问题描述
突然开始收到上述错误,而不已经作出了脚本进行任何更改。
Suddenly have started receiving the above error without any changes having been made to the script.
主机是的1and1(我知道...)
Host is 1and1 (I know...)
该脚本也可正常工作在不同的服务器上,所以我怀疑的是,一定有一些服务器配置的变化已导致这一点,虽然主机说不知道。
The script still works fine on a different server, and so my suspicion is that there must have been some server config change that has lead to this, although the hosts plead ignorance.
有一个在上面的错误都在谷歌,我找不到任何信息 - 没有任何人有什么想法?服务器正在运行的Apache是否有帮助。
There's no information on the above error at all in Google that I can find - does anybody have any ideas? Server is running Apache if that helps.
推荐答案
方才类似的问题。结果
这突如其来的。没有PHP code的改变。
Had just the similar problem.
It came out of the blue. No PHP Code was changed.
什么改变:PHP升级到5.5.25-1 5.5.26。
What was changed: PHP was upgraded 5.5.25-1 to 5.5.26.
在PHP安全风险电子邮件()
功能已得到修复,并在 additional_headers额外的新行
允许没有更多。由于额外的新行的意思是:从现在开始电子邮件(我们当然不希望有人通过头,后跟一个邪恶的消息注入一些新行)。
A security risk in PHP mail()
function has been fixed and extra newlines in additional_headers
are allowed no more. Because extra newlines mean: now starts the email message (and we surely don't want somebody to inject some newlines through headers followed by an evil message).
什么previously都工作正常,如只是有额外的新行头后,甚至整个消息传递给 additional_headers
,将功能没了。
What previously have worked fine, e.g. just having extra newlines after headers or even passing the whole message to additional_headers
, will function no more.
解决方案
- 净化你的头。在
additional_headers没有多换行
参数。这些被视为多或畸形的换行符:\\ r \\ r \\ r \\ 0 \\ r \\ n \\ r \\ n,\\ n \\ n,\\ n \\ 0
。 - 使用
additional_headers
只有头。电子邮件(多部分与否,与IR无附件等)在的消息
参数所属,没有头。
- Sanitize your headers. No multiple newlines in
additional_headers
argument. These count as "multiple or malformed newlines":\r\r, \r\0, \r\n\r\n, \n\n, \n\0
. - Use
additional_headers
for headers only. Email message (multipart or not, with ir without attachments, etc) belongs inmessage
argument, not in headers.
PHP安全漏洞报告:结果
C $ C $ç差异如何将其固定:<一href=\"http://git.php.net/?p=php-src.git;a=blobdiff;f=ext/standard/mail.c;h=448013a472a3466245e64b1cb37a9d1b0f7c007e;hp=1ebc8fecb7ef4c266a341cdc701f0686d6482242;hb=9d168b863e007c4e15ebe4d2eecabdf8b0582e30;hpb=eee8b6c33fc968ef8c496db8fb54e8c9d9d5a8f9\">http://git.php.net/?p=php-src.git;a=blobdiff;f=ext/standard/mail.c;h=448013a472a3466245e64b1cb37a9d1b0f7c007e;hp=1ebc8fecb7ef4c266a341cdc701f0686d6482242;hb=9d168b863e007c4e15ebe4d2eecabdf8b0582e30;hpb=eee8b6c33fc968ef8c496db8fb54e8c9d9d5a8f9
PHP Security Bug report: https://bugs.php.net/bug.php?id=68776
C Code diff how its fixed: http://git.php.net/?p=php-src.git;a=blobdiff;f=ext/standard/mail.c;h=448013a472a3466245e64b1cb37a9d1b0f7c007e;hp=1ebc8fecb7ef4c266a341cdc701f0686d6482242;hb=9d168b863e007c4e15ebe4d2eecabdf8b0582e30;hpb=eee8b6c33fc968ef8c496db8fb54e8c9d9d5a8f9
这篇关于错误使用PHP的mail():在additional_header找到多个或畸形换行符的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!