robin.thoni
/
docker-roundcube-server
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 10 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
14 Commits
2 Branches
Tree: 0d952b0746
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '0d952b0746'
${ noResults }
docker-roundcube-server/roundcube/roundcubemail-1.2.2/plugins/authres_status/authres_status.php

authres_status.php 22KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485 
  1. <?php

  2. 

  3. /**

  4.  * This plugin displays an icon showing the status

  5.  * of an authentication results header of the message

  6.  *

  7.  * @version 0.3.1

  8.  * @author pimlie

  9.  * @mail pimlie@hotmail.com

  10.  *

  11.  * based on dkimstatus plugin by Julien vehent - julien@linuxwall.info

  12.  * original plugin from Vladimir Mach - wladik@gmail.com

  13.  *

  14.  * icons by brankic1970: http://brankic1979.com/icons/

  15.  *

  16.  */

  17. 

  18. class authres_status extends rcube_plugin

  19. {

  20.     public $task = 'mail|settings';

  21. 

  22.     const STATUS_NOSIG = 1;

  23.     const STATUS_NORES = 2;

  24.     const STATUS_PASS  = 4;

  25.     const STATUS_PARS  = 8;

  26.     const STATUS_THIRD = 16;

  27.     const STATUS_WARN  = 32;

  28.     const STATUS_FAIL  = 64;

  29.     const STATUS_ALL   = 127;

  30. 

  31.     private static $RFC5451_authentication_methods = array(

  32.         "auth",

  33.         "dkim",

  34.         "domainkeys",

  35.         "sender-id",

  36.         "spf"

  37.     );

  38. 

  39.     private static $RFC5451_authentication_results = array(

  40.         "none"      => self::STATUS_NOSIG,

  41.         "pass"      => self::STATUS_PASS,

  42.         "fail"      => self::STATUS_FAIL,

  43.         "policy"    => self::STATUS_FAIL,

  44.         "neutral"   => self::STATUS_WARN,

  45.         "temperror" => self::STATUS_WARN,

  46.         "permerror" => self::STATUS_FAIL,

  47.         "hardfail"  => self::STATUS_FAIL,

  48.         "softfail"  => self::STATUS_WARN

  49.     );

  50. 

  51.     private static $RFC5451_ptypes = array("smtp", "header", "body", "policy");

  52.     private static $RFC5451_properties = array("auth", "d", "i", "from", "sender", "iprev", "mailfrom", "helo");

  53. 

  54.     private $override;

  55.     private $img_status;

  56.     private $message_headers_done = false;

  57.     private $trusted_mtas;

  58. 

  59.     public function init()

  60.     {

  61.         $this->add_texts('localization', true);

  62. 

  63.         $rcmail = rcmail::get_instance();

  64.         $this->load_config();

  65.         if ($rcmail->action == 'show' || $rcmail->action == 'preview') {

  66.             $this->add_hook('storage_init', array($this, 'storage_init'));

  67.             $this->add_hook('message_headers_output', array($this, 'message_headers'));

  68.         } elseif ($rcmail->action == 'list' || $rcmail->action == 'refresh' || $rcmail->action == 'check-recent' || $rcmail->action == 'move' || $rcmail->action == 'expunge' || $rcmail->action == 'search') {

  69.             $this->add_hook('storage_init', array($this, 'storage_init'));

  70.             $this->add_hook('messages_list', array($this, 'messages_list'));

  71.         } elseif ($rcmail->action == '') {

  72.             // with enabled_caching we're fetching additional headers before show/preview

  73.             $this->add_hook('storage_init', array($this, 'storage_init'));

  74.         }

  75. 

  76.         $dont_override = $rcmail->config->get('dont_override', array());

  77. 

  78.         $this->override = array(

  79.             'list_cols'     => !in_array('list_cols', $dont_override),

  80.             'column'        => !in_array('enable_authres_status_column', $dont_override),

  81.             'fallback'      => !in_array('use_fallback_verifier', $dont_override),

  82.             'statuses'      => !in_array('show_statuses', $dont_override),

  83.             'trusted_mtas'    => !in_array('trusted_mtas', $dont_override),

  84.         );

  85. 

