From f5e1652bf95ed7b63a27042d8bb8b1195d7c9158 Mon Sep 17 00:00:00 2001
From: Lukas Fleischer <archlinux@cryptocrack.de>
Date: Thu, 8 Mar 2012 11:43:48 +0100
Subject: Always set the "To:" header when sending mail

Use "undisclosed-recipients: ;" when sending mass notifications (such as
comment notifications and the like. Addresses FS#28229.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
---
 web/html/passreset.php            | 4 ++--
 web/lib/pkgfuncs.inc.php          | 2 +-
 web/template/pkg_comment_form.php | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/web/html/passreset.php b/web/html/passreset.php
index 82be3ef4..98aa685d 100644
--- a/web/html/passreset.php
+++ b/web/html/passreset.php
@@ -70,8 +70,8 @@ if (isset($_GET['resetkey'], $_POST['email'], $_POST['password'], $_POST['confir
 		           "{$AUR_LOCATION}/passreset.php?".
 		           "resetkey={$resetkey}";
 		$body = wordwrap($body, 70);
-		$headers = "To: {$email}\nReply-to: nobody@archlinux.org\nFrom:aur-notify@archlinux.org\nX-Mailer: PHP\nX-MimeOLE: Produced By AUR";
-		@mail(' ', 'AUR Password Reset', $body, $headers);
+		$headers = "Reply-to: nobody@archlinux.org\nFrom:aur-notify@archlinux.org\nX-Mailer: PHP\nX-MimeOLE: Produced By AUR";
+		@mail($email, 'AUR Password Reset', $body, $headers);
 
 	}
 	header('Location: passreset.php?step=confirm');
diff --git a/web/lib/pkgfuncs.inc.php b/web/lib/pkgfuncs.inc.php
index 42040191..7b71ef4e 100644
--- a/web/lib/pkgfuncs.inc.php
+++ b/web/lib/pkgfuncs.inc.php
@@ -745,7 +745,7 @@ function pkg_delete ($atype, $ids, $mergepkgid, $dbh=NULL) {
 			$body = wordwrap($body, 70);
 			$bcc = implode(', ', $bcc);
 			$headers = "Bcc: $bcc\nReply-to: nobody@archlinux.org\nFrom: aur-notify@archlinux.org\nX-Mailer: AUR\n";
-			@mail(' ', "AUR Package deleted: " . $pkgname, $body, $headers);
+			@mail('undisclosed-recipients: ;', "AUR Package deleted: " . $pkgname, $body, $headers);
 		}
 	}
 
diff --git a/web/template/pkg_comment_form.php b/web/template/pkg_comment_form.php
index a2bbf714..7606ce97 100644
--- a/web/template/pkg_comment_form.php
+++ b/web/template/pkg_comment_form.php
@@ -43,7 +43,7 @@ if (isset($_REQUEST['comment'])) {
 		$body = wordwrap($body, 70);
 		$bcc = implode(', ', $bcc);
 		$headers = "Bcc: $bcc\nReply-to: nobody@archlinux.org\nFrom: aur-notify@archlinux.org\nX-Mailer: AUR\n";
-		@mail(' ', "AUR Comment for " . $row['Name'], $body, $headers);
+		@mail('undisclosed-recipients: ;', "AUR Comment for " . $row['Name'], $body, $headers);
 	}
 }
 
-- 
cgit v1.2.3-24-g4f1b