diff options
author | Urban Müller | 2022-03-15 14:52:47 +0100 |
---|---|---|
committer | Urban Müller | 2022-03-15 14:52:47 +0100 |
commit | 657a41ee4f670a4ac58ebb11b0decbd253889688 (patch) | |
tree | 71a0a98103b51401ee08f178614885925eb885a5 | |
parent | bb123979c91d68d88e39d5b73de39baa6c665ba7 (diff) | |
download | itools-657a41ee4f670a4ac58ebb11b0decbd253889688.tar.gz itools-657a41ee4f670a4ac58ebb11b0decbd253889688.tar.bz2 itools-657a41ee4f670a4ac58ebb11b0decbd253889688.zip |
correctly escape commas
-rw-r--r-- | it_mail.class | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/it_mail.class b/it_mail.class index ab75ffc..470ddce 100644 --- a/it_mail.class +++ b/it_mail.class @@ -200,7 +200,7 @@ function send($p = array()) foreach (array_merge((array)$this->to, (array)$this->cc, (array)$this->bcc) as $addr) if (($error = self::address_error($addr))) - it::error((array)$p['it_error'] + ['title' => "address error '$error' in $addr", 'body' => $this]); + it::error((array)$p['it_error'] + ['title' => "address error '$error'", 'body' => $this]); /* Automatically add doctype if none given */ if ($this->body[IT_MAIL_HTML] && !preg_match('/^<!doctype/i', $this->body[IT_MAIL_HTML])) @@ -408,11 +408,20 @@ static function send_smtp_cmd($fp, $cmd, &$answer, $timeoutok = false, $failcode /* Return errors found with email address, null otherwise */ -static function address_error($emails) +static function address_error($addresses) { - foreach (it::split(',\s*', $emails) as $email) - if (!it::match(self::$addr_regex, $email) && !it::match('^[a-z][-a-z0-9]*$', $email)) - return "invalid format"; + foreach (str_split($addresses) as $char) + { + $quoted = $char == '"' ? !$quoted : $quoted; + if ($char == ',' && !$quoted) + $n++; + else + $emails[$n] .= $char; + } + + foreach ($emails as $email) + if (!it::match(self::$addr_regex, $email) && !it::match('^\s*[a-z][-a-z0-9]*\s*$', $email)) + return "invalid format on $email"; } |