| | |
|---|
| | | if (preg_match('/expression|behavior|url\(|import/', $stripped)) |
|---|
| | | return '/* evil! */'; |
|---|
| | | |
|---|
| | | // remove css comments (sometimes used for some ugly hacks) |
|---|
| | | $source = preg_replace('!/\*(.+)\*/!Ums', '', $source); |
|---|
| | | |
|---|
| | | // cut out all contents between { and } |
|---|
| | | while (($pos = strpos($source, '{', $last_pos)) && ($pos2 = strpos($source, '}', $pos))) |
|---|
| | | { |
|---|
| | |
|---|
| | | $source = substr($source, 0, $pos+1) . $replacements->get_replacement($key) . substr($source, $pos2, strlen($source)-$pos2); |
|---|
| | | $last_pos = $pos+2; |
|---|
| | | } |
|---|
| | | |
|---|
| | | |
|---|
| | | // remove html comments and add #container to each tag selector. |
|---|
| | | // also replace body definition because we also stripped off the <body> tag |
|---|
| | | $styles = preg_replace( |
|---|
| | | array( |
|---|
| | | '/(^\s*<!--)|(-->\s*$)/', |
|---|
| | | '/(^\s*|,\s*|\}\s*)([a-z0-9\._#][a-z0-9\.\-_]*)/im', |
|---|
| | | '/(^\s*|,\s*|\}\s*)([a-z0-9\._#\*][a-z0-9\.\-_]*)/im', |
|---|
| | | "/$container_id\s+body/i", |
|---|
| | | ), |
|---|
| | | array( |
|---|
| | |
|---|
| | | return true; |
|---|
| | | } |
|---|
| | | |
|---|
| | | $log_entry = sprintf("[%s]: %s\n", $date, $line); |
|---|
| | | |
|---|
| | | if ($CONFIG['log_driver'] == 'syslog') { |
|---|
| | | $prio = $name == 'errors' ? LOG_ERR : LOG_INFO; |
|---|
| | | syslog($prio, $log_entry); |
|---|
| | | syslog($prio, $line); |
|---|
| | | return true; |
|---|
| | | } |
|---|
| | | else { |
|---|
| | | $line = sprintf("[%s]: %s\n", $date, $line); |
|---|
| | | |
|---|
| | | // log_driver == 'file' is assumed here |
|---|
| | | if (empty($CONFIG['log_dir'])) |
|---|
| | | $CONFIG['log_dir'] = INSTALL_PATH.'logs'; |
|---|
| | |
|---|
| | | // try to open specific log file for writing |
|---|
| | | $logfile = $CONFIG['log_dir'].'/'.$name; |
|---|
| | | if ($fp = @fopen($logfile, 'a')) { |
|---|
| | | fwrite($fp, $log_entry); |
|---|
| | | fwrite($fp, $line); |
|---|
| | | fflush($fp); |
|---|
| | | fclose($fp); |
|---|
| | | return true; |
|---|
| | |
|---|
| | | if ($hook['abort']) |
|---|
| | | return; |
|---|
| | | |
|---|
| | | $lang = strtolower(substr($_SESSION['language'], 0, 2)); |
|---|
| | | $lang = strtolower($_SESSION['language']); |
|---|
| | | |
|---|
| | | // TinyMCE uses 'tw' for zh_TW (which is wrong, because tw is a code of Twi language) |
|---|
| | | $lang = ($lang == 'zh_tw') ? 'tw' : substr($lang, 0, 2); |
|---|
| | | |
|---|
| | | if (!file_exists(INSTALL_PATH . 'program/js/tiny_mce/langs/'.$lang.'.js')) |
|---|
| | | $lang = 'en'; |
|---|
| | | |
|---|
| | |
|---|
| | | function rcube_https_check($port=null, $use_https=true) |
|---|
| | | { |
|---|
| | | global $RCMAIL; |
|---|
| | | |
|---|
| | | |
|---|
| | | if (!empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) != 'off') |
|---|
| | | return true; |
|---|
| | | if (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'https') |
|---|
| | | return true; |
|---|
| | | if ($port && $_SERVER['SERVER_PORT'] == $port) |
|---|
| | | return true; |
|---|
| | |
|---|
| | | // from PEAR::Validate |
|---|
| | | $regexp = '&^(?: |
|---|
| | | ("\s*(?:[^"\f\n\r\t\v\b\s]+\s*)+")| #1 quoted name |
|---|
| | | ([-\w!\#\$%\&\'*+~/^`|{}]+(?:\.[-\w!\#\$%\&\'*+~/^`|{}]+)*)) #2 OR dot-atom |
|---|
| | | ([-\w!\#\$%\&\'*+~/^`|{}=]+(?:\.[-\w!\#\$%\&\'*+~/^`|{}=]+)*)) #2 OR dot-atom (RFC5322) |
|---|
| | | $&xi'; |
|---|
| | | |
|---|
| | | if (!preg_match($regexp, $local_part)) |
|---|
| | |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | ?> |
|---|
