profile.php doesn't check email format profile.php doesn't check email format
 

News:

CPG Release 1.6.28
added submissions from {406man}
cleaned up a few PHP (8.4) deprecations
fixed PHP deprecation in calendar
removed security vulnerability
(please upgrade when possible)

Main Menu

profile.php doesn't check email format

Started by Makc666, September 18, 2006, 11:08:52 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Makc666

September 18, 2006, 11:08:52 AM Last Edit: October 27, 2006, 02:32:30 AM by Nibbler
If you look into
register.php
you will find this one:
Code Select
    if (!eregi("^[_\.0-9a-z\-]+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,6}$", $email)) $error .= '<li>' . $lang_register_php['err_invalid_email'];

If you look into
profile.php
you will not find any check for email format.
So users can enter any email they want like: testest.com or test@test
Print
Go Up Pages1
User actions