5 files changed, 28 insertions, 9 deletions

diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb
index 71a6e66f1..1c9c36f74 100644
--- a/app/controllers/request_controller.rb
+++ b/app/controllers/request_controller.rb
@@ -4,7 +4,7 @@
 # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved.
 # Email: francis@mysociety.org; WWW: http://www.mysociety.org/
 #
-# $Id: request_controller.rb,v 1.92 2008-05-27 01:19:44 francis Exp $
+# $Id: request_controller.rb,v 1.93 2008-05-27 08:56:27 francis Exp $
 
 class RequestController < ApplicationController
     
@@ -123,6 +123,19 @@ class RequestController < ApplicationController
 
         # Show preview page, if it is a preview
         if params[:preview].to_i == 1
+            message = ""
+            if @outgoing_message.contains_email?
+                message += "Your request contains an <strong>email address</strong>. Unless it directly relates to the subject of your request, you should remove it, as it will <strong>appear publically on the Internet</strong>.";
+            end
+            if @outgoing_message.contains_postcode?
+                if not message.empty?
+                    message += "<br><br>"
+                end
+                message += "Your request contains a <strong>postcode</strong>. Unless it directly relates to the subject of your request, please remove any address as it will <strong>appear publically on the Internet</strong>.";
+            end
+            if not message.empty?
+                flash[:notice] = message
+            end
             render :action => 'preview'
             return
         end
diff --git a/app/models/incoming_message.rb b/app/models/incoming_message.rb
index 3ea42179d..2f1184687 100644
--- a/app/models/incoming_message.rb
+++ b/app/models/incoming_message.rb
@@ -18,7 +18,7 @@
 # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved.
 # Email: francis@mysociety.org; WWW: http://www.mysociety.org/
 #
-# $Id: incoming_message.rb,v 1.104 2008-05-22 11:23:14 francis Exp $
+# $Id: incoming_message.rb,v 1.105 2008-05-27 08:56:27 francis Exp $
 
 # TODO
 # Move some of the (e.g. quoting) functions here into rblib, as they feel
@@ -215,8 +215,7 @@ text = IncomingMessage.mask_string_multicharset(text, 'request-144-a724c835@what
         # Remove any email addresses - we don't want bounce messages to leak out
         # either the requestor's email address or the request's response email
         # address out onto the internet
-        rx = Regexp.new("(\\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\\.[A-Za-z]{2,4}\\b)")
-        text.gsub!(rx, "[email address]")
+        text.gsub!(MySociety::Validate.email_find_regexp, "[email address]")
 
         return text
     end
diff --git a/app/models/outgoing_message.rb b/app/models/outgoing_message.rb
index 75477706e..c975e50ec 100644
--- a/app/models/outgoing_message.rb
+++ b/app/models/outgoing_message.rb
@@ -21,7 +21,7 @@
 # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved.
 # Email: francis@mysociety.org; WWW: http://www.mysociety.org/
 #
-# $Id: outgoing_message.rb,v 1.50 2008-05-21 10:51:24 francis Exp $
+# $Id: outgoing_message.rb,v 1.51 2008-05-27 08:56:27 francis Exp $
 
 class OutgoingMessage < ActiveRecord::Base
     belongs_to :info_request
@@ -65,6 +65,14 @@ class OutgoingMessage < ActiveRecord::Base
         ret.sub!(/Dear .+,/, "")
         return ret
     end
+
+    # Used to give warnings when writing new messages
+    def contains_email?
+        MySociety::Validate.email_find_regexp.match(self.body)
+    end
+    def contains_postcode?
+        MySociety::Validate.contains_postcode?(self.body)
+    end
  
     # Set default letter
     def after_initialize
diff --git a/app/views/request/preview.rhtml b/app/views/request/preview.rhtml
index 30ecbf031..a53492701 100644
--- a/app/views/request/preview.rhtml
+++ b/app/views/request/preview.rhtml
@@ -2,7 +2,6 @@
 
 <% form_for(:info_request, @info_request, :html => { :id => 'preview_form' }  ) do |f| %>
     
-
     <h1>Now preview your request</h1>
     <ul>
     <li>Check you haven't included any <strong>personal information</strong>.</li>
diff --git a/todo.txt b/todo.txt
index 2375f154c..06de77bbb 100644
--- a/todo.txt
+++ b/todo.txt
@@ -32,8 +32,7 @@ BAILII - relationship with law courts, robots.txt ?
 Next
 ====
 
-Unescape titles in email alerts, e.g. for Disused & Live Stations
-and &quot; in body e.g. http://www.whatdotheyknow.com/request/breakdown_of_marketing_press_and#outgoing-784
+Detect postcodes
 
 Blog posts / Wikipedia articles about this request
     e.g. http://socialreporter.wordpress.com/2008/04/14/costs-of-the-bbc-action-action-network/
@@ -58,6 +57,7 @@ that from /search (which has this already) too.
 
 Check this again after a while, for dodgy states of events:
 s = InfoRequest.find(:all).select { |i| (not i.awaiting_description) and i.get_last_response_event_id and InfoRequestEvent.find(i.get_last_response_event_id).calculated_state != i.described_state }; s.size
+- XXXX so when somebody changes waiting description without changing described state doesn't log in event.
 
 Museum aliases
 
@@ -77,7 +77,7 @@ Offer option of a feed with the union of all your feeds (tartarus asked for this
 Offer search on 404s
 
 Preview when sending followups - especially people need to see quoting/subject
-when sending "my response is late"
+When sending "my response is late"
 
 Interface for when you change your email address - easier to do now with post_redirect.circumstance?