| 1 | <?php |
| 2 | |
| 3 | /** |
| 4 | * compose.php |
| 5 | * |
| 6 | * Functions for message compositon: writing a message, attaching files etc. |
| 7 | * |
| 8 | * @author Thijs Kinkhorst <kink at squirrelmail.org> |
| 9 | * @copyright © 1999-2007 The SquirrelMail Project Team |
| 10 | * @license http://opensource.org/licenses/gpl-license.php GNU Public License |
| 11 | * @version $Id$ |
| 12 | * @package squirrelmail |
| 13 | */ |
| 14 | |
| 15 | |
| 16 | /** |
| 17 | * Get a new file to write an attachment to. |
| 18 | * This function makes sure it doesn't overwrite other attachments, |
| 19 | * preventing collisions and race conditions. |
| 20 | * |
| 21 | * @return filename |
| 22 | * @since 1.5.2 |
| 23 | */ |
| 24 | function sq_get_attach_tempfile() |
| 25 | { |
| 26 | global $username, $attachment_dir; |
| 27 | |
| 28 | $hashed_attachment_dir = getHashedDir($username, $attachment_dir); |
| 29 | |
| 30 | // using PHP >= 4.3.2 we can be truly atomic here |
| 31 | $filemods = check_php_version ( 4,3,2 ) ? 'x' : 'w'; |
| 32 | |
| 33 | // give up after 1000 tries |
| 34 | $TMP_MAX = 1000; |
| 35 | for ($try=0; $try<$TMP_MAX; ++$try) { |
| 36 | |
| 37 | $localfilename = GenerateRandomString(32, '', 7); |
| 38 | $full_localfilename = "$hashed_attachment_dir/$localfilename"; |
| 39 | |
| 40 | // filename collision. try again |
| 41 | if ( file_exists($full_localfilename) ) { |
| 42 | continue; |
| 43 | } |
| 44 | |
| 45 | // try to open for (binary) writing |
| 46 | $fp = @fopen( $full_localfilename, $filemods); |
| 47 | |
| 48 | if ( $fp !== FALSE ) { |
| 49 | // success! make sure it's not readable, close and return filename |
| 50 | chmod($full_localfilename, 0600); |
| 51 | fclose($fp); |
| 52 | return $full_localfilename; |
| 53 | } |
| 54 | } |
| 55 | |
| 56 | // we tried 1000 times but didn't succeed. |
| 57 | error_box( _("Could not open temporary file to store attachment. Contact your system administrator to resolve this issue.") ); |
| 58 | return FALSE; |
| 59 | } |
| 60 | |
| 61 | |