From 6c2436ec529ed4f75b1c57c0d43a3138c6fbff6f Mon Sep 17 00:00:00 2001
From: Jan-Claas Dirks <jcd@jcd.cc>
Date: Mon, 14 Sep 2015 20:52:03 -0400
Subject: [PATCH] correct backticking of columns in queries from soap interface

---
 interface/lib/classes/validate_dns.inc.php |    5 +++--
 1 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/interface/lib/classes/validate_dns.inc.php b/interface/lib/classes/validate_dns.inc.php
index 212c4d7..211d163 100644
--- a/interface/lib/classes/validate_dns.inc.php
+++ b/interface/lib/classes/validate_dns.inc.php
@@ -104,7 +104,7 @@
 		}
 
 		if(substr($field, -1) == '.' && $area == 'Name'){
-			$soa = $app->db->queryOneRecord("SELECT * FROM soa WHERE id = ".intval($zoneid));
+			$soa = $app->db->queryOneRecord("SELECT * FROM soa WHERE id = ?", $zoneid);
 			if(substr($field, (strlen($field) - strlen($soa['origin']))) != $soa['origin']) $error .= $desc." ".$app->tform->wordbook['error_out_of_zone']."<br>\r\n";
 		}
 
@@ -315,7 +315,8 @@
 					if(preg_match("/^(\:\:([a-f0-9]{1,4}\:){0,6}?[a-f0-9]{0,4}|[a-f0-9]{1,4}(\:[a-f0-9]{1,4}){0,6}?\:\:|[a-f0-9]{1,4}(\:[a-f0-9]{1,4}){1,6}?\:\:([a-f0-9]{1,4}\:){1,6}?[a-f0-9]{1,4})(\/\d{1,3})?$/i", $field_value)){
 						$ip_ok = 1;
 					}
-					if(preg_match("/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/", $field_value)){
+//					if(preg_match("/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/", $field_value)){
+					if(preg_match("/^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/", $field_value)){
 						$ip_ok = 1;
 					}
 					if($ip_ok == 0) {

--
Gitblit v1.9.1