Refactor firstname, lastname, email validation into functions

This will standardize the way that Mahara sanitizes these personal details. PHPMailer is no longer necessary since in PHP 5.2, it's just a call to filter_var(). Change-Id: I151fe4f91c9731cfa24b5a6e9d0cebeabfcd1a77 Signed-off-by: Francois Marier <francois@catalyst.net.nz>

Refactor firstname, lastname, email validation into functions
This will standardize the way that Mahara sanitizes these personal details. PHPMailer is no longer necessary since in PHP 5.2, it's just a call to filter_var(). Change-Id: I151fe4f91c9731cfa24b5a6e9d0cebeabfcd1a77 Signed-off-by: Francois Marier <francois@catalyst.net.nz>
22386183 · Francois Marier · b1a57065 · 22386183 · 22386183
Commit 22386183 authored Nov 11, 2011 by Francois Marier
--- a/htdocs/admin/users/add.php
+++ b/htdocs/admin/users/add.php
@@ -186,9 +186,9 @@ function adduser_validate(Pieform $form, $values) {
    }

    $username  = $values['username'];
-    $firstname = $values['firstname'];
-    $lastname  = $values['lastname'];
-    $email     = $values['email'];
+    $firstname = sanitize_firstname($values['firstname']);
+    $lastname  = sanitize_lastname($values['lastname']);
+    $email     = sanitize_email($values['email']);
    $password  = $values['password'];

    if ($USER->get('admin') || get_config_plugin('artefact', 'file', 'institutionaloverride')) {
@@ -256,16 +256,15 @@ function adduser_validate(Pieform $form, $values) {
        }
    }
    else {
-        if (!$form->get_error('firstname') && !preg_match('/\S/', $firstname)) {
+        if (!$form->get_error('firstname') && empty($firstname)) {
            $form->set_error('firstname', $form->i18n('rule', 'required', 'required'));
        }
-        if (!$form->get_error('lastname') && !preg_match('/\S/', $lastname)) {
+        if (!$form->get_error('lastname') && empty($lastname)) {
            $form->set_error('lastname', $form->i18n('rule', 'required', 'required'));
        }

        if (!$form->get_error('email')) {
-            require_once('phpmailer/class.phpmailer.php');
-            if (!$form->get_error('email') && !PHPMailer::ValidateAddress($email)) {
+            if (!$form->get_error('email') && empty($email)) {
                $form->set_error('email', get_string('invalidemailaddress', 'artefact.internal'));
            }


--- a/htdocs/lib/mahara.php
+++ b/htdocs/lib/mahara.php
@@ -2886,3 +2886,24 @@ function is_html_editor_enabled () {
 function is_https() {
    return stripos(get_config('wwwroot'), 'https://') !== false;
 }
+
+function sanitize_email($value) {
+    if (filter_var($value, FILTER_VALIDATE_EMAIL) === false) {
+        return '';
+    }
+    return $value;
+}
+
+function sanitize_firstname($value) {
+    if (!preg_match('/\S/', $value)) {
+        return '';
+    }
+    return $value;
+}
+
+function sanitize_lastname($value) {
+    if (!preg_match('/\S/', $value)) {
+        return '';
+    }
+    return $value;
+}