From 2f2f15b7aabe19e45dad9bddb7eb7f4394aa1e21 Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Mon, 04 Sep 2006 08:26:30 -0400
Subject: [PATCH] Little improvements for message parsing and encoding
---
program/steps/mail/func.inc | 193 ++++++++++++++++-------------------------------
1 files changed, 66 insertions(+), 127 deletions(-)
diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc
index cbe4559..0cd6652 100644
--- a/program/steps/mail/func.inc
+++ b/program/steps/mail/func.inc
@@ -214,7 +214,7 @@
else if ($folder['id']==$CONFIG['junk_mbox'])
$class_name = 'junk';
- $js_name = rep_specialchars_output($folder['id'], 'js');
+ $js_name = htmlspecialchars(rep_specialchars_output($folder['id'], 'js'));
$out .= sprintf('<li id="rcmbx%s" class="mailbox %s %s%s%s"><a href="%s&_mbox=%s"'.
' onclick="return %s.command(\'list\',\'%s\')"'.
' onmouseover="return %s.focus_mailbox(\'%s\')"' .
@@ -271,7 +271,7 @@
}
$out .= sprintf('<option value="%s">%s%s</option>'."\n",
- $folder['id'],
+ htmlspecialchars($folder['id']),
str_repeat(' ', $nestLevel*4),
rep_specialchars_output($foldername, 'html', 'all'));
@@ -611,7 +611,7 @@
function rcmail_quota_display($attrib)
{
- global $IMAP, $OUTPUT, $JS_OBJECT_NAME;
+ global $IMAP, $OUTPUT, $JS_OBJECT_NAME, $COMM_PATH;
if (!$attrib['id'])
$attrib['id'] = 'rcmquotadisplay';
@@ -620,11 +620,33 @@
// allow the following attributes to be added to the <span> tag
$attrib_str = create_attrib_string($attrib, array('style', 'class', 'id'));
-
+
if (!$IMAP->get_capability('QUOTA'))
$quota_text = rcube_label('unknown');
- else if (!($quota_text = $IMAP->get_quota()))
+ else if ($quota = $IMAP->get_quota())
+ {
+ $quota_text = sprintf("%s / %s (%.0f%%)",
+ show_bytes($quota["used"] * 1024),
+ show_bytes($quota["total"] * 1024),
+ $quota["percent"]);
+
+ // show quota as image (by Brett Patterson)
+ if ($attrib['display'] == 'image' && function_exists('imagegif'))
+ {
+ $attrib += array('width' => 100, 'height' => 14);
+ $quota_text = sprintf('<img src="%s&_action=quotaimg&u=%s&q=%d&w=%d&h=%d" width="%d" height="%d" alt="%s" title="%s / %s" />',
+ $COMM_PATH,
+ $quota['used'], $quota['total'],
+ $attrib['width'], $attrib['height'],
+ $attrib['width'], $attrib['height'],
+ $quota_text,
+ show_bytes($quota["used"] * 1024),
+ show_bytes($quota["total"] * 1024));
+ }
+ }
+ else
$quota_text = rcube_label('unlimited');
+
$out = '<span' . $attrib_str . '>';
$out .= $quota_text;
@@ -671,20 +693,23 @@
// text/html
if ($part->ctype_secondary=='html')
{
+ // remove charset specification in HTML message
+ $body = preg_replace('/charset=[a-z0-9\-]+/i', '', $body);
+
if (!$safe) // remove remote images and scripts
{
- $remote_patterns = array('/(src|background)=(["\']?)([hftps]{3,5}:\/{2}[^"\'\s]+)(\2|\s|>)/Ui',
- // '/(src|background)=(["\']?)([\.\/]+[^"\'\s]+)(\2|\s|>)/Ui',
+ $remote_patterns = array('/<img\s+(.*)src=(["\']?)([hftps]{3,5}:\/{2}[^"\'\s]+)(\2|\s|>)/Ui',
+ '/(src|background)=(["\']?)([hftps]{3,5}:\/{2}[^"\'\s]+)(\2|\s|>)/Ui',
'/(<base.*href=["\']?)([hftps]{3,5}:\/{2}[^"\'\s]+)([^<]*>)/i',
'/(<link.*href=["\']?)([hftps]{3,5}:\/{2}[^"\'\s]+)([^<]*>)/i',
'/url\s*\(["\']?([hftps]{3,5}:\/{2}[^"\'\s]+)["\']?\)/i',
'/url\s*\(["\']?([\.\/]+[^"\'\s]+)["\']?\)/i',
'/<script.+<\/script>/Umis');
