X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=functions%2Fmime.php;h=07cfe443d988e09c0e762165b743dc408ee58d3c;hb=7c0ec1d81108c90f37fdab4b85520a05107fc58d;hp=933523b55a66a179f2c35efcc18eeb737d329351;hpb=5166f86aad45f37b514887adfc014dd305be0e0e;p=squirrelmail.git

diff --git a/functions/mime.php b/functions/mime.php
index 933523b5..07cfe443 100644
--- a/functions/mime.php
+++ b/functions/mime.php
@@ -3,15 +3,17 @@
 /**
  * mime.php
  *
- * Copyright (c) 1999-2003 The SquirrelMail Project Team
+ * Copyright (c) 1999-2004 The SquirrelMail Project Team
  * Licensed under the GNU GPL. For full terms see the file COPYING.
  *
  * This contains the functions necessary to detect and decode MIME
  * messages.
  *
  * $Id$
+ * @package squirrelmail
  */
 
+/** The typical includes... */
 require_once(SM_PATH . 'functions/imap.php');
 require_once(SM_PATH . 'functions/attachment_common.php');
 
@@ -19,11 +21,13 @@ require_once(SM_PATH . 'functions/attachment_common.php');
 /* MIME DECODING                                                              */
 /* -------------------------------------------------------------------------- */
 
-/* This function gets the structure of a message and stores it in the "message" class.
+/**
+ * Get the MIME structure
+ *
+ * This function gets the structure of a message and stores it in the "message" class.
  * It will return this object for use with all relevant header information and
  * fully parsed into the standard "message" object format.
  */
-
 function mime_structure ($bodystructure, $flags=array()) {
 
     /* Isolate the body structure and remove beginning and end parenthesis. */
@@ -92,8 +96,7 @@ function mime_structure ($bodystructure, $flags=array()) {
  * to mime_get_elements()
  */
 
-function mime_fetch_body($imap_stream, $id, $ent_id=1) {
-    global $uid_support; 
+function mime_fetch_body($imap_stream, $id, $ent_id=1, $fetch_size=0) {
     /* Do a bit of error correction.  If we couldn't find the entity id, just guess
      * that it is the first one.  That is usually the case anyway.
      */
@@ -104,7 +107,9 @@ function mime_fetch_body($imap_stream, $id, $ent_id=1) {
         $cmd = "FETCH $id BODY[$ent_id]";
     }
 
-    $data = sqimap_run_command ($imap_stream, $cmd, true, $response, $message, $uid_support);
+    if ($fetch_size!=0) $cmd .= "<0.$fetch_size>";
+
+    $data = sqimap_run_command ($imap_stream, $cmd, true, $response, $message, TRUE);
     do {
         $topline = trim(array_shift($data));
     } while($topline && ($topline[0] == '*') && !preg_match('/\* [0-9]+ FETCH.*/i', $topline)) ;
@@ -116,7 +121,7 @@ function mime_fetch_body($imap_stream, $id, $ent_id=1) {
          * in order to parse html messages. Let's get them here.
          */
 //        if ($ret{0} == '<') {
-//            $data = sqimap_run_command ($imap_stream, "FETCH $id BODY[$ent_id.MIME]", true, $response, $message, $uid_support);
+//            $data = sqimap_run_command ($imap_stream, "FETCH $id BODY[$ent_id.MIME]", true, $response, $message, TRUE);
 //        }
     } else if (ereg('"([^"]*)"', $topline, $regs)) {
         $ret = $regs[1];
@@ -143,7 +148,7 @@ function mime_fetch_body($imap_stream, $id, $ent_id=1) {
                '<tr><td><b>' . _("FETCH line:") . "</td><td>$topline</td></tr>" .
                "</table><BR></tt></font><hr>";
 
-        $data = sqimap_run_command ($imap_stream, "FETCH $passed_id BODY[]", true, $response, $message, $uid_support);
+        $data = sqimap_run_command ($imap_stream, "FETCH $passed_id BODY[]", true, $response, $message, TRUE);
         array_shift($data);
         $wholemessage = implode('', $data);
 
@@ -153,11 +158,10 @@ function mime_fetch_body($imap_stream, $id, $ent_id=1) {
 }
 
 function mime_print_body_lines ($imap_stream, $id, $ent_id=1, $encoding) {
-    global $uid_support;
 
     /* Don't kill the connection if the browser is over a dialup
      * and it would take over 30 seconds to download it.
-     * Don´t call set_time_limit in safe mode.
+     * Dont call set_time_limit in safe mode.
      */
 
     if (!ini_get('safe_mode')) {
@@ -171,23 +175,23 @@ function mime_print_body_lines ($imap_stream, $id, $ent_id=1, $encoding) {
         } else {
            $query = "FETCH $id BODY[$ent_id]";
         }
-        sqimap_run_command($imap_stream,$query,true,$response,$message,$uid_support,'sqimap_base64_decode','php://stdout',true);
+        sqimap_run_command($imap_stream,$query,true,$response,$message,TRUE,'sqimap_base64_decode','php://stdout',true);
     } else {
        $body = mime_fetch_body ($imap_stream, $id, $ent_id);
        echo decodeBody($body, $encoding);
     }
 
