You are here

function forward_form_validate in Forward 7

Same name and namespace in other branches
  1. 5 forward.module \forward_form_validate()
  2. 6 forward.module \forward_form_validate()
  3. 7.3 forward.module \forward_form_validate()
  4. 7.2 forward.module \forward_form_validate()

@todo Please document this function.

See also

http://drupal.org/node/1354

File

./forward.module, line 739

Code

function forward_form_validate($form, &$form_state) {
  global $base_url, $user;
  $url = $base_url . '/' . $form_state['values']['path'];

  // normalize address entries
  $recipients = trim($form_state['values']['recipients']);
  $recipients = str_replace(array(
    "\r\n",
    "\n",
    "\r",
  ), ',', $recipients);
  $recipients = str_replace(' ', '', $recipients);

  // convert addresses to an array
  $recipient_addresses = explode(',', $recipients);
  $bad_items = array(
    'Content-Type:',
    'MIME-Version:',
    'Content-Transfer-Encoding:',
    'bcc:',
    'cc:',
  );
  $bad_string = FALSE;
  foreach ($bad_items as $item) {
    if (preg_match("/{$item}/i", $form_state['values']['email'])) {
      $bad_string = TRUE;
    }
  }
  if (strpos($form_state['values']['email'], "\r") !== FALSE || strpos($form_state['values']['email'], "\n") !== FALSE || $bad_string == TRUE) {
    form_set_error('email', t('Header injection attempt detected.  Do not enter line feed characters into the from field!'));
  }
  if (user_validate_mail($form_state['values']['email'])) {
    form_set_error('email', t('Your Email address is invalid.'));
  }
  if (!$form_state['values']['name']) {
    form_set_error('name', t('You must enter your name.'));
  }
  if ($recipients == '') {
    form_set_error('recipients', t('You did not enter any recipients.'));
  }
  else {
    foreach ($recipient_addresses as $address) {
      if (user_validate_mail($address) && $address != '') {
        form_set_error('recipients', t('One of your Recipient addresses is invalid:') . '<br />' . check_plain($address));
      }
    }
  }
  if (!user_access('override flood control')) {

    // Check if it looks like we are going to exceed the flood limit.
    // It is important to ensure that the number of e-mails to be sent count against the threshold.
    if (!flood_is_allowed('forward', variable_get('forward_flood_control', 10) - count($recipient_addresses) + 1)) {
      form_set_error('recipients', check_plain(t(variable_get('forward_flood_error', "You can't send more than !number messages per hour. Please try again later."), array(
        '!number' => variable_get('forward_flood_control', 10),
      ))));
    }
  }
  if (variable_get('forward_message', 1) == 2 && empty($form_state['values']['message'])) {
    form_set_error('message', t('You must enter a message.'));
  }
}