* Return an associative array of post variables
* (could be selective based on expected variables)
*
+ * Does not filter as person installing the site should not be attempting
+ * XSS attacks. If filtering is added, it should not be done for passwords.
+ *
* @return array
*/
protected function getPostVariables() {
return FALSE;
}
- // @todo move is_email_address to a better library than users.php
// check that email address is email address
- //if ($submissionVars['siteemail'] && !is_email_address($submissionVars['siteemail'])) {
- // register_error("{$submissionVars['']} is not a valid email address.");
- // return FALSE;
- //}
+ if ($submissionVars['siteemail'] && !is_email_address($submissionVars['siteemail'])) {
+ $msg = sprintf(elgg_echo('install:error:emailaddress'), $submissionVars['siteemail']);
+ register_error($msg);
+ return FALSE;
+ }
// @todo check that url is a url
return FALSE;
}
+ // check that email address is email address
+ if ($submissionVars['email'] && !is_email_address($submissionVars['email'])) {
+ $msg = sprintf(elgg_echo('install:error:emailaddress'), $submissionVars['email']);
+ register_error($msg);
+ return FALSE;
+ }
+
return TRUE;
}
'install:error:requiredfield' => '%s is required',
'install:error:writedatadirectory' => 'Your data directory %s is not writable by the web server.',
'install:error:locationdatadirectory' => 'Your data directory %s must be outside of your install path for security.',
+ 'install:error:emailaddress' => '%s is not a valid email address',
'install:error:createsite' => 'Unable to create the site.',
);
projects / lorea / elgg.git / commitdiff