- $remote_replaces = array('', // '\\1=\\2#\\4',
- // '\\1=\\2#\\4',
+ $remote_replaces = array('<img \\1src=\\2./program/blank.gif\\4',
'',
- '', // '\\1#\\3',
+ '',
+ '',
'none',
'none',
'');
@@ -715,7 +740,7 @@
// make links and email-addresses clickable
$convert_patterns = $convert_replaces = $replace_strings = array();
- $url_chars = 'a-z0-9_\-\+\*\$\/&%=@#:';
+ $url_chars = 'a-z0-9_\-\+\*\$\/&%=@#:;';
$url_chars_within = '\?\.~,!';
$convert_patterns[] = "/([\w]+):\/\/([a-z0-9\-\.]+[a-z]{2,4}([$url_chars$url_chars_within]*[$url_chars])?)/ie";
@@ -726,39 +751,44 @@
$convert_patterns[] = '/([a-z0-9][a-z0-9\-\.\+\_]*@[a-z0-9]([a-z0-9\-][.]?)*[a-z0-9]\\.[a-z]{2,5})/ie';
$convert_replaces[] = "rcmail_str_replacement('<a href=\"mailto:\\1\" onclick=\"return $JS_OBJECT_NAME.command(\'compose\',\'\\1\',this)\">\\1</a>', \$replace_strings)";
+
+ if ($part->ctype_parameters['format'] != 'flowed')
+ $body = wordwrap(trim($body), 80);
- $body = wordwrap(trim($body), 80);
$body = preg_replace($convert_patterns, $convert_replaces, $body);
// split body into single lines
$a_lines = preg_split('/\r?\n/', $body);
+ $quote_level = 0;
// colorize quoted parts
for($n=0; $n<sizeof($a_lines); $n++)
{
$line = $a_lines[$n];
+ $quotation = '';
+ $q = 0;
+
+ if (preg_match('/^(>+\s*)/', $line, $regs))
+ {
+ $q = strlen(preg_replace('/\s/', '', $regs[1]));
+ $line = substr($line, strlen($regs[1]));
- if ($line{2}=='>')
- $color = 'red';
- else if ($line{1}=='>')
- $color = 'green';
- else if ($line{0}=='>')
- $color = 'blue';
- else
- $color = FALSE;
+ if ($q > $quote_level)
+ $quotation = str_repeat('<blockquote>', $q - $quote_level);
+ else if ($q < $quote_level)
+ $quotation = str_repeat("</blockquote>", $quote_level - $q);
+ }
+ else if ($quote_level > 0)
+ $quotation = str_repeat("</blockquote>", $quote_level);
- $line = rep_specialchars_output($line, 'html', 'replace', FALSE);
-
- if ($color)
- $a_lines[$n] = sprintf('<font color="%s">%s</font>', $color, $line);
- else
- $a_lines[$n] = $line;
+ $quote_level = $q;
+ $a_lines[$n] = $quotation . rep_specialchars_output($line, 'html', 'replace', FALSE);
}
// insert the links for urls and mailtos
$body = preg_replace("/##string_replacement\{([0-9]+)\}##/e", "\$replace_strings[\\1]", join("\n", $a_lines));
- return "<pre>\n".$body."\n</pre>";
+ return "<div class=\"pre\">".$body."\n</div>";
}
}
@@ -939,7 +969,7 @@
$a_replaces = array();
foreach ($sa_inline_objects as $inline_object)
- $a_replaces['cid:'.$inline_object->content_id] = sprintf($get_url, $inline_object->mime_id);
+ $a_replaces['cid:'.$inline_object->content_id] = htmlspecialchars(sprintf($get_url, $inline_object->mime_id));
// add replace array to each content part
// (will be applied later when part body is available)
@@ -1084,8 +1114,8 @@
foreach ($MESSAGE['attachments'] as $attach_prop)
{
if (strpos($attach_prop->mimetype, 'image/')===0)
- $out .= sprintf("\n<hr />\n<p align=\"center\"><img src=\"%s&_part=%s\" alt=\"%s\" title=\"%s\" /></p>\n",
- $GET_URL, $attach_prop->mime_id,
+ $out .= sprintf("\n<hr />\n<p align=\"center\"><img src=\"%s&_part=%s\" alt=\"%s\" title=\"%s\" /></p>\n",
+ htmlspecialchars($GET_URL), $attach_prop->mime_id,
$attach_prop->filename,
$attach_prop->filename);
}
@@ -1113,15 +1143,12 @@
