+ if (BodyArea != NULL) {
+ StrBufAppendBufPlain(converted_msg, HKEY("<table "), 0);
+ StrBufAppendBuf(converted_msg, BodyArea, 0);
+ StrBufAppendBufPlain(converted_msg, HKEY(" width=\"100%\"><tr><td>"), 0);
+ }
+ ptr = msg;
+ msgend = strchr(msg, 0);
+ while (ptr < msgend) {
+
+ /** Try to sanitize the html of any rogue scripts */
+ if (!strncasecmp(ptr, "<script", 7)) {
+ if (scriptlevel == 0) {
+ script_start_pos = StrLength(converted_msg);
+ }
+ ++scriptlevel;
+ }
+ if (!strncasecmp(ptr, "</script", 8)) {
+ --scriptlevel;
+ }
+
+ /**
+ * Change mailto: links to WebCit mail, by replacing the
+ * link with one that points back to our mail room. Due to
+ * the way we parse URL's, it'll even handle mailto: links
+ * that have "?subject=" in them.
+ */
+ if (!strncasecmp(ptr, "<a href=\"mailto:", 16)) {
+ content_length += 64;
+ StrBufAppendPrintf(converted_msg,
+ "<a href=\"display_enter?force_room=_MAIL_?recp=");
+ ptr = &ptr[16];
+ ++alevel;
+ ++brak;
+ }
+ /** Make external links open in a separate window */
+ else if (!strncasecmp(ptr, "<a href=\"", 9)) {
+ ++alevel;
+ ++brak;
+ if ( ((strchr(ptr, ':') < strchr(ptr, '/')))
+ && ((strchr(ptr, '/') < strchr(ptr, '>')))
+ ) {
+ /* open external links to new window */
+ StrBufAppendPrintf(converted_msg, new_window);
+ ptr = &ptr[8];
+ }
+ else if (
+ (treat_as_wiki)
+ && (strncasecmp(ptr, "<a href=\"wiki?", 14))
+ && (strncasecmp(ptr, "<a href=\"dotgoto?", 17))
+ && (strncasecmp(ptr, "<a href=\"knrooms?", 17))
+ ) {
+ content_length += 64;
+ StrBufAppendPrintf(converted_msg, "<a href=\"wiki?go=");
+ StrBufUrlescAppend(converted_msg, WC->CurRoom.name, NULL);
+ StrBufAppendPrintf(converted_msg, "?page=");
+ ptr = &ptr[9];
+ }
+ else {
+ StrBufAppendPrintf(converted_msg, "<a href=\"");
+ ptr = &ptr[9];
+ }
+ }
+ /** Fixup <img src="cid:... ...> to fetch the mime part */
+ else if (!strncasecmp(ptr, "<img ", 5)) {
+ char *cid_start, *cid_end;
+ char* tag_end=strchr(ptr,'>');
+ char* src;
+ /* FIXME - handle this situation (maybe someone opened an <img cid...
