[wp-trac] [WordPress Trac] #15448: wp_mail() sets Content-Type header twice for multipart emails
WordPress Trac
wp-trac at lists.automattic.com
Tue Jun 28 20:44:57 UTC 2011
#15448: wp_mail() sets Content-Type header twice for multipart emails
-------------------------------------------------+-------------------------
Reporter: rmccue | Owner: westi
Type: enhancement | Status: reviewing
Priority: normal | Milestone: Future
Component: Mail | Release
Severity: normal | Version:
Keywords: gci has-patch 3.3-early westi-likes | Resolution:
-------------------------------------------------+-------------------------
Comment (by kitchin):
The two patches so far both have a major error. If wp_mail() is called
twice, AltBody is not cleared. Suggest you add these two lines:
{{{
$phpmailer->ClearCCs();
$phpmailer->ClearCustomHeaders();
$phpmailer->ClearReplyTos();
+ $phpmailer->Body= '';
+ $phpmailer->AltBody= '';
// From email and name
// If we don't have a name from the input headers
if ( !isset( $from_name ) )
}}}
A test for the error in the patch is as follows: call wp_mail() with an
array message to send an HTML email. Then call wp_mail() with a string
message to send a different plain email. The second message will be send
multi-part, with the previous message in one part and the current message
in the other part. Security problem in some uses.
The patch needs to be updated anyway, in light of Bug #17305, so I would
also suggest incorporating the improvement I suggested there to allow
'<foo at bar.com>' in $to and to clean up the regex:
{{{
// Break $recipient into name and address parts if
in the format "Foo <bar at baz.com>"
$recipient_name = '';
- if( preg_match( '/(.+)\s?<(.+)>/', $recipient,
$matches ) ) {
+ if( preg_match( '/(.*)<(.+)>/', $recipient,
$matches ) ) {
if ( count( $matches ) == 3 ) {
$recipient_name = $matches[1];
$recipient = $matches[2];
}
}
- $phpmailer->AddAddress( trim( $recipient ),
$recipient_name);
+ $phpmailer->AddAddress( trim( $recipient ), trim(
$recipient_name) );
} catch ( phpmailerException $e ) {
continue;
..................
// Break $recipient into name and address
parts if in the format "Foo <bar at baz.com>"
$recipient_name = '';
- if( preg_match( '/(.+)\s?<(.+)>/',
$recipient, $matches ) ) {
+ if( preg_match( '/(.*)<(.+)>/',
$recipient, $matches ) ) {
if ( count( $matches ) == 3 ) {
$recipient_name =
$matches[1];
$recipient = $matches[2];
}
}
- $phpmailer->AddCc( trim($recipient),
$recipient_name );
+ $phpmailer->AddCc( trim($recipient),
trim($recipient_name) );
} catch ( phpmailerException $e ) {
continue;
..................
// Break $recipient into name and address
parts if in the format "Foo <bar at baz.com>"
$recipient_name = '';
- if( preg_match( '/(.+)\s?<(.+)>/',
$recipient, $matches ) ) {
+ if( preg_match( '/(.*)<(.+)>/',
$recipient, $matches ) ) {
if ( count( $matches ) == 3 ) {
$recipient_name =
$matches[1];
$recipient = $matches[2];
}
}
- $phpmailer->AddBcc( trim($recipient),
$recipient_name );
+ $phpmailer->AddBcc( trim($recipient),
trim($recipient_name) );
} catch ( phpmailerException $e ) {
continue;
}}}
--
Ticket URL: <http://core.trac.wordpress.org/ticket/15448#comment:23>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list