Joomla Platform  13.1
Documentation des API du framework Joomla Platform
 Tout Classes Espaces de nommage Fichiers Fonctions Variables Pages
helper.php
Aller à la documentation de ce fichier.
1 <?php
2 /**
3  * @package Joomla.Platform
4  * @subpackage Mail
5  *
6  * @copyright Copyright (C) 2005 - 2013 Open Source Matters, Inc. All rights reserved.
7  * @license GNU General Public License version 2 or later; see LICENSE
8  */
9 
10 defined('JPATH_PLATFORM') or die;
11 
12 /**
13  * Email helper class, provides static methods to perform various tasks relevant
14  * to the Joomla email routines.
15  *
16  * TODO: Test these methods as the regex work is first run and not tested thoroughly
17  *
18  * @package Joomla.Platform
19  * @subpackage Mail
20  * @since 11.1
21  */
22 abstract class JMailHelper
23 {
24  /**
25  * Cleans single line inputs.
26  *
27  * @param string $value String to be cleaned.
28  *
29  * @return string Cleaned string.
30  *
31  * @since 11.1
32  */
33  public static function cleanLine($value)
34  {
35  $value = JStringPunycode::emailToPunycode($value);
36 
37  return trim(preg_replace('/(%0A|%0D|\n+|\r+)/i', '', $value));
38  }
39 
40  /**
41  * Cleans multi-line inputs.
42  *
43  * @param string $value Multi-line string to be cleaned.
44  *
45  * @return string Cleaned multi-line string.
46  *
47  * @since 11.1
48  */
49  public static function cleanText($value)
50  {
51  return trim(preg_replace('/(%0A|%0D|\n+|\r+)(content-type:|to:|cc:|bcc:)/i', '', $value));
52  }
53 
54  /**
55  * Cleans any injected headers from the email body.
56  *
57  * @param string $body email body string.
58  *
59  * @return string Cleaned email body string.
60  *
61  * @since 11.1
62  */
63  public static function cleanBody($body)
64  {
65  // Strip all email headers from a string
66  return preg_replace("/((From:|To:|Cc:|Bcc:|Subject:|Content-type:) ([\S]+))/", "", $body);
67  }
68 
69  /**
70  * Cleans any injected headers from the subject string.
71  *
72  * @param string $subject email subject string.
73  *
74  * @return string Cleaned email subject string.
75  *
76  * @since 11.1
77  */
78  public static function cleanSubject($subject)
79  {
80  return preg_replace("/((From:|To:|Cc:|Bcc:|Content-type:) ([\S]+))/", "", $subject);
81  }
82 
83  /**
84  * Verifies that an email address does not have any extra headers injected into it.
85  *
86  * @param string $address email address.
87  *
88  * @return mixed email address string or boolean false if injected headers are present.
89  *
90  * @since 11.1
91  */
92  public static function cleanAddress($address)
93  {
94  if (preg_match("[\s;,]", $address))
95  {
96  return false;
97  }
98 
99  return $address;
100  }
101 
102  /**
103  * Verifies that the string is in a proper email address format.
104  *
105  * @param string $email String to be verified.
106  *
107  * @return boolean True if string has the correct format; false otherwise.
108  *
109  * @since 11.1
110  */
111  public static function isEmailAddress($email)
112  {
113  // Split the email into a local and domain
114  $atIndex = strrpos($email, "@");
115  $domain = substr($email, $atIndex + 1);
116  $local = substr($email, 0, $atIndex);
117 
118  // Check Length of domain
119  $domainLen = strlen($domain);
120 
121  if ($domainLen < 1 || $domainLen > 255)
122  {
123  return false;
124  }
125 
126  /*
127  * Check the local address
128  * We're a bit more conservative about what constitutes a "legal" address, that is, A-Za-z0-9!#$%&\'*+/=?^_`{|}~-
129  * Also, the last character in local cannot be a period ('.')
130  */
131  $allowed = 'A-Za-z0-9!#&*+=?_-';
132  $regex = "/^[$allowed][\.$allowed]{0,63}$/";
133 
134  if (!preg_match($regex, $local) || substr($local, -1) == '.')
135  {
136  return false;
137  }
138 
139  // No problem if the domain looks like an IP address, ish
140  $regex = '/^[0-9\.]+$/';
141 
142  if (preg_match($regex, $domain))
143  {
144  return true;
145  }
146 
147  // Check Lengths
148  $localLen = strlen($local);
149 
150  if ($localLen < 1 || $localLen > 64)
151  {
152  return false;
153  }
154 
155  // Check the domain
156  $domain_array = explode(".", rtrim($domain, '.'));
157  $regex = '/^[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)*$/';
158 
159  foreach ($domain_array as $domain)
160  {
161  // Convert domain to punycode
162  $domain = JStringPunycode::toPunycode($domain);
163 
164  // Must be something
165  if (!$domain)
166  {
167  return false;
168  }
169 
170  // Check for invalid characters
171  if (!preg_match($regex, $domain))
172  {
173  return false;
174  }
175 
176  // Check for a dash at the beginning of the domain
177  if (strpos($domain, '-') === 0)
178  {
179  return false;
180  }
181 
182  // Check for a dash at the end of the domain
183  $length = strlen($domain) - 1;
184 
185  if (strpos($domain, '-', $length) === $length)
186  {
187  return false;
188  }
189  }
190 
191  return true;
192  }
193 }