Commit b0c75c0b authored by Aaron Wells's avatar Aaron Wells Committed by Gerrit Code Review

Merge "Bug 1615280: More robust email validation"

parents ce1a97ac 1192c05d
......@@ -15,7 +15,6 @@ define('MENUITEM', 'configusers/uploadcsv');
require(dirname(dirname(dirname(__FILE__))) . '/init.php');
define('TITLE', get_string('uploadcsv', 'admin'));
require_once('institution.php');
require_once('phpmailer/class.phpmailer.php');
safe_require('artefact', 'internal');
// Turn on autodetecting of line endings, so mac newlines (\r) will work
......@@ -290,7 +289,7 @@ function uploadcsv_validate(Pieform $form, $values) {
// Duplicate email within this file.
$csverrors->add($i, get_string('uploadcsverroremailaddresstaken', 'admin', $i, $email));
}
else if (!PHPMailer::ValidateAddress($email)) {
else if (!sanitize_email($email)) {
$csverrors->add($i, get_string('uploadcsverrorinvalidemail', 'admin', $i, $email));
}
else if (!$values['updateusers']) {
......
......@@ -238,9 +238,8 @@ function profileform_validate(Pieform $form, $values) {
}
if (isset($values['email']['unsent']) && is_array($values['email']['validated'])) {
require_once('phpmailer/class.phpmailer.php');
foreach ($values['email']['unsent'] as $email) {
if (!PHPMailer::ValidateAddress($email)) {
if (!sanitize_email($email)) {
$form->set_error('email', get_string('invalidemailaddress', 'artefact.internal') . ': ' . hsc($email));
break;
}
......
......@@ -4269,7 +4269,8 @@ function is_https() {
}
function sanitize_email($value) {
if (filter_var($value, FILTER_VALIDATE_EMAIL) === false) {
require_once('phpmailer/class.phpmailer.php');
if (!PHPMailer::validateAddress($value)) {
return '';
}
return $value;
......
......@@ -37,7 +37,7 @@
* the address.
*/
function pieform_rule_email(Pieform $form, $value, $element) {/*{{{*/
if (!preg_match('/^[A-Za-z0-9+\._%-]+@(?:[A-Za-z0-9-]+\.)+[a-z]{2,4}$/', $value)) {
if (!sanitize_email($value)) {
return $form->i18n('rule', 'email', 'email', $element);
}
}/*}}}*/
}
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment