| 1 | <?php |
| 2 | |
| 3 | /** |
| 4 | * download.php |
| 5 | * |
| 6 | * Copyright (c) 1999-2002 The SquirrelMail Project Team |
| 7 | * Licensed under the GNU GPL. For full terms see the file COPYING. |
| 8 | * |
| 9 | * Handles attachment downloads to the users computer. |
| 10 | * Also allows displaying of attachments when possible. |
| 11 | * |
| 12 | * $Id$ |
| 13 | */ |
| 14 | |
| 15 | require_once('../src/validate.php'); |
| 16 | require_once('../functions/imap.php'); |
| 17 | require_once('../functions/mime.php'); |
| 18 | require_once('../functions/date.php'); |
| 19 | |
| 20 | header('Pragma: '); |
| 21 | header('Cache-Control: cache'); |
| 22 | |
| 23 | function viewText($color, $body, $id, $entid, $mailbox, $type1, $wrap_at) { |
| 24 | global $where, $what, $charset; |
| 25 | global $startMessage; |
| 26 | |
| 27 | displayPageHeader($color, 'None'); |
| 28 | |
| 29 | echo "<BR><TABLE WIDTH=\"100%\" BORDER=0 CELLSPACING=0 CELLPADDING=2 ALIGN=CENTER><TR><TD BGCOLOR=\"$color[0]\">". |
| 30 | "<B><CENTER>". |
| 31 | _("Viewing a text attachment") . " - "; |
| 32 | if ($where && $what) { |
| 33 | // from a search |
| 34 | echo "<a href=\"read_body.php?mailbox=".urlencode($mailbox)."&passed_id=$id&where=".urlencode($where)."&what=".urlencode($what)."\">". _("View message") . "</a>"; |
| 35 | } else { |
| 36 | echo "<a href=\"read_body.php?mailbox=".urlencode($mailbox)."&passed_id=$id&startMessage=$startMessage&show_more=0\">". _("View message") . "</a>"; |
| 37 | } |
| 38 | |
| 39 | $urlmailbox = urlencode($mailbox); |
| 40 | echo "</b></td><tr><tr><td><CENTER><A HREF=\"../src/download.php?absolute_dl=true&passed_id=$id&passed_ent_id=$entid&mailbox=$urlmailbox\">". |
| 41 | _("Download this as a file"). |
| 42 | "</A></CENTER><BR>". |
| 43 | "</CENTER></B>". |
| 44 | "</TD></TR></TABLE>". |
| 45 | "<TABLE WIDTH=\"98%\" BORDER=0 CELLSPACING=0 CELLPADDING=2 ALIGN=CENTER><TR><TD BGCOLOR=\"$color[0]\">". |
| 46 | "<TR><TD BGCOLOR=\"$color[4]\"><TT>"; |
| 47 | |
| 48 | if ($type1 == 'html') { |
| 49 | $body = MagicHTML( $body, $id ); |
| 50 | } else { |
| 51 | translateText($body, $wrap_at, $charset); |
| 52 | } |
| 53 | |
| 54 | flush(); |
| 55 | echo $body . |
| 56 | "</TT></TD></TR></TABLE>"; |
| 57 | } |
| 58 | |
| 59 | function viewMessage($imapConnection, $id, $mailbox, $ent_id, $msg, $color, $wrap_at) { |
| 60 | global $startMessage; |
| 61 | $header = sqimap_get_ent_header($imapConnection,$id,$mailbox,$ent_id); |
| 62 | $msg->header = $header; |
| 63 | $msg->header->id = $id; |
| 64 | $body = formatBody($imapConnection, $msg, $color, $wrap_at); |
| 65 | $bodyheader = viewHeader($header, $color); |
| 66 | |
| 67 | displayPageHeader($color, 'None'); |
| 68 | |
| 69 | echo "<BR><TABLE WIDTH=\"100%\" BORDER=0 CELLSPACING=0 CELLPADDING=2 ALIGN=CENTER><TR><TD BGCOLOR=\"$color[0]\">". |
| 70 | "<B><CENTER>". _("Viewing a message attachment") . " - "; |
| 71 | |
| 72 | echo "<a href=\"read_body.php?mailbox=".urlencode($mailbox)."&passed_id=$id&startMessage=$startMessage&show_more=0\">". _("View message") . "</a>"; |
| 73 | |
| 74 | $urlmailbox = urlencode($mailbox); |
| 75 | |
| 76 | echo "</b></td><tr><tr><td><CENTER><A HREF=\"../src/download.php?absolute_dl=true&passed_id=$id&passed_ent_id=$ent_id&mailbox=$urlmailbox\">". |
| 77 | _("Download this as a file"). |
| 78 | "</A></CENTER><BR>". |
| 79 | "</CENTER></B>". |
| 80 | "</TD></TR></TABLE>"; |
| 81 | echo "<TABLE WIDTH=\"100%\" BORDER=0 CELLSPACING=0 CELLPADDING=2 ALIGN=CENTER><TR><TD BGCOLOR=\"$color[0]\">". |
