From b48d9bf5d412a6f56f3f9ba4bad141ddfe175727 Mon Sep 17 00:00:00 2001
From: alecpl <alec@alec.pl>
Date: Mon, 07 Sep 2009 08:51:21 -0400
Subject: [PATCH] - Use faster/secure mt_rand() (#1486094)
---
program/steps/mail/compose.inc | 523 +++++++++++++++++++++++++++++++--------------------------
1 files changed, 287 insertions(+), 236 deletions(-)
diff --git a/program/steps/mail/compose.inc b/program/steps/mail/compose.inc
index 830168c..8b821c8 100644
--- a/program/steps/mail/compose.inc
+++ b/program/steps/mail/compose.inc
@@ -5,7 +5,7 @@
| program/steps/mail/compose.inc |
| |
| This file is part of the RoundCube Webmail client |
- | Copyright (C) 2005-2008, RoundCube Dev. - Switzerland |
+ | Copyright (C) 2005-2009, RoundCube Dev. - Switzerland |
| Licensed under the GNU GPL |
| |
| PURPOSE: |
@@ -23,34 +23,7 @@
define('RCUBE_COMPOSE_REPLY', 0x0106);
define('RCUBE_COMPOSE_FORWARD', 0x0107);
define('RCUBE_COMPOSE_DRAFT', 0x0108);
-
-
-// remove an attachment
-if ($RCMAIL->action=='remove-attachment' && preg_match('/^rcmfile([0-9]+)$/', $_POST['_file'], $regs))
-{
- $id = $regs[1];
- if (is_array($_SESSION['compose']['attachments'][$id]))
- {
- @unlink($_SESSION['compose']['attachments'][$id]['path']);
- unset($_SESSION['compose']['attachments'][$id]);
- $OUTPUT->command('remove_from_attachment_list', "rcmfile$id");
- $OUTPUT->send();
- }
- exit;
-}
-
-if ($RCMAIL->action=='display-attachment' && preg_match('/^rcmfile([0-9]+)$/', $_GET['_file'], $regs))
-{
- $id = $regs[1];
- if (is_array($_SESSION['compose']['attachments'][$id]))
- {
- $apath = $_SESSION['compose']['attachments'][$id]['path'];
- header('Content-Type: ' . $_SESSION['compose']['attachments'][$id]['mimetype']);
- header('Content-Length: ' . filesize($apath));
- readfile($apath);
- }
- exit;
-}
+define('RCUBE_COMPOSE_EDIT', 0x0109);
$MESSAGE_FORM = NULL;
$MESSAGE = NULL;
@@ -63,16 +36,53 @@
if (!is_array($_SESSION['compose']) || $_SESSION['compose']['id'] != get_input_value('_id', RCUBE_INPUT_GET))
{
rcmail_compose_cleanup();
- $_SESSION['compose'] = array('id' => uniqid(rand()), 'param' => array_map('strip_tags', $_GET));
+ $_SESSION['compose'] = array(
+ 'id' => uniqid(mt_rand()),
+ 'param' => request2param(RCUBE_INPUT_GET),
+ 'mailbox' => $IMAP->get_mailbox_name(),
+ );
// process values like "mailto:foo@bar.com?subject=new+message&cc=another"
- if ($_SESSION['compose']['param']['_to']) {
- $mailto = explode('?', $_SESSION['compose']['param']['_to']);
+ if ($_SESSION['compose']['param']['to']) {
+ $mailto = explode('?', $_SESSION['compose']['param']['to']);
if (count($mailto) > 1) {
- $_SESSION['compose']['param']['_to'] = $mailto[0];
+ $_SESSION['compose']['param']['to'] = $mailto[0];
parse_str($mailto[1], $query);
foreach ($query as $f => $val)
- $_SESSION['compose']['param']["_$f"] = $val;
+ $_SESSION['compose']['param'][$f] = $val;
+ }
+ }
+
+ // pipe compose parameters thru plugins
+ $plugin = $RCMAIL->plugins->exec_hook('message_compose', $_SESSION['compose']);
+ $_SESSION['compose']['param'] = $plugin['param'];
+
+ // add attachments listed by message_compose hook
+ if (is_array($plugin['attachments'])) {
+ foreach ($plugin['attachments'] as $attach) {
+ // we have structured data
+ if (is_array($attach)) {
+ $attachment = $attach;
+ }
+ // only a file path is given
+ else {
+ $filename = basename($attach);
+ $attachment = array(
+ 'name' => $filename,
+ 'mimetype' => rc_mime_content_type($attach, $filename),
+ 'path' => $attach
+ );
+ }
+
+ // save attachment if valid
+ if (($attachment['data'] && $attachment['name']) || ($attachment['path'] && file_exists($attachment['path']))) {
+ $attachment = rcmail::get_instance()->plugins->exec_hook('save_attachment', $attachment);
+ }
+
