Branch 'ticket/3335' - lib/api
Daniel Hoffend
hoffend at kolabsys.com
Wed Feb 18 23:00:11 CET 2015
lib/api/kolab_api_service_form_value.php | 12 ++++--------
1 file changed, 4 insertions(+), 8 deletions(-)
New commits:
commit 77e67f34ac5560caad011a4e85e2a87ad11275dd
Author: Daniel Hoffend <dh at dotlan.net>
Date: Wed Feb 18 23:00:07 2015 +0100
added more characaters to check for cn / kolabTargetFolder. @ % ^
diff --git a/lib/api/kolab_api_service_form_value.php b/lib/api/kolab_api_service_form_value.php
index 6b32523..86e1a26 100644
--- a/lib/api/kolab_api_service_form_value.php
+++ b/lib/api/kolab_api_service_form_value.php
@@ -1335,8 +1335,8 @@ class kolab_api_service_form_value extends kolab_api_service
private function validate_cn_sharedfolder($value, $postdata = array(), $validation_type = null)
{
- if (preg_match('/["\']/',$value)) {
- throw new Exception("Folder name contains invalid characters: \" ']");
+ if (preg_match('/["\'@%+^]/',$value)) {
+ throw new Exception("Folder name contains invalid characters: \" ' @ % + ^");
}
return 'OK';
@@ -1344,13 +1344,9 @@ class kolab_api_service_form_value extends kolab_api_service
private function validate_kolabtargetfolder_sharedfolder($value, $postdata = array(), $validation_type = null)
{
- if (preg_match('/["\'\+]/',$value)) {
- throw new Exception("Target IMAP Folder contains invalid characters \" ' +");
- }
-
$domains = $this->_get_valid_domains();
- if (!preg_match('#^shared/[^"\'\\+]+@('.implode("|",$domains).')$#',$value)) {
- throw new Exception("Target IMAP Folder has to match the following format: 'shared/foldername at mydomain.org'"&& folderpart == cn (other));
+ if (!preg_match('#^shared/[^"\'\\+@%^]+@('.implode("|",$domains).')$#',$value)) {
+ throw new Exception("Target IMAP Folder has to match the following format: 'shared/foldername at mydomain.org' and the foldername can't contain invalid characters: \" ' @ % + ^");
}
// TODO: check for duplicate shared folder
More information about the commits
mailing list