Changeset 39788 for branches/4.3/src/wp-includes/class-phpmailer.php
- Timestamp:
- 01/11/2017 05:23:13 AM (8 years ago)
- Location:
- branches/4.3
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/4.3
-
branches/4.3/src/wp-includes/class-phpmailer.php
r39725 r39788 32 32 * @var string 33 33 */ 34 public $Version = '5.2.2 1';34 public $Version = '5.2.22'; 35 35 36 36 /** … … 2494 2494 /** 2495 2495 * Add an attachment from a path on the filesystem. 2496 * Never use a user-supplied path to a file! 2496 2497 * Returns false if the file could not be found or read. 2497 2498 * @param string $path Path to the attachment. … … 3019 3020 * This is used in HTML messages that embed the images 3020 3021 * the HTML refers to using the $cid value. 3022 * Never use a user-supplied path to a file! 3021 3023 * @param string $path Path to the attachment. 3022 3024 * @param string $cid Content ID of the attachment; Use this to reference … … 3382 3384 * Automatically inlines images and creates a plain-text version by converting the HTML, 3383 3385 * overwriting any existing values in Body and AltBody. 3384 * $basedir is used when handling relative image paths, e.g. <img src="images/a.png"> 3386 * Do not source $message content from user input! 3387 * $basedir is prepended when handling relative URLs, e.g. <img src="/images/a.png"> and must not be empty 3385 3388 * will look for an image file in $basedir/images/a.png and convert it to inline. 3386 * If you don't want to apply these transformations to your HTML, just set Body and AltBody yourself. 3389 * If you don't provide a $basedir, relative paths will be left untouched (and thus probably break in email) 3390 * If you don't want to apply these transformations to your HTML, just set Body and AltBody directly. 3387 3391 * @access public 3388 3392 * @param string $message HTML message string 3389 * @param string $basedir base directory forrelative paths to images3393 * @param string $basedir Absolute path to a base directory to prepend to relative paths to images 3390 3394 * @param boolean|callable $advanced Whether to use the internal HTML to text converter 3391 3395 * or your own custom converter @see PHPMailer::html2text() … … 3396 3400 preg_match_all('/(src|background)=["\'](.*)["\']/Ui', $message, $images); 3397 3401 if (array_key_exists(2, $images)) { 3402 if (strlen($basedir) > 1 && substr($basedir, -1) != '/') { 3403 // Ensure $basedir has a trailing / 3404 $basedir .= '/'; 3405 } 3398 3406 foreach ($images[2] as $imgindex => $url) { 3399 3407 // Convert data URIs into embedded images … … 3413 3421 ); 3414 3422 } 3415 } elseif (substr($url, 0, 4) !== 'cid:' && !preg_match('#^[a-z][a-z0-9+.-]*://#i', $url)) { 3416 // Do not change urls for absolute images (thanks to corvuscorax) 3423 continue; 3424 } 3425 if ( 3426 // Only process relative URLs if a basedir is provided (i.e. no absolute local paths) 3427 !empty($basedir) 3428 // Ignore URLs containing parent dir traversal (..) 3429 && (strpos($url, '..') === false) 3417 3430 // Do not change urls that are already inline images 3431 && substr($url, 0, 4) !== 'cid:' 3432 // Do not change absolute URLs, including anonymous protocol 3433 && !preg_match('#^[a-z][a-z0-9+.-]*:?//#i', $url) 3434 ) { 3418 3435 $filename = basename($url); 3419 3436 $directory = dirname($url); … … 3422 3439 } 3423 3440 $cid = md5($url) . '@phpmailer.0'; // RFC2392 S 2 3424 if (strlen($basedir) > 1 && substr($basedir, -1) != '/') {3425 $basedir .= '/';3426 }3427 3441 if (strlen($directory) > 1 && substr($directory, -1) != '/') { 3428 3442 $directory .= '/';
Note: See TracChangeset
for help on using the changeset viewer.