Пример #1
1
 // fill-in and submit a pickup form when a dropoff on the page
 // is clicked.
 //
 $iMax = count($allDropoffs);
 $totalsize = 0;
 $smarty->assign('countDropoffs', $iMax);
 if ($allDropoffs && $iMax > 0) {
     $outputDropoffs = array();
     $i = 0;
     foreach ($allDropoffs as $dropoff) {
         $outputDropoffs[$i] = array();
         $outputDropoffs[$i]['claimID'] = $dropoff->claimID();
         $outputDropoffs[$i]['senderName'] = $dropoff->senderName();
         $outputDropoffs[$i]['senderOrg'] = $dropoff->senderOrganization();
         $outputDropoffs[$i]['senderEmail'] = $dropoff->senderEmail();
         $outputDropoffs[$i]['createdDate'] = timeForDate($dropoff->created());
         $outputDropoffs[$i]['formattedBytes'] = $dropoff->formattedBytes();
         $outputDropoffs[$i]['Bytes'] = $dropoff->Bytes();
         $totalsize += $theDropbox->database()->DBBytesOfDropoff($dropoff->dropoffID());
         $recipients = $allDropoffs[$i]->recipients();
         $j = 0;
         $outputDropoffs[$i]['recipients'] = array();
         foreach ($dropoff->recipients() as $recipient) {
             $outputDropoffs[$i]['recipients'][$j] = array();
             $outputDropoffs[$i]['recipients'][$j]['name'] = htmlentities($recipient[0]);
             $outputDropoffs[$i]['recipients'][$j]['email'] = htmlentities($recipient[1]);
             $j++;
         }
         $i++;
     }
     $smarty->assignByRef('dropoffs', $outputDropoffs);
Пример #2
0
function timestampForDate($aDate = NULL)
{
    return timestampForTime(timeForDate($aDate));
}
Пример #3
0
 public function HTMLSummary($clickable = FALSE, $overrideShowRecips = FALSE)
 {
     global $smarty;
     $curUser = $this->_dropbox->authorizedUser();
     $curUserEmail = $this->_dropbox->authorizedUserData("mail");
     $isSender = FALSE;
     $isAdmin = FALSE;
     $overrideShowRecips = FALSE;
     if ($curUser) {
         if ($curUserEmail && strcasecmp($curUserEmail, $this->_senderEmail) == 0) {
             $isSender = TRUE;
         }
         if ($this->_dropbox->authorizedUserData('grantAdminPriv')) {
             $isAdmin = TRUE;
         }
         if ($curUser == $this->_authorizedUser || $isSender) {
             $overrideShowRecips = TRUE;
         }
     }
     if ($this->_senderIP) {
         //  Try to get a hostname for the IP, too:
         $remoteHostName = gethostbyaddr($this->_senderIP);
     }
     if (count($this->_recipients) == 1) {
         $isSingleRecip = TRUE;
     }
     $smarty->assign('isClickable', $clickable);
     $smarty->assign('isDeleteable', $clickable && ($isAdmin || $isSender || $isSingleRecip));
     $smarty->assign('isSendable', $clickable && $isSender);
     $smarty->assign('inPickupPHP', preg_match('/pickup\\.php/', $_SERVER['PHP_SELF']));
     $smarty->assign('claimPasscode', $this->_claimPasscode);
     $smarty->assign('senderName', $this->_senderName);
     $smarty->assign('senderOrg', $this->_senderOrganization);
     $smarty->assign('senderEmail', $this->_senderEmail);
     $smarty->assign('senderHost', $remoteHostName);
     $smarty->assign('createdDate', timeForDate($this->created()));
     $smarty->assign('expiryDate', timeForDate($this->created()) + 3600 * 24 * $this->_dropbox->retainDays());
     $smarty->assign('confirmDelivery', $this->_confirmDelivery ? TRUE : FALSE);
     $smarty->assign('informRecipients', $this->_informRecipients ? TRUE : FALSE);
     $smarty->assign('showRecips', $this->_dropbox->showRecipsOnPickup() || $overrideShowRecips || $this->_dropbox->authorizedUser() && $this->_dropbox->authorizedUserData('grantAdminPriv'));
     // MyZendTo: If there is only 1 recipient then that must be the sender
     if (preg_match('/^[yYtT1]/', MYZENDTO) && count($this->_recipients) <= 1) {
         $smarty->assign('showRecips', FALSE);
     }
     $reciphtml = array();
     foreach ($this->_recipients as $r) {
         $reciphtml[] = array(htmlentities($r[0], ENT_NOQUOTES, 'UTF-8'), htmlentities($r[1], ENT_NOQUOTES, 'UTF-8'));
     }
     $smarty->assign('recipients', $reciphtml);
     $smarty->assign('note', htmlentities($this->_note, ENT_NOQUOTES, 'UTF-8'));
     $smarty->assign('subject', htmlentities($this->_subject, ENT_NOQUOTES, 'UTF-8'));
     $dropoffFiles = $this->_dropbox->database->DBFilesForDropoff($this->_dropoffID);
     $smarty->assign('dropoffFilesCount', count($dropoffFiles));
     // Fill the outputFiles array with all the dropoffFiles, over-riding
     // one or two elements as we go so it's ready-formatted.
