View | Details | Raw Unified | Return to bug 259405
Collapse All | Expand All

(-)b/mail/squirrelmail/Makefile (-1 / +1 lines)
Lines 1-7 Link Here
1
# Created by: Simon Dick <simond@irrelevant.org>
1
# Created by: Simon Dick <simond@irrelevant.org>
2
2
3
PORTNAME=	squirrelmail
3
PORTNAME=	squirrelmail
4
PORTVERSION=	20200422
4
PORTVERSION=	20211024
5
CATEGORIES=	mail www
5
CATEGORIES=	mail www
6
MASTER_SITES=	http://snapshots.squirrelmail.org/ \
6
MASTER_SITES=	http://snapshots.squirrelmail.org/ \
7
	http://freebsd.uzsolt.hu/src/
7
	http://freebsd.uzsolt.hu/src/
(-)b/mail/squirrelmail/distinfo (-3 / +3 lines)
Lines 1-3 Link Here
1
TIMESTAMP = 1587688922
1
TIMESTAMP = 1635107026
2
SHA256 (squirrelmail/squirrelmail-20200422_0200-SVN.stable.tar.bz2) = b9ff42bed77f469a4778d83a4bdff169dbaf1ff1baf0faa85c21802eba25d4b8
2
SHA256 (squirrelmail/squirrelmail-20211024_0200-SVN.stable.tar.bz2) = 60f7f74cf44ab3c269f72ed5a8bafba31b56d917ce3dcc3ec16c3c87f34d42aa
3
SIZE (squirrelmail/squirrelmail-20200422_0200-SVN.stable.tar.bz2) = 576468
3
SIZE (squirrelmail/squirrelmail-20211024_0200-SVN.stable.tar.bz2) = 576229
(-)a/mail/squirrelmail/files/patch-functions__i18n.php (-32 lines)
Removed Link Here
1
--- functions/i18n.php.orig	2017-07-05 11:28:23 UTC
2
+++ functions/i18n.php
3
@@ -159,15 +159,17 @@ function sq_setlocale($category,$locale)
4
 }
5
 
6
 /**
7
- * Converts string from given charset to charset, that can be displayed by user translation.
8
+ * Converts a string from the given $charset to a character set that
9
+ * can be displayed by the current user interface language (translation)
10
  *
11
- * Function by default returns html encoded strings, if translation uses different encoding.
12
+ * Function by default returns html encoded strings if translation uses
13
+ * different encoding.
14
  * If Japanese translation is used - function returns string converted to euc-jp
15
  * If $charset is not supported - function returns unconverted string.
16
  *
17
  * sanitizing of html tags is also done by this function.
18
  *
19
- * @param string $charset
20
+ * @param string $charset The charset of the incoming string
21
  * @param string $string Text to be decoded
22
  * @param boolean $force_decode converts string to html without $charset!=$default_charset check.
23
  * Argument is available since 1.4.5 and 1.5.1.
24
@@ -184,7 +186,7 @@ function charset_decode ($charset, $stri
25
     }
26
 
27
     /* All HTML special characters are 7 bit and can be replaced first */
28
-    if (! $save_html) $string = sm_encode_html_special_chars ($string);
29
+    if (! $save_html) $string = sm_encode_html_special_chars($string, ENT_COMPAT, $charset);
30
     $charset = strtolower($charset);
31
 
32
     set_my_charset();
(-)a/mail/squirrelmail/files/patch-functions_strings.php (-71 lines)
Removed Link Here
1
--- functions/strings.php.orig	2017-01-27 20:31:33 UTC
2
+++ functions/strings.php
3
@@ -1489,7 +1489,13 @@ function sm_validate_security_token($tok
4
   *                   (See http://php.net/manual/function.htmlspecialchars.php )
5
   *                   (OPTIONAL; default ENT_COMPAT, ENT_COMPAT | ENT_SUBSTITUTE for PHP >=5.4)
6
   * @param string $encoding The character encoding to use in the conversion
7
-  *                         (OPTIONAL; default automatic detection)
8
+  *                         (if not one of the character sets supported
9
+  *                         by PHP's htmlspecialchars(), then $encoding
10
+  *                         will be ignored and iso-8859-1 will be used,
11
+  *                         unless a default has been specified in
12
+  *                         $default_htmlspecialchars_encoding in
13
+  *                         config_local.php) (OPTIONAL; default automatic
14
+  *                         detection)
15
   * @param boolean $double_encode Whether or not to convert entities that are
16
   *                               already in the string (only supported in
17
   *                               PHP 5.2.3+) (OPTIONAL; default TRUE)
18
@@ -1500,6 +1506,31 @@ function sm_validate_security_token($tok
19
 function sm_encode_html_special_chars($string, $flags=ENT_COMPAT,
20
                                       $encoding=NULL, $double_encode=TRUE)
21
 {
22
+
23
+   // charsets supported by PHP's htmlspecialchars
24
+   // (move this elsewhere if needed)
25
+   //
26
+   static $htmlspecialchars_charsets = array(
27
+      'iso-8859-1', 'iso8859-1',
28
+      'iso-8859-5', 'iso8859-5',
29
+      'iso-8859-15', 'iso8859-15',
30
+      'utf-8',
31
+      'cp866', 'ibm866', '866',
32
+      'cp1251', 'windows-1251', 'win-1251', '1251',
33
+      'cp1252', 'windows-1252', '1252',
34
+      'koi8-R', 'koi8-ru', 'koi8r',
35
+      'big5', '950',
36
+      'gb2312', '936',
37
+      'big5-hkscs',
38
+      'shift_jis', 'sjis', 'sjis-win', 'cp932', '932',
39
+      'euc-jp', 'eucjp', 'eucjp-win',
40
+      'macroman',
41
+   );
42
+
43
+
44
+   // if not given, set encoding to the charset being
45
+   // used by the current user interface language
46
+   //
47
    if (!$encoding)
48
    {
49
       global $default_charset;
50
@@ -1508,6 +1539,21 @@ function sm_encode_html_special_chars($s
51
       $encoding = $default_charset;
52
    }
53
 
54
+
55
+   // make sure htmlspecialchars() supports the needed encoding
56
+   //
57
+   if (!in_array(strtolower($encoding), $htmlspecialchars_charsets))
58
+   {
59
+      // use default from configuration if provided or hard-coded fallback
60
+      //
61
+      global $default_htmlspecialchars_encoding;
62
+      if (!empty($default_htmlspecialchars_encoding))
63
+         $encoding = $default_htmlspecialchars_encoding;
64
+      else
65
+         $encoding = 'iso-8859-1';
66
+   }
67
+
68
+
69
    if (check_php_version(5, 2, 3)) {
70
       // Replace invalid characters with a symbol instead of returning
71
       // empty string for the entire to be encoded string.

Return to bug 259405