diff --git a/account.php b/account.php
index b6f1d04ff144dc256b554d19e3d9eb4b25200960..f57eefbf1a1774d253890efa4a61ee3bb01096af 100644
--- a/account.php
+++ b/account.php
@@ -30,7 +30,7 @@ elseif ($thisclient) {
// Guest registering for an account
if ($thisclient->isGuest()) {
foreach ($thisclient->getForms() as $f) {
- if ($f->get('type') == 'U') {
+ if ($f->get('object_type') == 'U') {
$user_form = $f;
$user_form->getField('email')->configure('disabled', true);
}
diff --git a/include/class.forms.php b/include/class.forms.php
index 8c1e8e454bc39687383d386734bffb85729f203c..7e092ad9a65c028d17f0e1da2abac5785074d14b 100644
--- a/include/class.forms.php
+++ b/include/class.forms.php
@@ -2578,7 +2578,12 @@ class FileUploadField extends FormField {
if (!($F = AttachmentFile::upload($file)))
Http::response(500, 'Unable to store file: '. $file['error']);
- return $F->getId();
+ $id = $F->getId();
+
+ // This file is allowed for attachment in this session
+ $_SESSION[':uploadedFiles'][$id] = 1;
+
+ return $id;
}
/**
@@ -3655,20 +3660,34 @@ class FileUploadWidget extends Widget {
}
// If no value was sent, assume an empty list
- $base = parent::getValue();
- if (!$base)
+ if (!($files = parent::getValue()))
return array();
- if (is_array($base)) {
- foreach ($base as $info) {
- @list($id, $name) = explode(',', $info, 2);
- // Keep the values as the IDs
- if ($name)
- $ids[$name] = $id;
- else
- $ids[] = $id;
- }
+ // Files uploaded here MUST have been uploaded by this user and
+ // identified in the session
+ $allowed = array();
+ // Files already attached to the field are allowed
+ foreach ($this->field->getFiles() as $f) {
+ $allowed[$f->id] = 1;
+ }
+
+ // New files uploaded in this session are allowed
+ if (isset($_SESSION[':uploadedFiles']))
+ $allowed += $_SESSION[':uploadedFiles'];
+
+ // Parse the files and make sure it's allowed.
+ foreach ($files as $info) {
+ @list($id, $name) = explode(',', $info, 2);
+ if (!isset($allowed[$id]))
+ continue;
+
+ // Keep the values as the IDs
+ if ($name)
+ $ids[$name] = $id;
+ else
+ $ids[] = $id;
}
+
return $ids;
}
}
diff --git a/include/class.mailfetch.php b/include/class.mailfetch.php
index 1aa28471ed43c50764e44a713970a1893ba0a955..94b80c91aa9cd71a4089a9da2fe21550776d0631 100644
--- a/include/class.mailfetch.php
+++ b/include/class.mailfetch.php
@@ -194,6 +194,30 @@ class MailFetcher {
$text=imap_binary($text);
break;
case 3:
+ if (strlen($text) > (1 << 20)) {
+ try {
+ if (!($temp = tempnam(sys_get_temp_dir(), 'attachments'))
+ || !($f = fopen($temp, 'w'))
+ ) {
+ throw new Exception();
+ }
+ $s_filter = stream_filter_append($f, 'convert.base64-decode',STREAM_FILTER_WRITE);
+ if (!fwrite($f, $text))
+ throw new Exception();
+ stream_filter_remove($s_filter);
+ fclose($f);
+ if (!($f = fopen($temp, 'r')) || !($text = fread($f, filesize($temp))))
+ throw new Exception();
+ fclose($f);
+ unlink($temp);
+ break;
+ }
+ catch (Exception $e) {
+ // Noop. Fall through to imap_base64 method below
+ @fclose($f);
+ @unlink($temp);
+ }
+ }
// imap_base64 implies strict mode. If it refuses to decode the
// data, then fallback to base64_decode in non-strict mode
$text = (($conv=imap_base64($text))) ? $conv : base64_decode($text);