email.php
3.66 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
<?php
/**
* @package Joomla.Libraries
* @subpackage HTML
*
* @copyright Copyright (C) 2005 - 2019 Open Source Matters, Inc. All rights reserved.
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
defined('JPATH_PLATFORM') or die;
/**
* Utility class for cloaking email addresses
*
* @since 1.5
*/
abstract class JHtmlEmail
{
/**
* Simple JavaScript email cloaker
*
* By default replaces an email with a mailto link with email cloaked
*
* @param string $mail The -mail address to cloak.
* @param boolean $mailto True if text and mailing address differ
* @param string $text Text for the link
* @param boolean $email True if text is an email address
*
* @return string The cloaked email.
*
* @since 1.5
*/
public static function cloak($mail, $mailto = true, $text = '', $email = true)
{
// Handle IDN addresses: punycode for href but utf-8 for text displayed.
if ($mailto && (empty($text) || $email))
{
// Use dedicated $text whereas $mail is used as href and must be punycoded.
$text = JStringPunycode::emailToUTF8($text ?: $mail);
}
elseif (!$mailto)
{
// In that case we don't use link - so convert $mail back to utf-8.
$mail = JStringPunycode::emailToUTF8($mail);
}
// Convert mail
$mail = static::convertEncoding($mail);
// Random hash
$rand = md5($mail . mt_rand(1, 100000));
// Split email by @ symbol
$mail = explode('@', $mail);
$mail_parts = explode('.', $mail[1]);
if ($mailto)
{
// Special handling when mail text is different from mail address
if ($text)
{
// Convert text - here is the right place
$text = static::convertEncoding($text);
if ($email)
{
// Split email by @ symbol
$text = explode('@', $text);
$text_parts = explode('.', $text[1]);
$tmpScript = "var addy_text" . $rand . " = '" . @$text[0] . "' + '@' + '" . implode("' + '.' + '", @$text_parts)
. "';";
}
else
{
$tmpScript = "var addy_text" . $rand . " = '" . $text . "';";
}
$tmpScript .= "document.getElementById('cloak" . $rand . "').innerHTML += '<a ' + path + '\'' + prefix + ':' + addy"
. $rand . " + '\'>'+addy_text" . $rand . "+'<\/a>';";
}
else
{
$tmpScript = "document.getElementById('cloak" . $rand . "').innerHTML += '<a ' + path + '\'' + prefix + ':' + addy"
. $rand . " + '\'>' +addy" . $rand . "+'<\/a>';";
}
}
else
{
$tmpScript = "document.getElementById('cloak" . $rand . "').innerHTML += addy" . $rand . ";";
}
$script = "
document.getElementById('cloak" . $rand . "').innerHTML = '';
var prefix = 'ma' + 'il' + 'to';
var path = 'hr' + 'ef' + '=';
var addy" . $rand . " = '" . @$mail[0] . "' + '@';
addy" . $rand . " = addy" . $rand . " + '" . implode("' + '.' + '", $mail_parts) . "';
$tmpScript
";
// TODO: Use inline script for now
$inlineScript = "<script type='text/javascript'>" . $script . "</script>";
return '<span id="cloak' . $rand . '">' . JText::_('JLIB_HTML_CLOAKING') . '</span>' . $inlineScript;
}
/**
* Convert encoded text
*
* @param string $text Text to convert
*
* @return string The converted text.
*
* @since 1.5
*/
protected static function convertEncoding($text)
{
$text = html_entity_decode($text);
// Replace vowels with character encoding
$text = str_replace('a', 'a', $text);
$text = str_replace('e', 'e', $text);
$text = str_replace('i', 'i', $text);
$text = str_replace('o', 'o', $text);
$text = str_replace('u', 'u', $text);
$text = htmlentities($text, ENT_QUOTES, 'UTF-8', false);
return $text;
}
}