  86.         if ($this->override['list_cols']) {

  87.             $this->include_stylesheet($this->local_skin_path() . '/authres_status.css');

  88.             if ($rcmail->config->get('enable_authres_status_column')) {

  89.                 $this->include_script('authres_status.js');

  90.             }

  91. 

  92.             if ($this->override['column'] || $this->override['fallback'] || $this->override['statuses']) {

  93.                 $this->add_hook('preferences_list', array($this, 'preferences_list'));

  94.                 $this->add_hook('preferences_sections_list', array($this, 'preferences_section'));

  95.                 $this->add_hook('preferences_save', array($this, 'preferences_save'));

  96.             }

  97.         }

  98. 

  99.         $this->trusted_mtas = $rcmail->config->get('trusted_mtas', array());

  100.     }

  101. 

  102.     public function storage_init($p)

  103.     {

  104.         $p['fetch_headers'] = trim($p['fetch_headers'] . ' ' . strtoupper('Authentication-Results') . ' ' . strtoupper('X-DKIM-Authentication-Results') . ' ' . strtoupper('X-Spam-Status') . ' ' . strtoupper('DKIM-Signature') . ' ' . strtoupper('DomainKey-Signature'));

  105.         return $p;

  106.     }

  107. 

  108.     public function preferences_list($args)

  109.     {

  110.         if ($args['section'] == 'authres_status') {

  111.             $rcmail = rcmail::get_instance();

  112. 

  113.             if ($this->override['column'] || $this->override['fallback']) {

  114.                 $args['blocks']['authrescolumn']['name'] = $this->gettext('title_enable_column');

  115. 

  116.                 if ($this->override['column']) {

  117.                     $args['blocks']['authrescolumn']['options']['enable']['title'] = $this->gettext('label_enable_column');

  118.                     $input = new html_checkbox(array('name' => '_enable_authres_status_column', 'id' => 'enable_authres_status_column', 'value' => 1));

  119.                     $args['blocks']['authrescolumn']['options']['enable']['content'] = $input->show($rcmail->config->get('enable_authres_status_column'));

  120.                 }

  121. 

  122.                 if ($this->override['fallback']) {

  123.                     $args['blocks']['authrescolumn']['options']['fallback']['title'] = $this->gettext('label_fallback_verifier');

  124.                     $input = new html_checkbox(array('name' => '_use_fallback_verifier', 'id' => 'use_fallback_verifier', 'value' => 1));

  125.                     $args['blocks']['authrescolumn']['options']['fallback']['content'] = $input->show($rcmail->config->get('use_fallback_verifier'));

  126.                 }

  127.             }

  128. 

  129.             if ($this->override['trusted_mtas']) {

  130.                 $args['blocks']['authrestrusted']['name'] = $this->gettext('title_trusted_mtas');

  131.                 

  132.                 $args['blocks']['authrestrusted']['options']['trusted_mtas']['title'] = $this->gettext('label_trusted_mtas');

  133.                 $input = new html_inputfield(array('name' => '_trusted_mtas', 'id' => 'trusted_mtas'));

  134.                 $args['blocks']['authrestrusted']['options']['trusted_mtas']['content'] = $input->show(implode(",", $rcmail->config->get('trusted_mtas')));

  135.             }

  136. 

  137.             if ($this->override['statuses']) {

  138.                 $statuses = array(1, 2, 4, 8, 16, 32, 64);

  139.                 $show_statuses = $rcmail->config->get('show_statuses');

  140.                 if ($show_statuses === null) {

  141.                     $show_statuses = array_sum($statuses) - self::STATUS_NOSIG;

  142.                 }

  143. 

  144.                 foreach ($statuses as $status) {

  145.                     $args['blocks']['authresstatus']['name'] = $this->gettext('title_include_status');

  146. 

