Rev 250 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 250 | Rev 386 | ||
---|---|---|---|
Line 26... | Line 26... | ||
26 | 26 | ||
27 | // TODO: sollte eher private sein, geht aber net |
27 | // TODO: sollte eher private sein, geht aber net |
28 | const endl = "\n"; // GMX will kein CRLF! wtf?! (Unter Postfix in Linux) |
28 | const endl = "\n"; // GMX will kein CRLF! wtf?! (Unter Postfix in Linux) |
29 | 29 | ||
30 | private function QB_SECURE_MAIL_PARAM($param_ = '', $level_ = 2) { |
30 | private function QB_SECURE_MAIL_PARAM($param_ = '', $level_ = 2) { |
31 | // Verhindert Mail-Header-Injections |
31 | // Prevents eMail header injections |
32 | // Quelle: http://www.erich-kachel.de/?p=26 |
32 | // Source: http://www.erich-kachel.de/?p=26 (modified) |
33 | 33 | ||
34 | /* replace until done */ |
34 | /* replace until done */ |
- | 35 | $filtered = null; |
|
35 | while (!isset($filtered) || ($param_ != $filtered)) { |
36 | while (!is_null($filtered) || ($param_ != $filtered)) { |
36 | if (isset($filtered)) { |
37 | if (is_null($filtered)) { |
37 | $param_ = $filtered; |
38 | $param_ = $filtered; |
38 | } |
39 | } |
39 | 40 | ||
40 | $filtered = preg_replace("/(Content-Transfer-Encoding:|MIME-Version:|content-type:|Subject:|to:|cc:|bcc:|from:|reply-to:)/ims", '', $param_); |
41 | $filtered = preg_replace("/(Content-Transfer-Encoding:|MIME-Version:|content-type:|Subject:|to:|cc:|bcc:|from:|reply-to:)/ims", '', $param_); |
41 | } |
42 | } |