-    /* 
+    /*
        TODO, use the same method for quoted printable.
        However, I assume that quoted printable attachments aren't that large
        so the performancegain / memory usage drop will be minimal.
        If we decide to add that then we need to adapt sqimap_fread because
-       we need to split te result on \n and fread doesn't stop at \n. That 
+       we need to split te result on \n and fread doesn't stop at \n. That
        means we also should provide $results from sqimap_fread (by ref) to
        te function and set $no_return to false. The $filter function for
-       quoted printable should handle unsetting of $results. 
+       quoted printable should handle unsetting of $results.
     */
-    /* 
+    /*
        TODO 2: find out how we write to the output stream php://stdout. fwrite
        doesn't work because 'php://stdout isn't a stream.
     */
@@ -370,9 +374,11 @@ function formatBody($imap_stream, $message, $color, $wrap_at, $ent_num, $id, $ma
             if ($show_html_default <> 1) {
                 $entity_conv = array('&nbsp;' => ' ',
                                      '<p>'    => "\n",
-                                     '<br>'   => "\n",
                                      '<P>'    => "\n",
+                                     '<br>'   => "\n",
                                      '<BR>'   => "\n",
+                                     '<br />' => "\n",
+                                     '<BR />' => "\n",
                                      '&gt;'   => '>',
                                      '&lt;'   => '<');
                 $body = strtr($body, $entity_conv);
@@ -387,12 +393,14 @@ function formatBody($imap_stream, $message, $color, $wrap_at, $ent_num, $id, $ma
             translateText($body, $wrap_at,
                           $body_message->header->getParameter('charset'));
         }
-        $link = 'read_body.php?passed_id=' . $id . '&amp;ent_id='.$ent_num.
+        $link = 'passed_id=' . $id . '&amp;ent_id='.$ent_num.
                 '&amp;mailbox=' . $urlmailbox .'&amp;sort=' . $sort .
-                '&amp;startMessage=' . $startMessage . '&amp;show_more=0'; 
+                '&amp;startMessage=' . $startMessage . '&amp;show_more=0';
         if (isset($passed_ent_id)) {
             $link .= '&amp;passed_ent_id='.$passed_ent_id;
         }
+        $body .= '<center><small><a href="download.php?absolute_dl=true&amp;' .
+                 $link . '">' . _("Download this as a file") .  '</a>';
         if ($view_unsafe_images) {
             $text = _("Hide Unsafe Images");
         } else {
@@ -403,8 +411,10 @@ function formatBody($imap_stream, $message, $color, $wrap_at, $ent_num, $id, $ma
                 $text = '';
             }
         }
-        $body .= '<center><small><a href="'.$link.'">'.$text.
-                 '</a></small></center><br>' . "\n";
+        if($text != '') {
+            $body .= '&nbsp;|&nbsp;<a href="read_body.php?' . $link . '">' . $text . '</a>';
+        }
+        $body .= '</small></center><br>' . "\n";
     }
     return $body;
 }
@@ -540,10 +550,30 @@ function formatAttachments($message, $exclude_id, $mailbox, $id) {
 }
 
 function sqimap_base64_decode(&$string) {
-    $string = str_replace("\r\n", "\n", $string);
+
+    // base64 enoded data goes in pairs of 4 bytes. To achieve on the
+    // fly decoding (to reduce memory usage) you have to check if the
+    // data has incomplete pairs
+
+    // remove the noise in order to check if the 4 bytes pairs are complete
+    $string = str_replace(array("\r\n","\n", "\r", " "),array('','','',''),$string);
+
+    $sStringRem = '';    
+    $iMod = strlen($string) % 4;
+    if ($iMod) {
+        $sStringRem = substr($string,-$iMod);
+        // check if $sStringRem contains padding characters
+        if (substr($sStringRem,-1) != '=') {
+            $string = substr($string,0,-$iMod);
+        } else {
+            $sStringRem = '';
+        }
+    }
     $string = base64_decode($string);
+    return $sStringRem;
 }
 
+
 /* This function decodes the body depending on the encoding type. */
 function decodeBody($body, $encoding) {
     global $show_html_default;
@@ -575,17 +605,25 @@ function decodeBody($body, $encoding) {
     return $body;
 }
 
