From 2965a981b7ec22866fbdf2d567d87e2d068d3617 Mon Sep 17 00:00:00 2001
From: Thomas Bruederli <thomas@roundcube.net>
Date: Fri, 31 Jul 2015 16:04:08 -0400
Subject: [PATCH] Allow to search and import missing PGP pubkeys from keyservers using Publickey.js

---
 plugins/filesystem_attachments/filesystem_attachments.php |  111 ++++++++++++++++++++++++++++++++++++++-----------------
 1 files changed, 76 insertions(+), 35 deletions(-)

diff --git a/plugins/filesystem_attachments/filesystem_attachments.php b/plugins/filesystem_attachments/filesystem_attachments.php
index 9a6c0a8..50bd624 100644
--- a/plugins/filesystem_attachments/filesystem_attachments.php
+++ b/plugins/filesystem_attachments/filesystem_attachments.php
@@ -1,7 +1,7 @@
 <?php
 /**
  * Filesystem Attachments
- * 
+ *
  * This is a core plugin which provides basic, filesystem based
  * attachment temporary file handling.  This includes storing
  * attachments of messages currently being composed, writing attachments
@@ -13,33 +13,34 @@
  *   require_once('plugins/filesystem_attachments/filesystem_attachments.php');
  *   class myCustom_attachments extends filesystem_attachments
  *
+ * @license GNU GPLv3+
  * @author Ziba Scott <ziba@umich.edu>
  * @author Thomas Bruederli <roundcube@gmail.com>
- * 
  */
 class filesystem_attachments extends rcube_plugin
 {
-    public $task = 'mail';
-    
+    public $task = '?(?!login).*';
+
     function init()
     {
         // Save a newly uploaded attachment
-        $this->add_hook('upload_attachment', array($this, 'upload'));
+        $this->add_hook('attachment_upload', array($this, 'upload'));
 
         // Save an attachment from a non-upload source (draft or forward)
-        $this->add_hook('save_attachment', array($this, 'save'));
+        $this->add_hook('attachment_save', array($this, 'save'));
 
         // Remove an attachment from storage
-        $this->add_hook('remove_attachment', array($this, 'remove'));
+        $this->add_hook('attachment_delete', array($this, 'remove'));
 
         // When composing an html message, image attachments may be shown
-        $this->add_hook('display_attachment', array($this, 'display'));
+        $this->add_hook('attachment_display', array($this, 'display'));
 
         // Get the attachment from storage and place it on disk to be sent
-        $this->add_hook('get_attachment', array($this, 'get_attachment'));
+        $this->add_hook('attachment_get', array($this, 'get'));
 
         // Delete all temp files associated with this user
-        $this->add_hook('cleanup_attachments', array($this, 'cleanup'));
+        $this->add_hook('attachments_cleanup', array($this, 'cleanup'));
+        $this->add_hook('session_destroy', array($this, 'cleanup'));
     }
 
     /**
@@ -48,20 +49,21 @@
     function upload($args)
     {
         $args['status'] = false;
+        $group  = $args['group'];
         $rcmail = rcmail::get_instance();
 
         // use common temp dir for file uploads
-        // #1484529: we need absolute path on Windows for move_uploaded_file()
-        $temp_dir = realpath($rcmail->config->get('temp_dir'));
+        $temp_dir = $rcmail->config->get('temp_dir');
         $tmpfname = tempnam($temp_dir, 'rcmAttmnt');
 
         if (move_uploaded_file($args['path'], $tmpfname) && file_exists($tmpfname)) {
-            $args['id'] = count($_SESSION['plugins']['filesystem_attachments']['tmp_files'])+1;
-            $args['path'] = $tmpfname;
+            $args['id']     = $this->file_id();
+            $args['path']   = $tmpfname;
             $args['status'] = true;
+            @chmod($tmpfname, 0600);  // set correct permissions (#1488996)
 
