Prevent email header injection

git-svn-id: http://svn.code.sf.net/p/itop/code/trunk@1573 a333f486-631f-4898-b8df-5754b55c2be0

core/email.class.inc.php

@@ -86,8 +86,8 @@ class EMail
 		set_error_handler(array($this, 'mail_error_handler'));
 		$bRes = mail
 		(
-			$this->m_sTo,
-			$this->m_sSubject,
+			str_replace(array("\n", "\r"), ' ', $this->m_sTo), // Prevent header injection
+			str_replace(array("\n", "\r"), ' ', $this->m_sSubject), // Prevent header injection
 			$this->m_sBody,
 			$sHeaders
 		);