From 3412e50b54e3daac8745234e21ab6e72be0ed165 Mon Sep 17 00:00:00 2001
From: Thomas Bruederli <thomas@roundcube.net>
Date: Wed, 04 Jun 2014 11:20:33 -0400
Subject: [PATCH] Fix attachment menu structure and aria-attributes
---
program/lib/Mail/mimePart.php | 400 +++++++++++++++++++++++++++++++++++++++-----------------
1 files changed, 276 insertions(+), 124 deletions(-)
diff --git a/program/lib/Mail/mimePart.php b/program/lib/Mail/mimePart.php
index 2181170..c6e9f4a 100644
--- a/program/lib/Mail/mimePart.php
+++ b/program/lib/Mail/mimePart.php
@@ -131,6 +131,7 @@
*/
var $_eol = "\r\n";
+
/**
* Constructor.
*
@@ -141,18 +142,22 @@
* content_type - The content type for this part eg multipart/mixed
* encoding - The encoding to use, 7bit, 8bit,
* base64, or quoted-printable
+ * charset - Content character set
* cid - Content ID to apply
* disposition - Content disposition, inline or attachment
- * dfilename - Filename parameter for content disposition
+ * filename - Filename parameter for content disposition
* description - Content description
- * charset - Character set to use
- * name_encoding - Encoding for attachment name (Content-Type)
+ * name_encoding - Encoding of the attachment name (Content-Type)
* By default filenames are encoded using RFC2231
* Here you can set RFC2047 encoding (quoted-printable
* or base64) instead
- * filename_encoding - Encoding for attachment filename (Content-Disposition)
+ * filename_encoding - Encoding of the attachment filename (Content-Disposition)
* See 'name_encoding'
+ * headers_charset - Charset of the headers e.g. filename, description.
+ * If not set, 'charset' will be used
* eol - End of line sequence. Default: "\r\n"
+ * headers - Hash array with additional part headers. Array keys can be
+ * in form of <header_name>:<parameter_name>
* body_file - Location of file with part's body (instead of $body)
*
* @access public
@@ -165,14 +170,13 @@
$this->_eol = MAIL_MIMEPART_CRLF;
}
- $c_type = array();
- $c_disp = array();
+ // Additional part headers
+ if (!empty($params['headers']) && is_array($params['headers'])) {
+ $headers = $params['headers'];
+ }
+
foreach ($params as $key => $value) {
switch ($key) {
- case 'content_type':
- $c_type['type'] = $value;
- break;
-
case 'encoding':
$this->_encoding = $value;
$headers['Content-Transfer-Encoding'] = $value;
@@ -182,29 +186,6 @@
$headers['Content-ID'] = '<' . $value . '>';
break;
- case 'disposition':
- $c_disp['disp'] = $value;
- break;
-
- case 'dfilename':
- $c_disp['filename'] = $value;
- $c_type['name'] = $value;
- break;
-
- case 'description':
- $headers['Content-Description'] = $value;
- break;
-
- case 'charset':
- $c_type['charset'] = $value;
- $c_disp['charset'] = $value;
- break;
-
- case 'language':
- $c_type['language'] = $value;
- $c_disp['language'] = $value;
- break;
-
case 'location':
$headers['Content-Location'] = $value;
break;
@@ -212,53 +193,89 @@
case 'body_file':
$this->_body_file = $value;
break;
+
+ // for backward compatibility
+ case 'dfilename':
+ $params['filename'] = $value;
+ break;
}
+ }
+
+ // Default content-type
+ if (empty($params['content_type'])) {
+ $params['content_type'] = 'text/plain';
}
// Content-Type
