From 43fa235da354c8b53aa69ba745c1d398a758fcaf Mon Sep 17 00:00:00 2001
From: svncommit <devs@roundcube.net>
Date: Wed, 26 Oct 2005 05:42:19 -0400
Subject: [PATCH]
---
program/steps/mail/compose.inc | 100 ++++++++++++++++++++++++++++++++-----------------
1 files changed, 65 insertions(+), 35 deletions(-)
diff --git a/program/steps/mail/compose.inc b/program/steps/mail/compose.inc
index b7e91cb..f707599 100644
--- a/program/steps/mail/compose.inc
+++ b/program/steps/mail/compose.inc
@@ -6,7 +6,7 @@
| |
| This file is part of the RoundCube Webmail client |
| Copyright (C) 2005, RoundCube Dev. - Switzerland |
- | All rights reserved. |
+ | Licensed under the GNU GPL |
| |
| PURPOSE: |
| Compose a new mail message with all headers and attachments |
@@ -87,13 +87,11 @@
$field_attrib[$attr] = $value;
// get this user's identities
- $sql_result = $DB->query(sprintf("SELECT identity_id, name, email
- FROM %s
- WHERE user_id=%d
- AND del!='1'
- ORDER BY `default` DESC, name ASC",
- get_table_name('identities'),
- $_SESSION['user_id']));
+ $sql_result = $DB->query("SELECT identity_id, name, email
+ FROM ".get_table_name('identities')." WHERE user_id=?
+ AND del<>'1'
+ ORDER BY ".$DB->quoteIdentifier('default')." DESC, name ASC",
+ $_SESSION['user_id']);
if ($DB->num_rows($sql_result))
{
@@ -120,17 +118,14 @@
$header = 'to';
// we have contact id's as get parameters
- if (strlen($_GET['_to']) && preg_match('/[0-9]+,?/', $_GET['_to']))
+ if (!empty($_GET['_to']) && preg_match('/[0-9]+,?/', $_GET['_to']))
{
$a_recipients = array();
- $sql_result = $DB->query(sprintf("SELECT name, email
- FROM %s
- WHERE user_id=%d
- AND del!='1'
- AND contact_id IN (%s)",
- get_table_name('contacts'),
- $_SESSION['user_id'],
- $_GET['_to']));
+ $sql_result = $DB->query("SELECT name, email
+ FROM ".get_table_name('contacts')." WHERE user_id=?
+ AND del<>'1'
+ AND contact_id IN (".$_GET['_to'].")",
+ $_SESSION['user_id']);
while ($sql_arr = $DB->fetch_assoc($sql_result))
$a_recipients[] = format_email_recipient($sql_arr['email'], $sql_arr['name']);
@@ -138,7 +133,7 @@
if (sizeof($a_recipients))
$fvalue = join(', ', $a_recipients);
}
- else if (strlen($_GET['_to']))
+ else if (!empty($_GET['_to']))
$fvalue = $_GET['_to'];
case 'cc':
@@ -165,7 +160,7 @@
}
- if ($fname && $_POST[$fname])
+ if ($fname && !empty($_POST[$fname]))
$fvalue = $_POST[$fname];
else if ($header && is_object($REPLY_MESSAGE['headers']))
{
@@ -282,8 +277,8 @@
$body = '';
// use posted message body
- if ($_POST['_message'])
- $body = $_POST['_message'];
+ if (!empty($_POST['_message']))
+ $body = stripslashes($_POST['_message']);
// compose reply-body
else if (is_array($REPLY_MESSAGE['parts']))
@@ -352,6 +347,34 @@
$IMAP->decode_header($FORWARD_MESSAGE['headers']->from),
$IMAP->decode_header($FORWARD_MESSAGE['headers']->to));
+ // add attachments
+ if (!isset($_SESSION['compose']['forward_attachments']) && is_array($FORWARD_MESSAGE['parts']) && sizeof($FORWARD_MESSAGE['parts'])>1)
+ {
+ $temp_dir = rcmail_create_compose_tempdir();
+
