projects / squirrelmail.git / blob
? search:


c8dcda3e5181b3792b375d4658398fcdf2c8e322
[squirrelmail.git] / functions / mime.php
1 <?php
2
3 /** mime.php
4 **
5 ** Copyright (c) 1999-2001 The Squirrelmail Development Team
6 ** Licensed under the GNU GPL. For full terms see the file COPYING.
7 **
8 ** This contains the functions necessary to detect and decode MIME
9 ** messages.
10 **
11 ** $Id$
12 **/
13
14 require_once('../functions/imap.php');
15 require_once('../functions/attachment_common.php');
16
17 /** Setting up the objects that have the structure for the message **/
18
19 class msg_header {
20 /** msg_header contains generic variables for values that **/
21 /** could be in a header. **/
22
23 var $type0 = '', $type1 = '', $boundary = '', $charset = '';
24 var $encoding = '', $size = 0, $to = array(), $from = '', $date = '';
25 var $cc = array(), $bcc = array(), $reply_to = '', $subject = '';
26 var $id = 0, $mailbox = '', $description = '', $filename = '';
27 var $entity_id = 0, $message_id = 0, $name = '';
28 // var $priority = "";
29 }
30
31 class message {
32 /** message is the object that contains messages. It is a recursive
33 object in that through the $entities variable, it can contain
34 more objects of type message. See documentation in mime.txt for
35 a better description of how this works.
36 **/
37 var $header = '';
38 var $entities = array();
39
40 function addEntity ($msg) {
41 $this->entities[] = $msg;
42 }
43 }
44
45 /* --------------------------------------------------------------------------------- */
46 /* MIME DECODING */
47 /* --------------------------------------------------------------------------------- */
48
49 // This function gets the structure of a message and stores it in the "message" class.
50 // It will return this object for use with all relevant header information and
51 // fully parsed into the standard "message" object format.
52 function mime_structure ($imap_stream, $header) {
53
54 sqimap_messages_flag ($imap_stream, $header->id, $header->id, 'Seen');
55 $ssid = sqimap_session_id();
56 $lsid = strlen( $ssid );
57 $id = $header->id;
58 fputs ($imap_stream, "$ssid FETCH $id BODYSTRUCTURE\r\n");
59 //
60 // This should use sqimap_read_data instead of reading it itself
61 //
62 $read = fgets ($imap_stream, 10000);
63 $bodystructure = '';
64 while( substr($read, 0, $lsid) <> $ssid &&
65 !feof( $imap_stream ) ) {
66 $bodystructure .= $read;
67 $read = fgets ($imap_stream, 10000);
68 }
69 $read = $bodystructure;
70
71 // isolate the body structure and remove beginning and end parenthesis
72 $read = trim(substr ($read, strpos(strtolower($read), 'bodystructure') + 13));
73 $read = trim(substr ($read, 0, -1));
74 $end = mime_match_parenthesis(0, $read);
75 while ($end == strlen($read)-1) {
76 $read = trim(substr ($read, 0, -1));
77 $read = trim(substr ($read, 1));
78 $end = mime_match_parenthesis(0, $read);
79 }
80
81 $msg = mime_parse_structure ($read, 0);
82 $msg->header = $header;
83 return $msg;
84 }
85
86 // this starts the parsing of a particular structure. It is called recursively,
87 // so it can be passed different structures. It returns an object of type
88 // $message.
89 // First, it checks to see if it is a multipart message. If it is, then it
90 // handles that as it sees is necessary. If it is just a regular entity,
91 // then it parses it and adds the necessary header information (by calling out
92 // to mime_get_elements()
93 function mime_parse_structure ($structure, $ent_id) {
94
95 $msg = new message();
96 if ($structure{0} == '(') {
97 $ent_id = mime_new_element_level($ent_id);
98 $start = $end = -1;
99 do {
100 $start = $end+1;
101 $end = mime_match_parenthesis ($start, $structure);
102
103 $element = substr($structure, $start+1, ($end - $start)-1);
104 $ent_id = mime_increment_id ($ent_id);
105 $newmsg = mime_parse_structure ($element, $ent_id);
106 $msg->addEntity ($newmsg);
107 } while ($structure{$end+1} == '(');
108 } else {
109 // parse the elements
110 $msg = mime_get_element ($structure, $msg, $ent_id);
111 }
112 return $msg;
113 }
114
115 // Increments the element ID. An element id can look like any of
116 // the following: 1, 1.2, 4.3.2.4.1, etc. This function increments
117 // the last number of the element id, changing 1.2 to 1.3.
118 function mime_increment_id ($id) {
119
120 if (strpos($id, ".")) {
121 $first = substr($id, 0, strrpos($id, "."));
122 $last = substr($id, strrpos($id, ".")+1);
123 $last++;
124 $new = $first . "." .$last;
125 } else {
126 $new = $id + 1;
127 }
128
129 return $new;
130 }
131
132 // See comment for mime_increment_id().
133 // This adds another level on to the entity_id changing 1.3 to 1.3.0
134 // NOTE: 1.3.0 is not a valid element ID. It MUST be incremented
135 // before it can be used. I left it this way so as not to have
136 // to make a special case if it is the first entity_id. It
137 // always increments it, and that works fine.