- if (isset($c_type['type'])) {
- $headers['Content-Type'] = $c_type['type'];
- if (isset($c_type['name'])) {
- $headers['Content-Type'] .= ';' . $this->_eol;
- $headers['Content-Type'] .= $this->_buildHeaderParam(
- 'name', $c_type['name'],
- isset($c_type['charset']) ? $c_type['charset'] : 'US-ASCII',
- isset($c_type['language']) ? $c_type['language'] : null,
- isset($params['name_encoding']) ? $params['name_encoding'] : null
- );
+ $headers['Content-Type'] = $params['content_type'];
+ if (!empty($params['charset'])) {
+ $charset = "charset={$params['charset']}";
+ // place charset parameter in the same line, if possible
+ if ((strlen($headers['Content-Type']) + strlen($charset) + 16) <= 76) {
+ $headers['Content-Type'] .= '; ';
+ } else {
+ $headers['Content-Type'] .= ';' . $this->_eol . ' ';
}
- if (isset($c_type['charset'])) {
- $headers['Content-Type']
- .= ';' . $this->_eol . " charset={$c_type['charset']}";
+ $headers['Content-Type'] .= $charset;
+
+ // Default headers charset
+ if (!isset($params['headers_charset'])) {
+ $params['headers_charset'] = $params['charset'];
}
+ }
+
+ // header values encoding parameters
+ $h_charset = !empty($params['headers_charset']) ? $params['headers_charset'] : 'US-ASCII';
+ $h_language = !empty($params['language']) ? $params['language'] : null;
+ $h_encoding = !empty($params['name_encoding']) ? $params['name_encoding'] : null;
+
+
+ if (!empty($params['filename'])) {
+ $headers['Content-Type'] .= ';' . $this->_eol;
+ $headers['Content-Type'] .= $this->_buildHeaderParam(
+ 'name', $params['filename'], $h_charset, $h_language, $h_encoding
+ );
}
// Content-Disposition
- if (isset($c_disp['disp'])) {
- $headers['Content-Disposition'] = $c_disp['disp'];
- if (isset($c_disp['filename'])) {
+ if (!empty($params['disposition'])) {
+ $headers['Content-Disposition'] = $params['disposition'];
+ if (!empty($params['filename'])) {
$headers['Content-Disposition'] .= ';' . $this->_eol;
$headers['Content-Disposition'] .= $this->_buildHeaderParam(
- 'filename', $c_disp['filename'],
- isset($c_disp['charset']) ? $c_disp['charset'] : 'US-ASCII',
- isset($c_disp['language']) ? $c_disp['language'] : null,
- isset($params['filename_encoding']) ? $params['filename_encoding'] : null
+ 'filename', $params['filename'], $h_charset, $h_language,
+ !empty($params['filename_encoding']) ? $params['filename_encoding'] : null
);
+ }
+
+ // add attachment size
+ $size = $this->_body_file ? filesize($this->_body_file) : strlen($body);
+ if ($size) {
+ $headers['Content-Disposition'] .= ';' . $this->_eol . ' size=' . $size;
}
}
- if (!empty($headers['Content-Description'])) {
+ if (!empty($params['description'])) {
$headers['Content-Description'] = $this->encodeHeader(
- 'Content-Description', $headers['Content-Description'],
- isset($c_type['charset']) ? $c_type['charset'] : 'US-ASCII',
- isset($params['name_encoding']) ? $params['name_encoding'] : 'quoted-printable',
+ 'Content-Description', $params['description'], $h_charset, $h_encoding,
$this->_eol
);
}
- // Default content-type
- if (!isset($headers['Content-Type'])) {
- $headers['Content-Type'] = 'text/plain';
+ // Search and add existing headers' parameters
+ foreach ($headers as $key => $value) {
