summaryrefslogtreecommitdiffstats
path: root/web/lib
diff options
context:
space:
mode:
authorBlackEagle <ike.devolder@gmail.com>2012-03-21 08:42:54 +0100
committerLukas Fleischer <archlinux@cryptocrack.de>2012-03-21 10:16:38 +0100
commit0a1e1729d970049ade6ebc84558500e23bc10ed7 (patch)
tree32467f26cf95046d97623c66d88f80f9336537f9 /web/lib
parent1f36664e9f55b175472436973a238aa36bd58bb2 (diff)
downloadaur-0a1e1729d970049ade6ebc84558500e23bc10ed7.tar.gz
aur-0a1e1729d970049ade6ebc84558500e23bc10ed7.tar.xz
valid_email :: check if domain part is real
this can be used as an intermediate 'patch' util there is a validation system in place. the extra check is to verify that the domain part of a correctly formatted email address is existing and in use. this will not at all stop spammers since they can use bogus emails with valid domain parts Lukas: Minor formatting changes. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web/lib')
-rw-r--r--web/lib/aur.inc.php13
1 files changed, 12 insertions, 1 deletions
diff --git a/web/lib/aur.inc.php b/web/lib/aur.inc.php
index c662b80f..7c92bb62 100644
--- a/web/lib/aur.inc.php
+++ b/web/lib/aur.inc.php
@@ -80,7 +80,18 @@ function check_sid($dbh=NULL) {
# verify that an email address looks like it is legitimate
#
function valid_email($addy) {
- return (filter_var($addy, FILTER_VALIDATE_EMAIL) !== false);
+ // check against RFC 3696
+ if (filter_var($addy, FILTER_VALIDATE_EMAIL) === false) {
+ return false;
+ }
+
+ // check dns for mx, a, aaaa records
+ list($local, $domain) = explode('@', $addy);
+ if (!(checkdnsrr($domain, 'MX') || checkdnsrr($domain, 'A') || checkdnsrr($domain, 'AAAA'))) {
+ return false;
+ }
+
+ return true;
}
# a new seed value for mt_srand()