validate record/label in dns-editor; better escaping for soa-admin mail

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
2016-05-18 10:35:47 +02:00
parent b029fe113e
commit b14ab6b1c1
2 changed files with 26 additions and 2 deletions
--- a/dns_editor.php
+++ b/dns_editor.php
@@ -51,7 +51,24 @@ if ($action == 'add_record' && ! empty($_POST)) {

 	$record = strtolower($record);

-	// TODO regex validate record and content for invalid characters
+	if ($record != '@' && $record != '*')
+	{
+		// validate record
+		if (strpos($record, '--') !== false) {
+			$errors[] = $lng['error']['domain_nopunycode'];
+		}
+		else
+		{
+			$record = $idna_convert->encode($record);
+			$check_dom = $record.'.example.com';
+			if (!validateDomain($check_dom))
+			{
+				$errors[] = sprintf($lng['error']['subdomainiswrong'], $idna_convert->decode($record));
+			}
+		}
+	}
+
+	// TODO regex validate content for invalid characters

 	if ($ttl <= 0) {
 		$ttl = 18000;