+ $items = explode(':', $key);
+ if (count($items) == 2) {
+ $header = $items[0];
+ $param = $items[1];
+ if (isset($headers[$header])) {
+ $headers[$header] .= ';' . $this->_eol;
+ }
+ $headers[$header] .= $this->_buildHeaderParam(
+ $param, $value, $h_charset, $h_language, $h_encoding
+ );
+ unset($headers[$key]);
+ }
}
// Default encoding
@@ -298,7 +315,7 @@
for ($i = 0; $i < count($this->_subparts); $i++) {
$encoded['body'] .= '--' . $boundary . $eol;
$tmp = $this->_subparts[$i]->encode();
- if (PEAR::isError($tmp)) {
+ if ($this->_isError($tmp)) {
return $tmp;
}
foreach ($tmp['headers'] as $key => $value) {
@@ -321,7 +338,7 @@
@ini_set('magic_quotes_runtime', $magic_quote_setting);
}
- if (PEAR::isError($body)) {
+ if ($this->_isError($body)) {
return $body;
}
$encoded['body'] = $body;
@@ -351,12 +368,12 @@
function encodeToFile($filename, $boundary=null, $skip_head=false)
{
if (file_exists($filename) && !is_writable($filename)) {
- $err = PEAR::raiseError('File is not writeable: ' . $filename);
+ $err = $this->_raiseError('File is not writeable: ' . $filename);
return $err;
}
if (!($fh = fopen($filename, 'ab'))) {
- $err = PEAR::raiseError('Unable to open file: ' . $filename);
+ $err = $this->_raiseError('Unable to open file: ' . $filename);
return $err;
}
@@ -373,7 +390,7 @@
@ini_set('magic_quotes_runtime', $magic_quote_setting);
}
- return PEAR::isError($res) ? $res : $this->_headers;
+ return $this->_isError($res) ? $res : $this->_headers;
}
/**
@@ -408,7 +425,7 @@
for ($i = 0; $i < count($this->_subparts); $i++) {
fwrite($fh, $f_eol . '--' . $boundary . $eol);
$res = $this->_subparts[$i]->_encodePartToFile($fh);
- if (PEAR::isError($res)) {
+ if ($this->_isError($res)) {
return $res;
}
$f_eol = $eol;
@@ -423,7 +440,7 @@
$res = $this->_getEncodedDataFromFile(
$this->_body_file, $this->_encoding, $fh
);
- if (PEAR::isError($res)) {
+ if ($this->_isError($res)) {
return $res;
}
}
@@ -439,7 +456,7 @@
* @param array $params The parameters for the subpart, same
* as the $params argument for constructor.
*
- * @return Mail_mimePart A reference to the part you just added. It is
+ * @return Mail_mimePart A reference to the part you just added. In PHP4, it is
* crucial if using multipart/* in your subparts that
* you use =& in your script when calling this function,
* otherwise you will not be able to add further subparts.
@@ -447,8 +464,8 @@
*/
function &addSubpart($body, $params)
{
- $this->_subparts[] = new Mail_mimePart($body, $params);
- return $this->_subparts[count($this->_subparts) - 1];
+ $this->_subparts[] = $part = new Mail_mimePart($body, $params);
+ return $part;
}
/**
@@ -494,12 +511,12 @@
function _getEncodedDataFromFile($filename, $encoding, $fh=null)
{
if (!is_readable($filename)) {
- $err = PEAR::raiseError('Unable to read file: ' . $filename);
+ $err = $this->_raiseError('Unable to read file: ' . $filename);
return $err;
}
if (!($fd = fopen($filename, 'rb'))) {
- $err = PEAR::raiseError('Could not open file: ' . $filename);
+ $err = $this->_raiseError('Could not open file: ' . $filename);
return $err;
}
@@ -631,7 +648,7 @@
}
/**
- * Encodes the paramater of a header.
+ * Encodes the parameter of a header.
