SF.net SVN: postfixadmin:[1622] branches/postfixadmin-2.3

[<chr...@us...>]

Revision: 1622
          http://sourceforge.net/p/postfixadmin/code/1622
Author:   christian_boltz
Date:     2014-01-12 17:39:58 +0000 (Sun, 12 Jan 2014)
Log Message:
-----------
functions.inc.php:
- check_email(): don't trim() mail address to avoid that aliases 
  starting with a space are allowed. This fixes 
  http://sourceforge.net/p/postfixadmin/bugs/210/ and 
  https://sourceforge.net/p/postfixadmin/feature-requests/113/

create-mailbox.php:
- revert r1520 - changing check_email() to not trim the mail address 
  is better than trim()ing the localpart

CHANGELOG.TXT:
- update for the changes above

Revision Links:
--------------
    http://sourceforge.net/p/postfixadmin/code/1520

Modified Paths:
--------------
    branches/postfixadmin-2.3/CHANGELOG.TXT
    branches/postfixadmin-2.3/create-mailbox.php
    branches/postfixadmin-2.3/functions.inc.php

Modified: branches/postfixadmin-2.3/CHANGELOG.TXT
===================================================================
--- branches/postfixadmin-2.3/CHANGELOG.TXT	2014-01-08 20:14:09 UTC (rev 1621)
+++ branches/postfixadmin-2.3/CHANGELOG.TXT	2014-01-12 17:39:58 UTC (rev 1622)
@@ -15,7 +15,9 @@
   - lt.lang, da.lang translation update
   - when enabling/disabling a mailbox, also update the corresponding alias
   - fix creating superadmin in setup.php with MariaDB (more strict SQL)
-  - trim() localpart in create-mailbox to avoid mailbox names with leading space
+  - don't trim() mail address to avoid that aliases starting with a space are
+    allowed. This fixes http://sourceforge.net/p/postfixadmin/bugs/210/ and
+    https://sourceforge.net/p/postfixadmin/feature-requests/113/
   - mark vacation_notification.notified field as latin1 to avoid overlong index
   - vacation.pl: encode subject
   - vacation.pl: disable use of TLS by default due to a bug in Mail::Sender 0.8.22

Modified: branches/postfixadmin-2.3/create-mailbox.php
===================================================================
--- branches/postfixadmin-2.3/create-mailbox.php	2014-01-08 20:14:09 UTC (rev 1621)
+++ branches/postfixadmin-2.3/create-mailbox.php	2014-01-12 17:39:58 UTC (rev 1622)
@@ -71,7 +71,7 @@
 if ($_SERVER['REQUEST_METHOD'] == "POST")
 {
 
-    if (isset ($_POST['fUsername']) && isset ($_POST['fDomain'])) $fUsername = escape_string (trim($_POST['fUsername'])) . "@" . escape_string ($_POST['fDomain']);
+    if (isset ($_POST['fUsername']) && isset ($_POST['fDomain'])) $fUsername = escape_string ($_POST['fUsername']) . "@" . escape_string ($_POST['fDomain']);
     $fUsername = strtolower ($fUsername);
     if (isset ($_POST['fPassword'])) $fPassword = escape_string ($_POST['fPassword']);
     if (isset ($_POST['fPassword2'])) $fPassword2 = escape_string ($_POST['fPassword2']);

Modified: branches/postfixadmin-2.3/functions.inc.php
===================================================================
--- branches/postfixadmin-2.3/functions.inc.php	2014-01-08 20:14:09 UTC (rev 1621)
+++ branches/postfixadmin-2.3/functions.inc.php	2014-01-12 17:39:58 UTC (rev 1622)
@@ -284,7 +284,7 @@
     }
 
     // Perform non-domain-part sanity checks
-    if (!preg_match ('/^[-!#$%&\'*+\\.\/0-9=?A-Z^_{|}~]+' . '@' . '[^@]+$/i', trim ($ce_email)))
+    if (!preg_match ('/^[-!#$%&\'*+\\.\/0-9=?A-Z^_{|}~]+' . '@' . '[^@]+$/i', $ce_email))
     {
         flash_error($PALANG['pInvalidMailRegex']);
         return false;

This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.