From: Richard D. <rd...@us...> - 2002-12-10 22:14:07
|
Update of /cvsroot/twiki/twiki/bin In directory sc8-pr-cvs1:/tmp/cvs-serv6851/bin Modified Files: register Log Message: Fix for Codev.IllegalEmailAddressBug - now validates email addresses using existing regex. Index: register =================================================================== RCS file: /cvsroot/twiki/twiki/bin/register,v retrieving revision 1.30 retrieving revision 1.31 diff -C2 -r1.30 -r1.31 *** register 8 Dec 2002 16:52:33 -0000 1.30 --- register 10 Dec 2002 22:14:03 -0000 1.31 *************** *** 19,22 **** --- 19,26 ---- BEGIN { unshift @INC, '.'; require 'setlib.cfg'; } + # I18N: No locale settings necessary yet - only 7-bit ASCII due + # to Apache limitations on userids. + + use CGI::Carp qw(fatalsToBrowser); use CGI; *************** *** 113,116 **** --- 117,121 ---- return; } + # a WikiName is safe, so untaint variable $wikiName =~ /(.*)/; *************** *** 123,126 **** --- 128,139 ---- return; } + + # check valid email address + if( $emailAddress !~ $TWiki::emailAddrRegex ) { + $url = &TWiki::getOopsUrl( $webName, $topic, "oopsregemail" ); + TWiki::redirect( $query, $url ); + return; + } + # everything OK |