This commit has been accessed 542 times via Git panel.
commit 385090d544148bc54f1331eff9c6d10b34f0cee8
tree 49aac92d1abfa0c87315db282a64e8e5825e6472
parent d2530d665fe89ce9b2144ccca4bd169cdcafc35c
author Engels Antonio <engels@majcms.org> 1300133553 +0800
committer Engels Antonio <engels@majcms.org> 1300133553 +0800
Rationalize file attachments and filedrop listings
diff --git a/core.php b/core.php
index 58d82a9..a0c973d 100644
--- a/core.php
+++ b/core.php
@@ -118,4 +118,36 @@ function extract_emails_from($string){
return $matches[0];
}
+function return_bytes($val) {
+ $val = trim($val);
+ $last = $val{strlen($val) - 1};
+
+ switch ($last) {
+ case 'k':
+ case 'K':
+ return(int)$val * 1024;
+ break;
+ case 'm':
+ case 'M':
+ return(int)$val * 1048576;
+ break;
+ default:
+ return $val;
+ } //switch ($last)
+} //function return_bytes($val)
+
+$server_upload_max_filesize = return_bytes(ini_get('upload_max_filesize'));
+$server_post_max_size = return_bytes(ini_get('post_max_size'));
+$server_memory_limit = return_bytes(ini_get('memory_limit'));
+
+$max_file_size = $server_upload_max_filesize;
+
+if ($server_upload_max_filesize > $server_post_max_size) {
+ $max_file_size = $server_post_max_size;
+}
+
+if ($server_post_max_size > $server_memory_limit) {
+ $max_file_size = $server_memory_limit;
+}
+
?>
diff --git a/filedrop.php b/filedrop.php
index 2d0513e..a926d29 100644
--- a/filedrop.php
+++ b/filedrop.php
@@ -6,27 +6,13 @@ if (!isset($_SESSION['logged_uid']) or !isset($_SESSION['logged_lvl']) or !isset
exit;
}
-/*
-$server_upload_max_filesize = return_bytes(ini_get('upload_max_filesize'));
-$server_post_max_size = return_bytes(ini_get('post_max_size'));
-$server_memory_limit = return_bytes(ini_get('memory_limit'));
-
-$max_file_size = $server_upload_max_filesize;
-
-if ($server_upload_max_filesize > $server_post_max_size) {
- $max_file_size = $server_post_max_size;
-}
-
-if ($server_post_max_size > $server_memory_limit) {
- $max_file_size = $server_memory_limit;
-}
-*/
+require_once("core.php");
if (isset($_FILES['filedrop_obj']) and !empty($_FILES['filedrop_obj']) and isset($_POST['filedrop_box']) and !empty($_POST['filedrop_box'])) {
if (is_uploaded_file($_FILES['filedrop_obj']['tmp_name'])) {
- //if ($_FILES['filedrop_obj']['size'] <= $max_file_size) {
+ if ($_FILES['filedrop_obj']['size'] <= $max_file_size) {
$filedrop_dir = sha1($_SESSION['logged_uid']);
@@ -47,10 +33,11 @@ if (isset($_FILES['filedrop_obj']) and !empty($_FILES['filedrop_obj']) and isset
else {
unlink($_FILES['filedrop_obj']['tmp_name']);
}
- //}
- //else {
- // unlink($_FILES['filedrop_obj']['tmp_name']);
- //}
+ }
+ else {
+ unlink($_FILES['filedrop_obj']['tmp_name']);
+ echo "<script>alert(\"Failed to save {$_FILES['filedrop_obj']['name']} because it is too big.\");</script>";
+ }
}
else {
unlink($_FILES['filedrop_obj']['tmp_name']);
diff --git a/index.php b/index.php
index f38bdf7..da542d1 100644
--- a/index.php
+++ b/index.php
@@ -13,7 +13,7 @@ $mail_root = "/var/spool/kartero";
session_start();
-include_once("core.php");
+require_once("core.php");
function rmdirr($recurse_dirname) {
