21.03.2013 Views

Problem - Kevin Tafuro

Problem - Kevin Tafuro

Problem - Kevin Tafuro

SHOW MORE
SHOW LESS

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

#include <br />

102 | Chapter 3: Input Validation<br />

Keep in mind that almost any character is legal in an email address if it<br />

is properly quoted, so if you are passing an email address to something<br />

that may be sensitive to certain characters or character sequences<br />

(such as a command shell), you must be sure to properly escape those<br />

characters.<br />

int spc_email_isvalid(const char *address) {<br />

int count = 0;<br />

const char *c, *domain;<br />

static char *rfc822_specials = "()@,;:\\\"[]";<br />

/* first we validate the name portion (name@domain) */<br />

for (c = address; *c; c++) {<br />

if (*c == '\"' && (c == address || *(c - 1) == '.' || *(c - 1) ==<br />

'\"')) {<br />

while (*++c) {<br />

if (*c == '\"') break;<br />

if (*c == '\\' && (*++c == ' ')) continue;<br />

if (*c = 127) return 0;<br />

}<br />

if (!*c++) return 0;<br />

if (*c == '@') break;<br />

if (*c != '.') return 0;<br />

continue;<br />

}<br />

if (*c == '@') break;<br />

if (*c = 127) return 0;<br />

if (strchr(rfc822_specials, *c)) return 0;<br />

}<br />

if (c == address || *(c - 1) == '.') return 0;<br />

/* next we validate the domain portion (name@domain) */<br />

if (!*(domain = ++c)) return 0;<br />

do {<br />

if (*c == '.') {<br />

if (c == domain || *(c - 1) == '.') return 0;<br />

count++;<br />

}<br />

if (*c = 127) return 0;<br />

if (strchr(rfc822_specials, *c)) return 0;<br />

} while (*++c);<br />

return (count >= 1);<br />

}<br />

See Also<br />

RFC 822: Standard for the Format of ARPA Internet Text Messages<br />

This is the Title of the Book, eMatter Edition<br />

Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!