138 function mime_new_element_level ($id) {
139
140 if (!$id) {
141 $id = 0;
142 } else {
143 $id = $id . '.0';
144 }
145
146 return( $id );
147 }
148
149 function mime_get_element (&$structure, $msg, $ent_id) {
150
151 $elem_num = 1;
152 $msg->header = new msg_header();
153 $msg->header->entity_id = $ent_id;
154 $properties = array();
155
156 while (strlen($structure) > 0) {
157 $structure = trim($structure);
158 $char = $structure{0};
159
160 if (strtolower(substr($structure, 0, 3)) == 'nil') {
161 $text = '';
162 $structure = substr($structure, 3);
163 } else if ($char == '"') {
164 // loop through until we find the matching quote, and return that as a string
165 $pos = 1;
166 $text = '';
167 while ( ($char = $structure{$pos} ) <> '"' && $pos < strlen($structure)) {
168 $text .= $char;
169 $pos++;
170 }
171 $structure = substr($structure, strlen($text) + 2);
172 } else if ($char == '(') {
173 // comment me
174 $end = mime_match_parenthesis (0, $structure);
175 $sub = substr($structure, 1, $end-1);
176 $properties = mime_get_props($properties, $sub);
177 $structure = substr($structure, strlen($sub) + 2);
178 } else {
179 // loop through until we find a space or an end parenthesis
180 $pos = 0;
181 $char = $structure{$pos};
182 $text = '';
183 while ($char != ' ' && $char != ')' && $pos < strlen($structure)) {
184 $text .= $char;
185 $pos++;
186 $char = $structure{$pos};
187 }
188 $structure = substr($structure, strlen($text));
189 }
190
191 // This is where all the text parts get put into the header
192 switch ($elem_num) {
193 case 1:
194 $msg->header->type0 = strtolower($text);
195 break;
196 case 2:
197 $msg->header->type1 = strtolower($text);
198 break;
199 case 4: // Id
200 // Invisimail enclose images with <>
201 $msg->header->id = str_replace( '<', '', str_replace( '>', '', $text ) );
202 break;
203 case 5:
204 $msg->header->description = $text;
205 break;
206 case 6:
207 $msg->header->encoding = strtolower($text);
208 break;
209 case 7:
210 $msg->header->size = $text;
211 break;
212 default:
213 if ($msg->header->type0 == 'text' && $elem_num == 8) {
214 // This is a plain text message, so lets get the number of lines
215 // that it contains.
216 $msg->header->num_lines = $text;
217
218 } else if ($msg->header->type0 == 'message' && $msg->header->type1 == 'rfc822' && $elem_num == 8) {
219 // This is an encapsulated message, so lets start all over again and
220 // parse this message adding it on to the existing one.
221 $structure = trim($structure);
222 if ( $structure{0} == '(' ) {
223 $e = mime_match_parenthesis (0, $structure);
224 $structure = substr($structure, 0, $e);
225 $structure = substr($structure, 1);
226 $m = mime_parse_structure($structure, $msg->header->entity_id);
227
228 // the following conditional is there to correct a bug that wasn't
229 // incrementing the entity IDs correctly because of the special case
230 // that message/rfc822 is. This fixes it fine.
231 if (substr($structure, 1, 1) != '(')
232 $m->header->entity_id = mime_increment_id(mime_new_element_level($ent_id));
233
234 // Now we'll go through and reformat the results.
235 if ($m->entities) {
236 for ($i=0; $i < count($m->entities); $i++) {
237 $msg->addEntity($m->entities[$i]);
238 }
239 } else {
240 $msg->addEntity($m);
241 }
242 $structure = "";
243 }
244 }
245 break;
246 }
247 $elem_num++;
248 $text = "";
249 }
250 // loop through the additional properties and put those in the various headers
251 if ($msg->header->type0 != 'message') {
252 for ($i=0; $i < count($properties); $i++) {
253 $msg->header->{$properties[$i]['name']} = $properties[$i]['value'];
254 }
255 }
256
257 return $msg;
258 }
259
260 // I did most of the MIME stuff yesterday (June 20, 2000), but I couldn't
261 // figure out how to do this part, so I decided to go to bed. I woke up
262 // in the morning and had a flash of insight. I went to the white-board
263 // and scribbled it out, then spent a bit programming it, and this is the
264 // result. Nothing complicated, but I think my brain was fried yesterday.
265 // Funny how that happens some times.
266 //
267 // This gets properties in a nested parenthesisized list. For example,
268 // this would get passed something like: ("attachment" ("filename" "luke.tar.gz"))
269 // This returns an array called $props with all paired up properties.
