the function zen_validate_email will properly return false if the @ symbol is missing. But it will return true if the period is missing.
For example, this would be considered a valid email according to that function:
askjfhsdkh@jkhsdkhsdfhcom
the function zen_validate_email will properly return false if the @ symbol is missing. But it will return true if the period is missing.
For example, this would be considered a valid email according to that function:
askjfhsdkh@jkhsdkhsdfhcom
Are there other "non-period" sites other than localhost that should be considered valid?
Yes. Any host on any given local network. IOW: anyhost@localdomain
localhost and localhost@localdomain are a special case in that they will always resolve to 127.0.0.1
'localdomain' need not be a literal. It could be 'mynet', 'localnet', 'coca-cola', etc, etc.....
This means something like bob@coca-cola is a perfectly valid address (albeit, not accessible from the Internet).
Does this adequately answer the question?
Cheers
Rod
Why would a customer need to have something emailed to an address that is not accessible via the internet? I understand that you may need that for testing purposes, but in the real world we need a function that will stop people from registering with an invalid email account. Perhaps the Zen Cart devs could have a configuration controller for if the store is being run on a localhost to allow email addresses without periods, otherwise require it.
They wouldn't, but that has nothing to do with the question "Are there other non-period sites other than localhost that should be considered valid?"
Easier said than done. Who's to say whether '[email protected]' is a valid email address or not, unless you send a message to that address AND get a valid response. (it could be a black hole or honeypot).
Actually I am a little surprised that ZenCart doesn't (apparently) check to ensure that a supplied email address adheres to the [email protected] format anyway, and personally I don't see a need to make this any different even for local testing, so in short I'm in agreement with you here, there probably should be a check for the period.
In theory, this could already be the case, but if the period isn't 'escaped' before testing it will be considered a 'wild card' (It's a *nix thing) which could explain why "askjfhsdkh@jkhsdkhsdfhcom" returns true.
I (or someone) will need to take a look at the code to see exactly what the situation is.
It is also possible that the zencart devs don't check for this for some other reason.. (Who knows what goes on inside the mind of a programmer) <grin>
Cheers
Rod
Sorry, I can't replicate this situation you mention, using v1.5.1 code. Both in unit tests and in actual live website tests, such as creating a customer account using askjfhsdkh@jkhsdkhsdfhcom (your suggestion) or missingDot@com (one matching test case in our unit tests) for the email address.
.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
DrByte,
I'm not testing by registering. I'm just giving the function zen_validate_email an email address without a period and as long as it has the @ symbol, it seems to validate. It doesn't require the period but it does accept it as a valid character.
Here's the unit test that shows the validation to work properly, by simply calling zen_validate_email() with a bunch of predefined patterns good and bad:
https://github.com/zencart/zencart/b...stTestCase.php
You can see that yours is the same as the test case of missingDot@com
.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
Yes, you are right. Not a bug. Sorry about the false alarm. You can close this topic.
Bookmarks