From 1bded8a016bb64221fff4003e28947f50e9e00d9 Mon Sep 17 00:00:00 2001 From: Urban Müller Date: Fri, 11 Mar 2022 14:57:35 +0100 Subject: format check for email addresses on sending --- it.class | 3 ++- it_mail.class | 17 ++++++++++++++--- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/it.class b/it.class index dfefb8d..5dbcdcd 100644 --- a/it.class +++ b/it.class @@ -1093,12 +1093,13 @@ static function filter($code, $array) * Send a mail. * @param $p Header => Content (e.g To => me@example.com, Body => bodytext, Html => htmlbodytext) * @param $p['forcemail'] Send this mail even if we're on a twin or devel machine + * @param $p['it_error'] Error handling params for bad email addresses * @return false on some errors but most cannot be caught */ static function mail($p) { $headers = $p; - unset($headers['forcemail'], $headers['Body'], $headers['Html']); + unset($headers['forcemail'], $headers['it_error'], $headers['Body'], $headers['Html']); $mail = new it_mail(array_filter($headers)); $mail->add_body($p['Body']); $mail->add_body($p['Html'], IT_MAIL_HTML); diff --git a/it_mail.class b/it_mail.class index a355b28..6394e5f 100644 --- a/it_mail.class +++ b/it_mail.class @@ -56,6 +56,8 @@ class it_mail var $flags = ""; var $charset; + static $addr_regex = "(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|\"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*\")@(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\[(?:(?:(2(5[0-5]|[0-4][0-9])|1[0-9][0-9]|[1-9]?[0-9]))\.){3}(?:(2(5[0-5]|[0-4][0-9])|1[0-9][0-9]|[1-9]?[0-9])|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])"; + /** * Construct a new email message. Headers and body can be added later. * Note: Headers To, Cc, Bcc can be arrays @@ -179,6 +181,7 @@ function add_file($filename, $p = array(), $legacy_name = null) /** * Send this email message * @param $p['forcemail'] Send mail even if on twin or devel machine + * @param $p['it_error'] Error handling params for bad email addresses * @return True if mail was accepted for delivery */ function send($p = array()) @@ -195,12 +198,13 @@ function send($p = array()) for ($i = 0; $i < count($this->header_names); $i++) $headers[] = $this->header_names[$i] . ': ' . $this->header_values[$i]; + foreach (array_merge((array)$this->to, (array)$this->cc, (array)$this->bcc) as $addr) + if (($error = self::address_error($addr))) + it::error((array)$p['it_error'] + ['title' => "address error '$error' in $addr", 'body' => $this]); /* Automatically add doctype if none given */ if ($this->body[IT_MAIL_HTML] && !preg_match('/^body[IT_MAIL_HTML])) - { $this->body[IT_MAIL_HTML] = '' . "\n" . $this->body[IT_MAIL_HTML]; - } $headers[] = "MIME-Version: 1.0"; @@ -290,7 +294,7 @@ function send($p = array()) if (it::is_live() || EDC('forcemail') || $p['forcemail']) { if (($result = mail($to, $this->header_escape($this->subject), $text, implode("\n", $headers), $this->flags)) === false) - it::error(array('title' => "failed sending mail to $to subject $this->subject", 'body' => D($text, $headers, $this->flags))); + it::error(['title' => "failed sending mail to $to subject $this->subject", 'body' => ['text' => $text, 'headers' => $headers, 'flags' => $this->flags]]); return $result; } else @@ -402,6 +406,13 @@ static function send_smtp_cmd($fp, $cmd, &$answer, $timeoutok = false, $failcode return $result; } +/* Return errors found with email address, null otherwise + */ +static function address_error($email) +{ + return it::match(self::$addr_regex, $email) ? null : "invalid format"; +} + /** * Check if given email address is valid (syntax, MX record). If you set -- cgit v1.2.3