[interchange-cvs] interchange - heins modified
dist/foundation/special_pages/send_contact_form.html
interchange-cvs at icdevgroup.org
interchange-cvs at icdevgroup.org
Fri Apr 1 14:53:42 EST 2005
User: heins
Date: 2005-04-01 19:53:41 GMT
Modified: dist/foundation/special_pages Tag: STABLE_5_2-branch
Modified: send_contact_form.html
Log:
* Prevent loophole that could allow anonymous email to be sent
via the contact form.
* Workaround without upgrade is to just remove pages/contact_form.html
from your catalog.
Revision Changes Path
No revision
No revision
1.1.4.1 +7 -0 interchange/dist/foundation/special_pages/Attic/send_contact_form.html
rev 1.1.4.1, prev_rev 1.1
Index: send_contact_form.html
===================================================================
RCS file: /var/cvs/interchange/dist/foundation/special_pages/Attic/send_contact_form.html,v
retrieving revision 1.1
retrieving revision 1.1.4.1
diff -u -r1.1 -r1.1.4.1
--- send_contact_form.html 26 Nov 2003 23:21:59 -0000 1.1
+++ send_contact_form.html 1 Apr 2005 19:53:41 -0000 1.1.4.1
@@ -1,3 +1,10 @@
+[calc]
+ $Values->{email} =~ s/^\s+//;
+ $Values->{email} =~ s/\s+$//;
+ $Values->{email} =~ s/[\r\n].*//s;
+ $Values->{name} =~ s/[\r\n].*//s;
+ return;
+[/calc]
[email
to="__EMAIL_SERVICE__"
from="[value name] <[value email]>"
More information about the interchange-cvs
mailing list