Context Navigation

source: trunk/expressoMail1_2/inc/gotodownload.php @ 1036

Revision 1036, 6.5 KB checked in by amuller, 15 years ago (diff)
Ticket #559 - Atualização de segurança
Property svn:eol-style set to `native` Property svn:executable set to ``*

Line
1	<?
2	$GLOBALS['phpgw_info']['flags'] = array(
3	'currentapp' => 'expressoMail1_2',
4	'nonavbar' => true,
5	'noheader' => true
6	);
7
8	require_once $_SERVER[ 'DOCUMENT_ROOT' ] . '/header.inc.php';
9
10	$msg_number = $_GET['msg_number'];
11	$idx_file = $_GET['idx_file'];
12	$newfilename = $_GET['newfilename'];
13	$msg_part = $_GET['msg_part'];
14	$msg_folder = $_GET['msg_folder'];
15	$msg_folder = mb_convert_encoding($msg_folder,"UTF7-IMAP", mb_detect_encoding($msg_folder, "UTF-8, ISO-8859-1", true));
16
17	$encoding = strtolower($_GET['encoding']);
18	$fileContent = "";
19
20	if($msg_number && $msg_part && $msg_folder && (intval($idx_file == '0' ? '1' : $idx_file))) {
21	$username = $_SESSION['phpgw_info']['expressomail']['user']['userid'];
22	$password = $_SESSION['phpgw_info']['expressomail']['user']['passwd'];
23	$imap_server = $_SESSION['phpgw_info']['expressomail']['email_server']['imapServer'];
24	$imap_port = $_SESSION['phpgw_info']['expressomail']['email_server']['imapPort'];
25	if ($_SESSION['phpgw_info']['expressomail']['email_server']['imapTLSEncryption'] == 'yes')
26	{
27	$imap_options = '/tls/novalidate-cert';
28	}
29	else
30	{
31	$imap_options = '/notls/novalidate-cert';
32	}
33	$mbox_stream = imap_open("{".$imap_server.":".$imap_port.$imap_options."}".$msg_folder, $username, $password);
34	$fileContent = imap_fetchbody($mbox_stream, $msg_number, $msg_part, FT_UID);
35	/*
36	*Removed by Bug #546
37	*include("class.imap_attachment.inc.php");
38	*$imap_attachment = new imap_attachment();
39	*$a = $imap_attachment->download_attachment($mbox_stream, $msg_number);
40	*$filename = $a[$idx_file]['name'];
41	*/
42	$filename = $newfilename;
43	}
44	else
45	$filename = $idx_file;
46
47	$filename = $filename ? $filename : "attachment.bin";
48	$newfilename = $newfilename ? $newfilename : $filename;
49	$strFileType = strrev(substr(strrev(strtolower($filename)),0,4));
50
51	downloadFile($strFileType, $filename, $newfilename, $fileContent, $encoding);
52
53	function downloadFile($strFileType, $strFileName, $newFileName, $fileContent, $encoding) {
54	$ContentType = "application/octet-stream";
55
56	if ($strFileType == ".asf")
57	$ContentType = "video/x-ms-asf";
58	if ($strFileType == ".avi")
59	$ContentType = "video/avi";
60	if ($strFileType == ".doc")
61	$ContentType = "application/msword";
62	if ($strFileType == ".zip")
63	$ContentType = "application/zip";
64	if ($strFileType == ".xls")
65	$ContentType = "application/vnd.ms-excel";
66	if ($strFileType == ".gif")
67	$ContentType = "image/gif";
68	if ($strFileType == ".jpg" \|\| $strFileType == "jpeg")
69	$ContentType = "image/jpeg";
70	if ($strFileType == ".wav")
71	$ContentType = "audio/wav";
72	if ($strFileType == ".mp3")
73	$ContentType = "audio/mpeg3";
74	if ($strFileType == ".mpg" \|\| $strFileType == "mpeg")
75	$ContentType = "video/mpeg";
76	if ($strFileType == ".rtf")
77	$ContentType = "application/rtf";
78	if ($strFileType == ".htm" \|\| $strFileType == "html")
79	$ContentType = "text/html";
80	if ($strFileType == ".xml")
81	$ContentType = "text/xml";
82	if ($strFileType == ".xsl")
83	$ContentType = "text/xsl";
84	if ($strFileType == ".css")
85	$ContentType = "text/css";
86	if ($strFileType == ".php")
87	$ContentType = "text/php";
88	if ($strFileType == ".asp")