-/*
+/**
+ * Decodes headers
+ *
  * This functions decode strings that is encoded according to
  * RFC1522 (MIME Part Two: Message Header Extensions for Non-ASCII Text).
  * Patched by Christian Schmidt <christian@ostenfeld.dk>  23/03/2002
+ *
+ * @param string $string header string that has to be made readable
+ * @param boolean $utfencode change message in order to be readable on user's charset. defaults to true
+ * @param boolean $htmlsave preserve spaces and sanitize html special characters. defaults to true
+ * @param boolean $decide decide if string can be utfencoded. defaults to false
+ * @return string decoded header string
  */
-function decodeHeader ($string, $utfencode=true,$htmlsave=true) {
+function decodeHeader ($string, $utfencode=true,$htmlsave=true,$decide=false) {
     global $languages, $squirrelmail_language;
     if (is_array($string)) {
         $string = implode("\n", $string);
     }
-    
+
     if (isset($languages[$squirrelmail_language]['XTRA_CODE']) &&
         function_exists($languages[$squirrelmail_language]['XTRA_CODE'])) {
         $string = $languages[$squirrelmail_language]['XTRA_CODE']('decodeheader', $string);
@@ -608,12 +646,12 @@ function decodeHeader ($string, $utfencode=true,$htmlsave=true) {
         $encoded = false;
         /* if encoded words are not separated by a linear-space-white we still catch them */
         $j = $i-1;
-//	if ($chunk{0} === '=') { /* performance, saves an unnessecarry preg call */
+
         while ($match = preg_match('/^(.*)=\?([^?]*)\?(Q|B)\?([^?]*)\?=(.*)$/Ui',$chunk,$res)) {
             /* if the last chunk isn't an encoded string then put back the space, otherwise don't */
             if ($iLastMatch !== $j) {
                 if ($htmlsave) {
-                    $ret .= '&nbsp;';
+                    $ret .= '&#32;';
                 } else {
                     $ret .= ' ';
                 }
@@ -630,8 +668,15 @@ function decodeHeader ($string, $utfencode=true,$htmlsave=true) {
                 break;
             case 'Q':
                 $replace = str_replace('_', ' ', $res[4]);
-                $replace = preg_replace('/=([0-9a-f]{2})/ie', 'chr(hexdec("\1"))', 
+                $replace = preg_replace('/=([0-9a-f]{2})/ie', 'chr(hexdec("\1"))',
                                     $replace);
+        /* decide about valid decoding */
+        if ($decide && is_conversion_safe($res[2])) {
+          $utfencode=true;
+          $can_be_decoded=true;
+        } else {
+          $can_be_decoded=false;
+        }
                 /* Only encode into entities by default. Some places
                  * don't need the encoding, like the compose form.
                  */
@@ -650,13 +695,12 @@ function decodeHeader ($string, $utfencode=true,$htmlsave=true) {
             $chunk = $res[5];
             $encoded = true;
         }
-//	}
         if (!$encoded) {
             if ($htmlsave) {
-                $ret .= '&nbsp;';
+                $ret .= '&#32;';
             } else {
                 $ret .= ' ';
-            }        
+            }
         }
 
         if (!$encoded && $htmlsave) {
@@ -669,19 +713,24 @@ function decodeHeader ($string, $utfencode=true,$htmlsave=true) {
     /* remove the first added space */
     if ($ret) {
         if ($htmlsave) {
-            $ret = substr($ret,6);
+            $ret = substr($ret,5);
         } else {
             $ret = substr($ret,1);
         }
     }
-    
+
     return $ret;
 }
 
-/*
+/**
+ * Encodes header as quoted-printable
+ *
  * Encode a string according to RFC 1522 for use in headers if it
  * contains 8-bit characters or anything that looks like it should
  * be encoded.
+ *
+ * @param string $string header string, that has to be encoded
+ * @return string quoted-printable encoded string
  */
 function encodeHeader ($string) {
     global $default_charset, $languages, $squirrelmail_language;
@@ -690,9 +739,10 @@ function encodeHeader ($string) {
         function_exists($languages[$squirrelmail_language]['XTRA_CODE'])) {
         return  $languages[$squirrelmail_language]['XTRA_CODE']('encodeheader', $string);
     }
-    if (strtolower($default_charset) == 'iso-8859-1') {
-        $string = str_replace("\240",' ',$string);
-    }
+    // instead of removing nbsp here, we don't add it in decodeHeader
+    //    if (strtolower($default_charset) == 'iso-8859-1') {
+    //    $string = str_replace("\240",' ',$string);
+    //}
 
     // Encode only if the string contains 8-bit characters or =?
     $j = strlen($string);
@@ -759,7 +809,7 @@ function encodeHeader ($string) {
                     // do not start encoding in the middle of a string, also take the rest of the word.
                     $sLeadString = substr($string,0,$i);
                     $aLeadString = explode(' ',$sLeadString);
-                    $sToBeEncoded = array_pop($aLeadString);                  
+                    $sToBeEncoded = array_pop($aLeadString);
                     $iEncStart = $i - strlen($sToBeEncoded);
                     $ret .= $sToBeEncoded;
                     $cur_l += strlen($sToBeEncoded);
@@ -816,7 +866,7 @@ function find_ent_id($id, $message) {
             if (strcasecmp($message->entities[$i]->header->id, $id) == 0) {
 //                if (sq_check_save_extension($message->entities[$i])) {
                     return $message->entities[$i]->entity_id;
-//                } 
+//                }
             }
         }
     }
@@ -835,9 +885,45 @@ function sq_check_save_extension($message) {
  ** HTMLFILTER ROUTINES
  */
 
