Source of “pachyparts.php”.
75 lines, 2.9 KBytes.   Last modified 6:08 pm, 1st September 2015 PDT.
1 <?php // Emacs settings: -*- mode: Fundamental; tab-width: 4; -*- 2 3 //////////////////////////////////////////////////////////////////////////// 4 // // 5 // Pachylet: Andrew's Web Mail Interface, Version 2 // 6 // // 7 // Copyright (c) 2014 // 8 // // 9 // See http://birrell.org/pachylet/help.php // 10 // // 11 // Reading attachments // 12 // // 13 //////////////////////////////////////////////////////////////////////////// 14 15 require("pachysql.php"); 16 require("pachyauth.php"); 17 18 function complain($user, $partID, $msg) { 19 // Report an authentication failure or incorrect URL. 20 // 21 $redirectTo = "https://" . 22 $_SERVER["SERVER_NAME"] . 23 dirname($_SERVER["SCRIPT_NAME"]) . 24 "/pachyparts2.php?user=" . urlencode($user) . 25 "&part=" . urlencode($partID) . 26 "&msg=" . urlencode($msg); 27 header("Location: $redirectTo"); 28 echo "<html><head><title>Redirect</title></head><body>\n"; 29 echo "Redirecting to " . htmlspecialchars($redirectTo) . "\n"; 30 echo "</body></html>\n"; 31 exit; 32 } 33 34 $args = ($_SERVER['REQUEST_METHOD'] == "POST" ? $_POST : $_GET); 35 $user = (isset($args["user"]) ? $args["user"] : "unset"); 36 $loginPwd = (isset($args["loginPwd"]) ? $args["loginPwd"] : ""); 37 $partID = 0 + (isset($args["part"]) ? $args["part"] : 0); 38 $dk = readDk(); 39 if ($loginPwd != "") $dk = getDerivedKey($user, $loginPwd); 40 if (!($h2 = verifyDerivedKey($user, $dk))) { 41 complain($user, $partID, 42 (isset($args["loginPwd"]) ? 43 ($loginPwd == "" ? "pwdMissing" : "pwdIncorrect") : 44 ($dk == "unset" ? "missing" : "incorrect"))); 45 } else if (!connectDB($user, $h2)) { 46 complain($user, $partID, "mysql"); 47 } else { 48 if ($loginPwd != "") { 49 recordDk($user, $dk); 50 writeLog("user $user login ok"); 51 } 52 $part = getPart($user, $partID); 53 if (!$part) { 54 complain($user, $partID, "notFound"); 55 } else { 56 $type = getPartType($part); 57 if ($part->type == "message" || 58 $type == "text/rfc822-headers") $type = "text/plain"; 59 $name = safeName(getParam($part->parameters, "NAME")); 60 $filename = safeName(getParam($part->dparameters, "FILENAME")); 61 if (is_null($filename)) $filename = $name; 62 header("Content-type: $type; charset=iso-8859-1" . 63 (is_null($name) ? "" : "; name=$name") ); 64 header("Content-Disposition: inline" . 65 (is_null($filename) ? "" : "; filename=$filename") ); 66 if ($part->id != 0 && 67 $part->type == "text" && $part->subtype == "HTML") { 68 echo getHtmlContent($user, $partID, false); 69 } else { 70 echo getRawContentWithUUDecode($user, $part); 71 } 72 } 73 } 74 75 ?>
End of listing