banananetwork
/
roundcubemail
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

PHPDoc and CS fixes

Browse Source
pull/6908/head
Aleksander Machniak 5 years ago
parent cc21eac9b9
commit 1afa46d28d
24 changed files with 433 additions and 293 deletions
Show Stats Download Patch File Download Diff File

2
program/include/rcmail.php
Unescape Escape View File

@ -1645,7 +1645,7 @@ class rcmail extends rcube
$out .= html::tag('li', array(
'id' => "rcmli" . $folder_id,
'class' => join(' ', $classes),
'class' => implode(' ', $classes),
'noclose' => true
),
html::a($link_attrib, $html_name));

4
program/include/rcmail_install.php
Unescape Escape View File

@ -462,7 +462,7 @@ class rcmail_install
$diff = array_diff(array_keys($cols), $db_cols);
if (!empty($diff)) {
$errors[] = "Missing columns in table '$table': " . join(',', $diff);
$errors[] = "Missing columns in table '$table': " . implode(',', $diff);
}
}
}
@ -783,7 +783,7 @@ class rcmail_install
}
if ($isnum) {
return 'array(' . join(', ', array_map(array('rcmail_install', '_dump_var'), $var)) . ')';
return 'array(' . implode(', ', array_map(array('rcmail_install', '_dump_var'), $var)) . ')';
}
}
}

2
program/include/rcmail_sendmail.php
Unescape Escape View File

@ -775,7 +775,7 @@ class rcmail_sendmail
$parts[] = $key . '=' . ($encode ? 'B::' . base64_encode($val) : $val);
}
return join('; ', $parts);
return implode('; ', $parts);
}
/**

2
program/lib/Roundcube/db/mssql.php
Unescape Escape View File

@ -99,7 +99,7 @@ class rcube_db_mssql extends rcube_db
$args = $args[0];
}
return '(' . join('+', $args) . ')';
return '(' . implode('+', $args) . ')';
}
/**

2
program/lib/Roundcube/db/mysql.php
Unescape Escape View File

@ -70,7 +70,7 @@ class rcube_db_mysql extends rcube_db
$args = $args[0];
}
return 'CONCAT(' . join(', ', $args) . ')';
return 'CONCAT(' . implode(', ', $args) . ')';
}
/**

8
program/lib/Roundcube/rcube.php
Unescape Escape View File

@ -1190,7 +1190,7 @@ class rcube
}
}
$replacements[$tag] = join(" ", $parts);
$replacements[$tag] = implode(' ', $parts);
}
// use strtr behaviour of going through source string once
@ -1223,7 +1223,7 @@ class rcube
$msg[] = !is_string($arg) ? var_export($arg, true) : $arg;
}
self::write_log('console', join(";\n", $msg));
self::write_log('console', implode(";\n", $msg));
}
/**
@ -1706,7 +1706,7 @@ class rcube
if (!$sent) {
self::raise_error(array('code' => 800, 'type' => 'smtp',
'line' => __LINE__, 'file' => __FILE__,
'message' => join("\n", $response)), true, false);
'message' => implode("\n", $response)), true, false);
// allow plugins to catch sending errors with the same parameters as in 'message_before_send'
$this->plugins->exec_hook('message_send_error', $plugin + array('error' => $error));
@ -1727,7 +1727,7 @@ class rcube
rcube_utils::remote_addr(),
$headers['Message-ID'],
implode(', ', $mailto),
!empty($response) ? join('; ', $response) : ''));
!empty($response) ? implode('; ', $response) : ''));
}
}

28
program/lib/Roundcube/rcube_addressbook.php
Unescape Escape View File

@ -508,7 +508,7 @@ abstract class rcube_addressbook
// default display name composition according to vcard standard
if (!$fn) {
$fn = join(' ', array_filter(array($contact['prefix'], $contact['firstname'], $contact['middlename'], $contact['surname'], $contact['suffix'])));
$fn = implode(' ', array_filter(array($contact['prefix'], $contact['firstname'], $contact['middlename'], $contact['surname'], $contact['suffix'])));
$fn = trim(preg_replace('/\s+/u', ' ', $fn));
}
@ -543,18 +543,24 @@ abstract class rcube_addressbook
{
static $compose_mode;
if (!isset($compose_mode)) // cache this
if (!isset($compose_mode)) {
$compose_mode = rcube::get_instance()->config->get('addressbook_name_listing', 0);
}
if ($compose_mode == 3)
$fn = join(' ', array($contact['surname'] . ',', $contact['firstname'], $contact['middlename']));
else if ($compose_mode == 2)
$fn = join(' ', array($contact['surname'], $contact['firstname'], $contact['middlename']));
else if ($compose_mode == 1)
$fn = join(' ', array($contact['firstname'], $contact['middlename'], $contact['surname']));
else if ($compose_mode == 0)
$fn = $contact['name'] ?: join(' ', array($contact['prefix'], $contact['firstname'], $contact['middlename'], $contact['surname'], $contact['suffix']));
else {
switch ($compose_mode) {
case 3:
$fn = implode(' ', array($contact['surname'] . ',', $contact['firstname'], $contact['middlename']));
break;
case 2:
$fn = implode(' ', array($contact['surname'], $contact['firstname'], $contact['middlename']));
break;
case 1:
$fn = implode(' ', array($contact['firstname'], $contact['middlename'], $contact['surname']));
break;
case 0:
$fn = $contact['name'] ?: implode(' ', array($contact['prefix'], $contact['firstname'], $contact['middlename'], $contact['surname'], $contact['suffix']));
break;
default:
$plugin = rcube::get_instance()->plugins->exec_hook('contact_listname', array('contact' => $contact));
$fn = $plugin['fn'];
}

2
program/lib/Roundcube/rcube_config.php
Unescape Escape View File

@ -633,7 +633,7 @@ class rcube_config
*/
public function get_error()
{
return empty($this->errors) ? false : join("\n", $this->errors);
return empty($this->errors) ? false : implode("\n", $this->errors);
}
/**

