extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2025-06-25 20:32:31 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix problem regarding the cleaning of Word-HTML Style eMails

Browse Source
This commit is contained in:
Klaus Leithoff 2012-12-04 14:21:09 +00:00
parent 28bf96d79a
commit a1b63e9aeb
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
felamimail/inc/class.felamimail_bo.inc.php
View File

@ -48,7 +48,7 @@ class felamimail_bo
'keep_bad'=>2, //remove tags but keep element content (4 and 6 keep element content only if text (pcdata) is valid in parent element as per specs, this may lead to textloss if balance is switched on) 'keep_bad'=>2, //remove tags but keep element content (4 and 6 keep element content only if text (pcdata) is valid in parent element as per specs, this may lead to textloss if balance is switched on)
'balance'=>1,//turn off tag-balancing (config['balance']=>0). That will not introduce any security risk; only standards-compliant tag nesting check/filtering will be turned off (basic tag-balance will remain; i.e., there won't be any unclosed tag, etc., after filtering) 'balance'=>1,//turn off tag-balancing (config['balance']=>0). That will not introduce any security risk; only standards-compliant tag nesting check/filtering will be turned off (basic tag-balance will remain; i.e., there won't be any unclosed tag, etc., after filtering)
'direct_list_nest' => 1, 'direct_list_nest' => 1,
'allow_for_inline' => array('table','li'),//block elements allowed for nesting when only inline is allowed; Example span does not allow block elements as table; table is the only element tested so far 'allow_for_inline' => array('table','li','p'),//block elements allowed for nesting when only inline is allowed; Example span does not allow block elements as table; table is the only element tested so far
'tidy'=>1, 'tidy'=>1,
'elements' => "* -script", 'elements' => "* -script",
'deny_attribute' => 'on*', 'deny_attribute' => 'on*',
@ -1314,7 +1314,8 @@ class felamimail_bo
//$_html = str_replace("\t",' ',$_html); //$_html = str_replace("\t",' ',$_html);
//error_log($_html); //error_log($_html);
//repair doubleencoded ampersands, and some stuff htmLawed stumbles upon with balancing switched on //repair doubleencoded ampersands, and some stuff htmLawed stumbles upon with balancing switched on
$_html = str_replace(array('&amp;amp;','<DIV><BR></DIV>',"<DIV>&nbsp;</DIV>",'<div>&nbsp;</div>','</td></font>','<br><td>','<tr></tr>'),array('&amp;','<BR>','<BR>','<BR>','</font></td>','<td>',''),$_html); $_html = str_replace(array('&amp;amp;','<DIV><BR></DIV>',"<DIV>&nbsp;</DIV>",'<div>&nbsp;</div>','</td></font>','<br><td>','<tr></tr>','<o:p></o:p>','<o:p>','</o:p>'),
array('&amp;', '<BR>', '<BR>', '<BR>', '</font></td>','<td>', '', '', '<p>', '</p>'),$_html);
//$_html = str_replace(array('&amp;amp;'),array('&amp;'),$_html); //$_html = str_replace(array('&amp;amp;'),array('&amp;'),$_html);
if (stripos($_html,'style')!==false) self::replaceTagsCompletley($_html,'style'); // clean out empty or pagewide style definitions / left over tags if (stripos($_html,'style')!==false) self::replaceTagsCompletley($_html,'style'); // clean out empty or pagewide style definitions / left over tags
if (stripos($_html,'head')!==false) self::replaceTagsCompletley($_html,'head'); // Strip out stuff in head if (stripos($_html,'head')!==false) self::replaceTagsCompletley($_html,'head'); // Strip out stuff in head