/** * @param Attachment $attachment * @return $this */ public function attach(Attachment $attachment) { $mailAttachment = \Swift_Attachment::fromPath($attachment->getFile()); if ($attachment->getFilename() !== null) { $mailAttachment->setFilename($attachment->getFilename()); } if ($attachment->getMimeType() !== null) { $mailAttachment->setContentType($attachment->getMimeType()); } $this->message->attach($mailAttachment); return $this; }
/** * View single attachment (basically, load it and forward it to the user) * * @param void * @return null */ function view() { if ($this->active_attachment->isNew()) { $this->httpError(HTTP_ERR_NOT_FOUND); } // if if (!$this->active_attachment->canView($this->logged_user)) { $this->httpError(HTTP_ERR_FORBIDDEN); } // if // Fix problem with non-ASCII characters in IE $filename = $this->active_attachment->getName(); if (isset($_SERVER['HTTP_USER_AGENT']) && strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false) { $filename = urlencode($filename); } // if $as_attachment = $this->request->get('disposition', 'attachment') == 'attachment'; download_file($this->active_attachment->getFilePath(), $this->active_attachment->getMimeType(), $filename, $as_attachment); die; }
// Remove all attempts to get at other parts of the file system $attachment = str_replace('/../', '/', $attachment); $filename = urldecode(basename($attachment)); $extension = ''; if (($extensionStart = strrpos($attachment, '.')) !== false) { $extension = strtolower(substr($attachment, $extensionStart + 1)); $attachment = substr($attachment, 0, $extensionStart); } $attachmentId = (int) ltrim($attachment, " 0\t\n\r"); $attachmentObj = new Attachment($attachmentId); if (!$attachmentObj->exists()) { header('HTTP/1.0 404 Not Found'); echo 'Error 404: File not found'; exit; } header('Content-Type: ' . $attachmentObj->getMimeType()); if ($g_download == 1) { header('Content-Disposition: ' . $attachmentObj->getContentDisposition() . '; filename="' . $attachmentObj->getFileName()) . '"'; } else { if ($g_show_in_browser == 1) { header('Content-Disposition: inline; filename="' . $attachmentObj->getFileName()) . '"'; } else { if (!$attachmentObj->getContentDisposition() && strstr($attachmentObj->getMimeType(), 'image/') && (strstr($_SERVER['HTTP_ACCEPT'], $attachmentObj->getMimeType()) || strstr($_SERVER['HTTP_ACCEPT'], '*/*'))) { header('Content-Disposition: inline; filename="' . $attachmentObj->getFileName()) . '"'; } else { header('Content-Disposition: ' . $attachmentObj->getContentDisposition() . '; filename="' . $attachmentObj->getFileName()) . '"'; } } } header('Content-Length: ' . $attachmentObj->getSizeInBytes()); $filePath = $attachmentObj->getStorageLocation();
<tr> <td><IMG SRC="<?php echo $Campsite["ADMIN_IMAGE_BASE_URL"]; ?> /left_arrow.png" BORDER="0"></td> <td><a href="<?php echo camp_html_article_url($articleObj, $f_language_id, "edit.php"); ?> "><b><?php echo $translator->trans("Back to Edit Article"); ?> </b></a></td> </table> <P> <?php if (strstr($attachmentObj->getMimeType(), "image/") && (strstr($_SERVER['HTTP_ACCEPT'], $attachmentObj->getMimeType()) || strstr($_SERVER['HTTP_ACCEPT'], "*/*"))) { ?> <div class="indent"> <IMG SRC="<?php echo $attachmentObj->getAttachmentUrl(); ?> " style="max-width: 600px;" BORDER="0" ALT="<?php echo htmlspecialchars($attachmentObj->getDescription($f_language_selected)); ?> "> </div> <P> <?php } ?> <FORM NAME="dialog" METHOD="POST" ACTION="/<?php
} else { $crumbs = array(); $crumbs[] = array(getGS("Actions"), ""); $crumbs[] = array(getGS("Edit article"), camp_html_article_url($articleObj, $f_language_id, "edit.php")); $crumbs[] = array(getGS("Attachments"), ""); $crumbs[] = array($title, ""); echo camp_html_breadcrumbs($crumbs); } ?> <table cellpadding="1" cellspacing="0" class="action_buttons" style="padding-top: 10px;"> <tr> <td><IMG SRC="<?php echo $Campsite["ADMIN_IMAGE_BASE_URL"]; ?>/left_arrow.png" BORDER="0"></td> <td><a href="<?php echo camp_html_article_url($articleObj, $f_language_id, "edit.php"); ?>"><b><?php putGS("Back to Edit Article"); ?></b></a></td> </table> <P> <?php if (strstr($attachmentObj->getMimeType(), "image/") && (strstr($_SERVER['HTTP_ACCEPT'], $attachmentObj->getMimeType()) || (strstr($_SERVER['HTTP_ACCEPT'], "*/*")))) { ?> <div class="indent"> <IMG SRC="<?php echo $attachmentObj->getAttachmentUrl(); ?>" BORDER="0" ALT="<?php echo htmlspecialchars($attachmentObj->getDescription($f_language_selected)); ?>"> </div> <P> <?php } ?> <FORM NAME="dialog" METHOD="POST" ACTION="do_edit.php" > <TABLE BORDER="0" CELLSPACING="0" CELLPADDING="6" class="table_input" width="400px"> <TR> <TD COLSPAN="2"> <B><?php p($title); ?></B> <HR NOSHADE SIZE="1" COLOR="BLACK"> </TD> </TR>
<p class="dates"><?php putGS('Created'); ?> : <?php echo $object->getTimeCreated(); ?> , <?php putGS('Last modified'); ?> : <?php echo $object->getLastModified(); ?> </p> <?php echo new MediaPlayer($object->getAttachmentUrl() . '?g_show_in_browser=1', $object->getMimeType()); ?> <dl class="attachment"> <dt><?php putGS('Type'); ?> :</dt> <dd><?php echo $object->getMimeType(); ?> </dd> <dt><?php putGS('Size'); ?>
$extension = ''; if (($extensionStart = strrpos($attachment, '.')) !== false) { $extension = strtolower(substr($attachment, $extensionStart + 1)); $attachment = substr($attachment, 0, $extensionStart); } $attachmentId = (int)ltrim($attachment, " 0\t\n\r\0"); $attachmentObj = new Attachment($attachmentId); if (!$attachmentObj->exists()) { header('HTTP/1.0 404 Not Found'); echo 'Error 404: File not found'; exit; } header('Content-Type: ' . $attachmentObj->getMimeType()); if ($g_download == 1) { header('Content-Disposition: ' . $attachmentObj->getContentDisposition() . '; filename="' . $attachmentObj->getFileName()).'"'; } else if ($g_show_in_browser == 1) { header('Content-Disposition: inline; filename="' . $attachmentObj->getFileName()).'"'; } else { if (!$attachmentObj->getContentDisposition() && strstr($attachmentObj->getMimeType(), "image/") && (strstr($_SERVER['HTTP_ACCEPT'], $attachmentObj->getMimeType()) || (strstr($_SERVER['HTTP_ACCEPT'], "*/*")))) { header('Content-Disposition: inline; filename="' . $attachmentObj->getFileName()).'"'; } else { header('Content-Disposition: ' . $attachmentObj->getContentDisposition() . '; filename="' . $attachmentObj->getFileName()).'"'; }