$challenge=base64_decode($challenge);
$parsed = array();
while (!empty($challenge)) {
- if ($challenge{0} == ',') { // First char is a comma, must not be 1st time through loop
+ if ($challenge[0] == ',') { // First char is a comma, must not be 1st time through loop
$challenge=substr($challenge,1);
}
$key=explode('=',$challenge,2);
$challenge=$key[1];
$key=$key[0];
- if ($challenge{0} == '"') {
+ if ($challenge[0] == '"') {
// We're in a quoted value
// Drop the first quote, since we don't care about it
$challenge=substr($challenge,1);
$read = sqimap_fgets($imap_stream);
$i = 0;
while ($read) {
- $char = $read{0};
+ $char = $read[0];
switch ($char)
{
case '+':
$read = sqimap_fgets($imap_stream);
break;
- case $tag{0}:
+ case $tag[0]:
{
/* get the command */
$arg = '';
break 2; /* switch while */
}
break;
- } // end case $tag{0}
+ } // end case $tag[0]
case '*':
{
break 4; /* while while switch while */
}
/* check for next untagged reponse and break */
- if ($read{0} == '*') break 2;
+ if ($read[0] == '*') break 2;
$s = substr($read,-3);
} while ($s === "}\r\n" || $read_literal);
$s = substr($read,-3);
- } while ($read{0} !== '*' &&
+ } while ($read[0] !== '*' &&
substr($read,0,strlen($tag)) !== $tag);
$resultlist[] = $fetch_data;
/* release not neaded data */
$read = sqimap_fgets($imap_stream);
if ($read === false) {
break 3; /* while switch while */
- } else if ($read{0} == '*') {
+ } else if ($read[0] == '*') {
break;
}
$s = substr($read,-3);
// Skip any rfc5530 response code: '[something]' at the
// start of the message
if (!empty($message)
- && $message{0} == '['
+ && $message[0] == '['
&& ($end = strstr($message, ']'))
&& $end != ']') {
$message = substr($end, 1);
if ($sid) {
$imapsid = $sid;
}
- if ($response{0} == '+') {
+ if ($response[0] == '+') {
// continuation request triggerd by sqimap_append()
$bDone = true;
} else {
if ($sThreadResponse) {
for ($i=0,$iCnt = strlen($sThreadResponse);$i<$iCnt;++$i) {
- $cChar = $sThreadResponse{$i};
+ $cChar = $sThreadResponse[$i];
switch ($cChar) {
case '(': // new sub thread
// correction for a subthread of a thread with no parents in thread
* @return string $s parsed string without the double quotes or literal count
*/
function parseString($read,&$i) {
- $char = $read{$i};
+ $char = $read[$i];
$s = '';
if ($char == '"') {
$iPos = ++$i;
while (true) {
$iPos = strpos($read,'"',$iPos);
if (!$iPos) break;
- if ($iPos && $read{$iPos -1} != '\\') {
+ if ($iPos && $read[$iPos -1] != '\\') {
$s = substr($read,$i,($iPos-$i));
$i = $iPos;
break;
case 'date':
$aMsg['date'] = trim(str_replace(' ', ' ', $value));
break;
- case 'x-priority': $aMsg['x-priority'] = ($value) ? (int) $value{0} : 3; break;
+ case 'x-priority': $aMsg['x-priority'] = ($value) ? (int) $value[0] : 3; break;
case 'priority':
case 'importance':
// duplicate code with Rfc822Header.cls:parsePriority()
$arg_no = 0;
$arg_a = array();
++$i;
- for ($cnt = strlen($read); ($i < $cnt) && ($read{$i} != ')'); ++$i) {
- $char = strtoupper($read{$i});
+ for ($cnt = strlen($read); ($i < $cnt) && ($read[$i] != ')'); ++$i) {
+ $char = strtoupper($read[$i]);
switch ($char) {
case '{':
case '"':
$addr_a = array();
$group = '';
$a=0;
- for (; $i < $cnt && $read{$i} != ')'; ++$i) {
- if ($read{$i} == '(') {
+ for (; $i < $cnt && $read[$i] != ')'; ++$i) {
+ if ($read[$i] == '(') {
$addr = sqimap_parse_address($read, $i);
if (($addr[3] == '') && ($addr[2] != '')) {
/* start of group */
*/
function sqimap_parse_address($read, &$i) {
$arg_a = array();
- for (; $read{$i} != ')'; ++$i) {
- $char = strtoupper($read{$i});
+ for (; $read[$i] != ')'; ++$i) {
+ $char = strtoupper($read[$i]);
switch ($char) {
case '{':
case '"': $arg_a[] = parseString($read,$i); break;
if (count($flags)) {
foreach ($flags as $flag) {
//FIXME: please document why it is we have to check the first char of the flag but we then go ahead and do a full string comparison anyway. Is this a speed enhancement? If not, let's keep it simple and just compare the full string and forget the switch block.
