Skip to content

Commit db20690

Browse files
author
Florian Schaal
committed
use filter_var instead of regex for ip-addresses
1 parent 6c45c47 commit db20690

File tree

1 file changed

+29
-59
lines changed

1 file changed

+29
-59
lines changed

interface/lib/classes/tform_base.inc.php

Lines changed: 29 additions & 59 deletions
Original file line numberDiff line numberDiff line change
@@ -975,16 +975,7 @@ function validateField($field_name, $field_value, $validators) {
975975
$this->errorMessage .= $errmsg."<br />\r\n";
976976
}
977977
}
978-
} else {
979-
if(!preg_match("/^\w+[\w\.\-\+]*\w{0,}@\w+[\w.-]*\w+\.[a-zA-Z0-9\-]{2,30}$/i", $field_value)) {
980-
$errmsg = $validator['errmsg'];
981-
if(isset($this->wordbook[$errmsg])) {
982-
$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
983-
} else {
984-
$this->errorMessage .= $errmsg."<br />\r\n";
985-
}
986-
}
987-
}
978+
} else $this->errorMessage .= "function filter_var missing <br />\r\n";
988979
break;
989980
case 'ISINT':
990981
if(function_exists('filter_var') && $field_value < 2147483647) {
@@ -996,31 +987,22 @@ function validateField($field_name, $field_value, $validators) {
996987
$this->errorMessage .= $errmsg."<br />\r\n";
997988
}
998989
}
999-
} else {
1000-
$tmpval = $app->functions->intval($field_value);
1001-
if($tmpval === 0 and !empty($field_value)) {
990+
} else $this->errorMessage .= "function filter_var missing <br />\r\n";
991+
break;
992+
case 'ISPOSITIVE':
993+
if(function_exists('filter_var')) {
994+
if($field_value != '' && filter_var($field_value, FILTER_VALIDATE_INT, array("options" => array('min_range'=>1))) === false) {
1002995
$errmsg = $validator['errmsg'];
1003996
if(isset($this->wordbook[$errmsg])) {
1004997
$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
1005998
} else {
1006999
$this->errorMessage .= $errmsg."<br />\r\n";
10071000
}
10081001
}
1009-
}
1010-
break;
1011-
case 'ISPOSITIVE':
1012-
if(!is_numeric($field_value) || $field_value <= 0){
1013-
$errmsg = $validator['errmsg'];
1014-
if(isset($this->wordbook[$errmsg])) {
1015-
$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
1016-
} else {
1017-
$this->errorMessage .= $errmsg."<br />\r\n";
1018-
}
1019-
}
1002+
} else $this->errorMessage .= "function filter_var missing <br />\r\n";
10201003
break;
10211004
case 'V6PREFIXEND':
10221005
$explode_field_value = explode(':',$field_value);
1023-
// if ($explode_field_value[count($explode_field_value)-1]=='' && $explode_field_value[count($explode_field_value)-2]=='' ){ }
10241006
if (!$explode_field_value[count($explode_field_value)-1]=='' && $explode_field_value[count($explode_field_value)-2]!='' ) {
10251007
$errmsg = $validator['errmsg'];
10261008
if(isset($this->wordbook[$errmsg])) {
@@ -1065,23 +1047,29 @@ function validateField($field_name, $field_value, $validators) {
10651047
break;
10661048

10671049
case 'ISIPV4':
1068-
$vip=1;
1069-
// if(preg_match("/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/", $field_value)){
1070-
if(preg_match("/^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/", $field_value)){
1071-
$groups=explode(".", $field_value);
1072-
foreach($groups as $group){
1073-
if($group<0 or $group>255)
1074-
$vip=0;
1050+
if(function_exists('filter_var')) {
1051+
if(!filter_var($field_value, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
1052+
$errmsg = $validator['errmsg'];
1053+
if(isset($this->wordbook[$errmsg])) {
1054+
$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
1055+
} else {
1056+
$this->errorMessage .= $errmsg."<br />\r\n";
1057+
}
10751058
}
1076-
}else{$vip=0;}
1077-
if($vip==0) {
1078-
$errmsg = $validator['errmsg'];
1079-
if(isset($this->wordbook[$errmsg])) {
1080-
$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
1081-
} else {
1082-
$this->errorMessage .= $errmsg."<br />\r\n";
1059+
} else $this->errorMessage .= "function filter_var missing <br />\r\n";
1060+
break;
1061+
1062+
case 'ISIPV6':
1063+
if(function_exists('filter_var')) {
1064+
if(!filter_var($field_value, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
1065+
$errmsg = $validator['errmsg'];
1066+
if(isset($this->wordbook[$errmsg])) {
1067+
$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
1068+
} else {
1069+
$this->errorMessage .= $errmsg."<br />\r\n";
1070+
}
10831071
}
1084-
}
1072+
} else $this->errorMessage .= "function filter_var missing <br />\r\n";
10851073
break;
10861074

10871075
case 'ISIP':
@@ -1107,25 +1095,7 @@ function validateField($field_name, $field_value, $validators) {
11071095
$this->errorMessage .= $errmsg."<br />\r\n";
11081096
}
11091097
}
1110-
} else {
1111-
//* Check content with regex, if we use php < 5.2
1112-
$ip_ok = 0;
1113-
if(preg_match("/^(\:\:([a-f0-9]{1,4}\:){0,6}?[a-f0-9]{0,4}|[a-f0-9]{1,4}(\:[a-f0-9]{1,4}){0,6}?\:\:|[a-f0-9]{1,4}(\:[a-f0-9]{1,4}){1,6}?\:\:([a-f0-9]{1,4}\:){1,6}?[a-f0-9]{1,4})(\/\d{1,3})?$/i", $field_value)){
1114-
$ip_ok = 1;
1115-
}
1116-
// if(preg_match("/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/", $field_value)){
1117-
if(preg_match("/^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/", $field_value)){
1118-
$ip_ok = 1;
1119-
}
1120-
if($ip_ok == 0) {
1121-
$errmsg = $validator['errmsg'];
1122-
if(isset($this->wordbook[$errmsg])) {
1123-
$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
1124-
} else {
1125-
$this->errorMessage .= $errmsg."<br />\r\n";
1126-
}
1127-
}
1128-
}
1098+
} else $this->errorMessage .= "function filter_var missing <br />\r\n";
11291099
}
11301100
}
11311101
break;

0 commit comments

Comments
 (0)