
if (isset($_FILES['filename'])) {
if ($_FILES['filename']['name'] <> "") {
$_FILES['filename']['name'] = str_replace("/tmp", "", $_FILES['filename']['name']);
$_FILES['filename']['name'] = str_replace("../", "", $_FILES['filename']['name']);
if (is_array($AllowFile) && sizeof($AllowFile) >= 1) {
// Check for allowed file extensions
while(list($key, $value) = each($AllowFile)) {
if (!stristr($_FILES['filename']['name'], $value)) {
$raiseexterror = 1;
}
}
}
elseif (is_array($DenyFile) && sizeof($DenyFile) >= 1) {
// Check for denied file extensions
while(list($key, $value) = each($DenyFile)) {
if (stristr($_FILES['filename']['name'], $value)) {
$raiseexterror = 1;
}
}
}
if ($raiseexterror == 0) {
$fp = fopen($_FILES['filename']['tmp_name'], "r");
$filecontents = fread($fp, $_FILES['filename']['size']);
fclose($fp);
$currattachsize = sizeof($_SESSION['ca']);
$_SESSION['ca'][$currattachsize]['id'] = $currattachsize;
$_SESSION['ca'][$currattachsize]['name'] = $_FILES['filename']['name'];
$_SESSION['ca'][$currattachsize]['size'] = $_FILES['filename']['size'];
$_SESSION['ca'][$currattachsize]['type'] = $_FILES['filename']['type'];
$_SESSION['ca'][$currattachsize]['cid'] = '';
$_SESSION['ca'][$currattachsize]['contents'] = $filecontents;
}
}
}
}
elseif ($_POST['type'] && $_POST['type'] == 'url') {
// Upload by URL so open a socket to remote server
require ('./includes/sockets.inc.php');
$remoteURL = new remoteFile();
$remoteContents = $remoteURL->fileRead(strip_tags(trim($_POST['filename'])));
$filenamebreak = explode("/", strip_tags(trim($_POST['filename'])));
$filename = $filenamebreak[(sizeof($filenamebreak)-1)];
$filesize = strlen($remoteContents);
// Get content type from the HTTP headers sent back from the server
$headerexplode = explode("\n", $remoteURL->_headers);
for ($i=0; $i<sizeof($headerexplode); $i++) {
if (strstr($headerexplode[$i], "Content-Type")) {
$contenttype = trim(str_replace("Content-Type:", "", $headerexplode[$i]));
}
}
if (is_array($AllowFile) && sizeof($AllowFile) >= 1) {
// Check for allowed file extensions
while(list($key, $value) = each($AllowFile)) {
if (!stristr($filename, $value)) {
$raiseexterror = 1;
}
}
}
elseif (is_array($DenyFile) && sizeof($DenyFile) >= 1) {
// Check for denied file extensions
while(list($key, $value) = each($DenyFile)) {
if (stristr($filename, $value)) {
$raiseexterror = 1;
}
}
}
if ($raiseexterror == 0) {
$currattachsize = sizeof($_SESSION['ca']);
$_SESSION['ca'][$currattachsize]['id'] = $currattachsize;
$_SESSION['ca'][$currattachsize]['name'] = $filename;
$_SESSION['ca'][$currattachsize]['size'] = $filesize;
$_SESSION['ca'][$currattachsize]['type'] = $contenttype;
$_SESSION['ca'][$currattachsize]['cid'] = '';
$_SESSION['ca'][$currattachsize]['contents'] = $remoteContents;
}
unset ($remoteContents);
}
if (sizeof($_SESSION['ca']) >= $AttachmentNumber) {
$PageHeader = str_replace("[FileFieldset]", ' disabled="true"', $PageHeader);
$PageHeader = str_replace("[URLFieldset]", ' disabled="true"', $PageHeader);
}
else {
$PageHeader = str_replace("[FileFieldset]", '', $PageHeader);
$PageHeader = str_replace("[URLFieldset]", '', $PageHeader);
}
// Standard file attachments
if ($_SESSION['ca']) {
for($i=0; $i<sizeof($_SESSION['ca']); $i++) {
$filedisplay = $PageAttachment;
$filedisplay = str_replace("[attachment_id]", $i, $filedisplay);
