From 3de01afce01e49c4937de113b3047c3d792eb07e Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Wed, 4 Oct 2017 19:01:46 +0200
Subject: [PATCH] [Web] Fixes #650

---
 data/web/inc/functions.policy.inc.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/data/web/inc/functions.policy.inc.php b/data/web/inc/functions.policy.inc.php
index 2de1c6e2..9609d5e1 100644
--- a/data/web/inc/functions.policy.inc.php
+++ b/data/web/inc/functions.policy.inc.php
@@ -32,7 +32,7 @@ function policy($_action, $_scope, $_data = null) {
             $object_list = "whitelist_from";
           }
           $object_from = preg_replace('/\.+/', '.', rtrim(preg_replace("/\.\*/", "*", trim(strtolower($_data['object_from']))), '.'));
-          if (!ctype_alnum(str_replace(array('@', '.', '-', '*'), '', $object_from))) {
+          if (!ctype_alnum(str_replace(array('@', '_', '.', '-', '*'), '', $object_from))) {
             $_SESSION['return'] = array(
               'type' => 'danger',
               'msg' => sprintf($lang['danger']['policy_list_from_invalid'])
@@ -112,7 +112,7 @@ function policy($_action, $_scope, $_data = null) {
             $object_list = "whitelist_from";
           }
           $object_from = preg_replace('/\.+/', '.', rtrim(preg_replace("/\.\*/", "*", trim(strtolower($_data['object_from']))), '.'));
-          if (!ctype_alnum(str_replace(array('@', '.', '-', '*'), '', $object_from))) {
+          if (!ctype_alnum(str_replace(array('@', '_', '.', '-', '*'), '', $object_from))) {
             $_SESSION['return'] = array(
               'type' => 'danger',
               'msg' => sprintf($lang['danger']['policy_list_from_invalid'])