Changeset 23

Timestamp:

Dec 1, 2005 8:45:15 PM (18 years ago)

Author:

scdev

Message:

Added Email() class to work with verification, and sending of emails and templates. Updated Formvalidator to use the regex in Email().

Location:

trunk/lib

Files:

• App.inc.php (modified) (1 diff)
• Email.inc.php (added)
• FormValidator.inc.php (modified) (2 diffs)

trunk/lib/App.inc.php

@@ -479 +479 @@
         $event['type'] = $this->logPriorityToString($priority);
         $event['file:line'] = "$file : $line";
-        $event['message'] = strip_tags(preg_replace('/\s{2,}/', ' ', $message));
-    
+        preg_match_all('/(<[^>\s]{7,})[^>]*>/', $message, $strip_tags_allow); // <...> with lots of chars maybe we don't want stripped.
+        $event['message'] = strip_tags(preg_replace('/\s{2,}/', ' ', $message), (!empty($strip_tags_allow[1]) ? join('> ', $strip_tags_allow[1]) . '>' : null));
         $event_str = '[' . join('] [', $event) . ']';
         

trunk/lib/FormValidator.inc.php

@@ -374 +374 @@
 
     /**
-     * Validates email address length, domain name existance, format.
-     *
-     * @param  string  $form_name       The name of the incoming form variable
-     * @param  boolean $allow_fullname  Allow the use of rfc822 expanded email address with comment: Quinn Commie <quinn@strangecode.com>
-     *
-     * @return bool    true if no errors found, false otherwise
-     */
-    function validateEmail($form_name, $allow_fullname=false)
+     * Validates an email address based on the recommendations in RFC 3696.
+     * Is more loose than restrictive, to allow the many valid variants of 
+     * email addresses while catching the most common mistakes.
+     * http://www.faqs.org/rfcs/rfc822.html
+     * http://www.faqs.org/rfcs/rfc2822.html
+     * http://www.faqs.org/rfcs/rfc3696.html
+     * http://www.faqs.org/rfcs/rfc1035.html
+     *
+     * @access  public
+     * @param   string  $form_name  The name of the incoming form variable.
+     * @return  bool    Validity of address.
+     * @author  Quinn Comendant <quinn@strangecode.com>
+     */
+    function validateEmail($form_name)
     {
         $email = getFormData($form_name);
@@ -387 +393 @@
             return false;
         }
-        
+
+        require_once 'codebase/lib/Email.inc.php';
+        $e = new Email();
+
         // Test email address format.
-        if ($allow_fullname) {
-            if (!$this->checkRegex($form_name, '/^[\w\s]*<?[^\s@\[\]<>]{1,}\@[A-Za-z0-9.-]{1,}\.[A-Za-z]{2,5}>?$/i', true, sprintf(_("<strong>%s</strong> is not a valid email address."), $email))) {
-                App::logMsg(sprintf('The email address %s is not valid.', getFormData($form_name)), LOG_DEBUG, __FILE__, __LINE__);
-                return false;
-            }
-        } else {
-            if (!$this->checkRegex($form_name, '/^[^\s@\[\]<>]{1,}\@[A-Za-z0-9.-]{1,}\.[A-Za-z]{2,5}$/i', true, sprintf(_("<strong>%s</strong> is not a valid email address."), $email))) {
-                App::logMsg(sprintf('The email address %s is not valid.', getFormData($form_name)), LOG_DEBUG, __FILE__, __LINE__);
-                return false;
-            }
-        }
-        
+        if (!preg_match($e->getParam('regex'), $email, $e_parts)) {
+            $this->addError($form_name, sprintf(_("<strong>%s</strong> is not a valid email address."), oTxt($email)));
+            App::logMsg(sprintf('The email address %s is not valid.', getFormData($form_name)), LOG_DEBUG, __FILE__, __LINE__);
+            return false;
+        }
+        
+        // We have a match! Here are the captured subpatterns, on which further tests are run.
+        $local = $e_parts[2];
+        // If domain is an IP [XXX.XXX.XXX.XXX] strip off the brackets.
+        $domain = $e_parts[3]{0} == '[' ? substr($e_parts[3], 1, -1) : $e_parts[3];
+
         // Test length.
-        if (!$this->stringLength($form_name, 0, 255, sprintf(_("<strong>Email address</strong> must contain less than 256 characters."), $email))) {
+        if (strlen($local) > 64 || strlen($domain) > 191) {
+            $this->addError($form_name, sprintf(_("<strong>Email address</strong> must contain less than 256 characters."), oTxt($email)));
             App::logMsg(sprintf('The email address %s must contain less than 256 characters.', getFormData($form_name)), LOG_DEBUG, __FILE__, __LINE__);
             return false;
         }
         
