852
860
* Encodes string according to rfc2047 B encoding header formating rules
854
* It is recommended way to encode headers with character sets that store
862
* It is recommended way to encode headers with character sets that store
855
863
* symbols in more than one byte.
857
865
* Function requires mbstring support. If required mbstring functions are missing,
858
866
* function returns false and sets E_USER_WARNING level error message.
860
* Minimal requirements - php 4.0.6 with mbstring extension. Please note,
861
* that mbstring functions will generate E_WARNING errors, if unsupported
868
* Minimal requirements - php 4.0.6 with mbstring extension. Please note,
869
* that mbstring functions will generate E_WARNING errors, if unsupported
862
870
* character set is used. mb_encode_mimeheader function provided by php
863
871
* mbstring extension is not used in order to get better control of header
866
* Used php code functions - function_exists(), trigger_error(), strlen()
867
* (is used with charset names and base64 strings). Used php mbstring
874
* Used php code functions - function_exists(), trigger_error(), strlen()
875
* (is used with charset names and base64 strings). Used php mbstring
868
876
* functions - mb_strlen and mb_substr.
870
* Related documents: rfc 2045 (BASE64 encoding), rfc 2047 (mime header
878
* Related documents: rfc 2045 (BASE64 encoding), rfc 2047 (mime header
871
879
* encoding), rfc 2822 (header folding)
873
881
* @param string $string header string that must be encoded
874
* @param string $charset character set. Must be supported by mbstring extension.
882
* @param string $charset character set. Must be supported by mbstring extension.
875
883
* Use sq_mb_list_encodings() to detect supported charsets.
876
884
* @return string string encoded according to rfc2047 B encoding formating rules
877
885
* @since 1.5.1 and 1.4.6
1030
* Translate all dangerous Unicode or Shift_JIS characters which are acepted by
1031
* IE as regular characters.
1033
* @param attvalue The attribute value before dangerous characters are translated.
1034
* @return attvalue Nothing, modifies a reference value.
1035
* @author Marc Groot Koerkamp.
1037
function sq_fixIE_idiocy(&$attvalue) {
1039
$attvalue = str_replace("\0", "", $attvalue);
1041
$attvalue = preg_replace("/(\/\*.*?\*\/)/","",$attvalue);
1043
// IE has the evil habit of excepting every possible value for the attribute expression
1044
// The table below contain characters which are valid in IE if they are used in the "expression"
1046
$aDangerousCharsReplacementTable = array(
1047
array('ʟ', 'ʟ' ,/* L UNICODE IPA Extension */
1048
'ʀ', 'ʀ' ,/* R UNICODE IPA Extension */
1049
'ɴ', 'ɴ' ,/* N UNICODE IPA Extension */
1050
'E', 'E' ,/* Unicode FULLWIDTH LATIN CAPITAL LETTER E */
1051
'e', 'e' ,/* Unicode FULLWIDTH LATIN SMALL LETTER E */
1052
'X', 'X',/* Unicode FULLWIDTH LATIN CAPITAL LETTER X */
1053
'x', 'x',/* Unicode FULLWIDTH LATIN SMALL LETTER X */
1054
'P', 'P',/* Unicode FULLWIDTH LATIN CAPITAL LETTER P */
1055
'p', 'p',/* Unicode FULLWIDTH LATIN SMALL LETTER P */
1056
'R', 'R',/* Unicode FULLWIDTH LATIN CAPITAL LETTER R */
1057
'r', 'r',/* Unicode FULLWIDTH LATIN SMALL LETTER R */
1058
'S', 'S',/* Unicode FULLWIDTH LATIN CAPITAL LETTER S */
1059
's', 's',/* Unicode FULLWIDTH LATIN SMALL LETTER S */
1060
'I', 'I',/* Unicode FULLWIDTH LATIN CAPITAL LETTER I */
1061
'i', 'i',/* Unicode FULLWIDTH LATIN SMALL LETTER I */
1062
'O', 'O',/* Unicode FULLWIDTH LATIN CAPITAL LETTER O */
1063
'o', 'o',/* Unicode FULLWIDTH LATIN SMALL LETTER O */
1064
'N', 'N',/* Unicode FULLWIDTH LATIN CAPITAL LETTER N */
1065
'n', 'n',/* Unicode FULLWIDTH LATIN SMALL LETTER N */
1066
'L', 'L',/* Unicode FULLWIDTH LATIN CAPITAL LETTER L */
1067
'l', 'l',/* Unicode FULLWIDTH LATIN SMALL LETTER L */
1068
'U', 'U',/* Unicode FULLWIDTH LATIN CAPITAL LETTER U */
1069
'u', 'u',/* Unicode FULLWIDTH LATIN SMALL LETTER U */
1070
'ⁿ', 'ⁿ' ,/* Unicode SUPERSCRIPT LATIN SMALL LETTER N */
1071
'艤', /* Shift JIS FULLWIDTH LATIN CAPITAL LETTER E */ // in unicode this is some chinese char range
1072
'芅', /* Shift JIS FULLWIDTH LATIN SMALL LETTER E */
1073
'艷', /* Shift JIS FULLWIDTH LATIN CAPITAL LETTER X */
1074
'芘', /* Shift JIS FULLWIDTH LATIN SMALL LETTER X */
1075
'良', /* Shift JIS FULLWIDTH LATIN CAPITAL LETTER P */
1076
'芐', /* Shift JIS FULLWIDTH LATIN SMALL LETTER P */
1077
'艱', /* Shift JIS FULLWIDTH LATIN CAPITAL LETTER R */
1078
'芒', /* Shift JIS FULLWIDTH LATIN SMALL LETTER R */
1079
'色', /* Shift JIS FULLWIDTH LATIN CAPITAL LETTER S */
1080
'芓', /* Shift JIS FULLWIDTH LATIN SMALL LETTER S */
1081
'艨', /* Shift JIS FULLWIDTH LATIN CAPITAL LETTER I */
1082
'芉', /* Shift JIS FULLWIDTH LATIN SMALL LETTER I */
1083
'艮', /* Shift JIS FULLWIDTH LATIN CAPITAL LETTER O */
1084
'芏', /* Shift JIS FULLWIDTH LATIN SMALL LETTER O */
1085
'艭', /* Shift JIS FULLWIDTH LATIN CAPITAL LETTER N */
1086
'芎'), /* Shift JIS FULLWIDTH LATIN SMALL LETTER N */
1087
array('l', 'l', 'r','r','n','n',
1088
'E','E','e','e','X','X','x','x','P','P','p','p','S','S','s','s','I','I',
1089
'i','i','O','O','o','o','N','N','n','n','L','L','l','l','U','U','u','u','n',
1090
'E','e','X','x','P','p','S','s','I','i','O','o','N','n'));
1091
$attvalue = str_replace($aDangerousCharsReplacementTable[0],$aDangerousCharsReplacementTable[1],$attvalue);
1093
// Escapes are usefull for special characters like "{}[]()'&. In other cases they are
1095
$attvalue = preg_replace("/(\\\\)([a-zA-Z]{1})/",'$2',$attvalue);
1022
1099
* This function returns the final tag out of the tag name, an array
1023
1100
* of attributes, and the type of the tag. This function is called by
1024
1101
* sq_sanitize internally.