Welcome Guest, Not a member yet? Register   Sign In
[Important] Bypass email validation


If i simply use this code to check an email in CI :

PHP Code:

I just to need to send a form with this input :


and I can bypass email validation....

The solution is to fix valid_email from Form_validation.php and add :

PHP Code:
$email filter_var($emailFILTER_SANITIZE_EMAIL); 

You should fix it in CI 3.2 !

It's correctly validating it according to RFC 822. It dosen't care about XSS, due to the fact that's an valid email address.

Also, ALL security concerns should be sent to:
[email protected]

Theme © iAndrew 2016 - Forum software by © MyBB