summaryrefslogtreecommitdiff
path: root/program/steps/mail/get.inc
diff options
context:
space:
mode:
authorAndy Wermke <andy@dev.next-step-software.com>2013-04-04 16:10:23 +0200
committerAndy Wermke <andy@dev.next-step-software.com>2013-04-04 16:10:23 +0200
commit92cd7f34b07e86062f2c024039e3309768b48ce6 (patch)
tree63b9f39280ebcab80742d9f2b4db6a139c1791e1 /program/steps/mail/get.inc
parent029d18f13bcf01aa2f1f08dbdfc6400c081bf7cb (diff)
parent443b92a7ee19e321b350750240e0fc54ec5be357 (diff)
Merge branch 'master' of https://github.com/roundcube/roundcubemail
Diffstat (limited to 'program/steps/mail/get.inc')
-rw-r--r--program/steps/mail/get.inc93
1 files changed, 57 insertions, 36 deletions
diff --git a/program/steps/mail/get.inc b/program/steps/mail/get.inc
index 71a5e1b02..23dc22b7c 100644
--- a/program/steps/mail/get.inc
+++ b/program/steps/mail/get.inc
@@ -35,6 +35,7 @@ if (!empty($_GET['_preload'])) {
ob_end_clean();
+
// similar code as in program/steps/mail/show.inc
if (!empty($_GET['_uid'])) {
$RCMAIL->config->set('prefer_html', true);
@@ -47,13 +48,7 @@ check_storage_status();
// show part page
if (!empty($_GET['_frame'])) {
if (($part_id = get_input_value('_part', RCUBE_INPUT_GPC)) && ($part = $MESSAGE->mime_parts[$part_id])) {
- $filename = $part->filename;
- if (empty($filename) && $part->mimetype == 'text/html') {
- $filename = rcube_label('htmlmessage');
- }
- if (!empty($filename)) {
- $OUTPUT->set_pagetitle($filename);
- }
+ $OUTPUT->set_pagetitle(rcmail_attachment_name($part));
}
$OUTPUT->send('messagepart');
@@ -65,11 +60,11 @@ else if ($_GET['_thumb']) {
$pid = get_input_value('_part', RCUBE_INPUT_GET);
if ($part = $MESSAGE->mime_parts[$pid]) {
$thumbnail_size = $RCMAIL->config->get('image_thumbnail_size', 240);
- $temp_dir = $RCMAIL->config->get('temp_dir');
- list(,$ext) = explode('/', $part->mimetype);
+ $temp_dir = $RCMAIL->config->get('temp_dir');
+ list(,$ext) = explode('/', $part->mimetype);
$cache_basename = $temp_dir . '/' . md5($MESSAGE->headers->messageID . $part->mime_id . ':' . $RCMAIL->user->ID . ':' . $thumbnail_size);
- $cache_file = $cache_basename . '.' . $ext;
- $mimetype = $part->mimetype;
+ $cache_file = $cache_basename . '.' . $ext;
+ $mimetype = $part->mimetype;
// render thumbnail image if not done yet
if (!is_file($cache_file)) {
@@ -78,7 +73,7 @@ else if ($_GET['_thumb']) {
fclose($fp);
$image = new rcube_image($orig_name);
- if ($imgtype = $image->resize($RCMAIL->config->get('image_thumbnail_size', 240), $cache_file, true)) {
+ if ($imgtype = $image->resize($thumbnail_size, $cache_file, true)) {
$mimetype = 'image/' . $imgtype;
unlink($orig_name);
}
@@ -126,7 +121,7 @@ else if (strlen($pid = get_input_value('_part', RCUBE_INPUT_GET))) {
$valid = $file_extension && in_array($file_extension, (array)$extensions);
// 2. detect the real mimetype of the attachment part and compare it with the stated mimetype and filename extension
- if ($valid || !$file_extension || $mimetype == 'application/octet-stream') {
+ if ($valid || !$file_extension || $mimetype == 'application/octet-stream' || $mimetype == 'text/plain') {
if ($part->body) // part body is already loaded
$body = $part->body;
else if ($part->size && $part->size < 1024*1024) // load the entire part if it's small enough
@@ -138,6 +133,10 @@ else if (strlen($pid = get_input_value('_part', RCUBE_INPUT_GET))) {
$real_mimetype = rcube_mime::file_content_type($body, $part->filename, $mimetype, true, true);
list($real_ctype_primary, $real_ctype_secondary) = explode('/', $real_mimetype);
+ // accept text/plain with any extension
+ if ($real_mimetype == 'text/plain' && $real_mimetype == $mimetype)
+ $file_extension = 'txt';
+
// ignore differences in text/* mimetypes. Filetype detection isn't very reliable here
if ($real_ctype_primary == 'text' && strpos($mimetype, $real_ctype_primary) === 0)
$real_mimetype = $mimetype;
@@ -159,19 +158,20 @@ else if (strlen($pid = get_input_value('_part', RCUBE_INPUT_GET))) {
// show warning if validity checks failed
if (!$valid) {
$OUTPUT = new rcmail_html_page();
- $OUTPUT->write(html::tag('html', null, html::tag('body', array('style' => 'font-family:sans-serif; margin:1em'),
- html::div(array('class' => 'warning', 'style' => 'border:2px solid #ffdf0e; background:#fef893; padding:1em 1em 0 1em;'),
+ $OUTPUT->write(html::tag('html', null, html::tag('body', 'embed',
+ html::div(array('class' => 'rcmail-inline-message rcmail-inline-warning'),
rcube_label(array(
'name' => 'attachmentvalidationerror',
- 'vars' => array('expected' => "$mimetype (.$file_extension)", 'detected' => "$real_mimetype (.$extensions[0])")
+ 'vars' => array(
+ 'expected' => $mimetype . ($file_extension ? "(.$file_extension)" : ''),
+ 'detected' => $real_mimetype . ($extensions[0] ? "(.$extensions[0])" : ''),
+ )
)) .
