link. passed_ent_id is used in case of attached message/rfc822 messages,
ent_id is used for specifying the mime-entity_id. If passed_ent_id is
available we know that the message with entity_id = passed_ent_id contains
a rfc822header.
fix for displaying the hide unsafe images link. If you show the unsafe
images, has_unsafe_images = false because it looks for the image
replacements. The hide unsafe images link was never initialized correct.
the extension is not save and the image url points to the url base address.
If the server uses session trans_sid then somehow the session is destroyed
because of the automatic ?SID=session_id_string.
At least that's what I think what happens.
1. Wrap all operands of a complex expression with parentheses.
For instance:
if ($bob == 'foo' || $bob == 'bar') {
is wrong. Do this instead:
if (($bob == 'foo') || ($bob == 'bar')) {
2. Carefully decide between pre and post incrementation. If it
does not matter, always choose pre because it is technically
more efficient. For instance:
for ($i = 0; $i < $count; $i++) {
is wrong. Do this instead:
for ($i = 0; $i < $count; ++$i) {
3. Classes should be named in style like this:
MessageHeader
Rfc8222Header
etc. When there is an acronym at the beginning, treat it
like a word - do NOT captitalize each letter of the acronym.
4. Put each class in a seperate file named ClassName.class.php.
Related classes can be put in one directory and then included
in a main include file.
Second, big changes with mime.class.php here. And I don't think I broke
anything. (Sounds like famous last words, eh?)
magicHTML)
Maybe this is the wrong fix but in case of iframes tags with a cid link to an
internal entity it's possible that stupid users download attached virus
entities because the iframe src pointed to a filename with .scr, .exe, .bat or
other extension. This patch only allow the following hardcoded save extensions:
gif, jpeg, jpg, png, bmp.
To do:
notify user in case of invalid extensions.
totally remove iframes because I think in most cases (virus) they are unsave.
external stylesheets or other dangerous things.
In IE6 the included stylesheets messed up the layout of SM although the link
attribute only is permitted in the head section ??
