From 6c2436ec529ed4f75b1c57c0d43a3138c6fbff6f Mon Sep 17 00:00:00 2001
From: Jan-Claas Dirks <jcd@jcd.cc>
Date: Mon, 14 Sep 2015 20:52:03 -0400
Subject: [PATCH] correct backticking of columns in queries from soap interface

---
 interface/lib/classes/validate_database.inc.php |   73 ++++++++++++++++++------------------
 1 files changed, 37 insertions(+), 36 deletions(-)

diff --git a/interface/lib/classes/validate_database.inc.php b/interface/lib/classes/validate_database.inc.php
index db419e4..e348afe 100644
--- a/interface/lib/classes/validate_database.inc.php
+++ b/interface/lib/classes/validate_database.inc.php
@@ -29,44 +29,45 @@
 */
 
 class validate_database {
-	
+
 	/*
 		Validator function to check if a given list of ips is ok.
 	*/
 	function valid_ip_list($field_name, $field_value, $validator) {
 		global $app;
-		
-    if($_POST["remote_access"] == "y") {
-        if(trim($field_value) == "") return;
-        
-        $values = explode(",", $field_value);
-        foreach($values as $cur_value) {
-            $cur_value = trim($cur_value);
-            
-            $valid = true;
-            if(preg_match("/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/", $cur_value)) {
-                $groups = explode(".", $cur_value);
-                foreach($groups as $group){
-                  if($group<0 OR $group>255)
-                  $valid=false;
-                }
-            } else {
-                $valid = false;
-            }
-            
-            if($valid == false) {
-                $errmsg = $validator['errmsg'];
-                if(isset($app->tform->wordbook[$errmsg])) {
-                    return $app->tform->wordbook[$errmsg]."<br>\r\n";
-                } else {
-                    return $errmsg."<br>\r\n";
-                }
-            }
-        }
-    }
-  }
-	
-	
-	
-	
-}
\ No newline at end of file
+
+		if($_POST["remote_access"] == "y") {
+			if(trim($field_value) == "") return;
+
+			$values = explode(",", $field_value);
+			foreach($values as $cur_value) {
+				$cur_value = trim($cur_value);
+
+				$valid = true;
+//				if(preg_match("/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/", $cur_value)) {
+				if(preg_match("/^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/", $cur_value)) {
+					$groups = explode(".", $cur_value);
+					foreach($groups as $group){
+						if($group<0 or $group>255)
+							$valid=false;
+					}
+				} else {
+					$valid = false;
+				}
+
+				if($valid == false) {
+					$errmsg = $validator['errmsg'];
+					if(isset($app->tform->wordbook[$errmsg])) {
+						return $app->tform->wordbook[$errmsg]."<br>\r\n";
+					} else {
+						return $errmsg."<br>\r\n";
+					}
+				}
+			}
+		}
+	}
+
+
+
+
+}

--
Gitblit v1.9.1