Home Explore Help
Sign In
mirrors
/
mailcow-dockerized
mirror of https://github.com/mailcow/mailcow-dockerized
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

[Web] Remove invalid chars from sender for quota and quarantine notifications

andryyy 6 years ago
parent
f9e7c6cf6a
commit
62a386f94e
2 changed files with 7 additions and 2 deletions
Unified View Show Diff Stats
  1. 3 1
      data/web/inc/functions.quarantine.inc.php
  2. 4 1
      data/web/inc/functions.quota_notification.inc.php

+ 3 - 1
data/web/inc/functions.quarantine.inc.php
View File 

@@ -298,7 +298,9 @@ function quarantine($_action, $_data = null) {
 
         $max_size = $_data['max_size'];

         $max_size = $_data['max_size'];

         $max_age = intval($_data['max_age']);

         $max_age = intval($_data['max_age']);

         $subject = $_data['subject'];

         $subject = $_data['subject'];

-        $sender = $_data['sender'];

+        if (!filter_var($_data['sender'], FILTER_VALIDATE_EMAIL)) {

+          $sender = '';

+        }

         $html = $_data['html_tmpl'];

         $html = $_data['html_tmpl'];

         if ($max_age <= 0) {

         if ($max_age <= 0) {

           $max_age = 365;

           $max_age = 365;

+ 4 - 1
data/web/inc/functions.quota_notification.inc.php
View File 

@@ -21,7 +21,10 @@ function quota_notification($_action, $_data = null) {
 
         $release_format = 'raw';

         $release_format = 'raw';

       }

       }

       $subject = $_data['subject'];

       $subject = $_data['subject'];

-      $sender = $_data['sender'];

+      $sender = preg_replace('/[\x00-\x1F\x80-\xFF]/', '', $_data['sender']);

+      if (filter_var($sender, FILTER_VALIDATE_EMAIL) === false) {

+        $sender = '';

+      }

       $html = $_data['html_tmpl'];

       $html = $_data['html_tmpl'];

       try {

       try {

         $redis->Set('QW_SENDER', $sender);

         $redis->Set('QW_SENDER', $sender);