Reported by user:int x = 0; that request for e-mail confirmation on WMF wiki crashed after submission.

Error message was: Unbekannter Fehler in der PHP-Funktion mail() [unknown error in PHP function mail()].

The e-mail address itself was harmless and did obviously not disturb our Sanitizer::validateEmail().

However, display-name phrase <someone@example.org> made a PHP standard library function crash.

He/she figured out that according to RFC 2822 section 4.1 a ; is obviously not permitted for display name: "Period (nor any other character from specials) was not allowed in phrase". These specials are: <>"[]:;@\,. Any character except controls and specials are permitted as dot-atom, or needs to be within a quoted-string.

Our user names do not allow squared or angled brackets nor @, but ":;\,. might occur. However, the PHP library function should have stumbled across a dot or comma during recent years; apparently some special characters are accepted. PHP manual didn't tell me much, but is mentioning RFC 2822.

TODO: Someone should figure out whether all user names should be formatted as quoted-string in our PHP calls. Since I did not find an escaping rule for quotes, user names containing quotes might be cheaten by displaying double apostrophe or omitted, passing mail address only.