$filedisplay = str_replace("[attachment_pid]", '', $filedisplay);
$filedisplay = str_replace("[iflink]", '', $filedisplay);
$filedisplay = str_replace("[/iflink]", '', $filedisplay);
$filedisplay = str_replace("[ifremoveable]", '', $filedisplay);
$filedisplay = str_replace("[/ifremoveable]", '', $filedisplay);
$filedisplay = str_replace("[attachment_link]", "attachment.php?id=$i&pid=&sa=1&f=" . urlencode($folder) . $MainSettings->SessAppend_noecho($TransIDEnabled, 0), $filedisplay);
$filedisplay = str_replace("[attachment_filename]", $_SESSION['ca'][$i]['name'], $filedisplay);
$filedisplay = str_replace("[attachment_size]", ceil(strlen($_SESSION['ca'][$i]['contents'])/1024). " Kb", $filedisplay);
$filedisplay = str_replace("[attachment_type]", 'standard', $filedisplay);
include_once ("./includes/files.inc.php");
$filedisplay = str_replace("[attachment_icon]",'<img src="' . attachmentIcons($_SESSION['ca'][$i]["type"]) . '" alt="' . $_SESSION['ca'][$i]["type"] . '" />', $filedisplay);
$attachmentlist .= $filedisplay;
unset($filedisplay);
$filedisplay = $PageAttachment2;
$filedisplay = str_replace("[attachment_id]", $i, $filedisplay);
$filedisplay = str_replace("[attachment_pid]", '', $filedisplay);
$filedisplay = str_replace("[iflink]", '', $filedisplay);
$filedisplay = str_replace("[/iflink]", '', $filedisplay);
$filedisplay = str_replace("[ifremoveable]", '', $filedisplay);
$filedisplay = str_replace("[/ifremoveable]", '', $filedisplay);
$filedisplay = str_replace("[attachment_link]", "attachment.php?id=$i&pid=&sa=1&f=" . urlencode($_SESSION['folder']) . $MainSettings->SessAppend_noecho($TransIDEnabled, 0), $filedisplay);
$filedisplay = str_replace("[attachment_filename]", $_SESSION['ca'][$i]['name'], $filedisplay);
$filedisplay = str_replace("[attachment_size]", ceil(strlen($_SESSION['ca'][$i]['contents'])/1024). " Kb", $filedisplay);
$filedisplay = str_replace("[attachment_type]", 'standard', $filedisplay);
include_once ("./includes/files.inc.php");
$filedisplay = str_replace("[attachment_icon]",'<img src="' . attachmentIcons($_SESSION['ca'][$i]["type"]) . '" alt="' . $_SESSION['ca'][$i]["type"] . '" />', $filedisplay);
$attachmentlist2 .= $filedisplay;
unset($filedisplay);
}
$PageHeader = str_replace("[attached]", $attachmentlist, $PageHeader);
unset ($attachmentlist);
$PageHeader = str_replace("[iffileattachments]", '', $PageHeader);
$PageHeader = str_replace("[/iffileattachments]", '', $PageHeader);
$PageHeader = str_replace("[attached2]", $attachmentlist2, $PageHeader);
unset ($attachmentlist2);
}
else {
$PageHeader = preg_replace("/(\[)(iffileattachments)(])(\r\n)*(.*)(\[\/iffileattachments\])/siU", "", $PageHeader);
}
if ($raiseexterror == 1) {
$PageHeader = str_replace("[iffiledenied]", '', $PageHeader);
$PageHeader = str_replace("[/iffiledenied]", '', $PageHeader);
}
else {
$PageHeader = preg_replace("/(\[)(iffiledenied)(])(\r\n)*(.*)(\[\/iffiledenied\])/siU", "", $PageHeader);
}
$PageHeader = str_replace("[messageid]", strip_tags($_REQUEST['id']), $PageHeader);
$PageHeader = str_replace("[messagemode]", strip_tags($_REQUEST['mode']), $PageHeader);
$PageHeader = LangReplace('Generic', $PageHeader, $lang);
$PageHeader = LangReplace('SCompose', $PageHeader, $lang);
header ("Content-Type: text/html; charset=" . $_SESSION['DefaultCharSet']);
echo $PageHeader;
?>
|