@@ -782,25 +782,29 @@ if (isset($_SESSION['logged_uid'])) {
if (file_exists(".tmp/$do_filedrop_dir/$do_filedrop_box") and (count(glob(".tmp/$do_filedrop_dir/$do_filedrop_box/*")) > 0)) {
- $do_filedrop_dom = sha1($_SERVER['SERVER_NAME']);
- $do_filedrop_num = sha1($reply_subj);
+ $do_reply_from = extract_emails_from($reply_from);
+ $do_reply_to = extract_emails_from($reply_to);
- if (!file_exists("filedrop/$do_filedrop_dom")) {
- mkdir("filedrop/$do_filedrop_dom",0700,1);
+ $do_filedrop_num = $_SERVER['SERVER_NAME'] . $do_reply_from[0] . $do_reply_to[0] . $reply_subj;
+
+ $do_filedrop_num = sha1($do_filedrop_num);
+
+ if (!file_exists("filedrop")) {
+ mkdir("filedrop",0700);
}
- rename(".tmp/$do_filedrop_dir/$do_filedrop_box","filedrop/$do_filedrop_dom/$do_filedrop_num");
+ rename(".tmp/$do_filedrop_dir/$do_filedrop_box","filedrop/$do_filedrop_num");
rmdirr(".tmp/$do_filedrop_dir");
- $do_filedrop_msg = glob("filedrop/$do_filedrop_dom/$do_filedrop_num/*");
+ $do_filedrop_msg = glob("filedrop/$do_filedrop_num/*");
sort($do_filedrop_msg);
reset($do_filedrop_msg);
foreach ($do_filedrop_msg as $do_filedrop_put) {
- $reply_body = $reply_body . "\r\n\r\n" . str_replace("filedrop/$do_filedrop_dom/$do_filedrop_num/","",$do_filedrop_put) . " (" . HumanReadableFilesize(filesize($do_filedrop_put)) . ")\r\n" . "http://" . $_SERVER['SERVER_NAME'] . "/$do_filedrop_put";
+ $reply_body = $reply_body . "\r\n\r\n" . str_replace("filedrop/$do_filedrop_num/","",$do_filedrop_put) . " (" . HumanReadableFilesize(filesize($do_filedrop_put)) . ")\r\n" . "http://" . $_SERVER['SERVER_NAME'] . "/$do_filedrop_put";
}
}
}
diff --git a/post.php b/post.php
index 6e52baf..81072d5 100644
--- a/post.php
+++ b/post.php
@@ -72,12 +72,13 @@ if (isset($_POST['new']) and !empty($_POST['new']) and is_numeric($_POST['new'])
<iframe name="filedrop" src="filedrop.php" frameborder="0" scrolling="0" width="0" height="0"></iframe>
-<table border="0" cellspcaing="0" cellpadding="0">
+<table border="0" cellspacing="0" cellpadding="0">
<form enctype="multipart/form-data" action="filedrop.php" method="post" target="filedrop">
<tr><td>
+<input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $max_file_size; ?>">
<input type="hidden" name="filedrop_box" value="<?php echo $filedrop_box; ?>">
<input type="file" name="filedrop_obj">
-<input type="submit">
+<input type="submit" value="Upload">
</td></tr>
</form>
</table>
diff --git a/read.php b/read.php
index c502958..0e5a0b2 100644
--- a/read.php
+++ b/read.php
@@ -271,7 +271,12 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
*/
reset($attachDisplay);
- $filePath = "filedrop/" . sha1($_SERVER['SERVER_NAME']) ."/" . sha1($header->subject);
+ $do_fromaddress = extract_emails_from($header->fromaddress);
+ $do_toaddress = extract_emails_from($header->toaddress);
+
+ $filePath = $_SERVER['SERVER_NAME'] . $do_fromaddress[0] . $do_toaddress[0] . $header->subject;
+
+ $filePath = "filedrop/" . sha1($filePath);
if (sizeof($attachDisplay) > 0) {
diff --git a/send.php b/send.php
index 832d0e0..8bc6d87 100644
--- a/send.php
+++ b/send.php
@@ -162,7 +162,12 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
