diff --git a/lib/Froxlor/Settings/Store.php b/lib/Froxlor/Settings/Store.php index 5c567d31..9e3627f6 100644 --- a/lib/Froxlor/Settings/Store.php +++ b/lib/Froxlor/Settings/Store.php @@ -290,6 +290,28 @@ class Store public static function storeSettingMysqlAccessHost($fieldname, $fielddata, $newfieldvalue) { + $ips = $newfieldvalue; + //Convert cidr to netmask for mysql, if needed be + if(strpos($ips, ',') !== false) { + $ips = explode(',', $ips); + } + if(is_array($ips) && count($ips) > 0) { + $newfieldvalue = []; + foreach ($ips as $ip) { + $org_ip = $ip; + $ip_cidr = explode("/", $ip); + if (count($ip_cidr) == 2) { + $ip = $ip_cidr[0]; + if(in_array((int)strlen((string)$ip_cidr[1]),array(1,2))) { + $ip_cidr[1] = \Froxlor\Validate\Validate::cidr2NetmaskAddr($org_ip); + } + $newfieldvalue[] = $ip . '/' . $ip_cidr[1]; + } else { + $newfieldvalue[] = $org_ip; + } + } + $newfieldvalue = implode(',', $newfieldvalue); + } $returnvalue = self::storeSettingField($fieldname, $fielddata, $newfieldvalue); if ($returnvalue !== false && is_array($fielddata) && isset($fielddata['settinggroup']) && $fielddata['settinggroup'] == 'system' && isset($fielddata['varname']) && $fielddata['varname'] == 'mysql_access_host') { diff --git a/lib/Froxlor/Validate/Validate.php b/lib/Froxlor/Validate/Validate.php index 150bf44a..b154439c 100644 --- a/lib/Froxlor/Validate/Validate.php +++ b/lib/Froxlor/Validate/Validate.php @@ -16,10 +16,10 @@ class Validate * @param * string language id for the error * @return string the clean string - * + * * If the default pattern is used and the string does not match, we try to replace the * 'bad' values and log the action. - * + * */ public static function validate($str, $fieldname, $pattern = '', $lng = '', $emptydefault = array(), $throw_exception = false) { @@ -64,6 +64,26 @@ class Validate exit(); } + /** + * Converts CIDR to a netmask address + * + * @thx to https://stackoverflow.com/a/5711080/3020926 + * @param string $cidr + * + * @return string + */ + public static function cidr2NetmaskAddr ($cidr) { + + $ta = substr ($cidr, strpos ($cidr, '/') + 1) * 1; + $netmask = str_split (str_pad (str_pad ('', $ta, '1'), 32, '0'), 8); + + foreach ($netmask as &$element) { + $element = bindec ($element); + } + + return join ('.', $netmask); + } + /** * Checks whether it is a valid ip * @@ -79,7 +99,7 @@ class Validate * whether to allow private network addresses * @param bool $allow_cidr * whether to allow CIDR values e.g. 10.10.10.10/16 - * + * * @return string|bool ip address on success, false on failure */ public static function validate_ip2($ip, $return_bool = false, $lng = 'invalidip', $allow_localhost = false, $allow_priv = false, $allow_cidr = false, $throw_exception = false) @@ -90,6 +110,9 @@ class Validate $ip_cidr = explode("/", $ip); if (count($ip_cidr) == 2) { $ip = $ip_cidr[0]; + if(in_array((int)strlen((string)$ip_cidr[1]),array(1,2))) { + $ip_cidr[1] = self::cidr2NetmaskAddr($org_ip); + } $cidr = "/" . $ip_cidr[1]; } else { $ip = $org_ip; @@ -129,7 +152,7 @@ class Validate * The domainname which should be checked. * @param bool $allow_underscore * optional if true, allowes the underscore character in a domain label (DKIM etc.) - * + * * @return string|boolean the domain-name if the domain is valid, false otherwise */ public static function validateDomain($domainname, $allow_underscore = false) @@ -184,7 +207,7 @@ class Validate * string The username to check * @return bool Correct or not * @author Michael Duergner - * + * */ public static function validateUsername($username, $unix_names = 1, $mysql_max = '') { diff --git a/lng/english.lng.php b/lng/english.lng.php index 672df707..964ec0b3 100644 --- a/lng/english.lng.php +++ b/lng/english.lng.php @@ -569,7 +569,7 @@ $lng['serversettings']['apacheconf_htpasswddir']['description'] = 'Where should $lng['error']['formtokencompromised'] = 'The request seems to be compromised. For security reasons you were logged out.'; $lng['serversettings']['mysql_access_host']['title'] = 'MySQL-Access-Hosts'; -$lng['serversettings']['mysql_access_host']['description'] = 'A comma separated list of hosts from which users should be allowed to connect to the MySQL-Server. To allow a subnet, long CIDR syntax like 100.127.0.0/255.255.0.0 is valid.'; +$lng['serversettings']['mysql_access_host']['description'] = 'A comma separated list of hosts from which users should be allowed to connect to the MySQL-Server. To allow a subnet the netmask or cidr syntax is valid.'; // ADDED IN 1.2.18-svn1 diff --git a/lng/german.lng.php b/lng/german.lng.php index bcb57709..791c2513 100644 --- a/lng/german.lng.php +++ b/lng/german.lng.php @@ -564,7 +564,7 @@ $lng['serversettings']['apacheconf_htpasswddir']['description'] = 'Wo sollen die $lng['error']['formtokencompromised'] = 'Das Formular scheint manipuliert worden zu sein. Aus Sicherheitsgründen wurden Sie ausgelogged.'; $lng['serversettings']['mysql_access_host']['title'] = 'MySQL-Access-Hosts'; -$lng['serversettings']['mysql_access_host']['description'] = 'Eine durch Komma getrennte Liste mit den Hostnamen aller Hostnames/IP-Adressen, von denen sich die Benutzer einloggen dürfen. Um ein Subnetz zu erlauben, die lange CIDR Schreibweise (Beispiel 100.127.0.0/255.255.0.0) ist erlaubt.'; +$lng['serversettings']['mysql_access_host']['description'] = 'Eine durch Komma getrennte Liste mit den Hostnamen aller Hostnames/IP-Adressen, von denen sich die Benutzer einloggen dürfen. Um ein Subnetz zu erlauben ist die Netzmaske oder CIDR Syntax erlaubt.'; // ADDED IN 1.2.18-svn1