$error = NULL;
if ($_POST) {
global $User;
- if ($User) {
+ if ($User->login) {
$_REQUEST['login'] = $User->login;
+ $_REQUEST['email'] = $_REQUEST['email'] ?: $User->email;
+ }
+ else {
+ unset($_REQUEST['login']);
}
$error = mailform($_REQUEST);
if (!empty($error)) {
}
}
- $reply = preg_match('/\A\w+@\w+\.[a-z]+\z/', @$input['email'])
+ $reply = preg_match('/\A[^\s\'@]{1,64}@[.a-zA-Z0-9-]{4,63}\z/', @$input['email'])
? $input['email'] : "noreply@$domain";
$header = "From: $reply";
'X-Accept-Language' => 'HTTP_ACCEPT_LANGUAGE',
'User-Agent' => 'HTTP_USER_AGENT',
) as $mailhdr => $serverhdr) {
- if (!$_SERVER[$serverhdr]) continue;
+ if (empty($_SERVER[$serverhdr])) continue;
$header .= "\r\n$mailhdr: ".$_SERVER[$serverhdr];
}