diff options
Diffstat (limited to 'app')
| -rw-r--r-- | app/controllers/request_controller.rb | 15 | ||||
| -rw-r--r-- | app/models/incoming_message.rb | 5 | ||||
| -rw-r--r-- | app/models/outgoing_message.rb | 10 | ||||
| -rw-r--r-- | app/views/request/preview.rhtml | 1 |
4 files changed, 25 insertions, 6 deletions
diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index 71a6e66f1..1c9c36f74 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -4,7 +4,7 @@ # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: request_controller.rb,v 1.92 2008-05-27 01:19:44 francis Exp $ +# $Id: request_controller.rb,v 1.93 2008-05-27 08:56:27 francis Exp $ class RequestController < ApplicationController @@ -123,6 +123,19 @@ class RequestController < ApplicationController # Show preview page, if it is a preview if params[:preview].to_i == 1 + message = "" + if @outgoing_message.contains_email? + message += "Your request contains an <strong>email address</strong>. Unless it directly relates to the subject of your request, you should remove it, as it will <strong>appear publically on the Internet</strong>."; + end + if @outgoing_message.contains_postcode? + if not message.empty? + message += "<br><br>" + end + message += "Your request contains a <strong>postcode</strong>. Unless it directly relates to the subject of your request, please remove any address as it will <strong>appear publically on the Internet</strong>."; + end + if not message.empty? + flash[:notice] = message + end render :action => 'preview' return end diff --git a/app/models/incoming_message.rb b/app/models/incoming_message.rb index 3ea42179d..2f1184687 100644 --- a/app/models/incoming_message.rb +++ b/app/models/incoming_message.rb @@ -18,7 +18,7 @@ # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: incoming_message.rb,v 1.104 2008-05-22 11:23:14 francis Exp $ +# $Id: incoming_message.rb,v 1.105 2008-05-27 08:56:27 francis Exp $ # TODO # Move some of the (e.g. quoting) functions here into rblib, as they feel @@ -215,8 +215,7 @@ text = IncomingMessage.mask_string_multicharset(text, 'request-144-a724c835@what # Remove any email addresses - we don't want bounce messages to leak out # either the requestor's email address or the request's response email # address out onto the internet - rx = Regexp.new("(\\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\\.[A-Za-z]{2,4}\\b)") - text.gsub!(rx, "[email address]") + text.gsub!(MySociety::Validate.email_find_regexp, "[email address]") return text end diff --git a/app/models/outgoing_message.rb b/app/models/outgoing_message.rb index 75477706e..c975e50ec 100644 --- a/app/models/outgoing_message.rb +++ b/app/models/outgoing_message.rb @@ -21,7 +21,7 @@ # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: outgoing_message.rb,v 1.50 2008-05-21 10:51:24 francis Exp $ +# $Id: outgoing_message.rb,v 1.51 2008-05-27 08:56:27 francis Exp $ class OutgoingMessage < ActiveRecord::Base belongs_to :info_request @@ -65,6 +65,14 @@ class OutgoingMessage < ActiveRecord::Base ret.sub!(/Dear .+,/, "") return ret end + + # Used to give warnings when writing new messages + def contains_email? + MySociety::Validate.email_find_regexp.match(self.body) + end + def contains_postcode? + MySociety::Validate.contains_postcode?(self.body) + end # Set default letter def after_initialize diff --git a/app/views/request/preview.rhtml b/app/views/request/preview.rhtml index 30ecbf031..a53492701 100644 --- a/app/views/request/preview.rhtml +++ b/app/views/request/preview.rhtml @@ -2,7 +2,6 @@ <% form_for(:info_request, @info_request, :html => { :id => 'preview_form' } ) do |f| %> - <h1>Now preview your request</h1> <ul> <li>Check you haven't included any <strong>personal information</strong>.</li> |