Bug 301453: Move CheckEmailSyntax out of CGI.pl - Patch by Frédéric Buclin <LpSolit...

diff --git a/Bugzilla/User.pm b/Bugzilla/User.pm
index 494876b31e4b2d93fcd251f2984e16a23ca77a4e..231f096672a8ad33bdf596493ac7185d57e9073e 100644 (file)
--- a/Bugzilla/User.pm
+++ b/Bugzilla/User.pm
@@ -1138,7 +1138,7 @@ sub insert_new_user ($$;$$) {
     $password ||= &::GenerateRandomPassword();
     my $cryptpassword = bz_crypt($password);
 
-    # XXX - These should be moved into ValidateNewUser or CheckEmailSyntax
+    # XXX - These should be moved into is_available_username or check_email_syntax
     #       At the least, they shouldn't be here. They're safe for now, though.
     trick_taint($username);
     trick_taint($realname);

diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm
index 1ac25d1aa3a33d21b1e60e4db5a999ef91ae366a..256be5c31fdb7021242a636492e695d6e97bdf28 100644 (file)
--- a/Bugzilla/Util.pm
+++ b/Bugzilla/Util.pm
@@ -39,7 +39,7 @@ use base qw(Exporter);
                              trim wrap_comment find_wrap_point
                              format_time format_time_decimal
                              file_mod_time
-                             bz_crypt);
+                             bz_crypt check_email_syntax);
 
 use Bugzilla::Config;
 use Bugzilla::Error;
@@ -342,6 +342,14 @@ sub bz_crypt ($) {
     return $cryptedpassword;
 }
 
+sub check_email_syntax {
+    my ($addr) = (@_);
+    my $match = Param('emailregexp');
+    if ($addr !~ /$match/ || $addr =~ /[\\\(\)<>&,;:"\[\] \t\r\n]/) {
+        ThrowUserError("illegal_email_address", { addr => $addr });
+    }
+}
+
 sub ValidateDate {
     my ($date, $format) = @_;
     my $date2;

diff --git a/CGI.pl b/CGI.pl
index 5fbbe48f44854d7ba37cbd4e9e2a5a0695cbc709..a5f369f81a2551bcf4f8d30dc2ca60fc29fa7881 100644 (file)
--- a/CGI.pl
+++ b/CGI.pl
@@ -103,14 +103,6 @@ sub CheckFormFieldDefined ($$) {
     }
 }
 
-sub CheckEmailSyntax {
-    my ($addr) = (@_);
-    my $match = Param('emailregexp');
-    if ($addr !~ /$match/ || $addr =~ /[\\\(\)<>&,;:"\[\] \t\r\n]/) {
-        ThrowUserError("illegal_email_address", { addr => $addr });
-    }
-}
-
 sub PutHeader {
     ($vars->{'title'}, $vars->{'h1'}, $vars->{'h2'}) = (@_);
      

diff --git a/createaccount.cgi b/createaccount.cgi
index 499e200e7198de747365c3329bcb104cf40e235f..d42ed76ec8841fe9e1f82aba7b299c43b7f7f967 100755 (executable)
--- a/createaccount.cgi
+++ b/createaccount.cgi
@@ -33,6 +33,7 @@ require "CGI.pl";
 use Bugzilla::Constants;
 use Bugzilla::User;
 use Bugzilla::BugMail;
+use Bugzilla::Util;
 
 # Shut up misguided -w warnings about "used only once":
 use vars qw(
@@ -63,7 +64,7 @@ my $login = $cgi->param('login');
 if (defined($login)) {
     # We've been asked to create an account.
     my $realname = trim($cgi->param('realname'));
-    CheckEmailSyntax($login);
+    check_email_syntax($login);
     $vars->{'login'} = $login;
     
     if (!is_available_username($login)) {

diff --git a/editflagtypes.cgi b/editflagtypes.cgi
index bdf0779b4d19527bcfae91e580b51359c4159d29..57795f4933a7b7ab2fb33c5d8109ba50df4eb910 100755 (executable)
--- a/editflagtypes.cgi
+++ b/editflagtypes.cgi
@@ -37,6 +37,7 @@ use Bugzilla::Constants;
 use Bugzilla::Flag;
 use Bugzilla::FlagType;
 use Bugzilla::User;
+use Bugzilla::Util;
 
 use vars qw( $template $vars );
 
@@ -488,7 +489,7 @@ sub validateCCList {
                         { cc_list => $cgi->param('cc_list') });
     
     my @addresses = split(/[, ]+/, $cgi->param('cc_list'));
-    foreach my $address (@addresses) { CheckEmailSyntax($address) }
+    foreach my $address (@addresses) { check_email_syntax($address) }
 }
 
 sub validateProduct {

diff --git a/editusers.cgi b/editusers.cgi
index 18005fd940ced75ae72f9992c7816141811522f1..be1607130cdd29bd3074fedcf2ac8abe2bd9f289 100755 (executable)
--- a/editusers.cgi
+++ b/editusers.cgi
@@ -170,7 +170,7 @@ if ($action eq 'search') {
 
     # Validity checks
     $login || ThrowUserError('user_login_required');
-    CheckEmailSyntax($login);
+    check_email_syntax($login);
     is_available_username($login) || ThrowUserError('account_exists',
                                                     {'email' => $login});
     ValidatePassword($password);
@@ -246,7 +246,7 @@ if ($action eq 'search') {
         if ($login ne $loginold) {
             # Validate, then trick_taint.
             $login || ThrowUserError('user_login_required');
-            CheckEmailSyntax($login);
+            check_email_syntax($login);
             is_available_username($login) || ThrowUserError('account_exists',
                                                             {'email' => $login});
             trick_taint($login);

diff --git a/token.cgi b/token.cgi
index 0e0753807197c27b5c247749eac8d0b26c042a78..f3e7bd7ce6d708a53c153d1363f9fe8b1bba404f 100755 (executable)
--- a/token.cgi
+++ b/token.cgi
@@ -112,7 +112,7 @@ if ( $::action eq 'reqpw' ) {
 
     # Make sure the login name looks like an email address.  This function
     # displays its own error and stops execution if the login name looks wrong.
-    CheckEmailSyntax($cgi->param('loginname'));
+    check_email_syntax($cgi->param('loginname'));
 
     my $quotedloginname = SqlQuote($cgi->param('loginname'));
     SendSQL("SELECT userid FROM profiles WHERE " .

diff --git a/userprefs.cgi b/userprefs.cgi
index 5f52a3ca72648e6ea1c317f54032f5fb95e60254..be6f40b049d4db3557fd4589bb2477eff5571acd 100755 (executable)
--- a/userprefs.cgi
+++ b/userprefs.cgi
@@ -118,7 +118,7 @@ sub SaveAccount {
             }
 
             # Before changing an email address, confirm one does not exist.
-            CheckEmailSyntax($new_login_name);
+            check_email_syntax($new_login_name);
             trick_taint($new_login_name);
             is_available_username($new_login_name)
               || ThrowUserError("account_exists", {email => $new_login_name});