}
/**
-* This returns a parsed string called $body. That string can then
-* be displayed as the actual message in the HTML. It contains
-* everything needed, including HTML Tags, Attachments at the
-* bottom, etc.
-* @param clean Do not output stuff that's irrelevant for the printable version.
-*/
+ * This returns a parsed string called $body. That string can then
+ * be displayed as the actual message in the HTML. It contains
+ * everything needed, including HTML Tags, Attachments at the
+ * bottom, etc.
+ *
+ * Since 1.2.0 function uses message_body hook.
+ * Till 1.3.0 function included output of formatAttachments().
+ *
+ * @param resource $imap_stream imap connection resource
+ * @param object $message squirrelmail message object
+ * @param array $color squirrelmail color theme array
+ * @param integer $wrap_at number of characters per line
+ * @param string $ent_num (since 1.3.0) message part id
+ * @param integer $id (since 1.3.0) message id
+ * @param string $mailbox (since 1.3.0) imap folder name
+ * @param boolean $clean (since 1.5.1) Do not output stuff that's irrelevant for the printable version.
+ * @return string html formated message text
+ */
function formatBody($imap_stream, $message, $color, $wrap_at, $ent_num, $id, $mailbox='INBOX', $clean=FALSE) {
/* This if statement checks for the entity to show as the
* primary message. To add more of them, just put them in the
return $body;
}
-
+/**
+ * Displays attachment links and information
+ * FIXME: SM_PATH is used in URLs
+ *
+ * Since 1.3.0 function is not included in formatBody() call.
+ *
+ * Since 1.0.2 uses attachment $type0/$type1 hook.
+ * Since 1.2.5 uses attachment $type0/* hook.
+ * Since 1.5.0 uses attachments_bottom hook.
+ *
+ * @param object $message SquirrelMail message object
+ * @param array $exclude_id message parts that are not attachments.
+ * @param string $mailbox mailbox name
+ * @param integer $id message id
+ * @return string html formated attachment information.
+ */
function formatAttachments($message, $exclude_id, $mailbox, $id) {
global $where, $what, $startMessage, $color, $passed_ent_id;
} else {
$attachments .= ' | ';
}
- $attachments .= '<a href="' . $val['href'] . '">' . $val['text'] . '</a>';
+ $attachments .= '<a href="' . $val['href'] . '">' . (isset($val['text']) && !empty($val['text']) ? $val['text'] : '') . (isset($val['extra']) && !empty($val['extra']) ? $val['extra'] : '') . '</a>';
}
unset($links);
$attachments .= "</td></tr>\n";
* If we couldn't generate a proper img url, drop in a blank image
* instead of sending back empty, otherwise it causes unusual behaviour
*/
- $httpurl = $quotechar . SM_PATH . 'images/blank.png';
+ $httpurl = $quotchar . SM_PATH . 'images/blank.png';
}
return $httpurl;
*
* @param $body the body of the message
* @param $id the id of the message
+* @param $message
+* @param $mailbox
+* @param boolean $take_mailto_links When TRUE, converts mailto: links
+* into internal SM compose links
+* (optional; default = TRUE)
* @return a string with html safe to display in the browser.
*/
-function magicHTML($body, $id, $message, $mailbox = 'INBOX') {
+function magicHTML($body, $id, $message, $mailbox = 'INBOX', $take_mailto_links = true) {
+
+ require_once(SM_PATH . 'functions/url_parser.php'); // for $MailTo_PReg_Match
+
global $attachment_common_show_images, $view_unsafe_images,
$has_unsafe_images;
+
/**
* Don't display attached images in HTML mode.
*/
"/binding/i",
"/behaviou*r/i",
"/include-source/i",
+ "/position\s*:\s*absolute/i",
"/url\s*\(\s*([\'\"])\s*\S+script\s*:.*([\'\"])\s*\)/si",
"/url\s*\(\s*([\'\"])\s*mocha\s*:.*([\'\"])\s*\)/si",
"/url\s*\(\s*([\'\"])\s*about\s*:.*([\'\"])\s*\)/si",
"idiocy",
"idiocy",
"idiocy",
+ "",
"url(\\1#\\1)",
"url(\\1#\\1)",
"url(\\1#\\1)",
$add_attr_to_tag = Array(
"/^a$/i" =>
- Array('target'=>'"_new"',
+ Array('target'=>'"_blank"',
'title'=>'"'._("This external link will open in a new window").'"'
)
);
if (preg_match("|$secremoveimg|i", $trusted)){
$has_unsafe_images = true;
}
+
+
+ // we want to parse mailto's in HTML output, change to SM compose links
+ // this is a modified version of code from url_parser.php... but Marc is
+ // right: we need a better filtering implementation; adding this randomly
+ // here is not a great solution
+ //
+ if ($take_mailto_links) {
+ // parseUrl($trusted); // this even parses URLs inside of tags... too aggressive
+ global $MailTo_PReg_Match;
+ $MailTo_PReg_Match = '/mailto:' . substr($MailTo_PReg_Match, 1);
+ if ((preg_match_all($MailTo_PReg_Match, $trusted, $regs)) && ($regs[0][0] != '')) {
+ foreach ($regs[0] as $i => $mailto_before) {
+ $mailto_params = $regs[10][$i];
+
+ // get rid of any tailing quote since we have to add send_to to the end
+ //
+ if (substr($mailto_before, strlen($mailto_before) - 1) == '"')
+ $mailto_before = substr($mailto_before, 0, strlen($mailto_before) - 1);
+ if (substr($mailto_params, strlen($mailto_params) - 1) == '"')
+ $mailto_params = substr($mailto_params, 0, strlen($mailto_params) - 1);
+
+ if ($regs[1][$i]) { //if there is an email addr before '?', we need to merge it with the params
+ $to = 'to=' . $regs[1][$i];
+ if (strpos($mailto_params, 'to=') > -1) //already a 'to='
+ $mailto_params = str_replace('to=', $to . '%2C%20', $mailto_params);
+ else {
+ if ($mailto_params) //already some params, append to them
+ $mailto_params .= '&' . $to;
+ else
+ $mailto_params .= '?' . $to;
+ }
+ }
+
+ $url_str = preg_replace(array('/to=/i', '/(?<!b)cc=/i', '/bcc=/i'), array('send_to=', 'send_to_cc=', 'send_to_bcc='), $mailto_params);
+
+ // we'll already have target=_blank, no need to allow comp_in_new
+ // here (which would be a lot more work anyway)
+ //
+ global $compose_new_win;
+ $temp_comp_in_new = $compose_new_win;
+ $compose_new_win = 0;
+ $comp_uri = makeComposeLink('src/compose.php' . $url_str, $mailto_before);
+ $compose_new_win = $temp_comp_in_new;
+
+ // remove <a href=" and anything after the next quote (we only
+ // need the uri, not the link HTML) in compose uri
+ //
+ $comp_uri = substr($comp_uri, 9);
+ $comp_uri = substr($comp_uri, 0, strpos($comp_uri, '"', 1));
+ $trusted = str_replace($mailto_before, $comp_uri, $trusted);
+ }
+ }
+ }
+
return $trusted;
}
} // end fn SendDownloadHeaders
-?>
+?>
\ No newline at end of file