/**
* download.php
*
- * Copyright (c) 1999-2002 The SquirrelMail Project Team
+ * Copyright (c) 1999-2003 The SquirrelMail Project Team
* Licensed under the GNU GPL. For full terms see the file COPYING.
*
* Handles attachment downloads to the users computer.
header('Cache-Control: cache');
/* globals */
-
-$key = $_COOKIE['key'];
-$username = $_SESSION['username'];
-$onetimepad = $_SESSION['onetimepad'];
-$mailbox = $_GET['mailbox'];
-$passed_id = $_GET['passed_id'];
-$ent_id = $_GET['ent_id'];
-$messages = $_SESSION['messages'];
-if (!isset($passed_ent_id)) {
- $passed_ent_id = '';
-} else {
- $passed_ent_id = $_GET['passed_ent_id'];
-}
+sqgetGlobalVar('key', $key, SQ_COOKIE);
+sqgetGlobalVar('username', $username, SQ_SESSION);
+sqgetGlobalVar('onetimepad', $onetimepad, SQ_SESSION);
+sqgetGlobalVar('messages', $messages, SQ_SESSION);
+sqgetGlobalVar('mailbox', $mailbox, SQ_GET);
+sqgetGlobalVar('ent_id', $ent_id, SQ_GET);
+sqgetGlobalVar('absolute_dl',$absolute_dl, SQ_GET);
+if ( sqgetGlobalVar('passed_id', $temp, SQ_GET) ) {
+ $passed_id = (int) $temp;
+}
/* end globals */
-$mailbox = decodeHeader($mailbox);
+$mailbox = urldecode($mailbox);
global $uid_support;
$message = sqimap_get_message($imapConnection,$passed_id, $mailbox);
}
$subject = $message->rfc822_header->subject;
-$message = &$message->getEntity($ent_id);
-$header = $message->header;
-if ($message->rfc822_header) {
- $subject = $message->rfc822_header->subject;
- $charset = $header->content_type->properties['charset'];
+if ($ent_id) {
+ $message = &$message->getEntity($ent_id);
+ $header = $message->header;
+
+ if ($message->rfc822_header) {
+ $subject = $message->rfc822_header->subject;
+ $charset = $header->content_type->properties['charset'];
+ } else {
+ $header = $message->header;
+ $charset = $header->getParameter('charset');
+ }
+ $type0 = $header->type0;
+ $type1 = $header->type1;
+ $encoding = strtolower($header->encoding);
} else {
- $header = $message->header;
- $charset = $header->getParameter('charset');
+ /* raw message */
+ $type0 = 'message';
+ $type1 = 'rfc822';
+ $encoding = "US-ASCII";
}
-$type0 = $header->type0;
-$type1 = $header->type1;
-$encoding = strtolower($header->encoding);
/*
* lets redefine message as this particular entity that we wish to display.
}
$filename = '';
if (is_object($message->header->disposition)) {
- $filename = decodeHeader($header->disposition->getProperty('filename'));
+ $filename = $header->disposition->getProperty('filename');
if (!$filename) {
- $filename = decodeHeader($header->disposition->getProperty('name'));
+ $filename = $header->disposition->getProperty('name');
}
+ if (!$filename) {
+ $filename = $header->getParameter('name');
+ }
+} else {
+ $filename = $header->getParameter('name');
}
+$filename = decodeHeader($filename);
if (strlen($filename) < 1) {
if ($type1 == 'plain' && $type0 == 'text') {
$suffix = 'txt';
}
if (strlen($filename) < 1) {
- $filename = "untitled$ent_id.$suffix";
+ $filename = 'untitled'.strip_tags($ent_id).$suffix;
} else {
$filename = "$filename.$suffix";
}
* viewer (built in to squirrelmail). Otherwise, it sets the
* content-type as application/octet-stream
*/
-if (isset($absolute_dl) && $absolute_dl == 'true') {
+if (isset($absolute_dl) && $absolute_dl) {
DumpHeaders($type0, $type1, $filename, 1);
} else {
DumpHeaders($type0, $type1, $filename, 0);
* version of IE. I don't know if it works with Opera, but it should now.
*/
function DumpHeaders($type0, $type1, $filename, $force) {
- global $_SERVER, $languages, $squirrelmail_language;
- $isIE = 0;
+ global $languages, $squirrelmail_language;
+ $isIE = $isIE6 = 0;
- $HTTP_USER_AGENT = $_SERVER['HTTP_USER_AGENT'];
+ sqgetGlobalVar('HTTP_USER_AGENT', $HTTP_USER_AGENT, SQ_SERVER);
if (strstr($HTTP_USER_AGENT, 'compatible; MSIE ') !== false &&
strstr($HTTP_USER_AGENT, 'Opera') === false) {
}
// A Pox on Microsoft and it's Office!
- if (! $force) {
+ if (!$force) {
// Try to show in browser window
header("Content-Disposition: inline; filename=\"$filename\"");
header("Content-Type: $type0/$type1; name=\"$filename\"");
//
// The best thing you can do for IE is to upgrade to the latest
// version
- if ($isIE && !isset($isIE6)) {
+ if ($isIE && !$isIE6) {
// http://support.microsoft.com/support/kb/articles/Q182/3/15.asp
// Do not have quotes around filename, but that applied to
// "attachment"... does it apply to inline too?
// This combination seems to work mostly. IE 5.5 SP 1 has
// known issues (see the Microsoft Knowledge Base)
header("Content-Disposition: inline; filename=$filename");
-
// This works for most types, but doesn't work with Word files
header("Content-Type: application/download; name=\"$filename\"");
projects / squirrelmail.git / blobdiff