| 82 | "<TR><TD BGCOLOR=\"$color[4]\">"; |
| 83 | echo "$bodyheader </TD></TR></TABLE>"; |
| 84 | |
| 85 | echo "<TABLE WIDTH=\"98%\" BORDER=0 CELLSPACING=0 CELLPADDING=2 ALIGN=CENTER><TR><TD BGCOLOR=\"$color[0]\">". |
| 86 | "<TR><TD BGCOLOR=\"$color[4]\"><TT>"; |
| 87 | echo "$body </TT></TD></TR></TABLE>"; |
| 88 | } |
| 89 | |
| 90 | |
| 91 | function viewHeader($header,$color) { |
| 92 | |
| 93 | $bodyheader = ''; |
| 94 | |
| 95 | /** FORMAT THE FROM STRING **/ |
| 96 | $from_name = decodeHeader(htmlspecialchars($header->from)); |
| 97 | if(isset($from_name) && $from_name !='') { |
| 98 | $bodyheader .= makeTableEntry($from_name,_("From"), $color); |
| 99 | } |
| 100 | |
| 101 | $subject_string = decodeHeader(htmlspecialchars($header->subject)); |
| 102 | if(isset($subject_string) && $subject_string !='') { |
| 103 | $bodyheader .= makeTableEntry($subject_string,_("Subject:"), $color); |
| 104 | } |
| 105 | /** FORMAT THE TO STRING **/ |
| 106 | $to = formatRecipientString($header->to, "to"); |
| 107 | $to_string = $to['str']; |
| 108 | $url_to_string = $to['url_str']; |
| 109 | if(isset($to_string) && $to_string !='') { |
| 110 | $bodyheader .= makeTableEntry($to_string,_("To:"), $color); |
| 111 | } |
| 112 | |
| 113 | /** FORMAT THE DATE STRING **/ |
| 114 | $dateString = getLongDateString($header->date); |
| 115 | if(isset($dateString) && $dateString !='') { |
| 116 | $bodyheader .= makeTableEntry($dateString,_("Date:"), $color); |
| 117 | } |
| 118 | |
| 119 | /** FORMAT THE CC STRING **/ |
| 120 | $cc = formatRecipientString($header->cc, "cc"); |
| 121 | $cc_string = $cc['str']; |
| 122 | $url_cc_string = $cc['url_str']; |
| 123 | if(isset($cc_string) && $cc_string !='') { |
| 124 | $bodyheader .= makeTableEntry($cc_string,_("Cc:"), $color); |
| 125 | } |
| 126 | |
| 127 | /** FORMAT THE BCC STRING **/ |
| 128 | $bcc = formatRecipientString($header->bcc, "bcc"); |
| 129 | $bcc_string = $bcc['str']; |
| 130 | $url_bcc_string = $bcc['url_str']; |
| 131 | if(isset($bcc_string) && $bcc_string !='') { |
| 132 | $bodyheader .= makeTableEntry($bcc_string,_("Bcc:"), $color); |
| 133 | } |
| 134 | |
| 135 | return $bodyheader; |
| 136 | } |
| 137 | |
| 138 | function makeTableEntry($str, $str_name, $color) { |
| 139 | $entry = '<tr><td bgcolor="'."$color[0]".'" align right valign top>'."$str_name".'</td><td bgcolor="'."$color[0]". |
| 140 | '" valign top colspan=2><b>'."$str".'</b> </td></tr>'."\n"; |
| 141 | return $entry; |
| 142 | } |
| 143 | |
| 144 | function formatRecipientString($recipients, $item ) { |
| 145 | global $base_uri, $passed_id, $startMessage, $show_more_cc, $show_more, $show_more_bcc, $passed_ent_id; |
| 146 | global $where, $what, $mailbox, $sort; |
| 147 | |
| 148 | /** TEXT STRINGS DEFINITIONS **/ |
| 149 | $echo_more = _("more"); |
| 150 | $echo_less = _("less"); |
| 151 | |
| 152 | if (!isset($show_more_cc)) { |
| 153 | $show_more_cc = FALSE; |
| 154 | } |
| 155 | if (!isset($show_more_bcc)) { |
| 156 | $show_more_bcc = FALSE; |
| 157 | } |
| 158 | |
| 159 | |
| 160 | $urlMailbox = urlencode($mailbox); |
| 161 | $i = 0; |
| 162 | $url_string = ''; |
| 163 | |
| 164 | if (isset ($recipients[0]) && trim($recipients[0])) { |
| 165 | $string = ''; |
| 166 | $ary = explode(",",$recipients[0]); |
| 167 | |
| 168 | switch ($item) { |
| 169 | case 'to': |
| 170 | $show = "&show_more=1&show_more_cc=$show_more_cc&show_more_bcc=$show_more_bcc"; |
| 171 | $show_n = "&show_more=0&show_more_cc=$show_more_cc&show_more_bcc=$show_more_bcc"; |
