Replaces Mailfetch::getBody

1.  
2.     /**
3.      * Rewritten by Grizly to support named HTML users.
4.      * @param unknown $mid
5.      * @return Ambigous <string, unknown>
6.      */
7.     function getBody ($mid)
8.     {
9.         global $cfg;
10.    
11.     //If you don't go the full "create admin setting" route, you will need to edit
12.     //this array for each new sender.. or simply allow HTML by default and risk it..
13.     // HIGHLY NOT RECOMMENDED.. only allow TRUSTED people to send you html.. its bad for you!
14.     $allowed_html_senders = array('sender1@domain.com','sender2@domain.com');
15.  
16.         $body = trim($this->getPart($mid, 'TEXT/PLAIN', $this->charset));
17.         $html_body = $this->getPart($mid, 'TEXT/HTML', $this->charset);
18.         $mailinfo = $this->getHeaderInfo($mid);
19.  
20.         //Just because someone is able to send an HTML message, doesn't mean they DID.. so check it!
21.         if (in_array($mailinfo['email'],$allowed_html_senders) && ! empty($html_body)) {
22.             error_log('class.mailfetch.php: Bypassed filter for ' . $mailinfo['email']);
23.             //Remove some of the cruft and pretend its ok.. we honestly do not want this for everyone though. Bad dev, no donut.
24.             return Format::stripBadHTML($html_body);
25.         }
26.  
27.         //If there was simply no plain-text message, attempt to filter the HTML message and use that instead.
28.         // some mail-clients are only sending html messages nowadays.
29.         // Some of them, frankly shouldn't be sending email at all.. freaks. We have a list up above that simply shouldn't be sending text as it breaks things.
30.         if (empty($body)) {
31.             error_log("Attempting HTML for " . $mailinfo['email']);
32.             //Frankly, the page gets long enough without all these linebreaks and divs.. and we have to strip everything but the OK stuff.
33.             return Format::safe_html(
34.                     str_ireplace(array('<br>','<br />','<p>','</p>','<div>','</div>'), '', $html_body)); //Balance html tags & neutralize unsafe tags.
35.         }
36.         // The Content-Type was text/plain, so escape anything that
37.         // looks like HTML
38.         return Format::htmlchars($body);
39.  
40.     /** Original implementation
41.         $body ='';
42.         if ($body = $this->getPart($mid,'TEXT/PLAIN', $this->charset))
43.             // The Content-Type was text/plain, so escape anything that
44.             // looks like HTML
45.             $body=Format::htmlchars($body);
46.         elseif ($body = $this->getPart($mid,'TEXT/HTML', $this->charset)) {
47.             //Convert tags of interest before we striptags
48.             $body=str_replace("</DIV><DIV>", "\n", $body);
49.             $body=str_replace(array("<br>", "<br />", "<BR>", "<BR />"), "\n", $body);
50.             $body=Format::safe_html($body); //Balance html tags & neutralize unsafe tags.
51.         }
52.  
53.         return $body;
54. */
55.     }