Branch 'ticket/3335' - lib/api

Daniel Hoffend hoffend at kolabsys.com
Wed Feb 18 23:00:11 CET 2015


 lib/api/kolab_api_service_form_value.php |   12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

New commits:
commit 77e67f34ac5560caad011a4e85e2a87ad11275dd
Author: Daniel Hoffend <dh at dotlan.net>
Date:   Wed Feb 18 23:00:07 2015 +0100

    added more characaters to check for cn / kolabTargetFolder. @ % ^

diff --git a/lib/api/kolab_api_service_form_value.php b/lib/api/kolab_api_service_form_value.php
index 6b32523..86e1a26 100644
--- a/lib/api/kolab_api_service_form_value.php
+++ b/lib/api/kolab_api_service_form_value.php
@@ -1335,8 +1335,8 @@ class kolab_api_service_form_value extends kolab_api_service
 
     private function validate_cn_sharedfolder($value, $postdata = array(), $validation_type = null)
     {
-        if (preg_match('/["\']/',$value)) {
-            throw new Exception("Folder name contains invalid characters: \" ']");
+        if (preg_match('/["\'@%+^]/',$value)) {
+            throw new Exception("Folder name contains invalid characters: \" ' @ % + ^");
         }
 
         return 'OK';
@@ -1344,13 +1344,9 @@ class kolab_api_service_form_value extends kolab_api_service
 
     private function validate_kolabtargetfolder_sharedfolder($value, $postdata = array(), $validation_type = null)
     {
-        if (preg_match('/["\'\+]/',$value)) {
-            throw new Exception("Target IMAP Folder contains invalid characters \" ' +");
-        }
-
         $domains = $this->_get_valid_domains();
-        if (!preg_match('#^shared/[^"\'\\+]+@('.implode("|",$domains).')$#',$value)) {
-            throw new Exception("Target IMAP Folder has to match the following format: 'shared/foldername at mydomain.org'"&& folderpart == cn (other));
+        if (!preg_match('#^shared/[^"\'\\+@%^]+@('.implode("|",$domains).')$#',$value)) {
+            throw new Exception("Target IMAP Folder has to match the following format: 'shared/foldername at mydomain.org' and the foldername can't contain invalid characters: \" ' @ % + ^");
         }
 
         // TODO: check for duplicate shared folder




More information about the commits mailing list