+ if ($attachment['status'] && !$attachment['abort']) {
+ unset($attachment['data'], $attachment['status'], $attachment['abort']);
+ $_SESSION['compose']['attachments'][$attachment['id']] = $attachment;
+ }
}
}
@@ -80,24 +90,37 @@
$OUTPUT->redirect(array('_action' => 'compose', '_id' => $_SESSION['compose']['id']));
}
+
// add some labels to client
-rcube_add_label('nosubject', 'norecipientwarning', 'nosubjectwarning', 'nobodywarning', 'notsentwarning', 'savingmessage', 'sendingmessage', 'messagesaved', 'converting');
+$OUTPUT->add_label('nosubject', 'nosenderwarning', 'norecipientwarning', 'nosubjectwarning',
+ 'nobodywarning', 'notsentwarning', 'savingmessage', 'sendingmessage', 'messagesaved',
+ 'converting', 'editorwarning', 'searching');
-// add config parameter to client script
-$OUTPUT->set_env('draft_autosave', !empty($CONFIG['drafts_mbox']) ? $CONFIG['draft_autosave'] : 0);
-
+// add config parameters to client script
+if (!empty($CONFIG['drafts_mbox'])) {
+ $OUTPUT->set_env('drafts_mailbox', $CONFIG['drafts_mbox']);
+ $OUTPUT->set_env('draft_autosave', $CONFIG['draft_autosave']);
+}
+// set current mailbox in client environment
+$OUTPUT->set_env('mailbox', $IMAP->get_mailbox_name());
// get reference message and set compose mode
-if ($msg_uid = $_SESSION['compose']['param']['_reply_uid'])
+if ($msg_uid = $_SESSION['compose']['param']['reply_uid'])
$compose_mode = RCUBE_COMPOSE_REPLY;
-else if ($msg_uid = $_SESSION['compose']['param']['_forward_uid'])
+else if ($msg_uid = $_SESSION['compose']['param']['forward_uid'])
$compose_mode = RCUBE_COMPOSE_FORWARD;
-else if ($msg_uid = $_SESSION['compose']['param']['_draft_uid'])
+else if ($msg_uid = $_SESSION['compose']['param']['uid'])
+ $compose_mode = RCUBE_COMPOSE_EDIT;
+else if ($msg_uid = $_SESSION['compose']['param']['draft_uid']) {
+ $RCMAIL->imap->set_mailbox($CONFIG['drafts_mbox']);
$compose_mode = RCUBE_COMPOSE_DRAFT;
+}
if (!empty($msg_uid))
{
// similar as in program/steps/mail/show.inc
+ // re-set 'prefer_html' to have possibility to use html part for compose
+ $CONFIG['prefer_html'] = $CONFIG['htmleditor'] || $compose_mode == RCUBE_COMPOSE_DRAFT || $compose_mode == RCUBE_COMPOSE_EDIT;
$MESSAGE = new rcube_message($msg_uid);
if (!empty($MESSAGE->headers->charset))
@@ -109,7 +132,7 @@
$_SESSION['compose']['reply_msgid'] = $MESSAGE->headers->messageID;
$_SESSION['compose']['references'] = trim($MESSAGE->headers->references . " " . $MESSAGE->headers->messageID);
- if (!empty($_SESSION['compose']['param']['_all']))
+ if (!empty($_SESSION['compose']['param']['all']))
$MESSAGE->reply_all = 1;
}
else if ($compose_mode == RCUBE_COMPOSE_DRAFT)
@@ -149,23 +172,23 @@
case 'to':
$fname = '_to';
- $header = 'to';
+ $header = $param = 'to';
// we have a set of recipients stored is session
- if (($mailto_id = $_SESSION['compose']['param']['_mailto']) && $_SESSION['mailto'][$mailto_id])
+ if (($mailto_id = $_SESSION['compose']['param']['mailto']) && $_SESSION['mailto'][$mailto_id])
$fvalue = urldecode($_SESSION['mailto'][$mailto_id]);
case 'cc':
if (!$fname)
{
$fname = '_cc';
- $header = 'cc';
+ $header = $param = 'cc';
}
case 'bcc':
if (!$fname)
{
$fname = '_bcc';
- $header = 'bcc';
+ $header = $param = 'bcc';
}
$allow_attrib = array('id', 'class', 'style', 'cols', 'rows', 'tabindex');
@@ -175,18 +198,19 @@
case 'replyto':
case 'reply-to':
$fname = '_replyto';
+ $param = 'replyto';
$allow_attrib = array('id', 'class', 'style', 'size', 'tabindex');
$field_type = 'html_inputfield';
break;
}
- if ($fname && !empty($_POST[$fname]))
+ if ($fname && !empty($_POST[$fname])) {
$fvalue = get_input_value($fname, RCUBE_INPUT_POST, TRUE);
- else if ($fname && !$fvalue && !empty($_SESSION['compose']['param'][$fname]))
- $fvalue = $_SESSION['compose']['param'][$fname];
-
- else if ($header && $compose_mode == RCUBE_COMPOSE_REPLY)
- {
+ }
+ else if ($fname && !$fvalue && !empty($_SESSION['compose']['param'][$param])) {
+ $fvalue = $_SESSION['compose']['param'][$param];
+ }
+ else if ($header && $compose_mode == RCUBE_COMPOSE_REPLY) {
// get recipent address(es) out of the message headers
if ($header=='to' && !empty($MESSAGE->headers->replyto))
$fvalue = $MESSAGE->headers->replyto;
@@ -213,10 +237,10 @@
foreach ($to_addresses as $addr_part)
{
if (!empty($addr_part['mailto'])
- && !in_array($addr_part['mailto'], $sa_recipients)
- && (!$MESSAGE->compose_from
- || !in_array($addr_part['mailto'], $MESSAGE->compose_from)
- || count($to_addresses)==1)) // allow reply to yourself
+ && !in_array($addr_part['mailto'], $sa_recipients)
+ && (!$MESSAGE->compose_from
+ || !in_array_nocase($addr_part['mailto'], $MESSAGE->compose_from)
+ || (count($to_addresses)==1 && $header=='to'))) // allow reply to yourself
{
$fvalue .= (strlen($fvalue) ? ', ':'').$addr_part['string'];
$sa_recipients[] = $addr_part['mailto'];
@@ -224,7 +248,7 @@
}
}
}
- else if ($header && $compose_mode == RCUBE_COMPOSE_DRAFT)
+ else if ($header && in_array($compose_mode, array(RCUBE_COMPOSE_DRAFT, RCUBE_COMPOSE_EDIT)))
{
// get drafted headers
if ($header=='to' && !empty($MESSAGE->headers->to))
@@ -279,7 +303,7 @@
foreach ($a_to as $addr)
{
if (!empty($addr['mailto']))
- $a_recipients[] = $addr['mailto'];
+ $a_recipients[] = mb_strtolower($addr['mailto']);
}
if (!empty($MESSAGE->headers->cc))
@@ -288,15 +312,15 @@
foreach ($a_cc as $addr)
{
if (!empty($addr['mailto']))
- $a_recipients[] = $addr['mailto'];
+ $a_recipients[] = mb_strtolower($addr['mailto']);
}
}
}
// get this user's identities
- $sql_result = $USER->list_identities();
+ $user_identities = $USER->list_identities();
- if ($DB->num_rows($sql_result))
+ if (count($user_identities))
{
$from_id = 0;
$a_signatures = array();
@@ -304,37 +328,39 @@
$field_attrib['onchange'] = JS_OBJECT_NAME.".change_identity(this)";
$select_from = new html_select($field_attrib);
- while ($sql_arr = $DB->fetch_assoc($sql_result))
+ foreach ($user_identities as $sql_arr)
{
$identity_id = $sql_arr['identity_id'];
$select_from->add(format_email_recipient($sql_arr['email'], $sql_arr['name']), $identity_id);
// add signature to array
- if (!empty($sql_arr['signature']))
+ if (!empty($sql_arr['signature']) && empty($_SESSION['compose']['param']['nosig']))
{
$a_signatures[$identity_id]['text'] = $sql_arr['signature'];
$a_signatures[$identity_id]['is_html'] = ($sql_arr['html_signature'] == 1) ? true : false;
if ($a_signatures[$identity_id]['is_html'])
{
$h2t = new html2text($a_signatures[$identity_id]['text'], false, false);
- $plainTextPart = $h2t->get_text();
- $a_signatures[$identity_id]['plain_text'] = trim(html_entity_decode($plainTextPart, ENT_NOQUOTES, 'UTF-8'));
+ $a_signatures[$identity_id]['plain_text'] = trim($h2t->get_text());
}
}
-
- // set identity if it's one of the reply-message recipients
- if (in_array($sql_arr['email'], $a_recipients))
- $from_id = $sql_arr['identity_id'];
if ($compose_mode == RCUBE_COMPOSE_REPLY && is_array($MESSAGE->compose_from))
$MESSAGE->compose_from[] = $sql_arr['email'];
- if ($compose_mode == RCUBE_COMPOSE_DRAFT && strstr($MESSAGE->headers->from, $sql_arr['email']))
- $from_id = $sql_arr['identity_id'];
+ if (empty($_POST['_from']))
+ {
+ // set draft's identity
+ if ($compose_mode == RCUBE_COMPOSE_DRAFT && strstr($MESSAGE->headers->from, $sql_arr['email']))
+ $from_id = $sql_arr['identity_id'];
+ // set identity if it's one of the reply-message recipients (with prio for default identity)
+ else if (in_array(mb_strtolower($sql_arr['email']), $a_recipients) && (empty($from_id) || $sql_arr['standard']))
+ $from_id = $sql_arr['identity_id'];
+ }
}
// overwrite identity selection with post parameter
- if (isset($_POST['_from']))
+ if (!empty($_POST['_from']))
$from_id = get_input_value('_from', RCUBE_INPUT_POST);
$out = $select_from->show($from_id);
@@ -363,11 +389,11 @@
unset($attrib['form']);
if (empty($attrib['id']))
- $attrib['id'] = 'rcmComposeMessage';
+ $attrib['id'] = 'rcmComposeBody';
$attrib['name'] = '_message';
- if ($CONFIG['htmleditor'])
+ if ($CONFIG['htmleditor'] || (($compose_mode == RCUBE_COMPOSE_DRAFT || $compose_mode == RCUBE_COMPOSE_EDIT) && $MESSAGE->has_html_part()))
$isHtml = true;
else
$isHtml = false;
@@ -379,9 +405,14 @@
{
$body = get_input_value('_message', RCUBE_INPUT_POST, true);
}
+ else if ($_SESSION['compose']['param']['body'])
+ {
+ $body = $_SESSION['compose']['param']['body'];
+ $isHtml = false;
+ }
else if ($compose_mode)
{
- if ($isHtml && $MESSAGE->has_html_part())
+ if (($isHtml || $compose_mode == RCUBE_COMPOSE_DRAFT) && $MESSAGE->has_html_part())
{
$body = $MESSAGE->first_html_part();
$isHtml = true;
@@ -391,7 +422,7 @@
$body = $MESSAGE->first_text_part();
$isHtml = false;
}
-
+
// compose reply-body
if ($compose_mode == RCUBE_COMPOSE_REPLY)
$body = rcmail_create_reply_body($body, $isHtml);
@@ -399,31 +430,13 @@
else if ($compose_mode == RCUBE_COMPOSE_FORWARD)
$body = rcmail_create_forward_body($body, $isHtml);
// load draft message body
- else if ($compose_mode == RCUBE_COMPOSE_DRAFT)
+ else if ($compose_mode == RCUBE_COMPOSE_DRAFT || $compose_mode == RCUBE_COMPOSE_EDIT)
$body = rcmail_create_draft_body($body, $isHtml);
-
- if ($isHtml) {
- // replace cid with href in inline images links
- foreach ((array)$_SESSION['compose']['attachments'] as $pid => $attachment) {
- if ($attachment['content_id']) {
- $body = str_replace('cid:'. $attachment['content_id'],
- $OUTPUT->app->comm_path.'&_action=display-attachment&_file=rcmfile'.$pid, $body);
- }
- }
- }
}
- else if (!empty($_SESSION['compose']['param']['_body']))
+ else if (!empty($_SESSION['compose']['param']['body']))
{
- $body = $_SESSION['compose']['param']['_body'];
+ $body = $_SESSION['compose']['param']['body'];
}
-
- $lang = $tinylang = strtolower(substr($_SESSION['language'], 0, 2));
- if (!file_exists(INSTALL_PATH . 'program/js/tiny_mce/langs/'.$tinylang.'.js'))
- $tinylang = 'en';
-
- $OUTPUT->include_script('tiny_mce/tiny_mce.js');
- $OUTPUT->include_script("editor.js");
- $OUTPUT->add_script('rcmail_editor_init("$__skin_path", "'.JQ($tinylang).'", '.intval($CONFIG['enable_spellcheck']).');');
$out = $form_start ? "$form_start\n" : '';
@@ -442,8 +455,16 @@
$out .= $textarea->show($body);
$out .= $form_end ? "\n$form_end" : '';
+ $OUTPUT->set_env('composebody', $attrib['id']);
+
+ // include HTML editor
+ rcube_html_editor();
+
// include GoogieSpell
if (!empty($CONFIG['enable_spellcheck'])) {
+
+ $lang = strtolower(substr($_SESSION['language'], 0, 2));
+
$spellcheck_langs = (array)$RCMAIL->config->get('spellcheck_languages', array('da'=>'Dansk', 'de'=>'Deutsch', 'en' => 'English', 'es'=>'Español', 'fr'=>'Français', 'it'=>'Italiano', 'nl'=>'Nederlands', 'pl'=>'Polski', 'pt'=>'Português', 'fi'=>'Suomi', 'sv'=>'Svenska'));
if (!$spellcheck_langs[$lang])
$lang = 'en';
@@ -451,7 +472,7 @@
$editor_lang_set = array();
foreach ($spellcheck_langs as $key => $name) {
$editor_lang_set[] = ($key == $lang ? '+' : '') . JQ($name).'='.JQ($key);
- }
+ }
$OUTPUT->include_script('googiespell.js');
$OUTPUT->add_script(sprintf(
@@ -463,6 +484,7 @@
"googie.lang_no_error_found = \"%s\";\n".
"googie.setLanguages(%s);\n".
"googie.setCurrentLanguage('%s');\n".
+ "googie.setSpellContainer('spellcheck-control');\n".
"googie.decorateTextarea('%s');\n".
