From 3cf664939b98befe8e9f9a8e3fa8a7e9a85a5745 Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Wed, 21 Mar 2007 05:56:49 -0400
Subject: [PATCH] Minor bugfixes posted to the dev-mailing list
---
program/steps/mail/func.inc | 99 +++++++++++++++++++++++++------------------------
1 files changed, 51 insertions(+), 48 deletions(-)
diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc
index 57f20e5..1b98f1d 100644
--- a/program/steps/mail/func.inc
+++ b/program/steps/mail/func.inc
@@ -30,16 +30,16 @@
}
// set imap properties and session vars
-if (strlen($_GET['_mbox']))
+if ($mbox = get_input_value('_mbox', RCUBE_INPUT_GPC))
{
- $IMAP->set_mailbox($_GET['_mbox']);
- $_SESSION['mbox'] = $_GET['_mbox'];
+ $IMAP->set_mailbox($mbox);
+ $_SESSION['mbox'] = $mbox;
}
-if (strlen($_GET['_page']))
+if (!empty($_GET['_page']))
{
- $IMAP->set_page($_GET['_page']);
- $_SESSION['page'] = $_GET['_page'];
+ $IMAP->set_page((int)$_GET['_page']);
+ $_SESSION['page'] = (int)$_GET['_page'];
}
// set mailbox to INBOX if not set
@@ -59,7 +59,7 @@
// define url for getting message parts
if (strlen($_GET['_uid']))
- $GET_URL = sprintf('%s&_action=get&_mbox=%s&_uid=%d', $COMM_PATH, $IMAP->get_mailbox_name(), $_GET['_uid']);
+ $GET_URL = sprintf('%s&_action=get&_mbox=%s&_uid=%d', $COMM_PATH, $IMAP->get_mailbox_name(), get_input_value('_uid', RCUBE_INPUT_GET));
// set current mailbox in client environment
@@ -450,6 +450,7 @@
else if ($col=='subject')
{
$cont = Q($IMAP->decode_header($header->$col));
+ if (!$cont) $cont = Q(rcube_label('nosubject'));
// firefox/mozilla temporary workaround to pad subject with content so that whitespace in rows responds to drag+drop
$cont .= '<img src="./program/blank.gif" height="5" width="1000" alt="" />';
}
@@ -535,7 +536,10 @@
if ($col=='from' || $col=='to')
$cont = Q(rcmail_address_string($header->$col, 3), 'show');
else if ($col=='subject')
+ {
$cont = Q($IMAP->decode_header($header->$col));
+ if (!$cont) $cont = Q(rcube_label('nosubject'));
+ }
else if ($col=='size')
$cont = show_bytes($header->$col);
else if ($col=='date')
@@ -723,6 +727,14 @@
$body = is_array($part->replaces) ? strtr($part->body, $part->replaces) : $part->body;
+ // convert html to text/plain
+ if ($part->ctype_secondary=='html' && $plain)
+ {
+ $txt = new html2text($body, false, true);
+ $body = $txt->get_text();
+ $part->ctype_secondary = 'plain';
+ }
+
// text/html
if ($part->ctype_secondary=='html')
{
@@ -971,30 +983,23 @@
// part is file/attachment
else if ($mail_part->disposition=='attachment' || $mail_part->disposition=='inline' || $mail_part->headers['content-id'] ||
- (empty($mail_part->disposition) && ($mail_part->d_parameters['filename'] || $mail_part->ctype_parameters['name'])))
+ (empty($mail_part->disposition) && $mail_part->filename))
{
- // skip apple ressource files
+ // skip apple resource forks
if ($message_ctype_secondary=='appledouble' && $secondary_type=='applefile')
continue;
// part belongs to a related message
if ($message_ctype_secondary=='related' && $mail_part->headers['content-id'])
{
- $mail_part->filename = rcube_imap::decode_mime_string($mail_part->d_parameters['filename']);
$mail_part->content_id = preg_replace(array('/^</', '/>$/'), '', $mail_part->headers['content-id']);
$sa_inline_objects[] = $mail_part;
}
// is regular attachment
- else if (($fname = $mail_part->d_parameters['filename']) ||
- ($fname = $mail_part->ctype_parameters['name']) ||
- ($fname = $mail_part->headers['content-description']))
- {
- $mail_part->filename = rcube_imap::decode_mime_string($fname);
+ else if ($mail_part->filename)
$a_attachments[] = $mail_part;
- }
}
}
-
// if this was a related part try to resolve references
if ($message_ctype_secondary=='related' && sizeof($sa_inline_objects))
@@ -1015,16 +1020,8 @@
}
// message is single part non-text
- else
- {
- if (($fname = $structure->d_parameters['filename']) ||
- ($fname = $structure->ctype_parameters['name']) ||
- ($fname = $structure->headers['content-description']))
- {
- $structure->filename = rcube_imap::decode_mime_string($fname);
- $a_attachments[] = $structure;
- }
- }
+ else if ($structure->filename)
+ $a_attachments[] = $structure;
return array($a_return_parts, $a_attachments);
}
@@ -1133,11 +1130,11 @@
