From 75632e70f0d49048f4ce72a0fa8bbcbcd7b2d312 Mon Sep 17 00:00:00 2001
From: Marien Fressinaud <dev@marienfressinaud.fr>
Date: Thu, 29 Aug 2019 12:02:05 +0200
Subject: Provide email address verification feature (#2481)

* Add an email field to the profile page

I reuse the `mail_login` from the configuration. I'm not sure if it's
useful today (I would say it was used when Persona login was available).

A good improvement would be to rename `mail_login` into `email` so it
would be more intuitive to use.

* Add boolean to the conf to force email validation

This commit only adds a configuration item.

* Add email during registration if email must be validated

* Set email token to validate when email changes

* Block access to FreshRSS if email is not validated

* Send email when address is changed

* Allow to resend the validation email

* Allow the user to change its email while blocked

* Document the email validation feature

* fixup! Allow the user to change its email while blocked

* tec: Autoload PHPMailer lib

* Validate email address format

* Add feedback on validation email resend action

* Allow to logout when user is blocked

* fix: Change default email "from"

* Reorganize i18n keys

* Complete all the locales with default english

* Hide sidebar (profile page) if email is not validated

* Check email requirements on registration

* Allow admin to specify email when creating users

* Don't check email format if value is empty

* Remove trailing comma in userController

Co-Authored-By: Alexandre Alapetite <alexandre@alapetite.fr>

* Set PHPMailer validator to html5 before sending email

* fixup! Remove trailing comma in userController
---
 lib/lib_rss.php | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

(limited to 'lib/lib_rss.php')

diff --git a/lib/lib_rss.php b/lib/lib_rss.php
index 2706ff606..03cfb82ad 100644
--- a/lib/lib_rss.php
+++ b/lib/lib_rss.php
@@ -55,6 +55,8 @@ function classAutoloader($class) {
 		include(LIB_PATH . '/' . str_replace('_', '/', $class) . '.php');
 	} elseif (strpos($class, 'SimplePie') === 0) {
 		include(LIB_PATH . '/SimplePie/' . str_replace('_', '/', $class) . '.php');
+	} elseif (strpos($class, 'PHPMailer') === 0) {
+		include(LIB_PATH . '/' . str_replace('\\', '/', $class) . '.php');
 	}
 }
 
@@ -277,6 +279,20 @@ function sanitizeHTML($data, $base = '') {
 	return html_only_entity_decode($simplePie->sanitize->sanitize($data, SIMPLEPIE_CONSTRUCT_HTML, $base));
 }
 
+/**
+ * Validate an email address, supports internationalized addresses.
+ *
+ * @param string $email The address to validate
+ *
+ * @return bool true if email is valid, else false
+ */
+function validateEmailAddress($email) {
+	$mailer = new PHPMailer\PHPMailer\PHPMailer();
+	$mailer->Charset = 'utf-8';
+	$punyemail = $mailer->punyencodeAddress($email);
+	return PHPMailer\PHPMailer\PHPMailer::validateAddress($punyemail, 'html5');
+}
+
 /**
  * Add support of image lazy loading
  * Move content from src attribute to data-original
-- 
cgit v1.2.3