*
* @param string $name The name of the header-parameter
* @param string $value The value of the paramter
@@ -651,8 +668,8 @@
// RFC 2045:
// value needs encoding if contains non-ASCII chars or is longer than 78 chars
if (!preg_match('#[^\x20-\x7E]#', $value)) {
- $token_regexp = '#([^\x21,\x23-\x27,\x2A,\x2B,\x2D'
- . ',\x2E,\x30-\x39,\x41-\x5A,\x5E-\x7E])#';
+ $token_regexp = '#([^\x21\x23-\x27\x2A\x2B\x2D'
+ . '\x2E\x30-\x39\x41-\x5A\x5E-\x7E])#';
if (!preg_match($token_regexp, $value)) {
// token
if (strlen($name) + strlen($value) + 3 <= $maxLength) {
@@ -674,7 +691,7 @@
// RFC2231:
$encValue = preg_replace_callback(
- '/([^\x21,\x23,\x24,\x26,\x2B,\x2D,\x2E,\x30-\x39,\x41-\x5A,\x5E-\x7E])/',
+ '/([^\x21\x23\x24\x26\x2B\x2D\x2E\x30-\x39\x41-\x5A\x5E-\x7E])/',
array($this, '_encodeReplaceCallback'), $value
);
$value = "$charset'$language'$encValue";
@@ -798,6 +815,7 @@
'from', 'to', 'cc', 'bcc', 'sender', 'reply-to',
'resent-from', 'resent-to', 'resent-cc', 'resent-bcc',
'resent-sender', 'resent-reply-to',
+ 'mail-reply-to', 'mail-followup-to',
'return-receipt-to', 'disposition-notification-to',
);
$other_headers = array(
@@ -818,6 +836,9 @@
// Structured header (make sure addr-spec inside is not encoded)
if (!empty($separator)) {
+ // Simple e-mail address regexp
+ $email_regexp = '([^\s<]+|("[^\r\n"]+"))@\S+';
+
$parts = Mail_mimePart::_explodeQuotedString($separator, $value);
$value = '';
@@ -835,12 +856,12 @@
}
// let's find phrase (name) and/or addr-spec
- if (preg_match('/^<\S+@\S+>$/', $part)) {
+ if (preg_match('/^<' . $email_regexp . '>$/', $part)) {
$value .= $part;
- } else if (preg_match('/^\S+@\S+$/', $part)) {
+ } else if (preg_match('/^' . $email_regexp . '$/', $part)) {
// address without brackets and without name
$value .= $part;
- } else if (preg_match('/<*\S+@\S+>*$/', $part, $matches)) {
+ } else if (preg_match('/<*' . $email_regexp . '>*$/', $part, $matches)) {
// address with name (handle name)
$address = $matches[0];
$word = str_replace($address, '', $part);
@@ -960,33 +981,39 @@
*/
function encodeHeaderValue($value, $charset, $encoding, $prefix_len=0, $eol="\r\n")
{
- if ($encoding == 'base64') {
+ // #17311: Use multibyte aware method (requires mbstring extension)
+ if ($result = Mail_mimePart::encodeMB($value, $charset, $encoding, $prefix_len, $eol)) {
+ return $result;
+ }
+
+ // Generate the header using the specified params and dynamicly
+ // determine the maximum length of such strings.
+ // 75 is the value specified in the RFC.
+ $encoding = $encoding == 'base64' ? 'B' : 'Q';
+ $prefix = '=?' . $charset . '?' . $encoding .'?';
+ $suffix = '?=';
+ $maxLength = 75 - strlen($prefix . $suffix);
+ $maxLength1stLine = $maxLength - $prefix_len;
+
+ if ($encoding == 'B') {
// Base64 encode the entire string
$value = base64_encode($value);
- // Generate the header using the specified params and dynamicly
- // determine the maximum length of such strings.
- // 75 is the value specified in the RFC.
- $prefix = '=?' . $charset . '?B?';
- $suffix = '?=';
- $maxLength = 75 - strlen($prefix . $suffix) - 2;
- $maxLength1stLine = $maxLength - $prefix_len;
-
- // We can cut base4 every 4 characters, so the real max
+ // We can cut base64 every 4 characters, so the real max
// we can get must be rounded down.
$maxLength = $maxLength - ($maxLength % 4);
$maxLength1stLine = $maxLength1stLine - ($maxLength1stLine % 4);
$cutpoint = $maxLength1stLine;
- $value_out = $value;
$output = '';
- while ($value_out) {
+
+ while ($value) {
// Split translated string at every $maxLength
- $part = substr($value_out, 0, $cutpoint);
- $value_out = substr($value_out, $cutpoint);
+ $part = substr($value, 0, $cutpoint);
+ $value = substr($value, $cutpoint);
$cutpoint = $maxLength;
// RFC 2047 specifies that any split header should
- // be seperated by a CRLF SPACE.
