From e2ef6f4b0b17f0b89960aa0c52e12b7208aac265 Mon Sep 17 00:00:00 2001 From: lkehresman Date: Tue, 19 Sep 2000 15:11:35 +0000 Subject: [PATCH] Changed version number added patches from Tyler Akins to fix hyperlink rendering git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@747 7612ce4b-ef26-0410-bec9-ea0150e637f0 --- AUTHORS | 1 + ChangeLog | 9 ++++-- config/conf.pl | 2 +- config/config_default.php | 2 +- functions/strings.php | 36 +++++++++++---------- functions/url_parser.php | 68 +++++++++++++++++++++++++++++++-------- 6 files changed, 84 insertions(+), 34 deletions(-) diff --git a/AUTHORS b/AUTHORS index 0ab1742d..18605b59 100644 --- a/AUTHORS +++ b/AUTHORS @@ -10,6 +10,7 @@ Matt Phillips Lewis Bergman Bryan Stalcup + Tyler Akins Translations: ------------- diff --git a/ChangeLog b/ChangeLog index 8ba5cf3d..ab657b73 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,10 @@ -Version 0.5pre2 -- DEVELOPMENT ------------------------------- +Version 0.5 -- DEVELOPMENT +-------------------------- +- Security fixes +- Fixed hyperlink rendering problems + +Version 0.5pre2 -- September 6, 2000 +------------------------------------ - Added quite a few new themes - Fixed double folder problem on some servers - Using encryption for passwords diff --git a/config/conf.pl b/config/conf.pl index da4637a1..4b129cdf 100755 --- a/config/conf.pl +++ b/config/conf.pl @@ -4,7 +4,7 @@ # # A simple configure script to configure squirrelmail ############################################################ -$conf_pl_version = "x52"; +$conf_pl_version = "x53"; ############################################################ # First, lets read in the data already in there... diff --git a/config/config_default.php b/config/config_default.php index c3062dc0..0d29759d 100644 --- a/config/config_default.php +++ b/config/config_default.php @@ -9,7 +9,7 @@ // // don't change - $config_version = "x52"; + $config_version = "x53"; // Organization's logo picture (blank if none) $org_logo = "../images/sm_logo.jpg"; diff --git a/functions/strings.php b/functions/strings.php index 7bf91762..6081adeb 100644 --- a/functions/strings.php +++ b/functions/strings.php @@ -136,39 +136,41 @@ for ($i=0; $i < count($body_ary); $i++) { $line = $body_ary[$i]; $line = charset_decode($charset, $line); - $line = str_replace("\t", " ", $line); + $line = str_replace("\t", ' ', $line); if (strlen($line) - 2 >= $wrap_at) { $line = sqWordWrap($line, $wrap_at); } - $line = str_replace(" ", " ", $line); + $line = str_replace(' ', ' ', $line); $line = nl2br($line); - $line = parseEmail ($line); + // Removed parseEmail and integrated it into parseUrl + // This line is no longer needed. + // $line = parseEmail ($line); $line = parseUrl ($line); - - $line = "^^$line"; // gotta do this because if not, strpos() returns 0 - // which in PHP is the same as false. Now it returns 2 - if (strpos(trim(str_replace(" ", "", $line)), ">>") == 2) { - $line = substr($line, 2); + + $test_line = str_replace(' ', '', $line); + if (strpos($test_line, '>>') === 0) { $line = "$line\n"; - } else if (strpos(trim(str_replace(" ", "", $line)), ">") == 2) { - $line = substr($line, 2); + } else if (strpos($test_line, '>') === 0) { $line = "$line\n"; - } else { - $line = substr($line, 2); - } - - $body_ary[$i] = "$line
"; + } + + if ($line) + { + $line = '' . $line . ''; + } + + $body_ary[$i] = $line . '