+/**
+ * This function is more or less a wrapper around stripslashes. Apparently
+ * Explorer is stupid enough to just remove the backslashes and then
+ * execute the content of the attribute as if nothing happened.
+ * Who does that?
+ *
+ * @param  attvalue   The value of the attribute
+ * @return attvalue   The value of the attribute stripslashed.
+ */
+function sq_unbackslash($attvalue){
+    /**
+     * Remove any backslashes. See if there are any first.
+     */
+
+    if (strstr($attvalue, '\\') !== false){
+        $attvalue = stripslashes($attvalue);
+    }
+    return $attvalue;
+}
+
+/**
+ * Kill any tabs, newlines, or carriage returns. Our friends the
+ * makers of the browser with 95% market value decided that it'd
+ * be funny to make "java[tab]script" be just as good as "javascript".
+ *
+ * @param  attvalue  The attribute value before extraneous spaces removed.
+ * @return attvalue  The attribute value after extraneous spaces removed.
+ */
+function sq_unspace($attvalue){
+    if (strcspn($attvalue, "\t\r\n") != strlen($attvalue)){
+        $attvalue = str_replace(Array("\t", "\r", "\n"), Array('', '', ''),
+                                $attvalue);
+    }
+    return $attvalue;
+}
+
 /**
  * This function returns the final tag out of the tag name, an array
- * of attributes, and the type of the tag. This function is called by 
+ * of attributes, and the type of the tag. This function is called by
  * sq_sanitize internally.
  *
  * @param  $tagname  the name of the tag.
@@ -881,7 +967,7 @@ function sq_casenormalize(&$val){
 /**
  * This function skips any whitespace from the current position within
  * a string and to the next non-whitespace value.
- * 
+ *
  * @param  $body   the string
  * @param  $offset the offset within the string where we should start
  *                 looking for the next non-whitespace character.
@@ -1036,7 +1122,7 @@ function sq_getnxtag($body, $offset){
      * '>'  indicating the end of the tag entirely.
      * '\s' indicating the end of the tag name.
      * '/'  indicating that this is type-3 xhtml tag.
-     * 
+     *
      * Whatever else we find there indicates an invalid tag.
      */
     switch ($match){
@@ -1245,13 +1331,14 @@ function sq_getnxtag($body, $offset){
  * @param  $attvalue A string to run entity check against.
  * @return           Translated value.
  */
+
 function sq_deent($attvalue){
     $me = 'sq_deent';
     /**
      * See if we have to run the checks first. All entities must start
      * with "&".
      */
-    if (strpos($attvalue, "&") === false){
+    if (strpos($attvalue, '&') === false){
         return $attvalue;
     }
     /**
@@ -1262,22 +1349,22 @@ function sq_deent($attvalue){
      * Leave &quot; in, as it can mess us up.
      */
     $trans = array_flip($trans);
-    unset($trans{"&quot;"});
+    unset($trans{'&quot;'});
     while (list($ent, $val) = each($trans)){
-        $attvalue = preg_replace("/$ent*(\W)/si", "$val\\1", $attvalue);
+        $attvalue = preg_replace('/' . $ent . '*/si', $val, $attvalue);
     }
     /**
      * Now translate numbered entities from 1 to 255 if needed.
      */
-    if (strpos($attvalue, "#") !== false){
+    if (strpos($attvalue, '#') !== false){
         $omit = Array(34, 39);
-        for ($asc=1; $asc<256; $asc++){
+        for ($asc = 256; $asc >= 0; $asc--){
             if (!in_array($asc, $omit)){
                 $chr = chr($asc);
-                $attvalue = preg_replace("/\&#0*$asc;*(\D)/si", "$chr\\1", 
-                                         $attvalue);
-                $attvalue = preg_replace("/\&#x0*".dechex($asc).";*(\W)/si",
-                                         "$chr\\1", $attvalue);
+                $octrule = '/\&#0*' . $asc . ';*/si';
+                $hexrule = '/\&#x0*' . dechex($asc) . ';*/si';
+                $attvalue = preg_replace($octrule, $chr, $attvalue);
+                $attvalue = preg_replace($hexrule, $chr, $attvalue);
             }
         }
     }
@@ -1296,8 +1383,8 @@ function sq_deent($attvalue){
  * @param  $id              message id
  * @return                  Array with modified attributes.
  */
-function sq_fixatts($tagname, 
-                    $attary, 
+function sq_fixatts($tagname,
+                    $attary,
                     $rm_attnames,
                     $bad_attvals,
                     $add_attr_to_tag,
@@ -1321,9 +1408,17 @@ function sq_fixatts($tagname,
             }
         }
         /**
-         * Remove any entities.
+         * Remove any backslashes, entities, and extraneous whitespace.
          */
+        $attvalue = sq_unbackslash($attvalue);
         $attvalue = sq_deent($attvalue);
+        $attvalue = sq_unspace($attvalue);
+
+        /**
+         * Remove \r \n \t \0 " " "\\"
+         */
+        $attvalue = str_replace(Array("\r", "\n", "\t", "\0", " ", "\\"),
+                        Array('', '','','','',''), $attvalue);
 
