diff --git a/include/class.validator.php b/include/class.validator.php
index c5cd2283eb362a58325e6291a3d2c5f245816116..28bf61c2b90f917c97b31a2b6bf049b2b7668299 100644
--- a/include/class.validator.php
+++ b/include/class.validator.php
@@ -140,13 +140,23 @@ class Validator {
/*** Functions below can be called directly without class instance.
Validator::func(var..); (nolint) ***/
- function is_email($email) {
- if (strpos($email, '@') === false)
- return false;
-
+ function is_email($email, $list=false) {
require_once 'Mail/RFC822.php';
require_once 'PEAR.php';
- return !PEAR::isError(Mail_RFC822::parseAddressList($email));
+ if (!($mails = Mail_RFC822::parseAddressList($email)) || PEAR::isError($mails))
+ return false;
+
+ if (!$list && count($mails) > 1)
+ return false;
+
+ foreach ($mails as $m) {
+ if (!$m->mailbox)
+ return false;
+ if ($m->host == 'localhost')
+ return false;
+ }
+
+ return true;
}
function is_phone($phone) {
/* We're not really validating the phone number but just making sure it doesn't contain illegal chars and of acceptable len */
diff --git a/setup/test/tests/test.validation.php b/setup/test/tests/test.validation.php
index 27e61af8438a4fc8a75bcb3003013af6ab56801d..bce9fe85505d08e41251fc127e230bba9f775394 100644
--- a/setup/test/tests/test.validation.php
+++ b/setup/test/tests/test.validation.php
@@ -37,6 +37,9 @@ class TestValidation extends Test {
// Illegal or unsupported
$this->assert(!Validator::is_email('jared r@domain.tld'));
$this->assert(!Validator::is_email('jared'));
+ $this->assert(!Validator::is_email('jared@'));
+ $this->assert(!Validator::is_email('@domain.tld'));
+ $this->assert(!Validator::is_email('@domain.tld, @domain2.tld'));
// Odd cases, but legal
$this->assert(Validator::is_email('jared@host'));