Advanced search  

News:

cpg1.5.46 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter recently discovered vulnerabilities. It is important that all users who run version cpg1.5.44 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: [Fixed]: ecard invalid address error mesage  (Read 23198 times)

0 Members and 1 Guest are viewing this topic.

Nibbler

  • Guest
[Fixed]: ecard invalid address error mesage
« on: March 02, 2008, 03:38:49 pm »

Code: [Select]
// Check supplied email address
$valid_email_pattern = "^[_\.0-9a-z\-]+@([0-9a-z][0-9a-z-]*\.)+[a-z]{2,6}$";
$valid_sender_email = eregi($valid_email_pattern, $sender_email);
$valid_recipient_email = eregi($valid_email_pattern, $recipient_email);
$invalid_email = '<font size="1">' . $lang_ecard_php['invalid_email'] . ' (' . $recipient_email . ')</font>';
if (!$valid_sender_email && count($_POST) > 0) $sender_email_warning = $invalid_email;
if (!$valid_recipient_email && count($_POST) > 0) $recipient_email_warning = $invalid_email;

That shows the recipient email address in the message even if it's the sender address that is invalid.
« Last Edit: October 18, 2008, 05:06:57 pm by Joachim Müller »
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47844
  • aka "GauGau"
    • gaugau.de
Re: ecard invalid address error mesage
« Reply #1 on: October 18, 2008, 05:06:45 pm »

Suggested change:
Code: [Select]
// Check supplied email address
$valid_email_pattern = "^[_\.0-9a-z\-]+@([0-9a-z][0-9a-z-]*\.)+[a-z]{2,6}$";
$valid_sender_email = eregi($valid_email_pattern, $sender_email);
$valid_recipient_email = eregi($valid_email_pattern, $recipient_email);
if (!$valid_sender_email && count($_POST) > 0) {
$sender_email_warning = '<font size="1">' . $lang_ecard_php['invalid_email'] . ' (' . $sender_email . ')</font>';
}
if (!$valid_recipient_email && count($_POST) > 0) {
$recipient_email_warning = '<font size="1">' . $lang_ecard_php['invalid_email'] . ' (' . $recipient_email . ')</font>';
}
Applied and committed to cpg1.4.x (SVN repository), so the fix will be in cpg1.4.20 and better. Applied similar fix to cpg1.5.x as well.
Logged
Pages: [1]   Go Up
 

Page created in 0.013 seconds with 20 queries.