From cc7a82756b4f4d7ab18e928527c37489adbaf564 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Tue, 07 Apr 2015 14:10:50 -0400
Subject: [PATCH] - rewrite of sql queries to new form

---
 interface/lib/classes/functions.inc.php |   60 ++++++++++++++++++++++++++++--------------------------------
 1 files changed, 28 insertions(+), 32 deletions(-)

diff --git a/interface/lib/classes/functions.inc.php b/interface/lib/classes/functions.inc.php
index a964634..5bbff40 100644
--- a/interface/lib/classes/functions.inc.php
+++ b/interface/lib/classes/functions.inc.php
@@ -202,7 +202,7 @@
 		}
 
 		$ips = array();
-		$results = $app->db->queryAllRecords("SELECT ip_address AS ip, server_id FROM server_ip WHERE ip_type = '".$type."'");
+		$results = $app->db->queryAllRecords("SELECT ip_address AS ip, server_id FROM server_ip WHERE ip_type = ?", $type);
 		if(!empty($results) && is_array($results)){
 			foreach($results as $result){
 				if(preg_match($regex, $result['ip'])){
@@ -229,37 +229,7 @@
 				if(preg_match($regex, $result['ip'])) $ips[] = $result['ip'];
 			}
 		}
-
-		$results = $app->db->queryAllRecords("SELECT xfer FROM dns_slave WHERE xfer != ''");
-		if(!empty($results) && is_array($results)){
-			foreach($results as $result){
-				$tmp_ips = explode(',', $result['xfer']);
-				foreach($tmp_ips as $tmp_ip){
-					$tmp_ip = trim($tmp_ip);
-					if(preg_match($regex, $tmp_ip)) $ips[] = $tmp_ip;
-				}
-			}
-		}
-		$results = $app->db->queryAllRecords("SELECT xfer FROM dns_soa WHERE xfer != ''");
-		if(!empty($results) && is_array($results)){
-			foreach($results as $result){
-				$tmp_ips = explode(',', $result['xfer']);
-				foreach($tmp_ips as $tmp_ip){
-					$tmp_ip = trim($tmp_ip);
-					if(preg_match($regex, $tmp_ip)) $ips[] = $tmp_ip;
-				}
-			}
-		}
-		$results = $app->db->queryAllRecords("SELECT also_notify FROM dns_soa WHERE also_notify != ''");
-		if(!empty($results) && is_array($results)){
-			foreach($results as $result){
-				$tmp_ips = explode(',', $result['also_notify']);
-				foreach($tmp_ips as $tmp_ip){
-					$tmp_ip = trim($tmp_ip);
-					if(preg_match($regex, $tmp_ip)) $ips[] = $tmp_ip;
-				}
-			}
-		}
+		
 		$results = $app->db->queryAllRecords("SELECT remote_ips FROM web_database WHERE remote_ips != ''");
 		if(!empty($results) && is_array($results)){
 			foreach($results as $result){
@@ -385,6 +355,32 @@
 		return implode("\n", $domains);
 	}
 
+	public function is_allowed_user($username, $restrict_names = false) {
+		global $app;
+		
+		$name_blacklist = array('root','ispconfig','vmail','getmail');
+		if(in_array($username,$name_blacklist)) return false;
+		
+		if(preg_match('/^[a-zA-Z0-9\.\-_]{1,32}$/', $username) == false) return false;
+		
+		if($restrict_names == true && preg_match('/^web\d+$/', $username) == false) return false;
+		
+		return true;
+	}
+	
+	public function is_allowed_group($groupname, $restrict_names = false) {
+		global $app;
+		
+		$name_blacklist = array('root','ispconfig','vmail','getmail');
+		if(in_array($groupname,$name_blacklist)) return false;
+		
+		if(preg_match('/^[a-zA-Z0-9\.\-_]{1,32}$/', $groupname) == false) return false;
+		
+		if($restrict_names == true && preg_match('/^client\d+$/', $groupname) == false) return false;
+		
+		return true;
+	}
+
 }
 
 ?>

--
Gitblit v1.9.1