fixed: misc: ValidateEmail() buffer overflow

added: notifications for resetting a user's password
       (there is no a winix function for this yet)



git-svn-id: svn://ttmath.org/publicrep/winix/trunk@817 e52654a7-88a9-db11-a3e9-0013d4bc506e

core/misc.cpp

@@ -622,48 +622,65 @@ std::wstring::size_type i;
 }
 
 
+
+bool IsEmailCorrectChar(wchar_t c)
+{
+bool correct = false;
+
+	const wchar_t * allowed_chars = L"@.!#$%&'*+-/=?^_`{|}~";
 
-bool ValidateEmail(const std::wstring & email)
-{
-	if( email.empty() )
-		return false;
-	
-	bool correct = true;
-	size_t i;
-	wchar_t allowed_chars[] = L"!#$%&'*+-/=?^_`{|}~.@";
-	int at = 0;
-	
-	for(i=0 ; i<email.length() && correct ; ++i)
+	if(	(c >= 'A' && c<='Z') ||
+		(c >= 'a' && c<='z') ||
+		(c >= '0' && c<='9') )
 	{
-		correct = false;
-		
-		if(	(email[i] >= 'A' && email[i]<='Z') ||
-			(email[i] >= 'a' && email[i]<='z') ||
-			(email[i] >= '0' && email[i]<='9') )
+		correct = true;
+	}
+	else
+	{
+		for(size_t a=0 ; allowed_chars[a] != 0 ; ++a)
 		{
-			correct = true;
-		}
-		else
-		{
-			for(size_t a=0 ; a < sizeof(allowed_chars)-1 ; ++a)
+			if( c == allowed_chars[a] )
 			{
-				if( email[i] == allowed_chars[a] )
-				{
-					correct = true;
-					break;
-				}
+				correct = true;
+				break;
 			}
 		}
-		
+	}
+
+return correct;
+}
+
+
+
+bool ValidateEmail(const wchar_t * email)
+{
+	int at				= 0;	// how many '@'
+	int dots_after_at	= 0;	// how many dots in the domain part
+	
+	for(size_t i=0 ; email[i] != 0 ; ++i)
+	{
+		if( !IsEmailCorrectChar(email[i]) )
+			return false;
+				
 		if( email[i] == '@' )
 			++at;
+
+		if( email[i] == '.' && at > 0 )
+			++dots_after_at;
 	}
 
-	if( at != 1 )
+	if( at != 1 || dots_after_at == 0 )
 		return false;
 	
-return correct;	
+return true;
 }
+
+
+bool ValidateEmail(const std::wstring & email)
+{
+	return ValidateEmail(email.c_str());
+}
+