'; } $body = implode("\n", $body_ary); - + return $body; } /* SquirrelMail version number -- DO NOT CHANGE */ - $version = "0.5pre2"; + $version = "0.5"; function find_mailbox_name ($mailbox) { diff --git a/functions/url_parser.php b/functions/url_parser.php index 29de2933..372a1bad 100644 --- a/functions/url_parser.php +++ b/functions/url_parser.php @@ -12,45 +12,72 @@ function parseEmail ($body) { global $color; + + // Changed the expression to the one in abook_take + // This works very well, especially it looks like you might have + // three instances of it below. Having it defined in + // just one spot could help when you need to change it. + $Expression = "[0-9a-z]([-_.]?[0-9a-z])*@[0-9a-z]([-.]?[0-9a-z])*\\.[a-wyz][a-z](g|l|m|pa|t|u|v)?"; + /* This is here in case we ever decide to use highlighting of searched text. this does it for email addresses if ($what && ($where == "BODY" || $where == "TEXT")) { - eregi ("([a-z]|[0-9]|_|\.|-)+\@([a-z]|[0-9]|_|-)+(\.([a-z]|[0-9]|_|-)+)*", $body, $regs); + // Use the $Expression + eregi ($Expression, $body, $regs); $oldaddr = $regs[0]; if ($oldaddr) { $newaddr = eregi_replace ($what, "$what", $oldaddr); $body = str_replace ($oldaddr, "$newaddr", $body); } } else { - $body = eregi_replace ("([a-z]|[0-9]|_|\.|-)+\@([a-z]|[0-9]|_|-)+(\.([a-z]|[0-9]|_|-)+)*", "\\0", $body); + // Use the $Expression + $body = eregi_replace ($Expression, "\\0", $body); } */ - $body = eregi_replace ("([a-z]|[0-9]|_|\.|-)+\@([a-z]|[0-9]|_|-)+(\.([a-z]|[A-Z])|[a-z]|[0-9]|_|-)+", "\\0", $body); + // Use the $Expression + $body = eregi_replace ($Expression, "\\0", $body); return $body; } - + function parseUrl ($body) { #Possible ways a URL could finish. + // Removed "--" since it could be part of a URL $poss_ends=array(" ", "\n", "\r", "<", ">", ".\r", ".\n", ". ", " ", ")", "(", - """, "<", ">", ".<", "]", "[", "{", "}", "--"); + """, "<", ">", ".<", "]", "[", "{", "}"); $done=False; while (!$done) { #Look for when a URL starts + // Added gopher, news. Modified telnet. $url_tokens = array( "http://", "https://", "ftp://", - "telnet://"); + "telnet:", // Special case -- doesn't need the slashes + "gopher://", + "news://"); for($i = 0; $i < sizeof($url_tokens); $i++) { - if($where = strpos(strtolower("^^".$body), $url_tokens[$i], $start)) + // Removed the use of "^^" -- it is unneeded + if(is_int($where = strpos(strtolower($body), $url_tokens[$i], $start))) break; } + // Look between $start and $where for email links + $check_str = substr($body, $start, $where); + $new_str = parseEmail($check_str); + + if ($check_str != $new_str) + { + $body = replaceBlock($body, $new_str, $start, $where); + $where = strlen($new_str) + $start; + } + //$where = strpos(strtolower($body),"http://",$start); - if ($where) { - $where = $where - 2; // because we added the ^^ at the begining + // Fixed this to work with $i instead of $where + if ($i < sizeof($url_tokens)) { + // Removed the "^^" so I removed the next line + //$where = $where - 2; // because we added the ^^ at the begining # Find the end of that URL reset($poss_ends); $end=0; while (list($key, $val) = each($poss_ends)) { @@ -62,22 +89,37 @@ #Extract URL $url = substr($body,$where,$end-$where); #Replace URL with HyperLinked Url - if ($url != "") { + // Now this code doesn't simply match on url_tokens + // It will need some more text. This is good. + if ($url != "" && $url != $url_tokens[$i]) { $url_str = "$url"; # $body = str_replace($url,$url_str,$body); # echo "$where, $end
"; $body = replaceBlock($body,$url_str,$where,$end); - $start = strpos($body,"",$where); + // Removed unnecessary strpos call. Searching + // a string takes longer than just figuring out + // the length. + // $start = strpos($body,"",$where); + $start = $where + strlen($url_str); } else { - $start = $where + 7; + // Proper length increment -- Don't just assume 7 + $start = $where + strlen($url_tokens[$i]); } } else { $done=true; } } + // Look after $start for more email links. + $check_str = substr($body, $start); + $new_str = parseEmail($check_str); + + if ($check_str != $new_str) + { + $body = replaceBlock($body, $new_str, $start, strlen($body)); + } + return $body; } ?> - -- 2.25.1