/** * Process template and write to stdOut * * @param string HTML template * @see rcube_html_page::write() * @override */ public function write($template = '') { // unlock interface after iframe load $unlock = preg_replace('/[^a-z0-9]/i', '', $_REQUEST['_unlock']); if ($this->framed) { array_unshift($this->js_commands, array('set_busy', false, null, $unlock)); } else { if ($unlock) { array_unshift($this->js_commands, array('hide_message', $unlock)); } } if (!empty($this->script_files)) { $this->set_env('request_token', $this->app->get_request_token()); } // write all env variables to client $js = $this->framed ? "if(window.parent) {\n" : ''; $js .= $this->get_js_commands() . ($this->framed ? ' }' : ''); $this->add_script($js, 'head_top'); // send clickjacking protection headers $iframe = $this->framed || !empty($_REQUEST['_framed']); if (!headers_sent() && ($xframe = $this->app->config->get('x_frame_options', 'sameorigin'))) { header('X-Frame-Options: ' . ($iframe && $xframe == 'deny' ? 'sameorigin' : $xframe)); } // call super method parent::write($template, $this->config['skin_path']); }
/** * Deliver an event/task attachment to the client * (similar as in Roundcube core program/steps/mail/get.inc) */ public function attachment_get($attachment) { ob_end_clean(); if ($attachment && $attachment['body']) { // allow post-processing of the attachment body $part = new rcube_message_part(); $part->filename = $attachment['name']; $part->size = $attachment['size']; $part->mimetype = $attachment['mimetype']; $plugin = $this->rc->plugins->exec_hook('message_part_get', array('body' => $attachment['body'], 'mimetype' => strtolower($attachment['mimetype']), 'download' => !empty($_GET['_download']), 'part' => $part)); if ($plugin['abort']) { exit; } $mimetype = $plugin['mimetype']; list($ctype_primary, $ctype_secondary) = explode('/', $mimetype); $browser = $this->rc->output->browser; // send download headers if ($plugin['download']) { header("Content-Type: application/octet-stream"); if ($browser->ie) { header("Content-Type: application/force-download"); } } else { if ($ctype_primary == 'text') { header("Content-Type: text/{$ctype_secondary}"); } else { header("Content-Type: {$mimetype}"); header("Content-Transfer-Encoding: binary"); } } // display page, @TODO: support text/plain (and maybe some other text formats) if ($mimetype == 'text/html' && empty($_GET['_download'])) { $OUTPUT = new rcube_html_page(); // @TODO: use washtml on $body $OUTPUT->write($plugin['body']); } else { // don't kill the connection if download takes more than 30 sec. @set_time_limit(0); $filename = $attachment['name']; $filename = preg_replace('[\\r\\n]', '', $filename); if ($browser->ie && $browser->ver < 7) { $filename = rawurlencode(abbreviate_string($filename, 55)); } else { if ($browser->ie) { $filename = rawurlencode($filename); } else { $filename = addcslashes($filename, '"'); } } $disposition = !empty($_GET['_download']) ? 'attachment' : 'inline'; header("Content-Disposition: {$disposition}; filename=\"{$filename}\""); echo $plugin['body']; } exit; } // if we arrive here, the requested part was not found header('HTTP/1.1 404 Not Found'); exit; }
/** * Process template and write to stdOut * * @param string HTML template * @see rcube_html_page::write() * @override */ public function write($template = '') { // unlock interface after iframe load if ($this->framed) { array_unshift($this->js_commands, array('set_busy', false)); } // write all env variables to client $js = $this->framed ? "if(window.parent) {\n" : ''; $js .= $this->get_js_commands() . ($this->framed ? ' }' : ''); $this->add_script($js, 'head_top'); // make sure all <form> tags have a valid request token $template = preg_replace_callback('/<form\\s+([^>]+)>/Ui', array($this, 'alter_form_tag'), $template); $this->footer = preg_replace_callback('/<form\\s+([^>]+)>/Ui', array($this, 'alter_form_tag'), $this->footer); // call super method parent::write($template, $this->config['skin_path']); }
/** * Process template and write to stdOut * * @param string HTML template * @see rcube_html_page::write() * @override */ public function write($template = '') { // unlock interface after iframe load if ($this->framed) { array_unshift($this->js_commands, array('set_busy', false)); } // write all env variables to client $js = $this->framed ? "if(window.parent) {\n" : ''; $js .= $this->get_js_commands() . ($this->framed ? ' }' : ''); $this->add_script($js, 'head_top'); // call super method parent::write($template, $this->config['skin_path']); }