Issues (4069)

Security Analysis    not enabled

This project does not seem to handle request data directly as such no vulnerable execution paths were found.

  Cross-Site Scripting
Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.
  File Exposure
File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.
  File Manipulation
File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.
  Object Injection
Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.
  Code Injection
Code Injection enables an attacker to execute arbitrary code on the server.
  Response Splitting
Response Splitting can be used to send arbitrary responses.
  File Inclusion
File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.
  Command Injection
Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.
  SQL Injection
SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.
  XPath Injection
XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.
  LDAP Injection
LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.
  Header Injection
  Other Vulnerability
This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.
  Regex Injection
Regex Injection enables an attacker to execute arbitrary code in your PHP process.
  XML Injection
XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.
  Variable Injection
Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.
Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

include/nusoap/nusoapmime.php (1 issue)

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

1
<?php
2
3
/*
4
5
Modification information for LGPL compliance
6
7
r56990 - 2010-06-16 13:05:36 -0700 (Wed, 16 Jun 2010) - kjing - snapshot "Mango" svn branch to a new one for GitHub sync
8
9
r56989 - 2010-06-16 13:01:33 -0700 (Wed, 16 Jun 2010) - kjing - defunt "Mango" svn dev branch before github cutover
10
11
r55980 - 2010-04-19 13:31:28 -0700 (Mon, 19 Apr 2010) - kjing - create Mango (6.1) based on windex
12
13
r51719 - 2009-10-22 10:18:00 -0700 (Thu, 22 Oct 2009) - mitani - Converted to Build 3  tags and updated the build system 
14
15
r51634 - 2009-10-19 13:32:22 -0700 (Mon, 19 Oct 2009) - mitani - Windex is the branch for Sugar Sales 1.0 development
16
17
r50375 - 2009-08-24 18:07:43 -0700 (Mon, 24 Aug 2009) - dwong - branch kobe2 from tokyo r50372
18
19
r42807 - 2008-12-29 11:16:59 -0800 (Mon, 29 Dec 2008) - dwong - Branch from trunk/sugarcrm r42806 to branches/tokyo/sugarcrm
20
21
r39619 - 2008-09-09 13:41:34 -0700 (Tue, 09 Sep 2008) - jmertic - Bug 24827 - Remove all instances where we return a new object and assign it by reference, since this is deprecated in PHP 5 and emits E_DEPRECATED errors in PHP 5.3.
22
Touched:
23
- data/SugarBean.php
24
- include/domit/php_http_client_generic.php
25
- include/domit/php_http_connector.php
26
- include/domit/testing_domit.php
27
- include/domit/xml_domit_getelementsbypath.php
28
- include/domit/xml_domit_lite_parser.php
29
- include/domit/xml_domit_nodemaps.php
30
- include/domit/xml_domit_parser.php
31
- include/domit/xml_domit_shared.php
32
- include/generic/SugarWidgets/SugarWidgetField.php
33
- include/generic/SugarWidgets/SugarWidgetReportField.php
34
- include/ListView/ProcessView.php
35
- include/nusoap/class.soapclient.php
36
- include/nusoap/nusoap.php
37
- include/nusoap/nusoapmime.php
38
- include/Pear/HTML_Safe/Safe.php
39
- include/Pear/XML_HTMLSax3/HTMLSax3.php
40
- modules/Administration/RebuildWorkFlow.php
41
- modules/Expressions/RelateSelector.php
42
- modules/Reports/templates/templates_reports.php
43
- modules/WorkFlow/Delete.php
44
- modules/WorkFlow/Save.php
45
- modules/WorkFlow/SaveSequence.php
46
- modules/WorkFlow/WorkFlow.php
47
- modules/WorkFlowActionShells/CreateStep1.php
48
- modules/WorkFlowActionShells/CreateStep2.php
49
- modules/WorkFlowActionShells/Save.php
50
- modules/WorkFlowActionShells/WorkFlowActionShell.php
51
- modules/WorkFlowAlerts/Save.php
52
- modules/WorkFlowAlerts/WorkFlowAlert.php
53
- modules/WorkFlowAlertShells/DetailView.php
54
- modules/WorkFlowAlertShells/WorkFlowAlertShell.php
55
- modules/WorkFlowTriggerShells/CreateStep1.php
56
- modules/WorkFlowTriggerShells/CreateStepFilter.php
