Commit 71606b6e authored by Carsten  Rose's avatar Carsten Rose
Browse files

Download.php: better default filename of download, if none is explizit given.

Sendmail.php: Remove the optin '-q'  (quiet) from 'sendEmail' to see problems with broken parameter. Fix problem with missing '-a' for first attachment. Escape all Shell arguments before calling 'sendEmail'. Recode attachmentsBuild().
parent db5ddbd9
......@@ -1099,6 +1099,7 @@ const SENDMAIL_TOKEN_SRC = 'S';
const SENDMAIL_TOKEN_CONCAT = 'C';
const SENDMAIL_TOKEN_DOWNLOAD_FILENAME = 'd';
const SENDMAIL_TOKEN_DOWNLOAD_MODE = 'M';
const SENDMAIL_TOKEN_ATTACHMENT_URL = 'u';
const SENDMAIL_TOKEN_ATTACHMENT_URL_LOCAL = 'U';
......@@ -1168,8 +1169,8 @@ const DOWNLOAD_MODE_PDF = 'pdf';
const DOWNLOAD_MODE_EXCEL = 'excel';
const DOWNLOAD_MODE_ZIP = 'zip';
const DOWNLOAD_EXPORT_FILENAME = '_exportFilename';
const TMP_FILE_PREFIX = 'qfq.temp'; // temporary filename on server of single export file
const DOWNLOAD_OUTPUT_PDF = 'output';
const TMP_FILE_PREFIX = 'qfq.temp.'; // temporary filename on server of single export file
const DOWNLOAD_OUTPUT_FILENAME = 'output';
const DOWNLOAD_SIP_ENCODE_PARAMETER = '_sip';
const OUTPUT_MODE_DIRECT = 'direct';
......
......@@ -174,7 +174,7 @@ class Download {
header("Content-Length: $length");
// If defined as 'attachment': PDFs are not shown inside the browser (if user configured that). Instead, always a 'save as'-dialog appears (Chrome, FF)
// header("Content-Disposition: attachment; filename=$outputFilename");
header("Content-Disposition: inline; filename=\"$outputFilename\"");
header("Content-Disposition: inline; filename=\"$outputFilename\"; name=\"$outputFilename\"");
header("Pragma: no-cache");
header("Expires: 0");
......@@ -295,6 +295,9 @@ class Download {
switch ($downloadMode) {
case DOWNLOAD_MODE_ZIP:
$filename = $this->zipFiles($tmpFiles);
if (empty($vars[DOWNLOAD_EXPORT_FILENAME])) {
$vars[DOWNLOAD_EXPORT_FILENAME] = basename($filename);
}
break;
case DOWNLOAD_MODE_EXCEL:
......@@ -304,12 +307,24 @@ class Download {
case DOWNLOAD_MODE_FILE:
$filename = $tmpFiles[0];
if (empty($vars[DOWNLOAD_EXPORT_FILENAME])) {
$vars[DOWNLOAD_EXPORT_FILENAME] = substr($filename, strpos($filename, '/'));
$vars[DOWNLOAD_EXPORT_FILENAME] = basename($filename);
}
break;
case DOWNLOAD_MODE_PDF:
$filename = $this->concatPdfFiles($tmpFiles);
// try to find a meaningful filename
if (empty($vars[DOWNLOAD_EXPORT_FILENAME])) {
if (count($tmpFiles) > 1) {
$vars[DOWNLOAD_EXPORT_FILENAME] = DOWNLOAD_OUTPUT_FILENAME . ".pdf";
} else {
if (HelperFile::isQfqTemp($filename)) {
$vars[DOWNLOAD_EXPORT_FILENAME] = DOWNLOAD_OUTPUT_FILENAME . ".pdf";
} else {
$vars[DOWNLOAD_EXPORT_FILENAME] = basename($filename);
}
}
}
break;
default:
......@@ -317,20 +332,13 @@ class Download {
break;
}
// Temporary files can be deleted.
if ($this->downloadDebugLog == '') {
HelperFile::cleanTempFiles($tmpFiles);
}
$exportFilename = empty($vars[DOWNLOAD_EXPORT_FILENAME]) ? DOWNLOAD_OUTPUT_PDF : $vars[DOWNLOAD_EXPORT_FILENAME];
switch ($outputMode) {
case OUTPUT_MODE_FILE:
break;
case OUTPUT_MODE_DIRECT:
$this->outputFile($filename, $exportFilename);
$this->outputFile($filename, $vars[DOWNLOAD_EXPORT_FILENAME]);
HelperFile::cleanTempFiles([$filename]);
break;
......
