* modifications in order to use ent_id=0 for downloading full messages

[squirrelmail.git] / src / download.php

diff --git a/src/download.php b/src/download.php
index 092940a2b3e7c8faa880cc755511d09549bd93c5..28fe5c809d957455bcb25e446ab0183fff915208 100644 (file)
--- a/src/download.php
+++ b/src/download.php
@@ -3,7 +3,7 @@
 /**
  * download.php
  *
- * Copyright (c) 1999-2002 The SquirrelMail Project Team
+ * Copyright (c) 1999-2003 The SquirrelMail Project Team
  * Licensed under the GNU GPL. For full terms see the file COPYING.
  *
  * Handles attachment downloads to the users computer.
@@ -29,16 +29,15 @@ $key = $_COOKIE['key'];
 $username = $_SESSION['username'];
 $onetimepad = $_SESSION['onetimepad'];
 $mailbox = $_GET['mailbox'];
-$passed_id = $_GET['passed_id'];
+$passed_id = (int) $_GET['passed_id'];
+$ent_id = $_GET['ent_id'];
 $messages = $_SESSION['messages'];
-if (!isset($passed_ent_id)) {
-   $passed_ent_id = '';
-} else {
-    $passed_ent_id = $_GET['passed_ent_id'];
+
+if (isset($_GET['absolute_dl'])) {
+   $absolute_dl = $_GET['absolute_dl'];
 }
 
 /* end globals */
-
 $mailbox = decodeHeader($mailbox);
 
 global $uid_support;
@@ -101,7 +100,7 @@ if (strlen($filename) < 1) {
     }
 
     if (strlen($filename) < 1) {
-       $filename = "untitled$ent_id.$suffix";
+       $filename = 'untitled'.strip_tags($ent_id).$suffix;
     } else {
        $filename = "$filename.$suffix";
     }
@@ -122,7 +121,7 @@ if (strlen($filename) < 1) {
  *    viewer (built in to squirrelmail).  Otherwise, it sets the
  *    content-type as application/octet-stream
  */
-if (isset($absolute_dl) && $absolute_dl == 'true') {
+if (isset($absolute_dl) && $absolute_dl) {
     DumpHeaders($type0, $type1, $filename, 1);
 } else {
     DumpHeaders($type0, $type1, $filename, 0);
@@ -137,7 +136,7 @@ mime_print_body_lines ($imapConnection, $passed_id, $ent_id, $encoding);
  */
 function DumpHeaders($type0, $type1, $filename, $force) {
     global $_SERVER, $languages, $squirrelmail_language;
-    $isIE = 0;
+    $isIE = $isIE6 = 0;
 
     $HTTP_USER_AGENT = $_SERVER['HTTP_USER_AGENT'];
 
@@ -160,7 +159,7 @@ function DumpHeaders($type0, $type1, $filename, $force) {
     }
 
     // A Pox on Microsoft and it's Office!
-    if (! $force) {
+    if (!$force) {
         // Try to show in browser window
         header("Content-Disposition: inline; filename=\"$filename\"");
         header("Content-Type: $type0/$type1; name=\"$filename\"");
@@ -175,7 +174,7 @@ function DumpHeaders($type0, $type1, $filename, $force) {
         //
         // The best thing you can do for IE is to upgrade to the latest
         // version
-        if ($isIE && !isset($isIE6)) {
+        if ($isIE && !$isIE6) {
             // http://support.microsoft.com/support/kb/articles/Q182/3/15.asp
             // Do not have quotes around filename, but that applied to
             // "attachment"... does it apply to inline too?
@@ -183,7 +182,6 @@ function DumpHeaders($type0, $type1, $filename, $force) {
             // This combination seems to work mostly.  IE 5.5 SP 1 has
             // known issues (see the Microsoft Knowledge Base)
             header("Content-Disposition: inline; filename=$filename");
-
             // This works for most types, but doesn't work with Word files
             header("Content-Type: application/download; name=\"$filename\"");