"%s.set_env('spellcheck', googie);",
$RCMAIL->comm_path,
@@ -476,7 +498,7 @@
$attrib['id'],
JS_OBJECT_NAME), 'foot');
- rcube_add_label('checking');
+ $OUTPUT->add_label('checking');
$OUTPUT->set_env('spellcheck_langs', join(',', $editor_lang_set));
}
@@ -492,45 +514,55 @@
if (! $bodyIsHtml)
{
- // soft-wrap message first
- $body = rcmail_wrap_quoted($body, 75);
-
- // split body into single lines
- $a_lines = preg_split('/\r?\n/', $body);
-
- // add > to each line
- for($n=0; $n<sizeof($a_lines); $n++)
- {
- if (strpos($a_lines[$n], '>')===0)
- $a_lines[$n] = '>'.$a_lines[$n];
- else
- $a_lines[$n] = '> '.$a_lines[$n];
- }
-
- $body = join("\n", $a_lines);
-
- // add title line
- $prefix = sprintf("On %s, %s wrote:\n",
- $MESSAGE->headers->date,
- $MESSAGE->get_header('from'));
-
// try to remove the signature
- if ($sp = strrpos($body, '-- '))
+ if (($sp = strrpos($body, '-- ')) !== false && ($sp == 0 || $body{$sp-1} == "\n"))
{
if ($body{$sp+3}==' ' || $body{$sp+3}=="\n" || $body{$sp+3}=="\r")
- $body = substr($body, 0, $sp-1);
+ $body = substr($body, 0, max(0, $sp-1));
}
+
+ // soft-wrap message first
+ $body = rcmail_wrap_quoted($body, 75);
+
+ $body = rtrim($body, "\r\n");
+
+ if ($body) {
+ // split body into single lines
+ $a_lines = preg_split('/\r?\n/', $body);
+
+ // add > to each line
+ for($n=0; $n<sizeof($a_lines); $n++) {
+ if (strpos($a_lines[$n], '>')===0)
+ $a_lines[$n] = '>'.$a_lines[$n];
+ else
+ $a_lines[$n] = '> '.$a_lines[$n];
+ }
+
+ $body = join("\n", $a_lines);
+ }
+
+ // add title line(s)
+ $prefix = rc_wordwrap(sprintf("On %s, %s wrote:\n",
+ $MESSAGE->headers->date,
+ $MESSAGE->get_header('from')), 76);
+
$suffix = '';
}
else
{
+ // save inline images to files
+ $cid_map = rcmail_write_inline_attachments($MESSAGE);
+ // set is_safe flag (we need this for html body washing)
+ rcmail_check_safe($MESSAGE);
+ // clean up html tags
+ $body = rcmail_wash_html($body, array('safe' => $MESSAGE->is_safe), $cid_map);
+
+ // build reply (quote content)
$prefix = sprintf("On %s, %s wrote:<br />\n",
$MESSAGE->headers->date,
- htmlspecialchars(Q($MESSAGE->get_header('from'), 'replace'), ENT_COMPAT, $OUTPUT->get_charset(), true));
+ htmlspecialchars(Q($MESSAGE->get_header('from'), 'replace'), ENT_COMPAT, $OUTPUT->get_charset()));
$prefix .= '<blockquote type="cite" style="padding-left:5px; border-left:#1010ff 2px solid; margin-left:5px; width:100%">';
- $suffix = "</blockquote>";
-
- rcmail_write_inline_attachments($MESSAGE);
+ $suffix = "</blockquote><p></p>";
}
return $prefix.$body.$suffix;
@@ -540,6 +572,10 @@
function rcmail_create_forward_body($body, $bodyIsHtml)
{
global $IMAP, $MESSAGE, $OUTPUT;
+
+ // add attachments
+ if (!isset($_SESSION['compose']['forward_attachments']) && is_array($MESSAGE->mime_parts))
+ $cid_map = rcmail_write_compose_attachments($MESSAGE, $bodyIsHtml);
if (!$bodyIsHtml)
{
@@ -554,6 +590,11 @@
}
else
{
+ // set is_safe flag (we need this for html body washing)
+ rcmail_check_safe($MESSAGE);
+ // clean up html tags
+ $body = rcmail_wash_html($body, array('safe' => $MESSAGE->is_safe), $cid_map);
+
$prefix = sprintf(
"<br><br>-------- Original Message --------" .
"<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\"><tbody>" .
