From ae0e6e4dc8e449be6c0354d1849bc71f80c35355 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 14 May 2020 14:10:04 +0200 Subject: [PATCH] FIX dol_concatdesc to escape < Better help --- htdocs/admin/emailcollector_card.php | 4 ++-- htdocs/core/class/translate.class.php | 2 +- htdocs/core/lib/functions.lib.php | 9 +++++---- htdocs/emailcollector/class/emailcollector.class.php | 9 +++++++-- htdocs/langs/en_US/admin.lang | 2 +- 5 files changed, 16 insertions(+), 10 deletions(-) diff --git a/htdocs/admin/emailcollector_card.php b/htdocs/admin/emailcollector_card.php index 74592ff777a..80161eaadc6 100644 --- a/htdocs/admin/emailcollector_card.php +++ b/htdocs/admin/emailcollector_card.php @@ -592,7 +592,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea print ''; $htmltext = $langs->transnoentitiesnoconv("OperationParamDesc"); //var_dump($htmltext); - print $form->textwithpicto('', $htmltext); + print $form->textwithpicto('', $htmltext, 1, 'help', '', 0, 2, 'operationparamtt'); print ''; print ''; print ''; @@ -643,7 +643,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea print ''; // Delete print ''; - print ''.img_edit().''; + print ''.img_edit().''; print ' '.img_delete().''; print ''; print ''; diff --git a/htdocs/core/class/translate.class.php b/htdocs/core/class/translate.class.php index 4f3930a4588..3fc3151030a 100644 --- a/htdocs/core/class/translate.class.php +++ b/htdocs/core/class/translate.class.php @@ -308,7 +308,7 @@ class Translate continue; } else { - // Convert some strings: Parse and render carriage returns. Also, change '\\s' int '\s' because transifex sync pull the string '\s' into string '\\s' + // Convert some strings: Parse and render carriage returns. Also, change '\\s' into '\s' because transifex sync pull the string '\s' into string '\\s' $this->tab_translate[$key] = str_replace(array('\\n', '\\\\s'), array("\n", '\s'), $value); if ($usecachekey) { $tabtranslatedomain[$key] = $value; diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 20094da216c..31716dc3f3c 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -5794,7 +5794,8 @@ function dolGetFirstLineOfText($text, $nboflines = 1, $charset = 'UTF-8') /** - * Replace CRLF in string with a HTML BR tag + * Replace CRLF in string with a HTML BR tag. + * WARNING: The content after operation contains some HTML tags (the
) so be sure to also have encode the special chars of stringtoencode into HTML before. * * @param string $stringtoencode String to encode * @param int $nl2brmode 0=Adding br before \n, 1=Replacing \n by br @@ -6048,7 +6049,7 @@ function dol_textishtml($msg, $option = 0) * * @param string $text1 Text 1 * @param string $text2 Text 2 - * @param bool $forxml false=Use
instead of \n if html content detected, true=Use
instead of \n if html content detected + * @param bool $forxml true=Use
instead of
if we have to add a br tag * @param bool $invert invert order of description lines (we often use config MAIN_CHANGE_ORDER_CONCAT_DESCRIPTION in this parameter) * @return string Text 1 + new line + Text2 * @see dol_textishtml() @@ -6063,9 +6064,9 @@ function dol_concatdesc($text1, $text2, $forxml = false, $invert = false) } $ret = ''; - $ret .= (!dol_textishtml($text1) && dol_textishtml($text2)) ?dol_nl2br($text1, 0, $forxml) : $text1; + $ret .= (!dol_textishtml($text1) && dol_textishtml($text2)) ? dol_nl2br(dol_escape_htmltag($text1, 0, 1, '', 1), 0, $forxml) : $text1; $ret .= (!empty($text1) && !empty($text2)) ? ((dol_textishtml($text1) || dol_textishtml($text2)) ? ($forxml ? "
\n" : "
