WordPress.org
Get WordPress

Make WordPress Core

Changeset 27801


Ignore:
Timestamp:
03/28/2014 02:43:04 AM (11 years ago)
Author:
nacin
Message:

Always decode special characters for email subjects.

props tlovett1, jeremyfelt.
fixes #25346.

Location:
trunk/src
Files:
7 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/wp-admin/includes/class-wp-upgrader.php

    r27673 r27801  
    24212421        $email = apply_filters( 'auto_core_update_email', $email, $type, $core_update, $result );
    24222422
    2423         wp_mail( $email['to'], $email['subject'], $email['body'], $email['headers'] );
     2423        wp_mail( $email['to'], wp_specialchars_decode( $email['subject'] ), $email['body'], $email['headers'] );
    24242424    }
    24252425
     
    25712571        $email = apply_filters( 'automatic_updates_debug_email', $email, $failures, $this->update_results );
    25722572
    2573         wp_mail( $email['to'], $email['subject'], $email['body'], $email['headers'] );
     2573        wp_mail( $email['to'], wp_specialchars_decode( $email['subject'] ), $email['body'], $email['headers'] );
    25742574    }
    25752575}

  • trunk/src/wp-admin/includes/ms.php

    r27706 r27801  
    260260    $content = str_replace( '###SITEURL###', network_home_url(), $content );
    261261
    262     wp_mail( $value, sprintf( __( '[%s] New Admin Email Address' ), get_option( 'blogname' ) ), $content );
     262    wp_mail( $value, sprintf( __( '[%s] New Admin Email Address' ), wp_specialchars_decode( get_option( 'blogname' ) ) ), $content );
    263263}
    264264add_action( 'update_option_new_admin_email', 'update_option_new_admin_email', 10, 2 );
     
    329329        $content = str_replace( '###SITEURL###', network_home_url(), $content );
    330330
    331         wp_mail( $_POST['email'], sprintf( __( '[%s] New Email Address' ), get_option( 'blogname' ) ), $content );
     331        wp_mail( $_POST['email'], sprintf( __( '[%s] New Email Address' ), wp_specialchars_decode( get_option( 'blogname' ) ) ), $content );
    332332        $_POST['email'] = $current_user->user_email;
    333333    }

  • trunk/src/wp-admin/ms-delete-site.php

    r26518 r27801  
    6969    $content = str_replace( '###SITE_NAME###', $current_site->site_name, $content );
    7070
    71     wp_mail( get_option( 'admin_email' ), "[ " . get_option( 'blogname' ) . " ] ".__( 'Delete My Site' ), $content );
     71    wp_mail( get_option( 'admin_email' ), "[ " . wp_specialchars_decode( get_option( 'blogname' ) ) . " ] ".__( 'Delete My Site' ), $content );
    7272    ?>
    7373

  • trunk/src/wp-admin/user-new.php

    r27469 r27801  
    8686Please click the following link to confirm the invite:
    8787%4$s' );
    88             wp_mail( $new_user_email, sprintf( __( '[%s] Joining confirmation' ), get_option( 'blogname' ) ), sprintf( $message, get_option( 'blogname' ), home_url(), wp_specialchars_decode( translate_user_role( $role['name'] ) ), home_url( "/newbloguser/$newuser_key/" ) ) );
     88            wp_mail( $new_user_email, sprintf( __( '[%s] Joining confirmation' ), wp_specialchars_decode( get_option( 'blogname' ) ) ), sprintf( $message, get_option( 'blogname' ), home_url(), wp_specialchars_decode( translate_user_role( $role['name'] ) ), home_url( "/newbloguser/$newuser_key/" ) ) );
    8989            $redirect = add_query_arg( array('update' => 'add'), 'user-new.php' );
    9090        }

  • trunk/src/wp-includes/ms-functions.php

    r27717 r27801  
    881881        esc_url( 'http://' . $domain . $path )
    882882    );
    883     wp_mail($user_email, $subject, $message, $message_headers);
     883    wp_mail( $user_email, wp_specialchars_decode( $subject ), $message, $message_headers );
    884884    return true;
    885885}
     
    966966        $user
    967967    );
    968     wp_mail($user_email, $subject, $message, $message_headers);
     968    wp_mail( $user_email, wp_specialchars_decode( $subject ), $message, $message_headers );
    969969    return true;
    970970}
     
    15221522     */
    15231523    $subject = apply_filters( 'update_welcome_subject', sprintf( __( 'New %1$s Site: %2$s' ), $current_site->site_name, wp_unslash( $title ) ) );
    1524     wp_mail($user->user_email, $subject, $message, $message_headers);
     1524    wp_mail( $user->user_email, wp_specialchars_decode( $subject ), $message, $message_headers );
    15251525    return true;
    15261526}
     
    16001600     */
    16011601    $subject = apply_filters( 'update_welcome_user_subject', sprintf( __( 'New %1$s User: %2$s' ), $current_site->site_name, $user->user_login) );
    1602     wp_mail($user->user_email, $subject, $message, $message_headers);
     1602    wp_mail( $user->user_email, wp_specialchars_decode( $subject ), $message, $message_headers );
    16031603    return true;
    16041604}

  • trunk/src/wp-includes/pluggable.php

    r27568 r27801  
    11691169
    11701170    foreach ( $emails as $email ) {
    1171         @wp_mail( $email, $subject, $notify_message, $message_headers );
     1171        @wp_mail( $email, wp_specialchars_decode( $subject ), $notify_message, $message_headers );
    11721172    }
    11731173
     
    12561256
    12571257    foreach ( $emails as $email ) {
    1258         @wp_mail( $email, $subject, $notify_message, $message_headers );
     1258        @wp_mail( $email, wp_specialchars_decode( $subject ), $notify_message, $message_headers );
    12591259    }
    12601260

  • trunk/src/wp-login.php

    r27369 r27801  
    389389    $message = apply_filters( 'retrieve_password_message', $message, $key );
    390390
    391     if ( $message && !wp_mail($user_email, $title, $message) )
     391    if ( $message && !wp_mail( $user_email, wp_specialchars_decode( $title ), $message ) )
    392392        wp_die( __('The e-mail could not be sent.') . "<br />\n" . __('Possible reason: your host may have disabled the mail() function.') );
    393393
Note: See TracChangeset for help on using the changeset viewer.