270 // It ignores the "attachment" for now, maybe that should change later
271 // down the road. In this case, what is returned is:
272 // $props[0]["name"] = "filename";
273 // $props[0]["value"] = "luke.tar.gz";
274 function mime_get_props ($props, $structure) {
275
276 while (strlen($structure) > 0) {
277 $structure = trim($structure);
278 $char = $structure{0};
279
280 if ($char == '"') {
281 $pos = 1;
282 $tmp = '';
283 while ( ( $char = $structure{$pos} ) != '"' &&
284 $pos < strlen($structure)) {
285 $tmp .= $char;
286 $pos++;
287 }
288 $structure = trim(substr($structure, strlen($tmp) + 2));
289 $char = $structure{0};
290
291 if ($char == '"') {
292 $pos = 1;
293 $value = '';
294 while ( ( $char = $structure{$pos} ) != '"' &&
295 $pos < strlen($structure) ) {
296 $value .= $char;
297 $pos++;
298 }
299 $structure = trim(substr($structure, strlen($tmp) + 2));
300
301 $k = count($props);
302 $props[$k]['name'] = strtolower($tmp);
303 $props[$k]['value'] = $value;
304 } else if ($char == '(') {
305 $end = mime_match_parenthesis (0, $structure);
306 $sub = substr($structure, 1, $end-1);
307 if (! isset($props))
308 $props = array();
309 $props = mime_get_props($props, $sub);
310 $structure = substr($structure, strlen($sub) + 2);
311 }
312 return $props;
313 } else if ($char == '(') {
314 $end = mime_match_parenthesis (0, $structure);
315 $sub = substr($structure, 1, $end-1);
316 $props = mime_get_props($props, $sub);
317 $structure = substr($structure, strlen($sub) + 2);
318 return $props;
319 } else {
320 return $props;
321 }
322 }
323 }
324
325 // Matches parenthesis. It will return the position of the matching
326 // parenthesis in $structure. For instance, if $structure was:
327 // ("text" "plain" ("val1name", "1") nil ... )
328 // x x
329 // then this would return 42 to match up those two.
330 function mime_match_parenthesis ($pos, $structure) {
331
332 $j = strlen( $structure );
333
334 // ignore all extra characters
335 // If inside of a string, skip string -- Boundary IDs and other
336 // things can have ) in them.
337 if( $structure{$pos} != '(' )
338 return( $j );
339
340 while( $pos < $j ) {
341 $pos++;
342 if ($structure{$pos} == ')') {
343 return $pos;
344 } elseif ($structure{$pos} == '"') {
345 $pos++;
346 while( $structure{$pos} != '"' &&
347 $pos < $j ) {
348 if (substr($structure, $pos, 2) == '\\"')
349 $pos++;
350 elseif (substr($structure, $pos, 2) == '\\\\')
351 $pos++;
352 $pos++;
353 }
354 } elseif ( $structure{$pos} == '(' ) {
355 $pos = mime_match_parenthesis ($pos, $structure);
356 }
357 }
358 echo "Error decoding mime structure. Report this as a bug!<br>\n";
359 return( $pos );
360 }
361
362 function mime_fetch_body ($imap_stream, $id, $ent_id ) {
363 // do a bit of error correction. If we couldn't find the entity id, just guess
364 // that it is the first one. That is usually the case anyway.
365 if (!$ent_id)
366 $ent_id = 1;
367 $sid = sqimap_session_id();
368 fputs ($imap_stream, "$sid FETCH $id BODY[$ent_id]\r\n");
369 $data = sqimap_read_data ($imap_stream, $sid, true, $response, $message);
370 $topline = array_shift($data);
371 while (! ereg('\\* [0-9]+ FETCH ', $topline) && $data)
372 $topline = array_shift($data);
373 $wholemessage = implode('', $data);
374 if (ereg('\\{([^\\}]*)\\}', $topline, $regs)) {
375 $ret = substr( $wholemessage, 0, $regs[1] );
376 /*
377 There is some information in the content info header that could be important
378 in order to parse html messages. Let's get them here.
379 */
380 if( $ret{0} == '<' ) {
381 fputs ($imap_stream, "$sid FETCH $id BODY[$ent_id.MIME]\r\n");
382 $data = sqimap_read_data ($imap_stream, $sid, true, $response, $message);
383 $base = '';
384 $k = 10;
385 foreach( $data as $d ) {
386 if( substr( $d, 0, 13 ) == 'Content-Base:' ) {
387 $j = strlen( $d );
388 $i = 13;
389 $base = '';
390 while( $i < $j &&
391 ( !isNoSep( $d{$i} ) || $d{$i} == '"' ) )
392 $i++;
393 while( $i < $j ) {
394 if( isNoSep( $d{$i} ) )
395 $base .= $d{$i};
396 $i++;
397 }
398 $k = 0;
399 } elseif( $k == 1 && !isnosep( $d{0} ) ) {
400 $base .= substr( $d, 1 );
401 }
402 $k++;
403 }
404 if( $base <> '' )
405 $ret = "<base href=\"$base\">" . $ret;
406 }
407 } else if (ereg('"([^"]*)"', $topline, $regs)) {
408 $ret = $regs[1];
409 } else {
410 global $where, $what, $mailbox, $passed_id, $startMessage;
411 $par = "mailbox=".urlencode($mailbox)."&passed_id=$passed_id";
412 if (isset($where) && isset($what)) {
413 $par .= "&where=".urlencode($where)."&what=".urlencode($what);
414 } else {
415 $par .= "&startMessage=$startMessage&show_more=0";
416 }
417 $par .= '&response='.urlencode($response).'&message='.urlencode($message).
418 '&topline='.urlencode($topline);
419
420 echo '<b><font color=$color[2]>Body retrieval error. The reason for this is most probably that<BR> ' .
