diff options
| -rwxr-xr-x[-rw-r--r--] | _test/tests/inc/mailer.test.php | 23 | ||||
| -rw-r--r-- | inc/Mailer.class.php | 31 | ||||
| -rw-r--r-- | inc/auth.php | 2 |
3 files changed, 54 insertions, 2 deletions
diff --git a/_test/tests/inc/mailer.test.php b/_test/tests/inc/mailer.test.php index 6f35863c2..f1b579759 100644..100755 --- a/_test/tests/inc/mailer.test.php +++ b/_test/tests/inc/mailer.test.php @@ -22,6 +22,9 @@ class TestMailer extends Mailer { } +/** + * @group mailer_class + */ class mailer_test extends DokuWikiTest { @@ -94,11 +97,21 @@ class mailer_test extends DokuWikiTest { $headers = $mail->prop('headers'); $this->assertEquals('Andreas Gohr <andi@splitbrain.org>', $headers['To']); + $mail->to('"Andreas Gohr" <andi@splitbrain.org>'); + $mail->cleanHeaders(); + $headers = $mail->prop('headers'); + $this->assertEquals('"Andreas Gohr" <andi@splitbrain.org>', $headers['To']); + $mail->to('Andreas Gohr <andi@splitbrain.org> , foo <foo@example.com>'); $mail->cleanHeaders(); $headers = $mail->prop('headers'); $this->assertEquals('Andreas Gohr <andi@splitbrain.org>, foo <foo@example.com>', $headers['To']); + $mail->to('"Foo, Dr." <foo@example.com> , foo <foo@example.com>'); + $mail->cleanHeaders(); + $headers = $mail->prop('headers'); + $this->assertEquals('=?UTF-8?B?IkZvbywgRHIuIg==?= <foo@example.com>, foo <foo@example.com>', $headers['To']); + $mail->to('Möp <moep@example.com> , foo <foo@example.com>'); $mail->cleanHeaders(); $headers = $mail->prop('headers'); @@ -334,5 +347,15 @@ A test mail in <strong>html</strong> $this->assertRegexp('/' . preg_quote($expected_mail_body, '/') . '/', $dump); } + + function test_getCleanName() { + $mail = new TestMailer(); + $name = $mail->getCleanName('Foo Bar'); + $this->assertEquals('Foo Bar', $name); + $name = $mail->getCleanName('Foo, Bar'); + $this->assertEquals('"Foo, Bar"', $name); + $name = $mail->getCleanName('Foo" Bar'); + $this->assertEquals('"Foo\" Bar"', $name); + } } //Setup VIM: ex: et ts=4 : diff --git a/inc/Mailer.class.php b/inc/Mailer.class.php index 7968ce9fc..0fdb45a0a 100644 --- a/inc/Mailer.class.php +++ b/inc/Mailer.class.php @@ -322,13 +322,36 @@ class Mailer { } /** + * Return a clean name which can be safely used in mail address + * fields. That means the name will be enclosed in '"' if it includes + * a '"' or a ','. Also a '"' will be escaped as '\"'. + * + * @param string $name the name to clean-up + * @see cleanAddress + */ + public function getCleanName($name) { + $name = trim($name, ' \t"'); + $name = str_replace('"', '\"', $name, $count); + if ($count > 0 || strpos($name, ',') !== false) { + $name = '"'.$name.'"'; + } + return $name; + } + + /** * Sets an email address header with correct encoding * * Unicode characters will be deaccented and encoded base64 * for headers. Addresses may not contain Non-ASCII data! * + * If @$addresses is a string then it will be split into multiple + * addresses. Addresses must be separated by a comma. If the display + * name includes a comma then it MUST be properly enclosed by '"' to + * prevent spliting at the wrong point. + * * Example: * cc("föö <foo@bar.com>, me@somewhere.com","TBcc"); + * to("foo, Dr." <foo@bar.com>, me@somewhere.com"); * * @param string|string[] $addresses Multiple adresses separated by commas or as array * @return false|string the prepared header (can contain multiple lines) @@ -336,7 +359,13 @@ class Mailer { public function cleanAddress($addresses) { $headers = ''; if(!is_array($addresses)){ - $addresses = explode(',', $addresses); + $count = preg_match_all('/\s*(?:("[^"]*"[^,]+),*)|([^,]+)\s*,*/', $addresses, $matches, PREG_SET_ORDER); + $addresses = array(); + if ($count !== false && is_array($matches)) { + foreach ($matches as $match) { + array_push($addresses, $match[0]); + } + } } foreach($addresses as $part) { diff --git a/inc/auth.php b/inc/auth.php index e1d7a645a..8599891fe 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -827,7 +827,7 @@ function auth_sendPassword($user, $password) { ); $mail = new Mailer(); - $mail->to($userinfo['name'].' <'.$userinfo['mail'].'>'); + $mail->to($mail->getCleanName($userinfo['name']).' <'.$userinfo['mail'].'>'); $mail->subject($lang['regpwmail']); $mail->setBody($text, $trep); return $mail->send(); |