+ if (!is_array($_SESSION['compose']['attachments']))
+ $_SESSION['compose']['attachments'] = array();
+
+ foreach ($FORWARD_MESSAGE['parts'] as $part)
+ {
+ if ($part->disposition != 'attachment')
+ continue;
+
+ $tmp_path = tempnam($temp_dir, 'rcmAttmnt');
+ if ($fp = fopen($tmp_path, 'w'))
+ {
+ fwrite($fp, $IMAP->mime_decode($part->body, $part->headers['content-transfer-encoding']));
+ fclose($fp);
+
+ $_SESSION['compose']['attachments'][] = array('name' => $part->d_parameters['filename'],
+ 'mimetype' => $part->ctype_primary . '/' . $part->ctype_secondary,
+ 'path' => $tmp_path);
+ }
+ }
+
+ $_SESSION['compose']['forward_attachments'] = TRUE;
+ }
+
return $prefix.$body;
}
@@ -370,16 +393,26 @@
$subject = '';
// use subject from post
- if ($_POST['_subject'])
- $subject = $_POST['_subject'];
+ if (isset($_POST['_subject']))
+ $subject = stripslashes($_POST['_subject']);
// create a reply-subject
else if (isset($REPLY_MESSAGE['subject']))
- $subject = 'Re: '.$REPLY_MESSAGE['subject'];
+ {
+ if (eregi('^re:', $REPLY_MESSAGE['subject']))
+ $subject = $REPLY_MESSAGE['subject'];
+ else
+ $subject = 'Re: '.$REPLY_MESSAGE['subject'];
+ }
// create a forward-subject
else if (isset($FORWARD_MESSAGE['subject']))
- $subject = 'Fwd: '.$FORWARD_MESSAGE['subject'];
+ {
+ if (eregi('^fwd:', $REPLY_MESSAGE['subject']))
+ $subject = $FORWARD_MESSAGE['subject'];
+ else
+ $subject = 'Fwd: '.$FORWARD_MESSAGE['subject'];
+ }
$out = $form_start ? "$form_start\n" : '';
@@ -471,9 +504,9 @@
rcube_label('normal'),
rcube_label('high'),
rcube_label('highest')),
- array(1, 2, 0, 4, 5));
+ array(5, 4, 0, 2, 1));
- $sel = $_POST['_priority'] ? $_POST['_priority'] : 0;
+ $sel = isset($_POST['_priority']) ? $_POST['_priority'] : 0;
$out = $form_start ? "$form_start\n" : '';
$out .= $selector->show($sel);
@@ -493,13 +526,13 @@
$hiddenfields = new hiddenfield(array('name' => '_task', 'value' => $GLOBALS['_task']));
$hiddenfields->add(array('name' => '_action', 'value' => 'send'));
- $form_start = !strlen($attrib['form']) ? '<form name="form" action="./" method="post">' : '';
+ $form_start = empty($attrib['form']) ? '<form name="form" action="./" method="post">' : '';
$form_start .= "\n$SESS_HIDDEN_FIELD\n";
$form_start .= $hiddenfields->show();
}
$form_end = (strlen($MESSAGE_FORM) && !strlen($attrib['form'])) ? '</form>' : '';
- $form_name = strlen($attrib['form']) ? $attrib['form'] : 'form';
+ $form_name = !empty($attrib['form']) ? $attrib['form'] : 'form';
if (!strlen($MESSAGE_FORM))
$OUTPUT->add_script("$JS_OBJECT_NAME.gui_object('messageform', '$form_name');");
@@ -521,12 +554,9 @@
/****** get contacts for this user and add them to client scripts ********/
-$sql_result = $DB->query(sprintf("SELECT name, email
- FROM %s
- WHERE user_id=%d
- AND del!='1'",
- get_table_name('contacts'),
- $_SESSION['user_id']));
+$sql_result = $DB->query("SELECT name, email
+ FROM ".get_table_name('contacts')." WHERE user_id=?
+ AND del<>'1'",$_SESSION['user_id']);
if ($DB->num_rows($sql_result))
{
--
Gitblit v1.9.1