@@ -563,19 +604,15 @@
"<tr><th align=\"right\" nowrap=\"nowrap\" valign=\"baseline\">To: </th><td>%s</td></tr>",
Q($MESSAGE->subject),
Q($MESSAGE->headers->date),
- htmlspecialchars(Q($MESSAGE->get_header('from'), 'replace'), ENT_COMPAT, $OUTPUT->get_charset(), true),
- htmlspecialchars(Q($MESSAGE->get_header('to'), 'replace'), ENT_COMPAT, $OUTPUT->get_charset(), true));
+ htmlspecialchars(Q($MESSAGE->get_header('from'), 'replace'), ENT_COMPAT, $OUTPUT->get_charset()),
+ htmlspecialchars(Q($MESSAGE->get_header('to'), 'replace'), ENT_COMPAT, $OUTPUT->get_charset()));
if ($MESSAGE->headers->replyto && $MESSAGE->headers->replyto != $MESSAGE->headers->from)
$prefix .= sprintf("<tr><th align=\"right\" nowrap=\"nowrap\" valign=\"baseline\">Reply-To: </th><td>%s</td></tr>",
- htmlspecialchars(Q($MESSAGE->get_header('replyto'), 'replace'), ENT_COMPAT, $OUTPUT->get_charset(), true));
+ htmlspecialchars(Q($MESSAGE->get_header('replyto'), 'replace'), ENT_COMPAT, $OUTPUT->get_charset()));
$prefix .= "</tbody></table><br>";
}
-
- // add attachments
- if (!isset($_SESSION['compose']['forward_attachments']) && is_array($MESSAGE->mime_parts))
- rcmail_write_compose_attachments($MESSAGE, $bodyIsHtml);
return $prefix.$body;
}
@@ -583,70 +620,108 @@
function rcmail_create_draft_body($body, $bodyIsHtml)
{
- global $MESSAGE;
+ global $MESSAGE, $OUTPUT;
/**
* add attachments
* sizeof($MESSAGE->mime_parts can be 1 - e.g. attachment, but no text!
*/
- if (!isset($_SESSION['compose']['forward_attachments'])
+ if (empty($_SESSION['compose']['forward_attachments'])
&& is_array($MESSAGE->mime_parts)
&& count($MESSAGE->mime_parts) > 0)
- rcmail_write_compose_attachments($MESSAGE, $bodyIsHtml);
+ {
+ $cid_map = rcmail_write_compose_attachments($MESSAGE, $bodyIsHtml);
+ // replace cid with href in inline images links
+ if ($cid_map)
+ $body = str_replace(array_keys($cid_map), array_values($cid_map), $body);
+ }
+
return $body;
}
function rcmail_write_compose_attachments(&$message, $bodyIsHtml)
{
+ global $OUTPUT;
+
+ $cid_map = array();
foreach ((array)$message->mime_parts as $pid => $part)
{
- if (($part->ctype_primary != 'message' || !$bodyIsHtml) &&
- ($part->disposition=='attachment' || $part->disposition=='inline' || $part->headers['content-id']
- || (empty($part->disposition) && $part->filename)))
+ if (($part->ctype_primary != 'message' || !$bodyIsHtml) && $part->ctype_primary != 'multipart' &&
+ ($part->disposition == 'attachment' || ($part->disposition == 'inline' && $bodyIsHtml) || $part->filename))
{
- if ($attachment = rcmail_save_attachment($message, $pid))
- $_SESSION['compose']['attachments'][] = $attachment;
+ if ($attachment = rcmail_save_attachment($message, $pid)) {
+ $_SESSION['compose']['attachments'][$attachment['id']] = $attachment;
+ if ($bodyIsHtml && $part->content_id) {
+ $cid_map['cid:'.$part->content_id] = $OUTPUT->app->comm_path.'&_action=display-attachment&_file=rcmfile'.$attachment['id'];
+ }
+ }
}
}
-
+
$_SESSION['compose']['forward_attachments'] = true;
+
+ return $cid_map;
}
function rcmail_write_inline_attachments(&$message)
{
- foreach ((array)$message->mime_parts as $pid => $part)
- {
- if ($part->content_id && $part->filename)
- {
- if ($attachment = rcmail_save_attachment($message, $pid))
- $_SESSION['compose']['attachments'][] = $attachment;
+ global $OUTPUT;
+
+ $cid_map = array();
+ foreach ((array)$message->mime_parts as $pid => $part) {
+ if ($part->content_id && $part->filename) {
+ if ($attachment = rcmail_save_attachment($message, $pid)) {
+ $_SESSION['compose']['attachments'][$attachment['id']] = $attachment;
+ $cid_map['cid:'.$part->content_id] = $OUTPUT->app->comm_path.'&_action=display-attachment&_file=rcmfile'.$attachment['id'];
+ }
}
}
+
+ return $cid_map;
}
function rcmail_save_attachment(&$message, $pid)
{
- global $RCMAIL;
-
- $temp_dir = unslashify($RCMAIL->config->get('temp_dir'));
- $tmp_path = tempnam($temp_dir, 'rcmAttmnt');
$part = $message->mime_parts[$pid];
-
- if ($fp = fopen($tmp_path, 'w'))
- {
- $message->get_part_content($pid, $fp);
- fclose($fp);
