& encoding in email subject and from name & encoding in email subject and from name
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

& encoding in email subject and from name

Started by Flagg, November 26, 2005, 11:57:29 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Flagg

November 26, 2005, 11:57:29 AM Last Edit: August 19, 2006, 07:37:31 AM by GauGau
I'm running 1.4.2 coppermine and I have an issue with emails.

The title of the coppermine gallery is "Richard & Vivian"

When sending emails. eg password reminders, welcome emails, ecards etc. the email subject for example has an string & in it instead of &

For example: "Richard & Vivians Fotoalbums - New password request"

I think this is because of the general encoding, imho it should not encode in emails. As a wokaround i made the following change to mailer.inc.php at line 80

Original code

   $mail->FromName = $sender_name;
   $mail->Subject = $subject;

Replaced with new code

   $sender_name = str_replace("&", "&", $sender_name);
   $mail->FromName = $sender_name;
   $subject = str_replace("&", "&", $subject);
   $mail->Subject = $subject;

Flagg (aka Richard)
http://www.richardoe.nl

Joachim Müller

#1
August 10, 2006, 08:24:28 AM
Bumping thread to top. Issue still open?

Joachim Müller

#2
August 10, 2006, 08:48:39 AM
merging Titooy's report with another similar one.

Tranz

#3
August 13, 2006, 05:21:07 PM
I split Titooy's report and merged it with a more related thread.

I confirmed this issue in 1.4.9 from svn.

I think the answer is in modifying include/mailer.inc.php by adding html_entity_decode() in the right place(s). Problem is I can't tell where.

Tranz

#4
August 14, 2006, 05:16:39 AM
I guess it's the same location as Flagg's suggested fix.

FIND:
Code Select
   $mail->FromName = $sender_name;
   $mail->Subject = $subject;
   $mail->Body = $msg_body;


REPLACE with:
Code Select
   $mail->FromName = html_entity_decode($sender_name);
   $mail->Subject = html_entity_decode($subject);
   $mail->Body = html_entity_decode($msg_body);


I'm guessing that that is all that needs to be replace. At least when I tested with the forgot password form, it looked fine. I didn't know what else to test with. The ecard email worked fine without the fix.

This needs to be confirmed with another dev.

Tranz

#5
August 19, 2006, 06:22:11 AM
Since the related bug was OK'd, is the fix here ok?

Joachim Müller

#6
August 19, 2006, 07:37:17 AM
Guess so - this thread is identical to the other one that got fixed. Marking this one accordingly.
Print
Go Up Pages1
User actions