|
0
|
1 <?php
|
|
|
2
|
|
|
3 /**
|
|
|
4 +-----------------------------------------------------------------------+
|
|
|
5 | program/steps/settings/upload.inc |
|
|
|
6 | |
|
|
|
7 | This file is part of the Roundcube Webmail client |
|
|
|
8 | Copyright (C) 2005-2014, The Roundcube Dev Team |
|
|
|
9 | |
|
|
|
10 | Licensed under the GNU General Public License version 3 or |
|
|
|
11 | any later version with exceptions for skins & plugins. |
|
|
|
12 | See the README file for a full license statement. |
|
|
|
13 | |
|
|
|
14 | PURPOSE: |
|
|
|
15 | Handles image uploads |
|
|
|
16 | |
|
|
|
17 +-----------------------------------------------------------------------+
|
|
|
18 | Author: Aleksander Machniak <alec@alec.pl> |
|
|
|
19 +-----------------------------------------------------------------------+
|
|
|
20 */
|
|
|
21
|
|
|
22 // Upload progress update
|
|
|
23 if (!empty($_GET['_progress'])) {
|
|
|
24 $RCMAIL->upload_progress();
|
|
|
25 }
|
|
|
26
|
|
|
27 $from = rcube_utils::get_input_value('_from', rcube_utils::INPUT_GET);
|
|
|
28 $type = preg_replace('/(add|edit)-/', '', $from);
|
|
|
29
|
|
|
30 // Plugins in Settings may use this file for some uploads (#5694)
|
|
|
31 // Make sure it does not contain a dot, which is a special character
|
|
|
32 // when using rcube_session::append() below
|
|
|
33 $type = str_replace('.', '-', $type);
|
|
|
34
|
|
|
35 if ($RCMAIL->action == 'upload-display') {
|
|
|
36 $id = 'undefined';
|
|
|
37
|
|
|
38 if (preg_match('/^rcmfile(\w+)$/', $_GET['_file'], $regs)) {
|
|
|
39 $id = $regs[1];
|
|
|
40 }
|
|
|
41
|
|
|
42 $RCMAIL->display_uploaded_file($_SESSION[$type]['files'][$id]);
|
|
|
43
|
|
|
44 exit;
|
|
|
45 }
|
|
|
46
|
|
|
47
|
|
|
48 // Supported image format types
|
|
|
49 $IMAGE_TYPES = explode(',', 'jpeg,jpg,jp2,tiff,tif,bmp,eps,gif,png,png8,png24,png32,svg,ico');
|
|
|
50
|
|
|
51 // clear all stored output properties (like scripts and env vars)
|
|
|
52 $OUTPUT->reset();
|
|
|
53
|
|
|
54 $max_size = $RCMAIL->config->get($type . '_image_size', 64) * 1024;
|
|
|
55 $post_size = $RCMAIL->show_bytes(rcube_utils::max_upload_size());
|
|
|
56 $uploadid = rcube_utils::get_input_value('_uploadid', rcube_utils::INPUT_GET);
|
|
|
57
|
|
|
58
|
|
|
59 if (is_array($_FILES['_file']['tmp_name'])) {
|
|
|
60 $multiple = count($_FILES['_file']['tmp_name']) > 1;
|
|
|
61
|
|
|
62 foreach ($_FILES['_file']['tmp_name'] as $i => $filepath) {
|
|
|
63 // Process uploaded attachment if there is no error
|
|
|
64 $err = $_FILES['_file']['error'][$i];
|
|
|
65
|
|
|
66 if (!$err) {
|
|
|
67 if ($max_size < $_FILES['_file']['size'][$i]) {
|
|
|
68 $err = 'size_error';
|
|
|
69 }
|
|
|
70 // check image file type
|
|
|
71 else {
|
|
|
72 $image = new rcube_image($filepath);
|
|
|
73 $imageprop = $image->props();