| 172 | break; |
| 173 | case 'cc': |
| 174 | $show = "&show_more=$show_more&show_more_cc=1&show_more_bcc=$show_more_bcc"; |
| 175 | $show_n = "&show_more=$show_more&show_more_cc=0&show_more_bcc=$show_more_bcc"; |
| 176 | $show_more = $show_more_cc; |
| 177 | break; |
| 178 | case 'bcc': |
| 179 | $show = "&show_more=$show_more&show_more_cc=$show_more_cc&show_more_bcc=1"; |
| 180 | $show_n = "&show_more=$show_more&show_more_cc=$show_more_cc&show_more_bcc=0"; |
| 181 | $show_more = $show_more_bcc; |
| 182 | break; |
| 183 | default: |
| 184 | $break; |
| 185 | } |
| 186 | |
| 187 | while ($i < count($ary)) { |
| 188 | $ary[$i] = htmlspecialchars(decodeHeader($ary[$i])); |
| 189 | $url_string .= $ary[$i]; |
| 190 | if ($string) { |
| 191 | $string = "$string<BR>$ary[$i]"; |
| 192 | } else { |
| 193 | $string = "$ary[$i]"; |
| 194 | } |
| 195 | |
| 196 | $i++; |
| 197 | if (count($ary) > 1) { |
| 198 | if ($show_more == false) { |
| 199 | if ($i == 1) { |
| 200 | |
| 201 | $string .= ' (<A HREF="' . $base_uri . |
| 202 | "src/download.php?mailbox=$urlMailbox&passed_id=$passed_id&"; |
| 203 | if (isset($where) && isset($what)) { |
| 204 | $string .= 'what=' . urlencode($what)."&where=".urlencode($where)."&passed_ent_id=$passed_ent_id$show\">$echo_more</A>)"; |
| 205 | } else { |
| 206 | $string .= "sort=$sort&startMessage=$startMessage"."&passed_ent_id=$passed_ent_id$show\">$echo_more</A>)"; |
| 207 | } |
| 208 | $i = count($ary); |
| 209 | } |
| 210 | } else if ($i == 1) { |
| 211 | |
| 212 | $string .= ' (<A HREF="' . $base_uri . |
| 213 | "src/download.php?mailbox=$urlMailbox&passed_id=$passed_id&"; |
| 214 | if (isset($where) && isset($what)) { |
| 215 | $string .= 'what=' . urlencode($what)."&where=".urlencode($where)."&passed_ent_id=$passed_ent_id$show_n\">$echo_less</A>)"; |
| 216 | } else { |
| 217 | $string .= "sort=$sort&startMessage=$startMessage"."&passed_ent_id=$passed_ent_id$show_n\">$echo_less</A>)"; |
| 218 | } |
| 219 | } |
| 220 | } |
| 221 | |
| 222 | } |
| 223 | } |
| 224 | else { |
| 225 | $string = ''; |
| 226 | } |
| 227 | $url_string = urlencode($url_string); |
| 228 | $result = array(); |
| 229 | $result['str'] = $string; |
| 230 | $result['url_str'] = $url_string; |
| 231 | return $result; |
| 232 | |
| 233 | } |
| 234 | |
| 235 | |
| 236 | $imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0); |
| 237 | sqimap_mailbox_select($imapConnection, $mailbox); |
| 238 | |
| 239 | /* |
| 240 | * $message contains all information about the message |
| 241 | * including header and body |
| 242 | */ |
| 243 | $message = sqimap_get_message($imapConnection, $passed_id, $mailbox); |
| 244 | |
| 245 | $top_header = $message->header; |
| 246 | |
| 247 | /* |
| 248 | * lets redefine message as this particular entity that we wish to display. |
| 249 | * it should hold only the header for this entity. We need to fetch the body |
| 250 | * yet before we can display anything. |
| 251 | */ |
| 252 | $message = getEntity($message, $passed_ent_id); |
| 253 | |
| 254 | $header = $message->header; |
| 255 | |
| 256 | $charset = $header->charset; |
| 257 | $type0 = $header->type0; |
| 258 | $type1 = $header->type1; |
| 259 | if (isset($override_type0)) { |
| 260 | $type0 = $override_type0; |
| 261 | } |
| 262 | if (isset($override_type1)) { |
| 263 | $type1 = $override_type1; |
| 264 | } |
| 265 | $filename = decodeHeader($header->filename); |
| 266 | if (!$filename) { |
| 267 | $filename = decodeHeader($header->name); |
| 268 | } |
| 269 | |
