maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

#564

Browse Source 
fix wording
add validation for cidr syntax
add automatic transform of cidr to netmask for mysql
This commit is contained in:
Pascal
2019-05-04 00:39:12 +02:00
parent 0f4d8d76ae
commit f297058461
4 changed files with 52 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
lib/Froxlor/Settings/Store.php
View File

@@ -290,6 +290,28 @@ class Store
public static function storeSettingMysqlAccessHost($fieldname, $fielddata, $newfieldvalue) public static function storeSettingMysqlAccessHost($fieldname, $fielddata, $newfieldvalue)
{ {
$ips = $newfieldvalue;
//Convert cidr to netmask for mysql, if needed be
if(strpos($ips, ',') !== false) {
$ips = explode(',', $ips);
}
if(is_array($ips) && count($ips) > 0) {
$newfieldvalue = [];
foreach ($ips as $ip) {
$org_ip = $ip;
$ip_cidr = explode("/", $ip);
if (count($ip_cidr) == 2) {
$ip = $ip_cidr[0];
if(in_array((int)strlen((string)$ip_cidr[1]),array(1,2))) {
$ip_cidr[1] = \Froxlor\Validate\Validate::cidr2NetmaskAddr($org_ip);
}
$newfieldvalue[] = $ip . '/' . $ip_cidr[1];
} else {
$newfieldvalue[] = $org_ip;
}
}
$newfieldvalue = implode(',', $newfieldvalue);
}
$returnvalue = self::storeSettingField($fieldname, $fielddata, $newfieldvalue); $returnvalue = self::storeSettingField($fieldname, $fielddata, $newfieldvalue);
if ($returnvalue !== false && is_array($fielddata) && isset($fielddata['settinggroup']) && $fielddata['settinggroup'] == 'system' && isset($fielddata['varname']) && $fielddata['varname'] == 'mysql_access_host') { if ($returnvalue !== false && is_array($fielddata) && isset($fielddata['settinggroup']) && $fielddata['settinggroup'] == 'system' && isset($fielddata['varname']) && $fielddata['varname'] == 'mysql_access_host') {

33
lib/Froxlor/Validate/Validate.php
View File

@@ -16,10 +16,10 @@ class Validate
* @param * @param
* string language id for the error * string language id for the error
* @return string the clean string * @return string the clean string
* *
* If the default pattern is used and the string does not match, we try to replace the * If the default pattern is used and the string does not match, we try to replace the
* 'bad' values and log the action. * 'bad' values and log the action.
* *
*/ */
public static function validate($str, $fieldname, $pattern = '', $lng = '', $emptydefault = array(), $throw_exception = false) public static function validate($str, $fieldname, $pattern = '', $lng = '', $emptydefault = array(), $throw_exception = false)
{ {
@@ -64,6 +64,26 @@ class Validate
exit(); exit();
} }
/**
* Converts CIDR to a netmask address
*
* @thx to https://stackoverflow.com/a/5711080/3020926
* @param string $cidr
*
* @return string
*/
public static function cidr2NetmaskAddr ($cidr) {
$ta = substr ($cidr, strpos ($cidr, '/') + 1) * 1;
$netmask = str_split (str_pad (str_pad ('', $ta, '1'), 32, '0'), 8);
foreach ($netmask as &$element) {
$element = bindec ($element);
}
return join ('.', $netmask);
}
/** /**
* Checks whether it is a valid ip * Checks whether it is a valid ip
* *
@@ -79,7 +99,7 @@ class Validate
* whether to allow private network addresses * whether to allow private network addresses
* @param bool $allow_cidr * @param bool $allow_cidr
* whether to allow CIDR values e.g. 10.10.10.10/16 * whether to allow CIDR values e.g. 10.10.10.10/16
* *
* @return string|bool ip address on success, false on failure * @return string|bool ip address on success, false on failure
*/ */
public static function validate_ip2($ip, $return_bool = false, $lng = 'invalidip', $allow_localhost = false, $allow_priv = false, $allow_cidr = false, $throw_exception = false) public static function validate_ip2($ip, $return_bool = false, $lng = 'invalidip', $allow_localhost = false, $allow_priv = false, $allow_cidr = false, $throw_exception = false)
@@ -90,6 +110,9 @@ class Validate
$ip_cidr = explode("/", $ip); $ip_cidr = explode("/", $ip);
if (count($ip_cidr) == 2) { if (count($ip_cidr) == 2) {
$ip = $ip_cidr[0]; $ip = $ip_cidr[0];
if(in_array((int)strlen((string)$ip_cidr[1]),array(1,2))) {
$ip_cidr[1] = self::cidr2NetmaskAddr($org_ip);
}
$cidr = "/" . $ip_cidr[1]; $cidr = "/" . $ip_cidr[1];
} else { } else {
$ip = $org_ip; $ip = $org_ip;
@@ -129,7 +152,7 @@ class Validate
* The domainname which should be checked. * The domainname which should be checked.
* @param bool $allow_underscore * @param bool $allow_underscore
* optional if true, allowes the underscore character in a domain label (DKIM etc.) * optional if true, allowes the underscore character in a domain label (DKIM etc.)
* *
* @return string|boolean the domain-name if the domain is valid, false otherwise * @return string|boolean the domain-name if the domain is valid, false otherwise
*/ */
public static function validateDomain($domainname, $allow_underscore = false) public static function validateDomain($domainname, $allow_underscore = false)
@@ -184,7 +207,7 @@ class Validate
* string The username to check * string The username to check
* @return bool Correct or not * @return bool Correct or not
* @author Michael Duergner <michael@duergner.com> * @author Michael Duergner <michael@duergner.com>
* *
*/ */
public static function validateUsername($username, $unix_names = 1, $mysql_max = '') public static function validateUsername($username, $unix_names = 1, $mysql_max = '')
{ {

