mirror of
https://github.com/moodle/moodle.git
synced 2025-04-24 18:04:43 +02:00
61367eb639
The patch adds validation for the noreplyaddress setting variable, for the explicit $replyto parameter and for the sender's email. In case of misconfigured noreplyaddress setting, it falls back to the default noreply address value. In case of invalid email in the user's record, the email is not sent. The patch also adds unit test for the value returned by the function generate_email_processing_address() so that it can be considered as a valid email, too. This is supposed to significantly minimise the risk of exploiting the vulnerability in PHPMailer's Sender field.
.-..-.
_____ | || |
/____/-.---_ .---. .---. .-.| || | .---.
| | _ _ |/ _ \/ _ \/ _ || |/ __ \
* | | | | | || |_| || |_| || |_| || || |___/
|_| |_| |_|\_____/\_____/\_____||_|\_____)
Moodle - the world's open source learning platform
Moodle <https://moodle.org> is a learning platform designed to provide
educators, administrators and learners with a single robust, secure and
integrated system to create personalised learning environments.
You can download Moodle <https://download.moodle.org> and run it on your own
web server, ask one of our Moodle Partners <https://moodle.com/partners/> to
assist you, or have a MoodleCloud site <https://moodle.com/cloud/> set up for
you.
Moodle is widely used around the world by universities, schools, companies and
all manner of organisations and individuals.
Moodle is provided freely as open source software, under the GNU General Public
License <https://docs.moodle.org/dev/License>.
Moodle is written in PHP and JavaScript and uses an SQL database for storing
the data.
See <https://docs.moodle.org> for details of Moodle's many features.