more objects of type message. See documentation in mime.txt for
a better description of how this works.
**/
- var $header = '';
- var $entities = array();
-
+ var $header = '', $entities = array();
+
function addEntity ($msg) {
$this->entities[] = $msg;
}
//
// This should use sqimap_read_data instead of reading it itself
//
- $read = fgets ($imap_stream, 10000);
+ $read = fgets ($imap_stream, 9216);
$bodystructure = '';
while ( substr($read, 0, $lsid) <> $ssid &&
!feof( $imap_stream ) ) {
$bodystructure .= $read;
- $read = fgets ($imap_stream, 10000);
+ $read = fgets ($imap_stream, 9216);
}
$read = $bodystructure;
-
+
// isolate the body structure and remove beginning and end parenthesis
$read = trim(substr ($read, strpos(strtolower($read), 'bodystructure') + 13));
$read = trim(substr ($read, 0, -1));
$read = trim(substr ($read, 1));
$end = mime_match_parenthesis(0, $read);
}
-
+
$msg = mime_parse_structure ($read, 0);
$msg->header = $header;
-
+
return( $msg );
}
*/
function mime_increment_id ($id) {
- if (strpos($id, ".")) {
- $first = substr($id, 0, strrpos($id, "."));
- $last = substr($id, strrpos($id, ".")+1);
+ if (strpos($id, '.')) {
+ $first = substr($id, 0, strrpos($id, '.'));
+ $last = substr($id, strrpos($id, '.')+1);
$last++;
- $new = $first . "." .$last;
+ $new = $first . '.' .$last;
} else {
$new = $id + 1;
}
-
+
return $new;
}
*/
function mime_new_element_level ($id) {
- if (!$id) {
- $id = 0;
- } else {
- $id = $id . '.0';
- }
+ if (!$id) {
+ $id = 0;
+ } else {
+ $id = $id . '.0';
+ }
- return( $id );
+ return( $id );
}
function mime_get_element (&$structure, $msg, $ent_id) {
return( $pos );
}
-function mime_fetch_body ($imap_stream, $id, $ent_id ) {
+function mime_fetch_body($imap_stream, $id, $ent_id ) {
/*
* do a bit of error correction. If we couldn't find the entity id, just guess
if (!$ent_id) {
$ent_id = 1;
}
- $data = sqimap_run_command ($imap_stream, "FETCH $id BODY[$ent_id]", true, $response, $message);
- $topline = array_shift($data);
- while (! ereg('\\* [0-9]+ FETCH ', $topline) && $data) {
- $topline = array_shift($data);
- }
+
+ $cmd = "FETCH $id BODY[$ent_id]";
+ $data = sqimap_run_command ($imap_stream, $cmd, true, $response, $message);
+
+ do {
+ $topline = array_shift( $data );
+ } while( $topline && $topline == '*' && !preg_match( '/\\* [0-9] FETCH.*/i', $topline )) ;
$wholemessage = implode('', $data);
if (ereg('\\{([^\\}]*)\\}', $topline, $regs)) {
+
$ret = substr( $wholemessage, 0, $regs[1] );
/*
There is some information in the content info header that could be important
*/
if ( $ret{0} == '<' ) {
$data = sqimap_run_command ($imap_stream, "FETCH $id BODY[$ent_id.MIME]", true, $response, $message);
- $base = '';
- $k = 10;
- foreach( $data as $d ) {
- if ( substr( $d, 0, 13 ) == 'Content-Base:' ) {
- $j = strlen( $d );
- $i = 13;
- $base = '';
- while ( $i < $j &&
- ( !isNoSep( $d{$i} ) || $d{$i} == '"' ) )
- $i++;
- while ( $i < $j ) {
- if ( isNoSep( $d{$i} ) )
- $base .= $d{$i};
- $i++;
- }
- $k = 0;
- } elseif ( $k == 1 && !isnosep( $d{0} ) ) {
- $base .= substr( $d, 1 );
- }
- $k++;
- }
- if ( $base <> '' )
-
- $ret = "<base href=\"$base\">" . $ret;
+ /* BASE within HTML documents is illegal (see w3 spec)
+* $base = '';
+* $k = 10;
+* foreach( $data as $d ) {
+* if ( substr( $d, 0, 13 ) == 'Content-Base:' ) {
+* $j = strlen( $d );
+* $i = 13;
+* $base = '';
+* while ( $i < $j &&
+* ( !isNoSep( $d{$i} ) || $d{$i} == '"' ) )
+* $i++;
+* while ( $i < $j ) {
+* if ( isNoSep( $d{$i} ) )
+* $base .= $d{$i};
+* $i++;
+* }
+* $k = 0;
+* } elseif ( $k == 1 && !isnosep( $d{0} ) ) {
+* $base .= substr( $d, 1 );
+* }
+* $k++;
+* }
+* if ( $base <> '' ) {
+* $ret = "<base href=\"$base\">" . $ret;
+* }
+* */
}
} else if (ereg('"([^"]*)"', $topline, $regs)) {
$ret = $regs[1];
} else {
global $where, $what, $mailbox, $passed_id, $startMessage;
- $par = "mailbox=".urlencode($mailbox)."&passed_id=$passed_id";
+ $par = 'mailbox=' . urlencode($mailbox) . "&passed_id=$passed_id";
if (isset($where) && isset($what)) {
- $par .= "&where=".urlencode($where)."&what=".urlencode($what);
+ $par .= '&where='. urlencode($where) . "&what=" . urlencode($what);
} else {
- $par .= "&startMessage=$startMessage&show_more=0";
+ $par .= "&startMessage=$startMessage&show_more=0";
}
- $par .= '&response='.urlencode($response).'&message='.urlencode($message).
- '&topline='.urlencode($topline);
+ $par .= '&response=' . urlencode($response) .
+ '&message=' . urlencode($message).
+ '&topline=' . urlencode($topline);
- echo '<b><font color=$color[2]>' .
+ echo '<tt><br>' .
+ '<table width="80%"><tr>' .
+ '<tr><td colspan=2>' .
_("Body retrieval error. The reason for this is most probably that the message is malformed. Please help us making future versions better by submitting this message to the developers knowledgebase!") .
- "<A HREF=\"../src/retrievalerror.php?$par\">Submit message</A><BR>" .
- '<tt>' . _("Response:") . "$response<BR>" .
- _("Message:") . " $message<BR>" .
- _("FETCH line:") . " $topline ....<BR></tt></font></b>";
-
+ " <A HREF=\"../src/retrievalerror.php?$par\"><br>" .
+ _("Submit message") . '</A><BR> ' .
+ '</td></tr>' .
+ '<td><b>' . _("Command:") . "</td><td>$cmd</td></tr>" .
+ '<td><b>' . _("Response:") . "</td><td>$response</td></tr>" .
+ '<td><b>' . _("Message:") . "</td><td>$message</td></tr>" .
+ '<td><b>' . _("FETCH line:") . "</td><td>$topline</td></tr>" .
+ "</table><BR></tt></font><hr>";
+
$data = sqimap_run_command ($imap_stream, "FETCH $passed_id BODY[]", true, $response, $message);
array_shift($data);
$wholemessage = implode('', $data);
- $ret = "---------------\n$wholemessage";
+ $ret = $wholemessage;
}
return( $ret );
}
if (!ini_get("safe_mode")) {
set_time_limit(0);
}
-
+
fputs ($imap_stream, "$sid FETCH $id BODY[$ent_id]\r\n");
$cnt = 0;
$continue = true;
if ($message) {
if ( $message->header->type0 == 'multipart' &&
( $message->header->type1 == 'alternative' ||
+ $message->header->type1 == 'mixed' ||
$message->header->type1 == 'related' ) &&
$show_html_default && ! $textOnly ) {
$entity = findDisplayEntityHTML($message);
// primary message. To add more of them, just put them in the
// order that is their priority.
