cyben76 Posted December 11, 2021 Share Posted December 11, 2021 (edited) Hi, From https://help.whmcs.com/m/support_tools/l/1265973-stripping-quoted-emails-from-tickets we could remove quoted text below the break line. The issue I'm having is that the text below is also include in the ticket, which sometimes causes confusion: On Tue, Jun 9, 2015 at 5:33 PM, Admin <test@gmail.com> wrote: How do I remove that line using regex ? Example: /On.*?wrote:/ Edited December 11, 2021 by cyben76 0 Quote Link to comment Share on other sites More sharing options...
cyben76 Posted December 11, 2021 Author Share Posted December 11, 2021 Ok, managed to find a solution using a hook: <?php use Illuminate\Database\Capsule\Manager as Capsule; if (!defined("WHMCS")) die("This file cannot be accessed directly"); function StripEmailTicket($vars) { $str = $vars['message']; $pattern = "/On.*(\t|\n|\r|\b).*wrote:/"; $message = preg_replace($pattern, "", $str); Capsule::connection()->statement("UPDATE tblticketreplies SET message = '" . mysql_real_escape_string($message) . "' WHERE id = '" . intval($vars['replyid']) . "'"); } add_hook('TicketUserReply', 0, 'StripEmailTicket'); ?> 0 Quote Link to comment Share on other sites More sharing options...
string Posted December 11, 2021 Share Posted December 11, 2021 It's nice that you share a solution to your own question 🙂 I want to note: This update query is insecure and makes you vulnerable to SQL injections. I cannot say to which extent this can actually be exploited (because "On ... wrote:" must be at the end), but it is an avoidable security risk as mysql_real_escape_string does not protect against all kinds of SQL injections. And mysql_real_escape_string has been removed from recent PHP versions. As far i know, WHMCS has rebuilt this function so it still works, but they may remove it in a later version. Instead i suggest to update the row as follow: Capsule::table('tblticketreplies')->where('id', $vars['replyid'])->update([ 'message' => $message ]); No escaping is required, from the docs: Quote Capsule escapes all input, so it is not necessary to add escaping slashes to variables passed to these methods. About the regex: I would have concerns about false positives. It might be a good idea to require that the next line must contain the character ">" and that the number of characters between "On" and "wrote:" must not exceed XX chars. 1 Quote Link to comment Share on other sites More sharing options...
cyben76 Posted December 11, 2021 Author Share Posted December 11, 2021 3 minutes ago, string said: It's nice that you share a solution to your own question 🙂 I want to note: This update query is insecure and makes you vulnerable to SQL injections. I cannot say to which extent this can actually be exploited (because "On ... wrote:" must be at the end), but it is an avoidable security risk as mysql_real_escape_string does not protect against all kinds of SQL injections. And mysql_real_escape_string has been removed from recent PHP versions. As far i know, WHMCS has rebuilt this function so it still works, but they may remove it in a later version. Instead i suggest to update the row as follow: Capsule::table('tblticketreplies')->where('id', $vars['replyid'])->update([ 'message' => $message ]); No escaping is required, from the docs: About the regex: I would have concerns about false positives. It might be a good idea to require that the next line must contain the character ">" and that the number of characters between "On" and "wrote:" must not exceed XX chars. Thank you for the suggestion. Working on it now. 0 Quote Link to comment Share on other sites More sharing options...
Ramouz Posted January 31, 2023 Share Posted January 31, 2023 On 12/11/2021 at 12:01 PM, cyben76 said: Thank you for the suggestion. Working on it now. Hi @cyben76, Do you happen to have a working hook for this? I'd love to have it as well. 0 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.