         /**
          * Now let's run checks on the attvalues.
@@ -1341,7 +1436,7 @@ function sq_fixatts($tagname,
                          * Second one is replacements
                          */
                         list($valmatch, $valrepl) = $valary;
-                        $newvalue = 
+                        $newvalue =
                             preg_replace($valmatch, $valrepl, $attvalue);
                         if ($newvalue != $attvalue){
                             $attary{$attname} = $newvalue;
@@ -1371,13 +1466,14 @@ function sq_fixatts($tagname,
 /**
  * This function edits the style definition to make them friendly and
  * usable in squirrelmail.
- * 
+ *
  * @param  $message  the message object
  * @param  $id       the message id
  * @param  $content  a string with whatever is between <style> and </style>
+ * @param  $mailbox  the message mailbox
  * @return           a string with edited content.
  */
-function sq_fixstyle($body, $pos, $message, $id){
+function sq_fixstyle($body, $pos, $message, $id, $mailbox){
     global $view_unsafe_images;
     $me = 'sq_fixstyle';
     $ret = sq_findnxreg($body, $pos, '</\s*style\s*>');
@@ -1407,14 +1503,14 @@ function sq_fixstyle($body, $pos, $message, $id){
         $content = preg_replace("|url\s*\(\s*([\'\"])\s*https*:.*?([\'\"])\s*\)|si",
                                 "url(\\1$secremoveimg\\2)", $content);
     }
-   
+
     /**
      * Fix urls that refer to cid:
      */
-    while (preg_match("|url\s*\(\s*([\'\"]\s*cid:.*?[\'\"])\s*\)|si", 
+    while (preg_match("|url\s*\(\s*([\'\"]\s*cid:.*?[\'\"])\s*\)|si",
                       $content, $matches)){
         $cidurl = $matches{1};
-        $httpurl = sq_cid2http($message, $id, $cidurl);
+        $httpurl = sq_cid2http($message, $id, $cidurl, $mailbox);
         $content = preg_replace("|url\s*\(\s*$cidurl\s*\)|si",
                                 "url($httpurl)", $content);
     }
@@ -1425,8 +1521,9 @@ function sq_fixstyle($body, $pos, $message, $id){
      */
     $match   = Array('/expression/i',
                      '/behaviou*r/i',
-                     '/binding/i');
-    $replace = Array('idiocy', 'idiocy', 'idiocy');
+                     '/binding/i',
+                     '/include-source/i');
+    $replace = Array('idiocy', 'idiocy', 'idiocy', 'idiocy');
     $content = preg_replace($match, $replace, $content);
     return array($content, $newpos);
 }
@@ -1438,6 +1535,7 @@ function sq_fixstyle($body, $pos, $message, $id){
  * @param  $message  the message object
  * @param  $id       the message id
  * @param  $cidurl   the cid: url.
+ * @param  $mailbox  the message mailbox
  * @return           a string with a http-friendly url
  */
 function sq_cid2http($message, $id, $cidurl, $mailbox){
@@ -1445,7 +1543,11 @@ function sq_cid2http($message, $id, $cidurl, $mailbox){
      * Get rid of quotes.
      */
     $quotchar = substr($cidurl, 0, 1);
-    $cidurl = str_replace($quotchar, "", $cidurl);
+    if ($quotchar == '"' || $quotchar == "'"){
+        $cidurl = str_replace($quotchar, "", $cidurl);
+    } else {
+        $quotchar = '';
+    }
     $cidurl = substr(trim($cidurl), 4);
     $linkurl = find_ent_id($cidurl, $message);
     /* in case of non-save cid links $httpurl should be replaced by a sort of
@@ -1463,14 +1565,18 @@ function sq_cid2http($message, $id, $cidurl, $mailbox){
  * This function changes the <body> tag into a <div> tag since we
  * can't really have a body-within-body.
  *
- * @param  $attary  an array of attributes and values of <body>
- * @return          a modified array of attributes to be set for <div>
+ * @param  $attary   an array of attributes and values of <body>
+ * @param  $mailbox  mailbox we're currently reading (for cid2http)
+ * @param  $message  current message (for cid2http)
+ * @param  $id       current message id (for cid2http)
+ * @return           a modified array of attributes to be set for <div>
  */
-function sq_body2div($attary){
+function sq_body2div($attary, $mailbox, $message, $id){
     $me = 'sq_body2div';
     $divattary = Array('class' => "'bodyclass'");
     $bgcolor = '#ffffff';
     $text = '#000000';
+    $has_bgc_stl = $has_txt_stl = false;
     $styledef = '';
     if (is_array($attary) && sizeof($attary) > 0){
         foreach ($attary as $attname=>$attvalue){
@@ -1478,16 +1584,25 @@ function sq_body2div($attary){
             $attvalue = str_replace($quotchar, "", $attvalue);
             switch ($attname){
                 case 'background':
+                    $attvalue = sq_cid2http($message, $id,
+                                            $attvalue, $mailbox);
                     $styledef .= "background-image: url('$attvalue'); ";
                     break;
                 case 'bgcolor':
+                    $has_bgc_stl = true;
                     $styledef .= "background-color: $attvalue; ";
                     break;
                 case 'text':
+                    $has_txt_stl = true;
