--- limesurvey.orig/application/controllers/admin/database.php	2013-09-13 21:44:11.000000000 +0200
+++ limesurvey/application/controllers/admin/database.php	2013-09-16 17:56:46.271960511 +0200
@@ -987,6 +987,20 @@
 
             //make sure only numbers are passed within the $_POST variable
             $tokenlength = (int) $_POST['tokenlength'];
+	   
+            // Validate email addresses 
+            if ( ! validateEmailAddress($_POST['adminemail']))
+            {
+                Yii::app()->session['flashmessage'] = $clang->gT("Survey could not be updated because notification email is not valid.");
+                $this->getController()->redirect($this->getController()->createUrl('admin/survey/sa/editsurveysettings/surveyid/'.$surveyid));
+                return;
+            }
+            if ( ! validateEmailAddress($_POST['bounce_email']))
+            {
+                Yii::app()->session['flashmessage'] = $clang->gT("Survey could not be updated because bounce email is not valid.");
+                $this->getController()->redirect($this->getController()->createUrl('admin/survey/sa/editsurveysettings/surveyid/'.$surveyid));
+                return;
+            }
 
             //token length has to be at least 5, otherwise set it to default (15)
             if($tokenlength < 5)
--- limesurvey.orig/application/controllers/admin/globalsettings.php	2013-09-13 21:44:11.000000000 +0200
+++ limesurvey/application/controllers/admin/globalsettings.php	2013-09-16 18:00:26.939956930 +0200
@@ -123,6 +123,19 @@
         $clang = $this->getController()->lang;
         Yii::app()->loadHelper('surveytranslator');
 
+        // Validate email addresses
+        if( ! validateEmailAddress($_POST['siteadminemail']))
+        {
+                Yii::app()->session['flashmessage'] = $clang->gT("Site admin email is not valid.");
+                return;
+        }
+        if( ! validateEmailAddress($_POST['siteadminbounce']))
+        {
+                Yii::app()->session['flashmessage'] = $clang->gT("Site admin bounce email in not valid.");
+                return;
+        }
+
+
         $maxemails = $_POST['maxemails'];
         if (sanitize_int($_POST['maxemails']) < 1) {
             $maxemails = 1;
--- limesurvey.orig/application/controllers/admin/surveyadmin.php	2013-09-13 21:44:11.000000000 +0200
+++ limesurvey/application/controllers/admin/surveyadmin.php	2013-09-16 17:59:57.371957410 +0200
@@ -1509,6 +1509,20 @@
                 return;
             }
 
+            // Validate emails 
+            if ( ! validateEmailAddress($_POST['adminemail']))
+            {
+                Yii::app()->session['flashmessage'] = $this->getController()->lang->gT("Survey could not be created because notification email is not valid.");
+                $this->getController()->redirect($this->getController()->createUrl('admin/survey/sa/newsurvey'));
+                return;
+            }
+            if ( ! validateEmailAddress($_POST['bounce_email']))
+            {
+                Yii::app()->session['flashmessage'] = $this->getController()->lang->gT("Survey could not be created because bounce email is not valid.");
+                $this->getController()->redirect($this->getController()->createUrl('admin/survey/sa/newsurvey'));
+                return;
+            }
+
             // Check if template may be used
             $sTemplate = $_POST['template'];
             if (!$sTemplate || (Yii::app()->session['USER_RIGHT_SUPERADMIN'] != 1 && Yii::app()->session['USER_RIGHT_MANAGE_TEMPLATE'] != 1 && !hasTemplateManageRights(Yii::app()->session['loginID'], $_POST['template'])))