On Thu, 03 Nov 2005 13:42:34 +1000, Ligaya Turmelle wrote:
>
>>There already is:
>> http://php.net/imap_rfc822_parse_adrlist
>>
>>
> quote from user contributed notes:
>
> "| This function does NOT test the syntax of either the local part, or the
> host part, it will permit illegal characters on either side."|
contributed notes are funny sometimes
considering where local-part is defined as stuff before @
RFC822
local-part = word *("." word) ; uninterpreted
; case-preserved
word = atom / quoted-string
atom = 1*<any CHAR except specials, SPACE and CTLs>
quoted-string = <"> *(qtext/quoted-pair) <">; Regular qtext or
; quoted chars.
qtext = <any CHAR excepting <">, ; => may be folded
"\" & CR, and including
linear-white-space>
quoted-pair = "\" CHAR ; may quote any char
With his long example of what goes wrong it all comes down to the address
that isn't validated properly:
<@example.com:[EMAIL PROTECTED]>
At first look this seems to be an odd email and one would think that it we
are trying to send an email to:
[EMAIL PROTECTED]:[EMAIL PROTECTED]
which isn't valid but the key thing is the ':' in this address, it causes
the address to really become [EMAIL PROTECTED] and the stuff before that is
the 'phrase' of this address, I could bore you more on some more rfc
definitions but i'll try to avoid that. I'll just mention that a phrase
starts ends with a ':' and a phrase is allowed to have:
phrase = 1*word ; Sequence of words
And according to what word is defined as, @ isn't allowed, since it isn't
quoted.
So the statement that it doesn't validate local or host part is a
wrong assumption, it has problems figuring out the phrase of the address.
So yes does have a bug or two in address parsing, and i do wonder how
often anyone even uses the phrase feature of email addresses anyway.
Curt.
--
http://news.zirzow.dyndns.org/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