39
program/lib/Roundcube/rcube_contacts.php
Unescape Escape View File

@ -338,7 +338,7 @@ class rcube_contacts extends rcube_addressbook
foreach ((array)$fields as $idx => $col) {
$groups[] = $this->fulltext_sql_where($word, $mode, $col);
}
$where[] = '(' . join(' OR ', $groups) . ')';
$where[] = '(' . implode(' OR ', $groups) . ')';
}
}
@ -349,7 +349,7 @@ class rcube_contacts extends rcube_addressbook
if (!empty($where)) {
// use AND operator for advanced searches
$where = join(" AND ", $where);
$where = implode(' AND ', $where);
}
// Post-searching in vCard data fields
@ -460,7 +460,7 @@ class rcube_contacts extends rcube_addressbook
}
}
return count($where) ? '(' . join(" $bool ", $where) . ')' : '';
return count($where) ? '(' . implode(" $bool ", $where) . ')' : '';
}
/**
@ -645,9 +645,9 @@ class rcube_contacts extends rcube_addressbook
if (!$existing->count && !empty($a_insert_cols)) {
$this->db->query(
"INSERT INTO " . $this->db->table_name($this->db_name, true).
" (`user_id`, `changed`, `del`, ".join(', ', $a_insert_cols).")".
" VALUES (".intval($this->user_id).", ".$this->db->now().", 0, ".join(', ', $a_insert_values).")"
"INSERT INTO " . $this->db->table_name($this->db_name, true)
. " (`user_id`, `changed`, `del`, " . implode(', ', $a_insert_cols) . ")"
. " VALUES (" . intval($this->user_id) . ", " . $this->db->now() . ", 0, " . implode(', ', $a_insert_values) . ")"
);
$insert_id = $this->db->insert_id($this->db_name);
@ -679,11 +679,11 @@ class rcube_contacts extends rcube_addressbook
if (!empty($write_sql)) {
$this->db->query(
"UPDATE " . $this->db->table_name($this->db_name, true).
" SET `changed` = ".$this->db->now().", ".join(', ', $write_sql).
" WHERE `contact_id` = ?".
" AND `user_id` = ?".
" AND `del` <> 1",
"UPDATE " . $this->db->table_name($this->db_name, true)
. " SET `changed` = " . $this->db->now() . ", " . implode(', ', $write_sql)
. " WHERE `contact_id` = ?"
. " AND `user_id` = ?"
. " AND `del` <> 1",
$id,
$this->user_id
);
@ -744,7 +744,7 @@ class rcube_contacts extends rcube_addressbook
if (isset($value))
$vcard->set($field, $value, $section);
if ($fulltext && is_array($value))
$words .= ' ' . rcube_utils::normalize_string(join(" ", $value));
$words .= ' ' . rcube_utils::normalize_string(implode(' ', $value));
else if ($fulltext && strlen($value) >= 3)
$words .= ' ' . rcube_utils::normalize_string($value);
}
@ -753,21 +753,24 @@ class rcube_contacts extends rcube_addressbook
foreach ($this->table_cols as $col) {
$key = $col;
if (!isset($save_data[$key]))
if (!isset($save_data[$key])) {
$key .= ':home';
}
if (isset($save_data[$key])) {
if (is_array($save_data[$key]))
$out[$col] = join(self::SEPARATOR, $save_data[$key]);
else
if (is_array($save_data[$key])) {
$out[$col] = implode(self::SEPARATOR, $save_data[$key]);
}
else {
$out[$col] = $save_data[$key];
}
}
}
// save all e-mails in database column
$out['email'] = join(self::SEPARATOR, $vcard->email);
$out['email'] = implode(self::SEPARATOR, $vcard->email);
// join words for fulltext search
$out['words'] = join(" ", array_unique(explode(" ", $words)));
$out['words'] = implode(' ', array_unique(explode(' ', $words)));
return $out;
}

2
program/lib/Roundcube/rcube_db.php
Unescape Escape View File

@ -1010,7 +1010,7 @@ class rcube_db
$args = $args[0];
}
return '(' . join(' || ', $args) . ')';
return '(' . implode(' || ', $args) . ')';
}
/**

2
program/lib/Roundcube/rcube_imap.php
Unescape Escape View File

@ -3188,7 +3188,7 @@ class rcube_imap extends rcube_storage
continue;
}
$myrights = join('', (array)$this->my_rights($folder));
$myrights = implode('', (array)$this->my_rights($folder));
if ($myrights !== null && !preg_match($regex, $myrights)) {
unset($a_folders[$idx]);

2
program/lib/Roundcube/rcube_imap_generic.php
Unescape Escape View File

@ -299,7 +299,7 @@ class rcube_imap_generic
while ($line[0] == '*');
if ($untagged) {
$untagged = join("\n", $untagged);
$untagged = implode("\n", $untagged);
}
return $line;

4
program/lib/Roundcube/rcube_ldap.php
Unescape Escape View File

@ -772,7 +772,7 @@ class rcube_ldap extends rcube_addressbook
$rcube = rcube::get_instance();
$list_fields = $rcube->config->get('contactlist_fields');
if ($this->prop['vlv_search'] && $this->ready && join(',', (array)$fields) == join(',', $list_fields)) {
if ($this->prop['vlv_search'] && $this->ready && implode(',', (array)$fields) == implode(',', $list_fields)) {
$this->result = new rcube_result_set(0);
$this->ldap->config_set('fuzzy_search', intval($this->prop['fuzzy_search'] && !($mode & rcube_addressbook::SEARCH_STRICT)));
@ -1608,7 +1608,7 @@ class rcube_ldap extends rcube_addressbook
$key = $col.':'.$subtype;
foreach ((array)$save_cols[$key] as $i => $val) {
$values = array($val['street'], $val['locality'], $val['zipcode'], $val['country']);
$save_cols[$key][$i] = count(array_filter($values)) ? join($delim, $values) : null;
$save_cols[$key][$i] = count(array_filter($values)) ? implode($delim, $values) : null;
}
}
}

4
program/lib/Roundcube/rcube_ldap_generic.php
Unescape Escape View File

@ -341,10 +341,10 @@ class rcube_ldap_generic extends Net_LDAP3
foreach ($attributes as $attr) {
$parts[] = "($attr=$wp" . self::quote_string($word) . "$ws)";
}
$groups[] = '(|' . join('', $parts) . ')';
$groups[] = '(|' . implode('', $parts) . ')';
}
return count($groups) > 1 ? '(&' . join('', $groups) . ')' : join('', $groups);
return count($groups) > 1 ? '(&' . implode('', $groups) . ')' : implode('', $groups);
}
}

6
program/lib/Roundcube/rcube_message.php
Unescape Escape View File

@ -367,7 +367,7 @@ class rcube_message
return true;
}
$parent = $this->mime_parts[join('.', $level)];
$parent = $this->mime_parts[implode('.', $level)];
if (!$this->check_context($parent)) {
return true;
@ -425,7 +425,7 @@ class rcube_message
return true;
}
$parent = $this->mime_parts[join('.', $level)];
$parent = $this->mime_parts[implode('.', $level)];
if (!$this->check_context($parent)) {
return true;
@ -1082,7 +1082,7 @@ class rcube_message
$items = explode('.', $part->mime_id);
for ($i = count($items)-1; $i > 0; $i--) {
$last = array_pop($items);
$parent = $this->mime_parts[join('.', $items)];
$parent = $this->mime_parts[implode('.', $items)];
if ($parent && $parent->charset) {
$charsets[] = $parent->charset;

4
program/lib/Roundcube/rcube_smtp.php
Unescape Escape View File

@ -350,7 +350,7 @@ class rcube_smtp
return false;
}
$this->response[] = join(': ', $this->conn->getResponse());
$this->response[] = implode(': ', $this->conn->getResponse());
return true;
}
@ -476,7 +476,7 @@ class rcube_smtp
}
}
return array($from, join(self::SMTP_MIME_CRLF, $lines) . self::SMTP_MIME_CRLF);
return array($from, implode(self::SMTP_MIME_CRLF, $lines) . self::SMTP_MIME_CRLF);
}
/**

