Changeset 5309
- Timestamp:
- 01/04/12 16:47:16 (12 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/expressoMail1_2/inc/class.imap_functions.inc.php
r5306 r5309 1825 1825 } 1826 1826 1827 function replace_special_characters($body) 1828 { 1829 // Suspected TAGS! 1830 // $tag_list = Array('blink','object','meta','html','link','frame','iframe','layer','ilayer','plaintext','script','style','img','applet','embed','head','frameset','xml','xmp'); 1831 1832 // remove MS Office's proprietary tag 1833 //$body = mb_ereg_replace('<!\-\-\[if [^!]* mso .*\]>.*<!\[endif\]\-\->', '', $body); 1834 1835 // Layout problem: Change html elements 1836 // with absolute position to relate position, CASE INSENSITIVE. 1837 $body = @mb_eregi_replace("POSITION: ABSOLUTE;","",$body); 1838 1839 //Remove Comentario Expresso 1840 $findExpCom[] = '<!-- TAG <'; 1841 $findExpCom[] = '> Removed by ExpressoMail -->'; 1842 $body = str_replace($findExpCom, '', $body); 1843 ///--------------------------------// 1844 1845 // tags to be removed doe to security reasons 1846 $tag_list = Array( 1847 'blink','object','frame','iframe', 1848 'layer','ilayer','plaintext','script', 1849 'applet','embed','frameset','xml','xmp' 1850 ); 1851 1852 foreach($tag_list as $index => $tag) { 1853 $body = @mb_eregi_replace("<$tag\\b[^>]*>(.*?)</$tag>", '', $body); 1854 } 1855 1856 $body = @mb_eregi_replace("<meta[^>]*>", '', $body); 1857 $body = @mb_eregi_replace("<base[^>]*>", '', $body); 1858 1859 //try to wrap CSS code instead of remove STYLE tags 1860 require_once('../library/csstidy/class.csstidy.php'); 1861 $css = new csstidy(); 1862 $css->set_cfg('preserve_css', false); 1863 1864 $regs_found = array(); 1865 $tags_found = @mb_eregi("<style\b[^>]*>(.*?)</style>", $body, $regs_found); 1866 $wrapper_class = 'ExpressoCssWrapper'.time(); 1867 1868 foreach ($regs_found as $block_found) { 1869 $n_start = strpos($block_found, '>')+1; 1870 $n_length = strrpos($block_found, '<')-$n_start; 1871 $bf_innerHTML = substr($block_found, $n_start, $n_length); 1872 1873 $bf_innerHTML = mb_ereg_replace('<!--', '', $bf_innerHTML); 1874 $bf_innerHTML = mb_ereg_replace('-->', '', $bf_innerHTML); 1875 1876 $css->parse($bf_innerHTML); 1877 1878 $prefix = ".$wrapper_class "; 1879 if( isset($css->css[41]) && count($css->css[41] > 0)) 1880 foreach ($css->css[41] as $key => $value) { 1881 //explode multiple selectors per block 1882 $selectors = explode(',', $key); 1883 1884 foreach ($selectors as $selector) { 1885 if (ereg('\*', $key)) { 1886 //skip selecto '*' 1887 continue; 1888 } 1889 1890 $selector = eregi_replace('[^#\.]*body.*', '', $selector); 1891 $css->css[41][$prefix.trim($selector)] = $value; 1892 } 1827 function replace_special_characters($body) 1828 { 1829 // Suspected TAGS! 1830 // $tag_list = Array('blink','object','meta','html','link','frame','iframe','layer','ilayer','plaintext','script','style','img','applet','embed','head','frameset','xml','xmp'); 1831 // remove MS Office's proprietary tag 1832 //$body = mb_ereg_replace('<!\-\-\[if [^!]* mso .*\]>.*<!\[endif\]\-\->', '', $body); 1833 // Layout problem: Change html elements 1834 // with absolute position to relate position, CASE INSENSITIVE. 