57
- modules/WorkFlowTriggerShells/SaveFilter.php
58
- modules/WorkFlowTriggerShells/WorkFlowTriggerShell.php
59
- soap/SoapHelperFunctions.php
60
- test/modules/DynamicFields/DynamicFields_Bug24095_test.php
61
- test/simpletest/browser.php
62
- test/simpletest/default_reporter.php
63
- test/simpletest/detached.php
64
- test/simpletest/eclipse.php
65
- test/simpletest/expectation.php
66
- test/simpletest/extensions/pear_test_case.php
67
- test/simpletest/form.php
68
- test/simpletest/http.php
69
- test/simpletest/mock_objects.php
70
- test/simpletest/page.php
71
- test/simpletest/parser.php
72
- test/simpletest/remote.php
73
- test/simpletest/shell_tester.php
74
- test/simpletest/simple_test.php
75
- test/simpletest/simpletest.php
76
- test/simpletest/test/acceptance_test.php
77
- test/simpletest/test/adapter_test.php
78
- test/simpletest/test/authentication_test.php
79
- test/simpletest/test/browser_test.php
80
- test/simpletest/test/collector_test.php
81
- test/simpletest/test/compatibility_test.php
82
- test/simpletest/test/detached_test.php
83
- test/simpletest/test/eclipse_test.php
84
- test/simpletest/test/encoding_test.php
85
- test/simpletest/test/errors_test.php
86
- test/simpletest/test/expectation_test.php
87
- test/simpletest/test/form_test.php
88
- test/simpletest/test/frames_test.php
89
- test/simpletest/test/http_test.php
90
- test/simpletest/test/live_test.php
91
- test/simpletest/test/mock_objects_test.php
92
- test/simpletest/test/page_test.php
93
- test/simpletest/test/parse_error_test.php
94
- test/simpletest/test/parser_test.php
95
- test/simpletest/test/remote_test.php
96
- test/simpletest/test/shell_test.php
97
- test/simpletest/test/shell_tester_test.php
98
- test/simpletest/test/simpletest_test.php
99
- test/simpletest/test/site/page_request.php
100
- test/simpletest/test/tag_test.php
101
- test/simpletest/test/unit_tester_test.php
102
- test/simpletest/test/user_agent_test.php
103
- test/simpletest/test/visual_test.php
104
- test/simpletest/test/xml_test.php
105
- test/simpletest/test_case.php
106
- test/simpletest/ui/array_reporter/test.php
107
- test/simpletest/ui/recorder/test.php
108
- test/simpletest/unit_tester.php
109
- test/simpletest/url.php
110
- test/simpletest/user_agent.php
111
- test/simpletest/web_tester.php
112
- test/spikephpcoverage/src/PEAR.php
113
- test/spikephpcoverage/src/util/Utility.php
114
- test/spikephpcoverage/src/XML/Parser.php
115
- test/spikephpcoverage/src/XML/Parser/Simple.php
116
- test/test_utilities/SugarTest_SimpleBrowser.php
117
118
r13782 - 2006-06-06 10:58:55 -0700 (Tue, 06 Jun 2006) - majed - changes entry point code
119
120
r11115 - 2006-01-17 14:54:45 -0800 (Tue, 17 Jan 2006) - majed - add entry point validation
121
122
r8991 - 2005-11-03 19:07:25 -0800 (Thu, 03 Nov 2005) - majed - fixes nusoap issue
123
124
r8846 - 2005-10-31 11:01:12 -0800 (Mon, 31 Oct 2005) - majed - new version of nusoap
125
126
r7905 - 2005-09-21 19:12:57 -0700 (Wed, 21 Sep 2005) - majed - restores old nusoap pre & with a few fixes
127
128
r7861 - 2005-09-20 15:40:25 -0700 (Tue, 20 Sep 2005) - majed - & fix for 3.5.1
129
130
r7452 - 2005-08-17 11:32:34 -0700 (Wed, 17 Aug 2005) - majed - changes soap to nusoap
131
132
r5462 - 2005-05-25 13:50:11 -0700 (Wed, 25 May 2005) - majed - upgraded nusoap to .6.9
133
134
r573 - 2004-09-04 13:03:32 -0700 (Sat, 04 Sep 2004) - sugarclint - undoing copyrights added in inadvertantly.  --clint
135
136
r546 - 2004-09-03 11:49:38 -0700 (Fri, 03 Sep 2004) - sugarmsi - removed echo count
137
138
r354 - 2004-08-02 23:00:37 -0700 (Mon, 02 Aug 2004) - sugarjacob - Adding Soap
139
140
141
*/
142
143
144
if(!defined('sugarEntry') || !sugarEntry) die('Not A Valid Entry Point');
145
/*
146
$Id: nusoapmime.php 39619 2008-09-09 20:41:34Z jmertic $
147
148
NuSOAP - Web Services Toolkit for PHP
149
150
Copyright (c) 2002 NuSphere Corporation
151
152
This library is free software; you can redistribute it and/or
153
modify it under the terms of the GNU Lesser General Public
154
License as published by the Free Software Foundation; either
155
version 2.1 of the License, or (at your option) any later version.
