'; $source = strip_tags($source, $allowedTags); return preg_replace('/<(.*?)>/ie', "'<'.removeEvilAttributes('\\1').'>'", $source); } /** * @return string * @param string * @desc Strip forbidden attributes from a tag */ function removeEvilAttributes($tagSource) { $stripAttrib = 'javascript:|onclick|ondblclick|onmousedown|onmouseup|onmouseover|'. 'onmousemove|onmouseout|onkeypress|onkeydown|onkeyup'; return stripslashes(preg_replace("/$stripAttrib/i", '', $tagSource)); } /******************************************************************************** * HEADER STUFF */ function _headerdecode($charset, $c, $str) { $s = ($c == 'Q') ? quoted_printable_decode($str) : base64_decode($str); $s = iconv($charset, 'iso-8859-15', $s); return str_replace('_', ' ', $s); } function headerDecode($value) { $val = preg_replace('/(=\?[^?]*\?[BQ]\?[^?]*\?=) (=\?[^?]*\?[BQ]\?[^?]*\?=)/', '\1\2', $value); return preg_replace('/=\?([^?]*)\?([BQ])\?([^?]*)\?=/e', '_headerdecode("\1", "\2", "\3")', $val); } function headerEncode($value, $trim = 0) { if ($trim) { if (strlen($value) > $trim) { $value = substr($value, 0, $trim) . "[...]"; } } return "=?UTF-8?B?".base64_encode($value)."?="; } function header_translate($hdr) { switch ($hdr) { case 'from': return _b_('De'); case 'subject': return _b_('Sujet'); case 'newsgroups': return _b_('Forums'); case 'followup-to': return _b_('Suivi-à'); case 'date': return _b_('Date'); case 'organization': return _b_('Organisation'); case 'references': return _b_('Références'); case 'x-face': return _b_('Image'); default: if (function_exists('hook_headerTranslate') && $res = hook_headerTranslate($hdr)) { return $res; } return $hdr; } } function formatDisplayHeader($_header,$_text) { global $banana; switch ($_header) { case "date": return formatDate($_text); case "followup-to": case "newsgroups": $res = ""; $groups = preg_split("/[\t ]*,[\t ]*/",$_text); foreach ($groups as $g) { $res.="$g, "; } return substr($res,0, -2); case "from": return formatFrom($_text); case "references": $rsl = ""; $ndx = 1; $text = str_replace("><","> <",$_text); $text = preg_split("/[ \t]/",strtr($text,$banana->spool->ids)); $parents = preg_grep("/^\d+$/",$text); $p = array_pop($parents); $par_ok = Array(); while ($p) { $par_ok[]=$p; $p = $banana->spool->overview[$p]->parent; } foreach (array_reverse($par_ok) as $p) { $rsl .= "spool->group}&artid=$p\">$ndx "; $ndx++; } return $rsl; case "x-face": return ''; default: if (function_exists('hook_formatDisplayHeader') && $res = hook_formatDisplayHeader($_header, $_text)) { return $res; } return htmlentities($_text); } } /******************************************************************************** * FORMATTING STUFF */ function formatDate($_text) { return strftime("%A %d %B %Y, %H:%M (fuseau serveur)", strtotime($_text)); } function fancyDate($stamp) { $today = intval(time() / (24*3600)); $dday = intval($stamp / (24*3600)); if ($today == $dday) { $format = "%H:%M"; } elseif ($today == 1 + $dday) { $format = _b_('hier')." %H:%M"; } elseif ($today < 7 + $dday) { $format = '%a %H:%M'; } else { $format = '%a %e %b'; } return strftime($format, $stamp); } function formatFrom($text) { # From: mark@cbosgd.ATT.COM # From: mark@cbosgd.ATT.COM (Mark Horton) # From: Mark Horton $mailto = '".htmlentities($regs[1]."@".$regs[2]).""; } if (preg_match("/^([^ ]+)@([^ ]+) \((.*)\)$/",$text,$regs)) { $result="$mailto{$regs[1]}@{$regs[2]}\">".htmlentities($regs[3])."
]*>|
)@", "\\1
-- \\2", $res);
$res = preg_replace("@
\n?-- \n?(
]*>)@", "
--
\\2", $res);
$parts = preg_split("@(:?
]*>\n?-- \n?
|'.$sign; } return $res.$sign; } else { return $res; } } ?>