if (!isset($part->body))
$part->body = $IMAP->get_message_part($MESSAGE['UID'], $part->mime_id, $part);
- $body = rcmail_print_body($part, $safe_mode);
+ $body = rcmail_print_body($part, $safe_mode, !$CONFIG['prefer_html']);
$out .= '<div class="message-part">';
if ($part->ctype_secondary != 'plain')
- $out .= rcmail_mod_html_body($body, $attrib['id']);
+ $out .= rcmail_sanitize_html($body, $attrib['id']);
else
$out .= $body;
@@ -1177,7 +1174,7 @@
// modify a HTML message that it can be displayed inside a HTML page
-function rcmail_mod_html_body($body, $container_id)
+function rcmail_sanitize_html($body, $container_id)
{
// remove any null-byte characters before parsing
$body = preg_replace('/\x00/', '', $body);
@@ -1193,7 +1190,8 @@
// replace all css definitions with #container [def]
$styles = rcmail_mod_css_styles(substr($body, $pos, $pos2-$pos), $container_id);
- $body = substr($body, 0, $pos) . $styles . substr($body, $pos2);
+ $body = substr($body, 0, $pos) . $styles . substr($body, $pos2);
+ $body_lc = strtolower($body);
$last_style_pos = $pos2;
}
@@ -1203,15 +1201,19 @@
{
while (($pos = strpos($body_lc, '<'.$tag)) && ($pos2 = strpos($body_lc, '</'.$tag.'>', $pos)))
{
- $pos2 += 8;
+ $pos2 += strlen('</'.$tag.'>');
$body = substr($body, 0, $pos) . substr($body, $pos2, strlen($body)-$pos2);
$body_lc = strtolower($body);
}
}
// replace event handlers on any object
- $body = preg_replace('/\s(on[^=]+)=/im', ' __removed=', $body);
- $body = preg_replace('/\shref=["\']?(javascript:)/im', 'null:', $body);
+ while ($body != $prev_body)
+ {
+ $prev_body = $body;
+ $body = preg_replace('/(<[^!][^>]*\s)(on[^=>]+)=([^>]+>)/im', '$1__removed=$3', $body);
+ $body = preg_replace('/(<[^!][^>]*\shref=["\']?)(javascript:)([^>]*?>)/im', '$1null:$3', $body);
+ }
// resolve <base href>
$base_reg = '/(<base.*href=["\']?)([hftps]{3,5}:\/{2}[^"\'\s]+)([^<]*>)/i';
@@ -1240,6 +1242,9 @@
'</div>'),
$out);
+ // quote <? of php and xml files that are specified as text/html
+ $out = preg_replace(array('/<\?/', '/\?>/'), array('<?', '?>'), $out);
+
return $out;
}
@@ -1247,6 +1252,7 @@
// parse link attributes and set correct target
function rcmail_alter_html_link($in)
{
+ $in = preg_replace('/=([^("|\'|\s)]+)(\s|$)/', '="\1"', $in);
$attrib = parse_attrib_string($in);
if (stristr((string)$attrib['href'], 'mailto:'))
@@ -1274,13 +1280,13 @@
$source = substr($source, 0, $pos+1) . "<<str_replacement[$key]>>" . substr($source, $pos2, strlen($source)-$pos2);
$last_pos = $pos+2;
}
-
- $styles = preg_replace('/(^\s*|,\s*)([a-z0-9\._][a-z0-9\.\-_]*)/im', "\\1#$container_id \\2", $source);
- $styles = preg_replace('/<<str_replacement\[([0-9]+)\]>>/e', "\$a_css_values[\\1]", $styles);
-
- // replace body definition because we also stripped off the <body> tag
- $styles = preg_replace("/$container_id\s+body/i", "$container_id div.rcmBody", $styles);
-
+
+ // remove html commends and add #container to each tag selector.
+ // also replace body definition because we also stripped off the <body> tag
+ $styles = preg_replace(array('/(^\s*<!--)|(-->\s*$)/', '/(^\s*|,\s*|\}\s*)([a-z0-9\._][a-z0-9\.\-_]*)/im', '/<<str_replacement\[([0-9]+)\]>>/e', "/$container_id\s+body/i"),
+ array('', "\\1#$container_id \\2", "\$a_css_values[\\1]", "$container_id div.rcmBody"),
+ $source);
+
return $styles;
}
@@ -1440,22 +1446,19 @@
$attrib_str = create_attrib_string($attrib, array('id', 'class', 'style', 'cellspacing', 'cellpadding', 'border', 'summary'));
$out = '<table '. $attrib_str . ">\n";
- $filename = $part->d_parameters['filename'] ? $part->d_parameters['filename'] : $part->ctype_parameters['name'];
- $filesize = $part->size;
-
if ($filename)
{
$out .= sprintf('<tr><td class="title">%s</td><td>%s</td><td>[<a href="./?%s">%s</a>]</tr>'."\n",
Q(rcube_label('filename')),
- Q(rcube_imap::decode_mime_string($filename)),
+ Q($part->filename),
str_replace('_frame=', '_download=', $_SERVER['QUERY_STRING']),
Q(rcube_label('download')));
}
- if ($filesize)
+ if ($part->size)
$out .= sprintf('<tr><td class="title">%s</td><td>%s</td></tr>'."\n",
Q(rcube_label('filesize')),
- show_bytes($filesize));
+ show_bytes($part->size));
$out .= "\n</table>";
@@ -1495,4 +1498,4 @@
}
-?>
+?>
\ No newline at end of file
--
Gitblit v1.9.1