php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #28766 Addresses with "&" in it are not escaped!
Submitted: 2004-06-14 08:33 UTC Modified: 2004-06-14 09:14 UTC
From: bt at weberg dot de Assigned:
Status: Not a bug Package: Mail related
PHP Version: Irrelevant OS: linux, debian
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: bt at weberg dot de
New email:
PHP Version: OS:

 

 [2004-06-14 08:33 UTC] bt at weberg dot de
Description:
------------
I thought that the addresses passed to sendmail where escaped. It seems not to be. I have a problem with an email-receipient who gave me an address with an "&" in it an I got an error from the local shell-interpreter. The shell could not find the program...

Reproduce code:
---------------
Create a testscript with something like
<?php
  mail("test&script@my.domain.de", "Error, or what?", "...");
?>

Expected result:
----------------
Sending the mail...

Actual result:
--------------
sh: line 1: script@my.domain.de: command not found
can't close /usr/sbin/sendmail

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-06-14 08:47 UTC] bt at weberg dot de
It seems not to be a general problem...
 [2004-06-14 09:03 UTC] bt at weberg dot de
The problem is not related to php... sorry.
 [2004-06-14 09:14 UTC] magnus@php.net
Closed is used for real bugs that have been fixed.
 
PHP Copyright © 2001-2022 The PHP Group
All rights reserved.
Last updated: Thu Jul 07 01:04:05 2022 UTC