|
|
|
74
|
|
|
75 if (!in_array(strtolower($imageprop['type']), $IMAGE_TYPES)) {
|
|
|
76 $err = 'type_error';
|
|
|
77 }
|
|
|
78 }
|
|
|
79 }
|
|
|
80
|
|
|
81 // save uploaded image in storage backend
|
|
|
82 if (!$err) {
|
|
|
83 $attachment = $RCMAIL->plugins->exec_hook('attachment_upload', array(
|
|
|
84 'path' => $filepath,
|
|
|
85 'size' => $_FILES['_file']['size'][$i],
|
|
|
86 'name' => $_FILES['_file']['name'][$i],
|
|
|
87 'mimetype' => 'image/' . $imageprop['type'],
|
|
|
88 'group' => $type,
|
|
|
89 ));
|
|
|
90 }
|
|
|
91
|
|
|
92 if (!$err && $attachment['status'] && !$attachment['abort']) {
|
|
|
93 $id = $attachment['id'];
|
|
|
94
|
|
|
95 // store new file in session
|
|
|
96 unset($attachment['status'], $attachment['abort']);
|
|
|
97 $RCMAIL->session->append($type . '.files', $id, $attachment);
|
|
|
98
|
|
|
99 $content = rcube::Q($attachment['name']);
|
|
|
100
|
|
|
101 $OUTPUT->command('add2attachment_list', "rcmfile$id", array(
|
|
|
102 'html' => $content,
|
|
|
103 'name' => $attachment['name'],
|
|
|
104 'mimetype' => $attachment['mimetype'],
|
|
|
105 'classname' => rcube_utils::file2class($attachment['mimetype'], $attachment['name']),
|
|
|
106 'complete' => true
|
|
|
107 ),
|
|
|
108 $uploadid
|
|
|
109 );
|
|
|
110 }
|
|
|
111 else {
|
|
|
112 if ($err == 'type_error') {
|
|
|
113 $msg = $RCMAIL->gettext('invalidimageformat');
|
|
|
114 }
|
|
|
115 else if ($err == 'size_error') {
|
|
|
116 $msg = $RCMAIL->gettext(array('name' => 'filesizeerror', 'vars' => array('size' => $max_size)));
|
|
|
117 }
|
|
|
118 else if ($err == UPLOAD_ERR_INI_SIZE || $err == UPLOAD_ERR_FORM_SIZE) {
|
|
|
119 $msg = $RCMAIL->gettext(array('name' => 'filesizeerror', 'vars' => array('size' => $post_size)));
|
|
|
120 }
|
|
|
121 else if ($attachment['error']) {
|
|
|
122 $msg = $attachment['error'];
|
|
|
123 }
|
|
|
124 else {
|
|
|
125 $msg = $RCMAIL->gettext('fileuploaderror');
|
|
|
126 }
|
|
|
127
|
|
|
128 $OUTPUT->command('display_message', $msg, 'error');
|
|
|
129 }
|
|
|
130 }
|
|
|
131 }
|
|
|
132 else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
|
|
133 // if filesize exceeds post_max_size then $_FILES array is empty,
|
|
|
134 // show filesizeerror instead of fileuploaderror
|
|
|
135 if ($maxsize = ini_get('post_max_size')) {
|
|
|
136 $msg = $RCMAIL->gettext(array(
|
|
|
137 'name' => 'filesizeerror',
|
|
|
138 'vars' => array('size' => $RCMAIL->show_bytes(parse_bytes($maxsize)))
|
|
|
139 ));
|
|
|
140 }
|
|
|
141 else {
|
|
|
142 $msg = $RCMAIL->gettext('fileuploaderror');
|
|
|
143 }
|
|
|
144
|
|
|
145 $OUTPUT->command('display_message', $msg, 'error');
|
|
|
146 $OUTPUT->command('remove_from_attachment_list', $uploadid);
|
|
|
147 }
|
|
|
148
|
|
|
149 $OUTPUT->send('iframe');
|