  147.                     $args['blocks']['authresstatus']['options']['enable' . $status]['title'] = $this->gettext('label_include_status' . $status);

  148.                     $input = new html_checkbox(array('name' => '_show_statuses[]', 'id' => 'enable_authres_status_column', 'value' => $status));

  149.                     $args['blocks']['authresstatus']['options']['enable' . $status]['content'] = $input->show(($show_statuses & $status));

  150.                 }

  151.             }

  152.         }

  153. 

  154.         return $args;

  155.     }

  156. 

  157.     public function preferences_section($args)

  158.     {

  159.         $args['list']['authres_status'] = array(

  160.             'id' => 'authres_status',

  161.             'section' => rcube::Q($this->gettext('section_title'))

  162.         );

  163. 

  164.         return $args;

  165.     }

  166. 

  167.     public function preferences_save($args)

  168.     {

  169.         if ($args['section'] == 'authres_status') {

  170.             $args['prefs']['enable_authres_status_column'] = isset($_POST["_enable_authres_status_column"]) && $_POST["_enable_authres_status_column"] == 1;

  171.             $list_cols = rcmail::get_instance()->config->get('list_cols');

  172. 

  173.             $args['prefs']['use_fallback_verifier'] = isset($_POST["_use_fallback_verifier"]) && $_POST["_use_fallback_verifier"] == 1;

  174. 

  175.             if (isset($_POST['_trusted_mtas'])) {

  176.                 $trusted_mtas = array_map(function($value) {

  177.                     return trim($value);

  178.                 }, explode(",", $_POST["_trusted_mtas"]));

  179. 

  180.                 $args['prefs']['trusted_mtas'] = array_diff($trusted_mtas, array(""));

  181.             } else {

  182.                 $args['prefs']['trusted_mtas'] = array();

  183.             }

  184. 

  185.             if (!is_array($list_cols)) {

  186.                 $list_cols = array();

  187.             }

  188. 

  189.             if ($args['prefs']['enable_authres_status_column']) {

  190.                 if (!in_array('authres_status', $list_cols)) {

  191.                     $list_cols[] = 'authres_status';

  192.                 }

  193.             } else {

  194.                 $list_cols = array_diff($list_cols, array('authres_status'));

  195.             }

  196. 

  197.             $args['prefs']['list_cols'] = $list_cols;

  198. 

  199.             if (is_array($_POST["_show_statuses"])) {

  200.                 $args['prefs']['show_statuses'] = (int)array_sum($_POST["_show_statuses"]);

  201.             }

  202.         }

  203. 

  204.         return $args;

  205.     }

  206. 

  207.     public function messages_list($p)

  208.     {

  209.         if (!empty($p['messages'])) {

  210.             $rcmail = rcmail::get_instance();

  211.             if ($rcmail->config->get('enable_authres_status_column')) {

  212.                 $show_statuses = (int)$rcmail->config->get('show_statuses');

  213.                 foreach ($p['messages'] as $index => $message) {

  214.                     $img_status = $this->get_authentication_status($message, $show_statuses, $message->uid);

  215.                     $p['messages'][$index]->list_cols['authres_status'] = $img_status;

  216.                 }

  217.             }

  218.         }

  219. 

  220.         return $p;

  221.     }

  222. 

  223.     public function message_headers($p)

  224.     {

  225.         /* We only have to check the headers once and this method is executed more than once,

  226.         /* so let's cache the result

  227.         */

  228.         if (!$this->message_headers_done) {

  229.             $this->message_headers_done = true;

  230. 

  231.             $show_statuses = (int)rcmail::get_instance()->config->get('show_statuses');

  232.             $this->img_status = $this->get_authentication_status($p['headers'], $show_statuses, (int)$_GET["_uid"]);

  233.         }

  234. 

  235.         $p['output']['from']['value'] = $this->img_status . $p['output']['from']['value'];

  236.         $p['output']['from']['html'] = true;

  237. 

  238.         return $p;

  239.     }

  240. 

  241.     /* See https://tools.ietf.org/html/rfc5451

  242.     */

  243.     public function rfc5451_extract_authresheader($headers)

  244.     {

  245.         if (!is_array($headers)) {

  246.             $headers = array($headers);

  247.         }

  248. 

