maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

fix editing api-keys as customer

Browse Source 
Signed-off-by: Michael Kaufmann <michael.kaufmann@aixit.com>
This commit is contained in:
Michael Kaufmann
2018-06-23 09:27:56 +02:00
parent 4f69571e1c
commit 9e7715430b
4 changed files with 27 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
api_keys.php
View File

@@ -26,6 +26,7 @@ if (! defined('AREA')) {
$del_stmt = Database::prepare("DELETE FROM `" . TABLE_API_KEYS . "` WHERE id = :id");
$success_message = "";
$id = isset($_GET['id']) ? (int) $_GET['id'] : 0;
$area = AREA;
// do the delete and then just show a success-message and the apikeys list again
if ($action == 'delete') {
@@ -85,7 +86,16 @@ if ($action == 'delete') {
$allowed_from = isset($_POST['allowed_from']) ? $_POST['allowed_from'] : "";
$valid_until = isset($_POST['valid_until']) ? (int)$_POST['valid_until'] : -1;
// @todo validate allowed_from
// validate allowed_from
$ip_list = explode(",", $allowed_from);
$_check_list = $ip_list;
foreach ($_check_list as $idx => $ip) {
if (validate_ip2($ip, true, 'invalidip', true, true) == false) {
unset ($ip_list[$idx]);
}
}
$ip_list = array_map('inet_pton', $ip_list);
$allowed_from = implode(",", array_unique($ip_list));
if ($valid_until <= 0 || !is_numeric($valid_until)) {
$valid_until = -1;