holm/egroupware
1
1
Fork 0
forked from extern/egroupware
Code Issues Pull Requests Packages Projects Releases Wiki Activity

* eMail: allow email specific style definitions; allow class for certain html elements;

Browse Source
This commit is contained in:
Klaus Leithoff 2011-05-06 11:37:32 +00:00
parent 22ab402ae1
commit 0d4aff73f1
2 changed files with 47 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
felamimail/inc/class.bofelamimail.inc.php
View File

@ -885,20 +885,20 @@
// actual allowed tags and attributes
$config->set('URI.AllowedSchemes', array('http'=>true, 'https'=>true, 'ftp'=>true, 'file'=>true, 'mailto' => true, 'cid'=>true));
$config->set('AutoFormat.RemoveEmpty', true);
$config->set('HTML.Allowed', 'br,p[align],b,i,u,s,em,pre,tt,strong,strike,center,div[align],hr[class|style],'.
'font[size|color],'.
'ul[type],ol[type|start],li,'.
$config->set('HTML.Allowed', 'br,p[class|align],b,i,u,s,em,pre,tt,strong,strike,center,div[align],hr[class|style],'.
'font[class|size|color],'.
'ul[class|type],ol[class|type|start],li,'.
'h1,h2,h3,'.
'span[class|style],'.
'table[class|border|cellpadding|cellspacing|width|style|align|bgcolor|align],'.
'tbody,thead,tfoot,colgroup,'.
'col[width|span],'.
'col[class|width|span],'.
'blockquote[class|cite|dir],'.
'tr[class|style|align|bgcolor|align|valign],'.
'td[class|colspan|rowspan|width|style|align|bgcolor|align|valign|nowrap],'.
'th[class|colspan|rowspan|width|style|align|bgcolor|align|valign|nowrap],'.
'a[href|target|name|title],'.
'img[src|alt|title]');
'a[class|href|target|name|title],'.
'img[class|src|alt|title]');
$DisableExternalResources = true;
if ($GLOBALS['egw_info']['user']['preferences']['felamimail']['allowExternalIMGs']) $DisableExternalResources = false;
$config->set('URI.DisableExternalResources',$DisableExternalResources);
@ -958,6 +958,7 @@
#);
$kses->AddHTML(
'p', array(
"class" => array('maxlen' => 20),
'align' => array('minlen' => 1, 'maxlen' => 10)
)
);
@ -975,6 +976,7 @@
$kses->AddHTML("center");
$kses->AddHTML(
"font",array(
"class" => array('maxlen' => 20),
"color" => array('maxlen' => 20),
"size"=>array('maxlen'=>2)
)
@ -987,13 +989,14 @@
);
$kses->AddHTML(
"div",array(
# 'class' => array(),
"class" => array('maxlen' => 20),
'align' => array('maxlen' => 10)
)
);
$kses->AddHTML("ul");
$kses->AddHTML(
"ol",array(
"class" => array('maxlen' => 20),
"type" => array('maxlen' => 20)
)
);
@ -1013,6 +1016,7 @@
$kses->AddHTML("select");
$kses->AddHTML(
"option",array(
"class" => array('maxlen' => 20),
"value" => array('maxlen' => 45),
"selected" => array()
)
@ -1020,6 +1024,7 @@
$kses->AddHTML(
"a", array(
"class" => array('maxlen' => 20),
"href" => array('maxlen' => 348, 'minlen' => 10),
"name" => array('minlen' => 2),
'target' => array('maxlen' => 10)
@ -1028,6 +1033,7 @@
$kses->AddHTML(
"pre", array(
"class" => array('maxlen' => 20),
"wrap" => array('maxlen' => 10)
)
);
@ -1108,6 +1114,7 @@
);
$kses->AddHTML(
'img',array(
"class" => array('maxlen' => 20),
"src" => array("minlen" => 4, 'maxlen' => 384, $GLOBALS['egw_info']['user']['preferences']['felamimail']['allowExternalIMGs'] ? '' : 'match' => '/^cid:.*/'),
"align" => array("minlen" => 1),
"border" => array('maxlen' => 30),

37
felamimail/inc/class.uidisplay.inc.php
View File

@ -211,7 +211,8 @@
);
$link = $GLOBALS['egw']->link('/index.php',$linkData);
//error_log(__METHOD__." link:".$link.'#<br>');
return "<a href='#' onclick='egw_openWindowCentered(\"$link\",\"compose\",700,egw_getWindowOuterHeight());' ><font color=\"blue\">".$text."</font></a>";
//return "<a href='#' onclick='egw_openWindowCentered(\"$link\",\"compose\",700,egw_getWindowOuterHeight());' ><font color=\"blue\">".$text."</font></a>";
return "<a href=\"$link\" target=\"compose\" onclick=\"window.open(this,this.target,'dependent=yes,width=700,height=egw_getWindowOuterHeight(),location=no,menubar=no,toolbar=no,scrollbars=yes,status=yes'); return false;\"><font color=\"blue\">".$text."</font></a>";
}
function highlightQuotes($text, $level = 5)
@ -968,8 +969,16 @@ pre {
common::egw_header();
}
static function get_email_header()
static function get_email_header($additionalStyle='')
{
//error_log(__METHOD__.__LINE__.$additionalStyle);
// CSS Security
// http://code.google.com/p/browsersec/wiki/Part1#Cascading_stylesheets
$css = preg_replace('/(javascript|expession|-moz-binding)/i','',$additionalStyle);
bofelamimail::replaceTagsCompletley($css,'script'); // Strip out script that may be included
// we need this, as styledefinitions are enclosed with curly brackets; and template stuuff tries to replace everything between curly brackets that is having no horizontal whitespace
$css = str_replace(':',': ',$css);
// TODO: we may have to strip urls and maybe comments and ifs
return '
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
@ -980,7 +989,7 @@ pre {
font-family: Verdana, Arial, Helvetica,sans-serif;
font-size: 11px;
}
</style>
</style>'.$css.'
</head>
<body>
';
@ -992,7 +1001,7 @@ pre {
// Compose the content of the frame
$frameHtml =
$this->get_email_header().
$this->get_email_header($this->getStyles($bodyParts)).
$this->showBody($this->getdisplayableBody($bodyParts), false);
// Calculate the hash of that E-Mail for function identification
@ -1269,6 +1278,26 @@ pre {
exit;
}
function &getStyles($_bodyParts)
{
$style = '';
if (empty($_bodyParts)) return "";
foreach((array)$_bodyParts as $singleBodyPart) {
if (!isset($singleBodyPart['body'])) {
$singleBodyPart['body'] = $this->getStyles($singleBodyPart);
$style .= $singleBodyPart['body'];
continue;
}
$ct = preg_match_all('#<style(?:\s.*)?>(.+)</style>#isU', $singleBodyPart['body'], $newStyle);
if ($ct>0)
{
//error_log(__METHOD__.__LINE__.array2string($newStyle[0]));
$style .= implode('',$newStyle[0]);
}
}
return $style;
}
function &getdisplayableBody($_bodyParts)
{
$bodyParts = $_bodyParts;