Changeset ea206d3 in github
- Timestamp:
- Sep 1, 2006 6:01:31 AM (7 years ago)
- Branches:
- master, HEAD, courier-fix, dev-browser-capabilities, pdo, release-0.6, release-0.7, release-0.8
- Children:
- 3ea0e32
- Parents:
- 10c92be
- Location:
- program
- Files:
-
- 5 edited
-
include/rcube_imap.inc (modified) (1 diff)
-
steps/mail/func.inc (modified) (6 diffs)
-
steps/mail/get.inc (modified) (1 diff)
-
steps/mail/show.inc (modified) (1 diff)
-
steps/settings/save_identity.inc (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
program/include/rcube_imap.inc
r107bde9 rea206d3 1011 1011 if (!empty($part[6]) && $part[6]!='NIL') 1012 1012 $struct->size = intval($part[6]); 1013 1013 1014 1014 // read part disposition 1015 $di = count($part) - 3;1015 $di = count($part) - 2; 1016 1016 if (is_array($part[$di])) 1017 1017 { -
program/steps/mail/func.inc
r10c92be rea206d3 677 677 if (!$safe) // remove remote images and scripts 678 678 { 679 $remote_patterns = array('/ (src|background)=(["\']?)([hftps]{3,5}:\/{2}[^"\'\s]+)(\2|\s|>)/Ui',680 // '/(src|background)=(["\']?)([\.\/]+[^"\'\s]+)(\2|\s|>)/Ui',679 $remote_patterns = array('/<img\s+(.*)src=(["\']?)([hftps]{3,5}:\/{2}[^"\'\s]+)(\2|\s|>)/Ui', 680 '/(src|background)=(["\']?)([hftps]{3,5}:\/{2}[^"\'\s]+)(\2|\s|>)/Ui', 681 681 '/(<base.*href=["\']?)([hftps]{3,5}:\/{2}[^"\'\s]+)([^<]*>)/i', 682 682 '/(<link.*href=["\']?)([hftps]{3,5}:\/{2}[^"\'\s]+)([^<]*>)/i', … … 685 685 '/<script.+<\/script>/Umis'); 686 686 687 $remote_replaces = array('', // '\\1=\\2#\\4', 688 // '\\1=\\2#\\4', 687 $remote_replaces = array('<img \\1src=\\2./program/blank.gif\\4', 689 688 '', 690 '', // '\\1#\\3', 689 '', 690 '', 691 691 'none', 692 692 'none', … … 767 767 $body = preg_replace("/##string_replacement\{([0-9]+)\}##/e", "\$replace_strings[\\1]", join("\n", $a_lines)); 768 768 769 return "<div class=\"pre\"> \n".$body."\n</div>";769 return "<div class=\"pre\">".$body."\n</div>"; 770 770 } 771 771 } … … 948 948 949 949 foreach ($sa_inline_objects as $inline_object) 950 $a_replaces['cid:'.$inline_object->content_id] = sprintf($get_url, $inline_object->mime_id);950 $a_replaces['cid:'.$inline_object->content_id] = htmlspecialchars(sprintf($get_url, $inline_object->mime_id)); 951 951 952 952 // add replace array to each content part … … 1093 1093 { 1094 1094 if (strpos($attach_prop->mimetype, 'image/')===0) 1095 $out .= sprintf("\n<hr />\n<p align=\"center\"><img src=\"%s& _part=%s\" alt=\"%s\" title=\"%s\" /></p>\n",1096 $GET_URL, $attach_prop->mime_id,1095 $out .= sprintf("\n<hr />\n<p align=\"center\"><img src=\"%s&_part=%s\" alt=\"%s\" title=\"%s\" /></p>\n", 1096 htmlspecialchars($GET_URL), $attach_prop->mime_id, 1097 1097 $attach_prop->filename, 1098 1098 $attach_prop->filename); … … 1122 1122 while (($pos = strpos($body_lc, '<style', $last_style_pos)) && ($pos2 = strpos($body_lc, '</style>', $pos))) 1123 1123 { 1124 $pos2 += 8; 1125 $body_pre = substr($body, 0, $pos); 1126 $styles = substr($body, $pos, $pos2-$pos); 1127 $body_post = substr($body, $pos2, strlen($body)-$pos2); 1128 1124 $pos = strpos($body_lc, '>', $pos)+1; 1125 1129 1126 // replace all css definitions with #container [def] 1130 $styles = rcmail_mod_css_styles( $styles, $container_id);1131 1132 $body = $body_pre . $styles . $body_post;1127 $styles = rcmail_mod_css_styles(substr($body, $pos, $pos2-$pos), $container_id); 1128 1129 $body = substr($body, 0, $pos) . $styles . substr($body, $pos2); 1133 1130 $last_style_pos = $pos2; 1134 1131 } -
program/steps/mail/get.inc
rf7bfec9 rea206d3 88 88 if ($ctype_primary=='text' && $ctype_secondary=='html') 89 89 { 90 // we have to analyze the whole structure again to find inline objects 91 list($MESSAGE['parts']) = rcmail_parse_message($MESSAGE['structure'], 92 array('safe' => (bool)$_GET['_safe'], 93 'prefer_html' => TRUE, 94 'get_url' => $GET_URL.'&_part=%s')); 95 $part = &$MESSAGE['parts'][0]; 96 90 97 // get part body if not available 91 98 if (!$part->body) 92 99 $part->body = $IMAP->get_message_part($MESSAGE['UID'], $part->mime_id, $part); 93 100 94 list($MESSAGE['parts']) = rcmail_parse_message($part,95 array('safe' => (bool)$_GET['_safe'],96 'prefer_html' => TRUE,97 'get_url' => $GET_URL.'&_part=%s'));98 99 101 $OUTPUT = new rcube_html_page(); 100 $OUTPUT->write(rcmail_print_body($ MESSAGE['parts'][0], (bool)$_GET['_safe']));102 $OUTPUT->write(rcmail_print_body($part, (bool)$_GET['_safe'])); 101 103 } 102 104 else -
program/steps/mail/show.inc
r8d4bcda rea206d3 109 109 else 110 110 $out .= sprintf('<li><a href="%s&_part=%s" onclick="return %s.command(\'load-attachment\',{part:\'%s\', mimetype:\'%s\'},this)">%s</a></li>'."\n", 111 html entities($GET_URL),111 htmlspecialchars($GET_URL), 112 112 $attach_prop->mime_id, 113 113 $JS_OBJECT_NAME, -
program/steps/settings/save_identity.inc
r89406f3 rea206d3 62 62 } 63 63 64 if ($updated && !empty($_POST['_standard']))64 if ($updated) 65 65 { 66 66 show_message('successfullysaved', 'confirmation'); 67 67 68 68 // mark all other identities as 'not-default' 69 $DB->query("UPDATE ".get_table_name('identities')." 70 SET ".$DB->quoteIdentifier('standard')."='0' 71 WHERE user_id=? 72 AND identity_id<>? 73 AND del<>1", 74 $_SESSION['user_id'], 75 get_input_value('_iid', RCUBE_INPUT_POST)); 69 if (!empty($_POST['_standard'])) 70 $DB->query("UPDATE ".get_table_name('identities')." 71 SET ".$DB->quoteIdentifier('standard')."='0' 72 WHERE user_id=? 73 AND identity_id<>? 74 AND del<>1", 75 $_SESSION['user_id'], 76 get_input_value('_iid', RCUBE_INPUT_POST)); 76 77 77 78 if ($_POST['_framed'])
Note: See TracChangeset
for help on using the changeset viewer.
