From cef054e43ed3267ec7c3f9915271747b43992b0c Mon Sep 17 00:00:00 2001 From: stekkel Date: Mon, 24 Feb 2003 18:49:53 +0000 Subject: [PATCH] lot's of fixes: * removed htmlspecialchars from charset_decode because of double htmlspecialchars calls * fix for \NoSelect folders * code cleanups * added htmlspecialchars for displayattachmnent (filename) * fixed charset issue with base64 encoded strings (decodeHeader) git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@4541 7612ce4b-ef26-0410-bec9-ea0150e637f0 --- functions/i18n.php | 8 +- functions/imap_mailbox.php | 186 ++++++++++------------------------ functions/imap_messages.php | 77 +++++++------- functions/mailbox_display.php | 62 +----------- functions/mime.php | 4 +- 5 files changed, 107 insertions(+), 230 deletions(-) diff --git a/functions/i18n.php b/functions/i18n.php index 6ed513b7..cc9e3f9d 100644 --- a/functions/i18n.php +++ b/functions/i18n.php @@ -25,7 +25,13 @@ function charset_decode ($charset, $string) { } /* All HTML special characters are 7 bit and can be replaced first */ - $string = htmlspecialchars ($string); + + /* NOTE Marc Groot Koerkamp: This is the wrong place to do + htmlspecialchars, It should be done before the echo. + By doing it here we get double htmlspecialchars calls which translates + < => < => &lt; + */ + //$string = htmlspecialchars ($string); $charset = strtolower($charset); diff --git a/functions/imap_mailbox.php b/functions/imap_mailbox.php index ee1e657a..7bc1313d 100755 --- a/functions/imap_mailbox.php +++ b/functions/imap_mailbox.php @@ -109,8 +109,7 @@ function readMailboxParent($haystack, $needle) { * Check if $subbox is below the specified $parentbox */ function isBoxBelow( $subbox, $parentbox ) { - global $delimiter, $folder_prefix, $imap_server_type; - + global $delimiter; /* * Eliminate the obvious mismatch, where the * subfolder path is shorter than that of the potential parent @@ -118,28 +117,15 @@ function isBoxBelow( $subbox, $parentbox ) { if ( strlen($subbox) < strlen($parentbox) ) { return false; } - - if ( $imap_server_type == 'uw' ) { - $boxs = $parentbox; - $i = strpos( $subbox, $delimiter, strlen( $folder_prefix ) ); - if ( $i === false ) { - $i = strlen( $parentbox ); - } - } else { - if (substr($parentbox,0,strlen($subbox)) == $subbox) { - return true; - } - $boxs = $parentbox . $delimiter; - /* Skip next second delimiter */ - $i = strpos( $subbox, $delimiter ); - $i = strpos( $subbox, $delimiter, $i + 1 ); - if ( $i === false ) { - $i = strlen( $parentbox ); - } else { - $i++; - } - } - return ( substr( $subbox, 0, $i ) == substr( $boxs, 0, $i ) ); + /* check for delimiter */ + if (!substr($parentbox,-1) == $delimiter) { + $parentbox.=$delimiter; + } + if (substr($subbox,0,strlen($parentbox)) == $parentbox) { + return true; + } else { + return false; + } } /* Defines special mailboxes */ @@ -350,7 +336,7 @@ function sqimap_mailbox_parse ($line, $line_lsub) { global $folder_prefix, $delimiter; /* Process each folder line */ - for ($g = 0, $cnt = count($line); $g < $cnt; $g++) { + for ($g = 0, $cnt = count($line); $g < $cnt; ++$g) { /* Store the raw IMAP reply */ if (isset($line[$g])) { $boxesall[$g]['raw'] = $line[$g]; @@ -420,48 +406,7 @@ function sqimap_mailbox_parse ($line, $line_lsub) { * With special sort function: foobar AFTER foo and