githubFork/roundcubemail.git

parent: a05bcd49 | patch | commit | ignore whitespace

Improved email address validation with IPv6 support

Aleksander Machniak

2012-08-24 da28121dcd160045c468b7028ee835b24f0cb965

Improved email address validation with IPv6 support

3 files modified

	program/include/rcube_utils.php	52 ●●●●● patch \| view \| raw \| blame \| history
	program/js/common.js	4 ●●●●● patch \| view \| raw \| blame \| history
	tests/Utils.php	17 ●●●●● patch \| view \| raw \| blame \| history

 program/include/rcube_utils.php

@@ -92,9 +92,9 @@
            return false;
        }

        // Check domain part
        if (preg_match('/^\[*(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])(\.(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])){3}\]*$/', $domain_part)) {
            return true; // IP address
        // Validate domain part
        if (preg_match('/^\[((IPv6:[0-9a-f:.]+)|([0-9.]+))\]$/i', $domain_part, $matches)) {
            return self::ip_check(preg_replace('/^IPv6:/i', '', $matches[1])); // valid IPv4 or IPv6 address
        }
        else {
            // If not an IP address
@@ -146,6 +146,52 @@
        return false;
    }


    /**
     * Validates IPv4 or IPv6 address
     *
     * @param string $ip IP address in v4 or v6 format
     *
     * @return bool True if the address is valid
     */
    public static function ip_check($ip)
    {
        // IPv6, but there's no build-in IPv6 support
        if (strpos($ip, ':') !== false && !defined('AF_INET6')) {
            $parts = explode(':', $domain_part);
            $count = count($parts);

            if ($count > 8 || $count < 2) {
                return false;
            }

            foreach ($parts as $idx => $part) {
                $length = strlen($part);
                if (!$length) {
                    // there can be only one ::
                    if ($found_empty) {
                        return false;
                    }
                    $found_empty = true;
                }
                // last part can be an IPv4 address
                else if ($idx == $count - 1) {
                    if (!preg_match('/^[0-9a-f]{1,4}$/i', $part)) {
                        return @inet_pton($part) !== false;
                    }
                }
                else if (!preg_match('/^[0-9a-f]{1,4}$/i', $part)) {
                    return false;
                }
            }

            return true;
        }

        return @inet_pton($ip) !== false;
    }


    /**
     * Check whether the HTTP referer matches the current request
     *

 program/js/common.js

@@ -494,7 +494,9 @@
      atom = '[^\\x00-\\x20\\x22\\x28\\x29\\x2c\\x2e\\x3a-\\x3c\\x3e\\x40\\x5b-\\x5d\\x7f-\\xff]+',
      quoted_pair = '\\x5c[\\x00-\\x7f]',
      quoted_string = '\\x22('+qtext+'|'+quoted_pair+')*\\x22',
      ip_addr = '\\[*(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])(\.(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])){3}\\]*',
      ipv4 = '\\[(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])(\.(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])){3}\\]',
      ipv6 = '\\[IPv6:[0-9a-f:.]+\\]',
      ip_addr = '(' + ipv4 + ')|(' + ipv6 + ')',
      // Use simplified domain matching, because we need to allow Unicode characters here
      // So, e-mail address should be validated also on server side after idn_to_ascii() use
      //domain_literal = '\\x5b('+dtext+'|'+quoted_pair+')*\\x5d',

 tests/Utils.php

@@ -18,8 +18,10 @@
            array('firstname.lastname@domain.com', 'Email contains dot in the address field'),
            array('email@subdomain.domain.com', 'Email contains dot with subdomain'),
            array('firstname+lastname@domain.com', 'Plus sign is considered valid character'),
            array('email@123.123.123.123', 'Domain is valid IP address'),
            array('email@[123.123.123.123]', 'Square bracket around IP address is considered valid'),
            array('email@[123.123.123.123]', 'Square bracket around IP address'),
            array('email@[IPv6:::1]', 'Square bracket around IPv6 address (1)'),
            array('email@[IPv6:::1.2.3.4]', 'Square bracket around IPv6 address (2)'),
            array('email@[IPv6:2001:2d12:c4fe:5afe::1]', 'Square bracket around IPv6 address (3)'),
            array('"email"@domain.com', 'Quotes around email is considered valid'),
            array('1234567890@domain.com', 'Digits in address are valid'),
            array('email@domain-one.com', 'Dash in domain name is valid'),
@@ -50,7 +52,16 @@
            array('email@domain', 'Missing top level domain (.com/.net/.org/etc)'),
            array('email@-domain.com', 'Leading dash in front of domain is invalid'),
//            array('email@domain.web', '.web is not a valid top level domain'),
            array('email@111.222.333.44444', 'Invalid IP format'),
            array('email@123.123.123.123', 'IP address without brackets'),
            array('email@2001:2d12:c4fe:5afe::1', 'IPv6 address without brackets'),
            array('email@IPv6:2001:2d12:c4fe:5afe::1', 'IPv6 address without brackets (2)'),
            array('email@[111.222.333.44444]', 'Invalid IP format'),
            array('email@[111.222.255.257]', 'Invalid IP format (2)'),
            array('email@[.222.255.257]', 'Invalid IP format (3)'),
            array('email@[::1]', 'Invalid IPv6 format (1)'),
            array('email@[IPv6:2001:23x2:1]', 'Invalid IPv6 format (2)'),
            array('email@[IPv6:1111:2222:33333::4444:5555]', 'Invalid IPv6 format (3)'),
            array('email@[IPv6:1111::3333::4444:5555]', 'Invalid IPv6 format (4)'),
            array('email@domain..com', 'Multiple dot in the domain portion is invalid'),
        );
    }

