From fd6146b6780c526a04682cda89b133e2d9bbd910 Mon Sep 17 00:00:00 2001
From: alecpl <alec@alec.pl>
Date: Thu, 25 Aug 2011 08:30:01 +0000
Subject: - Applied fixes from trunk up to r5126

---
 program/steps/addressbook/save.inc         |  6 +++---
 program/steps/addressbook/upload_photo.inc | 10 ++++++++--
 2 files changed, 11 insertions(+), 5 deletions(-)

(limited to 'program/steps/addressbook')

diff --git a/program/steps/addressbook/save.inc b/program/steps/addressbook/save.inc
index c463bf7fe..ddbd630ef 100644
--- a/program/steps/addressbook/save.inc
+++ b/program/steps/addressbook/save.inc
@@ -104,12 +104,13 @@ if (isset($a_record['photo'])) {
     $RCMAIL->session->remove('contacts');
 }
 
+$source = get_input_value('_source', RCUBE_INPUT_GPC);
 
 // update an existing contact
 if (!empty($cid))
 {
   $plugin = $RCMAIL->plugins->exec_hook('contact_update',
-    array('id' => $cid, 'record' => $a_record, 'source' => get_input_value('_source', RCUBE_INPUT_GPC)));
+    array('id' => $cid, 'record' => $a_record, 'source' => $source));
   $a_record = $plugin['record'];
 
   if (!$plugin['abort'])
@@ -136,7 +137,7 @@ if (!empty($cid))
       $a_js_cols[] = Q((string)$record[$col]);
 
     // update the changed col in list
-    $OUTPUT->command('parent.update_contact_row', $cid, $a_js_cols, $newcid);
+    $OUTPUT->command('parent.update_contact_row', $cid, $a_js_cols, $newcid, $source);
 
     // show confirmation
     $OUTPUT->show_message('successfullysaved', 'confirmation', null, false);
@@ -152,7 +153,6 @@ if (!empty($cid))
 
 // insert a new contact
 else {
-  $source = get_input_value('_source', RCUBE_INPUT_GPC);
   // Name of the addressbook already selected on the list
   $orig_source = get_input_value('_orig_source', RCUBE_INPUT_GPC);
 
diff --git a/program/steps/addressbook/upload_photo.inc b/program/steps/addressbook/upload_photo.inc
index 1ed71f8cb..f0430ae80 100644
--- a/program/steps/addressbook/upload_photo.inc
+++ b/program/steps/addressbook/upload_photo.inc
@@ -19,14 +19,20 @@
 
 */
 
+// Supported image format types
+// ImageMagick works with other non-image types (e.g.pdf) we don't want here
+$IMAGE_TYPES = explode(',', 'jpeg,jpg,jp2,tiff,tif,bmp,eps,gif,png,png8,png24,png32,svg,ico'); 
+
 // clear all stored output properties (like scripts and env vars)
 $OUTPUT->reset();
-console($_FILES);
+
 if ($filepath = $_FILES['_photo']['tmp_name']) {
     // check file type and resize image
     $imageprop = rcmail::imageprops($_FILES['_photo']['tmp_name']);
 
-    if ($imageprop['width'] && $imageprop['height']) {
+    if (in_array(strtolower($imageprop['type']), $IMAGE_TYPES)
+	&& $imageprop['width'] && $imageprop['height']
+    ) {
         $maxsize = intval($RCMAIL->config->get('contact_photo_size', 160));
         $tmpfname = tempnam($RCMAIL->config->get('temp_dir'), 'rcmImgConvert');
         $save_hook = 'attachment_upload';
-- 
cgit v1.2.3