foo.bar :) */ function user_strcasecmp($a, $b) { - global $delimiter; - return strnatcasecmp($a, $b); - - /* Calculate the length of some strings. */ - $a_length = strlen($a); - $b_length = strlen($b); - $min_length = min($a_length, $b_length); - $delimiter_length = strlen($delimiter); - - /* Set the initial result value. */ - $result = 0; - /* Check the strings... */ - for ($c = 0; $c < $min_length; ++$c) { - $a_del = substr($a, $c, $delimiter_length); - $b_del = substr($b, $c, $delimiter_length); - - if (($a_del == $delimiter) && ($b_del == $delimiter)) { - $result = 0; - } else if (($a_del == $delimiter) && ($b_del != $delimiter)) { - $result = -1; - } else if (($a_del != $delimiter) && ($b_del == $delimiter)) { - $result = 1; - } else { - $result = strcasecmp($a{$c}, $b{$c}); - } - - if ($result != 0) { - break; - } - } - - /* If one string is a prefix of the other... */ - if ($result == 0) { - if ($a_length < $b_length) { - $result = -1; - } else if ($a_length > $b_length) { - $result = 1; - } - } - - return $result; } /* @@ -538,45 +483,42 @@ function sqimap_mailbox_list($imap_stream) { $lsub_ary = sqimap_run_command ($imap_stream, $lsub_args, true, $response, $message); - - /* - * Section about removing the last element was removed - * We don't return "* OK" anymore from sqimap_read_data - */ - $sorted_lsub_ary = array(); for ($i = 0, $cnt = count($lsub_ary);$i < $cnt; $i++) { /* - * Workaround for EIMS - * Doesn't work if the mailbox name is multiple lines + * Workaround for mailboxes returned as literal + * Doesn't work if the mailbox name is multiple lines + * (larger then fgets buffer) */ - if (isset($lsub_ary[$i + 1]) && - ereg("^(\\* [A-Z]+.*)\\{[0-9]+\\}([ \n\r\t]*)$", + if (isset($lsub_ary[$i + 1]) && substr($lsub_ary[$i],-3) == "}\r\n") { + if (ereg("^(\\* [A-Z]+.*)\\{[0-9]+\\}([ \n\r\t]*)$", $lsub_ary[$i], $regs)) { - $i++; - $lsub_ary[$i] = $regs[1] . '"' . addslashes(trim($lsub_ary[$i])) . '"' . $regs[2]; + $i++; + $lsub_ary[$i] = $regs[1] . '"' . addslashes(trim($lsub_ary[$i])) . '"' . $regs[2]; + } } $temp_mailbox_name = find_mailbox_name($lsub_ary[$i]); $sorted_lsub_ary[] = $temp_mailbox_name; - if (strtoupper($temp_mailbox_name) == 'INBOX') { + if (!$inbox_subscribed && strtoupper($temp_mailbox_name) == 'INBOX') { $inbox_subscribed = true; } } - $new_ary = array(); - for ($i = 0, $cnt = count($sorted_lsub_ary); $i < $cnt; $i++) { - if (!in_array($sorted_lsub_ary[$i], $new_ary)) { - $new_ary[] = $sorted_lsub_ary[$i]; - } - } - $sorted_lsub_ary = $new_ary; + /* remove duplicates */ + $sorted_lsub_ary = array_unique($sorted_lsub_ary); + + /* natural sort mailboxes */ if (isset($sorted_lsub_ary)) { usort($sorted_lsub_ary, 'user_strcasecmp'); } - $sorted_list_ary = $sorted_lsub_ary; - /* LIST array */ -/* $sorted_list_ary = array(); + /* + * The LSUB response doesn't provide us information about \Noselect + * mail boxes. The LIST response does, that's why we need to do a LIST + * call to retrieve the flags for the mailbox + * Note: according RFC2060 an imap server may provide \NoSelect flags in the LSUB response. + * in other words, we cannot rely on it. + */ + $sorted_list_ary = array(); for ($i=0; $i < count($sorted_lsub_ary); $i++) { - if (false) { if (substr($sorted_lsub_ary[$i], -1) == $delimiter) { $mbx = substr($sorted_lsub_ary[$i], 0, strlen($sorted_lsub_ary[$i])-1); } @@ -586,48 +528,38 @@ function sqimap_mailbox_list($imap_stream) { $read = sqimap_run_command ($imap_stream, "LIST \"\" \"$mbx\"", true, $response, $message); -*/ - /* Another workaround for EIMS */ -/* - if (isset($read[1]) && - ereg("^(\\* [A-Z]+.