X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=class%2Fdeliver%2FDeliver.class.php;h=9a9bce0596f9d6bde60f83d514851576dace36ac;hb=593d083d62db29ea010204fbadaf0a35de3f8889;hp=093f5a273e15621bd27f6c88040554005001d297;hpb=8d8da447778a43b78bc95f9601b385416ad84477;p=squirrelmail.git

diff --git a/class/deliver/Deliver.class.php b/class/deliver/Deliver.class.php
index 093f5a27..9a9bce05 100644
--- a/class/deliver/Deliver.class.php
+++ b/class/deliver/Deliver.class.php
@@ -2,7 +2,7 @@
 /**
  * Deliver.class.php
  *
- * Copyright (c) 1999-2004 The SquirrelMail Project Team
+ * Copyright (c) 1999-2005 The SquirrelMail Project Team
  * Licensed under the GNU GPL. For full terms see the file COPYING.
  *
  * This contains all the functions needed to send messages through
@@ -76,8 +76,17 @@ class Deliver {
         if ($boundary && $message->entity_id && count($message->entities)) {
             if (strpos($boundary,'_part_')) {
                 $boundary = substr($boundary,0,strpos($boundary,'_part_'));
+
+            // the next four lines use strrev to reverse any nested boundaries
+            // because RFC 2046 (5.1.1) says that if a line starts with the outer
+            // boundary string (doesn't matter what the line ends with), that
+            // can be considered a match for the outer boundary; thus the nested
+            // boundary needs to be unique from the outer one
+            //
+            } else if (strpos($boundary,'_trap_')) {
+                $boundary = substr(strrev($boundary),0,strpos(strrev($boundary),'_part_'));
             }
-            $boundary_new = $boundary . '_part_'.$message->entity_id;
+            $boundary_new = strrev($boundary . '_part_'.$message->entity_id);
         } else {
             $boundary_new = $boundary;
         }
@@ -133,6 +142,8 @@ class Deliver {
         case 'message':
             if ($message->body_part) {
                 $body_part = $message->body_part;
+                // remove NUL characters
+                $body_part = str_replace("\0",'',$body_part);
                 $length += $this->clean_crlf($body_part);
                 if ($stream) {
                     $this->preWriteToStream($body_part);
@@ -290,7 +301,7 @@ class Deliver {
         $contenttype = 'Content-Type: '. $mime_header->type0 .'/'.
                         $mime_header->type1;
         if (count($message->entities)) {
-            $contenttype .= ";\r\n " . 'boundary="'.$boundary.'"';
+            $contenttype .= ';' . 'boundary="'.$boundary.'"';
         }
         if (isset($mime_header->parameters['name'])) {
             $contenttype .= '; name="'.
@@ -304,19 +315,19 @@ class Deliver {
 
         $header[] = $contenttype . $rn;
         if ($mime_header->description) {
-            $header[] .= 'Content-Description: ' . $mime_header->description . $rn;
+            $header[] = 'Content-Description: ' . $mime_header->description . $rn;
         }
         if ($mime_header->encoding) {
-            $header[] .= 'Content-Transfer-Encoding: ' . $mime_header->encoding . $rn;
+            $header[] = 'Content-Transfer-Encoding: ' . $mime_header->encoding . $rn;
         } else {
             if ($mime_header->type0 == 'text' || $mime_header->type0 == 'message') {
-                $header[] .= 'Content-Transfer-Encoding: 8bit' .  $rn;
+                $header[] = 'Content-Transfer-Encoding: 8bit' .  $rn;
             } else {
-                $header[] .= 'Content-Transfer-Encoding: base64' .  $rn;
+                $header[] = 'Content-Transfer-Encoding: base64' .  $rn;
             }
         }
         if ($mime_header->id) {
-            $header[] .= 'Content-ID: ' . $mime_header->id . $rn;
+            $header[] = 'Content-ID: ' . $mime_header->id . $rn;
         }
         if ($mime_header->disposition) {
             $disposition = $mime_header->disposition;
@@ -328,10 +339,10 @@ class Deliver {
             $header[] = $contentdisp . $rn;
         }
         if ($mime_header->md5) {
-            $header[] .= 'Content-MD5: ' . $mime_header->md5 . $rn;
+            $header[] = 'Content-MD5: ' . $mime_header->md5 . $rn;
         }
         if ($mime_header->language) {
-            $header[] .= 'Content-Language: ' . $mime_header->language . $rn;
+            $header[] = 'Content-Language: ' . $mime_header->language . $rn;
         }
 
         $cnt = count($header);
@@ -394,7 +405,7 @@ class Deliver {
         if ( !isset($skip_SM_header) || !$skip_SM_header )
         {
           $header[] = "Received: from $received_from" . $rn;
-          $header[] = "        (SquirrelMail authenticated user $username);" . $rn;
+          $header[] = "        (SquirrelMail authenticated user $username)" . $rn;
           $header[] = "        by $SERVER_NAME with HTTP;" . $rn;
           $header[] = "        $date" . $rn;
         }
@@ -452,7 +463,7 @@ class Deliver {
         }
         $header[] = $contenttype . $rn;
         if ($encoding = $rfc822_header->encoding) {
-            $header[] .= 'Content-Transfer-Encoding: ' . $encoding .  $rn;
+            $header[] = 'Content-Transfer-Encoding: ' . $encoding .  $rn;
         }
         if ($rfc822_header->dnt) {
             $dnt = $rfc822_header->getAddr_s('dnt');
@@ -465,14 +476,11 @@ class Deliver {
             switch($rfc822_header->priority)
             {
             case 1:
-	    	$header[] = 'X-Priority: 1 (Highest)'.$rn;
-	    	$header[] = 'Importance: High'. $rn; break;
-            case 3:
-	    	$header[] = 'X-Priority: 3 (Normal)'.$rn;
-	    	$header[] = 'Importance: Normal'. $rn; break;
+                $header[] = 'X-Priority: 1 (Highest)'.$rn;
+                $header[] = 'Importance: High'. $rn; break;
             case 5:
-	    	$header[] = 'X-Priority: 5 (Lowest)'.$rn;
-	    	$header[] = 'Importance: Low'. $rn; break;
+                $header[] = 'X-Priority: 5 (Lowest)'.$rn;
+                $header[] = 'Importance: Low'. $rn; break;
             default: break;
             }
         }