functions.inc.php:

- check_email(): don't trim() mail address to avoid that aliases 
  starting with a space are allowed. This fixes 
  http://sourceforge.net/p/postfixadmin/bugs/210/ and 
  https://sourceforge.net/p/postfixadmin/feature-requests/113/

create-mailbox.php:
- revert r1520 - changing check_email() to not trim the mail address 
  is better than trim()ing the localpart

CHANGELOG.TXT:
- update for the changes above


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1622 a1433add-5e2c-0410-b055-b7f2511e0802
postfixadmin-2.3
Christian Boltz 11 years ago
parent e923f5842c
commit 5bf296db44

@ -15,7 +15,9 @@ Changes since 2.3.6 release
- lt.lang, da.lang translation update
- when enabling/disabling a mailbox, also update the corresponding alias
- fix creating superadmin in setup.php with MariaDB (more strict SQL)
- trim() localpart in create-mailbox to avoid mailbox names with leading space
- don't trim() mail address to avoid that aliases starting with a space are
allowed. This fixes http://sourceforge.net/p/postfixadmin/bugs/210/ and
https://sourceforge.net/p/postfixadmin/feature-requests/113/
- mark vacation_notification.notified field as latin1 to avoid overlong index
- vacation.pl: encode subject
- vacation.pl: disable use of TLS by default due to a bug in Mail::Sender 0.8.22

@ -71,7 +71,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET")
if ($_SERVER['REQUEST_METHOD'] == "POST")
{
if (isset ($_POST['fUsername']) && isset ($_POST['fDomain'])) $fUsername = escape_string (trim($_POST['fUsername'])) . "@" . escape_string ($_POST['fDomain']);
if (isset ($_POST['fUsername']) && isset ($_POST['fDomain'])) $fUsername = escape_string ($_POST['fUsername']) . "@" . escape_string ($_POST['fDomain']);
$fUsername = strtolower ($fUsername);
if (isset ($_POST['fPassword'])) $fPassword = escape_string ($_POST['fPassword']);
if (isset ($_POST['fPassword2'])) $fPassword2 = escape_string ($_POST['fPassword2']);

@ -284,7 +284,7 @@ function check_email ($email)
}
// Perform non-domain-part sanity checks
if (!preg_match ('/^[-!#$%&\'*+\\.\/0-9=?A-Z^_{|}~]+' . '@' . '[^@]+$/i', trim ($ce_email)))
if (!preg_match ('/^[-!#$%&\'*+\\.\/0-9=?A-Z^_{|}~]+' . '@' . '[^@]+$/i', $ce_email))
{
flash_error($PALANG['pInvalidMailRegex']);
return false;

Loading…
Cancel
Save