Fix again for Internet Explorer's stupidity of decoding characters, then

Fix again for Internet Explorer's stupidity of decoding characters, then
executing it blindly.  This code was fixed originally, but apparently some
how didn't work right.  I checked on HastyMail and did a file comparision,
and noticed that one version of the same filter doesn't use \W... on removal
of that in the regex, the function seemed to correctly strip out bad functions

See http://www.securityfocus.com/archive/1/340118 for further information.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@6268 7612ce4b-ef26-0410-bec9-ea0150e637f0