89	$ContentType = "text/asp";
90	if ($strFileType == ".pdf")
91	$ContentType = "application/pdf";
92	if ($strFileType == ".txt")
93	$ContentType = "text/plain";
94	if ($strFileType == ".log")
95	$ContentType = "text/plain";
96	if ($strFileType == ".wmv")
97	$ContentType = "video/x-ms-wmv";
98	if ($strFileType == ".sxc")
99	$ContentType = "application/vnd.sun.xml.calc";
100	if ($strFileType == ".odt")
101	$ContentType = "application/vnd.oasis.opendocument.text";
102	if ($strFileType == ".stc")
103	$ContentType = "application/vnd.sun.xml.calc.template";
104	if ($strFileType == ".sxd")
105	$ContentType = "application/vnd.sun.xml.draw";
106	if ($strFileType == ".std")
107	$ContentType = "application/vnd.sun.xml.draw.template";
108	if ($strFileType == ".sxi")
109	$ContentType = "application/vnd.sun.xml.impress";
110	if ($strFileType == ".sti")
111	$ContentType = "application/vnd.sun.xml.impress.template";
112	if ($strFileType == ".sxm")
113	$ContentType = "application/vnd.sun.xml.math";
114	if ($strFileType == ".sxw")
115	$ContentType = "application/vnd.sun.xml.writer";
116	if ($strFileType == ".sxq")
117	$ContentType = "application/vnd.sun.xml.writer.global";
118	if ($strFileType == ".stw")
119	$ContentType = "application/vnd.sun.xml.writer.template";
120	if ($strFileType == ".ps")
121	$ContentType = "application/postscript";
122	if ($strFileType == ".pps")
123	$ContentType = "application/vnd.ms-powerpoint";
124	if ($strFileType == ".odt")
125	$ContentType = "application/vnd.oasis.opendocument.text";
126	if ($strFileType == ".ott")
127	$ContentType = "application/vnd.oasis.opendocument.text-template";
128	if ($strFileType == ".oth")
129	$ContentType = "application/vnd.oasis.opendocument.text-web";
130	if ($strFileType == ".odm")
131	$ContentType = "application/vnd.oasis.opendocument.text-master";
132	if ($strFileType == ".odg")
133	$ContentType = "application/vnd.oasis.opendocument.graphics";
134	if ($strFileType == ".otg")
135	$ContentType = "application/vnd.oasis.opendocument.graphics-template";
136	if ($strFileType == ".odp")
137	$ContentType = "application/vnd.oasis.opendocument.presentation";
138	if ($strFileType == ".otp")
139	$ContentType = "application/vnd.oasis.opendocument.presentation-template";
140	if ($strFileType == ".ods")
141	$ContentType = "application/vnd.oasis.opendocument.spreadsheet";
142	if ($strFileType == ".ots")
143	$ContentType = "application/vnd.oasis.opendocument.spreadsheet-template";
144	if ($strFileType == ".odc")
145	$ContentType = "application/vnd.oasis.opendocument.chart";
146	if ($strFileType == ".odf")
147	$ContentType = "application/vnd.oasis.opendocument.formula";
148	if ($strFileType == ".odi")
149	$ContentType = "application/vnd.oasis.opendocument.image";
150	if ($strFileType == ".ndl")
151	$ContentType = "application/vnd.lotus-notes";
152
153	header ("Content-Type: $ContentType");
154	header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
155	header("Pragma: public");
156	header("Expires: 0"); // set expiration time
157	header ("Content-Disposition: attachment; filename=\"". addslashes($newFileName)."\"");
158	if($fileContent) {
159	if($encoding == 'base64')
160	echo imap_base64($fileContent);
161	else if($encoding == 'quoted-printable')
162	echo quoted_printable_decode($fileContent);
163	else
164	echo $fileContent;
165	}
166	else
167	if ( ( strpos( $strFileName, ini_get( 'session.save_path' ) ) === 0 ) && ( strpos( $strFileName, '../' ) === false ) )
168	readfile($strFileName);
169	}
170	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: