Rev 2 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 2 | Rev 3 | ||
---|---|---|---|
Line 17... | Line 17... | ||
17 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
17 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
18 | * See the License for the specific language governing permissions and |
18 | * See the License for the specific language governing permissions and |
19 | * limitations under the License. |
19 | * limitations under the License. |
20 | */ |
20 | */ |
21 | 21 | ||
22 | // TODO: getHeaders() als single string , attachments , remove headers etc, headers als array in/out, Braucht man auch ein addRawHeader()? |
22 | // TODO: getHeaders() as single string , attachments , remove headers etc, headers as array in/out, do you also need addRawHeader()? |
23 | 23 | ||
24 | class SecureMailer { |
24 | class SecureMailer { |
25 | private $headers = ''; |
25 | private $headers = ''; |
26 | 26 | ||
27 | // TODO: sollte eher private sein, geht aber net |
27 | // TODO: This should rather be private, but it won't work |
28 | const endl = "\n"; // GMX will kein CRLF! wtf?! (Unter Postfix in Linux) |
28 | const endl = "\n"; // GMX doesn't like CRLF! wtf?! (tested in Postfix in Linux) |
29 | 29 | ||
30 | private function QB_SECURE_MAIL_PARAM($param_ = '', $level_ = 2) { |
30 | private function QB_SECURE_MAIL_PARAM($param_ = '', $level_ = 2) { |
31 | // Verhindert Mail-Header-Injections |
31 | // Prevents eMail header injections |
32 | // Quelle: http://www.erich-kachel.de/?p=26 |
32 | // Source: http://www.erich-kachel.de/?p=26 (modified) |
33 | 33 | ||
34 | /* replace until done */ |
34 | /* replace until done */ |
- | 35 | $filtered = null; |
|
35 | while (!isset($filtered) || ($param_ != $filtered)) { |
36 | while (is_null($filtered) || ($param_ != $filtered)) { |
36 | if (isset($filtered)) { |
37 | if (!is_null($filtered)) { |
37 | $param_ = $filtered; |
38 | $param_ = $filtered; |
38 | } |
39 | } |
39 | 40 | ||
40 | $filtered = preg_replace("/(Content-Transfer-Encoding:|MIME-Version:|content-type:|Subject:|to:|cc:|bcc:|from:|reply-to:)/ims", '', $param_); |
41 | $filtered = preg_replace("/(Content-Transfer-Encoding:|MIME-Version:|content-type:|Subject:|to:|cc:|bcc:|from:|reply-to:)/ims", '', $param_); |
41 | } |
42 | } |
Line 92... | Line 93... | ||
92 | 93 | ||
93 | public function sendMail($recipient, $subject, $message) { |
94 | public function sendMail($recipient, $subject, $message) { |
94 | return $this->_sendMail($recipient, $subject, $message, ''); |
95 | return $this->_sendMail($recipient, $subject, $message, ''); |
95 | } |
96 | } |
96 | 97 | ||
97 | // TODO: plain aus html berechnen als optional? |
98 | // TODO: generate plain from html (strip tags), optional |
98 | public function sendMailHTMLandPlainMultipart($to, $subject, $msg_html, $msg_plain) { |
99 | public function sendMailHTMLandPlainMultipart($to, $subject, $msg_html, $msg_plain) { |
99 | $boundary = uniqid('np'); |
100 | $boundary = uniqid('np'); |
100 | 101 | ||
101 | $msg_html = $this->QB_SECURE_MAIL_PARAM($msg_html, 1); |
102 | $msg_html = $this->QB_SECURE_MAIL_PARAM($msg_html, 1); |
102 | $msg_plain = $this->QB_SECURE_MAIL_PARAM($msg_plain, 1); |
103 | $msg_plain = $this->QB_SECURE_MAIL_PARAM($msg_plain, 1); |