From bde85428d69069637782d9507475df78890f08d0 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 10 May 2013 03:37:25 -0400
Subject: [PATCH] Fix handling of invalid email addresses in headers (#1489092)
---
program/steps/mail/func.inc | 7 ++++---
1 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc
index 7ef8216..0dae6de 100644
--- a/program/steps/mail/func.inc
+++ b/program/steps/mail/func.inc
@@ -1441,9 +1441,10 @@
$name = $part['name'];
$mailto = $part['mailto'];
$string = $part['string'];
+ $valid = check_email($mailto, false);
// phishing email prevention (#1488981), e.g. "valid@email.addr <phishing@email.addr>"
- if ($name && $name != $mailto && strpos($name, '@')) {
+ if ($name && $valid && $name != $mailto && strpos($name, '@')) {
$name = '';
}
@@ -1459,7 +1460,7 @@
// for printing we display all addresses
continue;
}
- else if (check_email($part['mailto'], false)) {
+ else if ($valid) {
if ($linked) {
$address = html::a(array(
'href' => 'mailto:'.$mailto,
@@ -1492,7 +1493,7 @@
if ($name)
$address .= Q($name);
if ($mailto)
- $address .= (strlen($address) ? ' ' : '') . sprintf('<%s>', Q($mailto));
+ $address = trim($address . ' ' . Q($name ? sprintf('<%s>', $mailto) : $mailto));
}
$address = html::span('adr', $address);
--
Gitblit v1.9.1