Issue Type: Bug Created: 2012-05-22T12:28:14.000+0000 Last Updated: 2012-05-22T12:28:14.000+0000 Status: Open Fix version(s): Reporter: Arnold Pistorius (arnoldpistorius) Assignee: Dolf Schimmel (Freeaqingme) (freak) Tags: - Zend_Mail
Related issues: Attachments:
When an email address is provided to the Zend_Mail class, it goes through the protected _filterEmail($email) function. This function removes illegal characters from provided addresses to the Zend_Mail class. It should throw an exception if the address contains illegal characters. The next case explains why:
A visitor (John Doe) submits a contact form, but has accidentally entered his email address with a comma instead of a dot:
john,firstname.lastname@example.org (instead of email@example.com)
The Zend_Mail class puts this addres through the _filterEmail function, which removes the comma:
Now the email will be sent to the wrong email address.
Here's some code which replicates the problem:
$mail = new Zend_Mail(); $mail->addTo('youremailaddress,@domain.com'); // this will be sent to firstname.lastname@example.org $mail->setBodyText('Hello world'); $mail->setSubject('This should definately throw an exception'); $mail->setFrom('email@example.com'); $mail->send();
No comments to display
Have you found an issue?
See the Overview section for more details.