Error handling for attachment uploads; multibyte-safe string functions; XSS improvements

author: thomascube <thomas@roundcube.net> 2006-12-29 21:06:39 +0000
committer: thomascube <thomas@roundcube.net> 2006-12-29 21:06:39 +0000
commit: 86df1529feb4b7eb1a9721baa194518bacbfd8ff (patch)
tree: 380827ed01c3e3e3a3253d0b00c350b467186a25 /program/steps/mail/upload.inc
parent: 3b12aeeeca89bbc3d8cc5342beb07643067e3760 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/program/steps/mail/upload.inc b/program/steps/mail/upload.inc
index 0d9761e44..06ed26591 100644
--- a/program/steps/mail/upload.inc
+++ b/program/steps/mail/upload.inc
@@ -65,6 +65,16 @@ foreach ($_FILES['_attachments']['tmp_name'] as $i => $filepath)
                          $id,
                          $content);
     }
+  else // upload failed
+    {
+    $err = $_FILES['_attachments']['error'][$i];
+    if ($err == UPLOAD_ERR_INI_SIZE || $err == UPLOAD_ERR_FORM_SIZE)
+      $msg = rcube_label(array('name' => 'filesizeerror', 'vars' => array('size' => show_bytes(parse_bytes(ini_get('upload_max_filesize'))))));
+    else
+      $msg = rcube_label('fileuploaderror');
+    
+    $response = sprintf("parent.%s.display_message('%s', 'error');", $JS_OBJECT_NAME, JQ($msg));
+    }
   }
author	thomascube <thomas@roundcube.net>	2006-12-29 21:06:39 +0000
committer	thomascube <thomas@roundcube.net>	2006-12-29 21:06:39 +0000
commit	86df1529feb4b7eb1a9721baa194518bacbfd8ff (patch)
tree	380827ed01c3e3e3a3253d0b00c350b467186a25 /program/steps/mail/upload.inc
parent	3b12aeeeca89bbc3d8cc5342beb07643067e3760 (diff)