1 | <?php |
||
2 | |||
3 | // required to handle php errors |
||
4 | require_once __DIR__ . '/exceptions/class.ZarafaErrorException.php'; |
||
5 | require_once __DIR__ . '/exceptions/class.ZarafaException.php'; |
||
6 | |||
7 | /** |
||
8 | * Upload Attachment |
||
9 | * This file is used to upload. |
||
10 | */ |
||
11 | class UploadAttachment { |
||
12 | /** |
||
13 | * A random string that will be generated with every MAPIMessage instance to uniquely identify attachments that |
||
14 | * belongs to this MAPIMessage, this is mainly used to get recently uploaded attachments for MAPIMessage. |
||
15 | */ |
||
16 | protected $dialogAttachments; |
||
17 | |||
18 | /** |
||
19 | * Entryid of the MAPIStore which holds the message to which we need to import. |
||
20 | */ |
||
21 | protected $storeId; |
||
22 | |||
23 | /** |
||
24 | * Resource of the MAPIStore which holds the message to which we need to import. |
||
25 | */ |
||
26 | protected $store; |
||
27 | |||
28 | /** |
||
29 | * Entryid of the MAPIFolder which holds the message. |
||
30 | */ |
||
31 | protected $destinationFolderId; |
||
32 | |||
33 | /** |
||
34 | * Resource of the MAPIFolder which holds the message which we need to import from file. |
||
35 | */ |
||
36 | protected $destinationFolder; |
||
37 | |||
38 | /** |
||
39 | * A boolean value, set to false by default, to define if the attachment needs to be imported into folder as webapp item. |
||
40 | */ |
||
41 | protected $import; |
||
42 | |||
43 | /** |
||
44 | * Object of AttachmentState class. |
||
45 | */ |
||
46 | protected $attachment_state; |
||
47 | |||
48 | /** |
||
49 | * A boolean value, set to true by default which update the counter of the folder. |
||
50 | */ |
||
51 | protected $allowUpdateCounter; |
||
52 | |||
53 | /** |
||
54 | * A boolean value, set to false by default which extract the attach id concatenated with attachment name |
||
55 | * from the client side. |
||
56 | */ |
||
57 | protected $ignoreExtractAttachid; |
||
58 | |||
59 | /** |
||
60 | * A string value which stores the module name of the notifier according to the file type. |
||
61 | */ |
||
62 | protected $notifierModule; |
||
63 | |||
64 | /** |
||
65 | * Constructor. |
||
66 | */ |
||
67 | public function __construct() { |
||
68 | $this->dialogAttachments = false; |
||
69 | $this->storeId = false; |
||
70 | $this->destinationFolder = false; |
||
71 | $this->destinationFolderId = false; |
||
72 | $this->store = false; |
||
73 | $this->import = false; |
||
74 | $this->attachment_state = false; |
||
75 | $this->allowUpdateCounter = true; |
||
76 | $this->ignoreExtractAttachid = false; |
||
77 | } |
||
78 | |||
79 | /** |
||
80 | * Function will initialize data for this class object. It will also sanitize data |
||
81 | * for possible XSS attack because data is received in $_REQUEST. |
||
82 | * |
||
83 | * @param array $data parameters received with the request |
||
84 | */ |
||
85 | public function init($data) { |
||
86 | if (isset($data['dialog_attachments'])) { |
||
87 | $this->dialogAttachments = sanitizeValue($data['dialog_attachments'], '', ID_REGEX); |
||
88 | } |
||
89 | |||
90 | if (isset($data['store'])) { |
||
91 | $this->storeId = sanitizeValue($data['store'], '', STRING_REGEX); |
||
92 | } |
||
93 | |||
94 | if (isset($data['destination_folder'])) { |
||
95 | $this->destinationFolderId = sanitizeValue($data['destination_folder'], '', STRING_REGEX); |
||
96 | } |
||
97 | |||
98 | if ($this->storeId) { |
||
99 | $this->store = $GLOBALS['mapisession']->openMessageStore(hex2bin((string) $this->storeId)); |
||
100 | } |
||
101 | |||
102 | if (isset($data['import'])) { |
||
103 | $this->import = sanitizeValue($data['import'], '', STRING_REGEX); |
||
104 | } |
||
105 | |||
106 | if (isset($data['ignore_extract_attachid'])) { |
||
107 | $this->ignoreExtractAttachid = sanitizeValue($data['ignore_extract_attachid'], '', STRING_REGEX); |
||
108 | } |
||
109 | |||
110 | if ($this->attachment_state === false) { |
||
111 | $this->attachment_state = new AttachmentState(); |
||
112 | } |
||
113 | } |
||
114 | |||
115 | /** |
||
116 | * Function get Files received in request, extract necessary information |
||
117 | * and holds the same using an instance of AttachmentState class. |
||
118 | */ |
||
119 | public function processFiles() { |
||
120 | if (isset($_FILES['attachments']['name']) && is_array($_FILES['attachments']['name'])) { |
||
121 | $importStatus = false; |
||
122 | $returnfiles = []; |
||
123 | |||
124 | // Parse all information from the updated files, |
||
125 | // validate the contents and add it to the $FILES array. |
||
126 | foreach ($_FILES['attachments']['name'] as $key => $name) { |
||
127 | // validate the FILE object to see if the size doesn't exceed |
||
128 | // the configured MAX_FILE_SIZE |
||
129 | $fileSize = $_FILES['attachments']['size'][$key]; |
||
130 | if (isset($_FILES['attachments']['error'][$key]) && $_FILES['attachments']['error'][$key] > 0) { |
||
131 | $errorTitle = _("File is not imported successfully"); |
||
132 | |||
133 | $errorTitle = match ($_FILES['attachments']['error'][$key]) { |
||
134 | UPLOAD_ERR_INI_SIZE => _('The uploaded file exceeds the upload_max_filesize directive in php.ini.'), |
||
135 | UPLOAD_ERR_FORM_SIZE => _('The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form.'), |
||
136 | UPLOAD_ERR_PARTIAL => _('The uploaded file was only partially uploaded.'), |
||
137 | UPLOAD_ERR_NO_FILE => _('No file was uploaded. .'), |
||
138 | UPLOAD_ERR_NO_TMP_DIR => _('Missing a temporary folder.'), |
||
139 | UPLOAD_ERR_CANT_WRITE => _('Failed to write file to disk.'), |
||
140 | UPLOAD_ERR_EXTENSION => _('A PHP extension stopped the file upload. PHP does not provide a way to ascertain which extension caused the file upload to stop; examining the list of loaded extensions with phpinfo() may help.'), |
||
141 | default => throw new ZarafaException($errorTitle), |
||
142 | }; |
||
143 | |||
144 | throw new ZarafaException($errorTitle); |
||
145 | } |
||
146 | if (isset($fileSize) && !(isset($_POST['MAX_FILE_SIZE']) && $fileSize > $_POST['MAX_FILE_SIZE'])) { |
||
147 | // Parse the filename, strip it from |
||
148 | // any illegal characters. |
||
149 | $filename = mb_basename(stripslashes((string) $_FILES['attachments']['name'][$key])); |
||
150 | |||
151 | // set sourcetype as default if sourcetype is unset. |
||
152 | $sourcetype = $_POST['sourcetype'] ?? 'default'; |
||
153 | |||
154 | /** |
||
155 | * content-type sent by browser for eml and ics attachments will be |
||
156 | * message/rfc822 and text/calendar respectively, but these content types are |
||
157 | * used for message-in-message embedded objects, so we have to send it as |
||
158 | * application/octet-stream. |
||
159 | */ |
||
160 | $fileType = $_FILES['attachments']['type'][$key]; |
||
161 | if ($fileType == 'message/rfc822' || $fileType == 'text/calendar') { |
||
162 | $fileType = 'application/octet-stream'; |
||
163 | } |
||
164 | |||
165 | // Don't go to extract attachID as passing it from client end is not |
||
166 | // possible with IE/Edge. |
||
167 | if (!isEdge() && $this->ignoreExtractAttachid === false) { |
||
168 | $attachID = substr($filename, -8); |
||
169 | $filename = substr($filename, 0, -8); |
||
170 | } |
||
171 | else { |
||
172 | $attachID = uniqid(); |
||
173 | } |
||
174 | |||
175 | // Move the uploaded file into the attachment state |
||
176 | $attachTempName = $this->attachment_state->addUploadedAttachmentFile($_REQUEST['dialog_attachments'], $filename, $_FILES['attachments']['tmp_name'][$key], [ |
||
177 | 'name' => $filename, |
||
178 | 'size' => $fileSize, |
||
179 | 'type' => $fileType, |
||
180 | 'sourcetype' => $sourcetype, |
||
181 | 'attach_id' => $attachID, |
||
182 | ]); |
||
183 | |||
184 | // Allow hooking in to handle import in plugins |
||
185 | $GLOBALS['PluginManager']->triggerHook('server.upload_attachment.upload', [ |
||
186 | 'tmpname' => $this->attachment_state->getAttachmentPath($attachTempName), |
||
187 | 'name' => $filename, |
||
188 | 'size' => $fileSize, |
||
189 | 'sourcetype' => $sourcetype, |
||
190 | 'returnfiles' => &$returnfiles, |
||
191 | 'attach_id' => $attachID, |
||
192 | ]); |
||
193 | |||
194 | // import given files |
||
195 | if ($this->import) { |
||
196 | $importStatus = $this->importFiles($attachTempName, $filename); |
||
197 | } |
||
198 | elseif ($sourcetype === 'contactphoto' || $sourcetype === 'default') { |
||
199 | $fileData = [ |
||
200 | 'props' => [ |
||
201 | 'attach_num' => -1, |
||
202 | 'tmpname' => $attachTempName, |
||
203 | 'attach_id' => $attachID, |
||
204 | 'name' => $filename, |
||
205 | 'size' => $fileSize, |
||
206 | ], |
||
207 | ]; |
||
208 | |||
209 | if ($sourcetype === 'contactphoto') { |
||
210 | $fileData['props']['attachment_contactphoto'] = true; |
||
211 | } |
||
212 | |||
213 | $returnfiles[] = $fileData; |
||
214 | } |
||
215 | else { |
||
216 | // Backwards compatibility for Plugins (S/MIME) |
||
217 | $lastKey = count($returnfiles) - 1; |
||
218 | if ($lastKey >= 0) { |
||
219 | $returnfiles[$lastKey]['props']['attach_id'] = $attachID; |
||
220 | } |
||
221 | } |
||
222 | } |
||
223 | } |
||
224 | |||
225 | if ($this->import) { |
||
226 | if ($importStatus !== false) { |
||
227 | $this->sendImportResponse($importStatus); |
||
228 | } |
||
229 | else { |
||
230 | throw new ZarafaException(_("File is not imported successfully")); |
||
231 | } |
||
232 | } |
||
233 | else { |
||
234 | $return = [ |
||
235 | 'success' => true, |
||
236 | 'zarafa' => [ |
||
237 | sanitizeGetValue('module', '', STRING_REGEX) => [ |
||
238 | sanitizeGetValue('moduleid', '', STRING_REGEX) => [ |
||
239 | 'update' => [ |
||
240 | 'item' => $returnfiles, |
||
241 | ], |
||
242 | ], |
||
243 | ], |
||
244 | ], |
||
245 | ]; |
||
246 | |||
247 | echo json_encode($return); |
||
248 | } |
||
249 | } |
||
250 | } |
||
251 | |||
252 | /** |
||
253 | * Function reads content of the given file and call either importICSFile or importEMLFile |
||
254 | * function based on the file type. |
||
255 | * |
||
256 | * @param string $attachTempName a temporary file name of server location where it actually saved/available |
||
257 | * @param string $filename an actual file name |
||
258 | * |
||
259 | * @return bool true if the import is successful, false otherwise |
||
260 | */ |
||
261 | public function importFiles($attachTempName, $filename) { |
||
262 | $filepath = $this->attachment_state->getAttachmentPath($attachTempName); |
||
263 | $handle = fopen($filepath, "r"); |
||
264 | $attachmentStream = ''; |
||
265 | while (!feof($handle)) { |
||
266 | $attachmentStream .= fread($handle, BLOCK_SIZE); |
||
267 | } |
||
268 | |||
269 | fclose($handle); |
||
270 | unlink($filepath); |
||
271 | |||
272 | $extension = pathinfo($filename, PATHINFO_EXTENSION); |
||
273 | |||
274 | // Set the module id of the notifier according to the file type |
||
275 | switch (strtoupper($extension)) { |
||
0 ignored issues
–
show
Bug
introduced
by
![]() |
|||
276 | case 'EML': |
||
277 | $this->notifierModule = 'maillistnotifier'; |
||
278 | |||
279 | return $this->importEMLFile($attachmentStream, $filename); |
||
280 | break; |
||
0 ignored issues
–
show
break is not strictly necessary here and could be removed.
