Better patch to correctly quote email recipient strings (from #1484191)

17 years ago · 0c6f4b8864
parent 46bc52b56a
commit 0c6f4b8864
3 changed files with 9 additions and 4 deletions
--- a/program/include/main.inc
+++ b/program/include/main.inc
@ -1567,7 +1567,10 @@ function format_date($date, $format=NULL)
 function format_email_recipient($email, $name='')
  {
  if ($name && $name != $email)
-    return sprintf('%s <%s>', strpos($name, ",") ? '"'.$name.'"' : $name, $email);
+    {
+    // Special chars as defined by RFC 822 need to in quoted string (or escaped).
+    return sprintf('%s <%s>', preg_match('/[\(\)\<\>\\\.\[\]@,;:"]/', $name) ? '"'.addcslashes($name, '"').'"' : $name, $email);
+    }
  else
    return $email;
  }
--- a/program/include/rcube_imap.inc
+++ b/program/include/rcube_imap.inc
@ -2272,6 +2272,8 @@ class rcube_imap
    {
    $a = $this->_parse_address_list($input, $decode);
    $out = array();
+    // Special chars as defined by RFC 822 need to in quoted string (or escaped).
+    $special_chars = '[\(\)\<\>\\\.\[\]@,;:"]';
    
    if (!is_array($a))
      return $out;
@ -2285,7 +2287,7 @@ class rcube_imap
      $address = $val['address'];
      $name = preg_replace(array('/^[\'"]/', '/[\'"]$/'), '', trim($val['name']));
      if ($name && $address && $name != $address)
-        $string = sprintf('%s <%s>', preg_match('/[,;<>]/', $name) ? '"'.addcslashes($name, '"').'"' : $name, $address);
+        $string = sprintf('%s <%s>', preg_match("/$special_chars/", $name) ? '"'.addcslashes($name, '"').'"' : $name, $address);
      else if ($address)
        $string = $address;
      else if ($name)
--- a/program/steps/mail/compose.inc
+++ b/program/steps/mail/compose.inc
@ -893,7 +893,7 @@ if ($result = $CONTACTS->list_records())
  {
  while ($sql_arr = $result->iterate())
    if ($sql_arr['email'])
-      $a_contacts[] = format_email_recipient($sql_arr['email'], JQ($sql_arr['name']));
+      $a_contacts[] = format_email_recipient($sql_arr['email'], $sql_arr['name']);
  }
 if (isset($CONFIG['ldap_public']))
  {
@ -918,7 +918,7 @@ if (isset($CONFIG['ldap_public']))
 	    $email = $results->records[$i]['email']; 
 	    $name = $results->records[$i]['name']; 
 		 
- 	    $a_contacts[] = format_email_recipient($email, JQ($name)); 
+ 	    $a_contacts[] = format_email_recipient($email, $name);
 	    } 
 	  }
    $LDAP->close();