From cc5b3d0b5ec717ed7280a052688596b940b62653 Mon Sep 17 00:00:00 2001 From: cweiske Date: Fri, 20 Nov 2009 17:41:31 +0000 Subject: [PATCH] replace regex email validation with PHP filter function and remove DNS checking functions that were not used anymore and do even had a security issue since they did not escape shell parameters git-svn-id: https://semanticscuttle.svn.sourceforge.net/svnroot/semanticscuttle/trunk@568 b3834d28-1941-0410-a4f8-b48e95affb8f --- src/SemanticScuttle/Service/User.php | 40 +++++++--------------------- 1 file changed, 10 insertions(+), 30 deletions(-) diff --git a/src/SemanticScuttle/Service/User.php b/src/SemanticScuttle/Service/User.php index 5affa0b..864470e 100644 --- a/src/SemanticScuttle/Service/User.php +++ b/src/SemanticScuttle/Service/User.php @@ -76,26 +76,6 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService $this->updateSessionStability(); } - function _checkdns($host) { - if (function_exists('checkdnsrr')) { - return checkdnsrr($host); - } else { - return $this->_checkdnsrr($host); - } - } - - function _checkdnsrr($host, $type = "MX") { - if(!empty($host)) { - @exec("nslookup -type=$type $host", $output); - while(list($k, $line) = each($output)) { - if(eregi("^$host", $line)) { - return true; - } - } - return false; - } - } - function _getuser($fieldname, $value) { $query = 'SELECT * FROM '. $this->getTableName() .' WHERE '. $fieldname .' = "'. $this->db->sql_escape($value) .'"'; @@ -700,16 +680,16 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService - function isValidEmail($email) { - if (eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$", $email)) { - list($emailUser, $emailDomain) = split("@", $email); - - // Check if the email domain has a DNS record - //if ($this->_checkdns($emailDomain)) { - return true; - //} - } - return false; + /** + * Checks if the given email address is valid + * + * @param string $email Email address + * + * @return boolean True if it is valid, false if not + */ + public function isValidEmail($email) + { + return filter_var($email, FILTER_VALIDATE_EMAIL) !== false; } /**