The switch ($x) {
case 1:
return 'foo';
break; // This break is not necessary and can be left off.
}
If you would like to keep this construct to be consistent with other ![]() |
|||
281 | |||
282 | case 'ICS': |
||
283 | case 'VCS': |
||
284 | $this->notifierModule = 'appointmentlistnotifier'; |
||
285 | |||
286 | return $this->importICSFile($attachmentStream, $filename); |
||
287 | break; |
||
288 | |||
289 | case 'VCF': |
||
290 | $this->notifierModule = 'contactlistnotifier'; |
||
291 | |||
292 | return $this->importVCFFile($attachmentStream, $filename); |
||
0 ignored issues
–
show
|
|||
293 | break; |
||
294 | } |
||
295 | |||
296 | return false; |
||
297 | } |
||
298 | |||
299 | /** |
||
300 | * Function reads content of the given file and convert the same into |
||
301 | * a webapp contact or multiple contacts into respective destination folder. |
||
302 | * |
||
303 | * @param string $attachmentStream the attachment as a stream |
||
304 | * @param string $filename an actual file name |
||
305 | * |
||
306 | * @return array the new contact to be imported |
||
307 | */ |
||
308 | public function importVCFFile($attachmentStream, $filename) { |
||
309 | $this->destinationFolder = $this->getDestinationFolder(); |
||
310 | |||
311 | try { |
||
312 | processVCFStream($attachmentStream); |
||
313 | // Convert vCard 1.0 to a MAPI contact. |
||
314 | $contacts = $this->convertVCFContactsToMapi($this->destinationFolder, $attachmentStream); |
||
315 | } |
||
316 | catch (ZarafaException $e) { |
||
317 | $e->setTitle(_("Import error")); |
||
318 | |||
319 | throw $e; |
||
320 | } |
||
321 | catch (Exception $e) { |
||
322 | $destinationFolderProps = mapi_getprops($this->destinationFolder, [PR_DISPLAY_NAME, PR_MDB_PROVIDER]); |
||
323 | $fullyQualifiedFolderName = $destinationFolderProps[PR_DISPLAY_NAME]; |
||
324 | if ($destinationFolderProps[PR_MDB_PROVIDER] === ZARAFA_STORE_PUBLIC_GUID) { |
||
325 | $publicStore = $GLOBALS["mapisession"]->getPublicMessageStore(); |
||
326 | $publicStoreName = mapi_getprops($publicStore, [PR_DISPLAY_NAME]); |
||
327 | $fullyQualifiedFolderName .= " - " . $publicStoreName[PR_DISPLAY_NAME]; |
||
328 | } |
||
329 | elseif ($destinationFolderProps[PR_MDB_PROVIDER] === ZARAFA_STORE_DELEGATE_GUID) { |
||
330 | $otherStore = $GLOBALS['operations']->getOtherStoreFromEntryid($this->destinationFolderId); |
||
331 | $sharedStoreOwnerName = mapi_getprops($otherStore, [PR_MAILBOX_OWNER_NAME]); |
||
332 | $fullyQualifiedFolderName .= " - " . $sharedStoreOwnerName[PR_MAILBOX_OWNER_NAME]; |
||
333 | } |
||
334 | |||
335 | $message = sprintf(_("Unable to import '%s' to '%s'. "), $filename, $fullyQualifiedFolderName); |
||
336 | if ($e->getCode() === MAPI_E_TABLE_EMPTY) { |
||
337 | $message .= _("There is no contact found in this file."); |
||
338 | } |
||
339 | elseif ($e->getCode() === MAPI_E_CORRUPT_DATA) { |
||
340 | $message .= _("The file is corrupt."); |
||
341 | } |
||
342 | elseif ($e->getCode() === MAPI_E_INVALID_PARAMETER) { |
||
343 | $message .= _("The file is invalid."); |
||
344 | } |
||
345 | else { |
||
346 | $message = sprintf(_("Unable to import '%s'. "), $filename) . $e->getMessage(); |
||
347 | } |
||
348 | |||
349 | $e = new ZarafaException($message); |
||
350 | $e->setTitle(_("Import error")); |
||
351 | |||
352 | throw $e; |
||
353 | } |
||
354 | |||
355 | if (is_array($contacts) && !empty($contacts)) { |
||
356 | $newcontact = []; |
||
357 | foreach ($contacts as $contact) { |
||
358 | // As vcf file does not contains fileas, business_address etc properties, we need to set it manually. |
||
359 | // something similar is mentioned in this ticket KC-1509. |
||
360 | $this->processContactData($GLOBALS["mapisession"]->getDefaultMessageStore(), $contact); |
||
361 | mapi_message_savechanges($contact); |
||
362 | $vcf = bin2hex((string) mapi_getprops($contact, [PR_ENTRYID])[PR_ENTRYID]); |
||
363 | array_push($newcontact, $vcf); |
||
364 | } |
||
365 | |||
366 | return $newcontact; |
||
367 | } |
||
368 | |||
369 | return false; |
||
0 ignored issues
–
show
|
|||
370 | } |
||
371 | |||
372 | /** |
||
373 | * Function checks whether the file to be converted contains a single vCard |
||
374 | * or multiple vCard entries. It calls the appropriate method and converts the vcf. |
||
375 | * |
||
376 | * @param object $destinationFolder the folder which holds the message which we need to import from file |
||
377 | * @param string $attachmentStream the attachment as a stream |
||
378 | * |
||
379 | * @return array $contacts the array of contact(s) to be imported |
||
380 | */ |
||
381 | public function convertVCFContactsToMapi($destinationFolder, $attachmentStream) { |
||
382 | $contacts = []; |
||
383 | |||
384 | // If function 'mapi_vcftomapi2' exists, we can use that for both single and multiple vcf files, |
||
385 | // but if it doesn't exist, we use the old function 'mapi_vcftomapi' for single vcf file. |
||
386 | if (function_exists('mapi_vcftomapi2')) { |
