sanitizing is done in form functions
[squirrelmail.git] / src / download.php
CommitLineData
59177427 1<?php
895905c0 2
35586184 3/**
4 * download.php
5 *
82d304a0 6 * Copyright (c) 1999-2004 The SquirrelMail Project Team
35586184 7 * Licensed under the GNU GPL. For full terms see the file COPYING.
8 *
9 * Handles attachment downloads to the users computer.
10 * Also allows displaying of attachments when possible.
11 *
30967a1e 12 * @version $Id$
2b646597 13 * @package squirrelmail
35586184 14 */
15
30967a1e 16/**
324ac3c5 17 * Path for SquirrelMail required files.
30967a1e 18 * @ignore
19 */
86725763 20define('SM_PATH','../');
21
22/* SquirrelMail required files. */
08185f2a 23require_once(SM_PATH . 'include/validate.php');
86725763 24require_once(SM_PATH . 'functions/imap.php');
25require_once(SM_PATH . 'functions/mime.php');
6b96544a 26
65c3ec94 27header('Pragma: ');
28header('Cache-Control: cache');
29
0b97a708 30/* globals */
1e12d1ff 31sqgetGlobalVar('key', $key, SQ_COOKIE);
32sqgetGlobalVar('username', $username, SQ_SESSION);
33sqgetGlobalVar('onetimepad', $onetimepad, SQ_SESSION);
324ac3c5 34sqgetGlobalVar('mailbox_cache',$mailbox_cache,SQ_SESSION);
1e12d1ff 35sqgetGlobalVar('messages', $messages, SQ_SESSION);
36sqgetGlobalVar('mailbox', $mailbox, SQ_GET);
37sqgetGlobalVar('ent_id', $ent_id, SQ_GET);
38sqgetGlobalVar('absolute_dl',$absolute_dl, SQ_GET);
39if ( sqgetGlobalVar('passed_id', $temp, SQ_GET) ) {
324ac3c5 40 $passed_id = (int) $temp;
da2415c1 41}
1075eaf1 42
0b97a708 43/* end globals */
97d7da3b 44
1e606225 45$imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
324ac3c5 46$aMailbox = sqm_api_mailbox_select($imapConnection, $mailbox,array(),array());
97d7da3b 47
324ac3c5 48if (isset($aMailbox['MSG_HEADERS'][$passed_id]['MESSAGE_OBJECT']) &&
49 is_object($aMailbox['MSG_HEADERS'][$passed_id]['MESSAGE_OBJECT']) ) {
50 $message = $aMailbox['MSG_HEADERS'][$passed_id]['MESSAGE_OBJECT'];
51} else {
52 $message = sqimap_get_message($imapConnection, $passed_id, $mailbox);
53 $aMailbox['MSG_HEADERS'][$passed_id]['MESSAGE_OBJECT'] = $message;
5a1c48cd 54}
324ac3c5 55
56//$mbx_response = sqimap_mailbox_select($imapConnection, $mailbox);
57
58//$message = &$messages[$mbx_response['UIDVALIDITY']]["$passed_id"];
59//if (!is_object($message)) {
60// $message = sqimap_get_message($imapConnection,$passed_id, $mailbox);
61//}
ff9d4297 62$subject = $message->rfc822_header->subject;
6914aa18 63if ($ent_id) {
64 $message = &$message->getEntity($ent_id);
65 $header = $message->header;
da2415c1 66
6914aa18 67 if ($message->rfc822_header) {
68 $subject = $message->rfc822_header->subject;
6914aa18 69 } else {
70 $header = $message->header;
6914aa18 71 }
72 $type0 = $header->type0;
73 $type1 = $header->type1;
74 $encoding = strtolower($header->encoding);
ff9d4297 75} else {
6914aa18 76 /* raw message */
77 $type0 = 'message';
78 $type1 = 'rfc822';
bc5ff7c9 79 $encoding = 'US-ASCII';
5d39ca4d 80 $header = $message->header;
ff9d4297 81}
97d7da3b 82
1e606225 83/*
65c3ec94 84 * lets redefine message as this particular entity that we wish to display.
85 * it should hold only the header for this entity. We need to fetch the body
86 * yet before we can display anything.
87 */
65c3ec94 88
65c3ec94 89if (isset($override_type0)) {
90 $type0 = $override_type0;
91}
92if (isset($override_type1)) {
93 $type1 = $override_type1;
94}
ff9d4297 95$filename = '';
96if (is_object($message->header->disposition)) {
a91189d6 97 $filename = $header->disposition->getProperty('filename');
ff9d4297 98 if (!$filename) {
708ea172 99 $filename = $header->disposition->getProperty('name');
ff9d4297 100 }
6914aa18 101 if (!$filename) {
a91189d6 102 $filename = $header->getParameter('name');
da2415c1 103 }
cf22004d 104} else {
5d39ca4d 105 $filename = $header->getParameter('name');
65c3ec94 106}
bc5ff7c9 107
89c7fc5a 108//$filename = decodeHeader($filename, false, false); //Don't want html output nor utf8 because it will return html output
da2415c1 109$filename = decodeHeader($filename, true, false); //Don't want html output
65c3ec94 110if (strlen($filename) < 1) {
fd77c331 111 //$filename = decodeHeader($subject, false, false); //Don't want html output nor utf8 because it will return html output
112 $filename = decodeHeader($subject, true, false); //Don't want html output
89c7fc5a 113 if ($type1 == 'plain' && $type0 == 'text')
65c3ec94 114 $suffix = 'txt';
89c7fc5a 115 else if ($type1 == 'richtext' && $type0 == 'text')
65c3ec94 116 $suffix = 'rtf';
89c7fc5a 117 else if ($type1 == 'postscript' && $type0 == 'application')
65c3ec94 118 $suffix = 'ps';
89c7fc5a 119 else if ($type1 == 'rfc822' && $type0 == 'message')
120 $suffix = 'msg';
8e73da2b 121 else
65c3ec94 122 $suffix = $type1;
8e73da2b 123
124 if ($filename == '')
125 $filename = 'untitled' . strip_tags($ent_id);
89c7fc5a 126 $filename = $filename . '.' . $suffix;
65c3ec94 127}
128
129/*
130 * Note:
131 * The following sections display the attachment in different
132 * ways depending on how they choose. The first way will download
133 * under any circumstance. This sets the Content-type to be
134 * applicatin/octet-stream, which should be interpreted by the
135 * browser as "download me".
136 * The second method (view) is used for images or other formats
137 * that should be able to be handled by the browser. It will
138 * most likely display the attachment inline inside the browser.
139 * And finally, the third one will be used by default. If it
140 * is displayable (text or html), it will load them up in a text
141 * viewer (built in to squirrelmail). Otherwise, it sets the
142 * content-type as application/octet-stream
143 */
88d916ee 144if (isset($absolute_dl) && $absolute_dl) {
da2415c1 145 SendDownloadHeaders($type0, $type1, $filename, 1);
65c3ec94 146} else {
da2415c1 147 SendDownloadHeaders($type0, $type1, $filename, 0);
65c3ec94 148}
38bca81c 149/* be aware that any warning caused by download.php will corrupt the
150 * attachment in case of ERROR reporting = E_ALL and the output is the screen */
ff9d4297 151mime_print_body_lines ($imapConnection, $passed_id, $ent_id, $encoding);
324ac3c5 152$mailbox_cache[$aMailbox['NAME']] = $aMailbox;
153sqsession_register($mailbox_cache,'mailbox_cache');
2b646597 154?>