echo $reply_quote;
- $filePath = "filedrop/" . sha1($_SERVER['SERVER_NAME']) ."/" . sha1($header->subject);
+ $do_fromaddress = extract_emails_from($header->fromaddress);
+ $do_toaddress = extract_emails_from($header->toaddress);
+
+ $filePath = $_SERVER['SERVER_NAME'] . $do_fromaddress[0] . $do_toaddress[0] . $header->subject;
+
+ $filePath = "filedrop/" . sha1($filePath);
if (file_exists("$filePath")) {
@@ -197,7 +202,6 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
echo "<input type=\"hidden\" name=\"mbox_min\" value=\"$mbox_min\">";
echo "<input type=\"hidden\" name=\"box\" value=\"$folder\">";
echo "<input type=\"hidden\" name=\"msg\" value=\"$msgno\">";
-
echo "<input type=\"hidden\" name=\"filedrop_box\" value=\"$filedrop_box\">";
echo "<tr><td></td><td align=\"right\"><div class=\"label\"><input type=\"image\" src=\"images/mail-reply.png\"></div><div class=\"label\">send</div></td></tr>";
@@ -218,12 +222,13 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
<iframe name="filedrop" src="filedrop.php" frameborder="0" scrolling="0" width="0" height="0"></iframe>
-<table border="0" cellspcaing="0" cellpadding="0">
+<table border="0" cellspacing="0" cellpadding="0">
<form enctype="multipart/form-data" action="filedrop.php" method="post" target="filedrop">
<tr><td>
+<input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $max_file_size; ?>">
<input type="hidden" name="filedrop_box" value="<?php echo $filedrop_box; ?>">
<input type="file" name="filedrop_obj">
-<input type="submit">
+<input type="submit" value="Upload">
</td></tr>
</form>
</table>
tree 49aac92d1abfa0c87315db282a64e8e5825e6472
parent d2530d665fe89ce9b2144ccca4bd169cdcafc35c
author Engels Antonio <engels@majcms.org> 1300133553 +0800
committer Engels Antonio <engels@majcms.org> 1300133553 +0800
Rationalize file attachments and filedrop listings
diff --git a/core.php b/core.php
index 58d82a9..a0c973d 100644
--- a/core.php
+++ b/core.php
@@ -118,4 +118,36 @@ function extract_emails_from($string){
return $matches[0];
}
+function return_bytes($val) {
+ $val = trim($val);
+ $last = $val{strlen($val) - 1};
+
+ switch ($last) {
+ case 'k':
+ case 'K':
+ return(int)$val * 1024;
+ break;
+ case 'm':
+ case 'M':
+ return(int)$val * 1048576;
+ break;
+ default:
+ return $val;
+ } //switch ($last)
+} //function return_bytes($val)
+
+$server_upload_max_filesize = return_bytes(ini_get('upload_max_filesize'));
+$server_post_max_size = return_bytes(ini_get('post_max_size'));
+$server_memory_limit = return_bytes(ini_get('memory_limit'));
+
+$max_file_size = $server_upload_max_filesize;
+
+if ($server_upload_max_filesize > $server_post_max_size) {
+ $max_file_size = $server_post_max_size;
+}
+
+if ($server_post_max_size > $server_memory_limit) {
+ $max_file_size = $server_memory_limit;
+}
+
?>
diff --git a/filedrop.php b/filedrop.php
index 2d0513e..a926d29 100644
--- a/filedrop.php
+++ b/filedrop.php
@@ -6,27 +6,13 @@ if (!isset($_SESSION['logged_uid']) or !isset($_SESSION['logged_lvl']) or !isset
exit;
}
-/*
-$server_upload_max_filesize = return_bytes(ini_get('upload_max_filesize'));