6
program/lib/Roundcube/rcube_storage.php
Unescape Escape View File

@ -590,15 +590,15 @@ abstract class rcube_storage
}
// get UIDs from current search set
else {
$uids = join(',', $this->search_set->get());
$uids = implode(',', $this->search_set->get());
}
}
else {
if (is_array($uids)) {
$uids = join(',', $uids);
$uids = implode(',', $uids);
}
else if (strpos($uids, ':')) {
$uids = join(',', rcube_imap_generic::uncompressMessageSet($uids));
$uids = implode(',', rcube_imap_generic::uncompressMessageSet($uids));
}
if (preg_match('/[^0-9,]/', $uids)) {

44
program/lib/Roundcube/rcube_string_replacer.php
Unescape Escape View File

@ -38,6 +38,11 @@ class rcube_string_replacer
protected $noword = '[^\w@.#-]';
/**
* Object constructor
*
* @param array $options Configuration options
*/
function __construct($options = array())
{
// Simplified domain expression for UTF8 characters handling
@ -63,7 +68,7 @@ class rcube_string_replacer
/**
* Add a string to the internal list
*
* @param string String value
* @param string $str String value
*
* @return int Index of value for retrieval
*/
@ -76,6 +81,10 @@ class rcube_string_replacer
/**
* Build replacement string
*
* @param string|int $i Replacement index
*
* @return string Replacement string
*/
public function get_replacement($i)
{
@ -85,8 +94,10 @@ class rcube_string_replacer
/**
* Callback function used to build HTML links around URL strings
*
* @param array Matches result from preg_replace_callback
* @return int Index of saved string value
* @param array $matches Matches result from preg_replace_callback
*
* @return string Return valid link for recognized schemes, otherwise
* return the unmodified URL.
*/
public function link_callback($matches)
{
@ -111,13 +122,15 @@ class rcube_string_replacer
$this->urls[$i] = $attrib['href'];
}
// Return valid link for recognized schemes, otherwise
// return the unmodified string for unrecognized schemes.
return $i >= 0 ? $prefix . $this->get_replacement($i) : $matches[0];
}
/**
* Callback to add an entry to the link index
*
* @param array $matches Matches result from preg_replace_callback
*
* @return string Replacement string
*/
public function linkref_addindex($matches)
{
@ -129,6 +142,10 @@ class rcube_string_replacer
/**
* Callback to replace link references with real links
*
* @param array $matches Matches result from preg_replace_callback
*
* @return string Replacement string
*/
public function linkref_callback($matches)
{
@ -145,9 +162,9 @@ class rcube_string_replacer
/**
* Callback function used to build mailto: links around e-mail strings
*
* @param array Matches result from preg_replace_callback
* @param array $matches Matches result from preg_replace_callback
*
* @return int Index of saved string value
* @return string Replacement string
*/
public function mailto_callback($matches)
{
@ -162,7 +179,8 @@ class rcube_string_replacer
* Look up the index from the preg_replace matches array
* and return the substitution value.
*
* @param array Matches result from preg_replace_callback
* @param array $matches Matches result from preg_replace_callback
*
* @return string Value at index $matches[1]
*/
public function replace_callback($matches)
@ -191,6 +209,10 @@ class rcube_string_replacer
/**
* Replace substituted strings with original values
*
* @param string $str Text
*
* @return string Text
*/
public function resolve($str)
{
@ -199,8 +221,12 @@ class rcube_string_replacer
/**
* Fixes bracket characters in URL handling
*
* @param string &$url URL
*
* @return string Suffix (the rest of the URL input)
*/
public static function parse_url_brackets(&$url)
protected static function parse_url_brackets(&$url)
{
// #1487672: special handling of square brackets,
// URL regexp allows [] characters in URL, for example:

39
program/lib/Roundcube/rcube_text2html.php
Unescape Escape View File

@ -25,25 +25,13 @@
*/
class rcube_text2html
{
/**
* Contains the HTML content after conversion.
*
* @var string $html
*/
/** @var string Contains the HTML content after conversion */
protected $html;
/**
* Contains the plain text.
*
* @var string $text
*/
/** @var string Contains the plain text */
protected $text;
/**
* Configuration
*
* @var array $config
*/
/** @var array Configuration */
protected $config = array(
// non-breaking space
'space' => "\xC2\xA0",
@ -75,9 +63,9 @@ class rcube_text2html
* will instantiate with that source propagated, all that has
* to be done it to call get_html().
*
* @param string $source Plain text
* @param boolean $from_file Indicates $source is a file to pull content from
* @param array $config Class configuration
* @param string $source Plain text
* @param bool $from_file Indicates $source is a file to pull content from
* @param array $config Class configuration
*/
function __construct($source = '', $from_file = false, $config = array())
{
@ -93,8 +81,8 @@ class rcube_text2html
/**
* Loads source text into memory, either from $source string or a file.
*
* @param string $source Plain text
* @param boolean $from_file Indicates $source is a file to pull content from
* @param string $source Plain text
* @param bool $from_file Indicates $source is a file to pull content from
*/
function set_text($source, $from_file = false)
{
@ -143,7 +131,9 @@ class rcube_text2html
/**
* Workhorse function that does actual conversion.
*
* @param string Plain text
* @param string $text Plain text
*
* @return string HTML content
*/
protected function _converter($text)
{
@ -236,7 +226,7 @@ class rcube_text2html
str_repeat('</blockquote>', $quote_level)));
}
$text = join("\n", $text);
$text = implode("\n", $text);
// colorize signature (up to <sig_max_lines> lines)
$len = strlen($text);
@ -266,6 +256,11 @@ class rcube_text2html
/**
* Converts spaces in line of text
*
* @param string $text Plain text
* @param bool $is_flowed Is the $text format=flowed?
*
* @return string Converted text
*/
protected function _convert_line($text, $is_flowed)
{

20
program/lib/Roundcube/rcube_tnef_decoder.php
Unescape Escape View File

@ -129,7 +129,7 @@ class rcube_tnef_decoder
*
* @param string $data The data to decompress.
*
* @return mixed The decompressed data.
* @return array The decompressed data.
*/
public function decompress($data)
{
@ -167,8 +167,8 @@ class rcube_tnef_decoder
/**
* Pop specified number of bytes from the buffer.
*
* @param string &$data The data string.
* @param integer $bytes How many bytes to retrieve.
* @param string &$data The data string.
* @param int $bytes How many bytes to retrieve.
*
* @return string Extracted data
*/
@ -187,10 +187,10 @@ class rcube_tnef_decoder
/**
* Pop specified number of bits from the buffer
*
* @param string &$data The data string.
* @param integer $bits How many bits to retrieve.
* @param string &$data The data string.
* @param int $bits How many bits to retrieve.
*
* @return int
* @return int|null
*/
protected function _geti(&$data, $bits)
{
@ -216,6 +216,8 @@ class rcube_tnef_decoder
* Decode a single attribute
*
* @param string &$data The data string.
*
* @return string Extracted data
*/
protected function _decodeAttribute(&$data)
{
@ -534,8 +536,7 @@ class rcube_tnef_decoder
/**
* Parse RTF data and return the best plaintext representation we can.
* Adapted from:
* http://webcheatsheet.com/php/reading_the_clean_text_from_rtf.php
* Adapted from: http://webcheatsheet.com/php/reading_the_clean_text_from_rtf.php
*
* @param string $text The RTF (uncompressed) text.
*
@ -738,6 +739,9 @@ class rcube_tnef_decoder
return $document;
}
/**
* Checks if an RTF element is plain text
*/
protected static function _rtfIsPlain($s)
{
$notPlain = array('*', 'fonttbl', 'colortbl', 'datastore', 'themedata', 'stylesheet');

45
program/lib/Roundcube/rcube_user.php
Unescape Escape View File

@ -27,42 +27,35 @@
*/
class rcube_user
{
/** @var int User identifier */
public $ID;
/** @var array User properties */
public $data;
/** @var string User language code */
public $language;
/** @var array User preferences */
public $prefs;
/**
* Holds database connection.
*
* @var rcube_db
*/
/** @var rcube_db Holds database connection */
private $db;
/**
* Framework object.
*
* @var rcube
*/
/** @var rcube Framework object */
private $rc;
/**
* Internal identities cache
*
* @var array
*/
/** @var array Internal identities cache */
private $identities = array();
/**
* Internal emails cache
*
* @var array
*/
/** @var array Internal emails cache */
private $emails;
const SEARCH_ADDRESSBOOK = 1;
const SEARCH_MAIL = 2;
const SEARCH_MAIL = 2;
/**
* Object constructor
@ -378,7 +371,7 @@ class rcube_user
$query_params[] = $this->ID;
$sql = "UPDATE ".$this->db->table_name('identities', true).
" SET `changed` = ".$this->db->now().", ".join(', ', $query_cols).
" SET `changed` = ".$this->db->now().", ".implode(', ', $query_cols).
" WHERE `identity_id` = ?".
" AND `user_id` = ?".
" AND `del` <> 1";
@ -420,8 +413,8 @@ class rcube_user
$insert_values[] = $this->ID;
$sql = "INSERT INTO ".$this->db->table_name('identities', true).
" (`changed`, ".join(', ', $insert_cols).")".
" VALUES (".$this->db->now().", ".join(', ', array_pad(array(), count($insert_values), '?')).")";
" (`changed`, ".implode(', ', $insert_cols).")".
" VALUES (".$this->db->now().", ".implode(', ', array_pad(array(), count($insert_values), '?')).")";
$insert = $this->db->query($sql, $insert_values);
@ -857,8 +850,8 @@ class rcube_user
$insert_values[] = serialize($data['data']);
$sql = "INSERT INTO ".$this->db->table_name('searches', true)
." (".join(', ', $insert_cols).")"
." VALUES (".join(', ', array_pad(array(), count($insert_values), '?')).")";
." (".implode(', ', $insert_cols).")"
." VALUES (".implode(', ', array_pad(array(), count($insert_values), '?')).")";
$insert = $this->db->query($sql, $insert_values);

