From d83abe0860e13d599b34e7e150e4ba2fd571db93 Mon Sep 17 00:00:00 2001
From: Florian Schaal <florian@schaal-24.de>
Date: Thu, 25 Feb 2016 02:27:22 -0500
Subject: [PATCH] validate serverip depending on ipv4/ipv6
---
interface/lib/classes/remote.d/server.inc.php | 72 ++++++++++++++++++++++++++++++------
1 files changed, 60 insertions(+), 12 deletions(-)
diff --git a/interface/lib/classes/remote.d/server.inc.php b/interface/lib/classes/remote.d/server.inc.php
index 80d7f4d..eb4a8b9 100644
--- a/interface/lib/classes/remote.d/server.inc.php
+++ b/interface/lib/classes/remote.d/server.inc.php
@@ -55,9 +55,23 @@
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
- $sql = "SELECT server_id FROM server_ip WHERE ip_address = '$ipaddress' LIMIT 1 ";
- $all = $app->db->queryAllRecords($sql);
+ $sql = "SELECT server_id FROM server_ip WHERE ip_address = ? LIMIT 1";
+ $all = $app->db->queryAllRecords($sql, $ipaddress);
return $all;
+ }
+
+ //* Get server ips
+ public function server_ip_get($session_id, $primary_id)
+ {
+ global $app;
+
+ if(!$this->checkPerm($session_id, 'server_ip_get')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+ $app->uses('remoting_lib');
+ $app->remoting_lib->loadFormDef('../admin/form/server_ip.tform.php');
+ return $app->remoting_lib->getDataRecord($primary_id);
}
//* Add a IP address record
@@ -101,21 +115,55 @@
*/
- public function server_get($session_id, $server_id, $section ='') {
+ public function server_get($session_id, $server_id = null, $section ='') {
+ global $app;
+ if(!$this->checkPerm($session_id, 'server_get')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+ if (!empty($session_id)) {
+ $app->uses('remoting_lib , getconf');
+ if(!empty($server_id)) {
+ $section_config = $app->getconf->get_server_config($server_id, $section);
+ return $section_config;
+ } else {
+ $servers = array();
+ $sql = "SELECT server_id FROM server WHERE 1";
+ $all = $app->db->queryAllRecords($sql);
+ foreach($all as $s) {
+ $servers[$s['server_id']] = $app->getconf->get_server_config($s['server_id'], $section);
+ }
+ unset($all);
+ unset($s);
+ return $servers;
+ }
+ } else {
+ return false;
+ }
+ }
+
+ /**
+ Gets a list of all servers
+ @param int session_id
+ @param int server_name
+ @author Marius Cramer <m.cramer@pixcept.de> 2014
+ */
+ public function server_get_all($session_id)
+ {
global $app;
if(!$this->checkPerm($session_id, 'server_get')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
- if (!empty($session_id) && !empty($server_id)) {
- $app->uses('remoting_lib , getconf');
- $section_config = $app->getconf->get_server_config($server_id, $section);
- return $section_config;
+ if (!empty($session_id)) {
+ $sql = "SELECT server_id, server_name FROM server WHERE 1";
+ $servers = $app->db->queryAllRecords($sql);
+ return $servers;
} else {
return false;
}
}
-
+
/**
Gets the server_id by server_name
@param int session_id
@@ -130,8 +178,8 @@
return false;
}
if (!empty($session_id) && !empty($server_name)) {
- $sql = "SELECT server_id FROM server WHERE server_name = '$server_name' LIMIT 1 ";
- $all = $app->db->queryAllRecords($sql);
+ $sql = "SELECT server_id FROM server WHERE server_name = ? LIMIT 1";
+ $all = $app->db->queryAllRecords($sql, $server_name);
return $all;
} else {
return false;
@@ -152,8 +200,8 @@
return false;
}
if (!empty($session_id) && !empty($server_id)) {
- $sql = "SELECT mail_server, web_server, dns_server, file_server, db_server, vserver_server, proxy_server, firewall_server FROM server WHERE server_id = '$server_id' LIMIT 1 ";
- $all = $app->db->queryAllRecords($sql);
+ $sql = "SELECT mail_server, web_server, dns_server, file_server, db_server, vserver_server, proxy_server, firewall_server FROM server WHERE server_id = ? LIMIT 1 ";
+ $all = $app->db->queryAllRecords($sql, $server_id);
return $all;
} else {
return false;
--
Gitblit v1.9.1