Mailinglist Archive: yast-devel (233 mails)

< Previous Next >
Re: [yast-devel] Re: [yast-commit] <web-client> master : validate list of e-mails in controller
  • From: Josef Reidinger <jreidinger@xxxxxxx>
  • Date: Thu, 15 Oct 2009 17:07:13 +0200
  • Message-id: <200910151707.14109.jreidinger@xxxxxxx>
Jiří Suchomel write:
On Thursday 15 of October 2009 11:23:01 Josef Reidinger wrote:
Jiri Suchomel write:
ref: refs/heads/master
commit 23404e1c1c45f1ccb9a89e707c080a86bfeb7383
Author: Jiri Suchomel <jsuchome@xxxxxxx>
Date: Wed Oct 14 11:33:02 2009 +0200

validate list of e-mails in controller
---
.../app/controllers/administrator_controller.rb | 15
++++++++++----- 1 files changed, 10 insertions(+), 5 deletions(-)

diff --git
a/plugins/administrator/app/controllers/administrator_controller.rb
b/plugins/administrator/app/controllers/administrator_controller.rb
index d1d493e..52332ef 100644
--- a/plugins/administrator/app/controllers/administrator_controller.rb
+++ b/plugins/administrator/app/controllers/administrator_controller.rb
@@ -34,11 +34,16 @@ class AdministratorController <
ApplicationController @administrator.password = admin["password"]
@administrator.aliases = admin["aliases"]

- # FIXME validate for set of mails, not just one
- if !admin["aliases"].empty? && admin["aliases"] !~
/(.+)@(.+)\.(.{2})/ # yes, very weak - flash[:error] = _("Enter a
valid e-mail address.") - redirect_to :action => "index"
- return
+ # validate data also here, if javascript in view is off
+ if !admin["aliases"].empty?
+ admin["aliases"].split(",").each do |mail|
+ # only check emails, not local users
+ if mail.include?("@") && mail !~ /(.+)@(.+)\.(.{2})/

^^^
Hi, I think that this regex is not valid. It means that you expect .?? in
mail.
so I think you have problem if someone want root@localhost
Also it is not easy to see that alse user@xxxxxxxxx works (it is because
you forget to append $ after regex and ^ before regex.

Also this is not controller job, but unfortunatelly we don't have easy
accessible model in frontend to add validation, but it should change in
future ( I believe in ActiveResource branch).

You are right, but this is just a backup if javascript is off, primary
validation is in view, using jquery.

And yes, I should probably create better regexp (while I do not want to
have unreadable perfect one).


I think that problem is not that regex is not the best one, problem is that
valid email have problem to pass (root@localhost is valid address).
I suggest easy relaxed regex /^.+@.+$/
It is easy to read dummy regex, which all possible address must pass.

--
Josef Reidinger
YaST team
maintainer of perl-Bootloader, YaST2-Repair, webyast modules language and time
--
To unsubscribe, e-mail: yast-devel+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: yast-devel+help@xxxxxxxxxxxx

< Previous Next >
Follow Ups