From 6d05cf328cfd4b566436a01bf7d4b3e77ddb9d5a Mon Sep 17 00:00:00 2001
From: Klaus Leithoff <kl@stylite.de>
Date: Thu, 28 Feb 2013 15:21:43 +0000
Subject: [PATCH] * Addressbook: switch off client side email address
 validation as browser rule set seems to be more restrictive than rfc822 rules
 suggests; implement better rfc822 compliant email address validation

---
 etemplate/inc/class.etemplate_widget_url.inc.php | 4 ++--
 etemplate/inc/class.url_widget.inc.php           | 6 ++++--
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/etemplate/inc/class.etemplate_widget_url.inc.php b/etemplate/inc/class.etemplate_widget_url.inc.php
index 84321f9ab0..29fdd41135 100644
--- a/etemplate/inc/class.etemplate_widget_url.inc.php
+++ b/etemplate/inc/class.etemplate_widget_url.inc.php
@@ -21,7 +21,7 @@ class etemplate_widget_url extends etemplate_widget
 	/**
 	 * Regexes for validating
 	 */
-	const EMAIL_PREG = '([a-z0-9][a-z0-9._\&\+-]*)?[a-z0-9_]@([a-z0-9ÄÖÜäöüß](|[a-z0-9ÄÖÜäöüß_-]*[a-z0-9ÄÖÜäöüß])\.)+[a-z]{2,6}';
+	const EMAIL_PREG = '^[^\x00-\x20()<>@,;:\\".\[\]]+@([a-z0-9ÄÖÜäöüß](|[a-z0-9ÄÖÜäöüß_-]*[a-z0-9ÄÖÜäöüß])\.)+[a-z]{2,6}';
 
 	/**
 	 * Validate input
@@ -66,7 +66,7 @@ class etemplate_widget_url extends etemplate_widget
 						}
 						break;
 					case 'url-email':
-						$this->attrs['preg'] = '/^('.self::EMAIL_PREG.')?$/';
+						$this->attrs['preg'] = '/('.self::EMAIL_PREG.')?$/iu';
 						break;
 				}
 			}
diff --git a/etemplate/inc/class.url_widget.inc.php b/etemplate/inc/class.url_widget.inc.php
index 045d6de68e..4ad3d35b3a 100644
--- a/etemplate/inc/class.url_widget.inc.php
+++ b/etemplate/inc/class.url_widget.inc.php
@@ -62,7 +62,8 @@ class url_widget
 	 * has to be used case insensitive: /i
 	 */
 	//const EMAIL_PREG = '([a-z0-9][a-z0-9._-]*)?[a-z0-9]@([a-z0-9](|[a-z0-9_-]*[a-z0-9])\.)+[a-z]{2,6}';
-	const EMAIL_PREG = '([a-z0-9][a-z0-9._\&\+-]*)?[a-z0-9_]@([a-z0-9ÄÖÜäöüß](|[a-z0-9ÄÖÜäöüß_-]*[a-z0-9ÄÖÜäöüß])\.)+[a-z]{2,6}';
+	//const EMAIL_PREG = '([a-z0-9][a-z0-9._\'\&\+-]*)?[a-z0-9_]@([a-z0-9ÄÖÜäöüß](|[a-z0-9ÄÖÜäöüß_-]*[a-z0-9ÄÖÜäöüß])\.)+[a-z]{2,6}';
+	const EMAIL_PREG = '^[^\x00-\x20()<>@,;:\\"\[\]]+@([a-z0-9ÄÖÜäöüß](|[a-z0-9ÄÖÜäöüß_-]*[a-z0-9ÄÖÜäöüß])\.)+[a-z]{2,6}';
 
 	/**
 	 * pre-processing of the extension
@@ -100,7 +101,8 @@ class url_widget
 						{
 							$cell['size'] .= '|[^<]+ ?<'.self::EMAIL_PREG.'>';
 						}
-						$cell['size'] .= ')$/i,email';
+						//$cell['size'] .= ')$/iu,email';// ,email causes browser-side validation. browser is more restrictive, so we disable browserside validation
+						$cell['size'] .= ')$/iu';
 					}
 					#_debug_array($cell);
 					break;