[Savane-dev] [bugs #313] RFC822 compliance

Fri, 26 Mar 2004 18:57:27 +0100 

This mail is an automated notification from the bugs tracker
 of the project: Savane.

/**************************************************************************/
[bugs #313] Latest Modifications:

Changes by: 
                Mathieu Roy <[EMAIL PROTECTED]>
'Date: 
                ven 26.03.2004 à 18:57 (Europe/Paris)

------------------ Additional Follow-up Comments ----------------------------
For the last point, I think we already "escape" the quotes and antislashes by 
removing them and disallowing users to put them in their account name.



More generally, I think that the following characters does not belong to a 
clean user real name , ; :  " 






/**************************************************************************/
[bugs #313] Full Item Snapshot:

URL: <http://gna.org/bugs/?func=detailitem&item_id=313>
Project: Savane
Submitted by: Sylvain Beucler
On: mer 24.03.2004 à 01:25

Category:  Web Frontend
Severity:  1 - Trivial
Priority:  C - Normal
Resolution:  None
Assigned to:  None
Status:  Open
Release:  >= 1.0.1
Planned Release:  1.0.2


Summary:  RFC822 compliance

Original Submission:  In www/include/trackers/general.php:980

< $from = user_getrealname().' <[EMAIL PROTECTED]'].'>';

---

> $from = '"'.user_getrealname().'" <[EMAIL PROTECTED]'].'>';



See http://mail.gnu.org/archive/html/savannah-hackers/2004-03/msg00253.html



Commentaires :
------------------


-------------------------------------------------------
Date: ven 26.03.2004 à 18:57        By: yeupou
For the last point, I think we already "escape" the quotes and antislashes by 
removing them and disallowing users to put them in their account name.



More generally, I think that the following characters does not belong to a 
clean user real name , ; :  " 

-------------------------------------------------------
Date: mer 24.03.2004 à 17:51        By: beuc
After reading the RFC (http://www.ietf.org/rfc/rfc0822.txt?number=822) I saw 
that strings are required as soon as there are 'special characters' (and 
optional otherwise):



specials    =  "(" / ")" / "<" / ">" / "@"  ; Must be in quoted-

            /  "," / ";" / ":" / "" / <">  ;  string, to use

            /  "." / "[" / "]"              ;  within a word.



Also, to be perfectly compatible, one should escape " and , in case the user 
put them its 'Real Name' field.



-------------------------------------------------------
Date: mer 24.03.2004 à 15:32        By: yeupou
Interesting. Do you know if the quote are standard, or just required when there 
is a special character within the name string?












For detailed info, follow this link:
<http://gna.org/bugs/?func=detailitem&item_id=313>

_______________________________________________
  Message sent via/by Gna!
  http://gna.org/

Reply via email to