/** * Import a MBOX file into a mailbox. * * @param string $mbox The mailbox name to import into (UTF-8). * @param string $form_name The form field name that contains the MBOX * data. * * @return string Notification message. * @throws Horde_Exception */ public function import($mbox, $form_name) { $GLOBALS['browser']->wasFileUploaded($form_name, _("mailbox file")); $this->_mbox = $mbox; $res = $this->_import($_FILES[$form_name]['tmp_name'], $_FILES[$form_name]['type']); $mbox_name = basename(Horde_Util::dispelMagicQuotes($_FILES[$form_name]['name'])); if ($res === false) { throw new IMP_Exception(sprintf(_("There was an error importing %s."), $mbox_name)); } return sprintf(ngettext('Imported %d message from %s.', 'Imported %d messages from %s', $res), $res, $mbox_name); }
/** * Constructor. * * @param array $vars The list of form variables (if null, defaults * to PHP's $_REQUEST value). If '_formvars' * exists, it must be a JSON encoded array that * contains the list of allowed form variables. * @param string $sanitize Sanitize the input variables? */ public function __construct($vars = array(), $sanitize = false) { if (is_null($vars)) { $request_copy = $_REQUEST; $vars = Horde_Util::dispelMagicQuotes($request_copy); } if (isset($vars['_formvars'])) { $this->_expected = @json_decode($vars['_formvars'], true); unset($vars['_formvars']); } $this->_vars = $vars; if ($sanitize) { $this->sanitize(); } }
function getInfo(&$vars, &$var, &$info) { $name = $var->getVarName(); try { $GLOBALS['browser']->wasFileUploaded($name); $info['name'] = Horde_Util::dispelMagicQuotes($_FILES[$name]['name']); $info['type'] = $_FILES[$name]['type']; $info['tmp_name'] = $_FILES[$name]['tmp_name']; $info['file'] = $_FILES[$name]['tmp_name']; $info['error'] = $_FILES[$name]['error']; $info['size'] = $_FILES[$name]['size']; } catch (Horde_Browser_Exception $e) { } }
/** * Automatic authentication: Find out if the client has HTTP * authentication info present. * * @return boolean Whether or not the client is allowed. */ public function transparent() { if (empty($_SERVER['PHP_AUTH_USER']) || empty($_SERVER['PHP_AUTH_PW'])) { return false; } $this->_credentials['userId'] = $_SERVER['PHP_AUTH_USER']; $this->_credentials['credentials'] = array('password' => Horde_Util::dispelMagicQuotes($_SERVER['PHP_AUTH_PW'])); return true; }
/** * Retrieves the form fields and processes the attachment. */ public function handleAction() { global $notification, $wicked, $registry, $conf; // Only allow POST commands. $cmd = Horde_Util::getPost('cmd'); $version = Horde_Util::getFormData('version'); $is_update = (bool) Horde_Util::getFormData('is_update'); $filename = Horde_Util::getFormData('filename'); $change_log = Horde_Util::getFormData('change_log'); // See if we're supposed to delete an attachment. if ($cmd == 'delete' && $filename && $version) { if (!$this->allows(Wicked::MODE_REMOVE)) { $notification->push(_("You do not have permission to delete attachments from this page."), 'horde.error'); return; } try { $wicked->removeAttachment($wicked->getPageId($this->referrer()), $filename, $version); $notification->push(sprintf(_("Successfully deleted version %s of \"%s\" from \"%s\""), $version, $filename, $this->referrer()), 'horde.success'); } catch (Wicked_Exception $e) { $notification->push($result->getMessage(), 'horde.error'); } return; } if (empty($filename)) { $filename = Horde_Util::dispelMagicQuotes($_FILES['attachment_file']['name']); } try { $GLOBALS['browser']->wasFileUploaded('attachment_file', _("attachment")); } catch (Horde_Browser_Exception $e) { $notification->push($e, 'horde.error'); return; } if (strpos($filename, ' ') !== false) { $notification->push(_("Attachments with spaces can't be embedded into a page."), 'horde.warning'); } $data = file_get_contents($_FILES['attachment_file']['tmp_name']); if ($data === false) { $notification->push(_("Can't read uploaded file."), 'horde.error'); return; } if (!$this->allows(Wicked::MODE_EDIT)) { $notification->push(sprintf(_("You do not have permission to edit \"%s\""), $this->referrer()), 'horde.error'); return; } if ($conf['wicked']['require_change_log'] && empty($change_log)) { $notification->push(_("You must enter a change description to attach this file."), 'horde.error'); return; } $referrer_id = $wicked->getPageId($this->referrer()); try { $attachments = $wicked->getAttachedFiles($referrer_id); } catch (Wicked_Exception $e) { $notification->push(sprintf(_("Error retrieving attachments: %s"), $e->getMessage()), 'horde.error'); return; } $found = false; foreach ($attachments as $attach) { if ($filename == $attach['attachment_name']) { $found = true; break; } } if ($is_update) { if (!