more client-side mail privacy work

Zotlabs/Module/Mail.php

@@ -22,32 +22,40 @@ class Mail extends \Zotlabs\Web\Controller {
 		$recipient = ((x($_REQUEST,'messageto'))    ? notags(trim($_REQUEST['messageto']))    : '');
 		$rstr      = ((x($_REQUEST,'messagerecip')) ? notags(trim($_REQUEST['messagerecip'])) : '');
 		$preview   = ((x($_REQUEST,'preview'))      ? intval($_REQUEST['preview'])            : 0);
-		$expires   = ((x($_REQUEST,'expires')) ? datetime_convert(date_default_timezone_get(),'UTC', $_REQUEST['expires']) : NULL_DATE);
+		$expires   = ((x($_REQUEST,'expires'))      ? datetime_convert(date_default_timezone_get(),'UTC', $_REQUEST['expires']) : NULL_DATE);
+		$raw       = ((x($_REQUEST,'raw'))          ? intval($_REQUEST['raw'])                : 0);
+		$mimetype  = ((x($_REQUEST,'mimetype'))     ? notags(trim($_REQUEST['mimetype']))     : 'text/bbcode');
 
 		if($preview) {
 
-			$body = cleanup_bbcode($body);
-			$results = linkify_tags($a, $body, local_channel());
+			if($raw) {
+				$body = mail_prepare_binary(['id' => 'M0']);
+				echo json_encode(['preview' => $body]);
+			}
+			else {
+				$body = cleanup_bbcode($body);
+				$results = linkify_tags($a, $body, local_channel());
 
-			if(preg_match_all('/(\[attachment\](.*?)\[\/attachment\])/',$body,$match)) {
-				$attachments = array();
-				foreach($match[2] as $mtch) {
-					$hash = substr($mtch,0,strpos($mtch,','));
-					$rev = intval(substr($mtch,strpos($mtch,',')));
-					$r = attach_by_hash_nodata($hash,get_observer_hash(),$rev);
-					if($r['success']) {
-						$attachments[] = array(
-							'href'     => z_root() . '/attach/' . $r['data']['hash'],
-							'length'   =>  $r['data']['filesize'],
-							'type'     => $r['data']['filetype'],
-							'title'    => urlencode($r['data']['filename']),
-							'revision' => $r['data']['revision']
-						);
+				if(preg_match_all('/(\[attachment\](.*?)\[\/attachment\])/',$body,$match)) {
+					$attachments = array();
+					foreach($match[2] as $mtch) {
+						$hash = substr($mtch,0,strpos($mtch,','));
+						$rev = intval(substr($mtch,strpos($mtch,',')));
+						$r = attach_by_hash_nodata($hash,get_observer_hash(),$rev);
+						if($r['success']) {
+							$attachments[] = array(
+								'href'     => z_root() . '/attach/' . $r['data']['hash'],
+								'length'   =>  $r['data']['filesize'],
+								'type'     => $r['data']['filetype'],
+								'title'    => urlencode($r['data']['filename']),
+								'revision' => $r['data']['revision']
+							);
+						}
+						$body = trim(str_replace($match[1],'',$body));
 					}
-					$body = trim(str_replace($match[1],'',$body));
+					echo json_encode(['preview' => zidify_links(smilies(bbcode($body)))]);
 				}
 			}
-			echo json_encode(['preview' => zidify_links(smilies(bbcode($body)))]);
 			killme();
 		} 
 
@@ -102,35 +110,9 @@ class Mail extends \Zotlabs\Web\Controller {
 			}
 		}
 	
-	//	if(feature_enabled(local_channel(),'richtext')) {
-	//		$body = fix_mce_lf($body);
-	//	}
-	
 		require_once('include/text.php');
 		linkify_tags($a, $body, local_channel());
 	
-		// I don't think this is used any more.
-
-		if($preview) {
-			$mail = [
-				'mailbox'     => 'outbox',
-				'id'          => 0,
-				'mid'         => 'M0',
-				'from_name'   => $channel['xchan_name'],
-				'from_url'    => $channel['xchan_url'],
-				'from_photo'  => $channel['xchan_photo_s'],
-				'subject'     => zidify_links(smilies(bbcode($subject))),
-				'body'        => zidify_links(smilies(bbcode($body))),
-				'attachments' => '',
-				'can_recall'  => false,
-				'is_recalled' => '',
-				'date'        => datetime_convert('UTC',date_default_timezone_get(),$message['created'], 'c')
-			];
-			
-			echo replace_macros(get_markup_template('mail_conv.tpl'), [ '$mail' => $mail ] );
-			killme();
-
-		}
 
 		if(! $recipient) {
 			notice('No recipient found.');
@@ -141,7 +123,7 @@ class Mail extends \Zotlabs\Web\Controller {
 	
 		// We have a local_channel, let send_message use the session channel and save a lookup
 		
-		$ret = send_message(0, $recipient, $body, $subject, $replyto, $expires);
+		$ret = send_message(0, $recipient, $body, $subject, $replyto, $expires, $mimetype, $raw);
 	
 		if($ret['success']) {
 			xchan_mail_query($ret['mail']);

include/items.php

@@ -1359,6 +1359,8 @@ function encode_mail($item,$extended = false) {
 	$x['body']           = $item['body'];
 	$x['from']           = encode_item_xchan($item['from']);
 	$x['to']             = encode_item_xchan($item['to']);
+	$x['raw']            = $item['mail_raw'];
+	$x['mimetype']       = $item['mail_mimetype'];
 
 	if($item['attach'])
 		$x['attach']     = json_decode($item['attach'],true);
@@ -1392,9 +1394,16 @@ function get_mail_elements($x) {
 
 	$arr = array();
 
-	$arr['body']         = (($x['body']) ? htmlspecialchars($x['body'], ENT_COMPAT,'UTF-8',false) : '');
-	$arr['title']        = (($x['title'])? htmlspecialchars($x['title'],ENT_COMPAT,'UTF-8',false) : '');
+	if(intval($x['raw'])) {
+		$arr['mail_raw'] = intval($x['raw']);
+		$arr['body']     = $x['body'];
+	}
+	else {
+		$arr['body']         = (($x['body']) ? htmlspecialchars($x['body'], ENT_COMPAT,'UTF-8',false) : '');
+	}
 
+	$arr['title']        = (($x['title'])? htmlspecialchars($x['title'],ENT_COMPAT,'UTF-8',false) : '');
+	$arr['mail_mimetype'] = (($x['mimetype']) ? htmlspecialchars($x['mimetype'],ENT_COMPAT,'UTF-8',false) : 'text/bbcode');
 	$arr['conv_guid']    = (($x['conv_guid'])? htmlspecialchars($x['conv_guid'],ENT_COMPAT,'UTF-8',false) : '');
 
 	$arr['created']      = datetime_convert('UTC','UTC',$x['created']);
@@ -3032,8 +3041,10 @@ function mail_store($arr) {
 	$arr['body']          = ((x($arr,'body'))          ? trim($arr['body'])                  : '');
 	$arr['sig']           = ((x($arr,'sig'))           ? trim($arr['sig'])                   : '');
 	$arr['conv_guid']     = ((x($arr,'conv_guid'))     ? trim($arr['conv_guid'])             : '');
+	$arr['mail_mimetype'] = ((x($arr,'mail_mimetype')) ? trim($arr['mail_mimetype'])         : 'text/bbcode');
 
 	$arr['mail_flags']    = ((x($arr,'mail_flags'))    ? intval($arr['mail_flags'])          : 0 );
+	$arr['mail_raw']      = ((x($arr,'mail_raw'))      ? intval($arr['mail_raw'])            : 0 );
 
 	if(! $arr['parent_mid']) {
 		logger('mail_store: missing parent');

include/message.php

@@ -5,10 +5,20 @@
 require_once('include/crypto.php');
 require_once('include/attach.php');
 
+
+function mail_prepare_binary($item) {
+
+	return replace_macros(get_markup_template('item_binary.tpl'), [
+		'$download'  => t('Download binary/encrypted content'),
+		'$url'       => z_root() . '/mail/' . $item['id'] . '/download'
+	]);
+}
+
+
 // send a private message
 	
 
-function send_message($uid = 0, $recipient = '', $body = '', $subject = '', $replyto = '', $expires = NULL_DATE) { 
+function send_message($uid = 0, $recipient = '', $body = '', $subject = '', $replyto = '', $expires = NULL_DATE, $mimetype = 'text/bbcode', $raw = false) { 
 
 	$ret = array('success' => false);
 	$is_reply = false;
@@ -192,8 +202,8 @@ function send_message($uid = 0, $recipient = '', $body = '', $subject = '', $rep
 	$sig = ''; // placeholder
 	$mimetype = ''; //placeholder
 
-	$r = q("INSERT INTO mail ( account_id, conv_guid, mail_obscured, channel_id, from_xchan, to_xchan, mail_mimetype, title, body, sig, attach, mid, parent_mid, created, expires, mail_isreply )
-		VALUES ( %d, '%s', %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d )",
+	$r = q("INSERT INTO mail ( account_id, conv_guid, mail_obscured, channel_id, from_xchan, to_xchan, mail_mimetype, title, body, sig, attach, mid, parent_mid, created, expires, mail_isreply, mail_raw )
+		VALUES ( %d, '%s', %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d )",
 		intval($channel['channel_account_id']),
 		dbesc($conv_guid),
 		intval(1),
@@ -209,7 +219,8 @@ function send_message($uid = 0, $recipient = '', $body = '', $subject = '', $rep
 		dbesc($replyto),
 		dbesc(datetime_convert()),
 		dbescdate($expires),
-		intval($is_reply)
+		intval($is_reply),
+		intval($raw)
 	);
 
 	// verify the save