156
157
This library is distributed in the hope that it will be useful,
158
but WITHOUT ANY WARRANTY; without even the implied warranty of
159
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
160
Lesser General Public License for more details.
161
162
You should have received a copy of the GNU Lesser General Public
163
License along with this library; if not, write to the Free Software
164
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
165
166
If you have any questions or comments, please email:
167
168
Dietrich Ayala
169
[email protected]
170
http://dietrich.ganx4.com/nusoap
171
172
NuSphere Corporation
173
http://www.nusphere.com
174
175
*/
176
177
/*require_once('nusoap.php');*/
178
/* PEAR Mail_MIME library */
179
require_once('Mail/mimeDecode.php');
180
require_once('Mail/mimePart.php');
181
182
/**
183
* nusoapclientmime client supporting MIME attachments defined at
184
* http://www.w3.org/TR/SOAP-attachments.  It depends on the PEAR Mail_MIME library.
185
*
186
* @author   Scott Nichol <[email protected]>
187
* @author	Thanks to Guillaume and Henning Reich for posting great attachment code to the mail list
188
189
* @access   public
190
*/
191
class nusoapclientmime extends nusoapclient {
192
	/**
193
	 * @var array Each array element in the return is an associative array with keys
194
	 * data, filename, contenttype, cid
195
	 * @access private
196
	 */
197
	var $requestAttachments = array();
198
	/**
199
	 * @var array Each array element in the return is an associative array with keys
200
	 * data, filename, contenttype, cid
201
	 * @access private
202
	 */
203
	var $responseAttachments;
204
	/**
205
	 * @var string
206
	 * @access private
207
	 */
208
	var $mimeContentType;
209
210
	/**
211
	* adds a MIME attachment to the current request.
212
	*
213
	* If the $data parameter contains an empty string, this method will read
214
	* the contents of the file named by the $filename parameter.
215
	*
216
	* If the $cid parameter is false, this method will generate the cid.
217
	*
218
	* @param string $data The data of the attachment
219
	* @param string $filename The filename of the attachment (default is empty string)
220
	* @param string $contenttype The MIME Content-Type of the attachment (default is application/octet-stream)
221
	* @param string $cid The content-id (cid) of the attachment (default is false)
222
	* @return string The content-id (cid) of the attachment
223
	* @access public
224
	*/
225
	function addAttachment($data, $filename = '', $contenttype = 'application/octet-stream', $cid = false) {
226
		if (! $cid) {
227
			$cid = md5(uniqid(time()));
228
		}
229
230
		$info['data'] = $data;
231
		$info['filename'] = $filename;
232
		$info['contenttype'] = $contenttype;
233
		$info['cid'] = $cid;
234
235
		$this->requestAttachments[] = $info;
236
237
		return $cid;
238
	}
239
240
	/**
241
	* clears the MIME attachments for the current request.
242
	*
243
	* @access public
244
	*/
245
	function clearAttachments() {
246
		$this->requestAttachments = array();
247
	}
248
249
	/**
250
	* gets the MIME attachments from the current response.
251
	*
252
	* Each array element in the return is an associative array with keys
253
	* data, filename, contenttype, cid.  These keys correspond to the parameters
254
	* for addAttachment.
