Changeset 7161


Ignore:
Timestamp:
09/04/12 12:54:18 (7 years ago)
Author:
cristiano
Message:

Ticket #3077 - Problema para aceitar ou rejeitar convite

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/expressoMail1_2/inc/class.imap_functions.inc.php

    r7070 r7161  
    19061906            $body = str_ireplace('<o:p>&nbsp;</o:p>','<br />', $body);//Qubra de linha do MSO 
    19071907            $body = preg_replace('/<(meta|base|link|html|\/html)[^>]*>/i', '', $body); 
     1908 
     1909 
     1910                        // Malicious Code Remove 
     1911            $dirtyCodePattern = "/(<([\w]+[\w0-9]*)(.*)on(mouse(move|over|down|up)|load|blur|change|error|click|dblclick|focus|key(down|up|press)|select)([\n\ ]*)=([\n\ ]*)[\"'][^>\"']*[\"']([^>]*)>)(.*)(<\/\\2>)?/misU"; 
     1912            preg_match_all($dirtyCodePattern, $body, $rest, PREG_PATTERN_ORDER); 
     1913            foreach ($rest[0] as $i => $val) { 
     1914                if (!(preg_match("/javascript:window\.open\(\"([^'\"]*)\/index\.php\?menuaction=calendar\.uicalendar\.set_action\&cal_id=([^;'\"]+);?['\"]/i", $rest[1][$i]) && strtoupper($rest[4][$i]) == "CLICK" )) //Calendar events 
     1915                    $body = str_replace($rest[1][$i], "<" . $rest[2][$i] . $rest[3][$i] . $rest[7][$i] . ">", $body); 
     1916            } 
    19081917             
    19091918            require_once(dirname(__FILE__).'/../../library/CssToInlineStyles/css_to_inline_styles.php'); 
     
    19231932            foreach ($tag_list as $index => $tag)  
    19241933                $body = @mb_eregi_replace("<$tag\\b[^>]*>(.*?)</$tag>", '', $body); 
    1925  
    1926             // Malicious Code Remove 
    1927             $dirtyCodePattern = "/(<([\w]+[\w0-9]*)(.*)on(mouse(move|over|down|up)|load|blur|change|error|click|dblclick|focus|key(down|up|press)|select)([\n\ ]*)=([\n\ ]*)[\"'][^>\"']*[\"']([^>]*)>)(.*)(<\/\\2>)?/misU"; 
    1928             preg_match_all($dirtyCodePattern, $body, $rest, PREG_PATTERN_ORDER); 
    1929             foreach ($rest[0] as $i => $val) { 
    1930                 if (!(preg_match("/javascript:window\.open\(\"([^'\"]*)\/index\.php\?menuaction=calendar\.uicalendar\.set_action\&cal_id=([^;'\"]+);?['\"]/i", $rest[1][$i]) && strtoupper($rest[4][$i]) == "CLICK" )) //Calendar events 
    1931                     $body = str_replace($rest[1][$i], "<" . $rest[2][$i] . $rest[3][$i] . $rest[7][$i] . ">", $body); 
    1932             } 
    19331934 
    19341935            /* 
Note: See TracChangeset for help on using the changeset viewer.