// find STYLE tags
while (($pos = strpos($body_lc, '<style', $last_style_pos)) && ($pos2 = strpos($body_lc, '</style>', $pos)))
{
- $pos2 += 8;
- $body_pre = substr($body, 0, $pos);
- $styles = substr($body, $pos, $pos2-$pos);
- $body_post = substr($body, $pos2, strlen($body)-$pos2);
-
+ $pos = strpos($body_lc, '>', $pos)+1;
+
// replace all css definitions with #container [def]
- $styles = rcmail_mod_css_styles($styles, $container_id);
-
- $body = $body_pre . $styles . $body_post;
+ $styles = rcmail_mod_css_styles(substr($body, $pos, $pos2-$pos), $container_id);
+
+ $body = substr($body, 0, $pos) . $styles . substr($body, $pos2);
$last_style_pos = $pos2;
}
@@ -1247,94 +1274,6 @@
}
-// get source code of a specific message and cache it
-// deprecated
-function rcmail_message_source($uid)
- {
- global $IMAP, $DB, $CONFIG;
-
- // get message ID if uid is given
- $cache_key = $IMAP->mailbox.'.msg';
- $cached = $IMAP->get_cached_message($cache_key, $uid, FALSE);
-
- // message is cached in database
- if ($cached && !empty($cached->body))
- return $cached->body;
-
- if (!$cached)
- $headers = $IMAP->get_headers($uid);
- else
- $headers = &$cached;
-
- // create unique identifier based on message_id
- if (!empty($headers->messageID))
- $message_id = md5($headers->messageID);
- else
- $message_id = md5($headers->uid.'@'.$_SESSION['imap_host']);
-
- $temp_dir = $CONFIG['temp_dir'].(!eregi('\/$', $CONFIG['temp_dir']) ? '/' : '');
- $cache_dir = $temp_dir.$_SESSION['client_id'];
- $cache_path = $cache_dir.'/'.$message_id;
-
- // message is cached in temp dir
- if ($CONFIG['enable_caching'] && is_dir($cache_dir) && is_file($cache_path))
- {
- if ($fp = fopen($cache_path, 'r'))
- {
- $msg_source = fread($fp, filesize($cache_path));
- fclose($fp);
- return $msg_source;
- }
- }
-
-
- // get message from server
- $msg_source = $IMAP->get_raw_body($uid);
-
- // return message source without caching
- if (!$CONFIG['enable_caching'])
- return $msg_source;
-
-
- // let's cache the message body within the database
- if ($cached && ($CONFIG['db_max_length'] -300) > $headers->size)
- {
- $DB->query("UPDATE ".get_table_name('messages')."
- SET body=?
- WHERE user_id=?
- AND cache_key=?
- AND uid=?",
- $msg_source,
- $_SESSION['user_id'],
- $cache_key,
- $uid);
-
- return $msg_source;
- }
-
-
- // create dir for caching
- if (!is_dir($cache_dir))
- $dir = mkdir($cache_dir);
- else
- $dir = true;
-
- // attempt to write a file with the message body
- if ($dir && ($fp = fopen($cache_path, 'w')))
- {
- fwrite($fp, $msg_source);
- fclose($fp);
- }
- else
- {
- raise_error(array('code' => 403, 'type' => 'php', 'line' => __LINE__, 'file' => __FILE__,
- 'message' => "Failed to write to temp dir"), TRUE, FALSE);
- }
-
- return $msg_source;
- }
-
-
// decode address string and re-format it as HTML links
function rcmail_address_string($input, $max=NULL, $addicon=NULL)
{
@@ -1412,7 +1351,7 @@
{
$out .= sprintf('<tr><td class="title">%s</td><td>%s</td><td>[<a href="./?%s">%s</a>]</tr>'."\n",
rcube_label('filename'),
- rep_specialchars_output($filename),
+ rep_specialchars_output(rcube_imap::decode_mime_string($filename)),
str_replace('_frame=', '_download=', $_SERVER['QUERY_STRING']),
rcube_label('download'));
}
--
Gitblit v1.9.1