+ * and then ended the message)
+ */
+ if (!tag_end) {
+ syslog(LOG_DEBUG, "tag_end is null and ptr is:\n");
+ syslog(LOG_DEBUG, "%s\n", ptr);
+ syslog(LOG_DEBUG, "Theoretical bytes remaining: %d\n", (int)(msgend - ptr));
+ }
+
+ src=strstr(ptr, "src=\"cid:");
+ ++brak;
+
+ if (src
+ && isspace(*(src-1))
+ && tag_end
+ && (cid_start=strchr(src,':'))
+ && (cid_end=strchr(cid_start,'"'))
+ && (cid_end < tag_end)
+ ) {
+ /* copy tag and attributes up to src="cid: */
+ StrBufAppendBufPlain(converted_msg, ptr, src - ptr, 0);
+ cid_start++;
+
+ /* add in /webcit/mimepart/<msgno>/CID/
+ trailing / stops dumb URL filters getting excited */
+ StrBufAppendPrintf(converted_msg,
+ " src=\"/webcit/mimepart/%d/",msgnum);
+ StrBufAppendBufPlain(converted_msg, cid_start, cid_end - cid_start, 0);
+ StrBufAppendBufPlain(converted_msg, "/\"", -1, 0);
+
+ ptr = cid_end+1;
+ }
+ StrBufAppendBufPlain(converted_msg, ptr, tag_end - ptr, 0);
+ ptr = tag_end;
+ }
+
+ /**
+ * Turn anything that looks like a URL into a real link, as long
+ * as it's not inside a tag already
+ */
+ else if ( (brak == 0) && (alevel == 0) &&
+ ( (!strncasecmp(ptr, "http://", 7)) ||
+ (!strncasecmp(ptr, "https://", 8)))) {
+ /** Find the end of the link */
+ int strlenptr;
+ linklen = 0;
+
+ strlenptr = strlen(ptr);
+ for (i=0; i<=strlenptr; ++i) {
+ if ((ptr[i]==0)
+ ||(isspace(ptr[i]))
+ ||(ptr[i]==10)
+ ||(ptr[i]==13)
+ ||(ptr[i]=='(')
+ ||(ptr[i]==')')
+ ||(ptr[i]=='<')
+ ||(ptr[i]=='>')
+ ||(ptr[i]=='[')
+ ||(ptr[i]==']')
+ ||(ptr[i]=='"')
+ ||(ptr[i]=='\'')
+ ) linklen = i;
+ /* did s.b. send us an entity? */
+ if (ptr[i] == '&') {
+ if ((ptr[i+2] ==';') ||
+ (ptr[i+3] ==';') ||
+ (ptr[i+5] ==';') ||
+ (ptr[i+6] ==';') ||
+ (ptr[i+7] ==';'))
+ linklen = i;
+ }
+ if (linklen > 0) break;
+ }
+ if (linklen > 0) {
+ char *ltreviewptr;
+ char *nbspreviewptr;
+ char linkedchar;
+ int len;
+
+ len = linklen;
+ linkedchar = ptr[len];
+ ptr[len] = '\0';
+ /* spot for some subject strings tinymce tends to give us. */
+ ltreviewptr = strchr(ptr, '<');
+ if (ltreviewptr != NULL) {
+ *ltreviewptr = '\0';
+ linklen = ltreviewptr - ptr;
+ }
+
+ nbspreviewptr = strstr(ptr, " ");
+ if (nbspreviewptr != NULL) {
+ /* nbspreviewptr = '\0'; */
+ linklen = nbspreviewptr - ptr;
+ }
+ if (ltreviewptr != 0)
+ *ltreviewptr = '<';
+
+ ptr[len] = linkedchar;
+
+ content_length += (32 + linklen);
+ StrBufAppendPrintf(converted_msg, "%s\"", new_window);
+ StrBufAppendBufPlain(converted_msg, ptr, linklen, 0);
+ StrBufAppendPrintf(converted_msg, "\">");
+ StrBufAppendBufPlain(converted_msg, ptr, linklen, 0);
+ ptr += linklen;
+ StrBufAppendPrintf(converted_msg, "</A>");
+ }
+ }
+ else {
+ StrBufAppendBufPlain(converted_msg, ptr, 1, 0);
+ ptr++;
+ }
+
+
+ if ((ptr >= msg) && (ptr <= msgend)) {
+ /*
+ * We need to know when we're inside a tag,
+ * so we don't turn things that look like URL's into
+ * links, when they're already links - or image sources.
+ */
+ if ((ptr > msg) && (*(ptr-1) == '<')) {
+ ++brak;
+ }
+ if ((ptr > msg) && (*(ptr-1) == '>')) {
+ --brak;
+ if ((scriptlevel == 0) && (script_start_pos >= 0)) {
+ StrBufCutRight(converted_msg, StrLength(converted_msg) - script_start_pos);
+ script_start_pos = (-1);
+ }
+ }
+ if (!strncasecmp(ptr, "</A>", 3)) --alevel;
+ }
+ }
+
+ if (BodyArea != NULL) {
+ StrBufAppendBufPlain(converted_msg, HKEY("</td></tr></table>"), 0);
+ FreeStrBuf(&BodyArea);
+ }