From addd70dfe867af290cb9b19b17952a56654acbe6 Mon Sep 17 00:00:00 2001
From: "Michael Kaufmann (d00p)" <d00p@froxlor.org>
Date: Mon, 23 Jun 2014 08:51:04 +0200
Subject: [PATCH] correct validating list of AXFR-servers, fixes #1440

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
---
 actions/admin/settings/160.nameserver.php     |  1 +
 .../function.validateFormFieldString.php      |  7 ++---
 .../validate/function.validate_ip.php         | 26 ++++++++++++++++++-
 3 files changed, 28 insertions(+), 6 deletions(-)

diff --git a/actions/admin/settings/160.nameserver.php b/actions/admin/settings/160.nameserver.php
index 095677b6..3574e4d9 100644
--- a/actions/admin/settings/160.nameserver.php
+++ b/actions/admin/settings/160.nameserver.php
@@ -74,6 +74,7 @@ return array(
 					'varname' => 'axfrservers',
 					'type' => 'string',
 					'string_type' => 'validate_ip',
+					'string_delimiter' => ',',
 					'string_emptyallowed' => true,
 					'default' => '',
 					'save_method' => 'storeSettingField',
diff --git a/lib/functions/formfields/string/function.validateFormFieldString.php b/lib/functions/formfields/string/function.validateFormFieldString.php
index 4993ce61..ad8e42fe 100644
--- a/lib/functions/formfields/string/function.validateFormFieldString.php
+++ b/lib/functions/formfields/string/function.validateFormFieldString.php
@@ -107,11 +107,8 @@ function validateFormFieldString($fieldname, $fielddata, $newfieldvalue)
 			}
 		}
 		elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'validate_ip') {
-			$newfieldvalue = validate_ip($newfieldvalue, true);
-			if ($newfieldvalue === false) {
-				$newfieldvalue = '';
-			}
-			$returnvalue = false;
+			$newfieldvalue = validate_ip2($newfieldvalue);
+			$returnvalue = ($newfieldvalue !== false ? true : 'invalidip');
 		}
 		elseif (preg_match('/^[^\r\n\t\f\0]*$/D', $newfieldvalue)) {
 			$returnvalue = true;
diff --git a/lib/functions/validate/function.validate_ip.php b/lib/functions/validate/function.validate_ip.php
index 54b57e6b..36b3e9eb 100644
--- a/lib/functions/validate/function.validate_ip.php
+++ b/lib/functions/validate/function.validate_ip.php
@@ -21,6 +21,7 @@
  * Checks whether it is a valid ip
  *
  * @return mixed 	ip address on success, standard_error on failure
+ * @deprecated use validate_ip2
  */
 function validate_ip($ip, $return_bool = false, $lng = 'invalidip') {
 
@@ -32,9 +33,32 @@ function validate_ip($ip, $return_bool = false, $lng = 'invalidip') {
 			return false;
 		} else {
 			standard_error($lng, $ip);
-			exit;
+			exit();
 		}
 	} else {
 		return $ip;
 	}
+
+}
+
+/**
+ * Checks whether it is a valid ip
+ *
+ * @return mixed 	ip address on success, false on failure
+ */
+function validate_ip2($ip, $return_bool = false, $lng = 'invalidip') {
+
+	if ((filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)
+			|| filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4))
+			&& filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE | FILTER_FLAG_NO_PRIV_RANGE)
+	) {
+		return $ip;
+	}
+
+	if ($return_bool) {
+		return false;
+	} else {
+		standard_error($lng, $ip);
+		exit();
+	}
 }