Fixes #8109 change email pattern and disable sanitize for FORM_UPDATE

a1c91eee · Marc Egger · e00853d2 · a1c91eee · a1c91eee · a1c91eee
Commit a1c91eee authored Mar 27, 2019 by Marc Egger
3 changed files
--- a/extension/Source/core/AbstractBuildForm.php
+++ b/extension/Source/core/AbstractBuildForm.php
@@ -697,7 +697,8 @@ abstract class AbstractBuildForm {
                    $storeUse = str_replace(STORE_TABLE_DEFAULT, '', $storeUse); // Remove STORE_DEFAULT
                }
                // Retrieve value via FSRVD
-                $value = $this->store->getVar($name, $storeUse, $formElement[FE_CHECK_TYPE], $foundInStore);
+                $sanitizeClass=$mode == FORM_UPDATE ? SANITIZE_ALLOW_ALL : $formElement[FE_CHECK_TYPE];
+                $value = $this->store->getVar($name, $storeUse, $sanitizeClass, $foundInStore);
            }

            if ($formElement[FE_ENCODE] === FE_ENCODE_SPECIALCHAR) {

--- a/extension/Source/core/Constants.php
+++ b/extension/Source/core/Constants.php
@@ -105,7 +105,7 @@ const SANITIZE_TYPE_MESSAGE_VIOLATE_CLASS = 'c';
 const PATTERN_ALNUMX = '^[@\-_\.,;: \/\(\)a-zA-Z0-9ÀÈÌÒÙàèìòùÁÉÍÓÚÝáéíóúýÂÊÎÔÛâêîôûÃÑÕãñõÄËÏÖÜŸäëïöüÿç]*$';
 const PATTERN_DIGIT = '^[\d]*$';
 const PATTERN_NUMERICAL = '^[\d.+-]*$';
-const PATTERN_EMAIL = '^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$';
+const PATTERN_EMAIL = '^([a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,})?$';
 const PATTERN_ALLBUT = '^[^\[\]{}%\\\\#]*$';
 const PATTERN_ALL = '.*';


--- a/extension/Tests/unit/core/helper/SanitizeTest.php
+++ b/extension/Tests/unit/core/helper/SanitizeTest.php
@@ -28,7 +28,7 @@ class SanitizeTest extends TestCase {
        # Check ''
        $this->assertEquals('', Sanitize::sanitize('', SANITIZE_ALLOW_ALNUMX), "SANITIZE_ALNUMX fails");
        $this->assertEquals('', Sanitize::sanitize('', SANITIZE_ALLOW_DIGIT), "SANITIZE_DIGIT fails");
-        $this->assertEquals('!!email!!', Sanitize::sanitize('', SANITIZE_ALLOW_EMAIL), "SANITIZE_EMAIL fails");
+        $this->assertEquals('', Sanitize::sanitize('', SANITIZE_ALLOW_EMAIL), "SANITIZE_EMAIL fails");
        $this->assertEquals('', Sanitize::sanitize('', SANITIZE_ALLOW_PATTERN, '.*'), "SANITIZE_PATTERN fails");
        $this->assertEquals('', Sanitize::sanitize('', SANITIZE_ALLOW_ALL), "SANITIZE_ALL fails");
        $this->assertEquals('', Sanitize::sanitize('', SANITIZE_ALLOW_ALLBUT), "SANITIZE_ALLBUT fails");