[arch-projects] [PATCH] valid_email :: check all sorts of stuff, as described by: http://www.linuxjournal.com/article/9585

[Eric Bélanger]

On Mon, Mar 19, 2012 at 3:39 PM, BlackEagle <ike.devolder at gmail.com> wrote:
> Signed-off-by: BlackEagle <ike.devolder at gmail.com>
> ---
>  web/lib/aur.inc.php |   48 +++++++++++++++++++++++++++++++++++++++++++++++-
>  1 file changed, 47 insertions(+), 1 deletion(-)
>
> diff --git a/web/lib/aur.inc.php b/web/lib/aur.inc.php
> index c662b80..9b604fe 100644
> --- a/web/lib/aur.inc.php
> +++ b/web/lib/aur.inc.php
> @@ -80,7 +80,53 @@ function check_sid($dbh=NULL) {
>  # verify that an email address looks like it is legitimate
>  #
>  function valid_email($addy) {
> -       return (filter_var($addy, FILTER_VALIDATE_EMAIL) !== false);
> +       $isValid = true;
> +       $atIndex = strrpos($addy, "@");
> +       if (is_bool($atIndex) && !$atIndex) {
> +               $isValid = false;
> +       } else {
> +               $domain = substr($addy, $atIndex+1);
> +               $local = substr($addy, 0, $atIndex);
> +               $localLen = strlen($local);
> +               $domainLen = strlen($domain);
> +               if ($localLen < 1 || $localLen > 64) {
> +                       // local part length exceeded
> +                       $isValid = false;
> +               } elseif ($domainLen < 1 || $domainLen > 255) {
> +                       // domain part length exceeded
> +                       $isValid = false;
> +               } elseif ($local[0] == '.' || $local[$localLen-1] == '.') {
> +                       // local part starts or ends with '.'
> +                       $isValid = false;
> +               } elseif (preg_match('/\\.\\./', $local)) {
> +                       // local part has two consecutive dots
> +                       $isValid = false;
> +               } elseif (!preg_match('/^[A-Za-z0-9\\-\\.]+$/', $domain)) {
> +                       // character not valid in domain part
> +                       $isValid = false;
> +               } elseif (preg_match('/\\.\\./', $domain)) {
> +                       // domain part has two consecutive dots
> +                       $isValid = false;
> +               } elseif (
> +                       !preg_match('/^(\\\\.|[A-Za-z0-9!#%&`_=\\/$\'*+?^{}|~.-])+$/',
> +                       str_replace("\\\\","",$local))
> +               ) {
> +                       // character not valid in local part unless
> +                       // local part is quoted
> +                       if (
> +                               !preg_match('/^"(\\\\"|[^"])+"$/',
> +                               str_replace("\\\\","",$local))
> +                       ) {
> +                               $isValid = false;
> +                       }
> +               }
> +
> +               if ($isValid && !(checkdnsrr($domain,"MX") || checkdnsrr($domain,"A"))) {
> +                       // domain not found in DNS
> +                       $isValid = false;
> +               }
> +       }
> +       return $isValid;
>  }
>
>  # a new seed value for mt_srand()
> --
> 1.7.9.4
>

If that patch is for the AUR (Which I believe), you should post it on
the aur-dev ML instead of on this ML.