\n") : "\n") : ""; - $ret .= (dol_textishtml($text1) && !dol_textishtml($text2)) ?dol_nl2br($text2, 0, $forxml) : $text2; + $ret .= (dol_textishtml($text1) && !dol_textishtml($text2)) ? dol_nl2br(dol_escape_htmltag($text2, 0, 1, '', 1), 0, $forxml) : $text2; return $ret; } diff --git a/htdocs/emailcollector/class/emailcollector.class.php b/htdocs/emailcollector/class/emailcollector.class.php index 969b83cac5a..2bc6d6db962 100644 --- a/htdocs/emailcollector/class/emailcollector.class.php +++ b/htdocs/emailcollector/class/emailcollector.class.php @@ -937,8 +937,8 @@ class EmailCollector extends CommonObject } imap_errors(); // Clear stack of errors. - // $conf->global->MAIL_PREFIX_FOR_EMAIL_ID must be defined $host = dol_getprefix('email'); + //$host = '123456'; // Define the IMAP search string // See https://tools.ietf.org/html/rfc3501#section-6.4.4 for IMAPv4 (PHP not yet compatible) @@ -1081,6 +1081,7 @@ class EmailCollector extends CommonObject dol_syslog("Start of loop on email", LOG_INFO, 1); + $i = 0; foreach ($arrayofemail as $imapemail) { if ($nbemailprocessed > 1000) @@ -1088,6 +1089,8 @@ class EmailCollector extends CommonObject break; // Do not process more than 1000 email per launch (this is a different protection than maxnbcollectedpercollect } + $i++; + $header = imap_fetchheader($connection, $imapemail, 0); $header = preg_replace('/\r\n\s+/m', ' ', $header); // When a header line is on several lines, merge lines $matches = array(); @@ -1095,6 +1098,8 @@ class EmailCollector extends CommonObject $headers = array_combine($matches[1], $matches[2]); //var_dump($headers); + dol_syslog("** Process email ".$i." References: ".$headers['References']); + // If there is a filter on trackid if ($searchfilterdoltrackid > 0) { @@ -1130,7 +1135,7 @@ class EmailCollector extends CommonObject // GET Email meta datas $overview = imap_fetch_overview($connection, $imapemail, 0); - dol_syslog("** Process email - msgid=".$overview[0]->message_id." date=".dol_print_date($overview[0]->udate, 'dayrfc', 'gmt')." subject=".$overview[0]->subject); + dol_syslog("msgid=".$overview[0]->message_id." date=".dol_print_date($overview[0]->udate, 'dayrfc', 'gmt')." subject=".$overview[0]->subject); // Decode $overview[0]->subject according to RFC2047 // Can use also imap_mime_header_decode($str) diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index 5ce79a12231..6c139a0f10c 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -1939,7 +1939,7 @@ WithoutDolTrackingID=Dolibarr Reference not found in Message ID FormatZip=Zip MainMenuCode=Menu entry code (mainmenu) ECMAutoTree=Show automatic ECM tree -OperationParamDesc=Define values to use for action, or how to extract values. For example:
objproperty1=SET:abc
objproperty1=SET:a value with replacement of __objproperty1__
objproperty3=SETIFEMPTY:abc
objproperty4=EXTRACT:HEADER:X-Myheaderkey.*[^\s]+(.*)
options_myextrafield=EXTRACT:SUBJECT:([^\s]*)
object.objproperty5=EXTRACT:BODY:My company name is\s([^\s]*)

Use a ; char as separator to extract or set several properties. +OperationParamDesc=Define the values to use for the object of the action, or how to extract values. For example:
objproperty1=SET:the value to set
objproperty2=SET:a value with replacement of __objproperty1__
objproperty3=SETIFEMPTY:value used if objproperty3 is not already defined
objproperty4=EXTRACT:HEADER:X-Myheaderkey:\s*([^\s]*)
options_myextrafield1=EXTRACT:SUBJECT:([^\n]*)
object.objproperty5=EXTRACT:BODY:My company name is\s([^\s]*)

Use a ; char as separator to extract or set several properties. OpeningHours=Opening hours OpeningHoursDesc=Enter here the regular opening hours of your company. ResourceSetup=Configuration of Resource module