summaryrefslogtreecommitdiff
path: root/program/steps/mail
diff options
context:
space:
mode:
Diffstat (limited to 'program/steps/mail')
-rw-r--r--program/steps/mail/compose.inc37
-rw-r--r--program/steps/mail/upload.inc22
2 files changed, 38 insertions, 21 deletions
diff --git a/program/steps/mail/compose.inc b/program/steps/mail/compose.inc
index 32378f59c..639ea684e 100644
--- a/program/steps/mail/compose.inc
+++ b/program/steps/mail/compose.inc
@@ -23,20 +23,20 @@
require_once('Mail/mimeDecode.php');
// remove an attachment
-if ($_action=='remove-attachment' && !empty($_GET['_filename']))
+if ($_action=='remove-attachment' && preg_match('/^rcmfile([0-9]+)$/', $_GET['_file'], $regs))
{
- if (is_array($_SESSION['compose']['attachments']))
- foreach ($_SESSION['compose']['attachments'] as $i => $attachment)
- if ($attachment['name'] == $_GET['_filename'])
- {
- @unlink($attachment['path']);
- unset($_SESSION['compose']['attachments'][$i]);
- $commands = sprintf("parent.%s.remove_from_attachment_list('%s');\n", $JS_OBJECT_NAME, $_GET['_filename']);
- rcube_remote_response($commands);
- exit;
- }
+ $id = $regs[1];
+ if (is_array($_SESSION['compose']['attachments'][$id]))
+ {
+ @unlink($_SESSION['compose']['attachments'][$id]['path']);
+ $_SESSION['compose']['attachments'][$id] = NULL;
+ $commands = sprintf("parent.%s.remove_from_attachment_list('rcmfile%d');\n", $JS_OBJECT_NAME, $id);
+ rcube_remote_response($commands);
+ exit;
+ }
}
+
$MESSAGE_FORM = NULL;
$REPLY_MESSAGE = NULL;
$FORWARD_MESSAGE = NULL;
@@ -480,7 +480,7 @@ function rcmail_create_forward_body($body)
{
if ($part->disposition=='attachment' || $part->disposition=='inline' || $part->headers['content-id'] ||
(empty($part->disposition) && ($part->d_parameters['filename'] || $part->ctype_parameters['name'])))
- {
+ {
$tmp_path = tempnam($temp_dir, 'rcmAttmnt');
if ($fp = fopen($tmp_path, 'w'))
{
@@ -621,20 +621,21 @@ function rcmail_compose_attachment_list($attrib)
if (is_array($_SESSION['compose']['attachments']))
{
if ($attrib['deleteicon'])
- $button = sprintf('<img src="%s%s" alt="%s" border="0" / style="padding-right:2px;vertical-align:middle">',
+ $button = sprintf('<img src="%s%s" alt="%s" border="0" style="padding-right:2px;vertical-align:middle" />',
$CONFIG['skin_path'],
$attrib['deleteicon'],
rcube_label('delete'));
else
$button = rcube_label('delete');
- foreach ($_SESSION['compose']['attachments'] as $i => $a_prop)
- $out .= sprintf('<li id="%s"><a href="#" onclick="%s.command(\'remove-attachment\',\'%s\')" title="%s">%s</a>%s</li>',
- $a_prop['name'],
+ foreach ($_SESSION['compose']['attachments'] as $id => $a_prop)
+ $out .= sprintf('<li id="rcmfile%d"><a href="#delete" onclick="return %s.command(\'remove-attachment\',\'rcmfile%d\', this)" title="%s">%s</a>%s</li>',
+ $id,
$JS_OBJECT_NAME,
- $a_prop['name'],
+ $id,
rcube_label('delete'),
- $button, $a_prop['name']);
+ $button,
+ rep_specialchars_output($a_prop['name']));
}
$OUTPUT->add_script(sprintf("%s.gui_object('attachmentlist', '%s');", $JS_OBJECT_NAME, $attrib['id']));
diff --git a/program/steps/mail/upload.inc b/program/steps/mail/upload.inc
index abab3891b..850ccd01d 100644
--- a/program/steps/mail/upload.inc
+++ b/program/steps/mail/upload.inc
@@ -41,13 +41,29 @@ foreach ($_FILES['_attachments']['tmp_name'] as $i => $filepath)
$tmpfname = tempnam($temp_dir, 'rcmAttmnt');
if (move_uploaded_file($filepath, $tmpfname))
{
+ $id = count($_SESSION['compose']['attachments']);
$_SESSION['compose']['attachments'][] = array('name' => $_FILES['_attachments']['name'][$i],
'mimetype' => $_FILES['_attachments']['type'][$i],
'path' => $tmpfname);
- $button = sprintf('<img src="%s/images/icons/remove-attachment.png" alt="%s" border="0" style="padding-right:2px;vertical-align:middle">', $CONFIG['skin_path'], rcube_label('delete'));
- $content = sprintf('<a href="#" onclick="%s.command(\\\'remove-attachment\\\',\\\'%s\\\')" title="%s">%s</a>%s',$JS_OBJECT_NAME, $_FILES['_attachments']['name'][$i], rcube_label('delete'), $button, $_FILES['_attachments']['name'][$i]);
- $response .= sprintf('parent.%s.add2attachment_list(\'%s\',\'%s\');',$JS_OBJECT_NAME, $_FILES['_attachments']['name'][$i], $content);
+ if (is_file($CONFIG['skin_path'] . '/images/icons/remove-attachment.png'))
+ $button = sprintf('<img src="%s/images/icons/remove-attachment.png" alt="%s" border="0" style="padding-right:2px;vertical-align:middle" />',
+ $CONFIG['skin_path'],
+ rcube_label('delete'));
+ else
+ $button = rcube_label('delete');
+
+ $content = sprintf('<a href="#delete" onclick="return %s.command(\\\'remove-attachment\\\', \\\'rcmfile%d\\\', this)" title="%s">%s</a>%s',
+ $JS_OBJECT_NAME,
+ $id,
+ rcube_label('delete'),
+ $button,
+ rep_specialchars_output($_FILES['_attachments']['name'][$i], 'js'));
+
+ $response .= sprintf('parent.%s.add2attachment_list(\'rcmfile%d\',\'%s\');',
+ $JS_OBJECT_NAME,
+ $id,
+ $content);
}
}