     $outputFiles = array();
     $i = 0;
     foreach ($dropoffFiles as $file) {
         $outputFiles[$i] = $file;
         $outputFiles[$i]['basename'] = htmlentities($file['basename'], ENT_NOQUOTES, 'UTF-8');
         $outputFiles[$i]['length'] = NSSFormattedMemSize($file['lengthInBytes']);
         $outputFiles[$i]['description'] = htmlentities($file['description'], ENT_NOQUOTES, 'UTF-8');
         $i++;
     }
     $smarty->assignByRef('files', $outputFiles);
     // This is where the cross-site scripting vulnerability lies
     $emailAddr = isset($_POST['emailAddr']) ? $_POST['emailAddr'] : (isset($_GET['emailAddr']) ? $_GET['emailAddr'] : NULL);
     if (strlen(trim($emailAddr)) > 0) {
         if (preg_match($this->_dropbox->validEmailRegexp(), $emailAddr, $eAParts)) {
             $emailAddr = $eAParts[1] . "@" . $eAParts[2];
         }
         /* else {
              $emailAddr = "Invalid_email_address";
            } */
     } else {
         // No email address at all, so it wasn't invalid but blank.
         $emailAddr = $smarty->getConfigVariable('UnknownRecipient');
     }
     $smarty->assign('emailAddr', $emailAddr);
     $smarty->assign('downloadURL', 'download.php?claimID=' . $this->_claimID . '&claimPasscode=' . $this->_claimPasscode . ($emailAddr ? '&emailAddr=' . $emailAddr : ''));
     $pickups = $this->_dropbox->database->DBPickupsForDropoff($this->_dropoffID);
     $smarty->assign('pickupsCount', count($pickups));
     // Fill the outputPickups array with all the pickups, over-riding
     // one or two elements as we go so it's ready-formatted.
     $outputPickups = array();
     $i = 0;
     foreach ($pickups as $pickup) {
         $outputPickups[$i] = $pickup;
         $hostname = gethostbyaddr($pickups[$i]['recipientIP']);
         if ($hostname != $pickups[$i]['recipientIP']) {
             $hostname = "{$hostname} (" . $pickups[$i]['recipientIP'] . ")";
         }
         $outputPickups[$i]['hostname'] = htmlentities($hostname, ENT_NOQUOTES, 'UTF-8');
         $outputPickups[$i]['pickupDate'] = timeForTimestamp($pickups[$i]['pickupTimestamp']);
         $authorizedUser = htmlentities($pickups[$i]['authorizedUser'], ENT_NOQUOTES, 'UTF-8');
         if (!$authorizedUser) {
             $authorizedUser = $pickups[$i]['emailAddr'];
         }
         $outputPickups[$i]['pickedUpBy'] = $authorizedUser;
         $i++;
     }
     $smarty->assignByRef('pickups', $outputPickups);
 }