- $char = strtoupper($flag{1});
+ $char = strtoupper($flag[1]);
switch ($char) {
case 'S':
if (strtolower($flag) == '\\seen') {
/* There is some information in the content info header that could be important
* in order to parse html messages. Let's get them here.
*/
-// if ($ret{0} == '<') {
+// if ($ret[0] == '<') {
// $data = sqimap_run_command ($imap_stream, "FETCH $id BODY[$ent_id.MIME]", true, $response, $message, TRUE);
// }
} else if (preg_match('/"([^"]*)"/', $topline, $regs)) {
$iEncStart = $enc_init = false;
$cur_l = $iOffset = 0;
for($i = 0; $i < $j; ++$i) {
- switch($string{$i})
+ switch($string[$i])
{
case '"':
case '=':
$ret = '';
$iEncStart = false;
} else {
- $ret .= sprintf("=%02X",ord($string{$i}));
+ $ret .= sprintf("=%02X",ord($string[$i]));
}
break;
case '(':
}
break;
default:
- $k = ord($string{$i});
+ $k = ord($string[$i]);
if ($k > 126) {
if ($iEncStart === false) {
// do not start encoding in the middle of a string, also take the rest of the word.
$cur_l = 0;
$ret = '';
} else {
- $ret .= $string{$i};
+ $ret .= $string[$i];
}
}
}
$matches = Array();
$retarr = Array();
preg_match("%^(.*?)($reg)%si", substr($body, $offset), $matches);
- if (!isset($matches{0}) || !$matches{0}){
+ if (!isset($matches[0]) || !$matches[0]){
$retarr = false;
} else {
- $retarr{0} = $offset + strlen($matches{1});
- $retarr{1} = $matches{1};
- $retarr{2} = $matches{2};
+ $retarr[0] = $offset + strlen($matches[1]);
+ $retarr[1] = $matches[1];
+ $retarr[2] = $matches[2];
}
return $retarr;
}
/**
* Yep. So we did.
*/
- $pos += strlen($matches{1});
- if ($matches{2} == "/>"){
+ $pos += strlen($matches[1]);
+ if ($matches[2] == "/>"){
$tagtype = 3;
$pos++;
}
return $retary;
}
case '>':
- $attary{$attname} = '"yes"';
+ $attary[$attname] = '"yes"';
return Array($tagname, $attary, $tagtype, $lt, $pos);
break;
default:
}
list($pos, $attval, $match) = $regary;
$pos++;
- $attary{$attname} = "'" . $attval . "'";
+ $attary[$attname] = "'" . $attval . "'";
} else if ($quot == '"'){
$regary = sq_findnxreg($body, $pos+1, '\"');
if ($regary == false){
}
list($pos, $attval, $match) = $regary;
$pos++;
- $attary{$attname} = '"' . $attval . '"';
+ $attary[$attname] = '"' . $attval . '"';
} else {
/**
* These are hateful. Look for \s, or >.
* If it's ">" it will be caught at the top.
