From 722efce84aad85db702ba137ccd775e6b44a8a7c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cl=C3=A9ment=20Oudot?= <clement@oodo.net>
Date: Tue, 24 Apr 2012 13:22:05 +0000
Subject: [PATCH] Use userControl regexp to validate mail reset input (#461)

---
 lemonldap-ng-portal/lib/Lemonldap/NG/Portal/MailReset.pm | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/MailReset.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/MailReset.pm
index 61e13978d..9ef735897 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/MailReset.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/MailReset.pm
@@ -124,6 +124,11 @@ sub extractMailInfo {
         $self->{mail} = $self->param('mail');
     }
 
+    $self->{userControl} ||= '^[\w\.\-@]+$';
+
+    # Check mail
+    return PE_MALFORMEDUSER unless ( $self->{mail} =~ /$self->{userControl}/o );
+
     PE_OK;
 }