255
	*
256
	* @return array The attachments.
257
	* @access public
258
	*/
259
	function getAttachments() {
260
		return $this->responseAttachments;
261
	}
262
263
	/**
264
	* gets the HTTP body for the current request.
265
	*
266
	* @param string $soapmsg The SOAP payload
267
	* @return string The HTTP body, which includes the SOAP payload
268
	* @access private
269
	*/
270
	function getHTTPBody($soapmsg) {
271
		if (count($this->requestAttachments) > 0) {
272
			$params['content_type'] = 'multipart/related; type=text/xml';
273
			$mimeMessage = new Mail_mimePart('', $params);
274
			unset($params);
275
276
			$params['content_type'] = 'text/xml';
277
			$params['encoding']     = '8bit';
278
			$params['charset']      = $this->soap_defencoding;
279
			$mimeMessage->addSubpart($soapmsg, $params);
280
281
			foreach ($this->requestAttachments as $att) {
282
				unset($params);
283
284
				$params['content_type'] = $att['contenttype'];
285
				$params['encoding']     = 'base64';
286
				$params['disposition']  = 'attachment';
287
				$params['dfilename']    = $att['filename'];
288
				$params['cid']          = $att['cid'];
289
290
				if ($att['data'] == '' && $att['filename'] <> '') {
291
				    $data = file_get_contents($att['filename']);
292
					$mimeMessage->addSubpart($data, $params);
293
				} else {
294
					$mimeMessage->addSubpart($att['data'], $params);
295
				}
296
			}
297
298
			$output = $mimeMessage->encode();
299
			$mimeHeaders = $output['headers'];
300
301
			foreach ($mimeHeaders as $k => $v) {
302
				$this->debug("MIME header $k: $v");
303
				if (strtolower($k) == 'content-type') {
304
					// PHP header() seems to strip leading whitespace starting
305
					// the second line, so force everything to one line
306
					$this->mimeContentType = str_replace("\r\n", " ", $v);
307
				}
308
			}
309
310
			return $output['body'];
311
		}
312
313
		return parent::getHTTPBody($soapmsg);
314
	}
315
316
	/**
317
	* gets the HTTP content type for the current request.
318
	*
319
	* Note: getHTTPBody must be called before this.
320
	*
321
	* @return string the HTTP content type for the current request.
322
	* @access private
323
	*/
324
	function getHTTPContentType() {
325
		if (count($this->requestAttachments) > 0) {
326
			return $this->mimeContentType;
327
		}
328
		return parent::getHTTPContentType();
329
	}
330
331
	/**
332
	* gets the HTTP content type charset for the current request.
333
	* returns false for non-text content types.
334
	*
335
	* Note: getHTTPBody must be called before this.
336
	*
337
	* @return string the HTTP content type charset for the current request.
338
	* @access private
339
	*/
340
	function getHTTPContentTypeCharset() {
341
		if (count($this->requestAttachments) > 0) {
342
			return false;
343
		}
344
		return parent::getHTTPContentTypeCharset();
345
	}
346
347
	/**
348
	* processes SOAP message returned from server
349
	*
350
	* @param	array	$headers	The HTTP headers
351
	* @param	string	$data		unprocessed response data from server
352
	* @return	mixed	value of the message, decoded into a PHP type
353
	* @access   private
354
	*/
355
    function parseResponse($headers, $data) {
356
		$this->debug('Entering parseResponse() for payload of length ' . strlen($data) . ' and type of ' . $headers['content-type']);
357
		$this->responseAttachments = array();
358
		if (strstr($headers['content-type'], 'multipart/related')) {
359
			$this->debug('Decode multipart/related');
360
			$input = '';
361
			foreach ($headers as $k => $v) {
362
				$input .= "$k: $v\r\n";
363
			}
364
			$params['input'] = $input . "\r\n" . $data;
365
			$params['include_bodies'] = true;
366
			$params['decode_bodies'] = true;
367
			$params['decode_headers'] = true;
368
369
			$structure = Mail_mimeDecode::decode($params);
370
371
			foreach ($structure->parts as $part) {
372
				if (!isset($part->disposition)) {
373
					$this->debug('Have root part of type ' . $part->headers['content-type']);
374
					$return = parent::parseResponse($part->headers, $part->body);
375
				} else {
376
					$this->debug('Have an attachment of type ' . $part->headers['content-type']);
377
					$info['data'] = $part->body;
378
					$info['filename'] = isset($part->d_parameters['filename']) ? $part->d_parameters['filename'] : '';
379
					$info['contenttype'] = $part->headers['content-type'];
380
					$info['cid'] = $part->headers['content-id'];
381
					$this->responseAttachments[] = $info;
382
				}
383
			}
384
385
			if (isset($return)) {
386
				return $return;
387
			}
388
389
			$this->setError('No root part found in multipart/related content');
390
			return;
391
		}
392
		$this->debug('Not multipart/related');
393
		return parent::parseResponse($headers, $data);
394
	}
395
}
396
397
/**
398
* nusoapservermime server supporting MIME attachments defined at
399
* http://www.w3.org/TR/SOAP-attachments.  It depends on the PEAR Mail_MIME library.
400
*
401
* @author   Scott Nichol <[email protected]>
402
* @author	Thanks to Guillaume and Henning Reich for posting great attachment code to the mail list
403
404
* @access   public
405
*/
406
class nusoapservermime extends soap_server {
0 ignored issues
show
Coding Style Compatibility introduced by
PSR1 recommends that each class should be in its own file to aid autoloaders.

Having each class in a dedicated file usually plays nice with PSR autoloaders and is therefore a well established practice. If you use other autoloaders, you might not want to follow this rule.

Loading history...
407
	/**
408
	 * @var array Each array element in the return is an associative array with keys
409
	 * data, filename, contenttype, cid
410
	 * @access private
411
	 */
412
	var $requestAttachments = array();
413
	/**
414
	 * @var array Each array element in the return is an associative array with keys
415
	 * data, filename, contenttype, cid
416
	 * @access private
417
	 */
418
	var $responseAttachments;
419
	/**
420
	 * @var string
421
	 * @access private
422
	 */
423
	var $mimeContentType;
424
425
	/**
426
	* adds a MIME attachment to the current response.
427
	*
428
	* If the $data parameter contains an empty string, this method will read
429
	* the contents of the file named by the $filename parameter.
430
	*
431
	* If the $cid parameter is false, this method will generate the cid.
432
	*
433
	* @param string $data The data of the attachment
434
	* @param string $filename The filename of the attachment (default is empty string)
435
	* @param string $contenttype The MIME Content-Type of the attachment (default is application/octet-stream)
436
	* @param string $cid The content-id (cid) of the attachment (default is false)
437
	* @return string The content-id (cid) of the attachment
438
	* @access public
439
	*/
440
	function addAttachment($data, $filename = '', $contenttype = 'application/octet-stream', $cid = false) {
441
		if (! $cid) {
442
			$cid = md5(uniqid(time()));
443
		}
444
445
		$info['data'] = $data;
446
		$info['filename'] = $filename;
447
		$info['contenttype'] = $contenttype;
448
		$info['cid'] = $cid;
449
450
		$this->responseAttachments[] = $info;
451
452
		return $cid;
453
	}
454
455
	/**
456
	* clears the MIME attachments for the current response.
457
	*
458
	* @access public
459
	*/
460
	function clearAttachments() {
461
		$this->responseAttachments = array();
462
	}
463
464
	/**
465
	* gets the MIME attachments from the current request.
466
	*
467
	* Each array element in the return is an associative array with keys
468
	* data, filename, contenttype, cid.  These keys correspond to the parameters
469
	* for addAttachment.
470
	*
471
	* @return array The attachments.
472
	* @access public
473
	*/
474
	function getAttachments() {
475
		return $this->requestAttachments;
476
	}
477
478
	/**
479
	* gets the HTTP body for the current response.
