This mail is an automated notification from the bugs tracker
of the project: Savane.
/**************************************************************************/
[bugs #313] Latest Modifications:
Changes by:
Mathieu Roy <[EMAIL PROTECTED]>
'Date:
ven 26.03.2004 à 19:51 (Europe/Paris)
What | Removed | Added
---------------------------------------------------------------------------
Severity | 1 - Trivial | 3 - Average
Resolution | None | Fixed
Assigned to | None | yeupou
Status | Open | Closed
------------------ Additional Follow-up Comments ----------------------------
Ok, it should be it with the current CVS, however it should probably more
widely tested than I am able to do on my test install.
How it works: the preferred usage of sendmail_mail() is now to give it login
names. He will format it appropriately under the form user_getrealname()
<user_getmail()>. And user_getrealname() have no an argument to makes it
returning (supposedly) RFC822 compliant strings, adding quotes when he found
strange characters.
This way, it is easy to just give login name and not bother with this issue.
/**************************************************************************/
[bugs #313] Full Item Snapshot:
URL: <http://gna.org/bugs/?func=detailitem&item_id=313>
Project: Savane
Submitted by: Sylvain Beucler
On: mer 24.03.2004 à 01:25
Category: Web Frontend
Severity: 3 - Average
Priority: C - Normal
Resolution: Fixed
Assigned to: yeupou
Status: Closed
Release: >= 1.0.1
Planned Release: 1.0.2
Summary: RFC822 compliance
Original Submission: In www/include/trackers/general.php:980
< $from = user_getrealname().' <[EMAIL PROTECTED]'].'>';
---
> $from = '"'.user_getrealname().'" <[EMAIL PROTECTED]'].'>';
See http://mail.gnu.org/archive/html/savannah-hackers/2004-03/msg00253.html
Commentaires :
------------------
-------------------------------------------------------
Date: ven 26.03.2004 à 19:51 By: yeupou
Ok, it should be it with the current CVS, however it should probably more
widely tested than I am able to do on my test install.
How it works: the preferred usage of sendmail_mail() is now to give it login
names. He will format it appropriately under the form user_getrealname()
<user_getmail()>. And user_getrealname() have no an argument to makes it
returning (supposedly) RFC822 compliant strings, adding quotes when he found
strange characters.
This way, it is easy to just give login name and not bother with this issue.
-------------------------------------------------------
Date: ven 26.03.2004 à 18:57 By: yeupou
For the last point, I think we already "escape" the quotes and antislashes by
removing them and disallowing users to put them in their account name.
More generally, I think that the following characters does not belong to a
clean user real name , ; : "
-------------------------------------------------------
Date: mer 24.03.2004 à 17:51 By: beuc
After reading the RFC (http://www.ietf.org/rfc/rfc0822.txt?number=822) I saw
that strings are required as soon as there are 'special characters' (and
optional otherwise):
specials = "(" / ")" / "<" / ">" / "@" ; Must be in quoted-
/ "," / ";" / ":" / "" / <"> ; string, to use
/ "." / "[" / "]" ; within a word.
Also, to be perfectly compatible, one should escape " and , in case the user
put them its 'Real Name' field.
-------------------------------------------------------
Date: mer 24.03.2004 à 15:32 By: yeupou
Interesting. Do you know if the quote are standard, or just required when there
is a special character within the name string?
For detailed info, follow this link:
<http://gna.org/bugs/?func=detailitem&item_id=313>
_______________________________________________
Message sent via/by Gna!
http://gna.org/
