gitlabFork/ISPConfig3.git - Solinfo Gitblit

			@@ -412,21 +412,21 @@
			if(!preg_match($validator['regex'], $field_value)) {
			$errmsg = $validator['errmsg'];
			if(isset($this->wordbook[$errmsg])) {
			$this->errorMessage .= $this->wordbook[$errmsg]."<br>\r\n";
			$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
			} else {
			$this->errorMessage .= $errmsg."<br>\r\n";
			$this->errorMessage .= $errmsg."<br />\r\n";
			}
			}
			break;
			case 'UNIQUE':
			if($this->action == 'INSERT') {
			if($this->action == 'NEW') {
			$num_rec = $app->db->queryOneRecord("SELECT count(*) as number FROM ".$escape.$this->formDef['db_table'].$escape. " WHERE $field_name = '".$app->db->quote($field_value)."'");
			if($num_rec["number"] > 0) {
			$errmsg = $validator['errmsg'];
			if(isset($this->wordbook[$errmsg])) {
			$this->errorMessage .= $this->wordbook[$errmsg]."<br>\r\n";
			$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
			} else {
			$this->errorMessage .= $errmsg."<br>\r\n";
			$this->errorMessage .= $errmsg."<br />\r\n";
			}
			}
			} else {
			@@ -434,9 +434,9 @@
			if($num_rec["number"] > 0) {
			$errmsg = $validator['errmsg'];
			if(isset($this->wordbook[$errmsg])) {
			$this->errorMessage .= $this->wordbook[$errmsg]."<br>\r\n";
			$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
			} else {
			$this->errorMessage .= $errmsg."<br>\r\n";
			$this->errorMessage .= $errmsg."<br />\r\n";
			}
			}
			}
			@@ -445,42 +445,112 @@
			if(empty($field_value)) {
			$errmsg = $validator['errmsg'];
			if(isset($this->wordbook[$errmsg])) {
			$this->errorMessage .= $this->wordbook[$errmsg]."<br>\r\n";
			$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
			} else {
			$this->errorMessage .= $errmsg."<br>\r\n";
			$this->errorMessage .= $errmsg."<br />\r\n";
			}
			}
			break;
			case 'ISEMAIL':
			if(!preg_match("/^\w+[\w.-]\w+@\w+[\w.-]\w+\.[a-z]{2,10}$/i", $field_value)) {
			if(function_exists('filter_var')) {
			if(!filter_var($field_value, FILTER_VALIDATE_EMAIL)) {
			$errmsg = $validator['errmsg'];
			if(isset($this->wordbook[$errmsg])) {
			$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
			} else {
			$this->errorMessage .= $errmsg."<br />\r\n";
			}
			}
			} else {
			if(!preg_match("/^\w+[\w\.\-\+]\w{0,}@\w+[\w.-]\w+\.[a-zA-Z0-9\-]{2,30}$/i", $field_value)) {
			$errmsg = $validator['errmsg'];
			if(isset($this->wordbook[$errmsg])) {
			$this->errorMessage .= $this->wordbook[$errmsg]."<br>\r\n";
			$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
			} else {
			$this->errorMessage .= $errmsg."<br>\r\n";
			$this->errorMessage .= $errmsg."<br />\r\n";
			}
			}
			}
			break;
			case 'ISINT':
			if(function_exists('filter_var')) {
			if(!filter_var($field_value, FILTER_VALIDATE_INT)) {
			$errmsg = $validator['errmsg'];
			if(isset($this->wordbook[$errmsg])) {
			$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
			} else {
			$this->errorMessage .= $errmsg."<br />\r\n";
			}
			}
			} else {
			$tmpval = intval($field_value);
			if($tmpval === 0 and !empty($field_value)) {
			$errmsg = $validator['errmsg'];
			if(isset($this->wordbook[$errmsg])) {
			$this->errorMessage .= $this->wordbook[$errmsg]."<br>\r\n";
			$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
			} else {
			$this->errorMessage .= $errmsg."<br>\r\n";
			$this->errorMessage .= $errmsg."<br />\r\n";
			}
			}
			}
			break;
			case 'ISPOSITIVE':
			if(!is_numeric($field_value) \|\| $field_value <= 0){
			$errmsg = $validator['errmsg'];
			if(isset($this->wordbook[$errmsg])) {
			$this->errorMessage .= $this->wordbook[$errmsg]."<br>\r\n";
			$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
			} else {
			$this->errorMessage .= $errmsg."<br>\r\n";
			$this->errorMessage .= $errmsg."<br />\r\n";
			}
			}
			break;
			case 'ISIPV4':
			$vip=1;
			if(preg_match("/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/", $field_value)){
			$groups=explode(".",$field_value);
			foreach($groups as $group){
			if($group<0 OR $group>255)
			$vip=0;
			}
			}else{$vip=0;}
			if($vip==0) {