			@@ -92,9 +92,9 @@
			return false;
			}

			// Check domain part
			if (preg_match('/^\[(25[0-5]\|2[0-4][0-9]\|1[0-9][0-9]\|[1-9]?[0-9])(\.(25[0-5]\|2[0-4][0-9]\|1[0-9][0-9]\|[1-9]?[0-9])){3}\]$/', $domain_part)) {
			return true; // IP address
			// Validate domain part
			if (preg_match('/^\[((IPv6:[0-9a-f:.]+)\|([0-9.]+))\]$/i', $domain_part, $matches)) {
			return self::ip_check(preg_replace('/^IPv6:/i', '', $matches[1])); // valid IPv4 or IPv6 address
			}
			else {
			// If not an IP address
			@@ -146,6 +146,52 @@
			return false;
			}


			/**
			* Validates IPv4 or IPv6 address
			*
			* @param string $ip IP address in v4 or v6 format
			*
			* @return bool True if the address is valid
			*/
			public static function ip_check($ip)
			{
			// IPv6, but there's no build-in IPv6 support
			if (strpos($ip, ':') !== false && !defined('AF_INET6')) {
			$parts = explode(':', $domain_part);
			$count = count($parts);

			if ($count > 8 \|\| $count < 2) {
			return false;
			}

			foreach ($parts as $idx => $part) {
			$length = strlen($part);
			if (!$length) {
			// there can be only one ::
			if ($found_empty) {
			return false;
			}
			$found_empty = true;
			}
			// last part can be an IPv4 address
			else if ($idx == $count - 1) {
			if (!preg_match('/^[0-9a-f]{1,4}$/i', $part)) {
			return @inet_pton($part) !== false;
			}
			}
			else if (!preg_match('/^[0-9a-f]{1,4}$/i', $part)) {
			return false;
			}
			}

			return true;
			}

			return @inet_pton($ip) !== false;
			}


			/**
			* Check whether the HTTP referer matches the current request
			*

			@@ -494,7 +494,9 @@
			atom = '[^\\x00-\\x20\\x22\\x28\\x29\\x2c\\x2e\\x3a-\\x3c\\x3e\\x40\\x5b-\\x5d\\x7f-\\xff]+',
			quoted_pair = '\\x5c[\\x00-\\x7f]',
			quoted_string = '\\x22('+qtext+'\|'+quoted_pair+')*\\x22',
			ip_addr = '\\[(25[0-5]\|2[0-4][0-9]\|1[0-9][0-9]\|[1-9]?[0-9])(\.(25[0-5]\|2[0-4][0-9]\|1[0-9][0-9]\|[1-9]?[0-9])){3}\\]',
			ipv4 = '\\[(25[0-5]\|2[0-4][0-9]\|1[0-9][0-9]\|[1-9]?[0-9])(\.(25[0-5]\|2[0-4][0-9]\|1[0-9][0-9]\|[1-9]?[0-9])){3}\\]',
			ipv6 = '\\[IPv6:[0-9a-f:.]+\\]',
			ip_addr = '(' + ipv4 + ')\|(' + ipv6 + ')',
			// Use simplified domain matching, because we need to allow Unicode characters here
			// So, e-mail address should be validated also on server side after idn_to_ascii() use
			//domain_literal = '\\x5b('+dtext+'\|'+quoted_pair+')*\\x5d',

			@@ -18,8 +18,10 @@
			array('firstname.lastname@domain.com', 'Email contains dot in the address field'),
			array('email@subdomain.domain.com', 'Email contains dot with subdomain'),
			array('firstname+lastname@domain.com', 'Plus sign is considered valid character'),
			array('email@123.123.123.123', 'Domain is valid IP address'),
			array('email@[123.123.123.123]', 'Square bracket around IP address is considered valid'),
			array('email@[123.123.123.123]', 'Square bracket around IP address'),
			array('email@[IPv6:::1]', 'Square bracket around IPv6 address (1)'),
			array('email@[IPv6:::1.2.3.4]', 'Square bracket around IPv6 address (2)'),
			array('email@[IPv6:2001:2d12:c4fe:5afe::1]', 'Square bracket around IPv6 address (3)'),
			array('"email"@domain.com', 'Quotes around email is considered valid'),
			array('1234567890@domain.com', 'Digits in address are valid'),
			array('email@domain-one.com', 'Dash in domain name is valid'),
			@@ -50,7 +52,16 @@
			array('email@domain', 'Missing top level domain (.com/.net/.org/etc)'),
			array('email@-domain.com', 'Leading dash in front of domain is invalid'),
			// array('email@domain.web', '.web is not a valid top level domain'),
			array('email@111.222.333.44444', 'Invalid IP format'),
			array('email@123.123.123.123', 'IP address without brackets'),
			array('email@2001:2d12:c4fe:5afe::1', 'IPv6 address without brackets'),
			array('email@IPv6:2001:2d12:c4fe:5afe::1', 'IPv6 address without brackets (2)'),
			array('email@[111.222.333.44444]', 'Invalid IP format'),
			array('email@[111.222.255.257]', 'Invalid IP format (2)'),
			array('email@[.222.255.257]', 'Invalid IP format (3)'),
			array('email@[::1]', 'Invalid IPv6 format (1)'),
			array('email@[IPv6:2001:23x2:1]', 'Invalid IPv6 format (2)'),
			array('email@[IPv6:1111:2222:33333::4444:5555]', 'Invalid IPv6 format (3)'),
			array('email@[IPv6:1111::3333::4444:5555]', 'Invalid IPv6 format (4)'),
			array('email@domain..com', 'Multiple dot in the domain portion is invalid'),
			);
			}