From fc293fbd39f14308fbccd0cf9b523664ae813761 Mon Sep 17 00:00:00 2001
From: "mkanat%bugzilla.org" <>
Date: Thu, 29 Jan 2009 21:22:19 +0000
Subject: Bug 219021: Only display email addresses to logged-in users Patch By
 Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit

---
 Bugzilla/Util.pm | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

(limited to 'Bugzilla/Util.pm')

diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm
index 991bfedc1..01f824c5b 100644
--- a/Bugzilla/Util.pm
+++ b/Bugzilla/Util.pm
@@ -53,6 +53,7 @@ use Date::Format;
 use DateTime;
 use DateTime::TimeZone;
 use Digest;
+use Email::Address;
 use Scalar::Util qw(tainted);
 use Text::Wrap;
 
@@ -170,6 +171,20 @@ sub html_light_quote {
     }
 }
 
+sub email_filter {
+    my ($toencode) = @_;
+    if (!Bugzilla->user->id) {
+        my @emails = Email::Address->parse($toencode);
+        if (scalar @emails) {
+            my @hosts = map { quotemeta($_->host) } @emails;
+            my $hosts_re = join('|', @hosts);
+            $toencode =~ s/\@(?:$hosts_re)//g;
+            return $toencode;
+        }
+    }
+    return $toencode;
+}
+
 # This originally came from CGI.pm, by Lincoln D. Stein
 sub url_quote {
     my ($toencode) = (@_);
@@ -638,6 +653,7 @@ Bugzilla::Util - Generic utility functions for bugzilla
   html_quote($var);
   url_quote($var);
   xml_quote($var);
+  email_filter($var);
 
   # Functions for decoding
   $rv = url_decode($var);
@@ -755,6 +771,12 @@ is kept separate from html_quote partly for compatibility with previous code
 
 Converts the %xx encoding from the given URL back to its original form.
 
+=item C<email_filter>
+
+Removes the hostname from email addresses in the string, if the user
+currently viewing Bugzilla is logged out. If the user is logged-in,
+this filter just returns the input string.
+
 =back
 
 =head2 Environment and Location
-- 
cgit v1.2.3-24-g4f1b