Subject: Developers of Sympa
List archive
RE: [sympa-dev] Sympa does not seem to support "&" in peoples
- From: "Chris Andrews" <address@concealed>
- To: "David Verdin" <address@concealed>
- Cc: "address@concealed" <address@concealed>
- Subject: RE: [sympa-dev] Sympa does not seem to support "&" in peoples
- Date: Tue, 15 Jan 2008 11:13:47 -0500
Excellent. Thanks for the quick response.
---
Chris Andrews
Boston College
Collaboration Team
-----Original Message-----
From: David Verdin [mailto:address@concealed]
Sent: Tuesday, January 15, 2008 7:52 AM
To: Chris Andrews
Cc: address@concealed
Subject: Re: [sympa-dev] Sympa does not seem to support "&" in peoples email
Hi chris,
You're absolutely right about the ampersand. I added it to the regexp in
the development version.
However, about the length of the "valid_email" sub, one should note that
it is two different thing to validate a string against a regexp and
firmly forbid some characters which - though authorized by the RFC 2822
- are a potential source of threat.
On the other hand, the regexp will evolve along the time. Keeping the
second control prevent us from introducing such a character by mistake.
Regards,
Chris Andrews a écrit :
> This is from tools.pl
>
> This sub is what checks to make sure the email is valid. I added the
> "Regexp" and "Forbidden characters" part because I need to be able to tell
> the difference in the logs.
>
> sub valid_email {
> my $email = shift;
>
> unless ($email =~ /^$regexp{'email'}$/) {
> do_log('err', "Invalid email address '%s' Regexp", $email);
> return undef;
> }
>
> ## Forbidden characters
> if ($email =~ /[\|\$\*\?\!]/) {
> do_log('err', "Invalid email address '%s' Forbidden characters",
> $email);
> return undef;
> }
>
> return 1;
> }
>
> The regexp{'email'} is set with this line:
>
> my %regexp = ('email' =>
> '([\w\-\_\.\/\+\=\']+|\".*\")\@[\w\-]+(\.[\w\-]+)+',
>
> I changed the line to (adding \&):
>
> my %regexp = ('email' =>
> '([\w\-\_\.\/\+\=\'\&]+|\".*\")\@[\w\-]+(\.[\w\-]+)+',
>
> I restart the web and server procs and now I can subscribe, unsubscribe
send
> messages, etc. email addresses with "&" in them. Are there any places in
> Sympa that could choke on this & char?
>
> Also, couldn't the "sub valid_email" be shortened, as the regexp pretty
much
> assures us that the invalid chars cannot be put into email addresses.
>
> sub valid_email {
> my $email = shift;
>
> unless ($email =~ /^$regexp{'email'}$/) {
> do_log('err', "Invalid email address '%s'", $email);
> return undef;
> }
>
> return 1;
> }
>
> I can put in a bug if you guys thin this is a good idea.
>
> ---
> Chris Andrews
> Boston College
> Collaboration Team
>
--
David Verdin
Comité réseau des universités
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
-
[sympa-dev] Sympa does not seem to support "&" in peoples email addresses,
Chris Andrews, 01/14/2008
-
Re: [sympa-dev] Sympa does not seem to support "&" in peoples email,
David Verdin, 01/15/2008
- RE: [sympa-dev] Sympa does not seem to support "&" in peoples, Chris Andrews, 01/15/2008
-
Re: [sympa-dev] Sympa does not seem to support "&" in peoples email,
David Verdin, 01/15/2008
Archive powered by MHonArc 2.6.19+.