diff options
author | yehudah <yehudah@b8457f37-d9ea-0310-8a92-e5e31aec5664> | 2019-09-26 07:29:28 +0000 |
---|---|---|
committer | yehudah <yehudah@b8457f37-d9ea-0310-8a92-e5e31aec5664> | 2019-09-26 07:29:28 +0000 |
commit | 9b04db8503c2cf4501bf88d588e2b901916c7490 (patch) | |
tree | efbee82944e1a297a474edecb406e084e154cedd /Postman/PostmanLogFields.php | |
parent | caa73945f9fe69875171ea2aade2c53e60b21bbe (diff) | |
download | Post-SMTP-9b04db8503c2cf4501bf88d588e2b901916c7490.zip |
2.0.5 released - Few notifications errors, export logs and minor improvements
Diffstat (limited to 'Postman/PostmanLogFields.php')
-rw-r--r-- | Postman/PostmanLogFields.php | 62 |
1 files changed, 51 insertions, 11 deletions
diff --git a/Postman/PostmanLogFields.php b/Postman/PostmanLogFields.php index 6e04b8d..04d24a4 100644 --- a/Postman/PostmanLogFields.php +++ b/Postman/PostmanLogFields.php @@ -3,17 +3,17 @@ class PostmanLogFields { private $fields = array( 'success' => 'sanitize_text_field', - 'from_header' => '', - 'to_header' => '', - 'cc_header' => '', - 'bcc_header' => '', - 'reply_to_header' => '', + 'from_header' => [ 'PostmanLogFields', 'email_header_sanitize' ], + 'to_header' => [ 'PostmanLogFields', 'email_header_sanitize' ], + 'cc_header' => [ 'PostmanLogFields', 'email_header_sanitize' ], + 'bcc_header' => [ 'PostmanLogFields', 'email_header_sanitize' ], + 'reply_to_header' => [ 'PostmanLogFields', 'email_header_sanitize' ], 'transport_uri' => 'sanitize_text_field', 'original_to' => 'sanitize_text_field', 'original_subject' => 'sanitize_text_field', - 'original_message' => null, - 'original_headers' => 'sanitize_text_field', - 'session_transcript' => 'sanitize_textarea_field', + 'original_message' => '', // only sent to viewed + 'original_headers' => '', // only sent to viewed + 'session_transcript' => '', // escaped when viewed ); private static $instance = null; @@ -28,7 +28,7 @@ class PostmanLogFields { private function __construct() { - $this->fields['original_message'] = array( $this, 'sanitize_message' ); + } public function get( $post_id ) { @@ -73,13 +73,14 @@ class PostmanLogFields { } private function sanitize( $key, $value ) { + $callback = is_array( $value ) ? 'array_map' : 'call_user_func'; if ( ! empty( $this->fields[$key] ) ) { return $callback( $this->fields[$key], $value ); } - return filter_var( $value, FILTER_SANITIZE_STRING | FILTER_SANITIZE_SPECIAL_CHARS ); + return $value; } private function sanitize_message( $message ) { @@ -96,4 +97,43 @@ class PostmanLogFields { return $value; } -}
\ No newline at end of file + + public function get_string_between($string, $start, $end){ + $string = ' ' . $string; + $ini = strpos($string, $start); + + if ($ini == 0) { + return ''; + } + + $ini += strlen($start); + $len = strpos($string, $end, $ini) - $ini; + + return substr($string, $ini, $len); + } + + public function email_header_sanitize($value) { + + $parts = explode( ',', $value ); + + $sanitized = []; + foreach ( $parts as $part ) { + + if ( strpos( $part, '<' ) !== false ) { + $email = $this->get_string_between( $part, '<', '>' ); + $clean_email = $this->sanitize_email($email); + preg_match('/(.*)</', $part, $output_array); + $name = filter_var( trim( $output_array[1] ), FILTER_SANITIZE_STRING ); + + $sanitized[] = "{$name} <{$clean_email}>"; + } + } + + return ! empty( $sanitized ) ? implode( ',', $sanitized ) : implode( ',', array_map( [ $this, 'sanitize_email'], $parts ) ); + } + + public function sanitize_email( $email ) { + return filter_var( $email, FILTER_SANITIZE_EMAIL ); + } +} + |