SquirrelMail

Check-in [a0f3042315]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:PHP deprecated regexp nonsense.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | trunk
Files: files | file ages | folders
SHA3-256:a0f30423159683b62629c316c05f9903a6f53047e9c0cafcefc0c60492ef3ff5
User & Date: vandys 2019-02-21 05:36:34
Context
2019-02-21
05:36
PHP deprecated regexp nonsense. Leaf check-in: a0f3042315 user: vandys tags: trunk
2018-10-28
14:55
Security patch from Debian check-in: 3baa0de570 user: ajv tags: trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to functions/decode/utf_8.php.

69
70
71
72
73
74
75

76
77



78
79
80

81
82



83
84
85

86
87


88
89
90
91
92
93
94
    /* (i think currently there is no such symbol)
    $string = preg_replace("/([\370-\373])([\200-\277])([\200-\277])([\200-\277])([\200-\277])/e",
    "'&#'.((ord('\\1')-248)*16777216+(ord('\\2')-200)*262144+(ord('\\3')-128)*4096+(ord('\\4')-128)*64+(ord('\\5')-128)).';'",
    $string);
    */

    // decode four byte unicode characters

    $string = preg_replace("/([\360-\367])([\200-\277])([\200-\277])([\200-\277])/e",
    "'&#'.((ord('\\1')-240)*262144+(ord('\\2')-128)*4096+(ord('\\3')-128)*64+(ord('\\4')-128)).';'",



    $string);

    // decode three byte unicode characters

    $string = preg_replace("/([\340-\357])([\200-\277])([\200-\277])/e",
    "'&#'.((ord('\\1')-224)*4096+(ord('\\2')-128)*64+(ord('\\3')-128)).';'",



    $string);

    // decode two byte unicode characters

    $string = preg_replace("/([\300-\337])([\200-\277])/e",
    "'&#'.((ord('\\1')-192)*64+(ord('\\2')-128)).';'",


    $string);

    // remove broken unicode
    $string = preg_replace("/[\200-\237]|\240|[\241-\377]/",'?',$string);

    return $string;
}







>
|
<
>
>
>
|


>
|
<
>
>
>
|


>
|
<
>
>
|






69
70
71
72
73
74
75
76
77

78
79
80
81
82
83
84
85

86
87
88
89
90
91
92
93

94
95
96
97
98
99
100
101
102
    /* (i think currently there is no such symbol)
    $string = preg_replace("/([\370-\373])([\200-\277])([\200-\277])([\200-\277])([\200-\277])/e",
    "'&#'.((ord('\\1')-248)*16777216+(ord('\\2')-200)*262144+(ord('\\3')-128)*4096+(ord('\\4')-128)*64+(ord('\\5')-128)).';'",
    $string);
    */

    // decode four byte unicode characters
    $string = preg_replace_callback(
     "/([\360-\367])([\200-\277])([\200-\277])([\200-\277])/",

     function($m) { return 
      '&#' . ((ord($m[1])-240)*262144 + (ord($m[2])-128)*4096 +
       (ord($m[3])-128)*64 + (ord('\\4')-128)) . ';' ; },
     $string);

    // decode three byte unicode characters
    $string = preg_replace_callback(
     "/([\340-\357])([\200-\277])([\200-\277])/",

     function($m) { return
      '&#' . ((ord($m[1])-224)*4096 +
       (ord($m[2])-128)*64+(ord($m[3])-128)) . ';' ; },
     $string);

    // decode two byte unicode characters
    $string = preg_replace_callback(
     "/([\300-\337])([\200-\277])/",

     function($m) { return
      '&#' . ((ord($m[1])-192)*64 + (ord($m[2])-128)) . ';' ; },
     $string);

    // remove broken unicode
    $string = preg_replace("/[\200-\237]|\240|[\241-\377]/",'?',$string);

    return $string;
}

Changes to functions/mime.php.

698
699
700
701
702
703
704
705

706
707
708
709
710
711
712
713
                        // string is not converted, but still sanitized
                        $replace = sm_encode_html_special_chars($replace);
                    }
                    $ret.= $replace;
                    break;
                case 'Q':
                    $replace = str_replace('_', ' ', $res[4]);
                    $replace = preg_replace('/=([0-9a-f]{2})/ie', 'chr(hexdec("\1"))',

                            $replace);
                    if ($can_be_encoded) {
                        // string is converted from one charset to another. sanitizing depends on $htmlsave
                        $replace = charset_convert($res[2], $replace,$default_charset,$htmlsave);
                    } elseif ($utfencode) {
                        // string is converted to html entities and sanitized
                        $replace = charset_decode($res[2], $replace);
                    } elseif ($htmlsave) {







|
>
|







698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
                        // string is not converted, but still sanitized
                        $replace = sm_encode_html_special_chars($replace);
                    }
                    $ret.= $replace;
                    break;
                case 'Q':
                    $replace = str_replace('_', ' ', $res[4]);
                    $replace = preg_replace_callback('/=([0-9a-f]{2})/i',
			function($m) { return chr(hexdec($m[1])); },
			$replace);
                    if ($can_be_encoded) {
                        // string is converted from one charset to another. sanitizing depends on $htmlsave
                        $replace = charset_convert($res[2], $replace,$default_charset,$htmlsave);
                    } elseif ($utfencode) {
                        // string is converted to html entities and sanitized
                        $replace = charset_decode($res[2], $replace);
                    } elseif ($htmlsave) {