| 270 | if (strlen($filename) < 1) { |
| 271 | if ($type1 == 'plain' && $type0 == 'text') { |
| 272 | $suffix = 'txt'; |
| 273 | } else if ($type1 == 'richtext' && $type0 == 'text') { |
| 274 | $suffix = 'rtf'; |
| 275 | } else if ($type1 == 'postscript' && $type0 == 'application') { |
| 276 | $suffix = 'ps'; |
| 277 | } else if ($type1 == 'rfc822' && $type0 == 'message') { |
| 278 | $suffix = 'eml'; |
| 279 | } else { |
| 280 | $suffix = $type1; |
| 281 | } |
| 282 | |
| 283 | $filename = "untitled$passed_ent_id.$suffix"; |
| 284 | } |
| 285 | |
| 286 | |
| 287 | /* |
| 288 | * Note: |
| 289 | * The following sections display the attachment in different |
| 290 | * ways depending on how they choose. The first way will download |
| 291 | * under any circumstance. This sets the Content-type to be |
| 292 | * applicatin/octet-stream, which should be interpreted by the |
| 293 | * browser as "download me". |
| 294 | * The second method (view) is used for images or other formats |
| 295 | * that should be able to be handled by the browser. It will |
| 296 | * most likely display the attachment inline inside the browser. |
| 297 | * And finally, the third one will be used by default. If it |
| 298 | * is displayable (text or html), it will load them up in a text |
| 299 | * viewer (built in to squirrelmail). Otherwise, it sets the |
| 300 | * content-type as application/octet-stream |
| 301 | */ |
| 302 | if (isset($absolute_dl) && $absolute_dl == 'true') { |
| 303 | switch($type0) { |
| 304 | case 'text': |
| 305 | DumpHeaders($type0, $type1, $filename, 1); |
| 306 | $body = mime_fetch_body($imapConnection, $passed_id, $passed_ent_id); |
| 307 | $body = decodeBody($body, $header->encoding); |
| 308 | if ($type1 == 'plain' && isset($showHeaders)) { |
| 309 | echo _("Subject") . ": " . decodeHeader($top_header->subject) . "\n". |
| 310 | " " . _("From") . ": " . decodeHeader($top_header->from) . "\n". |
| 311 | " " . _("To") . ": " . decodeHeader(getLineOfAddrs($top_header->to)) . "\n". |
| 312 | " " . _("Date") . ": " . getLongDateString($top_header->date) . "\n\n"; |
| 313 | } elseif ($type1 == 'html' && isset($showHeaders)) { |
| 314 | echo '<table><tr><th align=right>' . _("Subject"). |
| 315 | ':</th><td>' . decodeHeader($top_header->subject). |
| 316 | "</td></tr>\n<tr><th align=right>" . _("From"). |
| 317 | ':</th><td>' . decodeHeader($top_header->from). |
| 318 | "</td></tr>\n<tr><th align=right>" . _("To"). |
| 319 | ':</th><td>' . decodeHeader(getLineOfAddrs($top_header->to)). |
| 320 | "</td></tr>\n<tr><th align=right>" . _("Date"). |
| 321 | ':</th><td>' . getLongDateString($top_header->date). |
| 322 | "</td></tr>\n</table>\n<hr>\n"; |
| 323 | } |
| 324 | echo $body; |
| 325 | break; |
| 326 | |
| 327 | default: |
| 328 | DumpHeaders($type0, $type1, $filename, 1); |
| 329 | mime_print_body_lines ($imapConnection, $passed_id, $passed_ent_id, $header->encoding); |
| 330 | break; |
| 331 | } |
| 332 | } else { |
| 333 | switch ($type0) { |
| 334 | case 'text': |
| 335 | if ($type1 == 'plain' || $type1 == 'html') { |
| 336 | $body = mime_fetch_body($imapConnection, $passed_id, $passed_ent_id); |
| 337 | $body = decodeBody($body, $header->encoding); |
| 338 | viewText($color, $body, $passed_id, $passed_ent_id, $mailbox, $type1, $wrap_at); |
| 339 | } else { |
| 340 | DumpHeaders($type0, $type1, $filename, 0); |
| 341 | $body = mime_fetch_body($imapConnection, $passed_id, $passed_ent_id); |
| 342 | $body = decodeBody($body, $header->encoding); |
| 343 | echo $body; |
| 344 | } |