-$server_post_max_size = return_bytes(ini_get('post_max_size'));
-$server_memory_limit = return_bytes(ini_get('memory_limit'));
-
-$max_file_size = $server_upload_max_filesize;
-
-if ($server_upload_max_filesize > $server_post_max_size) {
- $max_file_size = $server_post_max_size;
-}
-
-if ($server_post_max_size > $server_memory_limit) {
- $max_file_size = $server_memory_limit;
-}
-*/
+require_once("core.php");
if (isset($_FILES['filedrop_obj']) and !empty($_FILES['filedrop_obj']) and isset($_POST['filedrop_box']) and !empty($_POST['filedrop_box'])) {
if (is_uploaded_file($_FILES['filedrop_obj']['tmp_name'])) {
- //if ($_FILES['filedrop_obj']['size'] <= $max_file_size) {
+ if ($_FILES['filedrop_obj']['size'] <= $max_file_size) {
$filedrop_dir = sha1($_SESSION['logged_uid']);
@@ -47,10 +33,11 @@ if (isset($_FILES['filedrop_obj']) and !empty($_FILES['filedrop_obj']) and isset
else {
unlink($_FILES['filedrop_obj']['tmp_name']);
}
- //}
- //else {
- // unlink($_FILES['filedrop_obj']['tmp_name']);
- //}
+ }
+ else {
+ unlink($_FILES['filedrop_obj']['tmp_name']);
+ echo "<script>alert(\"Failed to save {$_FILES['filedrop_obj']['name']} because it is too big.\");</script>";
+ }
}
else {
unlink($_FILES['filedrop_obj']['tmp_name']);
diff --git a/index.php b/index.php
index f38bdf7..da542d1 100644
--- a/index.php
+++ b/index.php
@@ -13,7 +13,7 @@ $mail_root = "/var/spool/kartero";
session_start();
-include_once("core.php");
+require_once("core.php");
function rmdirr($recurse_dirname) {
@@ -782,25 +782,29 @@ if (isset($_SESSION['logged_uid'])) {
if (file_exists(".tmp/$do_filedrop_dir/$do_filedrop_box") and (count(glob(".tmp/$do_filedrop_dir/$do_filedrop_box/*")) > 0)) {
- $do_filedrop_dom = sha1($_SERVER['SERVER_NAME']);
- $do_filedrop_num = sha1($reply_subj);
+ $do_reply_from = extract_emails_from($reply_from);
+ $do_reply_to = extract_emails_from($reply_to);
- if (!file_exists("filedrop/$do_filedrop_dom")) {
- mkdir("filedrop/$do_filedrop_dom",0700,1);
+ $do_filedrop_num = $_SERVER['SERVER_NAME'] . $do_reply_from[0] . $do_reply_to[0] . $reply_subj;
+
+ $do_filedrop_num = sha1($do_filedrop_num);
+
+ if (!file_exists("filedrop")) {
+ mkdir("filedrop",0700);
}
- rename(".tmp/$do_filedrop_dir/$do_filedrop_box","filedrop/$do_filedrop_dom/$do_filedrop_num");
+ rename(".tmp/$do_filedrop_dir/$do_filedrop_box","filedrop/$do_filedrop_num");
rmdirr(".tmp/$do_filedrop_dir");
- $do_filedrop_msg = glob("filedrop/$do_filedrop_dom/$do_filedrop_num/*");
+ $do_filedrop_msg = glob("filedrop/$do_filedrop_num/*");
sort($do_filedrop_msg);
reset($do_filedrop_msg);
foreach ($do_filedrop_msg as $do_filedrop_put) {
- $reply_body = $reply_body . "\r\n\r\n" . str_replace("filedrop/$do_filedrop_dom/$do_filedrop_num/","",$do_filedrop_put) . " (" . HumanReadableFilesize(filesize($do_filedrop_put)) . ")\r\n" . "http://" . $_SERVER['SERVER_NAME'] . "/$do_filedrop_put";
+ $reply_body = $reply_body . "\r\n\r\n" . str_replace("filedrop/$do_filedrop_num/","",$do_filedrop_put) . " (" . HumanReadableFilesize(filesize($do_filedrop_put)) . ")\r\n" . "http://" . $_SERVER['SERVER_NAME'] . "/$do_filedrop_put";
}
}
}