||
387 | $contacts = mapi_vcftomapi2($destinationFolder, $attachmentStream); |
||
388 | } |
||
389 | elseif ($_POST['is_single_import']) { |
||
390 | $newMessage = mapi_folder_createmessage($this->destinationFolder); |
||
391 | $store = $GLOBALS["mapisession"]->getDefaultMessageStore(); |
||
392 | $ok = mapi_vcftomapi($GLOBALS['mapisession']->getSession(), $store, $newMessage, $attachmentStream); |
||
393 | if ($ok !== false) { |
||
394 | $contacts = is_array($newMessage) ? $newMessage : [$newMessage]; |
||
395 | } |
||
396 | } |
||
397 | else { |
||
398 | // Throw error related to multiple vcf as the function is not available for importing multiple vcf file. |
||
399 | throw new ZarafaException(_("grommunio Web does not support importing multiple VCF with this version.")); |
||
400 | } |
||
401 | |||
402 | return $contacts; |
||
403 | } |
||
404 | |||
405 | /** |
||
406 | * Helper function which generate the information like 'fileAs','display name' and |
||
407 | * 'business address' using existing information. |
||
408 | * |
||
409 | * @param object $store Message Store Object |
||
410 | * @param object $newMessage The newly imported contact from .vcf file. |
||
411 | */ |
||
412 | public function processContactData($store, $newMessage) { |
||
413 | $properties = []; |
||
414 | $properties["subject"] = PR_SUBJECT; |
||
415 | $properties["fileas"] = "PT_STRING8:PSETID_Address:0x8005"; |
||
416 | $properties["display_name"] = PR_DISPLAY_NAME; |
||
417 | $properties["address_book_mv"] = "PT_MV_LONG:PSETID_Address:0x8028"; |
||
418 | $properties["address_book_long"] = "PT_LONG:PSETID_Address:0x8029"; |
||
419 | $properties["business_address"] = "PT_STRING8:PSETID_Address:0x801b"; |
||
420 | $properties["email_address_entryid_1"] = "PT_BINARY:PSETID_Address:0x8085"; |
||
421 | $properties["email_address_display_name_1"] = "PT_STRING8:PSETID_Address:" . PidLidEmail1DisplayName; |
||
422 | $properties["business_address_street"] = "PT_STRING8:PSETID_Address:" . PidLidWorkAddressStreet; |
||
423 | $properties["business_address_city"] = "PT_STRING8:PSETID_Address:" . PidLidWorkAddressCity; |
||
424 | $properties["business_address_state"] = "PT_STRING8:PSETID_Address:" . PidLidWorkAddressState; |
||
425 | $properties["business_address_postal_code"] = "PT_STRING8:PSETID_Address:" . PidLidWorkAddressPostalCode; |
||
426 | $properties["business_address_country"] = "PT_STRING8:PSETID_Address:" . PidLidWorkAddressCountry; |
||
427 | |||
428 | $properties = getPropIdsFromStrings($store, $properties); |
||
429 | |||
430 | $contactProps = mapi_getprops($newMessage, $properties); |
||
431 | |||
432 | $props = []; |
||
433 | |||
434 | // Addresses field value. |
||
435 | $businessAddress = ($contactProps[$properties["business_address_street"]] ?? '') . "\n"; |
||
436 | $businessAddress .= ($contactProps[$properties["business_address_city"]] ?? '') . " "; |
||
437 | $businessAddress .= ($contactProps[$properties["business_address_state"]] ?? '') . " "; |
||
438 | $businessAddress .= ($contactProps[$properties["business_address_postal_code"]] ?? '') . "\n"; |
||
439 | $businessAddress .= ($contactProps[$properties["business_address_country"]] ?? '') . "\n"; |
||
440 | |||
441 | if (strlen(trim($businessAddress)) > 0) { |
||
442 | $props[$properties["business_address"]] = $businessAddress; |
||
443 | } |
||
444 | |||
445 | // File as field value generator. |
||
446 | if (isset($contactProps[PR_DISPLAY_NAME])) { |
||
447 | $displayName = $contactProps[PR_DISPLAY_NAME] ?? " "; |
||
448 | $displayName = str_replace("\xA0", " ", $displayName); |
||
449 | $str = explode(" ", $displayName); |
||
450 | $prefix = [_('Dr.'), _('Miss'), _('Mr.'), _('Mrs.'), _('Ms.'), _('Prof.')]; |
||
451 | $suffix = ['I', 'II', 'III', _('Jr.'), _('Sr.')]; |
||
452 | |||
453 | foreach ($str as $index => $value) { |
||
454 | $value = preg_replace('/[^.A-Za-z0-9\-]/', '', $value); |
||
455 | if (array_search($value, $prefix, true) !== false) { |
||
456 | $props[PR_DISPLAY_NAME_PREFIX] = $value; |
||
457 | unset($str[$index]); |
||
458 | } |
||
459 | elseif (array_search($value, $suffix, true) !== false) { |
||
460 | $props[PR_GENERATION] = $value; |
||
461 | unset($str[$index]); |
||
462 | } |
||
463 | } |
||
464 | |||
465 | $surname = array_slice($str, count($str) - 1); |
||
466 | $remainder = array_slice($str, 0, count($str) - 1); |
||
467 | $fileAs = $surname[0] . ', '; |
||
468 | if (!empty($remainder)) { |
||
469 | $fileAs .= join(" ", $remainder); |
||
470 | if (count($remainder) > 1) { |
||
471 | $middleName = $remainder[count($remainder) - 1]; |
||
472 | $props[PR_MIDDLE_NAME] = $middleName; |
||
473 | } |
||
474 | } |
||
475 | |||
476 | // Email fieldset information. |
||
477 | if (isset($contactProps[$properties["email_address_display_name_1"]])) { |
||
478 | $emailAddressDisplayNameOne = $fileAs . " "; |
||
479 | $emailAddressDisplayNameOne .= $contactProps[$properties["email_address_display_name_1"]]; |