1835 $body = @mb_eregi_replace("POSITION: ABSOLUTE;", "", $body); 1836 1837 //Remove Comentario Expresso 1838 $findExpCom[] = '<!-- TAG <'; 1839 $findExpCom[] = '> Removed by ExpressoMail -->'; 1840 $body = str_replace($findExpCom, '', $body); 1841 ///--------------------------------// 1842 // tags to be removed doe to security reasons 1843 $tag_list = Array( 1844 'blink', 'object', 'frame', 'iframe', 1845 'layer', 'ilayer', 'plaintext', 'script', 1846 'applet', 'embed', 'frameset', 'xml', 'xmp' 1847 ); 1848 1849 foreach ($tag_list as $index => $tag) 1850 $body = @mb_eregi_replace("<$tag\\b[^>]*>(.*?)</$tag>", '', $body); 1851 1852 1853 $body = @mb_eregi_replace("<meta[^>]*>", '', $body); 1854 $body = @mb_eregi_replace("<base[^>]*>", '', $body); 1855 1856 //try to wrap CSS code instead of remove STYLE tags 1857 require_once('../library/csstidy/class.csstidy.php'); 1858 $css = new csstidy(); 1859 $css->set_cfg('preserve_css', false); 1860 1861 $regs_found = array(); 1862 $tags_found = @mb_eregi("<style\b[^>]*>(.*?)</style[^>]*>", $body, $regs_found); 1863 $wrapper_class = 'ExpressoCssWrapper' . time(); 1864 1865 foreach ($regs_found as $block_found) { 1866 $n_start = strpos($block_found, '>') + 1; 1867 $n_length = strrpos($block_found, '<') - $n_start; 1868 $bf_innerHTML = substr($block_found, $n_start, $n_length); 1869 1870 $bf_innerHTML = mb_ereg_replace('<!--', '', $bf_innerHTML); 1871 $bf_innerHTML = mb_ereg_replace('-->', '', $bf_innerHTML); 1872 1873 $css->parse($bf_innerHTML); 1874 1875 $prefix = ".$wrapper_class "; 1876 if (isset($css->css[41]) && count($css->css[41] > 0)) 1877 foreach ($css->css[41] as $key => $value) { 1878 //explode multiple selectors per block 1879 $selectors = explode(',', $key); 1880 1881 foreach ($selectors as $selector) { 1882 if (ereg('\*', $key)) { 1883 //skip selecto '*' 1884 continue; 1885 } 1886 1887 $selector = eregi_replace('[^#\.]*body.*', '', $selector); 1888 $css->css[41][$prefix . trim($selector)] = $value; 1889 } 1893 1890 unset($css->css[41][$key]); 1894 } 1895 1896 $body = str_replace($block_found, '<style>'.$css->print->plain().'</style>', $body); 1897 } 1898 1899 1900 // Malicious Code Remove 1901 $dirtyCodePattern = "/(<([\w]+[\w0-9]*)(.*)on(mouse(move|over|down|up)|load|blur|change|error|click|dblclick|focus|key(down|up|press)|select)([\n\ ]*)=([\n\ ]*)[\"'][^>\"']*[\"']([^>]*)>)(.*)(<\/\\2>)?/misU"; 1902 preg_match_all($dirtyCodePattern,$body,$rest,PREG_PATTERN_ORDER); 1903 foreach($rest[0] as $i => $val) { 1904 if (!(preg_match("/javascript:window\.open\(\"([^'\"]*)\/index\.php\?menuaction=calendar\.uicalendar\.set_action\&cal_id=([^;'\"]+);?['\"]/i",$rest[1][$i]) && strtoupper($rest[4][$i]) == "CLICK" )) //Calendar events 1905 $body = str_replace($rest[1][$i],"<".$rest[2][$i].$rest[3][$i].$rest[7][$i].">",$body); 1906 } 1907 1908 /* 1909 * Remove deslocamento a esquerda colocado pelo Outlook. 1910 * Este delocamento faz com que algumas palavras fiquem escondidas atras da barra lateral do expresso. 