Rev 2 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 2 | Rev 3 | ||
|---|---|---|---|
| Line 17... | Line 17... | ||
| 17 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
17 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 18 | * See the License for the specific language governing permissions and |
18 | * See the License for the specific language governing permissions and |
| 19 | * limitations under the License. |
19 | * limitations under the License. |
| 20 | */ |
20 | */ |
| 21 | 21 | ||
| 22 | // TODO: getHeaders() als single string , attachments , remove headers etc, headers als array in/out, Braucht man auch ein addRawHeader()? |
22 | // TODO: getHeaders() as single string , attachments , remove headers etc, headers as array in/out, do you also need addRawHeader()? |
| 23 | 23 | ||
| 24 | class SecureMailer { |
24 | class SecureMailer { |
| 25 | private $headers = ''; |
25 | private $headers = ''; |
| 26 | 26 | ||
| 27 | // TODO: sollte eher private sein, geht aber net |
27 | // TODO: This should rather be private, but it won't work |
| 28 | const endl = "\n"; // GMX will kein CRLF! wtf?! (Unter Postfix in Linux) |
28 | const endl = "\n"; // GMX doesn't like CRLF! wtf?! (tested in Postfix in Linux) |
| 29 | 29 | ||
| 30 | private function QB_SECURE_MAIL_PARAM($param_ = '', $level_ = 2) { |
30 | private function QB_SECURE_MAIL_PARAM($param_ = '', $level_ = 2) { |
| 31 | // Verhindert Mail-Header-Injections |
31 | // Prevents eMail header injections |
| 32 | // Quelle: http://www.erich-kachel.de/?p=26 |
32 | // Source: http://www.erich-kachel.de/?p=26 (modified) |
| 33 | 33 | ||
| 34 | /* replace until done */ |
34 | /* replace until done */ |
| - | 35 | $filtered = null; |
|
| 35 | while (!isset($filtered) || ($param_ != $filtered)) { |
36 | while (is_null($filtered) || ($param_ != $filtered)) { |
| 36 | if (isset($filtered)) { |
37 | if (!is_null($filtered)) { |
| 37 | $param_ = $filtered; |
38 | $param_ = $filtered; |
| 38 | } |
39 | } |
| 39 | 40 | ||
| 40 | $filtered = preg_replace("/(Content-Transfer-Encoding:|MIME-Version:|content-type:|Subject:|to:|cc:|bcc:|from:|reply-to:)/ims", '', $param_); |
41 | $filtered = preg_replace("/(Content-Transfer-Encoding:|MIME-Version:|content-type:|Subject:|to:|cc:|bcc:|from:|reply-to:)/ims", '', $param_); |
| 41 | } |
42 | } |
| Line 92... | Line 93... | ||
| 92 | 93 | ||
| 93 | public function sendMail($recipient, $subject, $message) { |
94 | public function sendMail($recipient, $subject, $message) { |
| 94 | return $this->_sendMail($recipient, $subject, $message, ''); |
95 | return $this->_sendMail($recipient, $subject, $message, ''); |
| 95 | } |
96 | } |
| 96 | 97 | ||
| 97 | // TODO: plain aus html berechnen als optional? |
98 | // TODO: generate plain from html (strip tags), optional |
| 98 | public function sendMailHTMLandPlainMultipart($to, $subject, $msg_html, $msg_plain) { |
99 | public function sendMailHTMLandPlainMultipart($to, $subject, $msg_html, $msg_plain) { |
| 99 | $boundary = uniqid('np'); |
100 | $boundary = uniqid('np'); |
| 100 | 101 | ||
| 101 | $msg_html = $this->QB_SECURE_MAIL_PARAM($msg_html, 1); |
102 | $msg_html = $this->QB_SECURE_MAIL_PARAM($msg_html, 1); |
| 102 | $msg_plain = $this->QB_SECURE_MAIL_PARAM($msg_plain, 1); |
103 | $msg_plain = $this->QB_SECURE_MAIL_PARAM($msg_plain, 1); |