                     $styledef .= "color: $attvalue; ";
                     break;
             }
         }
+        // Outlook defines a white bgcolor and no text color. This can lead to
+        // white text on a white bg with certain themes.
+        if ($has_bgc_stl && !$has_txt_stl) {
+            $styledef .= "color: $text; ";
+        }
         if (strlen($styledef) > 0){
             $divattary{"style"} = "\"$styledef\"";
         }
@@ -1515,8 +1630,8 @@ function sq_body2div($attary){
  * @param $id                   message id
  * @return                      sanitized html safe to show on your pages.
  */
-function sq_sanitize($body, 
-                     $tag_list, 
+function sq_sanitize($body,
+                     $tag_list,
                      $rm_tags_with_content,
                      $self_closing_tags,
                      $force_tag_closing,
@@ -1542,7 +1657,7 @@ function sq_sanitize($body,
      */
     $curpos = 0;
     $open_tags = Array();
-    $trusted = "<!-- begin sanitized html -->\n";
+    $trusted = "\n<!-- begin sanitized html -->\n";
     $skip_content = false;
     /**
      * Take care of netscape's stupid javascript entities like
@@ -1557,8 +1672,8 @@ function sq_sanitize($body,
          * Take care of <style>
          */
         if ($tagname == "style" && $tagtype == 1){
-            list($free_content, $curpos) = 
-                sq_fixstyle($body, $gt+1, $message, $id);
+            list($free_content, $curpos) =
+                sq_fixstyle($body, $gt+1, $message, $id, $mailbox);
             if ($free_content != FALSE){
                 $trusted .= sq_tagprint($tagname, $attary, $tagtype);
                 $trusted .= $free_content;
@@ -1581,13 +1696,12 @@ function sq_sanitize($body,
                     if ($skip_content == false){
                         if ($tagname == "body"){
                             $tagname = "div";
+                        }
+                        if (isset($open_tags{$tagname}) &&
+                            $open_tags{$tagname} > 0){
+                            $open_tags{$tagname}--;
                         } else {
-                            if (isset($open_tags{$tagname}) && 
-                                $open_tags{$tagname} > 0){
-                                $open_tags{$tagname}--;
-                            } else {
-                                $tagname = false;
-                            }
+                            $tagname = false;
                         }
                     }
                 }
@@ -1602,7 +1716,7 @@ function sq_sanitize($body,
                      */
                     if ($tagtype == 1
                         && in_array($tagname, $self_closing_tags)){
-                        $tagtype=3;
+                        $tagtype = 3;
                     }
                     /**
                      * See if we should skip this tag and any content
@@ -1612,12 +1726,20 @@ function sq_sanitize($body,
                         in_array($tagname, $rm_tags_with_content)){
                         $skip_content = $tagname;
                     } else {
-                        if (($rm_tags == false 
+                        if (($rm_tags == false
                              && in_array($tagname, $tag_list)) ||
                             ($rm_tags == true &&
                              !in_array($tagname, $tag_list))){
                             $tagname = false;
                         } else {
+                            /**
+                             * Convert body into div.
+                             */
+                            if ($tagname == "body"){
+                                $tagname = "div";
+                                $attary = sq_body2div($attary, $mailbox,
+                                                      $message, $id);
+                            }
                             if ($tagtype == 1){
                                 if (isset($open_tags{$tagname})){
                                     $open_tags{$tagname}++;
@@ -1639,13 +1761,6 @@ function sq_sanitize($body,
                                                      $mailbox
                                                      );
                             }
-                            /**
-                             * Convert body into div.
-                             */
-                            if ($tagname == "body"){
-                                $tagname = "div";
-                                $attary = sq_body2div($attary, $message, $id);
-                            }
                         }
                     }
                 }
@@ -1693,14 +1808,18 @@ function magicHTML($body, $id, $message, $mailbox = 'INBOX') {
                       "base",
                       "link",
                       "frame",
-                      "iframe"
+                      "iframe",
+                      "plaintext",
+                      "marquee"
                       );
 
