Domů Procházet Nápověda
Přihlásit se
mirrors
/
mailcow-dockerized
zrcadlo https://github.com/mailcow/mailcow-dockerized
2
0
Rozštěpit 0
Soubory Úkoly 0 Wiki
Strom: 161a72dc8e
Větve Značky
mailcow-dockeri...
/
data
/
web
/
inc
/
ajax
/
qitem_details.php

qitem_details.php 3.3 KB
Historie Surový

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495 
  1. <?php
    2. 

  2. session_start();
    3. 

  3. header("Content-Type: application/json");
    4. 

  4. require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/prerequisites.inc.php';
    5. 

  5. if (!isset($_SESSION['mailcow_cc_role'])) {
    6. 

  6. 	exit();
    7. 

  7. }
    8. 

  8. function rrmdir($src) {
    9. 

  9.   $dir = opendir($src);
    10. 

  10.   while(false !== ( $file = readdir($dir)) ) {
    11. 

  11.     if (( $file != '.' ) && ( $file != '..' )) {
    12. 

  12.       $full = $src . '/' . $file;
    13. 

  13.       if ( is_dir($full) ) {
    14. 

  14.         rrmdir($full);
    15. 

  15.       }
    16. 

  16.       else {
    17. 

  17.         unlink($full);
    18. 

  18.       }
    19. 

  19.     }
    20. 

  20.   }
    21. 

  21.   closedir($dir);
    22. 

  22.   rmdir($src);
    23. 

  23. }
    24. 

  24. if (!empty($_GET['id']) && ctype_alnum($_GET['id'])) {
    25. 

  25.   $tmpdir = '/tmp/' . $_GET['id'] . '/';
    26. 

  26.   $mailc = quarantine('details', $_GET['id']);
    27. 

  27.   if (strlen($mailc['msg']) > 10485760) {
    28. 

  28.     echo json_encode(array('error' => 'Message size exceeds 10 MiB.'));
    29. 

  29.     exit;
    30. 

  30.   }
    31. 

  31.   if (!empty($mailc['msg'])) {
    32. 

  32.     // Init message array
    33. 

  33.     $data = array();
    34. 

  34.     // Init parser
    35. 

  35.     $mail_parser = new PhpMimeMailParser\Parser();
    36. 

  36.     $html2text = new Html2Text\Html2Text();
    37. 

  37.     // Load msg to parser
    38. 

  38.     $mail_parser->setText($mailc['msg']);
    39. 

  39.     // Get text/plain content
    40. 

  40.     $data['text_plain'] = $mail_parser->getMessageBody('text');
    41. 

  41.     // Get html content and convert to text
    42. 

  42.     $data['text_html'] = $html2text->convert($mail_parser->getMessageBody('html'));
    43. 

  43.     if (empty($data['text_plain']) && empty($data['text_html'])) {
    44. 

  44.       // Failed to parse content, try raw
    45. 

  45.       $text = trim(substr($mailc['msg'], strpos($mailc['msg'], "\r\n\r\n") + 1));
    46. 

  46.       // Only return html->text
    47. 

  47.       $data['text_plain'] = 'Parser failed, assuming HTML';
    48. 

  48.       $data['text_html'] = $html2text->convert($text);
    49. 

  49.     }
    50. 

  50.     (empty($data['text_plain'])) ? $data['text_plain'] = '-' : null;
    51. 

  51.     // Get subject
    52. 

  52.     $data['subject'] = $mail_parser->getHeader('subject');
    53. 

  53.     (empty($data['subject'])) ? $data['subject'] = '-' : null;
    54. 

  54.     // Get attachments
    55. 

  55.     if (is_dir($tmpdir)) {
    56. 

  56.       rrmdir($tmpdir);
    57. 

  57.     }
    58. 

  58.     mkdir('/tmp/' . $_GET['id']);
    59. 

  59.     $mail_parser->saveAttachments($tmpdir, true);
    60. 

  60.     $atts = $mail_parser->getAttachments(true);
    61. 

  61.     if (count($atts) > 0) {
    62. 

  62.       foreach ($atts as $key => $val) {
    63. 

  63.         $data['attachments'][$key] = array(
    64. 

  64.           // Index
    65. 

  65.           // 0 => file name
    66. 

  66.           // 1 => mime type
    67. 

  67.           // 2 => file size
    68. 

  68.           // 3 => vt link by sha256
    69. 

  69.           $val->getFilename(),
    70. 

  70.           $val->getContentType(),
    71. 

  71.           filesize($tmpdir . $val->getFilename()),
    72. 

  72.           'https://www.virustotal.com/file/' . hash_file('SHA256', $tmpdir . $val->getFilename()) . '/analysis/'
    73. 

  73.         );
    74. 

  74.       }
    75. 

  75.     }
    76. 

  76.     if (isset($_GET['att'])) {
    77. 

  77.       $dl_id = intval($_GET['att']);
    78. 

  78.       $dl_filename = $data['attachments'][$dl_id][0];
    79. 

  79.       if (!is_dir($tmpdir . $dl_filename) && file_exists($tmpdir . $dl_filename)) {
    80. 

  80.         header('Pragma: public');
    81. 

  81.         header('Expires: 0');
    82. 

  82.         header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
    83. 

  83.         header('Cache-Control: private', false);
    84. 

  84.         header('Content-Type: ' . $data['attachments'][$dl_id][1]);
    85. 

  85.         header('Content-Disposition: attachment; filename="'. $dl_filename . '";');
    86. 

  86.         header('Content-Transfer-Encoding: binary');
    87. 

  87.         header('Content-Length: ' . $data['attachments'][$dl_id][2]);
    88. 

  88.         readfile($tmpdir . $dl_filename);
    89. 

  89.         exit;
    90. 

  90.       }
    91. 

  91.     }
    92. 

  92.     echo json_encode($data);
    93. 

  93.   }
    94. 

  94. }
    95. 

  95. ?>
    96.