On Thursday 15 of October 2009 11:23:01 Josef Reidinger wrote: > Jiri Suchomel write: > > ref: refs/heads/master > > commit 23404e1c1c45f1ccb9a89e707c080a86bfeb7383 > > Author: Jiri Suchomel <[email protected]> > > Date: Wed Oct 14 11:33:02 2009 +0200 > > > > validate list of e-mails in controller > > --- > > .../app/controllers/administrator_controller.rb | 15 > > ++++++++++----- 1 files changed, 10 insertions(+), 5 deletions(-) > > > > diff --git > > a/plugins/administrator/app/controllers/administrator_controller.rb > > b/plugins/administrator/app/controllers/administrator_controller.rb > > index d1d493e..52332ef 100644 > > --- a/plugins/administrator/app/controllers/administrator_controller.rb > > +++ b/plugins/administrator/app/controllers/administrator_controller.rb > > @@ -34,11 +34,16 @@ class AdministratorController < ApplicationController > > @administrator.password = admin["password"] > > @administrator.aliases = admin["aliases"] > > > > - # FIXME validate for set of mails, not just one > > - if !admin["aliases"].empty? && admin["aliases"] !~ > > /(.+)@(.+)\.(.{2})/ # yes, very weak - flash[:error] = _("Enter a > > valid e-mail address.") - redirect_to :action => "index" > > - return > > + # validate data also here, if javascript in view is off > > + if !admin["aliases"].empty? > > + admin["aliases"].split(",").each do |mail| > > + # only check emails, not local users > > + if mail.include?("@") && mail !~ /(.+)@(.+)\.(.{2})/ > > ^^^ > Hi, I think that this regex is not valid. It means that you expect .?? in > mail. > so I think you have problem if someone want r...@localhost > Also it is not easy to see that alse [email protected] works (it is because > you forget to append $ after regex and ^ before regex. > > Also this is not controller job, but unfortunatelly we don't have easy > accessible model in frontend to add validation, but it should change in > future ( I believe in ActiveResource branch).
You are right, but this is just a backup if javascript is off, primary validation is in view, using jquery. And yes, I should probably create better regexp (while I do not want to have unreadable perfect one). -- Jiri Suchomel SUSE LINUX, s.r.o. e-mail: [email protected] Lihovarská 1060/12 tel: +420 284 028 960 190 00 Praha 9, Czech Republic http://www.suse.cz -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