||
480 | $props[$properties["email_address_display_name_1"]] = $emailAddressDisplayNameOne; |
||
481 | $props[$properties["address_book_long"]] = 1; |
||
482 | $props[$properties["address_book_mv"]] = [0 => 0]; |
||
483 | } |
||
484 | |||
485 | $props[$properties["fileas"]] = $fileAs; |
||
486 | $props[PR_DISPLAY_NAME] = $displayName; |
||
487 | mapi_setprops($newMessage, $props); |
||
488 | } |
||
489 | } |
||
490 | |||
491 | /** |
||
492 | * Function reads content of the given file and convert the same into |
||
493 | * a webapp appointment into respective destination folder. |
||
494 | * |
||
495 | * @param string $attachmentStream the attachment as a stream |
||
496 | * @param string $filename an actual file name |
||
497 | * |
||
498 | * @return bool true if the import is successful, false otherwise |
||
499 | */ |
||
500 | public function importICSFile($attachmentStream, $filename) { |
||
501 | $this->destinationFolder = $this->getDestinationFolder(); |
||
502 | |||
503 | try { |
||
504 | $events = $this->convertICSToMapi($attachmentStream); |
||
505 | } |
||
506 | catch (ZarafaException $e) { |
||
507 | $e->setTitle(_("Import error")); |
||
508 | |||
509 | throw $e; |
||
510 | } |
||
511 | catch (Exception $e) { |
||
512 | $destinationFolderProps = mapi_getprops($this->destinationFolder, [PR_DISPLAY_NAME, PR_MDB_PROVIDER]); |
||
513 | $fullyQualifiedFolderName = $destinationFolderProps[PR_DISPLAY_NAME]; |
||
514 | // Condition true if folder is belongs to Public store. |
||
515 | if ($destinationFolderProps[PR_MDB_PROVIDER] === ZARAFA_STORE_PUBLIC_GUID) { |
||
516 | $publicStore = $GLOBALS["mapisession"]->getPublicMessageStore(); |
||
517 | $publicStoreName = mapi_getprops($publicStore, [PR_DISPLAY_NAME]); |
||
518 | $fullyQualifiedFolderName .= " - " . $publicStoreName[PR_DISPLAY_NAME]; |
||
519 | } |
||
520 | elseif ($destinationFolderProps[PR_MDB_PROVIDER] === ZARAFA_STORE_DELEGATE_GUID) { |
||
521 | // Condition true if folder is belongs to delegate store. |
||
522 | $otherStore = $GLOBALS['operations']->getOtherStoreFromEntryid($this->destinationFolderId); |
||
523 | $sharedStoreOwnerName = mapi_getprops($otherStore, [PR_MAILBOX_OWNER_NAME]); |
||
524 | $fullyQualifiedFolderName .= " - " . $sharedStoreOwnerName[PR_MAILBOX_OWNER_NAME]; |
||
525 | } |
||
526 | |||
527 | $message = sprintf(_("Unable to import '%s' to '%s'. "), $filename, $fullyQualifiedFolderName); |
||
528 | if ($e->getCode() === MAPI_E_TABLE_EMPTY) { |
||
529 | $message .= _("There is no appointment found in this file."); |
||
530 | } |
||
531 | elseif ($e->getCode() === MAPI_E_CORRUPT_DATA) { |
||
532 | $message .= _("The file is corrupt."); |
||
533 | } |
||
534 | elseif ($e->getCode() === MAPI_E_INVALID_PARAMETER) { |
||
535 | $message .= _("The file is invalid."); |
||
536 | } |
||
537 | else { |
||
538 | $message = sprintf(_("Unable to import '%s'. "), $filename) . $e->getMessage(); |
||
539 | } |
||
540 | |||
541 | $e = new ZarafaException($message); |
||
542 | $e->setTitle(_("Import error")); |
||
543 | |||
544 | throw $e; |
||
545 | } |
||
546 | |||
547 | if (is_array($events) && !empty($events)) { |
||
548 | $newEvents = []; |
||
549 | $store = $GLOBALS["mapisession"]->getDefaultMessageStore(); |
||
550 | $propTags = [ |
||
551 | "commonstart" => "PT_SYSTIME:PSETID_Common:0x8516", |
||
552 | "commonend" => "PT_SYSTIME:PSETID_Common:0x8517", |
||
553 | "message_class" => PR_MESSAGE_CLASS, |
||
554 | "startdate" => "PT_SYSTIME:PSETID_Appointment:0x820d", |
||
555 | "duedate" => "PT_SYSTIME:PSETID_Appointment:0x820e", |
||
556 | ]; |
||
557 | $properties = getPropIdsFromStrings($store, $propTags); |
||
558 | foreach ($events as $event) { |
||
559 | $newMessageProps = mapi_getprops($event, $properties); |
||
560 | // Need to set the common start and end date if it is not set because |
||
561 | // common start and end dates are required fields. |
||
562 | |||
563 | if (!isset($newMessageProps[$properties["commonstart"]], $newMessageProps[$properties["commonend"]])) { |
||
564 | mapi_setprops($event, [ |
||
565 | $properties["commonstart"] => $newMessageProps[$properties["startdate"]], |
||
566 | $properties["commonend"] => $newMessageProps[$properties["duedate"]], |
||
567 | ]); |
||
568 | } |
||
569 | |||
570 | // Save newly imported event |
||
571 | mapi_message_savechanges($event); |
||
572 | |||
573 | $newMessageProps = mapi_getprops($event, [PR_MESSAGE_CLASS]); |
||
574 | if (isset($newMessageProps[PR_MESSAGE_CLASS]) && $newMessageProps[PR_MESSAGE_CLASS] !== 'IPM.Appointment') { |
||
575 | // Convert the Meeting request record to proper appointment record so we can |
||
576 | // properly show the appointment in calendar. |
||
577 | $req = new Meetingrequest($store, $event, $GLOBALS['mapisession']->getSession(), ENABLE_DIRECT_BOOKING); |
||
0 ignored issues
–
show
The type
Meetingrequest was not found. Maybe you did not declare it correctly or list all dependencies?
