WordPress.org

Make WordPress Core

Opened 7 years ago

Closed 6 years ago

Last modified 4 years ago

#5169 closed defect (bug) (fixed)

Posting from email addresses with "hyphen" cannot be assigned to the user

Reported by: giannis1 Owned by:
Milestone: 2.3.1 Priority: high
Severity: normal Version: 2.3
Component: General Keywords: has-patch tested
Focuses: Cc:

Description

I am trying to post a message via email and HTML form to my Wordpress... and it doesn't assign the post to the user when the email address includes "hyphen"...when user's email address is without "hyphen" is assign perfectly the post to the User.

For example:

When a user@… submit a post via an external HTML form or by email, the post is assigned to the user. However, when user@… submit, it assigns the post to the admin.

Please help!

Thanks

John

Attachments (3)

wp-mail.php.diff (694 bytes) - added by markjaquith 7 years ago.
wp-mail.php.2.diff (737 bytes) - added by markjaquith 7 years ago.
Using sanitize_email() and is_email()
wp-mail.php.3.diff (852 bytes) - added by Bobcat 7 years ago.
Isolates email addr before sanitizing (fixed typo in comment)

Download all attachments as: .zip

Change History (18)

markjaquith7 years ago

comment:1 markjaquith7 years ago

  • Milestone set to 2.4
  • Version set to 2.3

giannis1, try the patch I uploaded.

comment:2 westi7 years ago

-1 to current patch.

Should we not use is_email and sanitize_email here - that way we have one rule for sanitizing all email addresses.

markjaquith7 years ago

Using sanitize_email() and is_email()

comment:3 markjaquith7 years ago

  • Keywords has-patch 2nd-opinion added

Patch updated with Westi's suggestions.

comment:4 westi7 years ago

  • Keywords dev-reviewed added; 2nd-opinion removed

+1

New patch looks good to me.

comment:5 markjaquith7 years ago

  • Resolution set to fixed
  • Status changed from new to closed

(In [6212]) Properly sanitize e-mail addresses in wp-mail.php. Props giannis1. fixes #5169 for trunk

comment:6 Bobcat7 years ago

  • Resolution fixed deleted
  • Status changed from closed to reopened

This patch doesn't work. All emails get posted by 'admin'. The problem is that sanitize_email returns "FromUserNameaddr@domain.com" when the rest of the code expects simply "addr@…" for looking-up the email address.

comment:7 markjaquith7 years ago

  • Resolution set to fixed
  • Status changed from reopened to closed

(In [6217]) Strip From/Reply-To from e-mail before sanitizing in wp-mail.php. Props Bobcat. fixes #5169

comment:8 Bobcat7 years ago

  • Resolution fixed deleted
  • Status changed from closed to reopened

Nope, still doesn't work. It leaves the user name part of the From line; the part in quotes. e.g.: From line is:

From: "User Name" <addr@…>

But your code sets $author to:

UserNameaddr@domain.com

When the rest of the code needs:

addr@…

The easiest thing to do might be to use the regexp from your first patch to isolate the addr@… part, then call sanitize_email and is_email.

comment:9 Bobcat7 years ago

  • Keywords 2nd-opinion added; dev-reviewed removed

This patch (wp-mail.php.3.diff) isolates the email address before sending it to sanitize_email and is_email. I also improved the regexp to ignore strings that look like an email address if it's followed by a string in angle brackets (the string in angle brackets is the real email address); handles the case where a quoted string contains an "@" but isn't the real email address. I hope that makes sense.

Bobcat7 years ago

Isolates email addr before sanitizing (fixed typo in comment)

comment:10 ryan7 years ago

See the regular expression for matching email addresses and weep.

http://trac.wordpress.org/attachment/ticket/4616/4616b.diff

comment:11 ryan7 years ago

So let's see how the proposed patch for #4616 applies here, think about bumping the logic into a function like extract_email_address(), and maybe see if there's some squirrelmail code we can steal.

comment:12 ryan6 years ago

Alright, Bobcat's patch looks like a good fix for now and we can explore the bigger issues later.

comment:13 Bobcat6 years ago

  • Keywords tested added; 2nd-opinion removed
  • Milestone changed from 2.4 to 2.3.1

Thank you. Patch tested with WP 2.3 by sending emails from addresses with and without hyphens in the email address.

comment:14 ryan6 years ago

  • Resolution set to fixed
  • Status changed from reopened to closed

(In [6280]) Allow hypens in email addresses. Props Bobcat. fixes #5169 for 2.3

comment:15 ryan6 years ago

(In [6281]) Fix email address parsing in wp-mail.php. Props Bobcat. fixes #5169

Note: See TracTickets for help on using tickets.