From acff900c5a3a7c89faaf1141eff706ec221a4dd3 Mon Sep 17 00:00:00 2001
From: alecpl <alec@alec.pl>
Date: Wed, 08 Oct 2008 04:42:59 -0400
Subject: [PATCH] #1485294: Add recipients address small validation

---
 program/steps/mail/sendmail.inc |    6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/program/steps/mail/sendmail.inc b/program/steps/mail/sendmail.inc
index 4706af2..784d46a 100644
--- a/program/steps/mail/sendmail.inc
+++ b/program/steps/mail/sendmail.inc
@@ -145,10 +145,10 @@
 $input_charset = $OUTPUT->get_charset();
 $message_charset = isset($_POST['_charset']) ? $_POST['_charset'] : $input_charset;
 
-$mailto_regexp = array('/[,;]\s*[\r\n]+/', '/[\r\n]+/', '/[,;]\s*$/m', '/;/');
-$mailto_replace = array(', ', ', ', '', ',');
+$mailto_regexp = array('/[,;]\s*[\r\n]+/', '/[\r\n]+/', '/[,;]\s*$/m', '/;/', '/(\S{1})(<\S+@\S+>)/U');
+$mailto_replace = array(', ', ', ', '', ',', '\\1 \\2');
 
-// replace new lines and strip ending ', '
+// replace new lines and strip ending ', ', make address strings more valid also
 $mailto = preg_replace($mailto_regexp, $mailto_replace, get_input_value('_to', RCUBE_INPUT_POST, TRUE, $message_charset));
 $mailcc = preg_replace($mailto_regexp, $mailto_replace, get_input_value('_cc', RCUBE_INPUT_POST, TRUE, $message_charset));
 $mailbcc = preg_replace($mailto_regexp, $mailto_replace, get_input_value('_bcc', RCUBE_INPUT_POST, TRUE, $message_charset));

--
Gitblit v1.9.1