162
program/lib/Roundcube/rcube_utils.php
Unescape Escape View File

@ -58,10 +58,10 @@ class rcube_utils
/**
* E-mail address validation.
*
* @param string $email Email address
* @param boolean $dns_check True to check dns
* @param string $email Email address
* @param bool $dns_check True to check dns
*
* @return boolean True on success, False if address is invalid
* @return bool True on success, False if address is invalid
*/
public static function check_email($email, $dns_check=true)
{
@ -155,10 +155,10 @@ class rcube_utils
/**
* Replacing specials characters to a specific encoding type
*
* @param string Input string
* @param string Encoding type: text|html|xml|js|url
* @param string Replace mode for tags: show|remove|strict
* @param boolean Convert newlines
* @param string $str Input string
* @param string $enctype Encoding type: text|html|xml|js|url
* @param string $mode Replace mode for tags: show|remove|strict
* @param bool $newlines Convert newlines
*
* @return string The quoted string
*/
@ -246,10 +246,10 @@ class rcube_utils
* Read input value and convert it for internal use
* Performs stripslashes() and charset conversion if necessary
*
* @param string Field name to read
* @param int Source to get value from (see self::INPUT_*)
* @param boolean Allow HTML tags in field value
* @param string Charset to convert into
* @param string $fname Field name to read
* @param int $source Source to get value from (see self::INPUT_*)
* @param bool $allow_html Allow HTML tags in field value
* @param string $charset Charset to convert into
*
* @return string Field value or NULL if not available
*/
@ -276,9 +276,9 @@ class rcube_utils
* Parse/validate input value. See self::get_input_value()
* Performs stripslashes() and charset conversion if necessary
*
* @param string Input value
* @param boolean Allow HTML tags in field value
* @param string Charset to convert into
* @param string $value Input value
* @param bool $allow_html Allow HTML tags in field value
* @param string $charset Charset to convert into
*
* @return string Parsed value
*/
@ -321,9 +321,9 @@ class rcube_utils
* Convert array of request parameters (prefixed with _)
* to a regular array with non-prefixed keys.
*
* @param int $mode Source to get value from (GPC)
* @param string $ignore PCRE expression to skip parameters by name
* @param boolean $allow_html Allow HTML tags in field value
* @param int $mode Source to get value from (GPC)
* @param string $ignore PCRE expression to skip parameters by name
* @param bool $allow_html Allow HTML tags in field value
*
* @return array Hash array with all request parameters
*/
@ -345,25 +345,29 @@ class rcube_utils
/**
* Convert the given string into a valid HTML identifier
* Same functionality as done in app.js with rcube_webmail.html_identifier()
*
* @param string $str String input
* @param bool $encode Use base64 encoding
*
* @param string Valid HTML identifier
*/
public static function html_identifier($str, $encode=false)
public static function html_identifier($str, $encode = false)
{
if ($encode) {
return rtrim(strtr(base64_encode($str), '+/', '-_'), '=');
}
else {
return asciiwords($str, true, '_');
}
return asciiwords($str, true, '_');
}
/**
* Replace all css definitions with #container [def]
* and remove css-inlined scripting, make position style safe
*
* @param string CSS source code
* @param string Container ID to use as prefix
* @param bool Allow remote content
* @param string Prefix to be added to id/class identifier
* @param string $source CSS source code
* @param string $container_id Container ID to use as prefix
* @param bool $allow_remote Allow remote content
* @param string $prefix Prefix to be added to id/class identifier
*
* @return string Modified CSS source
*/
@ -414,7 +418,7 @@ class rcube_utils
}
}
$styles = join(";\n", $a_styles);
$styles = implode(";\n", $a_styles);
}
$key = $replacements->add($styles);
@ -488,14 +492,14 @@ class rcube_utils
}
}
return join(" ", $classes);
return implode(' ', $classes);
}
/**
* Decode escaped entities used by known XSS exploits.
* See http://downloads.securityfocus.com/vulnerabilities/exploits/26800.eml for examples
*
* @param string CSS content to decode
* @param string $content CSS content to decode
*
* @return string Decoded string
*/
@ -516,9 +520,9 @@ class rcube_utils
/**
* Check if we can process not exceeding memory_limit
*
* @param integer Required amount of memory
* @param integer $need Required amount of memory
*
* @return boolean True if memory won't be exceeded, False otherwise
* @return bool True if memory won't be exceeded, False otherwise
*/
public static function mem_check($need)
{
@ -531,25 +535,28 @@ class rcube_utils
/**
* Check if working in SSL mode
*
* @param integer $port HTTPS port number
* @param boolean $use_https Enables 'use_https' option checking
* @param int $port HTTPS port number
* @param bool $use_https Enables 'use_https' option checking
*
* @return boolean
* @return bool True in SSL mode, False otherwise
*/
public static function https_check($port=null, $use_https=true)
public static function https_check($port = null, $use_https = true)
{
if (!empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) != 'off') {
return true;
}
if (!empty($_SERVER['HTTP_X_FORWARDED_PROTO'])
&& strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'https'
&& in_array($_SERVER['REMOTE_ADDR'], rcube::get_instance()->config->get('proxy_whitelist', array()))
) {
return true;
}
if ($port && $_SERVER['SERVER_PORT'] == $port) {
return true;
}
if ($use_https && rcube::get_instance()->config->get('use_https')) {
return true;
}
@ -597,11 +604,12 @@ class rcube_utils
}
/**
* Returns the host name after checking it against trusted hostname
* patterns, otherwise returns localhost (and logs a warning)
* Returns the server name after checking it against trusted hostname patterns.
*
* Returns 'localhost' and logs a warning when the hostname is not trusted.
*
* @param string $type The $_SERVER key, e.g. 'HTTP_HOST', Default: 'SERVER_NAME'.
* @param boolean $strip_port Strip port from the host name
* @param string $type The $_SERVER key, e.g. 'HTTP_HOST', Default: 'SERVER_NAME'.
* @param bool $strip_port Strip port from the host name
*
* @return string Server name
*/
@ -696,7 +704,7 @@ class rcube_utils
*
* @param string $name Header name
*
* @return mixed Header value or null if not available
* @return string|null Header value or null if not available
*/
public static function request_header($name)
{
@ -719,8 +727,8 @@ class rcube_utils
/**
* Explode quoted string
*
* @param string Delimiter expression string for preg_match()
* @param string Input string
* @param string $delimiter Delimiter expression string for preg_match()
* @param string $string Input string
*
* @return array String items
*/
@ -786,7 +794,7 @@ class rcube_utils
* @param string $date Date string
* @param DateTimeZone $timezone Timezone to use for DateTime object
*
* @return DateTime instance or false on failure
* @return DateTime|false DateTime object or False on failure
*/
public static function anytodatetime($date, $timezone = null)
{
@ -880,8 +888,8 @@ class rcube_utils
* @param string $date Date string
* @param string $format Input date format
*
* @return strin Date string in YYYY-MM-DD format, or the original string
* if format is not supported
* @return string Date string in YYYY-MM-DD format, or the original string
* if format is not supported
*/
public static function format_datestr($date, $format)
{
@ -980,8 +988,9 @@ class rcube_utils
/**
* Split the given string into word tokens
*
* @param string Input to tokenize
* @param integer Minimum length of a single token
* @param string $str Input to tokenize
* @param int $minlen Minimum length of a single token
*
* @return array List of tokens
*/
public static function tokenize_string($str, $minlen = 2)
@ -1002,11 +1011,11 @@ class rcube_utils
* Normalize the given string for fulltext search.
* Currently only optimized for ISO-8859-1 and ISO-8859-2 characters; to be extended
*
* @param string Input string (UTF-8)
* @param boolean True to return list of words as array
* @param integer Minimum length of tokens
* @param string $str Input string (UTF-8)
* @param bool $as_array True to return list of words as array
* @param int $minlen Minimum length of tokens
*
* @return mixed Normalized string or a list of normalized tokens
* @return string|array Normalized string or a list of normalized tokens
*/
public static function normalize_string($str, $as_array = false, $minlen = 2)
{
@ -1050,21 +1059,21 @@ class rcube_utils
$arr[$i] = $part;
}
return $as_array ? $arr : join(" ", $arr);
return $as_array ? $arr : implode(' ', $arr);
}
/**
* Compare two strings for matching words (order not relevant)
*
* @param string Haystack
* @param string Needle
* @param string $haystack Haystack
* @param string $needle Needle
*
* @return boolean True if match, False otherwise
* @return bool True if match, False otherwise
*/
public static function words_match($haystack, $needle)
{
$a_needle = self::tokenize_string($needle, 1);
$_haystack = join(" ", self::tokenize_string($haystack, 1));
$_haystack = implode(' ', self::tokenize_string($haystack, 1));
$valid = strlen($_haystack) > 0;
$hits = 0;
@ -1141,6 +1150,8 @@ class rcube_utils
* Safe password prompt for command line
* from http://blogs.sitepoint.com/2009/05/01/interactive-cli-password-prompt-in-php/
*
* @param string $prompt Prompt text
*
* @return string Password
*/
public static function prompt_silent($prompt = "Password:")
@ -1156,20 +1167,22 @@ class rcube_utils
return $password;
}
else {
$command = "/usr/bin/env bash -c 'echo OK'";
if (rtrim(shell_exec($command)) !== 'OK') {
echo $prompt;
$pass = trim(fgets(STDIN));
echo chr(8)."\r" . $prompt . str_repeat("*", strlen($pass))."\n";
return $pass;
}
$command = "/usr/bin/env bash -c 'read -s -p \"" . addslashes($prompt) . "\" mypassword && echo \$mypassword'";
$password = rtrim(shell_exec($command));
echo "\n";
return $password;
$command = "/usr/bin/env bash -c 'echo OK'";
if (rtrim(shell_exec($command)) !== 'OK') {
echo $prompt;
$pass = trim(fgets(STDIN));
echo chr(8)."\r" . $prompt . str_repeat("*", strlen($pass))."\n";
return $pass;
}
$command = "/usr/bin/env bash -c 'read -s -p \"" . addslashes($prompt) . "\" mypassword && echo \$mypassword'";
$password = rtrim(shell_exec($command));
echo "\n";
return $password;
}
/**
@ -1177,7 +1190,7 @@ class rcube_utils
*
* @param string $str Input value
*
* @return boolean Boolean value
* @return bool Boolean value
*/
public static function get_boolean($str)
{
@ -1188,15 +1201,18 @@ class rcube_utils
/**
* OS-dependent absolute path detection
*
* @param string $path File path
*
* @return bool True if the path is absolute, False otherwise
*/
public static function is_absolute_path($path)
{
if (strtoupper(substr(PHP_OS, 0, 3)) == 'WIN') {
return (bool) preg_match('!^[a-z]:[\\\\/]!i', $path);
}
else {
return $path[0] == '/';
}
return $path[0] == '/';
}
/**
@ -1326,7 +1342,7 @@ class rcube_utils
public static function parse_socket_options(&$options, $host = null)
{
if (empty($host) || empty($options)) {
return $options;
return;
}
// get rid of schema and port from the hostname
@ -1336,7 +1352,7 @@ class rcube_utils
}
// find per-host options
if (array_key_exists($host, $options)) {
if ($host && array_key_exists($host, $options)) {
$options = $options[$host];
}
}

