Commit 4ea44fe7 authored by Dries's avatar Dries
Browse files

- Patch #41198 by matt/dopry: made the contact module validate the recipients' e-mail addresses.

parent f7042c95
...@@ -188,6 +188,14 @@ function contact_admin_edit($cid = NULL) { ...@@ -188,6 +188,14 @@ function contact_admin_edit($cid = NULL) {
if (empty($edit['recipients'])) { if (empty($edit['recipients'])) {
form_set_error('recipients', t('You must enter one or more recipients.')); form_set_error('recipients', t('You must enter one or more recipients.'));
} }
else {
$recipients = split(',', $edit['recipients']);
foreach($recipients as $recipient) {
if (!valid_email_address(trim($recipient))) {
form_set_error('recipients',t('%recipient is an invalid e-mail address.', array('%recipient' => theme('placeholder', $recipient))));
}
}
}
if (!form_get_errors()) { if (!form_get_errors()) {
db_query("DELETE FROM {contact} WHERE cid = %d", $cid); db_query("DELETE FROM {contact} WHERE cid = %d", $cid);
...@@ -298,6 +306,10 @@ function contact_mail_page_validate($form_id, &$form) { ...@@ -298,6 +306,10 @@ function contact_mail_page_validate($form_id, &$form) {
else { else {
form_set_error('category', t('You must select a valid category.')); form_set_error('category', t('You must select a valid category.'));
} }
if (!valid_email_address($form['mail'])) {
form_set_error('mail', t('You must enter a valid e-mail address.'));
}
} }
} }
......
...@@ -188,6 +188,14 @@ function contact_admin_edit($cid = NULL) { ...@@ -188,6 +188,14 @@ function contact_admin_edit($cid = NULL) {
if (empty($edit['recipients'])) { if (empty($edit['recipients'])) {
form_set_error('recipients', t('You must enter one or more recipients.')); form_set_error('recipients', t('You must enter one or more recipients.'));
} }
else {
$recipients = split(',', $edit['recipients']);
foreach($recipients as $recipient) {
if (!valid_email_address(trim($recipient))) {
form_set_error('recipients',t('%recipient is an invalid e-mail address.', array('%recipient' => theme('placeholder', $recipient))));
}
}
}
if (!form_get_errors()) { if (!form_get_errors()) {
db_query("DELETE FROM {contact} WHERE cid = %d", $cid); db_query("DELETE FROM {contact} WHERE cid = %d", $cid);
...@@ -298,6 +306,10 @@ function contact_mail_page_validate($form_id, &$form) { ...@@ -298,6 +306,10 @@ function contact_mail_page_validate($form_id, &$form) {
else { else {
form_set_error('category', t('You must select a valid category.')); form_set_error('category', t('You must select a valid category.'));
} }
if (!valid_email_address($form['mail'])) {
form_set_error('mail', t('You must enter a valid e-mail address.'));
}
} }
} }
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment