function importupload()
{
global $pref, $atmail;
//check file size is not too large
if ($_FILES['fileupload']['size'] > $pref['max_msg_size'] * 1048576) {
$this->jsalert = 'csv_import_file_oversize';
return false;
}
// Check file extension
if (!preg_match('/\\.(csv|txt)$/i', $_FILES['fileupload']['name'])) {
$this->jsalert = 'csv_import_bad_filetype';
return false;
}
// Lets do a further (lame) check to test that this IS a csv file
// Just read in first few lines and check format - we require
// at least 2 entries (e.g email_address, first_name) per line
$fh = fopen($_FILES['fileupload']['tmp_name'], 'r');
$del = $this->_get_csv_delimiter($fh);
$row = 0;
while ($row < 5 && ($data = fgetcsv($fh, 10000, $del)) !== FALSE) {
// ignore bank lines
if (is_null($data[0]) || count($data) == 1 && empty($data[0])) {
continue;
}
if (count($data) < 2) {
$this->jsalert = 'csv_import_bad_filetype';
return false;
}
$row++;
}
fclose($fh);
// File appears empty
if ($row == 0 || $row == 1 && isset($_REQUEST['ColumnType'])) {
$this->jsalert = 'csv_import_file_empty';
return false;
}
$filename = $_FILES['fileupload']['name'];
$pathname = AtmailGlobal::escape_pathname($atmail->tmpdir . "{$atmail->Account}-{$filename}");
if (file_exists($pathname)) {
$pathname = AtmailGlobal::escape_pathname($atmail->tmpdir . "{$atmail->Account}" . getmypid() . $filename);
}
if (move_uploaded_file($_FILES['fileupload']['tmp_name'], $pathname)) {
$this->Import = str_replace($atmail->tmpdir, '', $pathname);
} else {
$this->jsalert = 'csv_import_failed';
return false;
}
return true;
}
function create_attachment($filename, $content)
{
global $atmail;
$filename = basename($filename) . ".safe";
$pathname = AtmailGlobal::escape_pathname($atmail->tmpdir . "/{$this->Account}-{$this->Unique}-{$filename}");
file_put_contents($pathname, $content);
$this->attach($pathname);
}
function escape_pathname($path)
{
return AtmailGlobal::escape_pathname($path);
}