-        // Check domain exists and has valid MX record.
-        preg_match('/^[\w\s]*<?[^\s@\[\]<>]{1,}\@([A-Za-z0-9.-]{1,}\.[A-Za-z]{2,5})>?$/i', $email, $matches);
-        if (!empty($matches[1])) {
-            if (!checkdnsrr($matches[1] . '.', 'MX') && gethostbyname($matches[1]) == $matches[1]) {
-                $this->addError($form_name, sprintf(_("<strong>%s</strong> is not a valid email domain name"), $matches[1]));
-                App::logMsg(sprintf('The email address %s contains an invalid email domain name (%s).', getFormData($form_name), $matches[1]), LOG_DEBUG, __FILE__, __LINE__);
-                return false;
-            }
+        // Check domain exists: It's a domain if ip2long fails; Checkdnsrr ensures a MX record exists; Gethostbyname() ensures the domain exists.
+        if (ip2long($domain) == '-1' && function_exists('checkdnsrr') && !checkdnsrr($domain . '.', 'MX') && gethostbyname($domain) == $domain) {
+            $this->addError($form_name, sprintf(_("<strong>%s</strong> is not a valid email domain name"), oTxt($domain)));
+            App::logMsg(sprintf('The email address %s contains an invalid email domain name (%s).', getFormData($form_name), $domain), LOG_DEBUG, __FILE__, __LINE__);
+            return false;
         }
         
         return true;
     }
+//     function validateEmail($form_name, $allow_fullname=false)
+//     {
+//         $email = getFormData($form_name);
+//         if ('' == trim($email)) {
+//             return false;
+//         }
+//         
+//         // Test email address format.
+//         if ($allow_fullname) {
+//             if (!$this->checkRegex($form_name, '/^[^<>@]*<?[^\s@\[\]<>()]+\@[A-Za-z0-9.-]+\.[A-Za-z]{2,5}>?$/i', true, sprintf(_("<strong>%s</strong> is not a valid email address."), $email))) {
+//                 App::logMsg(sprintf('The email address %s is not valid.', getFormData($form_name)), LOG_DEBUG, __FILE__, __LINE__);
+//                 return false;
+//             }
+//         } else {
+//             if (!$this->checkRegex($form_name, '/^[^\s@\[\]<>()]+\@[A-Za-z0-9.-]+\.[A-Za-z]{2,5}$/i', true, sprintf(_("<strong>%s</strong> is not a valid email address."), $email))) {
+//                 App::logMsg(sprintf('The email address %s is not valid.', getFormData($form_name)), LOG_DEBUG, __FILE__, __LINE__);
+//                 return false;
+//             }
+//         }
+//         
+//         // Test length.
+//         if (!$this->stringLength($form_name, 0, 255, sprintf(_("<strong>Email address</strong> must contain less than 256 characters."), $email))) {
+//             App::logMsg(sprintf('The email address %s must contain less than 256 characters.', getFormData($form_name)), LOG_DEBUG, __FILE__, __LINE__);
+//             return false;
+//         }
+//         
+//         // Check domain exists and has valid MX record.
+//         preg_match('/^[^<>@]*<?[^\s@\[\]<>()]+\@([A-Za-z0-9.-]+\.[A-Za-z]{2,5})>?$/i', $email, $matches);
+//         if (!empty($matches[1])) {
+//             if (!checkdnsrr($matches[1] . '.', 'MX') && gethostbyname($matches[1]) == $matches[1]) {
+//                 $this->addError($form_name, sprintf(_("<strong>%s</strong> is not a valid email domain name"), $matches[1]));
+//                 App::logMsg(sprintf('The email address %s contains an invalid email domain name (%s).', getFormData($form_name), $matches[1]), LOG_DEBUG, __FILE__, __LINE__);
+//                 return false;
+//             }
+//         }
+//         
+//         return true;
+//     }
 
     /**