From cc5b3d0b5ec717ed7280a052688596b940b62653 Mon Sep 17 00:00:00 2001
From: cweiske <cweiske@b3834d28-1941-0410-a4f8-b48e95affb8f>
Date: Fri, 20 Nov 2009 17:41:31 +0000
Subject: replace regex email validation with PHP filter function and remove
 DNS checking functions that were not used anymore and do even had a security
 issue since they did not escape shell parameters

git-svn-id: https://semanticscuttle.svn.sourceforge.net/svnroot/semanticscuttle/trunk@568 b3834d28-1941-0410-a4f8-b48e95affb8f
---
 src/SemanticScuttle/Service/User.php | 40 +++++++++---------------------------
 1 file changed, 10 insertions(+), 30 deletions(-)

(limited to 'src/SemanticScuttle/Service')

diff --git a/src/SemanticScuttle/Service/User.php b/src/SemanticScuttle/Service/User.php
index 5affa0b..864470e 100644
--- a/src/SemanticScuttle/Service/User.php
+++ b/src/SemanticScuttle/Service/User.php
@@ -76,26 +76,6 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
         $this->updateSessionStability();
     }
 
-    function _checkdns($host) {
-        if (function_exists('checkdnsrr')) {
-            return checkdnsrr($host);
-        } else {
-            return $this->_checkdnsrr($host);
-        }
-    }
-
-    function _checkdnsrr($host, $type = "MX") {
-        if(!empty($host)) {
-            @exec("nslookup -type=$type $host", $output);
-            while(list($k, $line) = each($output)) {
-                if(eregi("^$host", $line)) {
-                    return true;
-                }
-            }
-            return false;
-        }
-    }
-
     function _getuser($fieldname, $value) {
         $query = 'SELECT * FROM '. $this->getTableName() .' WHERE '. $fieldname .' = "'. $this->db->sql_escape($value) .'"';
 
@@ -700,16 +680,16 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
 
 
 
-    function isValidEmail($email) {
-        if (eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$", $email)) {
-            list($emailUser, $emailDomain) = split("@", $email);
-
-            // Check if the email domain has a DNS record
-            //if ($this->_checkdns($emailDomain)) {
-            return true;
-            //}
-        }
-        return false;
+    /**
+     * Checks if the given email address is valid
+     *
+     * @param string $email Email address
+     *
+     * @return boolean True if it is valid, false if not
+     */
+    public function isValidEmail($email)
+    {
+        return filter_var($email, FILTER_VALIDATE_EMAIL) !== false;
     }
 
     /**
-- 
cgit v1.2.3