Advanced search  


cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.

Pages: [1]   Go Down

Author Topic: profile.php doesn't check email format  (Read 4352 times)

0 Members and 1 Guest are viewing this topic.


  • Translator
  • Coppermine addict
  • **
  • Offline Offline
  • Gender: Male
  • Posts: 1614
  • Русский (ISO-8859-1) - Russian - Русский (Windows)
    • Makc's home page
profile.php doesn't check email format
« on: September 18, 2006, 11:08:52 am »

If you look into
you will find this one:
Code: [Select]
    if (!eregi("^[_\.0-9a-z\-]+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,6}$", $email)) $error .= '<li>' . $lang_register_php['err_invalid_email'];
If you look into
you will not find any check for email format.
So users can enter any email they want like: or test@test
« Last Edit: October 27, 2006, 02:32:30 am by Nibbler »
Pages: [1]   Go Up

Page created in 0.038 seconds with 18 queries.