             // Note the file for later cleanup
-            $_SESSION['plugins']['filesystem_attachments']['tmp_files'][] = $tmpfname;
+            $_SESSION['plugins']['filesystem_attachments'][$group][$args['id']] = $tmpfname;
         }
 
         return $args;
@@ -72,22 +74,29 @@
      */
     function save($args)
     {
+        $group = $args['group'];
         $args['status'] = false;
-        $rcmail = rcmail::get_instance();
-        $temp_dir = unslashify($rcmail->config->get('temp_dir'));
-        $tmp_path = tempnam($temp_dir, 'rcmAttmnt');
 
-        if ($fp = fopen($tmp_path, 'w')) {
-            fwrite($fp, $args['data']);
-            fclose($fp);
-            
-            $args['id'] = count($_SESSION['plugins']['filesystem_attachments']['tmp_files'])+1;
-            $args['path'] = $tmp_path;
-            $args['status'] = true;
-            
-            // Note the file for later cleanup
-            $_SESSION['plugins']['filesystem_attachments']['tmp_files'][] = $tmp_path;
+        if (!$args['path']) {
+            $rcmail   = rcmail::get_instance();
+            $temp_dir = $rcmail->config->get('temp_dir');
+            $tmp_path = tempnam($temp_dir, 'rcmAttmnt');
+
+            if ($fp = fopen($tmp_path, 'w')) {
+                fwrite($fp, $args['data']);
+                fclose($fp);
+                $args['path'] = $tmp_path;
+            }
+            else {
+                return $args;
+            }
         }
+
+        $args['id']     = $this->file_id();
+        $args['status'] = true;
+
+        // Note the file for later cleanup
+        $_SESSION['plugins']['filesystem_attachments'][$group][$args['id']] = $args['path'];
 
         return $args;
     }
@@ -118,11 +127,11 @@
      * on disk for use.  This stub function is kept here to make this 
      * class handy as a parent class for other plugins which may need it.
      */
-    function get_attachment($args)
+    function get($args)
     {
         return $args;
     }
-    
+
     /**
      * Delete all temp files associated with this user
      */
@@ -131,14 +140,46 @@
         // $_SESSION['compose']['attachments'] is not a complete record of
         // temporary files because loading a draft or starting a forward copies
         // the file to disk, but does not make an entry in that array
-        if (is_array($_SESSION['plugins']['filesystem_attachments']['tmp_files'])){
-            foreach ($_SESSION['plugins']['filesystem_attachments']['tmp_files'] as $filename){
-                if(file_exists($filename)){
-                    unlink($filename);
+        if (is_array($_SESSION['plugins']['filesystem_attachments'])) {
+            foreach ($_SESSION['plugins']['filesystem_attachments'] as $group => $files) {
+                if ($args['group'] && $args['group'] != $group) {
+                    continue;
                 }
+
+                foreach ((array)$files as $filename) {
+                    if(file_exists($filename)) {
+                        unlink($filename);
+                    }
+                }
+
+                unset($_SESSION['plugins']['filesystem_attachments'][$group]);
             }
-            unset($_SESSION['plugins']['filesystem_attachments']['tmp_files']);
         }
         return $args;
     }
+
+    function file_id()
+    {
+        $userid = rcmail::get_instance()->user->ID;
+        list($usec, $sec) = explode(' ', microtime());
+        $id = preg_replace('/[^0-9]/', '', $userid . $sec . $usec);
+
+        // make sure the ID is really unique (#1489546)
+        while ($this->find_file_by_id($id)) {
+            // increment last four characters
+            $x  = substr($id, -4) + 1;
+            $id = substr($id, 0, -4) . sprintf('%04d', ($x > 9999 ? $x - 9999 : $x));
+        }
+
+        return $id;
+    }
+
+    private function find_file_by_id($id)
+    {
+        foreach ((array) $_SESSION['plugins']['filesystem_attachments'] as $group => $files) {
+            if (isset($files[$id])) {
+                return true;
+            }
+        }
+    }
 }

--
Gitblit v1.9.1