+ // be separated by a CRLF SPACE.
if ($output) {
$output .= $eol . ' ';
}
@@ -997,30 +1024,19 @@
// quoted-printable encoding has been selected
$value = Mail_mimePart::encodeQP($value);
- // Generate the header using the specified params and dynamicly
- // determine the maximum length of such strings.
- // 75 is the value specified in the RFC.
- $prefix = '=?' . $charset . '?Q?';
- $suffix = '?=';
- $maxLength = 75 - strlen($prefix . $suffix) - 3;
- $maxLength1stLine = $maxLength - $prefix_len;
- $maxLength = $maxLength - 1;
-
// This regexp will break QP-encoded text at every $maxLength
// but will not break any encoded letters.
$reg1st = "|(.{0,$maxLength1stLine}[^\=][^\=])|";
$reg2nd = "|(.{0,$maxLength}[^\=][^\=])|";
- $value_out = $value;
- $realMax = $maxLength1stLine + strlen($prefix . $suffix);
- if (strlen($value_out) >= $realMax) {
+ if (strlen($value) > $maxLength1stLine) {
// Begin with the regexp for the first line.
$reg = $reg1st;
$output = '';
- while ($value_out) {
+ while ($value) {
// Split translated string at every $maxLength
// But make sure not to break any translated chars.
- $found = preg_match($reg, $value_out, $matches);
+ $found = preg_match($reg, $value, $matches);
// After this first line, we need to use a different
// regexp for the first line.
@@ -1032,24 +1048,23 @@
if ($found) {
$part = $matches[0];
$len = strlen($matches[0]);
- $value_out = substr($value_out, $len);
+ $value = substr($value, $len);
} else {
- $part = $value_out;
- $value_out = "";
+ $part = $value;
+ $value = '';
}
- // RFC 2047 specifies that any split header should
- // be seperated by a CRLF SPACE
+ // RFC 2047 specifies that any split header should
+ // be separated by a CRLF SPACE
if ($output) {
$output .= $eol . ' ';
}
$output .= $prefix . $part . $suffix;
}
- $value_out = $output;
+ $value = $output;
} else {
- $value_out = $prefix . $value_out . $suffix;
+ $value = $prefix . $value . $suffix;
}
- $value = $value_out;
}
return $value;
@@ -1066,16 +1081,121 @@
*/
function encodeQP($str)
{
- // Replace all special characters used by the encoder
- $search = array('=', '_', '?', ' ');
- $replace = array('=3D', '=5F', '=3F', '_');
- $str = str_replace($search, $replace, $str);
+ // Bug #17226 RFC 2047 restricts some characters
+ // if the word is inside a phrase, permitted chars are only:
+ // ASCII letters, decimal digits, "!", "*", "+", "-", "/", "=", and "_"
- // Replace all extended characters (\x80-xFF) with their
- // ASCII values.
- return preg_replace_callback(
- '/([\x80-\xFF])/', array('Mail_mimePart', '_qpReplaceCallback'), $str
+ // "=", "_", "?" must be encoded
+ $regexp = '/([\x22-\x29\x2C\x2E\x3A-\x40\x5B-\x60\x7B-\x7E\x80-\xFF])/';
+ $str = preg_replace_callback(
+ $regexp, array('Mail_mimePart', '_qpReplaceCallback'), $str
);
+
+ return str_replace(' ', '_', $str);
+ }
+
+ /**
+ * Encodes the given string using base64 or quoted-printable.
+ * This method makes sure that encoded-word represents an integral
+ * number of characters as per RFC2047.