480
	*
481
	* @param string $soapmsg The SOAP payload
482
	* @return string The HTTP body, which includes the SOAP payload
483
	* @access private
484
	*/
485
	function getHTTPBody($soapmsg) {
486
		if (count($this->responseAttachments) > 0) {
487
			$params['content_type'] = 'multipart/related; type=text/xml';
488
			$mimeMessage = new Mail_mimePart('', $params);
489
			unset($params);
490
491
			$params['content_type'] = 'text/xml';
492
			$params['encoding']     = '8bit';
493
			$params['charset']      = $this->soap_defencoding;
494
			$mimeMessage->addSubpart($soapmsg, $params);
495
496
			foreach ($this->responseAttachments as $att) {
497
				unset($params);
498
499
				$params['content_type'] = $att['contenttype'];
500
				$params['encoding']     = 'base64';
501
				$params['disposition']  = 'attachment';
502
				$params['dfilename']    = $att['filename'];
503
				$params['cid']          = $att['cid'];
504
505
				if ($att['data'] == '' && $att['filename'] <> '') {
506
				    $data = file_get_contents($att['filename']);
507
					$mimeMessage->addSubpart($data, $params);
508
				} else {
509
					$mimeMessage->addSubpart($att['data'], $params);
510
				}
511
			}
512
513
			$output = $mimeMessage->encode();
514
			$mimeHeaders = $output['headers'];
515
516
			foreach ($mimeHeaders as $k => $v) {
517
				$this->debug("MIME header $k: $v");
518
				if (strtolower($k) == 'content-type') {
519
					// PHP header() seems to strip leading whitespace starting
520
					// the second line, so force everything to one line
521
					$this->mimeContentType = str_replace("\r\n", " ", $v);
522
				}
523
			}
524
525
			return $output['body'];
526
		}
527
528
		return parent::getHTTPBody($soapmsg);
529
	}
530
531
	/**
532
	* gets the HTTP content type for the current response.
533
	*
534
	* Note: getHTTPBody must be called before this.
535
	*
536
	* @return string the HTTP content type for the current response.
537
	* @access private
538
	*/
539
	function getHTTPContentType() {
540
		if (count($this->responseAttachments) > 0) {
541
			return $this->mimeContentType;
542
		}
543
		return parent::getHTTPContentType();
544
	}
545
546
	/**
547
	* gets the HTTP content type charset for the current response.
548
	* returns false for non-text content types.
549
	*
550
	* Note: getHTTPBody must be called before this.
551
	*
552
	* @return string the HTTP content type charset for the current response.
553
	* @access private
554
	*/
555
	function getHTTPContentTypeCharset() {
556
		if (count($this->responseAttachments) > 0) {
557
			return false;
558
		}
559
		return parent::getHTTPContentTypeCharset();
560
	}
561
562
	/**
563
	* processes SOAP message received from client
564
	*
565
	* @param	array	$headers	The HTTP headers
566
	* @param	string	$data		unprocessed request data from client
567
	* @return	mixed	value of the message, decoded into a PHP type
568
	* @access   private
569
	*/
570
    function parseRequest($headers, $data) {
571
		$this->debug('Entering parseRequest() for payload of length ' . strlen($data) . ' and type of ' . $headers['content-type']);
572
		$this->requestAttachments = array();
573
		if (strstr($headers['content-type'], 'multipart/related')) {
574
			$this->debug('Decode multipart/related');
575
			$input = '';
576
			foreach ($headers as $k => $v) {
577
				$input .= "$k: $v\r\n";
578
			}
579
			$params['input'] = $input . "\r\n" . $data;
580
			$params['include_bodies'] = true;
581
			$params['decode_bodies'] = true;
582
			$params['decode_headers'] = true;
583
584
			$structure = Mail_mimeDecode::decode($params);
585
586
			foreach ($structure->parts as $part) {
587
				if (!isset($part->disposition)) {
588
					$this->debug('Have root part of type ' . $part->headers['content-type']);
589
					$return = parent::parseRequest($part->headers, $part->body);
590
				} else {
591
					$this->debug('Have an attachment of type ' . $part->headers['content-type']);
592
					$info['data'] = $part->body;
593
					$info['filename'] = isset($part->d_parameters['filename']) ? $part->d_parameters['filename'] : '';
594
					$info['contenttype'] = $part->headers['content-type'];
595
					$info['cid'] = $part->headers['content-id'];
596
					$this->requestAttachments[] = $info;
597
				}
598
			}
599
600
			if (isset($return)) {
601
				return $return;
602
			}
603
604
			$this->setError('No root part found in multipart/related content');
605
			return;
606
		}
607
		$this->debug('Not multipart/related');
608
		return parent::parseRequest($headers, $data);
609
	}
610
}
611
?>
612