Jiri Suchomel write: > ref: refs/heads/master > commit 23404e1c1c45f1ccb9a89e707c080a86bfeb7383 > Author: Jiri Suchomel <[email protected]> > Date: Wed Oct 14 11:33:02 2009 +0200 > > validate list of e-mails in controller > --- > .../app/controllers/administrator_controller.rb | 15 ++++++++++----- > 1 files changed, 10 insertions(+), 5 deletions(-) > > diff --git > a/plugins/administrator/app/controllers/administrator_controller.rb > b/plugins/administrator/app/controllers/administrator_controller.rb index > d1d493e..52332ef 100644 > --- a/plugins/administrator/app/controllers/administrator_controller.rb > +++ b/plugins/administrator/app/controllers/administrator_controller.rb > @@ -34,11 +34,16 @@ class AdministratorController < ApplicationController > @administrator.password = admin["password"] > @administrator.aliases = admin["aliases"] > > - # FIXME validate for set of mails, not just one > - if !admin["aliases"].empty? && admin["aliases"] !~ /(.+)@(.+)\.(.{2})/ > # yes, very weak - flash[:error] = _("Enter a valid e-mail address.") > - redirect_to :action => "index" > - return > + # validate data also here, if javascript in view is off > + if !admin["aliases"].empty? > + admin["aliases"].split(",").each do |mail| > + # only check emails, not local users > + if mail.include?("@") && mail !~ /(.+)@(.+)\.(.{2})/
^^^ Hi, I think that this regex is not valid. It means that you expect .?? in mail. so I think you have problem if someone want r...@localhost Also it is not easy to see that alse [email protected] works (it is because you forget to append $ after regex and ^ before regex. Also this is not controller job, but unfortunatelly we don't have easy accessible model in frontend to add validation, but it should change in future ( I believe in ActiveResource branch). > + flash[:error] = _("Enter a valid e-mail address.") > + redirect_to :action => "index" > + return > + end > + end > end > > if admin["password"] != admin["confirm_password"] > -- Josef Reidinger YaST team maintainer of perl-Bootloader, YaST2-Repair, webyast modules language and time -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