| 345 | break; |
| 346 | case 'message': |
| 347 | if ($type1 == 'rfc822' ) { |
| 348 | viewMessage($imapConnection, $passed_id, $mailbox, $passed_ent_id, $message, $color, $wrap_at); |
| 349 | } else { |
| 350 | $body = mime_fetch_body($imapConnection, $passed_id, $passed_ent_id); |
| 351 | $body = decodeBody($body, $msgheader->encoding); |
| 352 | viewText($color, $body, $passed_id, $passed_ent_id, $mailbox, $type1, $wrap_at); |
| 353 | } |
| 354 | break; |
| 355 | default: |
| 356 | DumpHeaders($type0, $type1, $filename, 0); |
| 357 | mime_print_body_lines ($imapConnection, $passed_id, $passed_ent_id, $header->encoding); |
| 358 | break; |
| 359 | } |
| 360 | } |
| 361 | |
| 362 | |
| 363 | /* |
| 364 | * This function is verified to work with Netscape and the *very latest* |
| 365 | * version of IE. I don't know if it works with Opera, but it should now. |
| 366 | */ |
| 367 | function DumpHeaders($type0, $type1, $filename, $force) { |
| 368 | global $HTTP_USER_AGENT; |
| 369 | |
| 370 | $isIE = 0; |
| 371 | |
| 372 | if (strstr($HTTP_USER_AGENT, 'compatible; MSIE ') !== false && |
| 373 | strstr($HTTP_USER_AGENT, 'Opera') === false) { |
| 374 | $isIE = 1; |
| 375 | } |
| 376 | |
| 377 | if (strstr($HTTP_USER_AGENT, 'compatible; MSIE 6') !== false && |
| 378 | strstr($HTTP_USER_AGENT, 'Opera') === false) { |
| 379 | $isIE6 = 1; |
| 380 | } |
| 381 | |
| 382 | $filename = ereg_replace('[^-a-zA-Z0-9\.]', '_', $filename); |
| 383 | |
| 384 | // A Pox on Microsoft and it's Office! |
| 385 | if (! $force) { |
| 386 | // Try to show in browser window |
| 387 | header("Content-Disposition: inline; filename=\"$filename\""); |
| 388 | header("Content-Type: $type0/$type1; name=\"$filename\""); |
| 389 | } else { |
| 390 | // Try to pop up the "save as" box |
| 391 | // IE makes this hard. It pops up 2 save boxes, or none. |
| 392 | // http://support.microsoft.com/support/kb/articles/Q238/5/88.ASP |
| 393 | // But, accordint to Microsoft, it is "RFC compliant but doesn't |
| 394 | // take into account some deviations that allowed within the |
| 395 | // specification." Doesn't that mean RFC non-compliant? |
| 396 | // http://support.microsoft.com/support/kb/articles/Q258/4/52.ASP |
| 397 | // |
| 398 | // The best thing you can do for IE is to upgrade to the latest |
| 399 | // version |
| 400 | if ($isIE && !isset($isIE6)) { |
| 401 | // http://support.microsoft.com/support/kb/articles/Q182/3/15.asp |
| 402 | // Do not have quotes around filename, but that applied to |
| 403 | // "attachment"... does it apply to inline too? |
| 404 | // |
| 405 | // This combination seems to work mostly. IE 5.5 SP 1 has |
| 406 | // known issues (see the Microsoft Knowledge Base) |
| 407 | header("Content-Disposition: inline; filename=$filename"); |
| 408 | |
| 409 | // This works for most types, but doesn't work with Word files |
| 410 | header("Content-Type: application/download; name=\"$filename\""); |
| 411 | |
| 412 | // These are spares, just in case. :-) |
| 413 | //header("Content-Type: $type0/$type1; name=\"$filename\""); |
| 414 | //header("Content-Type: application/x-msdownload; name=\"$filename\""); |
| 415 | //header("Content-Type: application/octet-stream; name=\"$filename\""); |
| 416 | } else { |
| 417 | header("Content-Disposition: attachment; filename=\"$filename\""); |
| 418 | // application/octet-stream forces download for Netscape |
| 419 | header("Content-Type: application/octet-stream; name=\"$filename\""); |
| 420 | } |
| 421 | } |
| 422 | } |
| 423 | ?> |