Closed Bug 127862 Opened 23 years ago Closed 21 years ago

Sanity Check fails if regex excludes email-adresses with uppercase letters

Categories

(Bugzilla :: Administration, task, P3)

Product:
Bugzilla
Component:
Administration
Version:
2.15
Type:
task

Tracking

()

Status:
RESOLVED FIXED
Milestone:
Bugzilla 2.18

People

(Reporter: andreas.hoefler, Assigned: bugreport)

References

Details

Attachments

(1 file, 1 obsolete file)

The right patch
925 bytes, patch
goobix
: review+
Details | Diff | Splinter Review
The Sanity Check reports every lowercase emailadress as invalid, if the regexp in the parameters is set to allow no uppercase letters in e-mail-addresses. emailregexp: ^[^@A-Z]+@[^@A-Z]+\.[^@A-Z]+$ An e-mail-address like "andreas.hoefler@infonova.at" results in following line(s) when sanity-checking: ... Checking profile logins Bad profile email address, id=1, <andreas.hoefler@infonova.at>. ...
Status("Checking profile logins"); my $emailregexp = Param("emailregexp"); $emailregexp =~ s/'/\\'/g; SendSQL("SELECT userid, login_name FROM profiles " . "WHERE login_name NOT REGEXP '" . $emailregexp . "'"); We're passing the regexp to the SQL.... MySQL is NOT case sensitive. so you're effectively blocking all alphabetical characters of either case. Do we use MySQL's regexp everywhere else in Bugzilla where we check the emailregexp, or are we using Perl's regexp? If we're using Perl's regexp everywhere else, this is inconsistent...
On the "Create Account"-Page the regexp gets parsed correctly, so only e-mail-addresses with all chars lowercase can be used to create an account. Only the sanitycheck has cried so far for me.
http://www.mysql.com/doc/P/a/Pattern_matching.html After we require > 3.23.4, we can use BINARY to be case sensitive.
Depends on: 87958
Why don't just use the same procedure as it is used in CheckEmailSyntax? This is the function which is used to check the syntax when creating an BZ-account. In this function the line(s) (in CGI.pl) ... my $match = Param('emailregexp'); if ($addr !~ /$match/ || $addr =~ /[\\\(\)<>&,;:"\[\] \t\r\n]/) { ... do the whole magic. I don't think that it is necessary to shift the whole work to MySQL.
No longer depends on: 87958
Accidentially blew up the dependency, correcting it. Sorry for the spam...
Depends on: 87958
Theoretically moving this to MySQL could be faster but I doubt in practice it would be. I think BINARY is the way to go, and put it in an appropriate sub when we support PgSQL if it's different.
Priority: -- → P3
Target Milestone: --- → Bugzilla 2.18
Attached patch Patch - use perl for regexp (obsolete) — Splinter Review
It just doesn't take that long to do this in perl. This is sanitycheck.cgi, not buglist.cgi. This makes it compatible once and for all and doesn't set us up for problems with other types of databases later.
Assignee: justdave → bugreport
Status: NEW → ASSIGNED
Comment on attachment 144721 [details] [diff] [review] Patch - use perl for regexp doh! goofed
Attachment #144721 - Attachment is obsolete: true
Attached patch The right patchSplinter Review
Attachment #144723 - Flags: review?
Comment on attachment 144723 [details] [diff] [review] The right patch There is an extra quoted space at the end of the SendSQL line: +SendSQL("SELECT userid, login_name FROM profiles "); r=vlad with this change.
Attachment #144723 - Flags: review? → review+
Flags: blocking2.18?
Flags: approval?
OS: Windows 2000 → All
Hardware: PC → All
Flags: blocking2.18?
Flags: blocking2.18+
Flags: approval?
Flags: approval+
Checking in sanitycheck.cgi; /cvsroot/mozilla/webtools/bugzilla/sanitycheck.cgi,v <-- sanitycheck.cgi new revision: 1.70; previous revision: 1.69 done
Status: ASSIGNED → RESOLVED
Closed: 21 years ago
Resolution: --- → FIXED
*** Bug 241172 has been marked as a duplicate of this bug. ***
QA Contact: matty_is_a_geek → default-qa
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: