[aur-dev] [PATCH] Always set the "To:" header when sending mail

[Lukas Fleischer]

Use "undisclosed-recipients: ;" when sending mass notifications (such as
comment notifications and the like. Addresses FS#28229.

Signed-off-by: Lukas Fleischer <archli...@cryptocrack.de>
---
 web/html/passreset.php            |    4 ++--
 web/lib/pkgfuncs.inc.php          |    2 +-
 web/template/pkg_comment_form.php |    2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/web/html/passreset.php b/web/html/passreset.php
index 82be3ef..98aa685 100644
--- a/web/html/passreset.php
+++ b/web/html/passreset.php
@@ -70,8 +70,8 @@ if (isset($_GET['resetkey'], $_POST['email'], 
$_POST['password'], $_POST['confir
                           "{$AUR_LOCATION}/passreset.php?".
                           "resetkey={$resetkey}";
                $body = wordwrap($body, 70);
-               $headers = "To: {$email}\nReply-to: 
nob...@archlinux.org\nFrom:aur-not...@archlinux.org\nX-Mailer: PHP\nX-MimeOLE: 
Produced By AUR";
-               @mail(' ', 'AUR Password Reset', $body, $headers);
+               $headers = "Reply-to: 
nob...@archlinux.org\nFrom:aur-not...@archlinux.org\nX-Mailer: PHP\nX-MimeOLE: 
Produced By AUR";
+               @mail($email, 'AUR Password Reset', $body, $headers);
 
        }
        header('Location: passreset.php?step=confirm');
diff --git a/web/lib/pkgfuncs.inc.php b/web/lib/pkgfuncs.inc.php
index 4204019..7b71ef4 100644
--- a/web/lib/pkgfuncs.inc.php
+++ b/web/lib/pkgfuncs.inc.php
@@ -745,7 +745,7 @@ function pkg_delete ($atype, $ids, $mergepkgid, $dbh=NULL) {
                        $body = wordwrap($body, 70);
                        $bcc = implode(', ', $bcc);
                        $headers = "Bcc: $bcc\nReply-to: 
nob...@archlinux.org\nFrom: aur-not...@archlinux.org\nX-Mailer: AUR\n";
-                       @mail(' ', "AUR Package deleted: " . $pkgname, $body, 
$headers);
+                       @mail('undisclosed-recipients: ;', "AUR Package 
deleted: " . $pkgname, $body, $headers);
                }
        }
 
diff --git a/web/template/pkg_comment_form.php 
b/web/template/pkg_comment_form.php
index a2bbf71..7606ce9 100644
--- a/web/template/pkg_comment_form.php
+++ b/web/template/pkg_comment_form.php
@@ -43,7 +43,7 @@ if (isset($_REQUEST['comment'])) {
                $body = wordwrap($body, 70);
                $bcc = implode(', ', $bcc);
                $headers = "Bcc: $bcc\nReply-to: nob...@archlinux.org\nFrom: 
aur-not...@archlinux.org\nX-Mailer: AUR\n";
-               @mail(' ', "AUR Comment for " . $row['Name'], $body, $headers);
+               @mail('undisclosed-recipients: ;', "AUR Comment for " . 
$row['Name'], $body, $headers);
        }
 }
 
-- 
1.7.9.3