+ $mem_limit = parse_bytes(ini_get('memory_limit'));
+ $curr_mem = function_exists('memory_get_usage') ? memory_get_usage() : 16*1024*1024; // safe value: 16MB
+ $data = $path = null;
- return array(
- 'mimetype' => $part->ctype_primary . '/' . $part->ctype_secondary,
- 'name' => $part->filename,
- 'path' => $tmp_path,
- 'content_id' => $part->content_id
- );
+ // don't load too big attachments into memory
+ if ($mem_limit > 0 && $part->size > $mem_limit - $curr_mem) {
+ $rcmail = rcmail::get_instance();
+ $temp_dir = unslashify($rcmail->config->get('temp_dir'));
+ $path = tempnam($temp_dir, 'rcmAttmnt');
+ if ($fp = fopen($path, 'w')) {
+ $message->get_part_content($pid, $fp);
+ fclose($fp);
+ } else
+ return false;
+ } else {
+ $data = $message->get_part_content($pid);
}
+
+ $attachment = array(
+ 'name' => $part->filename ? $part->filename : 'Part_'.$pid.'.'.$part->ctype_secondary,
+ 'mimetype' => $part->ctype_primary . '/' . $part->ctype_secondary,
+ 'content_id' => $part->content_id,
+ 'data' => $data,
+ 'path' => $path
+ );
+
+ $attachment = rcmail::get_instance()->plugins->exec_hook('save_attachment', $attachment);
+
+ if ($attachment['status']) {
+ unset($attachment['data'], $attachment['status'], $attachment['content_id'], $attachment['abort']);
+ return $attachment;
+ } else if ($path) {
+ @unlink($path);
+ }
+
+ return false;
}
@@ -669,24 +744,24 @@
}
// create a reply-subject
else if ($compose_mode == RCUBE_COMPOSE_REPLY) {
- if (eregi('^re:', $MESSAGE->subject))
+ if (preg_match('/^re:/i', $MESSAGE->subject))
$subject = $MESSAGE->subject;
else
$subject = 'Re: '.$MESSAGE->subject;
}
// create a forward-subject
else if ($compose_mode == RCUBE_COMPOSE_FORWARD) {
- if (eregi('^fwd:', $MESSAGE->subject))
+ if (preg_match('/^fwd:/i', $MESSAGE->subject))
$subject = $MESSAGE->subject;
else
$subject = 'Fwd: '.$MESSAGE->subject;
}
// creeate a draft-subject
- else if ($compose_mode == RCUBE_COMPOSE_DRAFT) {
+ else if ($compose_mode == RCUBE_COMPOSE_DRAFT || $compose_mode == RCUBE_COMPOSE_EDIT) {
$subject = $MESSAGE->subject;
}
- else if (!empty($_SESSION['compose']['param']['_subject'])) {
- $subject = $_SESSION['compose']['param']['_subject'];
+ else if (!empty($_SESSION['compose']['param']['subject'])) {
+ $subject = $_SESSION['compose']['param']['subject'];
}
$out = $form_start ? "$form_start\n" : '';
@@ -709,11 +784,12 @@
if (is_array($_SESSION['compose']['attachments']))
{
- if ($attrib['deleteicon'])
+ if ($attrib['deleteicon']) {
$button = html::img(array(
'src' => $CONFIG['skin_path'] . $attrib['deleteicon'],
- 'alt' => rcube_label('delete'),
- 'style' => "border:0;padding-right:2px;vertical-align:middle"));
+ 'alt' => rcube_label('delete')
+ ));
+ }
else
$button = Q(rcube_label('delete'));
@@ -726,10 +802,13 @@
html::a(array(
'href' => "#delete",
'title' => rcube_label('delete'),
- 'onclick' => sprintf("return %s.command('remove-attachment','rcmfile%d', this)", JS_OBJECT_NAME, $id)),
+ 'onclick' => sprintf("return %s.command('remove-attachment','rcmfile%s', this)", JS_OBJECT_NAME, $id)),
$button) . Q($a_prop['name']));
}
}
+
+ if ($attrib['deleteicon'])
+ $_SESSION['compose']['deleteicon'] = $CONFIG['skin_path'] . $attrib['deleteicon'];
$OUTPUT->add_gui_object('attachmentlist', $attrib['id']);
@@ -744,13 +823,20 @@
// add ID if not given
if (!$attrib['id'])
$attrib['id'] = 'rcmUploadbox';
+
+ // find max filesize value
+ $max_filesize = parse_bytes(ini_get('upload_max_filesize'));
+ $max_postsize = parse_bytes(ini_get('post_max_size'));
+ if ($max_postsize && $max_postsize < $max_filesize)
+ $max_filesize = $max_postsize;
+ $max_filesize = show_bytes($max_filesize);
$button = new html_inputfield(array('type' => 'button', 'class' => 'button'));
$out = html::div($attrib,
$OUTPUT->form_tag(array('name' => 'form', 'method' => 'post', 'enctype' => 'multipart/form-data'),
html::div(null, rcmail_compose_attachment_field(array())) .
- html::div('hint', rcube_label(array('name' => 'maxuploadsize', 'vars' => array('size' => show_bytes(parse_bytes(ini_get('upload_max_filesize'))))))) .