421 'the message is malformed. Please help us making future versions<BR> ' .
422 "better by submitting this message to the developers knowledgebase!<BR>\n" .
423 "<A HREF=\"../src/retrievalerror.php?$par\">Submit message</A><BR>" .
424
425 "<tt>Response: $response<BR>" .
426 "Message: $message<BR>" .
427 "FETCH line: $topline<BR></tt></font></b>";
428
429 fputs ($imap_stream, "$sid FETCH $passed_id BODY[]\r\n");
430 $data = sqimap_read_data ($imap_stream, $sid, true, $response, $message);
431 array_shift($data);
432 $wholemessage = implode('', $data);
433
434 $ret = "---------------\n$wholemessage";
435
436 }
437 return( $ret );
438 }
439
440 function mime_print_body_lines ($imap_stream, $id, $ent_id, $encoding) {
441 // do a bit of error correction. If we couldn't find the entity id, just guess
442 // that it is the first one. That is usually the case anyway.
443 if (!$ent_id) $ent_id = 1;
444 $sid = sqimap_session_id();
445 // Don't kill the connection if the browser is over a dialup
446 // and it would take over 30 seconds to download it.
447 set_time_limit(0);
448
449 fputs ($imap_stream, "$sid FETCH $id BODY[$ent_id]\r\n");
450 $cnt = 0;
451 $continue = true;
452 $read = fgets ($imap_stream,4096);
453 // This could be bad -- if the section has sqimap_session_id() . ' OK'
454 // or similar, it will kill the download.
455 while (!ereg("^".$sid." (OK|BAD|NO)(.*)$", $read, $regs)) {
456 if (trim($read) == ')==') {
457 $read1 = $read;
458 $read = fgets ($imap_stream,4096);
459 if (ereg("^".$sid." (OK|BAD|NO)(.*)$", $read, $regs)) {
460 return;
461 } else {
462 echo decodeBody($read1, $encoding) .
463 decodeBody($read, $encoding);
464 }
465 } else if ($cnt) {
466 echo decodeBody($read, $encoding);
467 }
468 $read = fgets ($imap_stream,4096);
469 $cnt++;
470 }
471 }
472
473 /* -[ END MIME DECODING ]----------------------------------------------------------- */
474
475
476
477 /** This is the first function called. It decides if this is a multipart
478 message or if it should be handled as a single entity
479 **/
480 function decodeMime ($imap_stream, &$header) {
481 global $username, $key, $imapServerAddress, $imapPort;
482 return mime_structure ($imap_stream, $header);
483 }
484
485 // This is here for debugging purposese. It will print out a list
486 // of all the entity IDs that are in the $message object.
487 /*
488 function listEntities ($message) {
489 if ($message) {
490 if ($message->header->entity_id)
491 echo "<tt>" . $message->header->entity_id . ' : ' . $message->header->type0 . '/' . $message->header->type1 . '<br>';
492 for ($i = 0; $message->entities[$i]; $i++) {
493 $msg = listEntities($message->entities[$i], $ent_id);
494 if ($msg)
495 return $msg;
496 }
497 }
498 }
499 */
500
501 // returns a $message object for a particular entity id
502 function getEntity ($message, $ent_id) {
503 if ($message) {
504 if ($message->header->entity_id == $ent_id && strlen($ent_id) == strlen($message->header->entity_id)) {
505 return $message;
506 } else {
507 for ($i = 0; isset($message->entities[$i]); $i++) {
508 $msg = getEntity ($message->entities[$i], $ent_id);
509 if ($msg)
510 return $msg;
511 }
512 }
513 }
514 }
515
516 // figures out what entity to display and returns the $message object
517 // for that entity.
518 function findDisplayEntity ($message, $textOnly = 1) {
519 global $show_html_default;
520
521 $entity = 0;
522
523 if ($message) {
524 if ( $message->header->type0 == 'multipart' &&
525 ( $message->header->type1 == 'alternative' ||
526 $message->header->type1 == 'related' ) &&
527 $show_html_default && ! $textOnly ) {
528 $entity = findDisplayEntityHTML($message);
529 }
530
531 // Show text/plain or text/html -- the first one we find.
532 if ( $entity == 0 &&
533 $message->header->type0 == 'text' &&
534 ( $message->header->type1 == 'plain' ||
535 $message->header->type1 == 'html' ) &&
536 isset($message->header->entity_id) ) {
537 $entity = $message->header->entity_id;
538 }
539
540 $i = 0;
541 while ($entity == 0 && isset($message->entities[$i]) ) {
542 $entity = findDisplayEntity($message->entities[$i], $textOnly);
543 $i++;
544 }
545 }
546
547 return( $entity );
548 }
549
550 // Shows the HTML version
551 function findDisplayEntityHTML ($message) {
552 if ($message->header->type0 == 'text' &&
553 $message->header->type1 == 'html' &&
554 isset($message->header->entity_id))
555 return $message->header->entity_id;
556 for ($i = 0; isset($message->entities[$i]); $i ++) {
557 $entity = findDisplayEntityHTML($message->entities[$i]);
558 if ($entity != 0)
559 return $entity;
560 }
561 return 0;
562 }
563
564 /** This returns a parsed string called $body. That string can then
565 be displayed as the actual message in the HTML. It contains
566 everything needed, including HTML Tags, Attachments at the
567 bottom, etc.
