mbbsd: Check register email address harder

The register email address checking is really bad. It only checks for one and only one '@'. The codebase already has is_valid_email(), which does a better check. Use that instead.
ptt · Jul 15, 2022 · 26b55a0 · 26b55a0
1 parent 1073120
commit 26b55a0
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/mbbsd/register.c b/mbbsd/register.c
@@ -992,8 +992,8 @@ normalize_email(char *email)
 {
     char *c = strchr(email, '@');
 
-    // reject no '@' or multiple '@'
-    if (c == NULL || c != strrchr(email, '@'))
+    // reject no '@' or invalid email address
+    if (!c || !is_valid_email(email))
 	return false;
 
     // domain tolower