diff --git a/post.php b/post.php
index 6e52baf..81072d5 100644
--- a/post.php
+++ b/post.php
@@ -72,12 +72,13 @@ if (isset($_POST['new']) and !empty($_POST['new']) and is_numeric($_POST['new'])
<iframe name="filedrop" src="filedrop.php" frameborder="0" scrolling="0" width="0" height="0"></iframe>
-<table border="0" cellspcaing="0" cellpadding="0">
+<table border="0" cellspacing="0" cellpadding="0">
<form enctype="multipart/form-data" action="filedrop.php" method="post" target="filedrop">
<tr><td>
+<input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $max_file_size; ?>">
<input type="hidden" name="filedrop_box" value="<?php echo $filedrop_box; ?>">
<input type="file" name="filedrop_obj">
-<input type="submit">
+<input type="submit" value="Upload">
</td></tr>
</form>
</table>
diff --git a/read.php b/read.php
index c502958..0e5a0b2 100644
--- a/read.php
+++ b/read.php
@@ -271,7 +271,12 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
*/
reset($attachDisplay);
- $filePath = "filedrop/" . sha1($_SERVER['SERVER_NAME']) ."/" . sha1($header->subject);
+ $do_fromaddress = extract_emails_from($header->fromaddress);
+ $do_toaddress = extract_emails_from($header->toaddress);
+
+ $filePath = $_SERVER['SERVER_NAME'] . $do_fromaddress[0] . $do_toaddress[0] . $header->subject;
+
+ $filePath = "filedrop/" . sha1($filePath);
if (sizeof($attachDisplay) > 0) {
diff --git a/send.php b/send.php
index 832d0e0..8bc6d87 100644
--- a/send.php
+++ b/send.php
@@ -162,7 +162,12 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
echo $reply_quote;
- $filePath = "filedrop/" . sha1($_SERVER['SERVER_NAME']) ."/" . sha1($header->subject);
+ $do_fromaddress = extract_emails_from($header->fromaddress);
+ $do_toaddress = extract_emails_from($header->toaddress);
+
+ $filePath = $_SERVER['SERVER_NAME'] . $do_fromaddress[0] . $do_toaddress[0] . $header->subject;
+
+ $filePath = "filedrop/" . sha1($filePath);
if (file_exists("$filePath")) {
@@ -197,7 +202,6 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
echo "<input type=\"hidden\" name=\"mbox_min\" value=\"$mbox_min\">";
echo "<input type=\"hidden\" name=\"box\" value=\"$folder\">";
echo "<input type=\"hidden\" name=\"msg\" value=\"$msgno\">";
-
echo "<input type=\"hidden\" name=\"filedrop_box\" value=\"$filedrop_box\">";
echo "<tr><td></td><td align=\"right\"><div class=\"label\"><input type=\"image\" src=\"images/mail-reply.png\"></div><div class=\"label\">send</div></td></tr>";
@@ -218,12 +222,13 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
<iframe name="filedrop" src="filedrop.php" frameborder="0" scrolling="0" width="0" height="0"></iframe>
-<table border="0" cellspcaing="0" cellpadding="0">
+<table border="0" cellspacing="0" cellpadding="0">
<form enctype="multipart/form-data" action="filedrop.php" method="post" target="filedrop">
<tr><td>
+<input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $max_file_size; ?>">
<input type="hidden" name="filedrop_box" value="<?php echo $filedrop_box; ?>">
<input type="file" name="filedrop_obj">
-<input type="submit">
+<input type="submit" value="Upload">
</td></tr>
</form>
</table>