568 **/
569 function formatBody($imap_stream, $message, $color, $wrap_at) {
570 // this if statement checks for the entity to show as the
571 // primary message. To add more of them, just put them in the
572 // order that is their priority.
573 global $startMessage, $username, $key, $imapServerAddress, $imapPort,
574 $show_html_default;
575
576 $id = $message->header->id;
577 $urlmailbox = urlencode($message->header->mailbox);
578
579 // Get the right entity and redefine message to be this entity
580 // Pass the 0 to mean that we want the 'best' viewable one
581 $ent_num = findDisplayEntity ($message, 0);
582 $body_message = getEntity($message, $ent_num);
583 if (($body_message->header->type0 == 'text') ||
584 ($body_message->header->type0 == 'rfc822')) {
585
586 $body = mime_fetch_body ($imap_stream, $id, $ent_num);
587 $body = decodeBody($body, $body_message->header->encoding);
588 $hookResults = do_hook("message_body", $body);
589 $body = $hookResults[1];
590
591 // If there are other types that shouldn't be formatted, add
592 // them here
593 if ($body_message->header->type1 == 'html') {
594 if( $show_html_default <> 1 ) {
595 $body = strip_tags( $body );
596 translateText($body, $wrap_at, $body_message->header->charset);
597 } else {
598 $body = MagicHTML( $body, $id );
599 }
600 } else {
601 translateText($body, $wrap_at, $body_message->header->charset);
602 }
603
604 $body .= "<SMALL><CENTER><A HREF=\"../src/download.php?absolute_dl=true&passed_id=$id&passed_ent_id=$ent_num&mailbox=$urlmailbox&showHeaders=1\">". _("Download this as a file") ."</A></CENTER><BR></SMALL>";
605
606 /** Display the ATTACHMENTS: message if there's more than one part **/
607 $body .= "</TD></TR></TABLE>";
608 if (isset($message->entities[0])) {
609 $body .= formatAttachments ($message, $ent_num, $message->header->mailbox, $id);
610 }
611 $body .= "</TD></TR></TABLE>";
612 } else {
613 $body = formatAttachments ($message, -1, $message->header->mailbox, $id);
614 }
615 return( $body );
616 }
617
618 // A recursive function that returns a list of attachments with links
619 // to where to download these attachments
620 function formatAttachments ($message, $ent_id, $mailbox, $id) {
621 global $where, $what;
622 global $startMessage, $color;
623 static $ShownHTML = 0;
624
625 $body = "";
626 if ($ShownHTML == 0) {
627 $ShownHTML = 1;
628
629 $body .= "<TABLE WIDTH=100% CELLSPACING=0 CELLPADDING=2 BORDER=0 BGCOLOR=\"$color[0]\"><TR>\n" .
630 "<TH ALIGN=\"left\" BGCOLOR=\"$color[9]\"><B>\n" .
631 _("Attachments") . ':' .
632 "</B></TH></TR><TR><TD>\n" .
633 "<TABLE CELLSPACING=0 CELLPADDING=1 BORDER=0>\n" .
634 formatAttachments ($message, $ent_id, $mailbox, $id) .
635 "</TABLE></TD></TR></TABLE>";
636
637 return( $body );
638 }
639
640 if ($message) {
641 if (!$message->entities) {
642 $type0 = strtolower($message->header->type0);
643 $type1 = strtolower($message->header->type1);
644 $name = decodeHeader($message->header->name);
645
646 if ($message->header->entity_id != $ent_id) {
647 $filename = decodeHeader($message->header->filename);
648 if (trim($filename) == '') {
649 if (trim($name) == '') {
650 if( trim( $message->header->id ) == '' )
651 $display_filename = 'untitled-[' . $message->header->entity_id . ']' ;
652 else
653 $display_filename = 'cid: ' . $message->header->id;
654 // $display_filename = 'untitled-[' . $message->header->entity_id . ']' ;
655 } else {
656 $display_filename = $name;
657 $filename = $name;
658 }
659 } else {
660 $display_filename = $filename;
661 }
662
663 $urlMailbox = urlencode($mailbox);
664 $ent = urlencode($message->header->entity_id);
665
666 $DefaultLink =
667 "../src/download.php?startMessage=$startMessage&passed_id=$id&mailbox=$urlMailbox&passed_ent_id=$ent";
668 if ($where && $what)
669 $DefaultLink .= '&where=' . urlencode($where) . '&what=' . urlencode($what);
670 $Links['download link']['text'] = _("download");
671 $Links['download link']['href'] =
672 "../src/download.php?absolute_dl=true&passed_id=$id&mailbox=$urlMailbox&passed_ent_id=$ent";
673 $ImageURL = '';
674
675 $HookResults = do_hook("attachment $type0/$type1", $Links,
676 $startMessage, $id, $urlMailbox, $ent, $DefaultLink,
677 $display_filename, $where, $what);
678
679 $Links = $HookResults[1];
680 $DefaultLink = $HookResults[6];
681
682 $body .= '<TR><TD>&nbsp;&nbsp;</TD><TD>' .
683 "<A HREF=\"$DefaultLink\">$display_filename</A>&nbsp;</TD>" .
684 '<TD><SMALL><b>' . show_readable_size($message->header->size) .
685 '</b>&nbsp;&nbsp;</small></TD>' .
686 "<TD><SMALL>[ $type0/$type1 ]&nbsp;</SMALL></TD>" .
687 '<TD><SMALL>';
688 if ($message->header->description)
689 $body .= '<b>' . htmlspecialchars($message->header->description) . '</b>';
690 $body .= '</SMALL></TD><TD><SMALL>&nbsp;';
691
692
693 $SkipSpaces = 1;
694 foreach ($Links as $Val) {
695 if ($SkipSpaces) {
696 $SkipSpaces = 0;
697 } else {
698 $body .= '&nbsp;&nbsp;|&nbsp;&nbsp;';
699 }
700 $body .= '<a href="' . $Val['href'] . '">' . $Val['text'] . '</a>';
701 }
702
703 unset($Links);
704
705 $body .= "</SMALL></TD></TR>\n";
706 }
707 } else {
708 for ($i = 0; $i < count($message->entities); $i++) {
709 $body .= formatAttachments ($message->entities[$i], $ent_id, $mailbox, $id);
710 }
711 }
712 return( $body );
713 }
714 }
715
716
717 /** this function decodes the body depending on the encoding type. **/
718 function decodeBody($body, $encoding) {
719 $body = str_replace("\r\n", "\n", $body);
720 $encoding = strtolower($encoding);
721
722 global $show_html_default;
723
724 if ($encoding == 'quoted-printable') {
725 $body = quoted_printable_decode($body);
726
727
728 /*
729 Following code has been comented as I see no reason for it.
730 If there is any please tell me a mingo@rotedic.com
731
732 while (ereg("=\n", $body))
733 $body = ereg_replace ("=\n", "", $body);
734 */
735 } else if ($encoding == 'base64') {
736 $body = base64_decode($body);
737 }
738
739 // All other encodings are returned raw.
740 return $body;
741 }
742
743
744 // This functions decode strings that is encoded according to
745 // RFC1522 (MIME Part Two: Message Header Extensions for Non-ASCII Text).
746 function decodeHeader ($string) {
747 if (eregi('=\\?([^?]+)\\?(q|b)\\?([^?]+)\\?=',
748 $string, $res)) {
749 if (ucfirst($res[2]) == "B") {
750 $replace = base64_decode($res[3]);
751 } else {
752 $replace = ereg_replace("_", " ", $res[3]);
753 // Convert lowercase Quoted Printable to uppercase for
754 // quoted_printable_decode to understand it.
755 while (ereg("(=(([0-9][abcdef])|([abcdef][0-9])|([abcdef][abcdef])))", $replace, $res)) {
756 $replace = str_replace($res[1], strtoupper($res[1]), $replace);
757 }
758 $replace = quoted_printable_decode($replace);
759 }
760
761 $replace = charset_decode ($res[1], $replace);
762
763 // Remove the name of the character set.
764 $string = eregi_replace ('=\\?([^?]+)\\?(q|b)\\?([^?]+)\\?=',
765 $replace, $string);
766
767 // In case there should be more encoding in the string: recurse
768 return (decodeHeader($string));
769 } else
770 return ($string);
771 }
772
773 // Encode a string according to RFC 1522 for use in headers if it
774 // contains 8-bit characters or anything that looks like it should
775 // be encoded.
776 function encodeHeader ($string) {
777 global $default_charset;
778
779 // Encode only if the string contains 8-bit characters or =?
780 $j = strlen( $string );
781 $l = FALSE; // Must be encoded ?
782 $ret = '';
783 for( $i=0; $i < $j; ++$i) {
784 switch( $string{$i} ) {
785 case '=':
786 $ret .= '=3D';
787 break;
788 case '?':
789 $l = TRUE;
790 $ret .= '=3F';
791 break;
792 case '_':
793 $ret .= '=5F';
794 break;
795 case ' ':
796 $ret .= '_';
797 break;
798 default:
799 $k = ord( $string{$i} );
800 if( $k > 126 ) {
801 $ret .= sprintf("=%02X", $k);
802 $l = TRUE;
803 } else
804 $ret .= $string{$i};
805 }
806 }
807
808 if( $l )
809 $string = "=?$default_charset?Q?$ret?=";
810
811 return( $string );