$found) { $notification->push(sprintf(_("Can't update \"%s\": no such attachment."), $filename), 'horde.error'); return; } } else { if ($found) { $notification->push(sprintf(_("There is already an attachment named \"%s\"."), $filename), 'horde.error'); return; } } $file = array('page_id' => $referrer_id, 'attachment_name' => $filename, 'change_log' => $change_log); try { $wicked->attachFile($file, $data); } catch (Wicked_Exception $e) { $notification->push($e); Horde::log($e); throw $e; } if ($is_update) { $message = sprintf(_("Updated attachment \"%s\" on page \"%s\"."), $filename, $this->referrer()); } else { $message = sprintf(_("New attachment \"%s\" to page \"%s\"."), $filename, $this->referrer()); } $notification->push($message, 'horde.success'); $url = Wicked::url($this->referrer(), true, -1); Wicked::mail($message . ' ' . _("View page: ") . $url . "\n", array('Subject' => '[' . $registry->get('name') . '] attachment: ' . $this->referrer() . ', ' . $filename)); }
echo '</form>'; $PUBLISH_ONBACK = 'folder.submit();'; $PUBLISH_BUTTONS = 'true,false,true'; } else { echo '<form id="folder">'; Horde_Util::pformInput(); echo '<input type="hidden" name="gallery" value="' . $galleryId . '" />'; echo '<input type="hidden" name="cmd" value="list" />'; echo '</form>'; $PUBLISH_CMD = 'folder.submit();'; } } // We're adding a photo. if ($cmd == 'add') { $galleryId = Horde_Util::getFormData('gallery'); $name = isset($_FILES['imagefile']['name']) ? Horde_Util::dispelMagicQuotes($_FILES['imagefile']['name']) : null; $file = isset($_FILES['imagefile']['tmp_name']) ? $_FILES['imagefile']['tmp_name'] : null; if (!$galleryId || !$GLOBALS['injector']->getInstance('Ansel_Storage')->galleryExists($galleryId)) { $error = _("Invalid gallery specified.") . "<br />\n"; } else { try { $gallery = $GLOBALS['injector']->getInstance('Ansel_Storage')->getGallery($galleryId); if (!$gallery->hasPermission($GLOBALS['registry']->getAuth(), Horde_Perms::EDIT)) { $error = _("Access denied adding photos to this gallery."); } else { $error = false; } } catch (Ansel_Exception $e) { $error = _("There was an error accessing the gallery."); } }
} catch (Gollem_Exception $e) { $notification->push(sprintf(_("Unable to delete file %s: %s"), $item, $e->getMessage()), 'horde.error'); } } } } } break; case 'upload_file': if ($edit_perms) { for ($i = 1, $l = count($_FILES); $i <= $l; ++$i) { $val = 'file_upload_' . $i; if (isset($_FILES[$val]) && $_FILES[$val]['error'] != 4) { try { $browser->wasFileUploaded($val); $filename = Horde_Util::dispelMagicQuotes($_FILES[$val]['name']); Gollem::writeFile($old_dir, $filename, $_FILES[$val]['tmp_name']); Gollem::expireCache($old_dir); $notification->push(sprintf(_("File received: %s"), $filename), 'horde.success'); } catch (Gollem_Exception $e) { $notification->push($e, 'horde.error'); } } } } break; case 'copy_items': case 'cut_items': if ($edit_perms) { $action = $vars->actionID == 'copy_items' ? 'copy' : 'cut'; if (is_array($vars->items) && count($vars->items)) {
/** * Add attachment from uploaded (form) data. * * @param string $field The form field name. * * @return array A list of IMP_Compose_Attachment objects (if * successfully attached) or IMP_Compose_Exception objects * (if error when attaching). * @throws IMP_Compose_Exception */ public function addAttachmentFromUpload($field) { global $browser; try { $browser->wasFileUploaded($field, _("attachment")); } catch (Horde_Browser_Exception $e) { throw new IMP_Compose_Exception($e); } $finfo = array(); if (is_array($_FILES[$field]['size'])) { for ($i = 0; $i < count($_FILES[$field]['size']); ++$i) { $tmp = array(); foreach ($_FILES[$field] as $key => $val) { $tmp[$key] = $val[$i]; } $finfo[] = $tmp; } } else { $finfo[] = $_FILES[$field]; } $out = array(); foreach ($finfo as $val) { switch (empty($val['type']) ? $val['type'] : '') { case 'application/unknown': case '': $type = 'application/octet-stream'; break; default: $type = $val['type']; break; } try { $out[] = $this->_addAttachment($val['tmp_name'], $val['size'], Horde_Util::dispelMagicQuotes($val['name']), $type); } catch (IMP_Compose_Exception $e) { $out[] = $e; } } return $out; }