1911 */ 1912 $body = mb_ereg_replace("(<p[^>]*)(text-indent:[^>;]*-[^>;]*;)([^>]*>)","\\1\\3",$body); 1913 $body = mb_ereg_replace("(<p[^>]*)(margin-right:[^>;]*-[^>;]*;)([^>]*>)","\\1\\3",$body); 1914 $body = mb_ereg_replace("(<p[^>]*)(margin-left:[^>;]*-[^>;]*;)([^>]*>)","\\1\\3",$body); 1915 //--------------------------------------------------------------------------------------------// 1916 1917 //Remoção de tags <span></span> para correção de erro no firefox 1918 //Comentado pois estes replaces geram erros no html da msg, não se pode garantir que o os </span></span> sejam realmente os fechamentos dos <span><span>. 1919 //Caso realmente haja a nescessidade de remover estes spans deve ser repensado a forma de como faze-lo. 1920 // $body = mb_eregi_replace("<span><span>","",$body); 1921 // $body = mb_eregi_replace("</span></span>","",$body); 1922 1923 //Correção para compatibilização com Outlook, ao visualizar a mensagem 1924 $body = mb_ereg_replace('<!--\[','<!-- [',$body); 1925 $body = mb_ereg_replace('<!\[endif\]-->', '<![endif]-->', $body); 1926 1927 return "<div class=\"$wrapper_class\"><span>".$body.'</span></div>'; 1928 1929 } 1891 } 1892 1893 $body = str_replace($block_found, '<style>' . $css->print->plain() . '</style>', $body); 1894 } 1895 1896 1897 // Malicious Code Remove 1898 $dirtyCodePattern = "/(<([\w]+[\w0-9]*)(.*)on(mouse(move|over|down|up)|load|blur|change|error|click|dblclick|focus|key(down|up|press)|select)([\n\ ]*)=([\n\ ]*)[\"'][^>\"']*[\"']([^>]*)>)(.*)(<\/\\2>)?/misU"; 1899 preg_match_all($dirtyCodePattern, $body, $rest, PREG_PATTERN_ORDER); 1900 foreach ($rest[0] as $i => $val) { 1901 if (!(preg_match("/javascript:window\.open\(\"([^'\"]*)\/index\.php\?menuaction=calendar\.uicalendar\.set_action\&cal_id=([^;'\"]+);?['\"]/i", $rest[1][$i]) && strtoupper($rest[4][$i]) == "CLICK" )) //Calendar events 1902 $body = str_replace($rest[1][$i], "<" . $rest[2][$i] . $rest[3][$i] . $rest[7][$i] . ">", $body); 1903 } 1904 1905 /* 1906 * Remove deslocamento a esquerda colocado pelo Outlook. 1907 * Este delocamento faz com que algumas palavras fiquem escondidas atras da barra lateral do expresso. 1908 */ 1909 $body = mb_ereg_replace("(<p[^>]*)(text-indent:[^>;]*-[^>;]*;)([^>]*>)", "\\1\\3", $body); 1910 $body = mb_ereg_replace("(<p[^>]*)(margin-right:[^>;]*-[^>;]*;)([^>]*>)", "\\1\\3", $body); 1911 $body = mb_ereg_replace("(<p[^>]*)(margin-left:[^>;]*-[^>;]*;)([^>]*>)", "\\1\\3", $body); 1912 //--------------------------------------------------------------------------------------------// 1913 //Remoção de tags <span></span> para correção de erro no firefox 1914 //Comentado pois estes replaces geram erros no html da msg, não se pode garantir que o os </span></span> sejam realmente os fechamentos dos <span><span>. 1915 //Caso realmente haja a nescessidade de remover estes spans deve ser repensado a forma de como faze-lo. 1916 // $body = mb_eregi_replace("<span><span>","",$body); 1917 // $body = mb_eregi_replace("</span></span>","",$body); 1918 //Correção para compatibilização com Outlook, ao visualizar a mensagem 1919 $body = mb_ereg_replace('<!--\[', '<!-- [', $body); 1920 $body = mb_ereg_replace('<!\[endif\]-->', '<![endif]-->', $body); 1921 1922 return "<div class=\"$wrapper_class\"><span>" . $body . '</span></div>'; 1923 } 1930 1924 1931 1925 function replace_links_callback($matches)
Note: See TracChangeset
for help on using the changeset viewer.