+ html::div('hint', rcube_label(array('name' => 'maxuploadsize', 'vars' => array('size' => $max_filesize)))) .
html::div('buttons',
$button->show(rcube_label('close'), array('onclick' => "document.getElementById('$attrib[id]').style.visibility='hidden'")) . ' ' .
$button->show(rcube_label('upload'), array('onclick' => JS_OBJECT_NAME . ".command('send-attachment', this.form)"))
@@ -789,7 +875,12 @@
rcube_label('highest')),
array(5, 4, 0, 2, 1));
- $sel = isset($_POST['_priority']) ? $_POST['_priority'] : intval($MESSAGE->headers->priority);
+ if (isset($_POST['_priority']))
+ $sel = $_POST['_priority'];
+ else if (intval($MESSAGE->headers->priority) != 3)
+ $sel = intval($MESSAGE->headers->priority);
+ else
+ $sel = 0;
$out = $form_start ? "$form_start\n" : '';
$out .= $selector->show($sel);
@@ -814,8 +905,8 @@
$checkbox = new html_checkbox($attrib);
$out = $form_start ? "$form_start\n" : '';
- $out .= $checkbox->show(
- $compose_mode == RCUBE_COMPOSE_DRAFT && $MESSAGE->headers->mdn_to ? 1 : 0);
+ $out .= $checkbox->show(in_array($compose_mode, array(RCUBE_COMPOSE_DRAFT, RCUBE_COMPOSE_EDIT))
+ && $MESSAGE->headers->mdn_to ? 1 : 0);
$out .= $form_end ? "\n$form_end" : '';
return $out;
@@ -826,20 +917,28 @@
{
global $CONFIG, $MESSAGE, $compose_mode;
- $choices = array(
- 'html' => 'htmltoggle',
- 'plain' => 'plaintoggle'
- );
-
// determine whether HTML or plain text should be checked
- $useHtml = $CONFIG['htmleditor'] ? true : false;
-
if ($compose_mode)
- $useHtml = ($useHtml && $MESSAGE->has_html_part());
+ $useHtml = (($CONFIG['htmleditor'] || $compose_mode == RCUBE_COMPOSE_DRAFT || $compose_mode == RCUBE_COMPOSE_EDIT)
+ && $MESSAGE->has_html_part());
+ else
+ $useHtml = $CONFIG['htmleditor'] ? true : false;
- $selector = '';
- $chosenvalue = $useHtml ? 'html' : 'plain';
- $radio = new html_radiobutton(array('name' => '_editorSelect', 'onclick' => 'return rcmail_toggle_editor(this)'));
+ if (empty($attrib['editorid']))
+ $attrib['editorid'] = 'rcmComposeBody';
+
+ if (empty($attrib['name']))
+ $attrib['name'] = 'editorSelect';
+
+ $attrib['onchange'] = "return rcmail_toggle_editor(this.value=='html', '".$attrib['editorid']."', '_is_html')";
+
+ $select = new html_select($attrib);
+
+ $select->add(Q(rcube_label('htmltoggle')), 'html');
+ $select->add(Q(rcube_label('plaintoggle')), 'plain');
+
+ return $select->show($useHtml ? 'html' : 'plain');
+
foreach ($choices as $value => $text)
{
$attrib['id'] = '_' . $value;
@@ -898,54 +997,6 @@
'receiptcheckbox' => 'rcmail_receipt_checkbox',
'storetarget' => 'rcmail_store_target_selection',
));
-
-/****** get contacts for this user and add them to client scripts ********/
-
-$CONTACTS = new rcube_contacts($DB, $USER->ID);
-$CONTACTS->set_pagesize(1000);
-
-$a_contacts = array();
-
-if ($result = $CONTACTS->list_records())
- {
- while ($sql_arr = $result->iterate())
- if ($sql_arr['email'])
- $a_contacts[] = format_email_recipient($sql_arr['email'], $sql_arr['name']);
- }
-if (!empty($CONFIG['ldap_public']) && is_array($CONFIG['ldap_public']))
- {
- /* LDAP autocompletion */
- foreach ($CONFIG['ldap_public'] as $ldapserv_config)
- {
- if ($ldapserv_config['fuzzy_search'] != 1 ||
- $ldapserv_config['global_search'] != 1)
- {
- continue;
- }
-
- $LDAP = new rcube_ldap($ldapserv_config);
- $LDAP->connect();
- $LDAP->set_pagesize(1000);
-
- $results = $LDAP->search($ldapserv_config['mail_field'], "");
-
- for ($i = 0; $i < $results->count; $i++)
- {
- if ($results->records[$i]['email'] != '')
- {
- $email = $results->records[$i]['email'];
- $name = $results->records[$i]['name'];
-
- $a_contacts[] = format_email_recipient($email, $name);
- }
- }
- $LDAP->close();
- }
- }
-if ($a_contacts)
- {
- $OUTPUT->set_env('contacts', $a_contacts);
- }
$OUTPUT->send('compose');
--
Gitblit v1.9.1