Changeset 7162


Ignore:
Timestamp:
09/04/12 14:26:03 (7 years ago)
Author:
eduardow
Message:

Ticket #3077 - Problema para aceitar ou rejeitar um convite.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/2.4/expressoMail1_2/inc/class.imap_functions.inc.php

    r7087 r7162  
    18971897            $body = preg_replace('/<(meta|base|link|html|\/html)[^>]*>/i', '', $body); 
    18981898             
     1899 
     1900            // Malicious Code Remove  
     1901            $dirtyCodePattern = "/(<([\w]+[\w0-9]*)(.*)on(mouse(move|over|down|up)|load|blur|change|error|click|dblclick|focus|key(down|up|press)|select)([\n\ ]*)=([\n\ ]*)[\"'][^>\"']*[\"']([^>]*)>)(.*)(<\/\\2>)?/misU";  
     1902            preg_match_all($dirtyCodePattern, $body, $rest, PREG_PATTERN_ORDER);  
     1903            foreach ($rest[0] as $i => $val) {  
     1904                if (!(preg_match("/javascript:window\.open\(\"([^'\"]*)\/index\.php\?menuaction=calendar\.uicalendar\.set_action\&cal_id=([^;'\"]+);?['\"]/i", $rest[1][$i]) && strtoupper($rest[4][$i]) == "CLICK" )) //Calendar events  
     1905                    $body = str_replace($rest[1][$i], "<" . $rest[2][$i] . $rest[3][$i] . $rest[7][$i] . ">", $body);  
     1906            }  
    18991907            require_once(dirname(__FILE__).'/../../library/CssToInlineStyles/css_to_inline_styles.php'); 
    19001908            $cssToInlineStyles = new CSSToInlineStyles($body); 
     
    19131921            foreach ($tag_list as $index => $tag)  
    19141922                $body = @mb_eregi_replace("<$tag\\b[^>]*>(.*?)</$tag>", '', $body); 
    1915  
    1916             // Malicious Code Remove 
    1917             $dirtyCodePattern = "/(<([\w]+[\w0-9]*)(.*)on(mouse(move|over|down|up)|load|blur|change|error|click|dblclick|focus|key(down|up|press)|select)([\n\ ]*)=([\n\ ]*)[\"'][^>\"']*[\"']([^>]*)>)(.*)(<\/\\2>)?/misU"; 
    1918             preg_match_all($dirtyCodePattern, $body, $rest, PREG_PATTERN_ORDER); 
    1919             foreach ($rest[0] as $i => $val) { 
    1920                 if (!(preg_match("/javascript:window\.open\(\"([^'\"]*)\/index\.php\?menuaction=calendar\.uicalendar\.set_action\&cal_id=([^;'\"]+);?['\"]/i", $rest[1][$i]) && strtoupper($rest[4][$i]) == "CLICK" )) //Calendar events 
    1921                     $body = str_replace($rest[1][$i], "<" . $rest[2][$i] . $rest[3][$i] . $rest[7][$i] . ">", $body); 
    1922             } 
    19231923 
    19241924            /* 
Note: See TracChangeset for help on using the changeset viewer.