*/
$attval = preg_replace("/\"/s", """, $attval);
- $attary{$attname} = '"' . $attval . '"';
+ $attary[$attname] = '"' . $attval . '"';
}
} else if (preg_match("|[\w/>]|", $char)) {
/**
* That was attribute type 4.
*/
- $attary{$attname} = '"yes"';
+ $attary[$attname] = '"yes"';
} else {
/**
* An illegal character. Find next '>' and return.
if ($hex){
$numval = hexdec($numval);
}
- $repl{$matches[0][$i]} = chr($numval);
+ $repl[$matches[0][$i]] = chr($numval);
}
$attvalue = strtr($attvalue, $repl);
return true;
if (preg_match($matchtag, $tagname)){
foreach ($matchattrs as $matchattr){
if (preg_match($matchattr, $attname)){
- unset($attary{$attname});
+ unset($attary[$attname]);
continue;
}
}
// entities are used in the attribute value. In 99% of the cases it's there as XSS
// i.e.<div style="{ left:expʀessioɴ( alert('XSS') ) }">
$attvalue = "idiocy";
- $attary{$attname} = $attvalue;
+ $attary[$attname] = $attvalue;
}
sq_unspace($attvalue);
$newvalue =
preg_replace($valmatch, $valrepl, $attvalue);
if ($newvalue != $attvalue){
- $attary{$attname} = $newvalue;
+ $attary[$attname] = $newvalue;
$attvalue = $newvalue;
}
}
if ($attname == 'style') {
if (preg_match('/[\0-\37\200-\377]+/',$attvalue)) {
// 8bit and control characters in style attribute values can be used for XSS, remove them
- $attary{$attname} = '"disallowed character"';
+ $attary[$attname] = '"disallowed character"';
}
preg_match_all("/url\s*\((.+)\)/si",$attvalue,$aMatch);
if (count($aMatch)) {
// url value
$urlvalue = $sMatch;
sq_fix_url($attname, $urlvalue, $message, $id, $mailbox,"'");
- $attary{$attname} = str_replace($sMatch,$urlvalue,$attvalue);
+ $attary[$attname] = str_replace($sMatch,$urlvalue,$attvalue);
}
}
}
|| $attname == 'poster' || $attname == 'formaction'
|| $attname == 'background' || $attname == 'action') {
sq_fix_url($attname, $attvalue, $message, $id, $mailbox);
- $attary{$attname} = $attvalue;
+ $attary[$attname] = $attvalue;
}
}
/**
$bSucces = false;
$bEndTag = false;
for ($i=$pos,$iCount=strlen($body);$i<$iCount;++$i) {
- $char = $body{$i};
+ $char = $body[$i];
switch ($char) {
case '<':
$sToken = $char;
case '!':
if ($sToken == '<') {
// possible comment
- if (isset($body{$i+2}) && substr($body,$i,3) == '!--') {
+ if (isset($body[$i+2]) && substr($body,$i,3) == '!--') {
$i = strpos($body,'-->',$i+3);
if ($i === false) { // no end comment
$i = strlen($body);
$styledef .= "color: $text; ";
}
if (strlen($styledef) > 0){
- $divattary{"style"} = "\"$styledef\"";
+ $divattary["style"] = "\"$styledef\"";
}
}
return $divattary;
if ($tagname == "body"){
$tagname = "div";
}
- if (isset($open_tags{$tagname}) &&
- $open_tags{$tagname} > 0){
- $open_tags{$tagname}--;
+ if (isset($open_tags[$tagname]) &&
+ $open_tags[$tagname] > 0){
+ $open_tags[$tagname]--;
} else {
$tagname = false;
}
$message, $id);
}
if ($tagtype == 1){
- if (isset($open_tags{$tagname})){
- $open_tags{$tagname}++;
+ if (isset($open_tags[$tagname])){
+ $open_tags[$tagname]++;
} else {
- $open_tags{$tagname}=1;
+ $open_tags[$tagname]=1;
}
}
/**
* Remove any references to http/https if view_unsafe_images set
* to false.
