From 2de5362adc2c1c780eac1ab39e466875143091d5 Mon Sep 17 00:00:00 2001
From: M4x <aboultraman@gmail.com>
Date: Sun, 5 Apr 2020 17:20:35 +0800
Subject: [PATCH]  Sanitize email address in case of security issues (#3254)

* Sanitize email address in case of security issues

Signed-off-by: bash-c <aboultraman@gmail.com>
---
 advanced/Scripts/webpage.sh | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index 2b70249e..f0f8bc31 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -517,6 +517,13 @@ Options:
     fi
 
     if [[ -n "${args[2]}" ]]; then
+
+        # Sanitize email address in case of security issues
+        if [[ ! "${args[2]}" =~ ^[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$  ]]; then
+            echo -e "  ${CROSS} Invalid email address"
+            exit 0
+        fi
+
         change_setting "ADMIN_EMAIL" "${args[2]}"
         echo -e "  ${TICK} Setting admin contact to ${args[2]}"
     else