The issue could also be caused by a filter entry in the build configuration.
If the path has been excluded in your configuration, e.g. filter:
dependency_paths: ["lib/*"]
For further information see https://scrutinizer-ci.com/docs/tools/php/php-scrutinizer/#list-dependency-paths ![]() |
|||
578 | $req->doAccept(true, false, false, false, false, false, false, false, false, true); |
||
579 | } |
||
580 | |||
581 | $this->allowUpdateCounter = false; |
||
582 | $entryid = bin2hex((string) mapi_getprops($event, [PR_ENTRYID])[PR_ENTRYID]); |
||
583 | array_push($newEvents, $entryid); |
||
584 | } |
||
585 | |||
586 | return $newEvents; |
||
587 | } |
||
588 | |||
589 | return false; |
||
590 | } |
||
591 | |||
592 | /** |
||
593 | * Function checks whether the file to be converted contains a single event ics |
||
594 | * or multiple ics event entries. |
||
595 | * |
||
596 | * @param string $attachmentStream the attachment as a stream |
||
597 | * |
||
598 | * @return array $events the array of calendar items to be imported |
||
599 | */ |
||
600 | public function convertICSToMapi($attachmentStream) { |
||
601 | $events = []; |
||
602 | $addrBook = $GLOBALS['mapisession']->getAddressbook(); |
||
603 | |||
604 | // If function 'mapi_icaltomapi2' exists, we can use that for both single and multiple ics files, |
||
605 | // but if it doesn't exist, we use the old function 'mapi_icaltomapi' for single ics file. |
||
606 | if (function_exists('mapi_icaltomapi2')) { |
||
607 | $events = mapi_icaltomapi2($addrBook, $this->destinationFolder, $attachmentStream); |
||
608 | } |
||
609 | elseif ($_POST['is_single_import']) { |
||
610 | $newMessage = mapi_folder_createmessage($this->destinationFolder); |
||
611 | $store = $GLOBALS["mapisession"]->getDefaultMessageStore(); |
||
612 | $ok = mapi_icaltomapi($GLOBALS['mapisession']->getSession(), $store, $addrBook, $newMessage, $attachmentStream, false); |
||
613 | |||
614 | if ($ok !== false) { |
||
615 | array_push($events, $newMessage); |
||
616 | } |
||
617 | } |
||
618 | else { |
||
619 | // Throw error related to multiple ics as the function is not available for importing multiple ics file. |
||
620 | throw new ZarafaException(_("grommunio Web does not support importing multiple ICS with this version.")); |
||
621 | } |
||
622 | |||
623 | return $events; |
||
624 | } |
||
625 | |||
626 | /** |
||
627 | * Function reads content of the given file and convert the same into |
||
628 | * a webapp email into respective destination folder. |
||
629 | * |
||
630 | * @param string $filename an actual file name |
||
631 | * @param mixed $attachmentStream |
||
632 | * |
||
633 | * @return bool true if the import is successful, false otherwise |
||
634 | */ |
||
635 | public function importEMLFile($attachmentStream, $filename) { |
||
636 | if (isBrokenEml($attachmentStream)) { |
||
637 | throw new ZarafaException(sprintf(_("Unable to import '%s'. "), $filename) . _("The EML is not valid")); |
||
638 | } |
||
639 | |||
640 | $this->destinationFolder = $this->getDestinationFolder(); |
||
641 | |||
642 | $newMessage = mapi_folder_createmessage($this->destinationFolder); |
||
643 | $addrBook = $GLOBALS['mapisession']->getAddressbook(); |
||
644 | // Convert an RFC822-formatted e-mail to a MAPI Message |
||
645 | $ok = mapi_inetmapi_imtomapi($GLOBALS['mapisession']->getSession(), $this->store, $addrBook, $newMessage, $attachmentStream, []); |
||
646 | |||
647 | if ($ok === true) { |
||
648 | mapi_message_savechanges($newMessage); |
||
649 | |||
650 | return bin2hex((string) mapi_getprops($newMessage, [PR_ENTRYID])[PR_ENTRYID]); |
||
0 ignored issues
–
show
|
|||
651 | } |
||
652 | |||
653 | return false; |
||
654 | } |
||
655 | |||
656 | /** |
||
657 | * Function used get the destination folder in which |
||
658 | * item gets imported. |
||
659 | * |
||
660 | * @return object folder object in which item gets imported |
||
661 | */ |
||
662 | public function getDestinationFolder() { |
||
663 | $destinationFolder = null; |
||
0 ignored issues
–
show
|
|||
664 | |||
665 | try { |
||
666 | $destinationFolder = mapi_msgstore_openentry($this->store, hex2bin((string) $this->destinationFolderId)); |
||
667 | } |
||
668 | catch (Exception) { |
||
669 | // Try to find the folder from shared stores in case if it is not found in current user's store |
||
670 | $destinationFolder = mapi_msgstore_openentry($GLOBALS['operations']->getOtherStoreFromEntryid($this->destinationFolderId), hex2bin((string) $this->destinationFolderId)); |
||
671 | } |
||
672 | |||
673 | return $destinationFolder; |
||
674 | } |
||
675 | |||
676 | /** |
||
677 | * Function deletes uploaded attachment files and send |
||
678 | * proper response back to client. |
||
679 | */ |
||
680 | public function deleteUploadedFiles() { |
