From: Ilia Alshanetsky Date: Mon, 7 Sep 2009 02:35:25 +0000 (+0000) Subject: Fixed bug #49470 (FILTER_SANITIZE_EMAIL allows disallowed characters). X-Git-Tag: php-5.2.11RC3~8 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=27fb503751df8a0a892ee8272e94af4674338c0a;p=php Fixed bug #49470 (FILTER_SANITIZE_EMAIL allows disallowed characters). --- diff --git a/NEWS b/NEWS index 2f06f752d2..0f4b9201a3 100644 --- a/NEWS +++ b/NEWS @@ -1,10 +1,10 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| 0? Sep 2009, PHP 5.2.11 -- Fixed bug #48060 (pdo_pgsql - large objects are returned as empty). (Matteo) +- Fixed bug #49470 (FILTER_SANITIZE_EMAIL allows disallowed characters). - Fixed bug #49447 (php engine needs to correctly check for socket API return status on windows). (Sriram Natarajan) - +- Fixed bug #48060 (pdo_pgsql - large objects are returned as empty). (Matteo) 03 Sep 2009, PHP 5.2.11RC2 - Added missing sanity checks around exif processing. (Ilia) diff --git a/ext/filter/sanitizing_filters.c b/ext/filter/sanitizing_filters.c index 24eafd13da..cdfe08c29b 100644 --- a/ext/filter/sanitizing_filters.c +++ b/ext/filter/sanitizing_filters.c @@ -275,7 +275,7 @@ void php_filter_unsafe_raw(PHP_INPUT_FILTER_PARAM_DECL) void php_filter_email(PHP_INPUT_FILTER_PARAM_DECL) { /* Check section 6 of rfc 822 http://www.faqs.org/rfcs/rfc822.html */ - const unsigned char allowed_list[] = LOWALPHA HIALPHA DIGIT "!#$%&'*+-/=?^_`{|}~@.[]"; + const unsigned char allowed_list[] = LOWALPHA HIALPHA DIGIT "!#$%&'*+-=?^_`{|}~@.[]"; filter_map map; filter_map_init(&map);