Fix Mail settings command parameter injection

inc/functions.php

@@ -581,9 +581,9 @@ function &get_my_mailhandler($use_buitlin = false)
 			{
 				require_once MYBB_ROOT . "inc/mailhandlers/php.php";
 				$my_mailhandler_builtin = new PhpMail();
-				if(!empty($mybb->settings['mail_parameters']))
+				if(!empty($mybb->config['mail_parameters']))
 				{
-					$my_mailhandler_builtin->additional_parameters = $mybb->settings['mail_parameters'];
+					$my_mailhandler_builtin->additional_parameters = $mybb->config['mail_parameters'];
 				}
 			}
 		}

install/resources/settings.xml

@@ -2330,7 +2330,7 @@ smtp=SMTP mail]]></optionscode>
 		</setting>
 		<setting name="mail_parameters">
 			<title>Additional Parameters for PHP's mail()</title>
-			<description><![CDATA[This setting allows you to set additional parameters for the PHP mail() function. Only used when 'PHP mail' is selected as Mail Handler. <a href="http://php.net/function.mail" target="_blank" rel="noopener">More information</a>]]></description>
+			<description><![CDATA[<strong>Not supported.</strong> Additional parameters can be set in the <a href="https://docs.mybb.com/1.8/faq/mail/#additional-parameters-for-phps-mail">Configuration File</a> instead.]]></description>
 			<disporder>7</disporder>
 			<optionscode><![CDATA[text]]></optionscode>
 			<settingvalue><![CDATA[]]></settingvalue>