||
681 | $num = sanitizePostValue('attach_num', false, NUMERIC_REGEX); |
||
682 | $attachID = sanitizePostValue('attach_id', false, STRING_REGEX); |
||
683 | |||
684 | if ($num === false) { |
||
685 | // string is passed in attachNum so get it |
||
686 | // Parse the filename, strip it from any illegal characters |
||
687 | $num = mb_basename(stripslashes((string) sanitizePostValue('attach_num', '', FILENAME_REGEX))); |
||
688 | |||
689 | // Delete the file instance and unregister the file |
||
690 | $this->attachment_state->deleteUploadedAttachmentFile($_REQUEST['dialog_attachments'], $num, $attachID); |
||
691 | } |
||
692 | else { |
||
693 | // Set the correct array structure |
||
694 | $this->attachment_state->addDeletedAttachment($_REQUEST['dialog_attachments'], $num); |
||
695 | } |
||
696 | |||
697 | $return = [ |
||
698 | // 'success' property is needed for Extjs Ext.form.Action.Submit#success handler |
||
699 | 'success' => true, |
||
700 | 'zarafa' => [ |
||
701 | sanitizeGetValue('module', '', STRING_REGEX) => [ |
||
702 | sanitizeGetValue('moduleid', '', STRING_REGEX) => [ |
||
703 | 'delete' => [ |
||
704 | 'success' => true, |
||
705 | ], |
||
706 | ], |
||
707 | ], |
||
708 | ], |
||
709 | ]; |
||
710 | |||
711 | echo json_encode($return); |
||
712 | } |
||
713 | |||
714 | /** |
||
715 | * Function adds embedded/icsfile attachment and send |
||
716 | * proper response back to client. |
||
717 | */ |
||
718 | public function addingEmbeddedAttachments() { |
||
719 | $attachID = $_POST['attach_id']; |
||
720 | $attachTampName = $this->attachment_state->addEmbeddedAttachment($_REQUEST['dialog_attachments'], [ |
||
721 | 'entryid' => sanitizePostValue('entryid', '', ID_REGEX), |
||
722 | 'store_entryid' => sanitizePostValue('store_entryid', '', ID_REGEX), |
||
723 | 'sourcetype' => intval($_POST['attach_method'], 10) === ATTACH_EMBEDDED_MSG ? 'embedded' : 'icsfile', |
||
724 | 'attach_id' => $attachID, |
||
725 | ]); |
||
726 | |||
727 | $returnfiles[] = [ |
||
0 ignored issues
–
show
Comprehensibility
Best Practice
introduced
by
|
|||
728 | 'props' => [ |
||
729 | 'attach_num' => -1, |
||
730 | 'tmpname' => $attachTampName, |
||
731 | 'attach_id' => $attachID, |
||
732 | // we are not using this data here, so we can safely use $_POST directly without any sanitization |
||
733 | // this is only needed to identify response for a particular attachment record on client side |
||
734 | 'name' => $_POST['name'], |
||
735 | ], |
||
736 | ]; |
||
737 | |||
738 | $return = [ |
||
739 | // 'success' property is needed for Extjs Ext.form.Action.Submit#success handler |
||
740 | 'success' => true, |
||
741 | 'zarafa' => [ |
||
742 | sanitizeGetValue('module', '', STRING_REGEX) => [ |
||
743 | sanitizeGetValue('moduleid', '', STRING_REGEX) => [ |
||
744 | 'update' => [ |
||
745 | 'item' => $returnfiles, |
||
746 | ], |
||
747 | ], |
||
748 | ], |
||
749 | ], |
||
750 | ]; |
||
751 | |||
752 | echo json_encode($return); |
||
753 | } |
||
754 | |||
755 | /** |
||
756 | * Function adds attachment in case of OOo. |
||
757 | */ |
||
758 | public function uploadWhenWendViaOOO() { |
||
759 | $providedFile = sys_get_temp_dir() . DIRECTORY_SEPARATOR . $_GET['attachment_id']; |
||
760 | |||
761 | // check whether the doc is already moved |
||
762 | if (file_exists($providedFile)) { |
||
763 | $filename = mb_basename(stripslashes((string) $_GET['name'])); |
||
764 | |||
765 | // Move the uploaded file to the session |
||
766 | $this->attachment_state->addProvidedAttachmentFile($_REQUEST['attachment_id'], $filename, $providedFile, [ |
||
767 | 'name' => $filename, |
||
768 | 'size' => filesize($providedFile), |
||
769 | 'type' => mime_content_type($providedFile), |
||
770 | 'sourcetype' => 'default', |
||
771 | ]); |
||
772 | } |
||
773 | else { |
||
774 | // Check if no files are uploaded with this attachmentid |
||
775 | $this->attachment_state->clearAttachmentFiles($_GET['attachment_id']); |
||
776 | } |
||
777 | } |
||
778 | |||
779 | /** |
||
780 | * Helper function to send proper response for import request only. It sets the appropriate |
||
781 | * notifier to be sent in the response according to the type of the file to be imported. |
||
782 | * |
||
783 | * @param mixed $importStatus |
||
784 | */ |
||
785 | public function sendImportResponse($importStatus) { |
||
786 | $storeProps = mapi_getprops($this->store, [PR_ENTRYID]); |
||
787 | $destinationFolderProps = mapi_getprops($this->destinationFolder, [PR_PARENT_ENTRYID, PR_CONTENT_UNREAD]); |
||
788 | $notifierModuleId = $this->notifierModule . '1'; |
||
789 | |||
790 | $return = [ |
||
791 | 'success' => true, |
||
792 | 'zarafa' => [ |
||
793 | sanitizeGetValue('module', '', STRING_REGEX) => [ |
||
794 | sanitizeGetValue('moduleid', '', STRING_REGEX) => [ |
