summaryrefslogtreecommitdiffstats
path: root/system
diff options
context:
space:
mode:
authorAndrey Andreev <narf@devilix.net>2015-11-16 12:37:58 +0100
committerAndrey Andreev <narf@devilix.net>2015-11-16 12:37:58 +0100
commitb06b5c46ef59534cb3d0eb7e9b95c0c5720ee5e5 (patch)
treee398d769ee432fa21077c1b17a42efe142804110 /system
parentfe4c76e77bc9640872d34a874780031cf90dd2bd (diff)
Fix #4244
Diffstat (limited to 'system')
-rw-r--r--system/libraries/Email.php31
1 files changed, 28 insertions, 3 deletions
diff --git a/system/libraries/Email.php b/system/libraries/Email.php
index ebff7567a..034586ac9 100644
--- a/system/libraries/Email.php
+++ b/system/libraries/Email.php
@@ -1469,6 +1469,20 @@ class CI_Email {
*/
protected function _prep_quoted_printable($str)
{
+ // ASCII code numbers for "safe" characters that can always be
+ // used literally, without encoding, as described in RFC 2049.
+ // http://www.ietf.org/rfc/rfc2049.txt
+ static $ascii_safe_chars = array(
+ // ' ( ) + , - . / : = ?
+ 39, 40, 41, 43, 44, 45, 46, 47, 58, 61, 63,
+ // numbers
+ 48, 49, 50, 51, 52, 53, 54, 55, 56, 57,
+ // upper-case letters
+ 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90,
+ // lower-case letters
+ 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122
+ );
+
// We are intentionally wrapping so mail servers will encode characters
// properly and MUAs will behave, so {unwrap} must go!
$str = str_replace(array('{unwrap}', '{/unwrap}'), '', $str);
@@ -1516,14 +1530,25 @@ class CI_Email {
$ascii = ord($char);
// Convert spaces and tabs but only if it's the end of the line
- if ($i === ($length - 1) && ($ascii === 32 OR $ascii === 9))
+ if ($ascii === 32 OR $ascii === 9)
{
- $char = $escape.sprintf('%02s', dechex($ascii));
+ if ($i === ($length - 1))
+ {
+ $char = $escape.sprintf('%02s', dechex($ascii));
+ }
}
- elseif ($ascii === 61) // encode = signs
+ // DO NOT move this below the $ascii_safe_chars line!
+ //
+ // = (equals) signs are allowed by RFC2049, but must be encoded
+ // as they are the encoding delimiter!
+ elseif ($ascii === 61)
{
$char = $escape.strtoupper(sprintf('%02s', dechex($ascii))); // =3D
}
+ elseif ( ! in_array($ascii, $ascii_safe_chars, TRUE))
+ {
+ $char = $escape.strtoupper(sprintf('%02s', dechex($ascii)));
+ }
// If we're at the character limit, add the line to the output,
// reset our temp variable, and keep on chuggin'