     $rm_tags_with_content = Array(
                                   "script",
                                   "applet",
                                   "embed",
-                                  "title"
+                                  "title",
+                                  "frameset",
+                                  "xml"
                                   );
 
     $self_closing_tags =  Array(
@@ -1710,7 +1829,7 @@ function magicHTML($body, $id, $message, $mailbox = 'INBOX') {
                                 "input"
                                 );
 
-    $force_tag_closing = false;
+    $force_tag_closing = true;
 
     $rm_attnames = Array(
                          "/.*/" =>
@@ -1730,7 +1849,6 @@ function magicHTML($body, $id, $message, $mailbox = 'INBOX') {
                 "/^src|background/i" =>
                     Array(
                           Array(
-                                "|^([\'\"])\s*\.\./.*([\'\"])|si",
                                 "/^([\'\"])\s*\S+script\s*:.*([\'\"])/si",
                                 "/^([\'\"])\s*mocha\s*:*.*([\'\"])/si",
                                 "/^([\'\"])\s*about\s*:.*([\'\"])/si"
@@ -1745,16 +1863,15 @@ function magicHTML($body, $id, $message, $mailbox = 'INBOX') {
                 "/^href|action/i" =>
                     Array(
                           Array(
-                                "|^([\'\"])\s*\.\./.*([\'\"])|si",
                                 "/^([\'\"])\s*\S+script\s*:.*([\'\"])/si",
                                 "/^([\'\"])\s*mocha\s*:*.*([\'\"])/si",
                                 "/^([\'\"])\s*about\s*:.*([\'\"])/si"
                                 ),
                           Array(
-                                "\\1#\\2",
-                                "\\1#\\2",
-                                "\\1#\\2",
-                                "\\1#\\2"
+                                "\\1#\\1",
+                                "\\1#\\1",
+                                "\\1#\\1",
+                                "\\1#\\1"
                                 )
                         ),
                 "/^style/i" =>
@@ -1763,25 +1880,28 @@ function magicHTML($body, $id, $message, $mailbox = 'INBOX') {
                                 "/expression/i",
                                 "/binding/i",
                                 "/behaviou*r/i",
-                                "|url\s*\(\s*([\'\"])\s*\.\./.*([\'\"])\s*\)|si",
+                                "/include-source/i",
                                 "/url\s*\(\s*([\'\"])\s*\S+script\s*:.*([\'\"])\s*\)/si",
                                 "/url\s*\(\s*([\'\"])\s*mocha\s*:.*([\'\"])\s*\)/si",
-                                "/url\s*\(\s*([\'\"])\s*about\s*:.*([\'\"])\s*\)/si"
+                                "/url\s*\(\s*([\'\"])\s*about\s*:.*([\'\"])\s*\)/si",
+                                "/(.*)\s*:\s*url\s*\(\s*([\'\"]*)\s*\S+script\s*:.*([\'\"]*)\s*\)/si"
                                ),
                           Array(
                                 "idiocy",
                                 "idiocy",
                                 "idiocy",
-                                "url(\\1#\\2)",
-                                "url(\\1#\\2)",
-                                "url(\\1#\\2)",
-                                "url(\\1#\\2)"
+                                "idiocy",
+                                "url(\\1#\\1)",
+                                "url(\\1#\\1)",
+                                "url(\\1#\\1)",
+                                "url(\\1#\\1)",
+                                "\\1:url(\\2#\\3)"
                                )
                           )
                 )
         );
     if( !sqgetGlobalVar('view_unsafe_images', $view_unsafe_images, SQ_GET) ) {
-	$view_unsafe_images = false;
+        $view_unsafe_images = false;
     }
     if (!$view_unsafe_images){
         /**
@@ -1791,18 +1911,21 @@ function magicHTML($body, $id, $message, $mailbox = 'INBOX') {
          array_push($bad_attvals{'/.*/'}{'/^src|background/i'}[0],
                     '/^([\'\"])\s*https*:.*([\'\"])/si');
          array_push($bad_attvals{'/.*/'}{'/^src|background/i'}[1],
-                    "\\1$secremoveimg\\2");
+                    "\\1$secremoveimg\\1");
          array_push($bad_attvals{'/.*/'}{'/^style/i'}[0],
                     '/url\(([\'\"])\s*https*:.*([\'\"])\)/si');
          array_push($bad_attvals{'/.*/'}{'/^style/i'}[1],
-                    "url(\\1$secremoveimg\\2)");
+                    "url(\\1$secremoveimg\\1)");
     }
 
     $add_attr_to_tag = Array(
-                             "/^a$/i" => Array('target'=>'"_new"')
-                             );
-    $trusted = sq_sanitize($body, 
-                           $tag_list, 
+        "/^a$/i" =>
+            Array('target'=>'"_new"',
+                  'title'=>'"'._("This external link will open in a new window").'"'
+            )
+    );
+    $trusted = sq_sanitize($body,
+                           $tag_list,
                            $rm_tags_with_content,
                            $self_closing_tags,
                            $force_tag_closing,
@@ -1815,8 +1938,115 @@ function magicHTML($body, $id, $message, $mailbox = 'INBOX') {
                            );
     if (preg_match("|$secremoveimg|i", $trusted)){
         $has_unsafe_images = true;
-    } 
+    }
     return $trusted;
 }
 