*)\\{[0-9]+\\}([ \n\r\t]*)$", - $read[0], $regs)) { - $read[0] = $regs[1] . '"' . addslashes(trim($read[1])) . '"' . $regs[2]; - } - if (isset($sorted_list_ary[$i])) { - $sorted_list_ary[$i] = ''; + /* Another workaround for literals */ + + if (isset($read[1]) && substr($read[1],-3) == "}\r\n") { + if (ereg("^(\\* [A-Z]+.*)\\{[0-9]+\\}([ \n\r\t]*)$", + $read[0], $regs)) { + $read[0] = $regs[1] . '"' . addslashes(trim($read[1])) . '"' . $regs[2]; + } } if (isset($read[0])) { $sorted_list_ary[$i] = $read[0]; - } - else { + } else { $sorted_list_ary[$i] = ''; } - - if (isset($sorted_list_ary[$i]) && - strtoupper(find_mailbox_name($sorted_list_ary[$i])) == 'INBOX') { - $inbox_in_list = true; - } } -*/ -/* $inbox_in_list = true; */ + /* * Just in case they're not subscribed to their inbox, * we'll get it for them anyway */ - if (!$inbox_subscribed) {/* || !$inbox_in_list) { */ + if (!$inbox_subscribed) { $inbox_ary = sqimap_run_command ($imap_stream, "LIST \"\" \"INBOX\"", true, $response, $message); - /* Another workaround for EIMS */ - if (isset($inbox_ary[1]) && - ereg("^(\\* [A-Z]+.*)\\{[0-9]+\\}([ \n\r\t]*)$", + /* Another workaround for literals */ + if (isset($inbox_ary[1]) && substr($inbox_ary[$i],-3) == "}\r\n") { + if (ereg("^(\\* [A-Z]+.*)\\{[0-9]+\\}([ \n\r\t]*)$", $inbox_ary[0], $regs)) { - $inbox_ary[0] = $regs[1] . '"' . addslashes(trim($inbox_ary[1])) . + $inbox_ary[0] = $regs[1] . '"' . addslashes(trim($inbox_ary[1])) . '"' . $regs[2]; + } } - $sorted_list_ary[] = $inbox_ary[0]; $sorted_lsub_ary[] = find_mailbox_name($inbox_ary[0]); } @@ -639,36 +571,24 @@ function sqimap_mailbox_list($imap_stream) { /* Find INBOX */ $cnt = count($boxesall); - for($k = 0; $k < $cnt; $k++) { + $used = array_pad($used,$cnt,false); + for($k = 0; $k < $cnt; ++$k) { if (strtolower($boxesall[$k]['unformatted']) == 'inbox') { $boxesnew[] = $boxesall[$k]; $used[$k] = true; - } else { - $used[$k] = false; + break; } } /* List special folders and their subfolders, if requested. */ if ($list_special_folders_first) { - for($k = 0; $k < $cnt; $k++) { + for($k = 0; $k < $cnt; ++$k) { if (!$used[$k] && isSpecialMailbox($boxesall[$k]['unformatted'])) { $boxesnew[] = $boxesall[$k]; $used[$k] = true; } - $spec_sub = str_replace(' ', '', $boxesall[$k]['formatted']); - $spec_sub = preg_replace("/(\*|\[|\]|\(|\)|\?|\+|\{|\}|\^|\\$)/", '\\\\'.'\\1', $spec_sub); - - /* In case of problems with preg - here is a ereg version - if (!$used[$k] && ereg("^$default_folder_prefix(Sent|Drafts|Trash).{1}$spec_sub$", $box['unformatted']) ) { - */ - $match = "?^$default_folder_prefix(Sent|Drafts|Trash).{1}$spec_sub$?"; - if (!$used[$k] && preg_match($match, $boxesall[$k]['unformatted']) ) { - $boxesnew[] = $boxesall[$k]; - $used[$k] = true; - } - } + } + } - } /* Rest of the folders */ for($k = 0; $k < $cnt; $k++) { if (!