paxton
/
mailcow
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[Web] Remove invalid chars from sender for quota and quarantine notifications

master
andryyy 2019-09-15 09:52:13 +02:00
parent f9e7c6cf6a
commit 62a386f94e
No known key found for this signature in database
GPG Key ID: 8EC34FF2794E25EF
2 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
data/web/inc/functions.quarantine.inc.php
View File

@ -298,7 +298,9 @@ function quarantine($_action, $_data = null) {
$max_size = $_data['max_size']; $max_size = $_data['max_size'];
$max_age = intval($_data['max_age']); $max_age = intval($_data['max_age']);
$subject = $_data['subject']; $subject = $_data['subject'];
$sender = $_data['sender']; if (!filter_var($_data['sender'], FILTER_VALIDATE_EMAIL)) {
$sender = '';
}
$html = $_data['html_tmpl']; $html = $_data['html_tmpl'];
if ($max_age <= 0) { if ($max_age <= 0) {
$max_age = 365; $max_age = 365;

5
data/web/inc/functions.quota_notification.inc.php
View File

@ -21,7 +21,10 @@ function quota_notification($_action, $_data = null) {
$release_format = 'raw'; $release_format = 'raw';
} }
$subject = $_data['subject']; $subject = $_data['subject'];
$sender = $_data['sender']; $sender = preg_replace('/[\x00-\x1F\x80-\xFF]/', '', $_data['sender']);
if (filter_var($sender, FILTER_VALIDATE_EMAIL) === false) {
$sender = '';
}
$html = $_data['html_tmpl']; $html = $_data['html_tmpl'];
try { try {
$redis->Set('QW_SENDER', $sender); $redis->Set('QW_SENDER', $sender);