MDL-66762 user: stricter email validation.

carlooos28 · Nov 7, 2019 · eb9f830 · eb9f830
1 parent d6c704b
commit eb9f830
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 1 deletion.
diff --git a/lib/tests/weblib_test.php b/lib/tests/weblib_test.php
@@ -525,6 +525,18 @@ public function data_validate_email() {
                 'email' => "[email protected]>\r\nRCPT TO:<[email protected]",
                 'result' => false
             ],
+            [
+                'email' => 'greater>[email protected]',
+                'result' => false
+            ],
+            [
+                'email' => 'less<[email protected]',
+                'result' => false
+            ],
+            [
+                'email' => '"this<is>validbutwerejectit"@example.com',
+                'result' => false
+            ],
 
             // Extra email addresses from Wikipedia page on Email Addresses.
             // Valid.

diff --git a/lib/weblib.php b/lib/weblib.php
@@ -1110,7 +1110,7 @@ function validate_email($address) {
     global $CFG;
     require_once($CFG->libdir.'/phpmailer/moodle_phpmailer.php');
 
-    return moodle_phpmailer::validateAddress($address);
+    return moodle_phpmailer::validateAddress($address) && !preg_match('/[<>]/', $address);
 }
 
 /**