$used[$k]) { diff --git a/functions/imap_messages.php b/functions/imap_messages.php index d609c8ea..b71d8d25 100755 --- a/functions/imap_messages.php +++ b/functions/imap_messages.php @@ -425,14 +425,14 @@ function elapsedTime($start) { function sqimap_get_small_header_list ($imap_stream, $msg_list) { global $squirrelmail_language, $color, $data_dir, $username, $imap_server_type; - global $uid_support; + global $uid_support, $allow_server_sort; /* Get the small headers for each message in $msg_list */ $sid = sqimap_session_id($uid_support); $maxmsg = sizeof($msg_list); $msgs_str = sqimap_message_list_squisher($msg_list); - $results = array(); + $messages = array(); $read_list = array(); /* * We need to return the data in the same order as the caller supplied @@ -510,16 +510,8 @@ function sqimap_get_small_header_list ($imap_stream, $msg_list) { $from = _("Unknown Sender"); $priority = 0; $messageid = '<>'; - $cc = ''; - $to = ''; - $date = ''; - $type[0] = ''; - $type[1] = ''; - $inrepto = ''; - $flag_seen = false; - $flag_answered = false; - $flag_deleted = false; - $flag_flagged = false; + $cc = $to = $date = $type[0] = $type[1] = $inrepto = ''; + $flag_seen = $flag_answered = $flag_deleted = $flag_flagged = false; $read = $read_list[$msgi]; $prevline = false; @@ -618,6 +610,9 @@ function sqimap_get_small_header_list ($imap_stream, $msg_list) { $type = substr($type, 0, $pos); } $type = explode("/", $type); + if(!is_array($type)) { + $type[0] = 'text'; + } if (!isset($type[1])) { $type[1] = ''; } @@ -630,32 +625,46 @@ function sqimap_get_small_header_list ($imap_stream, $msg_list) { } } - - $header = new small_header; - + + if (isset($date)) { + $date = str_replace(' ', ' ', $date); + $tmpdate = explode(' ', trim($date)); + } else { + $tmpdate = $date = array('', '', '', '', '', ''); + } if ($uid_support) { - $header->uid = $unique_id; + $messages[$msgi]['ID'] = $unique_id; } else { - $header->uid = $msg_list[$msgi]; + $messages[$msgi]['ID'] = $msg_list[$msgi]; } - $header->date = $date; - $header->subject = $subject; - $header->to = $to; - $header->from = $from; - $header->priority = $priority; - $header->message_id = $messageid; - $header->cc = $cc; - $header->size = $size; - $header->type0 = $type[0]; - $header->type1 = $type[1]; - $header->flag_seen = $flag_seen; - $header->flag_answered = $flag_answered; - $header->flag_deleted = $flag_deleted; - $header->flag_flagged = $flag_flagged; - $header->inrepto = $inrepto; - $result[] = $header; + + $messages[$msgi]['TIME_STAMP'] = getTimeStamp($tmpdate); + $messages[$msgi]['DATE_STRING'] = getDateString($messages[$msgi]['TIME_STAMP']); + $messages[$msgi]['FROM'] = decodeHeader($from); + $messages[$msgi]['SUBJECT'] = decodeHeader($subject); + $messages[$msgi]['TO'] = decodeHeader($to); + $messages[$msgi]['PRIORITY'] = $priority; + $messages[$msgi]['CC'] = $cc; + $messages[$msgi]['SIZE'] = $size; + $messages[$msgi]['TYPE0'] = $type[0]; + $messages[$msgi]['FLAG_DELETED'] = $flag_deleted; + $messages[$msgi]['FLAG_ANSWERED'] = $flag_answered; + $messages[$msgi]['FLAG_SEEN'] = $flag_seen; + $messages[$msgi]['FLAG_FLAGGED'] = $flag_flagged; + + /* non server sort stuff */ + if (!$allow_server_sort) { + $messages[$msgi]['FROM-SORT'] = strtolower(sqimap_find_displayable_name(decodeHeader($from))); + $subject_sort = strtolower(decodeHeader($subject)); + if (preg_match("/^(vedr|sv|re|aw):\s*(.