			$errmsg = $validator['errmsg'];
			if(isset($this->wordbook[$errmsg])) {
			$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
			} else {
			$this->errorMessage .= $errmsg."<br />\r\n";
			}
			}
			break;
			case 'ISIP':
			//* Check if its a IPv4 or IPv6 address
			if(function_exists('filter_var')) {
			if(!filter_var($field_value,FILTER_VALIDATE_IP)) {
			$errmsg = $validator['errmsg'];
			if(isset($this->wordbook[$errmsg])) {
			$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
			} else {
			$this->errorMessage .= $errmsg."<br />\r\n";
			}
			}
			} else {
			//* Check content with regex, if we use php < 5.2
			$ip_ok = 0;
			if(preg_match("/^(\:\:([a-f0-9]{1,4}\:){0,6}?[a-f0-9]{0,4}\|[a-f0-9]{1,4}(\:[a-f0-9]{1,4}){0,6}?\:\:\|[a-f0-9]{1,4}(\:[a-f0-9]{1,4}){1,6}?\:\:([a-f0-9]{1,4}\:){1,6}?[a-f0-9]{1,4})(\/\d{1,3})?$/i", $field_value)){
			$ip_ok = 1;
			}
			if(preg_match("/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/", $field_value)){
			$ip_ok = 1;
			}
			if($ip_ok == 0) {
			$errmsg = $validator['errmsg'];
			if(isset($this->wordbook[$errmsg])) {
			$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
			} else {
			$this->errorMessage .= $errmsg."<br />\r\n";
			}
			}
			}
			break;
			case 'CUSTOM':
			// Calls a custom class to validate this record
			@@ -490,7 +560,7 @@
			$app->uses($validator_class);
			$this->errorMessage .= $app->$validator_class->$validator_function($field_name, $field_value, $validator);
			} else {
			$this->errorMessage .= "Custom validator class or function is empty<br>\r\n";
			$this->errorMessage .= "Custom validator class or function is empty<br />\r\n";
			}
			break;
			default:
			@@ -536,11 +606,16 @@
			if($field['formtype'] == 'PASSWORD') {
			$sql_insert_key .= "`$key`, ";
			if($field['encryption'] == 'CRYPT') {
			$record[$key] = $app->auth->crypt_password(stripslashes($record[$key]));
			$record[$key] = $app->auth->crypt_password(stripslashes($record[$key]));
			$sql_insert_val .= "'".$app->db->quote($record[$key])."', ";
			} elseif ($field['encryption'] == 'MYSQL') {
			$sql_insert_val .= "PASSWORD('".$app->db->quote($record[$key])."'), ";
			} elseif ($field['encryption'] == 'CLEARTEXT') {
			$sql_insert_val .= "'".$app->db->quote($record[$key])."', ";
			} else {
			$record[$key] = md5($record[$key]);
			$record[$key] = md5(stripslashes($record[$key]));
			$sql_insert_val .= "'".$app->db->quote($record[$key])."', ";
			}
			$sql_insert_val .= "'".$record[$key]."', ";
			} elseif ($field['formtype'] == 'CHECKBOX') {
			$sql_insert_key .= "`$key`, ";
			if($record[$key] == '') {
			@@ -555,13 +630,19 @@
			$sql_insert_val .= "'".$record[$key]."', ";
			}
			} else {

			if($field['formtype'] == 'PASSWORD') {
			if($field['encryption'] == 'CRYPT') {
			if(isset($field['encryption']) && $field['encryption'] == 'CRYPT') {
			$record[$key] = $app->auth->crypt_password(stripslashes($record[$key]));
			$sql_update .= "`$key` = '".$app->db->quote($record[$key])."', ";
			} elseif (isset($field['encryption']) && $field['encryption'] == 'MYSQL') {
			$sql_update .= "`$key` = PASSWORD('".$app->db->quote($record[$key])."'), ";
			} elseif (isset($field['encryption']) && $field['encryption'] == 'CLEARTEXT') {
			$sql_update .= "`$key` = '".$app->db->quote($record[$key])."', ";
			} else {
			$record[$key] = md5($record[$key]);
			$record[$key] = md5(stripslashes($record[$key]));
			$sql_update .= "`$key` = '".$app->db->quote($record[$key])."', ";
			}
			$sql_update .= "`$key` = '".$record[$key]."', ";
			} elseif ($field['formtype'] == 'CHECKBOX') {
			if($record[$key] == '') {
			// if a checkbox is not set, we set it to the unchecked value
			@@ -645,7 +726,11 @@
			foreach($primary_id as $key => $val) {
			$key = $app->db->quote($key);
			$val = $app->db->quote($val);
			$sql_where .= "$key = '$val' AND ";
			if(stristr($val,'%')) {
			$sql_where .= "$key like '$val' AND ";
			} else {
			$sql_where .= "$key = '$val' AND ";
			}
			}
			$sql_where = substr($sql_where,0,-5);
			$sql = "SELECT * FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$sql_where;