| public getMessageBody ( string $type = 'text' ) : false | string | ||
| $type | string | text, html or htmlEmbedded |
| return | false | string | Body or False if not found |
public function getMessageBody($type = 'text')
{
$body = false;
$mime_types = ['text' => 'text/plain', 'html' => 'text/html', 'htmlEmbedded' => 'text/html'];
if (in_array($type, array_keys($mime_types))) {
foreach ($this->parts as $part) {
if ($this->getPart('content-type', $part) == $mime_types[$type] && $this->getPart('content-disposition', $part) != 'attachment') {
$headers = $this->getPart('headers', $part);
$encodingType = array_key_exists('content-transfer-encoding', $headers) ? $headers['content-transfer-encoding'] : '';
if (is_array($encodingType)) {
$encodingType = $encodingType[0];
}
$body = $this->decodeContentTransfer($this->getPartBody($part), $encodingType);
$body = $this->charset->decodeCharset($body, $this->getPartCharset($part));
break;
}
}
} else {
throw new Exception('Invalid type specified for getMessageBody(). "type" can either be text or html.');
}
if ($type == 'htmlEmbedded') {
$attachments = $this->getAttachments();
foreach ($attachments as $attachment) {
if ($attachment->getContentID() != '') {
$body = str_replace('"cid:' . $attachment->getContentID() . '"', '"' . $this->getEmbeddedData($attachment->getContentID()) . '"', $body);
}
}
}
return $body;
} /**
* Parse attachments
* @return array Returns array with failed or success data
* (See parser-common/src/Parser.php) for more info.
*/
public function parse()
{
if ($this->arfMail !== true) {
$this->feedName = 'default';
// As this is a generic FBL parser we need to see which was the source and add the name
// to the report, so its origin is clearly shown.
$source = $this->parsedMail->getHeader('from');
foreach (config("{$this->configBase}.parser.aliases") as $from => $alias) {
if (preg_match($from, $source)) {
// If there is an alias, prefer that name instead of the from address
$source = $alias;
// If there is an more specific feed configuration prefer that config over the default
if (!empty(config("{$this->configBase}.feeds.{$source}"))) {
$this->feedName = $source;
}
}
}
// If feed is known and enabled, validate data and save report
if ($this->isKnownFeed() && $this->isEnabledFeed()) {
// To get some more consitency, remove "\r" from the report.
$this->arfMail['report'] = str_replace("\r", "", $this->arfMail['report']);
// Build up the report
preg_match_all("/([\\w\\-]+): (.*)[ ]*\n/m", $this->arfMail['report'], $matches);
$report = array_combine($matches[1], $matches[2]);
if (empty($report['Received-Date'])) {
if (!empty($report['Arrival-Date'])) {
$report['Received-Date'] = $report['Arrival-Date'];
unset($report['Arrival-Date']);
}
}
// Now parse the headers from the spam messages and add it to the report
if (!empty($this->arfMail['evidence'])) {
$spamMessage = new MimeParser();
$spamMessage->setText($this->arfMail['evidence']);
$report['headers'] = $spamMessage->getHeaders();
} else {
$this->failed('The e-mail received at the parser is not RFC822 compliant, and therefor not a FBL message');
}
// Also add the spam message body to the report
$report['body'] = $spamMessage->getMessageBody();
// Sanity check
if ($this->hasRequiredFields($report) === true) {
// incident has all requirements met, filter and add!
$report = $this->applyFilters($report);
$incident = new Incident();
$incident->source = $source;
// FeedName
$incident->source_id = false;
$incident->ip = $report['Source-IP'];
$incident->domain = false;
$incident->class = config("{$this->configBase}.feeds.{$this->feedName}.class");
$incident->type = config("{$this->configBase}.feeds.{$this->feedName}.type");
$incident->timestamp = strtotime($report['Received-Date']);
$incident->information = json_encode($report);
$this->incidents[] = $incident;
}
}
}
return $this->success();
}
