- Implemented security token system. (Secunia Advisory SA34627)
- Fix issue with multi-part related messages not showing all attachments (#2830140).
- Fix for security token missing in newmail plugin (#2919418).
+ - Fix for mailto: urls containing + characters, thanks to Michael Puls II for the
+ patch.
Version 1.5.1 (branched on 2006-02-12)
--------------------------------------
if ((preg_match($MailTo_PReg_Match, $mailto, $regs)) && ($regs[0] != '')) {
//sm_print_r($regs);
$mailto_before = $target_token . $regs[0];
- $mailto_params = $regs[10];
+ /**
+ * '+' characters in a mailto URI don't need to be percent-encoded.
+ * However, when mailto URI data is transported via HTTP, '+' must
+ * be percent-encoded as %2B so that when the HTTP data is
+ * percent-decoded, you get '+' back and not a space.
+ */
+ $mailto_params = str_replace("+", "%2B", $regs[10]);
if ($regs[1]) { //if there is an email addr before '?', we need to merge it with the params
- $to = 'to=' . $regs[1];
+ $to = 'to=' . str_replace("+", "%2B", $regs[1]);
if (strpos($mailto_params, 'to=') > -1) //already a 'to='
$mailto_params = str_replace('to=', $to . '%2C%20', $mailto_params);
else {
projects / squirrelmail.git / commitdiff