- html::p('buttons',
- html::tag('button', null,
- html::a(array(
- 'href' => $RCMAIL->url(array_merge($_GET, array('_nocheck' => 1))),
- 'style' => 'text-decoration:none;color:#000',
- ), rcube_label('showanyway')))
- ))
+ html::p(array('class' => 'rcmail-inline-buttons'),
+ html::tag('button',
+ array('onclick' => "location.href='" . $RCMAIL->url(array_merge($_GET, array('_nocheck' => 1))) . "'"),
+ rcube_label('showanyway')))
+ )
)));
exit;
}
@@ -222,7 +222,27 @@ else if (strlen($pid = get_input_value('_part', RCUBE_INPUT_GET))) {
if (!$part->body)
$part->body = $MESSAGE->get_part_content($part->mime_id);
+ // show images?
+ rcmail_check_safe($MESSAGE);
+
+ // render HTML body
$out = rcmail_print_body($part, array('safe' => $MESSAGE->is_safe, 'inline_html' => false));
+
+ // insert remote objects warning into HTML body
+ if ($REMOTE_OBJECTS) {
+ $body_start = 0;
+ if ($body_pos = strpos($out, '<body')) {
+ $body_start = strpos($out, '>', $body_pos) + 1;
+ }
+ $out = substr($out, 0, $body_start) .
+ html::div(array('class' => 'rcmail-inline-message rcmail-inline-warning'),
+ Q(rcube_label('blockedimages')) . '&nbsp;' .
+ html::tag('button',
+ array('onclick' => "location.href='" . $RCMAIL->url(array_merge($_GET, array('_safe' => 1))) . "'"),
+ Q(rcube_label('showimages')))
+ ) .
+ substr($out, $body_start);
+ }
}
// check connection status
@@ -237,18 +257,7 @@ else if (strlen($pid = get_input_value('_part', RCUBE_INPUT_GET))) {
// don't kill the connection if download takes more than 30 sec.
@set_time_limit(0);
- if ($part->filename) {
- $filename = $part->filename;
- }
- else if ($part->mimetype == 'text/html') {
- $filename = rcube_label('htmlmessage');
- }
- else {
- $ext = '.' . ($mimetype == 'text/plain' ? 'txt' : $ctype_secondary);
- $filename = ($MESSAGE->subject ? $MESSAGE->subject : 'roundcube') . $ext;
- }
-
- $filename = preg_replace('[\r\n]', '', $filename);
+ $filename = rcmail_attachment_name($part);
if ($browser->ie && $browser->ver < 7)
$filename = rawurlencode(abbreviate_string($filename, 55));
@@ -259,6 +268,18 @@ else if (strlen($pid = get_input_value('_part', RCUBE_INPUT_GET))) {
$disposition = !empty($plugin['download']) ? 'attachment' : 'inline';
+ // Workaround for nasty IE bug (#1488844)
+ // If Content-Disposition header contains string "attachment" e.g. in filename
+ // IE handles data as attachment not inline
+ if ($disposition == 'inline' && $browser->ie && $browser->ver < 9) {
+ $filename = str_ireplace('attachment', 'attach', $filename);
+ }
+
+ // add filename extension if missing
+ if (!pathinfo($filename, PATHINFO_EXTENSION) && ($extensions = rcube_mime::get_mime_extensions($mimetype))) {
+ $filename .= '.' . $extensions[0];
+ }
+
header("Content-Disposition: $disposition; filename=\"$filename\"");
// handle tiff to jpeg conversion
@@ -302,7 +323,7 @@ else if (strlen($pid = get_input_value('_part', RCUBE_INPUT_GET))) {
// send part as-it-is
else {
if ($part->body) {
- header("Content-Length: " . sizeof($part->body));
+ header("Content-Length: " . strlen($part->body));
echo $part->body;
$sent = true;
}