+/**
+ * function SendDownloadHeaders - send file to the browser
+ *
+ * Original Source: SM core src/download.php
+ * moved here to make it available to other code, and separate
+ * front end from back end functionality.
+ *
+ * @param string $type0 first half of mime type
+ * @param string $type1 second half of mime type
+ * @param string $filename filename to tell the browser for downloaded file
+ * @param boolean $force whether to force the download dialog to pop
+ * @param optional integer $filesize send the Content-Header and length to the browser
+ * @return void
+ */
+ function SendDownloadHeaders($type0, $type1, $filename, $force, $filesize=0) {
+     global $languages, $squirrelmail_language;
+     $isIE = $isIE6 = 0;
+
+     sqgetGlobalVar('HTTP_USER_AGENT', $HTTP_USER_AGENT, SQ_SERVER);
+
+     if (strstr($HTTP_USER_AGENT, 'compatible; MSIE ') !== false &&
+         strstr($HTTP_USER_AGENT, 'Opera') === false) {
+         $isIE = 1;
+     }
+
+     if (strstr($HTTP_USER_AGENT, 'compatible; MSIE 6') !== false &&
+         strstr($HTTP_USER_AGENT, 'Opera') === false) {
+         $isIE6 = 1;
+     }
+
+     if (isset($languages[$squirrelmail_language]['XTRA_CODE']) &&
+         function_exists($languages[$squirrelmail_language]['XTRA_CODE'])) {
+         $filename =
+         $languages[$squirrelmail_language]['XTRA_CODE']('downloadfilename', $filename, $HTTP_USER_AGENT);
+     } else {
+         $filename = ereg_replace('[\\/:\*\?"<>\|;]', '_', str_replace('&nbsp;', ' ', $filename));
+     }
+
+     // A Pox on Microsoft and it's Internet Explorer!
+     //
+     // IE has lots of bugs with file downloads.
+     // It also has problems with SSL.  Both of these cause problems
+     // for us in this function.
+     //
+     // See this article on Cache Control headers and SSL
+     // http://support.microsoft.com/default.aspx?scid=kb;en-us;323308
+     //
+     // The best thing you can do for IE is to upgrade to the latest
+     // version
+     //set all the Cache Control Headers for IE
+     if ($isIE) {
+         header ("Pragma: public");
+         header ("Cache-Control: no-store, max-age=0, no-cache, must-revalidate"); # HTTP/1.1
+         header ("Cache-Control: post-check=0, pre-check=0", false);
+         header ("Cache-control: private");
+
+         //set the inline header for IE, we'll add the attachment header later if we need it
+         header ("Content-Disposition: inline; filename=$filename");
+     }
+
+     if (!$force) {
+         // Try to show in browser window
+         header ("Content-Disposition: inline; filename=\"$filename\"");
+         header ("Content-Type: $type0/$type1; name=\"$filename\"");
+     } else {
+         // Try to pop up the "save as" box
+
+         // IE makes this hard.  It pops up 2 save boxes, or none.
+         // http://support.microsoft.com/support/kb/articles/Q238/5/88.ASP
+         // http://support.microsoft.com/default.aspx?scid=kb;EN-US;260519
+         // But, according to Microsoft, it is "RFC compliant but doesn't
+         // take into account some deviations that allowed within the
+         // specification."  Doesn't that mean RFC non-compliant?
+         // http://support.microsoft.com/support/kb/articles/Q258/4/52.ASP
+
+         // all browsers need the application/octet-stream header for this
+         header ("Content-Type: application/octet-stream; name=\"$filename\"");
+
+         // http://support.microsoft.com/support/kb/articles/Q182/3/15.asp
+         // Do not have quotes around filename, but that applied to
+         // "attachment"... does it apply to inline too?
+         header ("Content-Disposition: attachment; filename=\"$filename\"");
+
+         if ($isIE && !$isIE6) {
+             // This combination seems to work mostly.  IE 5.5 SP 1 has
+             // known issues (see the Microsoft Knowledge Base)
+
+             // This works for most types, but doesn't work with Word files
+             header ("Content-Type: application/download; name=\"$filename\"");
+
+             // These are spares, just in case.  :-)
+             //header("Content-Type: $type0/$type1; name=\"$filename\"");
+             //header("Content-Type: application/x-msdownload; name=\"$filename\"");
+             //header("Content-Type: application/octet-stream; name=\"$filename\"");
+         } else {
+             // another application/octet-stream forces download for Netscape
+             header ("Content-Type: application/octet-stream; name=\"$filename\"");
+         }
+     }
+
+     //send the content-length header if the calling function provides it
+     if ($filesize > 0) {
+         header("Content-Length: $filesize");
+     }
+
+}  // end fn SendDownloadHeaders
+
 ?>