812 }
813
814 /*
815 Strips dangerous tags from html messages.
816 */
817
818 function MagicHTML( $body, $id ) {
819
820 global $message, $PHP_SELF, $HTTP_SERVER_VARS;
821
822 $j = strlen( $body ); // Legnth of the HTML
823 $ret = ''; // Returned string
824 $bgcolor = '#ffffff'; // Background style color (defaults to white)
825 $textcolor = '#000000'; // Foreground style color (defaults to black)
826 $leftmargin = ''; // Left margin style
827 $title = ''; // HTML title if any
828
829 $i = 0;
830 while( $i < $j ) {
831 if( $body{$i} == '<' ) {
832 $pos = $i + 1;
833 $tag = '';
834 while ($body{$pos} == ' ' || $body{$pos} == "\t" ||
835 $body{$pos} == "\n")
836 $pos ++;
837 while (strlen($tag) < 4 && $body{$pos} != ' ' &&
838 $body{$pos} != "\t" && $body{$pos} != "\n") {
839 $tag .= $body{$pos};
840 $pos ++;
841 }
842 switch( strtoupper( $tag ) ) {
843 // Strips the entire tag and contents
844 case 'APPL':
845 case 'EMBB':
846 case 'FRAM':
847 case 'SCRI':
848 case 'OBJE':
849 $etg = '/' . $tag;
850 while( $body{$i+1}.$body{$i+2}.$body{$i+3}.$body{$i+4}.$body{$i+5} <> $etg &&
851 $i < $j ) $i++;
852 while( $i < $j && $body{++$i} <> '>' );
853 // $ret .= "<!-- $tag removed -->";
854 break;
855 // Substitute Title
856 case 'TITL':
857 $i += 5;
858 while( $body{$i} <> '>' && // </title>
859 $i < $j )
860 $i++;
861 $i++;
862 $title = '';
863 while( $body{$i} <> '<' && // </title>
864 $i < $j ) {
865 $title .= $body{$i};
866 $i++;
867 }
868 $i += 7;
869 break;
870 // Destroy these tags
871 case 'HTML':
872 case 'HEAD':
873 case '/HTM':
874 case '/HEA':
875 case '!DOC':
876 case 'META':
877 case 'DIV ':
878 case '/DIV':
879 case '!-- ':
880 $i += 4;
881 while( $body{$i} <> '>' &&
882 $i < $j )
883 $i++;
884 // $i++;
885 break;
886 case 'STYL':
887 $i += 5;
888 while( $body{$i} <> '>' && // </title>
889 $i < $j )
890 $i++;
891 $i++;
892 // We parse the style to look for interesting stuff
893 $styleblk = '';
894 while( $body{$i} <> '>' &&
895 $i < $j ) {
896 // First we get the name of the style
897 $style = '';
898 while( $body{$i} <> '>' &&
899 $body{$i} <> '<' &&
900 $body{$i} <> '{' &&
901 $i < $j ) {
902 if( isnoSep( $body{$i} ) )
903 $style .= $body{$i};
904 $i++;
905 }
906 stripComments( $i, $j, $body );
907 $style = strtoupper( trim( $style ) );
908 if( $style == 'BODY' ) {
909 // Next we look into the definitions of the body style
910 while( $body{$i} <> '>' &&
911 $body{$i} <> '}' &&
912 $i < $j ) {
913 // We look for the background color if any.
914 if( substr( $body, $i, 17 ) == 'BACKGROUND-COLOR:' ) {
915 $i += 17;
916 $bgcolor = getStyleData( $i, $j, $body );
917 } elseif ( substr( $body, $i, 12 ) == 'MARGIN-LEFT:' ) {
918 $i += 12;
919 $leftmargin = getStyleData( $i, $j, $body );
920 }
921 $i++;
922 }
923 } else {
924 // Other style are mantained
925 $styleblk .= "$style ";
926 while( $body{$i} <> '>' &&
927 $body{$i} <> '<' &&
928 $body{$i} <> '}' &&
929 $i < $j ) {
930 $styleblk .= $body{$i};
931 $i++;
932 }
933 $styleblk .= $body{$i};
934 }
935 stripComments( $i, $j, $body );
936 if( $body{$i} <> '>' )
937 $i++;
938 }
939 if( $styleblk <> '' )
940 $ret .= "<style>$styleblk";
941 break;
942 case 'BODY':
943 if( $title <> '' )
944 $ret .= '<b>' . _("Title:") . " </b>$title<br>\n";
945 $ret .= "<TABLE";
946 $i += 5;
947 if (! isset($base))
948 $base = '';
949 $ret .= stripEvent( $i, $j, $body, $id, $base );
950 $ret .= " bgcolor=$bgcolor width=\"100%\"><tr>";
951 if( $leftmargin <> '' )
952 $ret .= "<td width=$leftmargin>&nbsp;</td>";
953 $ret .= '<td>';
954 if (strtolower($bgcolor) == 'ffffff' ||
955 strtolower($bgcolor) == '#ffffff')
956 $ret .= '<font color=#000000>';
957 break;
958 case 'BASE':
959 $i += 5;
960 $base = '';
961 while( !isNoSep( $body{$i} ) &&
962 $i < $j )
963 $i++;
964 if( strcasecmp( substr( $base, 0, 4 ), 'href' ) ) {
965 $i += 5;
966 while( !isNoSep( $body{$i} ) &&
967 $i < $j )
968 $i++;
969 while( $body{$i} <> '>' &&
970 $i < $j ) {
971 if( $body{$i} <> '"' )
972 $base .= $body{$i};
973 $i++;
974 }
975 // Debuging $ret .= "<!-- base == $base -->";
976 if( strcasecmp( substr( $base, 0, 4 ), 'file' ) <> 0 )
977 $ret .= "\n<BASE HREF=\"$base\">\n";
978 }
979 break;
980 case '/BOD':
981 $ret .= '</font></td></tr></TABLE>';
982 $i += 6;
983 break;
984 default:
985 // Following tags can contain some event handler, lets search it
986 stripComments( $i, $j, $body );
987 if (! isset($base))
988 $base = '';
989 $ret .= stripEvent( $i, $j, $body, $id, $base ) . '>';
990 // $ret .= "<!-- $tag detected -->";
991 }
992 } else {
993 $ret .= $body{$i};
994 }
995 $i++;
996 }
997
998 return( "\n\n<!-- HTML Output ahead -->\n" .
