Changeset 37 for trunk/lib/Email.inc.php
- Timestamp:
- Dec 14, 2005 7:07:43 AM (18 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/lib/Email.inc.php
r36 r37 256 256 $full_mail_content = join("\n", array($final_to, $this->_params['subject'], $final_body, $headers, $envelope_sender_header)); 257 257 if (preg_match("/(Content-Type:|MIME-Version:|Content-Transfer-Encoding:|[\n\r]Bcc:|[\n\r]Cc:)/i", $full_mail_content)) { 258 App::logMsg(sprintf('Mail header injection attack :', $full_mail_content), LOG_WARNING, __FILE__, __LINE__);258 App::logMsg(sprintf('Mail header injection attack in content: %s', $full_mail_content), LOG_WARNING, __FILE__, __LINE__); 259 259 sleep(3); 260 260 return false;
Note: See TracChangeset
for help on using the changeset viewer.