diff options
Diffstat (limited to 'Bugzilla')
| -rw-r--r-- | Bugzilla/User.pm | 2 | ||||
| -rw-r--r-- | Bugzilla/Util.pm | 10 |
2 files changed, 10 insertions, 2 deletions
diff --git a/Bugzilla/User.pm b/Bugzilla/User.pm index 494876b31..231f09667 100644 --- a/Bugzilla/User.pm +++ b/Bugzilla/User.pm @@ -1138,7 +1138,7 @@ sub insert_new_user ($$;$$) { $password ||= &::GenerateRandomPassword(); my $cryptpassword = bz_crypt($password); - # XXX - These should be moved into ValidateNewUser or CheckEmailSyntax + # XXX - These should be moved into is_available_username or check_email_syntax # At the least, they shouldn't be here. They're safe for now, though. trick_taint($username); trick_taint($realname); diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm index 1ac25d1aa..256be5c31 100644 --- a/Bugzilla/Util.pm +++ b/Bugzilla/Util.pm @@ -39,7 +39,7 @@ use base qw(Exporter); trim wrap_comment find_wrap_point format_time format_time_decimal file_mod_time - bz_crypt); + bz_crypt check_email_syntax); use Bugzilla::Config; use Bugzilla::Error; @@ -342,6 +342,14 @@ sub bz_crypt ($) { return $cryptedpassword; } +sub check_email_syntax { + my ($addr) = (@_); + my $match = Param('emailregexp'); + if ($addr !~ /$match/ || $addr =~ /[\\\(\)<>&,;:"\[\] \t\r\n]/) { + ThrowUserError("illegal_email_address", { addr => $addr }); + } +} + sub ValidateDate { my ($date, $format) = @_; my $date2; |