r30905 - plugins/sfZendMailPlugin/trunk/modules/sendemail/lib

[fabien . potencier]

Author: KRavEN
Date: 2010-09-14 14:02:01 +0200 (Tue, 14 Sep 2010)
New Revision: 30905

Modified:
   
plugins/sfZendMailPlugin/trunk/modules/sendemail/lib/BasesendemailActions.class.php
Log:
added parameter checking and string cleanup for sendemail action

Modified: 
plugins/sfZendMailPlugin/trunk/modules/sendemail/lib/BasesendemailActions.class.php
===================================================================
--- 
plugins/sfZendMailPlugin/trunk/modules/sendemail/lib/BasesendemailActions.class.php
 2010-09-13 22:56:25 UTC (rev 30904)
+++ 
plugins/sfZendMailPlugin/trunk/modules/sendemail/lib/BasesendemailActions.class.php
 2010-09-14 12:02:01 UTC (rev 30905)
@@ -19,42 +19,66 @@
 
   public function executeEmail(sfWebRequest $request)
   {
+    $from = $request->getParameterHolder()->get('from');
+    $toStr = $request->getParameterHolder()->get('to');
+    $subject = $request->getParameterHolder()->get('subject');
+    $body = $request->getParameterHolder()->get('msg');
+    
+    $this->forward404Unless($from && $toStr && $subject && $body);
+    
+    $from = trim(str_replace(array(',', ';'), '', $from));
+    
+    echo $from;
+    
     $mail = new sfZendMail();
-    $mail->setFrom($request->getParameterHolder()->get('from'));
+    $mail->setFrom($from);
 
-    $tos = explode(';',$request->getParameterHolder()->get('to'));
+    $tos = explode(';', $toStr);
     foreach($tos as $to)
     {
-      $mail->addTo($to);
+      $to = trim($to);
+      if($to != '')
+      {
+        $mail->addTo($to);
+      }
     }
 
 
     if($request->getParameterHolder()->get('cc',false))
     {
-      $ccs = explode(';',$request->getParameterHolder()->get('cc'));
+      $ccs = explode(';', $request->getParameterHolder()->get('cc'));
       foreach($ccs as $cc)
       {
-        $mail->addCc($cc);
+        $cc = trim($cc);
+        if($cc != '')
+        {
+          $mail->addCc($cc);
+        }
       }
     }
 
     if($request->getParameterHolder()->get('bcc',false))
     {
-      $bccs = explode(';',$request->getParameterHolder()->get('bcc'));
+      $bccs = explode(';', $request->getParameterHolder()->get('bcc'));
       foreach($bccs as $bcc)
       {
-        $mail->addBcc($bcc);
+        $bcc = trim($bcc);
+        if($bcc != '')
+        {
+          $mail->addBcc($bcc);
+        }
       }
     }
 
-    $mail->setSubject($request->getParameterHolder()->get('subject'));
+    $mail->setSubject($subject);
+    
     if($request->getParameter('content') == 'html')
     {
-      $mail->setBodyHtml($request->getParameterHolder()->get('msg'));
+      $mail->setBodyHtml($body);
     }
     else
     {
-      $mail->setBodyText($request->getParameterHolder()->get('msg'));
+      $mail->setBodyText($body);
     }
     $this->mail = $mail;
   }

-- 
You received this message because you are subscribed to the Google Groups 
"symfony SVN" group.
To post to this group, send email to symfony-...@googlegroups.com.
To unsubscribe from this group, send email to 
symfony-svn+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/symfony-svn?hl=en.