[wp-trac] [WordPress Trac] #15448: wp_mail() sets Content-Type header twice for multipart emails

WordPress Trac wp-trac at lists.automattic.com
Tue Jun 28 20:44:57 UTC 2011


#15448: wp_mail() sets Content-Type header twice for multipart emails
-------------------------------------------------+-------------------------
 Reporter:  rmccue                               |       Owner:  westi
     Type:  enhancement                          |      Status:  reviewing
 Priority:  normal                               |   Milestone:  Future
Component:  Mail                                 |  Release
 Severity:  normal                               |     Version:
 Keywords:  gci has-patch 3.3-early westi-likes  |  Resolution:
-------------------------------------------------+-------------------------

Comment (by kitchin):

 The two patches so far both have a major error. If wp_mail() is called
 twice, AltBody is not cleared. Suggest you add these two lines:

 {{{
         $phpmailer->ClearCCs();
         $phpmailer->ClearCustomHeaders();
         $phpmailer->ClearReplyTos();

 +       $phpmailer->Body= '';
 +       $phpmailer->AltBody= '';

         // From email and name
         // If we don't have a name from the input headers
         if ( !isset( $from_name ) )
 }}}

 A test for the error in the patch is as follows: call wp_mail() with an
 array message to send an HTML email. Then call wp_mail() with a string
 message to send a different plain email. The second message will be send
 multi-part, with the previous message in one part and the current message
 in the other part. Security problem in some uses.

 The patch needs to be updated anyway, in light of Bug #17305, so I would
 also suggest incorporating the improvement I suggested there to allow
 '<foo at bar.com>' in $to and to clean up the regex:

 {{{
                         // Break $recipient into name and address parts if
 in the format "Foo <bar at baz.com>"
                         $recipient_name = '';
 -                       if( preg_match( '/(.+)\s?<(.+)>/', $recipient,
 $matches ) ) {
 +                       if( preg_match( '/(.*)<(.+)>/', $recipient,
 $matches ) ) {
                                 if ( count( $matches ) == 3 ) {
                                         $recipient_name = $matches[1];
                                         $recipient = $matches[2];
                                 }
                         }
 -                       $phpmailer->AddAddress( trim( $recipient ),
 $recipient_name);
 +                       $phpmailer->AddAddress( trim( $recipient ), trim(
 $recipient_name) );
                 } catch ( phpmailerException $e ) {
                         continue;
 ..................
                                 // Break $recipient into name and address
 parts if in the format "Foo <bar at baz.com>"
                                 $recipient_name = '';
 -                               if( preg_match( '/(.+)\s?<(.+)>/',
 $recipient, $matches ) ) {
 +                               if( preg_match( '/(.*)<(.+)>/',
 $recipient, $matches ) ) {
                                         if ( count( $matches ) == 3 ) {
                                                 $recipient_name =
 $matches[1];
                                                 $recipient = $matches[2];
                                         }
                                 }
 -                               $phpmailer->AddCc( trim($recipient),
 $recipient_name );
 +                               $phpmailer->AddCc( trim($recipient),
 trim($recipient_name) );
                         } catch ( phpmailerException $e ) {
                                 continue;
 ..................
                                 // Break $recipient into name and address
 parts if in the format "Foo <bar at baz.com>"
                                 $recipient_name = '';
 -                               if( preg_match( '/(.+)\s?<(.+)>/',
 $recipient, $matches ) ) {
 +                               if( preg_match( '/(.*)<(.+)>/',
 $recipient, $matches ) ) {
                                         if ( count( $matches ) == 3 ) {
                                                 $recipient_name =
 $matches[1];
                                                 $recipient = $matches[2];
                                         }
                                 }
 -                               $phpmailer->AddBcc( trim($recipient),
 $recipient_name );
 +                               $phpmailer->AddBcc( trim($recipient),
 trim($recipient_name) );
                         } catch ( phpmailerException $e ) {
                                 continue;

 }}}

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/15448#comment:23>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list