*/
- array_push($bad_attvals{'/.*/'}{'/^src|background/i'}[0],
+ array_push($bad_attvals['/.*/']['/^src|background/i'][0],
'/^([\'\"])\s*https*:.*([\'\"])/si');
- array_push($bad_attvals{'/.*/'}{'/^src|background/i'}[1],
+ array_push($bad_attvals['/.*/']['/^src|background/i'][1],
"\\1$secremoveimg\\1");
- array_push($bad_attvals{'/.*/'}{'/^style/i'}[0],
+ array_push($bad_attvals['/.*/']['/^style/i'][0],
'/url\([\'\"]?https?:[^\)]*[\'\"]?\)/si');
- array_push($bad_attvals{'/.*/'}{'/^style/i'}[1],
+ array_push($bad_attvals['/.*/']['/^style/i'][1],
"url(\\1$secremoveimg\\1)");
}
if ($iLimit && $iLimit == count($aAddress)) {
return $aAddress;
}
- $cChar = $sToken{0};
+ $cChar = $sToken[0];
switch ($cChar)
{
case '=':
$iCnt = strlen($address);
$i = 0;
while ($i < $iCnt) {
- $cChar = $address{$i};
+ $cChar = $address[$i];
switch($cChar)
{
case '<':
$iEnd = strpos($address,$cChar,$i+1);
if ($iEnd) {
// skip escaped quotes
- $prev_char = $address{$iEnd-1};
+ $prev_char = $address[$iEnd-1];
while ($prev_char === '\\' && substr($address,$iEnd-2,2) !== '\\\\') {
$iEnd = strpos($address,$cChar,$iEnd+1);
if ($iEnd) {
- $prev_char = $address{$iEnd-1};
+ $prev_char = $address[$iEnd-1];
} else {
$prev_char = false;
}
$iDepth = 1;
$iComment = $i;
while (($iDepth > 0) && (++$iComment < $iCnt)) {
- $cCharComment = $address{$iComment};
+ $cCharComment = $address[$iComment];
switch($cCharComment) {
case '\\':
++$iComment;
// check the next token in case comments appear in the middle of email addresses
$prevToken = end($aTokens);
if (!in_array($prevToken,$aSpecials,true)) {
- if ($i+1<strlen($address) && !in_array($address{$i+1},$aSpecials,true)) {
+ if ($i+1<strlen($address) && !in_array($address[$i+1],$aSpecials,true)) {
$iEnd = strpos($address,' ',$i+1);
if ($iEnd) {
$sNextToken = trim(substr($address,$i+1,$iEnd - $i -1));
for ($j=0;$j<$s;$j++) {
switch ( $mode ) {
case '=':
- if ( $line{$j} == '=' ) {
+ if ( $line[$j] == '=' ) {
// Ok, we've got a right value, lets detect what type
$mode = 'D';
- } else if ( $line{$j} == ';' ) {
+ } else if ( $line[$j] == ';' ) {
// hu! end of command
$key = $mode = '';
}
break;
case 'K':
// Key detect
- if ( $line{$j} == ' ' ) {
+ if ( $line[$j] == ' ' ) {
$mode = '=';
} else {
- $key .= $line{$j};
+ $key .= $line[$j];
// FIXME: this is only pour workaround for plugins[] array.