||
795 | 'import' => [ |
||
796 | 'success' => true, |
||
797 | 'items' => $importStatus, |
||
798 | ], |
||
799 | ], |
||
800 | ], |
||
801 | 'hierarchynotifier' => [ |
||
802 | 'hierarchynotifier1' => [ |
||
803 | 'folders' => [ |
||
804 | 'item' => [ |
||
805 | 0 => [ |
||
806 | 'entryid' => $this->destinationFolderId, |
||
807 | 'parent_entryid' => bin2hex((string) $destinationFolderProps[PR_PARENT_ENTRYID]), |
||
808 | 'store_entryid' => bin2hex((string) $storeProps[PR_ENTRYID]), |
||
809 | 'props' => [ |
||
810 | 'content_unread' => $this->allowUpdateCounter ? $destinationFolderProps[PR_CONTENT_UNREAD] + 1 : 0, |
||
811 | ], |
||
812 | ], |
||
813 | ], |
||
814 | ], |
||
815 | ], |
||
816 | ], |
||
817 | $this->notifierModule => [ |
||
818 | $notifierModuleId => [ |
||
819 | 'newobject' => [ |
||
820 | 'item' => [ |
||
821 | 0 => [ |
||
822 | 'content_count' => 2, |
||
823 | 'content_unread' => 0, |
||
824 | 'display_name' => 'subsubin', |
||
825 | 'entryid' => $this->destinationFolderId, |
||
826 | 'parent_entryid' => bin2hex((string) $destinationFolderProps[PR_PARENT_ENTRYID]), |
||
827 | 'store_entryid' => bin2hex((string) $storeProps[PR_ENTRYID]), |
||
828 | ], |
||
829 | ], |
||
830 | ], |
||
831 | ], |
||
832 | ], |
||
833 | ], |
||
834 | ]; |
||
835 | echo json_encode($return); |
||
836 | } |
||
837 | |||
838 | /** |
||
839 | * Function will encode all the necessary information about the exception |
||
840 | * into JSON format and send the response back to client. |
||
841 | * |
||
842 | * @param object $exception exception object |
||
843 | * @param string $title title which used to show as title of exception dialog |
||
844 | */ |
||
845 | public function handleUploadException($exception, $title = null) { |
||
846 | $return = []; |
||
0 ignored issues
–
show
|
|||
847 | |||
848 | // MAPI_E_NOT_FOUND exception contains generalize exception message. |
||
849 | // Set proper exception message as display message should be user understandable. |
||
850 | if ($exception->getCode() == MAPI_E_NOT_FOUND) { |
||
851 | $exception->setDisplayMessage(_('Could not find message, either it has been moved or deleted.')); |
||
852 | } |
||
853 | |||
854 | // Set the headers |
||
855 | header('Expires: 0'); // set expiration time |
||
856 | header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); |
||
857 | |||
858 | // Set Content Disposition header |
||
859 | header('Content-Disposition: inline'); |
||
860 | // Set content type header |
||
861 | header('Content-Type: text/plain'); |
||
862 | |||
863 | $return = [ |
||
864 | // 'success' property is needed for Extjs Ext.form.Action.Submit#success handler |
||
865 | 'success' => false, |
||
866 | 'zarafa' => [ |
||
867 | 'error' => [ |
||
868 | 'type' => ERROR_GENERAL, |
||
869 | 'info' => [ |
||
870 | 'file' => $exception->getFileLine(), |
||
871 | 'title' => $title, |
||
872 | 'display_message' => $exception->getDisplayMessage(), |
||
873 | 'original_message' => $exception->getMessage(), |
||
874 | ], |
||
875 | ], |
||
876 | ], |
||
877 | ]; |
||
878 | |||
879 | echo json_encode($return); |
||
880 | } |
||
881 | |||
882 | /** |
||
883 | * Generic function to check received data and take necessary action. |
||
884 | */ |
||
885 | public function upload() { |
||
886 | $this->attachment_state->open(); |
||
887 | |||
888 | // Check if dialog_attachments is set |
||
889 | if (isset($_REQUEST['dialog_attachments'])) { |
||
890 | // Check if attachments have been uploaded |
||
891 | if (isset($_FILES['attachments']) && is_array($_FILES['attachments'])) { |
||
892 | // import given files into respective webapp folder |
||
893 | $this->processFiles(); |
||
894 | } |
||
895 | elseif (isset($_POST['deleteattachment'])) { |
||
896 | $this->deleteUploadedFiles(); |
||
897 | } |
||
898 | elseif (isset($_POST['entryid'])) { // Check for adding of embedded attachments |
||
899 | $this->addingEmbeddedAttachments(); |
||
900 | } |
||
901 | } |
||
902 | elseif ($_GET && isset($_GET['attachment_id'])) { // this is to upload the file to server when the doc is send via OOo |
||
903 | $this->uploadWhenWendViaOOO(); |
||
904 | } |
||
905 | |||
906 | $this->attachment_state->close(); |
||
907 | } |
||
908 | } |
||
909 | |||
910 | // create instance of class |
||
911 | $uploadInstance = new UploadAttachment(); |
||
912 | |||
913 | try { |
||
914 | // initialize variables |
||
915 | $uploadInstance->init($_REQUEST); |
||
916 | |||
917 | // upload files |
||
918 | $uploadInstance->upload(); |
||
919 | } |
||
920 | catch (ZarafaException $e) { |
||
921 | $uploadInstance->handleUploadException($e, $e->getTitle()); |
||
922 | } |
||
923 | catch (Exception $e) { |
||
924 | $uploadInstance->handleUploadException($e); |
||
925 | } |
||
926 |