138
program/lib/Roundcube/rcube_vcard.php
Unescape Escape View File

@ -89,6 +89,12 @@ class rcube_vcard
/**
* Constructor
*
* @param string $vcard vCard content
* @param string $charset Charset of string values
* @param bool $detect True if loading a 'foreign' vcard and extra heuristics
* for charset detection is required
* @param array $fieldmap Fields mapping definition
*/
public function __construct($vcard = null, $charset = RCUBE_CHARSET, $detect = false, $fieldmap = array())
{
@ -104,9 +110,10 @@ class rcube_vcard
/**
* Load record from (internal, unfolded) vcard 3.0 format
*
* @param string vCard string to parse
* @param string Charset of string values
* @param boolean True if loading a 'foreign' vcard and extra heuristics for charset detection is required
* @param string $vcard vCard string to parse
* @param string $charset Charset of string values
* @param bool $detect True if loading a 'foreign' vcard and extra heuristics
* for charset detection is required
*/
public function load($vcard, $charset = RCUBE_CHARSET, $detect = false)
{
@ -132,7 +139,7 @@ class rcube_vcard
$this->middlename = $this->raw['N'][0][2];
$this->nickname = $this->raw['NICKNAME'][0][0];
$this->organization = $this->raw['ORG'][0][0];
$this->business = ($this->raw['X-ABSHOWAS'][0][0] == 'COMPANY') || (join('', (array)$this->raw['N'][0]) == '' && !empty($this->organization));
$this->business = ($this->raw['X-ABSHOWAS'][0][0] == 'COMPANY') || (implode('', (array)$this->raw['N'][0]) == '' && !empty($this->organization));
foreach ((array)$this->raw['EMAIL'] as $i => $raw_email) {
$this->email[$i] = is_array($raw_email) ? $raw_email[0] : $raw_email;
@ -169,10 +176,13 @@ class rcube_vcard
}
}
if ($this->raw['N'][0][3])
if ($this->raw['N'][0][3]) {
$out['prefix'] = $this->raw['N'][0][3];
if ($this->raw['N'][0][4])
}
if ($this->raw['N'][0][4]) {
$out['suffix'] = $this->raw['N'][0][4];
}
// convert from raw vcard data into associative data for Roundcube
foreach (array_flip(self::$fieldmap) as $tag => $col) {
@ -185,7 +195,7 @@ class rcube_vcard
if (!empty($raw['type'])) {
$raw['type'] = array_map('strtolower', $raw['type']);
$combined = join(',', array_diff($raw['type'], array('internet', 'pref')));
$combined = implode(',', array_diff($raw['type'], array('internet', 'pref')));
$combined = strtoupper($combined);
if ($typemap[$combined]) {
@ -257,6 +267,10 @@ class rcube_vcard
/**
* Convert the data structure into a vcard 3.0 string
*
* @param bool $folder Use RFC2425 folding
*
* @return string vCard output
*/
public function export($folded = true)
{
@ -272,8 +286,8 @@ class rcube_vcard
public function reset($fields = null)
{
if (!$fields) {
$fields = array_merge(array_values(self::$fieldmap), array_keys($this->immap),
array('FN','N','ORG','NICKNAME','EMAIL','ADR','BDAY'));
$fields = array('FN', 'N', 'ORG', 'NICKNAME', 'EMAIL', 'ADR', 'BDAY');
$fields = array_merge(array_values(self::$fieldmap), array_keys($this->immap), $fields);
}
foreach ($fields as $f) {
@ -283,6 +297,7 @@ class rcube_vcard
if (!$this->raw['N']) {
$this->raw['N'] = array(array('','','','',''));
}
if (!$this->raw['FN']) {
$this->raw['FN'] = array();
}
@ -293,9 +308,9 @@ class rcube_vcard
/**
* Setter for address record fields
*
* @param string Field name
* @param string Field value
* @param string Type/section name
* @param string $field Field name
* @param mixed $value Field value
* @param string $type Type/section name
*/
public function set($field, $value, $type = 'HOME')
{
@ -374,7 +389,7 @@ class rcube_vcard
$value = $value[0] ? $value : array('', '', $value['street'], $value['locality'], $value['region'], $value['zipcode'], $value['country']);
// fall through if not empty
if (!strlen(join('', $value))) {
if (!strlen(implode('', $value))) {
break;
}
@ -402,20 +417,21 @@ class rcube_vcard
/**
* Setter for individual vcard properties
*
* @param string VCard tag name
* @param array Value-set of this vcard property
* @param boolean Set to true if the value-set should be appended instead of replacing any existing value-set
* @param string $tag VCard tag name
* @param array $value Value-set of this vcard property
* @param bool $append Set to true if the value-set should be appended
* instead of replacing any existing value-set
*/
public function set_raw($tag, $value, $append = false)
{
$index = $append && isset($this->raw[$tag]) ? count($this->raw[$tag]) : 0;
$this->raw[$tag][$index] = (array)$value;
$this->raw[$tag][$index] = (array) $value;
}
/**
* Find index with the '$type' attribute
*
* @param string Field name
* @param string $field Field name
*
* @return int Field index having $type set
*/
@ -457,6 +473,8 @@ class rcube_vcard
/**
* Extends fieldmap definition
*
* @param array $map Field mapping definition
*/
public function extend_fieldmap($map)
{
@ -468,9 +486,9 @@ class rcube_vcard
/**
* Factory method to import a vcard file
*
* @param string vCard file content
* @param string $data vCard file content
*
* @return array List of rcube_vcard objects
* @return rcube_vcard[] List of rcube_vcard objects
*/
public static function import($data)
{
@ -520,7 +538,7 @@ class rcube_vcard
/**
* Normalize vcard data for better parsing
*
* @param string vCard block
* @param string $vcard vCard block
*
* @return string Cleaned vcard block
*/
@ -558,22 +576,38 @@ class rcube_vcard
return $vcard;
}
/**
* Apple X-ABRELATEDNAMES converter callback
*
* @param array $matches Matching entries
*
* @return string Replacement string
*/
private static function x_abrelatednames_callback($matches)
{
return 'X-' . strtoupper($matches[5]) . $matches[3] . ':'. $matches[4];
}
/**
* RFC2425 folding callback
*
* @param array $matches Matching entries
*
* @return string Replacement string
*/
private static function rfc2425_fold_callback($matches)
{
// chunk_split string and avoid lines breaking multibyte characters
$c = 71;
$out .= substr($matches[1], 0, $c);
for ($n = $c; $c < strlen($matches[1]); $c++) {
// break if length > 75 or mutlibyte character starts after position 71
if ($n > 75 || ($n > 71 && ord($matches[1][$c]) >> 6 == 3)) {
$out .= "\r\n ";
$n = 0;
}
$out .= $matches[1][$c];
$n++;
}
@ -581,16 +615,22 @@ class rcube_vcard
return $out;
}
/**
* Apply RFC2425 folding to a vCard content
*
* @param string $val vCard content
*
* @retunr string Folded vCard string
*/
public static function rfc2425_fold($val)
{
return preg_replace_callback('/([^\n]{72,})/', array('self', 'rfc2425_fold_callback'), $val);
}
/**
* Decodes a vcard block (vcard 3.0 format, unfolded)
* into an array structure
* Decodes a vcard block (vcard 3.0 format, unfolded) into an array structure
*
* @param string vCard block to parse
* @param string $vcard vCard block to parse
*
* @return array Raw data structure
*/
@ -691,8 +731,8 @@ class rcube_vcard
/**
* Decode a given string with the encoding rule from ENCODING attributes
*
* @param string String to decode
* @param string Encoding type (quoted-printable and base64 supported)
* @param string $value String to decode
* @param string $encoding Encoding type (quoted-printable and base64 supported)
*
* @return string Decoded 8bit value
*/
@ -716,7 +756,7 @@ class rcube_vcard
/**
* Encodes an entry for storage in our database (vcard 3.0 format, unfolded)
*
* @param array Raw data structure to encode
* @param array $data Raw data structure to encode
*
* @return string vCard encoded string
*/
@ -782,32 +822,35 @@ class rcube_vcard
/**
* Join indexed data array to a vcard quoted string
*
* @param array Field data
* @param string Separator
* @param array $str Field data
* @param string $sep Separator
*
* @return string Joined and quoted string
*/
public static function vcard_quote($s, $sep = ';')
public static function vcard_quote($str, $sep = ';')
{
if (is_array($s)) {
foreach ($s as $part) {
if (is_array($str)) {
$r = array();
foreach ($str as $part) {
$r[] = self::vcard_quote($part, $sep);
}
return(implode($sep, (array)$r));
return(implode($sep, $r));
}
return strtr($s, array('\\' => '\\\\', "\r" => '', "\n" => '\n', $sep => '\\'.$sep));
return strtr($str, array("\\" => "\\\\", "\r" => '', "\n" => '\n', $sep => "\\$sep"));
}
/**
* Split quoted string
*
* @param string vCard string to split
* @param string Separator char/string
* @param string $str vCard string to split
* @param string $sep Separator char/string
*
* @return array List with splited values
*/
private static function vcard_unquote($s, $sep = ';')
private static function vcard_unquote($str, $sep = ';')
{
// break string into parts separated by $sep
if (!empty($sep)) {
@ -815,36 +858,37 @@ class rcube_vcard
$rep1 = array("\\\\" => "\010", "\\$sep" => "\007");
$rep2 = array("\007" => "\\$sep", "\010" => "\\\\");
if (count($parts = explode($sep, strtr($s, $rep1))) > 1) {
if (count($parts = explode($sep, strtr($str, $rep1))) > 1) {
foreach ($parts as $s) {
$result[] = self::vcard_unquote(strtr($s, $rep2));
}
return $result;
}
$s = trim(strtr($s, $rep2));
$str = trim(strtr($str, $rep2));
}
// some implementations (GMail) use non-standard backslash before colon (#1489085)
// we will handle properly any backslashed character - removing dummy backslahes
// return strtr($s, array("\r" => '', '\\\\' => '\\', '\n' => "\n", '\N' => "\n", '\,' => ',', '\;' => ';'));
// return strtr($str, array("\r" => '', '\\\\' => '\\', '\n' => "\n", '\N' => "\n", '\,' => ',', '\;' => ';'));
$s = str_replace("\r", '', $s);
$str = str_replace("\r", '', $str);
$pos = 0;
while (($pos = strpos($s, '\\', $pos)) !== false) {
$next = substr($s, $pos + 1, 1);
while (($pos = strpos($str, "\\", $pos)) !== false) {
$next = substr($str, $pos + 1, 1);
if ($next == 'n' || $next == 'N') {
$s = substr_replace($s, "\n", $pos, 2);
$str = substr_replace($str, "\n", $pos, 2);
}
else {
$s = substr_replace($s, '', $pos, 1);
$str = substr_replace($str, '', $pos, 1);
}
$pos += 1;
}
return $s;
return $str;
}
/**
@ -869,7 +913,7 @@ class rcube_vcard
/**
* Returns UNICODE type based on BOM (Byte Order Mark)
*
* @param string Input string to test
* @param string $string Input string to test
*
* @return string Detected encoding
*/