......@@ -109,7 +109,6 @@ class Sendmail {
$args[] = '-f "' . $mailConfig[SENDMAIL_IDX_SENDER] . '"';
$args[] = '-t "' . $mailConfig[SENDMAIL_IDX_RECEIVER] . '"';
$args[] = '-o message-charset="utf-8"';
$args[] = '-q ';
$logFile = $this->store->getVar(SYSTEM_MAIL_LOG, STORE_SYSTEM);
if ($logFile != '' && $logFile !== false) {
......@@ -151,7 +150,9 @@ class Sendmail {
// $args[] = '-a ' . $piece;
// }
$attachments = $this->attachmentsBuild($mailConfig[SENDMAIL_IDX_ATTACHMENT]);
$args[] = implode('-a ', $attachments);
if (!empty($attachments)) {
$args[] = '-a ' . implode(' -a ', $attachments);
}
}
if (!empty($mailConfig[SENDMAIL_IDX_HEADER])) {
......@@ -168,6 +169,7 @@ class Sendmail {
$args[] = $sendEmailOptions;
}
OnArray::arrayEscapeshellarg($args);
$cmd = $sendEmail . ' ' . implode(' ', $args);
exec($cmd, $arr, $rc);
......@@ -257,8 +259,13 @@ class Sendmail {
}
/**
* @param array $attachments
* @return array
*
* @param array $attachments Array of attachments. Per attachment, different & multiple sources are possible.
* [ [ 0 -> 'F:/etc/hostname' ],
* [ 0 -> 'u:http://nzz.ch', 1 -> 'd:nzz.pdf' ],
* [ 0 -> 'd:all.pdf', 1 -> 'U:?id=detailPerson&form=Person&r=1&_sip=1', 2 -> 'F:/etc/hostname' ] ]
* @return array Array of filenames. Those files has to be deleted later, if they are temporary files.
* @throws UserReportException
*/
private function attachmentsBuild(array $attachments) {
$files = array();
......@@ -269,30 +276,73 @@ class Sendmail {
foreach ($attachments as $attach) {
$vars = array();
foreach ($attach as $element) {
// Extract Filename
$exportFilename = '';
$downloadMode = '';
// Per attachment: extract 'mode','filename'. Leave the 'sources' untouched.
foreach ($attach as $key => $element) {
$token = $element[0];
switch ($token) {
case SENDMAIL_TOKEN_DOWNLOAD_FILENAME:
$exportFilename = substr($element, 2);
unset($attach[$key]);
break;
case SENDMAIL_TOKEN_DOWNLOAD_MODE:
$downloadMode = substr($element, 2);
unset($attach[$key]);
break;
case SENDMAIL_TOKEN_ATTACHMENT_FILE:
if ($downloadMode == '') { // Set only if not explicit given.
$downloadMode = DOWNLOAD_MODE_FILE;
}
break;
case SENDMAIL_TOKEN_ATTACHMENT_URL:
case SENDMAIL_TOKEN_ATTACHMENT_URL_LOCAL:
if ($downloadMode == '') { // Set only if not explicit given.
$downloadMode = DOWNLOAD_MODE_PDF;
}
break;
default:
throw new UserReportException('Unknown token in _sendmail: ' . $token, ERROR_UNKNOWN_TOKEN);
break;
}
}
$vars[SIP_DOWNLOAD_PARAMETER] = implode(PARAM_DELIMITER, $attach);
$vars[DOWNLOAD_MODE] = (count($attach) > 1) ? DOWNLOAD_MODE_PDF : $downloadMode;
$exportFilename = '';
foreach ($element as $key => $param) {
$file = $download->process($vars, OUTPUT_MODE_FILE);
if (substr($param, 0, 2) == SENDMAIL_TOKEN_DOWNLOAD_FILENAME . PARAM_TOKEN_DELIMITER) {
$exportFilename = Sanitize::safeFilename(substr($param, 2), true);
if (empty($exportFilename) && HelperFile::isQfqTemp($file)) {
unset($element[$key]);
}
$exportFilename = DOWNLOAD_OUTPUT_FILENAME;
if ($downloadMode == DOWNLOAD_MODE_PDF) {
$exportFilename .= '.pdf';
}
$vars[SIP_DOWNLOAD_PARAMETER] = implode(PARAM_DELIMITER, $element);
$vars[DOWNLOAD_MODE] = DOWNLOAD_MODE_PDF;
$file = $download->process($vars, OUTPUT_MODE_FILE);
if (!empty($exportFilename)) {
$dir = HelperFile::mktempdir();
if (HelperFile::isQfqTemp($file)) {
rename($file, $exportFilename);
$file = $exportFilename;
}
}
// In case an exportFilename is given: move/rename it, if it is necessary.
if (!empty($exportFilename)) {
$exportFilename = Sanitize::safeFilename($exportFilename, true);
$dir = HelperFile::mktempdir(); // Attachments might have the same filename - create one directory per attachment, to ensure same filenames do not conflict.
$exportFilename = $dir . '/' . $exportFilename;
if (HelperFile::isQfqTemp($file)) {
rename($file, $exportFilename);
} else {
copy($file, $exportFilename);
}
$files[] = $file;
$file = $exportFilename;
}
$files[] = $file;
}
return $files;
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment