Adding admin option to fix PDF mimetypes on ticket creation, and remo…

…ving option for GoogleDocsViewer, it can't work.
clonemeagain · Jun 14, 2017 · 0295e88 · 0295e88
1 parent 6cd3933
commit 0295e88
Show file tree

Hide file tree

Showing 2 changed files with 36 additions and 13 deletions.
diff --git a/class.AttachmentPreviewPlugin.php b/class.AttachmentPreviewPlugin.php
@@ -81,6 +81,8 @@ function uninstall() {
 		parent::uninstall ( $errors );
 	}
 	function bootstrap() {
+		$config = $this->getConfig ();
+
 		// Assuming that other plugins want to inject an element or two..
 		// Provide a connection point to the attachments.wrapper
 		Signal::connect ( self::signal_id, function ($object, $data) {
@@ -96,6 +98,17 @@ function bootstrap() {
 		$this->checkPermissionsAndRun ();
 		if (self::DEBUG)
 			error_log ( "Attachments Plugin Active." );
+
+		if ($config->get ( 'coerce-pdf' )) {
+			// Need to ensure attachments are saved with the correct mime-type. For some reason, a lot of my PDF's are coming through as octet-streams.. not useful.
+			Signal::connect ( 'ticket.created', function ($ticket, $data) {
+				// Find any attachments for this ticket
+				// See if any of them are PDF's
+				// Change the mimetype saved for that attachment..
+				db_query ( "update " . FILE_TABLE . " SET type = 'application/pdf' WHERE name like '%.pdf' and type like '%octet-stream'" );
+				// Well, it's a bit brutal the first time, but after that, should be quick.. :-)
+			} );
+		}
 	}
 
 	/**
@@ -184,6 +197,7 @@ private function findAttachableStuff($html) {
 		$office = array (
 				'doc' => 'addGoogleDocsViewer',
 				'docx' => 'addGoogleDocsViewer',
+				// 'csv' => 'addGoogleDocsViewer',
 				'xls' => 'addGoogleDocsViewer',
 				'xlsx' => 'addGoogleDocsViewer',
 				'ppt' => 'addGoogleDocsViewer',
@@ -199,6 +213,7 @@ private function findAttachableStuff($html) {
 				'jpeg' => 'addIMG' 
 		);
 		$higher_risk = array (
+				'csv' => 'addTEXT',
 				'txt' => 'addTEXT',
 				'html' => 'addHTML' 
 		);
@@ -450,13 +465,13 @@ private function addPDF(DOMDocument $doc, DOMElement $link) {
 		$pdf = $doc->createElement ( 'object' );
 		$pdf->setAttribute ( 'width', '100%' );
 		$pdf->setAttribute ( 'height', '1000px' );
-		$pdf->setAttribute ( 'data', $link->getAttribute ( 'href' ) );
+		$pdf->setAttribute ( 'data', $link->getAttribute ( 'href' ) . '&disposition=inline' );
 		$pdf->setAttribute ( 'type', 'application/pdf' );
 
 		$emb = $doc->createElement ( 'embed' );
 		$emb->setAttribute ( 'width', '100%' );
 		$emb->setAttribute ( 'height', '1000px' );
-		$emb->setAttribute ( 'src', $link->getAttribute ( 'href' ) );
+		$emb->setAttribute ( 'src', $link->getAttribute ( 'href' ) . '&disposition=inline' );
 		$emb->setAttribute ( 'type', 'application/pdf' );
 		$pdf->appendChild ( $emb ); // for lower class browsers..
 
@@ -542,8 +557,8 @@ private function addHTML(DOMDocument $doc, DOMElement $link) {
 
 		// The files are getting complex to parse manually.. and need to be downloaded by the browser to display anyway,
 		// let's just try a wee script to pull them?
-		// It's a bit messy, but the first script is only included once.. and it is used to prevent some XSS type attacks.. 
-		// wouldn't want an html attachment to break everything.. 
+		// It's a bit messy, but the first script is only included once.. and it is used to prevent some XSS type attacks..
+		// wouldn't want an html attachment to break everything..
 		static $trim_func;
 		if (! $trim_func) {
 			$trim_func = TRUE;
@@ -591,7 +606,7 @@ function strip_tags (input, allowed) {
 		$url = $link->getAttribute ( 'href' );
 		$id = md5 ( $url );
 		$s = $doc->createElement ( 'script' );
-		$s->setAttribute('name','Attachment Fetching Script..');
+		$s->setAttribute ( 'name', 'Attachment Fetching Script..' );
 
 		// Find the parent of itself and replace it's contents (ie, this script) with the remote HTML file's code, after removing most of the cruft/dangerzone stuff:
 		$s->nodeValue = '$(document).ready(function(){$.get("' . $url . '",function(data){$("#' . $id . '").html($("<div>" + $.trim(sanitizer.sanitize(data)) + "</div>"));});});';
@@ -642,7 +657,7 @@ private function addTEXT(DOMDocument $doc, DOMElement $link) {
 		$pre = $doc->createElement ( 'pre' );
 		$pre->setAttribute ( 'id', $id );
 		$pre->appendChild ( $s );
-		$this->wrap ( $doc, $link, $pre);
+		$this->wrap ( $doc, $link, $pre );
 
 		return;
 
@@ -658,10 +673,14 @@ private function addTEXT(DOMDocument $doc, DOMElement $link) {
 	/**
 	 * Attempts to inject a google-doc-viewer iframe for an attached file
 	 *
+	 * Doesn't actually work, because the request uses the session to validate the user.. :-(
+	 *
+	 * Nice idea though
+	 *
 	 * @param DOMDocument $doc        	
 	 * @param DOMElement $link        	
 	 */
-	private function addGoogleDocViewer(DOMDocument $doc, DOMElement $link) {
+	private function disabled_addGoogleDocsViewer(DOMDocument $doc, DOMElement $link) {
 		// Recreate something like: <iframe style="width: 900px; height: 900px;" src="http://docs.google.com/gview?url=urltoyourworddocument&embedded=true" height="240" width="320" frameborder="0"></iframe>
 		$gdoc = $doc->createElement ( 'iframe' );
 		$gdoc->setAttribute ( 'style', 'width: 100%; height: 1000px;' );

diff --git a/config.php b/config.php
@@ -30,6 +30,10 @@ function getOptions() {
 				'attachment' => new SectionBreakField ( array (
 						'label' => $__ ( 'Attachment Inliner' ) 
 				) ),
+				'coerce-pdf' => new BooleanField ( array (
+						'label' => $__ ( 'Force PDF attachment mime' ),
+						'hint' => $__ ( 'Forces PDF files to have the correct application/pdf mimetype in the database.' ) 
+				) ),
 
 				'attachment-video' => new BooleanField ( array (
 						'label' => $__ ( 'Convert Youtube/video to Player' ),
@@ -39,7 +43,7 @@ function getOptions() {
 				'attachment-allowed' => new ChoiceField ( array (
 						'label' => $__ ( 'Choose the types of attachments to inline.' ),
 						'default' => 'pdf-image',
-						'hint' => $__ ( "While HTML and Text documents are filtered before being inserted in the DOM, there is always a chance this is riskier than necessary, Has no effect if txt & html extensions are not allowed to be attached in the first place. ALL also includes a Google Docs viewer for docx/xls etc files." ),
+						'hint' => $__ ( "While HTML and Text documents are filtered before being inserted in the DOM, there is always a chance this is riskier than necessary, Has no effect if txt & html extensions are not allowed to be attached in the first place." ),
 						'choices' => array (
 								'none' => $__ ( 'Safest: OFF' ),
 								'pdf' => $__ ( 'PDF Only' ),
@@ -55,13 +59,13 @@ function getOptions() {
 						'hint' => 'Who needs access to these embedded fields?',
 						'choices' => array (
 								'disabled' => $__ ( 'Disabled' ),
-								'staff' => $__ ( 'Agents Only' ),
-								'all' => $__ ( 'Agents & Customers' ) 
+								'staff' => $__ ( 'Agents Only' ) 
+							// 'all' => $__ ( 'Agents & Customers' )
 						) 
-				) ),
-				'attachment-enabled-kb' => new Booleanfield ( array (
-						'label' => $__ ( 'Display inline for Knowledgebase Articles as well.' ) 
 				) ) 
+			// 'attachment-enabled-kb' => new Booleanfield ( array (
+			// 'label' => $__ ( 'Display inline for Knowledgebase Articles as well.' )
+			// ) )
 		);
 	}
 }