program/steps/mail/upload.inc

   1 <?php
   2
   3 /*
   4  +-----------------------------------------------------------------------+
   5  | program/steps/mail/upload.inc                                         |
   6  |                                                                       |
   7  | This file is part of the RoundCube Webmail client                     |
   8  | Copyright (C) 2005-2007, RoundCube Dev. - Switzerland                 |
   9  | Licensed under the GNU GPL                                            |
  10  |                                                                       |
  11  | PURPOSE:                                                              |
  12  |   Handle file-upload and make them available as attachments           |
  13  |                                                                       |
  14  +-----------------------------------------------------------------------+
  15  | Author: Thomas Bruederli <roundcube@gmail.com>                        |
  16  +-----------------------------------------------------------------------+
  17
  18  $Id: upload.inc 1434 2008-05-27 14:58:04Z thomasb $
  19
  20 */
  21
  22
  23 if (!$_SESSION['compose']) {
  24   die("Invalid session var!");
  25 }
  26
  27
  28 // use common temp dir for file uploads
  29 $temp_dir = unslashify($CONFIG['temp_dir']);
  30
  31
  32 if (!is_array($_SESSION['compose']['attachments']))
  33   $_SESSION['compose']['attachments'] = array();
  34
  35
  36 // clear all stored output properties (like scripts and env vars)
  37 $OUTPUT->reset();
  38
  39 if (is_array($_FILES['_attachments']['tmp_name']))
  40   {
  41   foreach ($_FILES['_attachments']['tmp_name'] as $i => $filepath)
  42     {
  43     $tmpfname = tempnam($temp_dir, 'rcmAttmnt');
  44     if (move_uploaded_file($filepath, $tmpfname))
  45       {
  46       $id = count($_SESSION['compose']['attachments']);
  47       $_SESSION['compose']['attachments'][] = array('name' => $_FILES['_attachments']['name'][$i],
  48                                                   'mimetype' => $_FILES['_attachments']['type'][$i],
  49                                                   'path' => $tmpfname);
  50
  51       if (is_file($CONFIG['skin_path'] . '/images/icons/remove-attachment.png'))
  52         $button = sprintf(
  53           '<img src="%s/images/icons/remove-attachment.png" alt="%s" border="0" style="padding-right:2px;vertical-align:middle" />',
  54           $CONFIG['skin_path'],
  55           Q(rcube_label('delete')));
  56       else
  57         $button = Q(rcube_label('delete'));
  58
  59       $content = sprintf(
  60         '<a href="#delete" onclick="return %s.command(\'remove-attachment\', \'rcmfile%d\', this)" title="%s">%s</a>%s',
  61         JS_OBJECT_NAME,
  62         $id,
  63         Q(rcube_label('delete')),
  64         $button,
  65         Q($_FILES['_attachments']['name'][$i]));
  66
  67       $OUTPUT->command('add2attachment_list', "rcmfile$id", $content);
  68       }
  69     else // upload failed
  70       {
  71       $err = $_FILES['_attachments']['error'][$i];
  72       if ($err == UPLOAD_ERR_INI_SIZE || $err == UPLOAD_ERR_FORM_SIZE)
  73         $msg = rcube_label(array('name' => 'filesizeerror', 'vars' => array('size' => show_bytes(parse_bytes(ini_get('upload_max_filesize'))))));
  74       else
  75         $msg = rcube_label('fileuploaderror');
  76
  77       $OUTPUT->command('display_message', $msg, 'error');
  78       }
  79     }
  80   }
  81 else if ($_SERVER['REQUEST_METHOD'] == 'POST')
  82   {
  83   $OUTPUT->command('display_message', rcube_label('fileuploaderror'), 'error');
  84   }
  85
  86 // send html page with JS calls as response
  87 $OUTPUT->command('show_attachment_form', false);
  88 $OUTPUT->command('auto_save_start', false);
  89 $OUTPUT->send('iframe');
  90
  91 ?>