summaryrefslogtreecommitdiff
path: root/program/steps/mail
diff options
context:
space:
mode:
Diffstat (limited to 'program/steps/mail')
-rw-r--r--program/steps/mail/sendmail.inc46
1 files changed, 38 insertions, 8 deletions
diff --git a/program/steps/mail/sendmail.inc b/program/steps/mail/sendmail.inc
index 5f12f3fe9..8edf15ffe 100644
--- a/program/steps/mail/sendmail.inc
+++ b/program/steps/mail/sendmail.inc
@@ -137,6 +137,40 @@ function rcmail_attach_emoticons(&$mime_message)
return $body;
}
+// parse email address input
+function rcmail_mailto_format($mailto)
+{
+ $regexp = array('/[,;]\s*[\r\n]+/', '/[\r\n]+/', '/[,;]\s*$/m', '/;/', '/(\S{1})(<\S+@\S+>)/U');
+ $replace = array(', ', ', ', '', ',', '\\1 \\2');
+
+ // replace new lines and strip ending ', ', make address strings more valid also
+ $mailto = trim(preg_replace($regexp, $replace, $mailto));
+
+ $result = $name = '';
+
+ // handle simple email (without <>)
+ if (preg_match('/^\S+@\S+$/', $mailto))
+ $result = '<' . $mailto . '>';
+ else
+ // quote unquoted names (#1485654)
+ foreach (explode(' ', $mailto) as $item) {
+ if (preg_match('/<\S+@\S+>,*/', $item)) {
+ if ($name && ($name[0] != '"' || $name[strlen($name)-1] != '"')
+ && preg_match('/[\(\)\<\>\\\.\[\]@,;:"]/', $name)) {
+ $name = '"'.addcslashes($name, '"').'"';
+ }
+ if ($name) {
+ $result .= ' ' . $name;
+ $name = '';
+ }
+ $result .= ' ' . $item;
+ } else {
+ $name .= ($name ? ' ' : '') . $item;
+ }
+ }
+
+ return trim($result);
+}
/****** compose message ********/
@@ -149,13 +183,9 @@ $message_id = sprintf('<%s@%s>', md5(uniqid('rcmail'.rand(),true)), $RCMAIL->con
$input_charset = $OUTPUT->get_charset();
$message_charset = isset($_POST['_charset']) ? $_POST['_charset'] : $input_charset;
-$mailto_regexp = array('/[,;]\s*[\r\n]+/', '/[\r\n]+/', '/[,;]\s*$/m', '/;/', '/(\S{1})(<\S+@\S+>)/U');
-$mailto_replace = array(', ', ', ', '', ',', '\\1 \\2');
-
-// replace new lines and strip ending ', ', make address strings more valid also
-$mailto = preg_replace($mailto_regexp, $mailto_replace, get_input_value('_to', RCUBE_INPUT_POST, TRUE, $message_charset));
-$mailcc = preg_replace($mailto_regexp, $mailto_replace, get_input_value('_cc', RCUBE_INPUT_POST, TRUE, $message_charset));
-$mailbcc = preg_replace($mailto_regexp, $mailto_replace, get_input_value('_bcc', RCUBE_INPUT_POST, TRUE, $message_charset));
+$mailto = rcmail_mailto_format(get_input_value('_to', RCUBE_INPUT_POST, TRUE, $message_charset));
+$mailcc = rcmail_mailto_format(get_input_value('_cc', RCUBE_INPUT_POST, TRUE, $message_charset));
+$mailbcc = rcmail_mailto_format(get_input_value('_bcc', RCUBE_INPUT_POST, TRUE, $message_charset));
if (empty($mailto) && !empty($mailcc)) {
$mailto = $mailcc;
@@ -196,7 +226,7 @@ if (!empty($identity_arr['organization']))
$headers['Organization'] = $identity_arr['organization'];
if (!empty($_POST['_replyto']))
- $headers['Reply-To'] = preg_replace($mailto_regexp, $mailto_replace, get_input_value('_replyto', RCUBE_INPUT_POST, TRUE, $message_charset));
+ $headers['Reply-To'] = rcmail_mailto_format(get_input_value('_replyto', RCUBE_INPUT_POST, TRUE, $message_charset));
else if (!empty($identity_arr['reply-to']))
$headers['Reply-To'] = $identity_arr['reply-to'];