global $startMessage, $username, $key, $imapServerAddress, $imapPort,
- $show_html_default;
+ $show_html_default, $has_unsafe_images, $view_unsafe_images, $sort;
+
+ $has_unsafe_images = 0;
$id = $message->header->id;
$urlmailbox = urlencode($message->header->mailbox);
} else {
translateText($body, $wrap_at, $body_message->header->charset);
}
-
- $body .= "<SMALL><CENTER><A HREF=\"../src/download.php?absolute_dl=true&passed_id=$id&passed_ent_id=$ent_num&mailbox=$urlmailbox&showHeaders=1\">". _("Download this as a file") ."</A></CENTER><BR></SMALL>";
-
+
+ $body .= "<CENTER><SMALL><A HREF=\"../src/download.php?absolute_dl=true&passed_id=$id&passed_ent_id=$ent_num&mailbox=$urlmailbox&showHeaders=1\">". _("Download this as a file") ."</A></SMALL></CENTER><BR>";
+ if ($has_unsafe_images) {
+ if ($view_unsafe_images) {
+ $body .= "<CENTER><SMALL><A HREF=\"read_body.php?passed_id=$id&mailbox=$urlmailbox&sort=$sort&startMessage=$startMessage&show_more=0\">". _("Hide Unsafe Images") ."</A></SMALL></CENTER><BR>\n";
+ } else {
+ $body .= "<CENTER><SMALL><A HREF=\"read_body.php?passed_id=$id&mailbox=$urlmailbox&sort=$sort&startMessage=$startMessage&show_more=0&view_unsafe_images=1\">". _("View Unsafe Images") ."</A></SMALL></CENTER><BR>\n";
+ }
+ }
+
/** Display the ATTACHMENTS: message if there's more than one part **/
- $body .= "</TD></TR></TABLE>";
if (isset($message->entities[0])) {
$body .= formatAttachments ($message, $ent_num, $message->header->mailbox, $id);
}
- $body .= "</TD></TR></TABLE>";
} else {
$body = formatAttachments ($message, -1, $message->header->mailbox, $id);
}
* A recursive function that returns a list of attachments with links
* to where to download these attachments
*/
-function formatAttachments ($message, $ent_id, $mailbox, $id) {
- global $where, $what;
- global $startMessage, $color;
- static $ShownHTML = 0;
+function formatAttachments($message, $ent_id, $mailbox, $id) {
+ global $where, $what;
+ global $startMessage, $color;
+ static $ShownHTML = 0;
- $body = "";
- if ($ShownHTML == 0) {
- $ShownHTML = 1;
+ $body = '';
+ if ($ShownHTML == 0) {
+ $ShownHTML = 1;
$body .= "<TABLE WIDTH=\"100%\" CELLSPACING=0 CELLPADDING=2 BORDER=0 BGCOLOR=\"$color[0]\"><TR>\n" .
- "<TH ALIGN=\"left\" BGCOLOR=\"$color[9]\"><B>\n" .
- _("Attachments") . ':' .
- "</B></TH></TR><TR><TD>\n" .
- "<TABLE CELLSPACING=0 CELLPADDING=1 BORDER=0>\n" .
- formatAttachments ($message, $ent_id, $mailbox, $id) .
- "</TABLE></TD></TR></TABLE>";
-
- return( $body );
- }
+ "<TH ALIGN=\"left\" BGCOLOR=\"$color[9]\"><B>\n" .
+ _("Attachments") . ':' .
+ "</B></TH></TR><TR><TD>\n" .
+ "<TABLE CELLSPACING=0 CELLPADDING=1 BORDER=0>\n" .
+ formatAttachments($message, $ent_id, $mailbox, $id) .
+ "</TABLE></TD></TR></TABLE>";
+
+ } else if ($message) {
+
+ if (!$message->entities) {
+
+ $type0 = strtolower($message->header->type0);
+ $type1 = strtolower($message->header->type1);
+ $name = decodeHeader($message->header->name);
+
+ if ($message->header->entity_id != $ent_id) {
+ $filename = decodeHeader($message->header->filename);
+ if (trim($filename) == '') {
+ if (trim($name) == '') {
+ if ( trim( $message->header->id ) == '' )
+ $display_filename = 'untitled-[' . $message->header->entity_id . ']' ;
+ else
+ $display_filename = 'cid: ' . $message->header->id;
+ // $display_filename = 'untitled-[' . $message->header->entity_id . ']' ;
+ } else {
+ $display_filename = $name;
+ $filename = $name;
+ }
+ } else {
+ $display_filename = $filename;
+ }
- if ($message) {
- if (!$message->entities) {
- $type0 = strtolower($message->header->type0);
- $type1 = strtolower($message->header->type1);
- $name = decodeHeader($message->header->name);
-
- if ($message->header->entity_id != $ent_id) {
- $filename = decodeHeader($message->header->filename);
- if (trim($filename) == '') {
- if (trim($name) == '') {
- if ( trim( $message->header->id ) == '' )
- $display_filename = 'untitled-[' . $message->header->entity_id . ']' ;
- else
- $display_filename = 'cid: ' . $message->header->id;
- // $display_filename = 'untitled-[' . $message->header->entity_id . ']' ;
- } else {
- $display_filename = $name;
- $filename = $name;
- }
- } else {
- $display_filename = $filename;
- }
+ $urlMailbox = urlencode($mailbox);
+ $ent = urlencode($message->header->entity_id);
- $urlMailbox = urlencode($mailbox);
- $ent = urlencode($message->header->entity_id);
-
- $DefaultLink =
- "../src/download.php?startMessage=$startMessage&passed_id=$id&mailbox=$urlMailbox&passed_ent_id=$ent";
- if ($where && $what)
- $DefaultLink .= '&where=' . urlencode($where) . '&what=' . urlencode($what);
- $Links['download link']['text'] = _("download");
- $Links['download link']['href'] =
- "../src/download.php?absolute_dl=true&passed_id=$id&mailbox=$urlMailbox&passed_ent_id=$ent";
- $ImageURL = '';
-
- /* this executes the attachment hook with a specific MIME-type.
