On Oct 15, 2008, at 11:08 AM, Ziba Scott wrote:
Hi Till,
Thanks for the response. I'd like to just quote everything and
stick it in the database, but ticket 1463946: http://trac.roundcube.net/ticket/1463946suggests that there is a set of characters that are undesirable to
store and may cause difficulty sending mail to users with strange names.
A Wikipedia page has a summary of the relevant RFCs http://en.wikipedia.org/wiki/E-mail_address#RFC_specification and a specific list of characters.
Apostrophes are particularly bad with SQL statements.
My personal hack is to replace those with the HTML entity '
before SQL, and then convert back ( if I need to ) when reading from
the database.
From reading the lists for the spam filtering software we use, e-
mail addresses that _begin_ with a plus can cause problems, as can
addresses with hyphens.
Which puts us in the position of picking and choosing what should go into the database.
Data validation problem, which is true of any input data.