You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

upload.inc 5.4KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144
  1. <?php
  2. /**
  3. +-----------------------------------------------------------------------+
  4. | program/steps/settings/upload.inc |
  5. | |
  6. | This file is part of the Roundcube Webmail client |
  7. | Copyright (C) 2005-2014, The Roundcube Dev Team |
  8. | |
  9. | Licensed under the GNU General Public License version 3 or |
  10. | any later version with exceptions for skins & plugins. |
  11. | See the README file for a full license statement. |
  12. | |
  13. | PURPOSE: |
  14. | Handles image uploads |
  15. | |
  16. +-----------------------------------------------------------------------+
  17. | Author: Aleksander Machniak <alec@alec.pl> |
  18. +-----------------------------------------------------------------------+
  19. */
  20. // Upload progress update
  21. if (!empty($_GET['_progress'])) {
  22. $RCMAIL->upload_progress();
  23. }
  24. $from = rcube_utils::get_input_value('_from', rcube_utils::INPUT_GET);
  25. $type = str_replace('edit-', '', $from);
  26. if ($RCMAIL->action == 'upload-display') {
  27. $id = 'undefined';
  28. if (preg_match('/^rcmfile(\w+)$/', $_GET['_file'], $regs)) {
  29. $id = $regs[1];
  30. }
  31. $RCMAIL->display_uploaded_file($_SESSION[$type]['files'][$id]);
  32. exit;
  33. }
  34. // Supported image format types
  35. $IMAGE_TYPES = explode(',', 'jpeg,jpg,jp2,tiff,tif,bmp,eps,gif,png,png8,png24,png32,svg,ico');
  36. // clear all stored output properties (like scripts and env vars)
  37. $OUTPUT->reset();
  38. $max_size = $RCMAIL->config->get($type . '_image_size', 64) * 1024;
  39. $post_size = $RCMAIL->show_bytes(parse_bytes(ini_get('upload_max_filesize')));
  40. $uploadid = rcube_utils::get_input_value('_uploadid', rcube_utils::INPUT_GET);
  41. if (is_array($_FILES['_file']['tmp_name'])) {
  42. $multiple = count($_FILES['_file']['tmp_name']) > 1;
  43. foreach ($_FILES['_file']['tmp_name'] as $i => $filepath) {
  44. // Process uploaded attachment if there is no error
  45. $err = $_FILES['_file']['error'][$i];
  46. if (!$err) {
  47. if ($max_size < $_FILES['_file']['size'][$i]) {
  48. $err = 'size_error';
  49. }
  50. // check image file type
  51. else {
  52. $image = new rcube_image($filepath);
  53. $imageprop = $image->props();
  54. if (!in_array(strtolower($imageprop['type']), $IMAGE_TYPES)) {
  55. $err = 'type_error';
  56. }
  57. }
  58. }
  59. // save uploaded image in storage backend
  60. if (!$err) {
  61. $attachment = $RCMAIL->plugins->exec_hook('attachment_upload', array(
  62. 'path' => $filepath,
  63. 'size' => $_FILES['_file']['size'][$i],
  64. 'name' => $_FILES['_file']['name'][$i],
  65. 'mimetype' => 'image/' . $imageprop['type'],
  66. 'group' => $type,
  67. ));
  68. }
  69. if (!$err && $attachment['status'] && !$attachment['abort']) {
  70. $id = $attachment['id'];
  71. // store new file in session
  72. unset($attachment['status'], $attachment['abort']);
  73. $RCMAIL->session->append($type . '.files', $id, $attachment);
  74. $content = rcube::Q($attachment['name']);
  75. $OUTPUT->command('add2attachment_list', "rcmfile$id", array(
  76. 'html' => $content,
  77. 'name' => $attachment['name'],
  78. 'mimetype' => $attachment['mimetype'],
  79. 'classname' => rcube_utils::file2class($attachment['mimetype'], $attachment['name']),
  80. 'complete' => true
  81. ),
  82. $uploadid
  83. );
  84. }
  85. else {
  86. if ($err == 'type_error') {
  87. $msg = $RCMAIL->gettext('invalidimageformat');
  88. }
  89. else if ($err == 'size_error') {
  90. $msg = $RCMAIL->gettext(array('name' => 'filesizeerror', 'vars' => array('size' => $max_size)));
  91. }
  92. else if ($err == UPLOAD_ERR_INI_SIZE || $err == UPLOAD_ERR_FORM_SIZE) {
  93. $msg = $RCMAIL->gettext(array('name' => 'filesizeerror', 'vars' => array('size' => $post_size)));
  94. }
  95. else if ($attachment['error']) {
  96. $msg = $attachment['error'];
  97. }
  98. else {
  99. $msg = $RCMAIL->gettext('fileuploaderror');
  100. }
  101. $OUTPUT->command('display_message', $msg, 'error');
  102. }
  103. }
  104. }
  105. else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
  106. // if filesize exceeds post_max_size then $_FILES array is empty,
  107. // show filesizeerror instead of fileuploaderror
  108. if ($maxsize = ini_get('post_max_size')) {
  109. $msg = $RCMAIL->gettext(array(
  110. 'name' => 'filesizeerror',
  111. 'vars' => array('size' => $RCMAIL->show_bytes(parse_bytes($maxsize)))
  112. ));
  113. }
  114. else {
  115. $msg = $RCMAIL->gettext('fileuploaderror');
  116. }
  117. $OUTPUT->command('display_message', $msg, 'error');
  118. $OUTPUT->command('remove_from_attachment_list', $uploadid);
  119. }
  120. $OUTPUT->send('iframe');