2
lng/english.lng.php
View File

@@ -569,7 +569,7 @@ $lng['serversettings']['apacheconf_htpasswddir']['description'] = 'Where should
$lng['error']['formtokencompromised'] = 'The request seems to be compromised. For security reasons you were logged out.'; $lng['error']['formtokencompromised'] = 'The request seems to be compromised. For security reasons you were logged out.';
$lng['serversettings']['mysql_access_host']['title'] = 'MySQL-Access-Hosts'; $lng['serversettings']['mysql_access_host']['title'] = 'MySQL-Access-Hosts';
$lng['serversettings']['mysql_access_host']['description'] = 'A comma separated list of hosts from which users should be allowed to connect to the MySQL-Server. To allow a subnet, long CIDR syntax like 100.127.0.0/255.255.0.0 is valid.'; $lng['serversettings']['mysql_access_host']['description'] = 'A comma separated list of hosts from which users should be allowed to connect to the MySQL-Server. To allow a subnet the netmask or cidr syntax is valid.';
// ADDED IN 1.2.18-svn1 // ADDED IN 1.2.18-svn1

2
lng/german.lng.php
View File

@@ -564,7 +564,7 @@ $lng['serversettings']['apacheconf_htpasswddir']['description'] = 'Wo sollen die
$lng['error']['formtokencompromised'] = 'Das Formular scheint manipuliert worden zu sein. Aus Sicherheitsgründen wurden Sie ausgelogged.'; $lng['error']['formtokencompromised'] = 'Das Formular scheint manipuliert worden zu sein. Aus Sicherheitsgründen wurden Sie ausgelogged.';
$lng['serversettings']['mysql_access_host']['title'] = 'MySQL-Access-Hosts'; $lng['serversettings']['mysql_access_host']['title'] = 'MySQL-Access-Hosts';
$lng['serversettings']['mysql_access_host']['description'] = 'Eine durch Komma getrennte Liste mit den Hostnamen aller Hostnames/IP-Adressen, von denen sich die Benutzer einloggen dürfen. Um ein Subnetz zu erlauben, die lange CIDR Schreibweise (Beispiel 100.127.0.0/255.255.0.0) ist erlaubt.'; $lng['serversettings']['mysql_access_host']['description'] = 'Eine durch Komma getrennte Liste mit den Hostnamen aller Hostnames/IP-Adressen, von denen sich die Benutzer einloggen dürfen. Um ein Subnetz zu erlauben ist die Netzmaske oder CIDR Syntax erlaubt.';
// ADDED IN 1.2.18-svn1 // ADDED IN 1.2.18-svn1