CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
_isShellSafe example
// override this, adjust $settings['mail_line_endings'] in settings.php.
$mail_body = preg_replace('@\r?\n@', $line_endings, $message['body']);
$mail_headers = $headers->toString();
if (!$this->request->server->has('WINDIR') && !str_contains($this->request->server->get('SERVER_SOFTWARE'), 'Win32')) {
// On most non-Windows systems, the "-f" option to the sendmail command // is used to set the Return-Path. There is no space between -f and // the value of the return path. // We validate the return path, unless it is equal to the site mail, which // we assume to be safe. $site_mail = $this->configFactory->get('system.site')->get('mail');
$additional_params = isset($message['Return-Path']) && ($site_mail === $message['Return-Path'] || static::_isShellSafe($message['Return-Path'])) ? '-f' . $message['Return-Path'] : '';
$mail_result = $this->doMail(
$message['to'],
$mail_subject,
$mail_body,
$mail_headers,
$additional_params
);
}
else {
// On Windows, PHP will use the value of sendmail_from for the // Return-Path header.
$mail_headers = $headers->toString();
if (!$this->request->server->has('WINDIR') && !str_contains($this->request->server->get('SERVER_SOFTWARE'), 'Win32')) {
// On most non-Windows systems, the "-f" option to the sendmail command // is used to set the Return-Path. There is no space between -f and // the value of the return path. // We validate the return path, unless it is equal to the site mail, which // we assume to be safe. $site_mail = $this->configFactory->get('system.site')->get('mail');
$additional_params = isset($message['Return-Path']) && ($site_mail === $message['Return-Path'] || static::_isShellSafe($message['Return-Path'])) ? '-f' . $message['Return-Path'] : '';
$mail_result = $this->doMail(
$message['to'],
$mail_subject,
$mail_body,
$mail_headers,
$additional_params
);
}
else {
// On Windows, PHP will use the value of sendmail_from for the // Return-Path header.