View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0014631 | mantisbt | public | 2012-08-17 05:40 | 2014-09-23 18:05 | |
Reporter | dregad | Assigned To | dregad | ||
Priority | normal | Severity | minor | Reproducibility | N/A |
Status | closed | Resolution | fixed | ||
Product Version | 1.2.12 | ||||
Target Version | 1.2.12 | Fixed in Version | 1.2.12 | ||
Summary | 0014631: Email validation needs to be consistent | ||||
Description | PHPMailer uses filter_var() to check for an e-mail validity; this function treats single-domain e-mail addresses (e.g. user@localhost) as invalid. However, Mantis API function email_is_valid() relies on a custom regex to validate e-mails, which does accept such addresses. As a consequence, we accept addresses to which we are unable to send messages (see 0014543), and moreover due to poor error handling (see 0014630), such failures are not reported to the user or logged by the system. To avoid this problem, we should use a consistent way of validating e-mails; the best would be to call PHPMailer::ValidateAddress() method, which would ensure that any email we store can be sent PHPMailer. Note that we may still experience similar issues when using LDAP emails. | ||||
Tags | No tags attached. | ||||
related to | 0014543 | closed | dregad | Emails are not sent to addresses with single subdomain |
related to | 0014630 | closed | dregad | Improve email logging |
related to | 0015721 | closed | grangeway | Functionality to consider porting to master-2.0.x |
related to | 0014632 | closed | dregad | Email validation always successful when $g_use_ldap_email = ON |
related to | 0016894 | closed | dregad | Don't allow invalid email addresses (e.g. fred@localhost) to be used when signing up |
MantisBT: master-1.2.x 6987b4ad 2012-08-16 22:41 Details Diff |
Fix 0014631: Consistent email validation PHPMailer uses filter_var() to check for an e-mail validity; this function treats single-domain e-mail addresses (e.g. user@localhost) as invalid. However, Mantis API function email_is_valid() relies on a custom regex to validate e-mails, which does accept such addresses. As a consequence, we accept addresses to which we are unable to send messages. To avoid this problem, we now rely on PHPMailer::ValidateAddress() method to ensure that any email we store can be sent PHPMailer. |
Affected Issues 0014631 |
|
mod - core/email_api.php | Diff File | ||
MantisBT: master a38858a3 2012-08-16 22:41 Details Diff |
Fix 0014631: Consistent email validation PHPMailer uses filter_var() to check for an e-mail validity; this function treats single-domain e-mail addresses (e.g. user@localhost) as invalid. However, Mantis API function email_is_valid() relies on a custom regex to validate e-mails, which does accept such addresses. As a consequence, we accept addresses to which we are unable to send messages. To avoid this problem, we now rely on PHPMailer::ValidateAddress() method to ensure that any email we store can be sent PHPMailer. |
Affected Issues 0014631 |
|
mod - core/email_api.php | Diff File |