- * if that doens't have results, it tries if there's a rule
- * for a more generic type. */
- $HookResults = do_hook("attachment $type0/$type1", $Links,
- $startMessage, $id, $urlMailbox, $ent, $DefaultLink,
- $display_filename, $where, $what);
- if(count($HookResults[1]) <= 1) {
- $HookResults = do_hook("attachment $type0/*", $Links,
- $startMessage, $id, $urlMailbox, $ent, $DefaultLink,
- $display_filename, $where, $what);
- }
+ $DefaultLink =
+ "../src/download.php?startMessage=$startMessage&passed_id=$id&mailbox=$urlMailbox&passed_ent_id=$ent";
+ if ($where && $what) {
+ $DefaultLink .= '&where=' . urlencode($where) . '&what=' . urlencode($what);
+ }
+ $Links['download link']['text'] = _("download");
+ $Links['download link']['href'] =
+ "../src/download.php?absolute_dl=true&passed_id=$id&mailbox=$urlMailbox&passed_ent_id=$ent";
+ $ImageURL = '';
+
+ /* this executes the attachment hook with a specific MIME-type.
+ * if that doens't have results, it tries if there's a rule
+ * for a more generic type. */
+ $HookResults = do_hook("attachment $type0/$type1", $Links,
+ $startMessage, $id, $urlMailbox, $ent, $DefaultLink,
+ $display_filename, $where, $what);
+ if(count($HookResults[1]) <= 1) {
+ $HookResults = do_hook("attachment $type0/*", $Links,
+ $startMessage, $id, $urlMailbox, $ent, $DefaultLink,
+ $display_filename, $where, $what);
+ }
- $Links = $HookResults[1];
- $DefaultLink = $HookResults[6];
-
- $body .= '<TR><TD> </TD><TD>' .
- "<A HREF=\"$DefaultLink\">$display_filename</A> </TD>" .
- '<TD><SMALL><b>' . show_readable_size($message->header->size) .
- '</b> </small></TD>' .
- "<TD><SMALL>[ $type0/$type1 ] </SMALL></TD>" .
- '<TD><SMALL>';
- if ($message->header->description)
- $body .= '<b>' . htmlspecialchars($message->header->description) . '</b>';
- $body .= '</SMALL></TD><TD><SMALL> ';
-
-
- $SkipSpaces = 1;
- foreach ($Links as $Val) {
- if ($SkipSpaces) {
- $SkipSpaces = 0;
- } else {
- $body .= ' | ';
- }
- $body .= '<a href="' . $Val['href'] . '">' . $Val['text'] . '</a>';
- }
+ $Links = $HookResults[1];
+ $DefaultLink = $HookResults[6];
+
+ $body .= '<TR><TD> </TD><TD>' .
+ "<A HREF=\"$DefaultLink\">$display_filename</A> </TD>" .
+ '<TD><SMALL><b>' . show_readable_size($message->header->size) .
+ '</b> </small></TD>' .
+ "<TD><SMALL>[ $type0/$type1 ] </SMALL></TD>" .
+ '<TD><SMALL>';
+ if ($message->header->description) {
+ $body .= '<b>' . htmlspecialchars(_($message->header->description)) . '</b>';
+ }
+ $body .= '</SMALL></TD><TD><SMALL> ';
- unset($Links);
- $body .= "</SMALL></TD></TR>\n";
- }
- } else {
- for ($i = 0; $i < count($message->entities); $i++) {
- $body .= formatAttachments ($message->entities[$i], $ent_id, $mailbox, $id);
+ $SkipSpaces = 1;
+ foreach ($Links as $Val) {
+ if ($SkipSpaces) {
+ $SkipSpaces = 0;
+ } else {
+ $body .= ' | ';
+ }
+ $body .= '<a href="' . $Val['href'] . '">' . $Val['text'] . '</a>';
+ }
+
+ unset($Links);
+
+ $body .= "</SMALL></TD></TR>\n";
+ }
+ } else {
+ for ($i = 0; $i < count($message->entities); $i++) {
+ $body .= formatAttachments($message->entities[$i], $ent_id, $mailbox, $id);
+ }
}
- }
- return( $body );
- }
+ }
+ return( $body );
}
*/
function encodeHeader ($string) {
global $default_charset;
-
+
// Encode only if the string contains 8-bit characters or =?
