From: lpsolit%gmail.com <> Date: Wed, 14 Dec 2005 05:39:06 +0000 (+0000) Subject: Bug 278414: Cannot add 'cc' notification for Flags when using emailsuffixes - Patch... X-Git-Tag: bugzilla-2.20.1~60 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cefafafc984d3ab0c415d31967d35261ebd2db1d;p=thirdparty%2Fbugzilla.git Bug 278414: Cannot add 'cc' notification for Flags when using emailsuffixes - Patch by Frédéric Buclin r=wurblzap a=justdave --- diff --git a/editflagtypes.cgi b/editflagtypes.cgi index bdf0779b4d..b7131df997 100755 --- a/editflagtypes.cgi +++ b/editflagtypes.cgi @@ -488,7 +488,18 @@ sub validateCCList { { cc_list => $cgi->param('cc_list') }); my @addresses = split(/[, ]+/, $cgi->param('cc_list')); - foreach my $address (@addresses) { CheckEmailSyntax($address) } + # We do not call Util::validate_email_syntax because these + # addresses do not require to match 'emailregexp' and do not + # depend on 'emailsuffix'. So we limit ourselves to a simple + # sanity check: + # - match the syntax of a fully qualified email address; + # - do not contain any illegal character. + foreach my $address (@addresses) { + ($address =~ /^[\w\.\+\-=]+@[\w\.\-]+\.[\w\-]+$/ + && $address !~ /[\\\(\)<>&,;:"\[\] \t\r\n]/) + || ThrowUserError('illegal_email_address', + {addr => $address, default => 1}); + } } sub validateProduct { diff --git a/template/en/default/global/user-error.html.tmpl b/template/en/default/global/user-error.html.tmpl index 57df240459..683132a14d 100644 --- a/template/en/default/global/user-error.html.tmpl +++ b/template/en/default/global/user-error.html.tmpl @@ -554,8 +554,13 @@ [% ELSIF error == "illegal_email_address" %] [% title = "Invalid Email Address" %] The e-mail address you entered ([% addr FILTER html %]) - didn't pass our syntax checking for a legal email address. - [%+ Param('emailregexpdesc') %] + didn't pass our syntax checking for a legal email address. + [% IF default %] + A legal address must contain exactly one '@', + and at least one '.' after the @. + [% ELSE %] + [%+ Param('emailregexpdesc') %] + [% END %] It must also not contain any of these special characters: \ ( ) & < > , ; : " [ ], or any whitespace.