- if ($line{$j}=='[' && $line{($j+1)}==']') {
+ if ($line[$j]=='[' && $line[($j+1)]==']') {
$key .= $arraykey;
$arraykey++;
}
break;
case ';':
// Skip until next ;
- if ( $line{$j} == ';' ) {
+ if ( $line[$j] == ';' ) {
$mode = '';
}
break;
case 'S':
- if ( $line{$j} == '\\' ) {
- $value .= $line{$j};
+ if ( $line[$j] == '\\' ) {
+ $value .= $line[$j];
$modifier = TRUE;
- } else if ( $line{$j} == $delimiter && $modifier === FALSE ) {
+ } else if ( $line[$j] == $delimiter && $modifier === FALSE ) {
// End of string;
$newcfg[$key] = $value . $delimiter;
$key = $value = '';
$mode = ';';
} else {
- $value .= $line{$j};
+ $value .= $line[$j];
$modifier = FALSE;
}
break;
case 'N':
- if ( $line{$j} == ';' ) {
- $newcfg{$key} = $value;
+ if ( $line[$j] == ';' ) {
+ $newcfg[$key] = $value;
$key = $mode = '';
} else {
- $value .= $line{$j};
+ $value .= $line[$j];
}
break;
case 'C':
// Comments
if ( $s > $j + 1 &&
- $line{$j}.$line{$j+1} == '*/' ) {
+ $line[$j].$line[$j+1] == '*/' ) {
$mode = '';
$j++;
}
break;
case 'D':
// Delimiter detect
- switch ( $line{$j} ) {
+ switch ( $line[$j] ) {
case '"':
case "'":
// Double quote string
- $delimiter = $value = $line{$j};
+ $delimiter = $value = $line[$j];
$mode = 'S';
break;
case ' ':
default:
if ( strtoupper( substr( $line, $j, 4 ) ) == 'TRUE' ) {
// Boolean TRUE
- $newcfg{$key} = 'TRUE';
+ $newcfg[$key] = 'TRUE';
$key = '';
$mode = ';';
} else if ( strtoupper( substr( $line, $j, 5 ) ) == 'FALSE' ) {
- $newcfg{$key} = 'FALSE';
+ $newcfg[$key] = 'FALSE';
$key = '';
$mode = ';';
} else {
// Number or function call
$mode = 'N';
- $value = $line{$j};
+ $value = $line[$j[;
}
}
break;
default:
- if ( $line{$j} == '$' ) {
+ if ( $line[$j] == '$' ) {
// We must detect $key name
$mode = 'K';
$key = '$';
// Skip untill next ;
$mode = ';';
$j += 6;
- } else if ( $line{$j}.$line{$j+1} == '/*' ) {
+ } else if ( $line[$j].$line[$j+1] == '/*' ) {
$mode = 'C';
$j++;
- } else if ( $line{$j} == '#' || $line{$j}.$line{$j+1} == '//' ) {
+ } else if ( $line[$j] == '#' || $line[$j].$line[$j+1] == '//' ) {
// Delete till the end of the line
$j = $s;
}
} else if ( $l == 'false' ) {
$v = 'FALSE';
$type = SMOPT_TYPE_BOOLEAN;
- } else if ( $v{0} == "'" ) {
+ } else if ( $v[0] == "'" ) {
$type = SMOPT_TYPE_STRING;
- } else if ( $v{0} == '"' ) {
+ } else if ( $v[0] == '"' ) {
$type = SMOPT_TYPE_STRING;
}
"\n" );
foreach ( $newcfg as $k => $v ) {
- if ( $k{0} == '$' && $v <> '' || is_int($v)) {
+ if ( $k[0] == '$' && $v <> '' || is_int($v)) {
if ( substr( $k, 1, 11 ) == 'ldap_server' ) {
$v = substr( $v, 0, strlen( $v ) - 1 ) . "\n)";
$v = str_replace( 'array(', "array(\n\t", $v );
}
}
- if (($line != '' && $line{0} == '-' || $header) && isset($boundaries[0])) {
+ if (($line != '' && $line[0] == '-' || $header) && isset($boundaries[0])) {
$cnt=count($boundaries)-1;
$bnd = $boundaries[$cnt]['bnd'];
$bndreg = $boundaries[$cnt]['bndreg'];
$bndlen = strlen($reg[1]);
$bndend = false;
if (strlen($line) > ($bndlen + 3)) {
- if ($line{$bndlen+2} == '-' && $line{$bndlen+3} == '-')
+ if ($line[$bndlen+2] == '-' && $line[$bndlen+3] == '-')
$bndend = true;
}
if ($bndend) {