From acbf061c66059df3daf7cdbe7e8ec4182418dd20 Mon Sep 17 00:00:00 2001 From: Gerrit Uitslag Date: Sat, 15 Feb 2014 22:09:04 +0100 Subject: add Reply-To and Sender to whitelist for cleanAddress FS#2916 --- inc/Mailer.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'inc/Mailer.class.php') diff --git a/inc/Mailer.class.php b/inc/Mailer.class.php index 2ac2c1d60..480dc0e01 100644 --- a/inc/Mailer.class.php +++ b/inc/Mailer.class.php @@ -522,7 +522,7 @@ class Mailer { // clean up addresses if(empty($this->headers['From'])) $this->from($conf['mailfrom']); - $addrs = array('To', 'From', 'Cc', 'Bcc'); + $addrs = array('To', 'From', 'Cc', 'Bcc', 'Reply-To', 'Sender'); foreach($addrs as $addr) { if(isset($this->headers[$addr])) { $this->headers[$addr] = $this->cleanAddress($this->headers[$addr]); -- cgit v1.2.3 From 8c253612ce858dfc41922e084c065888b592e8bd Mon Sep 17 00:00:00 2001 From: Gerrit Uitslag Date: Sat, 15 Feb 2014 22:09:24 +0100 Subject: improve PHPDocs of Mailer --- inc/Mailer.class.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'inc/Mailer.class.php') diff --git a/inc/Mailer.class.php b/inc/Mailer.class.php index 480dc0e01..e32178bba 100644 --- a/inc/Mailer.class.php +++ b/inc/Mailer.class.php @@ -277,7 +277,7 @@ class Mailer { /** * Add the To: recipients * - * @see setAddress + * @see cleanAddress * @param string|array $address Multiple adresses separated by commas or as array */ public function to($address) { @@ -287,7 +287,7 @@ class Mailer { /** * Add the Cc: recipients * - * @see setAddress + * @see cleanAddress * @param string|array $address Multiple adresses separated by commas or as array */ public function cc($address) { @@ -297,7 +297,7 @@ class Mailer { /** * Add the Bcc: recipients * - * @see setAddress + * @see cleanAddress * @param string|array $address Multiple adresses separated by commas or as array */ public function bcc($address) { @@ -310,7 +310,7 @@ class Mailer { * This is set to $conf['mailfrom'] when not specified so you shouldn't need * to call this function * - * @see setAddress + * @see cleanAddress * @param string $address from address */ public function from($address) { @@ -333,9 +333,9 @@ class Mailer { * for headers. Addresses may not contain Non-ASCII data! * * Example: - * setAddress("föö , me@somewhere.com","TBcc"); + * cc("föö , me@somewhere.com","TBcc"); * - * @param string|array $address Multiple adresses separated by commas or as array + * @param string|array $addresses Multiple adresses separated by commas or as array * @return bool|string the prepared header (can contain multiple lines) */ public function cleanAddress($addresses) { -- cgit v1.2.3 From 585bf44e2b756eac2e1cfce7035ef237bc02a788 Mon Sep 17 00:00:00 2001 From: Christopher Smith Date: Thu, 6 Mar 2014 19:55:56 +0000 Subject: amend $_SERVER to $INPUT->server --- inc/Mailer.class.php | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) (limited to 'inc/Mailer.class.php') diff --git a/inc/Mailer.class.php b/inc/Mailer.class.php index e32178bba..e90b45f99 100644 --- a/inc/Mailer.class.php +++ b/inc/Mailer.class.php @@ -39,6 +39,8 @@ class Mailer { */ public function __construct() { global $conf; + /* @var Input $INPUT */ + global $INPUT; $server = parse_url(DOKU_URL, PHP_URL_HOST); if(strpos($server,'.') === false) $server = $server.'.localhost'; @@ -53,7 +55,7 @@ class Mailer { // add some default headers for mailfiltering FS#2247 $this->setHeader('X-Mailer', 'DokuWiki'); - $this->setHeader('X-DokuWiki-User', $_SERVER['REMOTE_USER']); + $this->setHeader('X-DokuWiki-User', $INPUT->server->str('REMOTE_USER')); $this->setHeader('X-DokuWiki-Title', $conf['title']); $this->setHeader('X-DokuWiki-Server', $server); $this->setHeader('X-Auto-Response-Suppress', 'OOF'); @@ -181,6 +183,9 @@ class Mailer { public function setBody($text, $textrep = null, $htmlrep = null, $html = null, $wrap = true) { global $INFO; global $conf; + /* @var Input $INPUT */ + global $INPUT; + $htmlrep = (array)$htmlrep; $textrep = (array)$textrep; @@ -218,24 +223,24 @@ class Mailer { $cip = gethostsbyaddrs($ip); $trep = array( 'DATE' => dformat(), - 'BROWSER' => $_SERVER['HTTP_USER_AGENT'], + 'BROWSER' => $INPUT->server->str('HTTP_USER_AGENT'), 'IPADDRESS' => $ip, 'HOSTNAME' => $cip, 'TITLE' => $conf['title'], 'DOKUWIKIURL' => DOKU_URL, - 'USER' => $_SERVER['REMOTE_USER'], + 'USER' => $INPUT->server->str('REMOTE_USER'), 'NAME' => $INFO['userinfo']['name'], 'MAIL' => $INFO['userinfo']['mail'], ); $trep = array_merge($trep, (array)$textrep); $hrep = array( 'DATE' => ''.hsc(dformat()).'', - 'BROWSER' => hsc($_SERVER['HTTP_USER_AGENT']), + 'BROWSER' => hsc($INPUT->server->str('HTTP_USER_AGENT')), 'IPADDRESS' => ''.hsc($ip).'', 'HOSTNAME' => ''.hsc($cip).'', 'TITLE' => hsc($conf['title']), 'DOKUWIKIURL' => ''.DOKU_URL.'', - 'USER' => hsc($_SERVER['REMOTE_USER']), + 'USER' => hsc($INPUT->server->str('REMOTE_USER')), 'NAME' => hsc($INFO['userinfo']['name']), 'MAIL' => ''. hsc($INFO['userinfo']['mail']).'', -- cgit v1.2.3