  249.         //rfc2822 token setup

  250.         $crlf        = "(?:\r\n)";

  251.         $wsp         = "[\t ]";

  252.         $text        = "[\\x01-\\x09\\x0B\\x0C\\x0E-\\x7F]";

  253.         $quoted_pair = "(?:\\\\$text)";

  254.         $fws         = "(?:(?:$wsp*$crlf)?$wsp+)";

  255.         $ctext       = "[\\x01-\\x08\\x0B\\x0C\\x0E-\\x1F" . "!-'*-[\\]-\\x7F]";

  256.         $comment     = "(\\((?:$fws?(?:$ctext|$quoted_pair|(?1)))*" . "$fws?\\))";

  257.         $cfws        = "(?:(?:$fws?$comment)*(?:(?:$fws?$comment)|$fws))" . "?";

  258.         $atom        = "[a-z0-9!#$%&\'*+-\/=?^_`{|}~]+";

  259. 

  260.         $results = array();

  261.         foreach ($headers as $header) {

  262.             if (preg_match('/^' . $cfws . '((?=.{1,254}$)((?=[a-z0-9-]{1,63}\.)(xn--)?[a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,63}(\/[^\s]*)?)' . $cfws . '(\(.*?\))?' . $cfws . ';/i', trim($header), $m)) {

  263.                 $authservid = $m[3];

  264. 

  265.                 if (!count($this->trusted_mtas) || in_array($authservid, $this->trusted_mtas)) {

  266.                     $header = substr($header, strlen($m[0]));

  267. 

  268.                     $resinfos = array();

  269.                     $header_parts = explode(";", $header);

  270.                     while (count($header_parts)) {

  271.                         $header_part = array_shift($header_parts);

  272. 

  273.                         // check whether part is not from within comment, eg 'dkim=pass    (1024-bit key; insecure key)' should be matched as one

  274.                         if (preg_match('/\([^)]*$/', $header_part)) {

  275.                             $resinfos[] = trim($header_part . ';' . array_shift($header_parts));

  276.                         } else {

  277.                             $resinfos[] = trim($header_part);

  278.                         }

  279.                     }

  280. 

  281.                     foreach ($resinfos as $resinfo) {

  282.                         if (preg_match('/(' . implode("|", self::$RFC5451_authentication_methods) . ')' . $cfws . '=' . $cfws . '(' . implode("|", array_keys(self::$RFC5451_authentication_results)) . ')' . $cfws . '(\(.*?\))?/i', $resinfo, $m, PREG_OFFSET_CAPTURE)) {

  283.                             $parsed_resinfo = array(

  284.                                 'title'  => trim($m[0][0]),

  285.                                 'method' => $m[1][0],

  286.                                 'result' => $m[6][0],

  287.                                 'reason' => isset($m[7]) ? $m[7][0] : '',

  288.                                 'props'  => array()

  289.                             );

  290. 

  291.                             $propspec = trim(($m[0][1] > 0 ? substr($resinfo, 0, $m[0][1]) : '') . substr($resinfo, strlen($m[0][0])));

  292.                             if ($propspec) {

  293.                                 if (preg_match_all('/(' . implode("|", self::$RFC5451_ptypes) . ')' . $cfws . '\.' . $cfws . '(' . implode("|", self::$RFC5451_properties) . ')' . $cfws . '=' . $cfws . '([^\s]*)/i', $propspec, $m)) {

  294.                                     foreach ($m[0] as $k => $v) {

  295.                                         if (!isset($parsed_resinfo['props'][$m[1][$k]])) {

  296.                                             $parsed_resinfo['props'][$m[1][$k]] = array();

  297.                                         }

  298. 

  299.                                         $parsed_resinfo['props'][$m[1][$k]] [$m[6][$k]] = $m[11][$k];

  300.                                     }

  301.                                 }

  302.                             }

  303. 

  304.                             $results[] = $parsed_resinfo;

  305.                         }

  306.                     }

  307.                 }

  308.             }

  309.         }

  310. 

  311.         return $results;

  312.     }

  313. 

