Cavemanon/piratepoet
7
Fork 0
Code Pull Requests Actions Releases 16 Activity

Reject role-based email address on import

Browse Source 
[MAILPOET-2101]
This commit is contained in:
Pavel Dohnal
2019-06-19 15:11:43 +02:00
committed by M. Shull
parent ee34f576cd
commit 561649b25e
3 changed files with 47 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
lib/Models/ModelValidator.php
View File

@ -13,6 +13,40 @@ class ModelValidator extends \Sudzy\Engine {
const EMAIL_MIN_LENGTH = 6; const EMAIL_MIN_LENGTH = 6;
const EMAIL_MAX_LENGTH = 150; const EMAIL_MAX_LENGTH = 150;
const ROLE_EMAILS = [
'abuse',
'compliance',
'devnull',
'dns',
'ftp',
'hostmaster',
'inoc',
'ispfeedback',
'ispsupport',
'list-request',
'list',
'maildaemon',
'noc',
'no-reply',
'noreply',
'null',
'phish',
'phishing',
'postmaster',
'privacy',
'registrar',
'root',
'security',
'spam',
'sysadmin',
'undisclosed-recipients',
'unsubscribe',
'usenet',
'uucp',
'webmaster',
'www',
];
function __construct() { function __construct() {
parent::__construct(); parent::__construct();
$this->validators = [ $this->validators = [
@ -40,6 +74,12 @@ class ModelValidator extends \Sudzy\Engine {
return ($permitted_length && $valid_email); return ($permitted_length && $valid_email);
} }
function validateNonRoleEmail($email) {
if (!$this->validateEmail($email)) return false;
$first_part = strtolower(substr($email, 0, strpos($email, '@')));
return array_search($first_part, self::ROLE_EMAILS) === false;
}
function validateRenderedNewsletterBody($newsletter_body) { function validateRenderedNewsletterBody($newsletter_body) {
if (is_serialized($newsletter_body)) { if (is_serialized($newsletter_body)) {
$newsletter_body = unserialize($newsletter_body); $newsletter_body = unserialize($newsletter_body);

2
lib/Subscribers/ImportExport/Import/Import.php
View File

@ -158,7 +158,7 @@ class Import {
if ($validation_rule === 'email') { if ($validation_rule === 'email') {
$data = array_map( $data = array_map(
function($index, $email) use(&$invalid_records, $validator) { function($index, $email) use(&$invalid_records, $validator) {
if (!$validator->validateEmail($email)) { if (!$validator->validateNonRoleEmail($email)) {
$invalid_records[] = $index; $invalid_records[] = $index;
} }
return strtolower($email); return strtolower($email);

6
tests/integration/Models/ModelValidatorTest.php
View File

@ -26,6 +26,12 @@ class ModelValidatorTest extends \MailPoetTest {
expect($this->validator->validateEmail('a@b.c'))->false(); expect($this->validator->validateEmail('a@b.c'))->false();
} }
function testItValidatesNonRoleEmail() {
expect($this->validator->validateNonRoleEmail('test'))->false();
expect($this->validator->validateNonRoleEmail('webmaster@example.com'))->false();
expect($this->validator->validateNonRoleEmail('test@example.com'))->true();
}
function testItValidatesRenderedNewsletterBody() { function testItValidatesRenderedNewsletterBody() {
expect($this->validator->validateRenderedNewsletterBody('test'))->false(); expect($this->validator->validateRenderedNewsletterBody('test'))->false();
expect($this->validator->validateRenderedNewsletterBody(serialize('test')))->false(); expect($this->validator->validateRenderedNewsletterBody(serialize('test')))->false();