+ *
+ * @param string $str String to encode
+ * @param string $charset Character set name
+ * @param string $encoding Encoding name (base64 or quoted-printable)
+ * @param int $prefix_len Prefix length. Default: 0
+ * @param string $eol End-of-line sequence. Default: "\r\n"
+ *
+ * @return string Encoded string
+ * @access public
+ * @since 1.8.0
+ */
+ function encodeMB($str, $charset, $encoding, $prefix_len=0, $eol="\r\n")
+ {
+ if (!function_exists('mb_substr') || !function_exists('mb_strlen')) {
+ return;
+ }
+
+ $encoding = $encoding == 'base64' ? 'B' : 'Q';
+ // 75 is the value specified in the RFC
+ $prefix = '=?' . $charset . '?'.$encoding.'?';
+ $suffix = '?=';
+ $maxLength = 75 - strlen($prefix . $suffix);
+
+ // A multi-octet character may not be split across adjacent encoded-words
+ // So, we'll loop over each character
+ // mb_stlen() with wrong charset will generate a warning here and return null
+ $length = mb_strlen($str, $charset);
+ $result = '';
+ $line_length = $prefix_len;
+
+ if ($encoding == 'B') {
+ // base64
+ $start = 0;
+ $prev = '';
+
+ for ($i=1; $i<=$length; $i++) {
+ // See #17311
+ $chunk = mb_substr($str, $start, $i-$start, $charset);
+ $chunk = base64_encode($chunk);
+ $chunk_len = strlen($chunk);
+
+ if ($line_length + $chunk_len == $maxLength || $i == $length) {
+ if ($result) {
+ $result .= "\n";
+ }
+ $result .= $chunk;
+ $line_length = 0;
+ $start = $i;
+ } else if ($line_length + $chunk_len > $maxLength) {
+ if ($result) {
+ $result .= "\n";
+ }
+ if ($prev) {
+ $result .= $prev;
+ }
+ $line_length = 0;
+ $start = $i - 1;
+ } else {
+ $prev = $chunk;
+ }
+ }
+ } else {
+ // quoted-printable
+ // see encodeQP()
+ $regexp = '/([\x22-\x29\x2C\x2E\x3A-\x40\x5B-\x60\x7B-\x7E\x80-\xFF])/';
+
+ for ($i=0; $i<=$length; $i++) {
+ $char = mb_substr($str, $i, 1, $charset);
+ // RFC recommends underline (instead of =20) in place of the space
+ // that's one of the reasons why we're not using iconv_mime_encode()
+ if ($char == ' ') {
+ $char = '_';
+ $char_len = 1;
+ } else {
+ $char = preg_replace_callback(
+ $regexp, array('Mail_mimePart', '_qpReplaceCallback'), $char
+ );
+ $char_len = strlen($char);
+ }
+
+ if ($line_length + $char_len > $maxLength) {
+ if ($result) {
+ $result .= "\n";
+ }
+ $line_length = 0;
+ }
+
+ $result .= $char;
+ $line_length += $char_len;
+ }
+ }
+
+ if ($result) {
+ $result = $prefix
+ .str_replace("\n", $suffix.$eol.' '.$prefix, $result).$suffix;
+ }
+
+ return $result;
}
/**
@@ -1106,4 +1226,36 @@
return sprintf('%%%02X', ord($matches[1]));
}
+ /**
+ * PEAR::isError implementation
+ *
+ * @param mixed $data Object
+ *
+ * @return bool True if object is an instance of PEAR_Error
+ * @access private
+ */
+ function _isError($data)
+ {
+ // PEAR::isError() is not PHP 5.4 compatible (see Bug #19473)
+ if (is_object($data) && is_a($data, 'PEAR_Error')) {
+ return true;
+ }
+
+ return false;
+ }
+
+ /**
+ * PEAR::raiseError implementation
+ *
+ * @param $message A text error message
+ *
+ * @return PEAR_Error Instance of PEAR_Error
+ * @access private
+ */
+ function _raiseError($message)
+ {
+ // PEAR::raiseError() is not PHP 5.4 compatible
+ return new PEAR_Error($message);
+ }
+
} // End of class
--
Gitblit v1.9.1