A simple function to validate emails according to ElkArte "standards" -

fixes #1815 Signed-off-by: emanuele <emanuele45@gmail.com>
elkarte · Sep 16, 2014 · 9914ec3 · 9914ec3
1 parent 7e80de0
commit 9914ec3
Show file tree

Hide file tree

Showing 6 changed files with 39 additions and 4 deletions.
diff --git a/install/install.php b/install/install.php
@@ -1259,7 +1259,7 @@ function action_adminAccount()
 			$incontext['error'] = $txt['error_invalid_characters_username'];
 			return false;
 		}
-		elseif (empty($_POST['email']) || preg_match('~^[0-9A-Za-z=_+\-/][0-9A-Za-z=_\'+\-/\.]*@[\w\-]+(\.[\w\-]+)*(\.[\w]{2,6})$~', stripslashes($_POST['email'])) === 0 || strlen(stripslashes($_POST['email'])) > 255)
+		elseif (empty($_POST['email']) || !filter_var(stripslashes($_POST['email']), FILTER_VALIDATE_EMAIL) || strlen(stripslashes($_POST['email'])) > 255)
 		{
 			// One step back, this time fill out a proper email address.
 			$incontext['error'] = sprintf($txt['error_valid_email_needed'], $_POST['username']);

diff --git a/sources/Subs.php b/sources/Subs.php
@@ -4333,4 +4333,21 @@ function response_prefix()
 	}
 
 	return $response_prefix;
+}
+
+/**
+ * A very simple function to determine if an email address is "valid" for Elkarte.
+ * A valid email for ElkArte is something that resebles an email (filter_var) and
+ * is less than 255 characters (for database limits)
+ *
+ * @param string $value - The string to evaluate as valid email
+ * @return bool|string - The email if valid, false if not a valid email
+ */
+function isValidEmail($value)
+{
+	$value = trim($value);
+	if (filter_var($value, FILTER_VALIDATE_EMAIL) && Util::strlen($value) < 255)
+		return $value;
+	else
+		return false;
 }
diff --git a/sources/admin/PackageServers.controller.php b/sources/admin/PackageServers.controller.php
@@ -361,7 +361,7 @@ public function action_browse()
 						if (!empty($package['author']['email']))
 						{
 							// Only put the "mailto:" if it looks like a valid email address.  Some may wish to put a link to an IM Form or other web mail form.
-							$package['author']['href'] = preg_match('~^[\w\.\-]+@[\w][\w\-\.]+[\w]$~', $package['author']['email']) != 0 ? 'mailto:' . $package['author']['email'] : $package['author']['email'];
+							$package['author']['href'] = filter_var($package['author']['email'], FILTER_VALIDATE_EMAIL) ? 'mailto:' . $package['author']['email'] : $package['author']['email'];
 							$package['author']['link'] = '<a href="' . $package['author']['href'] . '">' . $package['author']['name'] . '</a>';
 						}
 					}

diff --git a/sources/controllers/Register.controller.php b/sources/controllers/Register.controller.php
@@ -493,7 +493,7 @@ public function action_register2($verifiedOpenID = false)
 				if ($row['type'] == 'text' && !empty($row['mask']) && $row['mask'] != 'none')
 				{
 					// @todo We never error on this - just ignore it at the moment...
-					if ($row['mask'] == 'email' && (preg_match('~^[0-9A-Za-z=_+\-/][0-9A-Za-z=_\'+\-/\.]*@[\w\-]+(\.[\w\-]+)*(\.[\w]{2,6})$~', $value) === 0 || strlen($value) > 255))
+					if ($row['mask'] == 'email' && !isValidEmail($value))
 						$reg_errors->addError(array('custom_field_invalid_email', array($row['name'])));
 					elseif ($row['mask'] == 'number' && preg_match('~[^\d]~', $value))
 						$reg_errors->addError(array('custom_field_not_number', array($row['name'])));

diff --git a/sources/subs/Profile.subs.php b/sources/subs/Profile.subs.php
@@ -1495,7 +1495,7 @@ function makeCustomFieldChanges($memID, $area, $sanitize = true)
 			if ($row['field_type'] == 'text' && !empty($row['mask']) && $row['mask'] != 'none')
 			{
 				// @todo We never error on this - just ignore it at the moment...
-				if ($row['mask'] == 'email' && (preg_match('~^[0-9A-Za-z=_+\-/][0-9A-Za-z=_\'+\-/\.]*@[\w\-]+(\.[\w\-]+)*(\.[\w]{2,6})$~', $value) === 0 || strlen($value) > 255))
+				if ($row['mask'] == 'email' && !isValidEmail($value))
 					$value = '';
 				elseif ($row['mask'] == 'number')
 					$value = (int) $value;

diff --git a/tests/sources/TestSubs.php b/tests/sources/TestSubs.php
@@ -64,4 +64,22 @@ function testReplaceBasicActionUrl()
 		foreach ($testStrings as $string => $value)
 			$this->assertEqual(replaceBasicActionUrl($string), $value);
 	}
+
+	function testValidEmailsTLD()
+	{
+		$testemails = array(
+			// Shortest TLD
+			'simple.email@domain.it',
+			'simple.email@domain.tld',
+			'simple.email@domain.stupid',
+			// This is the longest TLD currently available at http://data.iana.org/TLD/tlds-alpha-by-domain.txt
+			'simple.email@domain.cancerresearch',
+			// These are longer than the maximum currently known
+			'simple.email@domain.cancerresearch1',
+			'simple.email@domain.cancerresearch12',
+			'simple.email@domain.cancerresearch123',
+		);
+		foreach ($testemails as $email)
+			$this->assertTrue(isValidEmail($email) !== false);
+	}
 }