Mercurial > hg > rc2
comparison program/steps/settings/upload.inc @ 0:4681f974d28b
vanilla 1.3.3 distro, I hope
| author | Charlie Root |
|---|---|
| date | Thu, 04 Jan 2018 15:52:31 -0500 |
| parents | |
| children |
comparison
equal
deleted
inserted
replaced
| -1:000000000000 | 0:4681f974d28b |
|---|---|
| 1 <?php | |
| 2 | |
| 3 /** | |
| 4 +-----------------------------------------------------------------------+ | |
| 5 | program/steps/settings/upload.inc | | |
| 6 | | | |
| 7 | This file is part of the Roundcube Webmail client | | |
| 8 | Copyright (C) 2005-2014, The Roundcube Dev Team | | |
| 9 | | | |
| 10 | Licensed under the GNU General Public License version 3 or | | |
| 11 | any later version with exceptions for skins & plugins. | | |
| 12 | See the README file for a full license statement. | | |
| 13 | | | |
| 14 | PURPOSE: | | |
| 15 | Handles image uploads | | |
| 16 | | | |
| 17 +-----------------------------------------------------------------------+ | |
| 18 | Author: Aleksander Machniak <alec@alec.pl> | | |
| 19 +-----------------------------------------------------------------------+ | |
| 20 */ | |
| 21 | |
| 22 // Upload progress update | |
| 23 if (!empty($_GET['_progress'])) { | |
| 24 $RCMAIL->upload_progress(); | |
| 25 } | |
| 26 | |
| 27 $from = rcube_utils::get_input_value('_from', rcube_utils::INPUT_GET); | |
| 28 $type = preg_replace('/(add|edit)-/', '', $from); | |
| 29 | |
| 30 // Plugins in Settings may use this file for some uploads (#5694) | |
| 31 // Make sure it does not contain a dot, which is a special character | |
| 32 // when using rcube_session::append() below | |
| 33 $type = str_replace('.', '-', $type); | |
| 34 | |
| 35 if ($RCMAIL->action == 'upload-display') { | |
| 36 $id = 'undefined'; | |
| 37 | |
| 38 if (preg_match('/^rcmfile(\w+)$/', $_GET['_file'], $regs)) { | |
| 39 $id = $regs[1]; | |
| 40 } | |
| 41 | |
| 42 $RCMAIL->display_uploaded_file($_SESSION[$type]['files'][$id]); | |
| 43 | |
| 44 exit; | |
| 45 } | |
| 46 | |
| 47 | |
| 48 // Supported image format types | |
| 49 $IMAGE_TYPES = explode(',', 'jpeg,jpg,jp2,tiff,tif,bmp,eps,gif,png,png8,png24,png32,svg,ico'); | |
| 50 | |
| 51 // clear all stored output properties (like scripts and env vars) | |
| 52 $OUTPUT->reset(); | |
| 53 | |
| 54 $max_size = $RCMAIL->config->get($type . '_image_size', 64) * 1024; | |
| 55 $post_size = $RCMAIL->show_bytes(rcube_utils::max_upload_size()); | |
| 56 $uploadid = rcube_utils::get_input_value('_uploadid', rcube_utils::INPUT_GET); | |
| 57 | |
| 58 | |
| 59 if (is_array($_FILES['_file']['tmp_name'])) { | |
| 60 $multiple = count($_FILES['_file']['tmp_name']) > 1; | |
| 61 | |
| 62 foreach ($_FILES['_file']['tmp_name'] as $i => $filepath) { | |
| 63 // Process uploaded attachment if there is no error | |
| 64 $err = $_FILES['_file']['error'][$i]; | |
| 65 | |
| 66 if (!$err) { | |
| 67 if ($max_size < $_FILES['_file']['size'][$i]) { | |
| 68 $err = 'size_error'; | |
| 69 } | |
| 70 // check image file type | |
| 71 else { | |
| 72 $image = new rcube_image($filepath); | |
| 73 $imageprop = $image->props(); | |
| 74 | |
| 75 if (!in_array(strtolower($imageprop['type']), $IMAGE_TYPES)) { | |
| 76 $err = 'type_error'; | |
| 77 } | |
| 78 } | |
| 79 } | |
| 80 | |
| 81 // save uploaded image in storage backend | |
| 82 if (!$err) { | |
| 83 $attachment = $RCMAIL->plugins->exec_hook('attachment_upload', array( | |
| 84 'path' => $filepath, | |
| 85 'size' => $_FILES['_file']['size'][$i], | |
| 86 'name' => $_FILES['_file']['name'][$i], | |
| 87 'mimetype' => 'image/' . $imageprop['type'], | |
| 88 'group' => $type, | |
| 89 )); | |
| 90 } | |
| 91 | |
| 92 if (!$err && $attachment['status'] && !$attachment['abort']) { | |
| 93 $id = $attachment['id']; | |
| 94 | |
| 95 // store new file in session | |
| 96 unset($attachment['status'], $attachment['abort']); | |
| 97 $RCMAIL->session->append($type . '.files', $id, $attachment); | |
| 98 | |
| 99 $content = rcube::Q($attachment['name']); | |
| 100 | |
| 101 $OUTPUT->command('add2attachment_list', "rcmfile$id", array( | |
| 102 'html' => $content, | |
| 103 'name' => $attachment['name'], | |
| 104 'mimetype' => $attachment['mimetype'], | |
| 105 'classname' => rcube_utils::file2class($attachment['mimetype'], $attachment['name']), | |
| 106 'complete' => true | |
| 107 ), | |
| 108 $uploadid | |
| 109 ); | |
| 110 } | |
| 111 else { | |
| 112 if ($err == 'type_error') { | |
| 113 $msg = $RCMAIL->gettext('invalidimageformat'); | |
| 114 } | |
| 115 else if ($err == 'size_error') { | |
| 116 $msg = $RCMAIL->gettext(array('name' => 'filesizeerror', 'vars' => array('size' => $max_size))); | |
| 117 } | |
| 118 else if ($err == UPLOAD_ERR_INI_SIZE || $err == UPLOAD_ERR_FORM_SIZE) { | |
| 119 $msg = $RCMAIL->gettext(array('name' => 'filesizeerror', 'vars' => array('size' => $post_size))); | |
| 120 } | |
| 121 else if ($attachment['error']) { | |
| 122 $msg = $attachment['error']; | |
| 123 } | |
| 124 else { | |
| 125 $msg = $RCMAIL->gettext('fileuploaderror'); | |
| 126 } | |
| 127 | |
| 128 $OUTPUT->command('display_message', $msg, 'error'); | |
| 129 } | |
| 130 } | |
| 131 } | |
| 132 else if ($_SERVER['REQUEST_METHOD'] == 'POST') { | |
| 133 // if filesize exceeds post_max_size then $_FILES array is empty, | |
| 134 // show filesizeerror instead of fileuploaderror | |
| 135 if ($maxsize = ini_get('post_max_size')) { | |
| 136 $msg = $RCMAIL->gettext(array( | |
| 137 'name' => 'filesizeerror', | |
| 138 'vars' => array('size' => $RCMAIL->show_bytes(parse_bytes($maxsize))) | |
| 139 )); | |
| 140 } | |
| 141 else { | |
| 142 $msg = $RCMAIL->gettext('fileuploaderror'); | |
| 143 } | |
| 144 | |
| 145 $OUTPUT->command('display_message', $msg, 'error'); | |
| 146 $OUTPUT->command('remove_from_attachment_list', $uploadid); | |
| 147 } | |
| 148 | |
| 149 $OUTPUT->send('iframe'); |