Exemplos de ps_communication::is_email em PHP

Exemplo n.º 1

Arquivo: ps_communication.php Projeto: noikiy/owaspbwa

 function validate(&$d)
 {
     global $vmLogger, $VM_LANG;
     if (empty($d['sender_name'])) {
         $vmLogger->err($VM_LANG->_('CONTACT_FORM_NC', false));
         return false;
     }
     if (empty($d['sender_mail']) || empty($d['recipient_mail'])) {
         $vmLogger->err($VM_LANG->_('CONTACT_FORM_NC', false));
         return false;
     }
     $validate = vmGet($_POST, vmCreateHash(), 0);
     // probably a spoofing attack
     if (!$validate) {
         $vmLogger->err('Hash not valid - ' . vmCreateHash() . $VM_LANG->_('NOT_AUTH', false));
         return false;
     }
     if (!$_SERVER['REQUEST_METHOD'] == 'POST') {
         $vmLogger->err('Request must be POSTed - ' . $VM_LANG->_('NOT_AUTH', false));
         return false;
     }
     // Attempt to defend against header injections:
     $badStrings = array('Content-Type:', 'MIME-Version:', 'Content-Transfer-Encoding:', 'bcc:', 'cc:');
     // Loop through each POST'ed value and test if it contains
     // one of the $badStrings:
     foreach ($_POST as $k => $v) {
         foreach ($badStrings as $v2) {
             if (strpos($v, $v2) !== false) {
                 $vmLogger->err($VM_LANG->_('NOT_AUTH', false));
                 return false;
             }
         }
     }
     // Made it past spammer test, free up some memory
     // and continue rest of script:
     unset($v, $v2, $badStrings);
     $email = vmGet($_POST, 'email', '');
     $text = vmGet($_POST, 'text', '');
     $sender_mail = vmGet($_REQUEST, 'sender_mail', null);
     $recipient_mail = vmGet($_REQUEST, 'recipient_mail', null);
     $message = vmGet($_REQUEST, 'recommend_message', null);
     // Get Session Cookie `value`
     $sessioncookie = vmGet($_COOKIE, 'virtuemart', null);
     if (strlen($sessioncookie) < 16 || $sessioncookie == '-') {
         $vmLogger->err($VM_LANG->_('VM_COOKIE_MISSING') . '. ' . $VM_LANG->_('NOT_AUTH', false));
         return false;
     }
     // test to ensure that only one email address is entered
     $check = explode('@', $email);
     if (strpos($email, ';') || strpos($email, ',') || strpos($email, ' ') || count($check) > 2) {
         $vmLogger->err($VM_LANG->_('EMAIL_ERR_ONLYONE'));
         return false;
     }
     if (!$email && !$sender_mail || !$text && !$message) {
         $vmLogger->err($VM_LANG->_('CONTACT_FORM_NC', false));
         return false;
     }
     if (!empty($email)) {
         if (ps_communication::is_email($email) == false) {
             $vmLogger->err($VM_LANG->_('REGWARN_MAIL', false));
             return false;
         }
     }
     if (!empty($sender_mail)) {
         if (!ps_communication::is_email($sender_mail) || !ps_communication::is_email($recipient_mail)) {
             $vmLogger->err($VM_LANG->_('EMAIL_ERR_NOINFO', false));
             return false;
         }
     }
     return true;
 }