$j = strlen( $string );
$l = strstr($string, '=?'); // Must be encoded ?
$ret .= $string{$i};
}
}
-
+
if ( $l ) {
$string = "=?$default_charset?Q?$ret?=";
}
-
+
return( $string );
}
*/
function MagicHTML( $body, $id ) {
- global $message, $HTTP_SERVER_VARS,
+ global $message, $HTTP_SERVER_VARS,
$attachment_common_show_images;
$attachment_common_show_images =
$pos = $i + 1;
$tag = '';
while ($body{$pos} == ' ' || $body{$pos} == "\t" ||
- $body{$pos} == "\n") {
+ $body{$pos} == "\n" ) {
$pos ++;
}
while (strlen($tag) < 4 && $body{$pos} != ' ' &&
- $body{$pos} != "\t" && $body{$pos} != "\n") {
+ $body{$pos} != "\t" && $body{$pos} != "\n" &&
+ $pos < $j ) {
$tag .= $body{$pos};
$pos ++;
}
+ /*
+ A comment in HTML is only three characters and isn't
+ guaranteed to have a space after it. This fudges so
+ it will be caught by the switch statement.
+ */
+ if (ereg("!--", $tag)) {
+ $tag = "!-- ";
+ }
switch( strtoupper( $tag ) ) {
// Strips the entire tag and contents
case 'APPL':
- case 'EMBB':
+ case 'EMBE':
case 'FRAM':
case 'SCRI':
case 'OBJE':
$ret .= '<font color=#000000>';
break;
case 'BASE':
- $i += 5;
+ $i += 4;
$base = '';
+ if ( strncasecmp($body{$i}, 'font', 4) ) {
+ $i += 5;
+ while ( !isNoSep( $body{$i} ) && $i < $j ) {
+ $i++;
+ }
+ while ( $body{$i} <> '>' && $i < $j ) {
+ $base .= $body{$i};
+ $i++;
+ }
+ $ret .= "<BASEFONT $base>\n";
+ break;
+ }
+ $i++;
while ( !isNoSep( $body{$i} ) &&
$i < $j ) {
$i++;
return( "\n\n<!-- HTML Output ahead -->\n" .
$ret .
+ /* Base is illegal within HTML
"\n<!-- END of HTML Output --><base href=\"".
get_location() . '/'.
"\">\n\n" );
+ */
+ "\n<!-- END of HTML Output -->\n\n" );
}
function isNoSep( $char ) {
function stripEvent( &$i, $j, &$body, $id, $base ) {
- global $message, $base_uri;
+ global $message, $base_uri, $has_unsafe_images, $view_unsafe_images;
$ret = '';
$src .= $body{$k};
$k++;
}
+ $k++;
while( !isNoSep( $body{$k} ) &&
$k < $j ) {
$k++;
}
+ $k++;
if ( strtolower( substr( $src, 0, 4 ) ) == 'cid:' ) {
$src = substr( $src, 4 );
- $src = "../src/download.php?absolute_dl=true&passed_id=$id&mailbox=" .
+ $src = "../src/download.php?absolute_dl=true&passed_id=$id&mailbox=" .
urlencode( $message->header->mailbox ) .
- "&passed_ent_id=" . find_ent_id( $src, $message );
+ "&passed_ent_id=" . find_ent_id( $src, $message );
} else if ( strtolower( substr( $src, 0, 4 ) ) <> 'http' ||
stristr( $src, $base_uri ) ) {
/* Javascript and local urls goes out */
- $src = '../images/' . _("sec_remove_eng.png");
+ if (!$view_unsafe_images) {
+ $src = '../images/' . _("sec_remove_eng.png");
+ }
+ $has_unsafe_images = 1;
}
$ret .= 'src="' . $src . '" ';
$i = $k - 2;
$name .= $body{$i++};
}
if ( $name <> '' ) {
- $ret .= "../src/download.php?absolute_dl=true&passed_id=$id&mailbox=" .
+ $ret .= "../src/download.php?absolute_dl=true&passed_id=$id&mailbox=" .
urlencode( $message->header->mailbox ) .
- "&passed_ent_id=" . find_ent_id( $name, $message );
+ "&passed_ent_id=" . find_ent_id( $name, $message );
if ( $body{$k} == '"' )
$ret .= '" ';
else
projects / squirrelmail.git / blobdiff