159
program/lib/Roundcube/rcube_washtml.php
Unescape Escape View File

@ -42,40 +42,6 @@
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
OVERVIEW:
Wahstml take an untrusted HTML and return a safe html string.
SYNOPSIS:
$washer = new washtml($config);
$washer->wash($html);
It return a sanityzed string of the $html parameter without html and head tags.
$html is a string containing the html code to wash.
$config is an array containing options:
$config['allow_remote'] is a boolean to allow link to remote resources (images/css).
$config['blocked_src'] string with image-src to be used for blocked remote images
$config['show_washed'] is a boolean to include washed out attributes as x-washed
$config['cid_map'] is an array where cid urls index urls to replace them.
$config['charset'] is a string containing the charset of the HTML document if it is not defined in it.
$washer->extlinks is a reference to a boolean that is set to true if remote images were removed. (FE: show remote images link)
INTERNALS:
Only tags and attributes in the static lists $html_elements and $html_attributes
are kept, inline styles are also filtered: all style identifiers matching
/[a-z\-]/i are allowed. Values matching colors, sizes, /[a-z\-]/i and safe
urls if allowed and cid urls if mapped are kept.
Roundcube Changes:
- added $block_elements
- changed $ignore_elements behaviour
- added RFC2397 support
- base URL support
- invalid HTML comments removal before parsing
- "fixing" unitless CSS values for XHTML output
- SVG and MathML support
*/
/**
@ -86,7 +52,9 @@
*/
class rcube_washtml
{
/* Allowed HTML elements (default) */
/**
* @var array Allowed HTML elements (default)
*/
static $html_elements = array('a', 'abbr', 'acronym', 'address', 'area', 'b',
'basefont', 'bdo', 'big', 'blockquote', 'br', 'caption', 'center',
'cite', 'code', 'col', 'colgroup', 'dd', 'del', 'dfn', 'dir', 'div', 'dl',
@ -121,10 +89,14 @@ class rcube_washtml
'bvar', 'lowlimit', 'uplimit',
);
/* Ignore these HTML tags and their content */
/**
* @var array Ignore these HTML tags and their content
*/
static $ignore_elements = array('script', 'applet', 'embed', 'object', 'style');
/* Allowed HTML attributes */
/**
* @var array Allowed HTML attributes
*/
static $html_attribs = array('name', 'class', 'title', 'alt', 'width', 'height',
'align', 'nowrap', 'col', 'row', 'id', 'rowspan', 'colspan', 'cellspacing',
'cellpadding', 'valign', 'bgcolor', 'color', 'border', 'bordercolorlight',
@ -173,7 +145,9 @@ class rcube_washtml
'fontsize', 'fontweight', 'fontstyle', 'fontfamily', 'groupalign', 'edge', 'side',
);
/* Elements which could be empty and be returned in short form (<tag />) */
/**
* @var array Elements which could be empty and be returned in short form (<tag />)
*/
static $void_elements = array('area', 'base', 'br', 'col', 'command', 'embed', 'hr',
'img', 'input', 'keygen', 'link', 'meta', 'param', 'source', 'track', 'wbr',
// MathML
@ -181,38 +155,52 @@ class rcube_washtml
'maligngroup', 'none', 'mprescripts',
);
/* State for linked objects in HTML */
/** @var bool State indicating existence of linked objects in HTML */
public $extlinks = false;
/* Current settings */
/** @var array Current settings */
private $config = array();
/* Registered callback functions for tags */
/** @var array Registered callback functions for tags */
private $handlers = array();
/* Allowed HTML elements */
/** @var array Allowed HTML elements */
private $_html_elements = array();
/* Ignore these HTML tags but process their content */
/** @var array Ignore these HTML tags but process their content */
private $_ignore_elements = array();
/* Elements which could be empty and be returned in short form (<tag />) */
/** @var array Elements which could be empty and be returned in short form (<tag />) */
private $_void_elements = array();
/* Allowed HTML attributes */
/** @var array Allowed HTML attributes */
private $_html_attribs = array();
/* A prefix to be added to id/class/for attribute values */
/** @var string A prefix to be added to id/class/for attribute values */
private $_css_prefix;
/* Max nesting level */
/** @var int Max nesting level */
private $max_nesting_level;
/** @var bool True if current document is XML */
private $is_xml = false;
/**
* Class constructor
*
* @param array $p Configuration options:
* allow_remote: is a boolean to allow link to remote resources (images/css)
* blocked_src: string with image-src to be used for blocked remote images
* show_washed: is a boolean to include washed out attributes as x-washed
* cid_map: is an array where cid urls index urls to replace them
* charset: is a string containing the charset of the HTML document,
* to be used if the charset is not defined in the document
* css_prefix: A prefix to be added to id/class/for attribute values
* html_elements: Additional allowed HTML elements
* ignore_elements: Additional HTML elements to ignore
* html_attribs: Additional allowed HTML attributes
* void_elements: Elements which could be empty and be returned in short form (<tag />)
*/
public function __construct($p = array())
{
@ -222,21 +210,28 @@ class rcube_washtml
$this->_void_elements = array_flip((array)$p['void_elements']) + array_flip(self::$void_elements);
$this->_css_prefix = is_string($p['css_prefix']) && strlen($p['css_prefix']) ? $p['css_prefix'] : null;
unset($p['html_elements'], $p['html_attribs'], $p['ignore_elements'], $p['void_elements']);
unset($p['html_elements'], $p['html_attribs'], $p['ignore_elements'], $p['void_elements'], $p['css_prefix']);
$this->config = $p + array('show_washed' => true, 'allow_remote' => false, 'cid_map' => array());
}
/**
* Register a callback function for a certain tag
*
* @param string $tag HTML tag name
* @param callback $callback Callback function
*/
public function add_callback($tagName, $callback)
public function add_callback($tag, $callback)
{
$this->handlers[$tagName] = $callback;
$this->handlers[$tag] = $callback;
}
/**
* Check CSS style
*
* @param string $style CSS style
*
* @return string Washed CSS style
*/
private function wash_style($style)
{
@ -291,6 +286,10 @@ class rcube_washtml
/**
* Take a node and return allowed attributes and check values
*
* @param DOMNode $node Document element
*
* @return string Washed element attributes
*/
private function wash_attribs($node)
{
@ -373,6 +372,12 @@ class rcube_washtml
/**
* Wash URI value
*
* @param string $uri URI
* @param bool $blocked_source Block remote source
* @param bool $is_image URI points to an image
*
* @return string Washed URI
*/
private function wash_uri($uri, $blocked_source = false, $is_image = true)
{
@ -404,6 +409,11 @@ class rcube_washtml
/**
* Check it the tag/attribute may contain an URI
*
* @param string $tag Element name
* @param string $attr Attribute name
*
* @return bool True if attribute may contain an URI, False otherwise
*/
private function is_link_attribute($tag, $attr)
{
@ -412,6 +422,11 @@ class rcube_washtml
/**
* Check it the tag/attribute may contain an image URI
*
* @param string $tag Element name
* @param string $attr Attribute name
*
* @return bool True if attribute may contain an image URI, False otherwise
*/
private function is_image_attribute($tag, $attr)
{
@ -424,6 +439,11 @@ class rcube_washtml
/**
* Check it the tag/attribute may contain a FUNCIRI value
*
* @param string $tag Element name
* @param string $attr Attribute name
*
* @return bool True if attribute may contain a FUNCIRI value, False otherwise
*/
private function is_funciri_attribute($tag, $attr)
{
@ -437,6 +457,8 @@ class rcube_washtml
*
* @param DOMNode $node HTML element
* @param int $level Recurrence level (safe initial value found empirically)
*
* @return string HTML content
*/
private function dumpHtml($node, $level = 20)
{
@ -455,6 +477,7 @@ class rcube_washtml
'message' => "Maximum nesting level exceeded (xdebug.max_nesting_level={$this->max_nesting_level})"),
true, false);
}
return '<!-- ignored -->';
}
@ -535,6 +558,10 @@ class rcube_washtml
/**
* Main function, give it untrusted HTML, tell it if you allow loading
* remote images and give it a map to convert "cid:" urls.
*
* @param string $html HTML content
*
* @return string Washed HTML content
*/
public function wash($html)
{
@ -579,6 +606,10 @@ class rcube_washtml
/**
* Getter for config parameters
*
* @param string $prop Configuration parameter name
*
* @return mixed Configuration parameter value
*/
public function get_config($prop)
{
@ -587,6 +618,10 @@ class rcube_washtml
/**
* Clean HTML input
*
* @param string $html HTML content
*
* @return string Clean HTML content
*/
private function cleanup($html)
{
@ -667,6 +702,10 @@ class rcube_washtml
/**
* Callback function for HTML tags fixing
*
* @param array $matches Matched elements (from preg_replace_callback())
*
* @return string Replacement string
*/
public static function html_tag_callback($matches)
{
@ -692,6 +731,10 @@ class rcube_washtml
/**
* Convert all relative URLs according to a <base> in HTML
*
* @param string $body HTML body
*
* @return string HTML body
*/
public static function resolve_base($body)
{
@ -706,6 +749,8 @@ class rcube_washtml
/**
* Fix broken nested lists, they are not handled properly by DOMDocument (#1488768)
*
* @param string &$html HTML content
*/
public static function fix_broken_lists(&$html)
{
@ -735,8 +780,8 @@ class rcube_washtml
// li close tag
else if ($tt == '</li' && in_array($html[$p+4], array(' ', '>'))) {
$li_pos = $p;
$in_li = false;
$p += 4;
$in_li = false;
}
// ul/ol closing tag
else if ($tt == '</' . $tag && in_array($html[$p+4], array(' ', '>'))) {
@ -764,8 +809,8 @@ class rcube_washtml
$element = substr($html, $p, $len);
// move element to the end of the last li
$html = substr_replace($html, '', $p, $len);
$html = substr_replace($html, $element, $li_pos, 0);
$html = substr_replace($html, '', $p, $len);
$html = substr_replace($html, $element, $li_pos, 0);
$p = $end;
}
@ -779,6 +824,10 @@ class rcube_washtml
/**
* Cleanup and workarounds on input to Masterminds/HTML5
*
* @param string $html HTML content
*
* @return string HTML content
*/
protected function fix_html5($html)
{
@ -812,6 +861,10 @@ class rcube_washtml
/**
* Explode css style value
*
* @param string $style CSS style
*
* @return array List of CSS rules
*/
protected function explode_style($style)
{

Write Preview
Loading…
Cancel
Save