Changeset 622 for trunk/lib/Email.inc.php
- Timestamp:
- Feb 15, 2018 12:31:38 PM (6 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/lib/Email.inc.php
r618 r622 73 73 'wrap' => true, 74 74 'line_length' => 75, 75 76 'sandbox_mode' => null, 77 'sandbox_to_addr' => null, 75 78 ); 76 79 … … 80 83 // String that contains the email body after replacements. 81 84 protected $_template_replaced; 85 86 // Email debug modes. 87 const SANDBOX_MODE_REDIRECT = 1; // Send all mail to 'sandbox_to_addr' 88 const SANDBOX_MODE_STDERR = 2; // Log all mail to stderr 82 89 83 90 /** … … 359 366 } 360 367 // If the envelope_sender_address was given as a header, move it to the correct place. 361 if ('envelope_sender_address' == $key) {368 if ('envelope_sender_address' == strtolower($key)) { 362 369 $this->_params['envelope_sender_address'] = isset($this->_params['envelope_sender_address']) ? $this->_params['envelope_sender_address'] : $val; 370 continue; 371 } 372 // If we're sending in sandbox mode, remove any headers with recipient addresses. 373 if ($this->getParam('sandbox_mode') == self::SANDBOX_MODE_REDIRECT && in_array(strtolower($key), array('to', 'cc', 'bcc')) && mb_strpos($val, '@') !== false) { 374 // Don't carry this into the $final_headers. 375 $app->logMsg(sprintf('Skipping header in sandbox mode: %s=%s', $key, $val), LOG_DEBUG, __FILE__, __LINE__); 363 376 continue; 364 377 } … … 384 397 $app->logMsg(sprintf('Mail header injection attack in content: %s', $full_mail_content), LOG_WARNING, __FILE__, __LINE__); 385 398 return false; 399 } 400 401 // Enter sandbox mode, if specified. 402 switch ($this->getParam('sandbox_mode')) { 403 case self::SANDBOX_MODE_REDIRECT: 404 if (!$this->getParam('sandbox_to_addr')) { 405 $app->logMsg(sprintf('Email sandbox_mode is SANDBOX_MODE_REDIRECT but sandbox_to_addr is not set.', null), LOG_ERR, __FILE__, __LINE__); 406 break; 407 } 408 $final_to = $this->getParam('sandbox_to_addr'); 409 break; 410 411 case self::SANDBOX_MODE_STDERR: 412 file_put_contents('php://stderr', sprintf("Subject: %s\nTo: %s\n%s\n\n%s", $this->getParam('subject'), $final_to, str_replace($this->getParam('crlf'), "\n", $final_headers), $final_body), FILE_APPEND); 413 return true; 386 414 } 387 415
Note: See TracChangeset
for help on using the changeset viewer.