*)$/si", $subject_sort, $matches)){ + $messages[$msgi]['SUBJECT-SORT'] = $matches[2]; + } else { + $messages[$msgi]['SUBJECT-SORT'] = $subject_sort; + } + } + } - return $result; + return $messages; } function sqimap_get_headerfield($imap_stream, $field) { diff --git a/functions/mailbox_display.php b/functions/mailbox_display.php index c862dbca..05162a90 100644 --- a/functions/mailbox_display.php +++ b/functions/mailbox_display.php @@ -482,67 +482,7 @@ function calc_msort($msgs, $sort) { } function fillMessageArray($imapConnection, $id, $count) { - $msgs_list = sqimap_get_small_header_list($imapConnection, $id); - $messages = array(); - if (sizeof($msgs_list)) { - foreach ($msgs_list as $hdr) { - $unique_id[] = $hdr->uid; - $from[] = $hdr->from; - $date[] = $hdr->date; - $subject[] = $hdr->subject; - $to[] = $hdr->to; - $priority[] = $hdr->priority; - $cc[] = $hdr->cc; - $size[] = $hdr->size; - $type[] = $hdr->type0; - $flag_deleted[] = $hdr->flag_deleted; - $flag_answered[] = $hdr->flag_answered; - $flag_seen[] = $hdr->flag_seen; - $flag_flagged[] = $hdr->flag_flagged; - } - } - - for($j = 0; $j < $count; ++$j) { - if (isset($date[$j])) { - $date[$j] = str_replace(' ', ' ', $date[$j]); - $tmpdate = explode(' ', trim($date[$j])); - } else { - $tmpdate = $date = array('', '', '', '', '', ''); - } - $messages[$j]['TIME_STAMP'] = getTimeStamp($tmpdate); - $messages[$j]['DATE_STRING'] = - getDateString($messages[$j]['TIME_STAMP']); - $messages[$j]['ID'] = $unique_id[$j]; - $messages[$j]['FROM'] = decodeHeader($from[$j]); - $messages[$j]['FROM-SORT'] = - strtolower(sqimap_find_displayable_name(decodeHeader($from[$j]))); - $messages[$j]['SUBJECT'] = decodeHeader($subject[$j]); - $messages[$j]['SUBJECT-SORT'] = strtolower(decodeHeader($subject[$j])); - $messages[$j]['TO'] = decodeHeader($to[$j]); - $messages[$j]['PRIORITY'] = $priority[$j]; - $messages[$j]['CC'] = $cc[$j]; - $messages[$j]['SIZE'] = $size[$j]; - $messages[$j]['TYPE0'] = $type[$j]; - $messages[$j]['FLAG_DELETED'] = $flag_deleted[$j]; - $messages[$j]['FLAG_ANSWERED'] = $flag_answered[$j]; - $messages[$j]['FLAG_SEEN'] = $flag_seen[$j]; - $messages[$j]['FLAG_FLAGGED'] = $flag_flagged[$j]; - - /* - * fix SUBJECT-SORT to remove Re: - * vedr|sv (Danish) - * re|aw (English) - * - * TODO: i18n should be incorporated here. E.g. we catch the ones - * we know about, but also define in i18n what the localized - * "Re: " is for this or that locale. - */ - if (preg_match("/^(vedr|sv|re|aw):\s*(.*)$/si", - $messages[$j]['SUBJECT-SORT'], $matches)){ - $messages[$j]['SUBJECT-SORT'] = $matches[2]; - } - } - return $messages; + return sqimap_get_small_header_list($imapConnection, $id); } diff --git a/functions/mime.php b/functions/mime.php index 09a76553..4e2ac6c5 100644 --- a/functions/mime.php +++ b/functions/mime.php @@ -487,7 +487,7 @@ function formatAttachments($message, $exclude_id, $mailbox, $id) { $defaultlink = $hookresults[6]; $attachments .= '' . - "$display_filename " . + ''.htmlspecialchars($display_filename).' ' . '' . show_readable_size($header->size) . '  ' . "[ $type0/$type1 ] " . @@ -566,6 +566,8 @@ function decodeHeader ($string, $utfencode=true) { if (ucfirst($res[4]) == 'B') { $replace = base64_decode($res[5]); + $replace = charset_decode($res[3],$replace); + } else { $replace = str_replace('_', ' ', $res[5]); $replace = preg_replace('/=([0-9a-f]{2})/ie', 'chr(hexdec("\1"))', -- 2.25.1