999 $ret .
1000 "\n<!-- END of HTML Output --><base href=\"".
1001 $HTTP_SERVER_VARS["SERVER_NAME"] . substr( $PHP_SELF, 0, strlen( $PHP_SELF ) - 13 ) .
1002 "\">\n\n" );
1003 }
1004
1005 function isNoSep( $char ) {
1006
1007 switch( $char ) {
1008 case ' ':
1009 case "\n":
1010 case "\t":
1011 case "\r":
1012 case '>':
1013 case '"':
1014 return( FALSE );
1015 break;
1016 default:
1017 return( TRUE );
1018 }
1019
1020 }
1021
1022 /*
1023 The following function is usefull to remove extra data that can cause
1024 html not to display properly. Especialy with MS stuff.
1025 */
1026
1027 function stripComments( &$i, $j, &$body ) {
1028
1029 while( $body{$i}.$body{$i+1}.$body{$i+2}.$body{$i+3} == '<!--' &&
1030 $i < $j ) {
1031 $i += 5;
1032 while( $body{$i-2}.$body{$i-1}.$body{$i} <> '-->' &&
1033 $i < $j )
1034 $i++;
1035 $i++;
1036 }
1037
1038 return;
1039
1040 }
1041
1042 /* Gets the style data of a specific style */
1043
1044 function getStyleData( &$i, $j, &$body ) {
1045
1046 // We skip spaces
1047 while( $body{$i} <> '>' && !isNoSep( $body{$i} ) &&
1048 $i < $j ) {
1049 $i++;
1050 }
1051 // And get the color
1052 $ret = '';
1053 while( isNoSep( $body{$i} ) &&
1054 $i < $j ) {
1055 $ret .= $body{$i};
1056 $i++;
1057 }
1058
1059 return( $ret );
1060 }
1061
1062 /*
1063 Private function for strip_dangerous_tag. Look for event based coded and "remove" it
1064 change on with no (onload -> noload)
1065 */
1066
1067 function stripEvent( &$i, $j, &$body, $id, $base ) {
1068
1069 global $message;
1070
1071 $ret = '';
1072
1073 while( $body{$i} <> '>' &&
1074 $i < $j ) {
1075 $etg = strtolower($body{$i}.$body{$i+1}.$body{$i+2});
1076 switch( $etg ) {
1077 case '../':
1078 // Retrolinks are not allowed without a base because they mess with SM security
1079 if( $base == '' ) {
1080 $i += 2;
1081 } else {
1082 $ret .= '.';
1083 }
1084 break;
1085 case 'cid':
1086 // Internal link
1087 $k = $i-1;
1088 if( $body{$i+3} == ':') {
1089 $i +=4;
1090 $name = '';
1091 while( isNoSep( $body{$i} ) &&
1092 $i < $j )
1093 $name .= $body{$i++};
1094 if( $name <> '' ) {
1095 $ret .= "../src/download.php?absolute_dl=true&passed_id=$id&mailbox=" .
1096 urlencode( $message->header->mailbox ) .
1097 "&passed_ent_id=" . find_ent_id( $name, $message );
1098 if( $body{$k} == '"' )
1099 $ret .= '" ';
1100 else
1101 $ret .= ' ';
1102 }
1103 if( $body{$i} == '>' )
1104 $i -= 1;
1105 }
1106 break;
1107 case ' on':
1108 case "\non":
1109 case "\ron":
1110 case "\ton":
1111 $ret .= ' no';
1112 $i += 2;
1113 break;
1114 case 'pt:':
1115 if( strcasecmp( $body{$i-4}.$body{$i-3}.$body{$i-2}.$body{$i-1}.$body{$i}.$body{$i+1}.$body{$i+2}, 'script:') == 0 ) {
1116 $ret .= '_no/';
1117 } else {
1118 $ret .= $etg;
1119 }
1120 $i += 2;
1121 break;
1122 default:
1123 $ret .= $body{$i};
1124 }
1125 $i++;
1126 }
1127 return( $ret );
1128 }
1129
1130
1131 /* This function trys to locate the entity_id of a specific mime element */
1132
1133 function find_ent_id( $id, $message ) {
1134
1135 $ret = '';
1136 for ($i=0; $ret == '' && $i < count($message->entities); $i++) {
1137
1138 if( $message->entities[$i]->header->entity_id == '' ) {
1139 $ret = find_ent_id( $id, $message->entities[$i] );
1140 } else {
1141 if( strcasecmp( $message->entities[$i]->header->id, $id ) == 0 )
1142 $ret = $message->entities[$i]->header->entity_id;
1143 }
1144
1145 }
1146
1147 return( $ret );
1148
1149 }
1150 ?>
Unnamed repository; edit this file 'description' to name the repository.