Validate ACL identifiers

... e.g. to prevent cyrus imap issues
roundcube · Jan 16, 2018 · a6ad028 · a6ad028
1 parent dbc7892
commit a6ad028
Showing 1 changed file with 7 additions and 0 deletions.
diff --git a/plugins/acl/acl.php b/plugins/acl/acl.php
@@ -495,6 +495,13 @@ private function action_save()
                 if (!strpos($user, '@') && ($realm = $this->get_realm())) {
                     $user .= '@' . rcube_utils::idn_to_ascii(preg_replace('/^@/', '', $realm));
                 }
+
+                // Make sure it's valid email address to prevent from "disappearing folder"
+                // issue in Cyrus IMAP e.g. when the acl user identifier contains spaces inside.
+                if (strpos($user, '@') && !rcube_utils::check_email($user, false)) {
+                    $user = null;
+                }
+
                 $username = $user;
             }