  314.     public function get_authentication_status($headers, $show_statuses = 0, $uid = 0)

  315.     {

  316.         /* If dkimproxy did not find a signature, stop here

  317.         */

  318.         if (($results = $headers->others['x-dkim-authentication-results']) && strpos($results, 'none') !== false) {

  319.             $status = self::STATUS_NOSIG;

  320.         } else {

  321.             if ($headers->others['authentication-results']) {

  322.                 $results = $this->rfc5451_extract_authresheader($headers->others['authentication-results']);

  323.                 $status = 0;

  324.                 $title = '';

  325. 

  326.                 foreach ($results as $result) {

  327.                     $status = $status | (isset(self::$RFC5451_authentication_results[$result['result']]) ? self::$RFC5451_authentication_results[$result['result']] : self::STATUS_FAIL);

  328. 

  329.                     $title .= ($title ? '; ' : '') . $result['title'];

  330.                 }

  331. 

  332.                 if ($status == self::STATUS_PASS) {

  333.                     /* Verify if its an author's domain signature or a third party

  334.                     */

  335.                     if (preg_match("/[@]([a-zA-Z0-9]+([.][a-zA-Z0-9]+)?\.[a-zA-Z]{2,4})/", $headers->from, $m)) {

  336.                         $title = '';

  337.                         $authorDomain = $m[1];

  338.                         $authorDomainFound = false;

  339. 

  340.                         foreach ($results as $result) {

  341.                             if ($result['method'] == 'dkim' || $result['method'] == 'domainkeys') {

  342.                                 if (is_array($result['props']) && isset($result['props']['header'])) {

  343.                                     $pvalue = '';

  344. 

  345.                                     // d is required, but still not always present

  346.                                     if (isset($result['props']['header']['d'])) {

  347.                                         $pvalue = $result['props']['header']['d'];

  348.                                     } elseif (isset($result['props']['header']['i'])) {

  349.                                         $pvalue = substr($result['props']['header']['i'], strpos($result['props']['header']['i'], '@') + 1);

  350.                                     }

  351. 

  352.                                     if ($pvalue == $authorDomain || substr($authorDomain, -1 * strlen($pvalue)) == $pvalue) {

  353.                                         $authorDomainFound = true;

  354. 

  355.                                         if ($status != self::STATUS_PASS) {

  356.                                             $status = self::STATUS_PASS;

  357.                                             $title = $result['title'];

  358.                                         } else {

  359.                                             $title.= ($title ? '; ' : '') . $result['title'];

  360.                                         }

  361.                                     } else {

  362.                                         if ($status == self::STATUS_THIRD) {

  363.                                             $title .= '; ' . $this->gettext('for') . ' ' . $pvalue . ' ' . $this->gettext('by') . ' ' . $result['title'];

  364.                                         } elseif (!$authorDomainFound) {

  365.                                             $status = self::STATUS_THIRD;

  366.                                             $title = $pvalue . ' ' . $this->gettext('by') . ' ' . $result['title'];

  367.                                         }

  368.                                     }

  369.                                 }

  370.                             }

  371.                         }

  372.                     }

  373.                 }

  374. 

  375.                 if (!$status) {

  376.                     $status = self::STATUS_NOSIG;

  377.                 }

  378. 

  379.                 /* Check for spamassassin's X-Spam-Status

  380.                 */

  381.             } elseif ($headers->others['x-spam-status']) {

  382.                 $status = self::STATUS_NOSIG;

  383. 

  384.                 /* DKIM_* are defined at: http://search.cpan.org/~kmcgrail/Mail-SpamAssassin-3.3.2/lib/Mail/SpamAssassin/Plugin/DKIM.pm */

  385.                 $results = $headers->others['x-spam-status'];

  386.                 if (is_array($results)) {

  387.                     $results = end($results); // Should we take first or last header found? Last has probably been added by our own MTA

  388.                 }

  389. 

  390.                 if (preg_match_all('/DKIM_[^,=]+/', $results, $m)) {

  391.                     if (array_search('DKIM_SIGNED', $m[0]) !== false) {

  392.                         if (array_search('DKIM_VALID', $m[0]) !== false) {

  393.                             if (array_search('DKIM_VALID_AU', $m[0])) {

  394.                                 $status = self::STATUS_PASS;

  395.                                 $title = 'DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU';

  396.                             } else {

  397.                                 $status = self::STATUS_THIRD;

  398.                                 $title = 'DKIM_SIGNED, DKIM_VALID';

  399.                             }

  400.                         } else {

  401.                             $status = self::STATUS_FAIL;

  402.                             $title = 'DKIM_SIGNED';

  403.                         }

  404.                     }

  405.                 }

  406.             } elseif ($headers->others['dkim-signature'] || $headers->others['domainkey-signature']) {

  407.                 $status = 0;

  408. 

  409.                 if ($uid) {

  410.                     $rcmail = rcmail::get_instance();

  411.                     if ($headers->others['dkim-signature'] && $rcmail->config->get('use_fallback_verifier')) {

  412.                         if (!class_exists('Crypt_RSA')) {

  413.                             $autoload = require __DIR__ . "/../../vendor/autoload.php";

  414.                             $autoload->loadClass('Crypt_RSA'); // Preload for use in DKIM_Verify

  415.                         }

  416. 

  417.                         $dkimVerify = new DKIM_Verify($rcmail->imap->get_raw_body($uid));

  418.                         $results = $dkimVerify->validate();

  419. 

  420.                         if (count($results)) {

  421.                             $status = 0;

  422.                             $title = '';

  423.                             foreach ($results as $result) {

  424.                                 foreach ($result as $res) {

  425.                                     if (count($res)) {

  426.                                         $status = $status | (isset(self::$RFC5451_authentication_results[$res['status']]) ? self::$RFC5451_authentication_results[$res['status']] : self::STATUS_FAIL);

  427. 

  428.                                         if ($res['status'] == 'pass') {

  429.                                             $title .= ($title ? '; ' : '') . "dkim=pass (internal verifier)";

  430.                                         }

  431.                                     }

  432.                                 }

  433.                             }

  434. 

  435.                             if (!$title) {

  436.                                 $title = $res['reason'];

  437.                             }

  438.                         }

  439.                     }

  440.                 }

  441. 

  442.                 if (!$status) {

  443.                     $status = self::STATUS_NORES;

  444.                 }

  445.             } else {

  446.                 $status = self::STATUS_NOSIG;

  447.             }

  448.         }

  449. 

  450.         if ($status == self::STATUS_NOSIG) {

  451.             $image = 'status_nosig.png';

  452.             $alt = 'nosignature';

  453.         } elseif ($status == self::STATUS_NORES) {

  454.             $image = 'status_nores.png';

  455.             $alt = 'noauthresults';

  456.         } elseif ($status == self::STATUS_PASS) {

  457.             $image = 'status_pass.png';

  458.             $alt = 'signaturepass';

  459.         } else {

  460.             // at least one auth method was passed, show partial pass

  461.             if (($status & self::STATUS_PASS)) {

  462.                 $status = self::STATUS_PARS;

  463.                 $image = 'status_partial_pass.png';

  464.                 $alt = 'partialpass';

  465.             } elseif ($status >= self::STATUS_FAIL) {

  466.                 $image = 'status_fail.png';

  467.                 $alt = 'invalidsignature';

  468.             } elseif ($status >= self::STATUS_WARN) {

  469.                 $image = 'status_warn.png';

  470.                 $alt = 'temporaryinvalid';

  471.             } elseif ($status >= self::STATUS_THIRD) {

  472.                 $image = 'status_third.png';

  473.                 $alt = 'thirdparty';

  474.             }

  475.         }

  476. 

  477.         if (!$show_statuses || ($show_statuses & $status)) {

  478.             $alt = $this->gettext($alt);

  479. 

  480.             return '<img src="plugins/authres_status/images/' . $image . '" alt="' . $alt . '" title="' . $alt . htmlentities($title) . '" width="14" height="14" class="authres-status-img" /> ';

  481.         }

  482. 

  483.         return '';

  484.     }

  485. }