From 61c77268159454a8db8b52b7494b451cadf9f698 Mon Sep 17 00:00:00 2001 From: tbrehm <t.brehm@ispconfig.org> Date: Wed, 03 Mar 2010 08:31:25 -0500 Subject: [PATCH] Fixed: FS#1083 - Make some validation for Redirect paths. --- interface/web/sites/form/web_aliasdomain.tform.php | 4 ++ interface/web/sites/lib/lang/en_web_domain.lng | 1 interface/web/sites/form/web_subdomain.tform.php | 4 ++ interface/web/sites/lib/lang/en_web_subdomain.lng | 77 +++++++++++++++++++------------------- interface/web/sites/form/web_domain.tform.php | 4 ++ 5 files changed, 52 insertions(+), 38 deletions(-) diff --git a/interface/web/sites/form/web_aliasdomain.tform.php b/interface/web/sites/form/web_aliasdomain.tform.php index ef36068..e9753a4 100644 --- a/interface/web/sites/form/web_aliasdomain.tform.php +++ b/interface/web/sites/form/web_aliasdomain.tform.php @@ -111,6 +111,10 @@ 'redirect_path' => array ( 'datatype' => 'VARCHAR', 'formtype' => 'TEXT', + 'validators' => array ( 0 => array ( 'type' => 'REGEX', + 'regex' => '@^(([.]{0})|(https?://([-\w\.]+)+(:\d+)?(/([\w/_\.]*(\?\S+)?)?)?)|(/[\w/_\.\-]{1,255}/))$@', + 'errmsg'=> 'redirect_error_regex'), + ), 'default' => '', 'value' => '', 'width' => '30', diff --git a/interface/web/sites/form/web_domain.tform.php b/interface/web/sites/form/web_domain.tform.php index 1e5afad..d5ef328 100644 --- a/interface/web/sites/form/web_domain.tform.php +++ b/interface/web/sites/form/web_domain.tform.php @@ -223,6 +223,10 @@ ), 'redirect_path' => array ( 'datatype' => 'VARCHAR', + 'validators' => array ( 0 => array ( 'type' => 'REGEX', + 'regex' => '@^(([.]{0})|(https?://([-\w\.]+)+(:\d+)?(/([\w/_\.]*(\?\S+)?)?)?)|(/[\w/_\.\-]{1,255}/))$@', + 'errmsg'=> 'redirect_error_regex'), + ), 'formtype' => 'TEXT', 'default' => '', 'value' => '', diff --git a/interface/web/sites/form/web_subdomain.tform.php b/interface/web/sites/form/web_subdomain.tform.php index f6cc6f8..f9bfcd5 100644 --- a/interface/web/sites/form/web_subdomain.tform.php +++ b/interface/web/sites/form/web_subdomain.tform.php @@ -111,6 +111,10 @@ 'redirect_path' => array ( 'datatype' => 'VARCHAR', 'formtype' => 'TEXT', + 'validators' => array ( 0 => array ( 'type' => 'REGEX', + 'regex' => '@^(([.]{0})|(https?://([-\w\.]+)+(:\d+)?(/([\w/_\.]*(\?\S+)?)?)?)|(/[\w/_\.\-]{1,255}/))$@', + 'errmsg'=> 'redirect_error_regex'), + ), 'default' => '', 'value' => '', 'width' => '30', diff --git a/interface/web/sites/lib/lang/en_web_domain.lng b/interface/web/sites/lib/lang/en_web_domain.lng index ba874b5..fa15cda 100644 --- a/interface/web/sites/lib/lang/en_web_domain.lng +++ b/interface/web/sites/lib/lang/en_web_domain.lng @@ -55,4 +55,5 @@ $wb["ssl_organistaion_unit_error_regex"] = 'Invalid SSL Organisation Unit. Valid characters are: a-z, 0-9 and .,-_'; $wb["ssl_country_error_regex"] = 'Invalid SSL Country. Valid characters are: A-Z'; $wb["limit_traffic_quota_free_txt"] = 'Max. available Traffic Quota'; +$wb["redirect_error_regex"] = 'Invalid redirect path. Valid redirects are for example: /test/ or http://www.domain.tld/test/'; ?> diff --git a/interface/web/sites/lib/lang/en_web_subdomain.lng b/interface/web/sites/lib/lang/en_web_subdomain.lng index ef71003..6bd3b08 100644 --- a/interface/web/sites/lib/lang/en_web_subdomain.lng +++ b/interface/web/sites/lib/lang/en_web_subdomain.lng @@ -1,39 +1,40 @@ -<?php -$wb["ssl_state_txt"] = 'State'; -$wb["ssl_locality_txt"] = 'Locality'; -$wb["ssl_organisation_txt"] = 'Organisation'; -$wb["ssl_organisation_unit_txt"] = 'Organisation Unit'; -$wb["ssl_country_txt"] = 'Country'; -$wb["ssl_request_txt"] = 'SSL Request'; -$wb["ssl_cert_txt"] = 'SSL Certificate'; -$wb["ssl_bundle_txt"] = 'SSL Bundle'; -$wb["ssl_action_txt"] = 'SSL Action'; -$wb["server_id_txt"] = 'Server'; -$wb["domain_txt"] = 'Domain'; -$wb["type_txt"] = 'Type'; -$wb["parent_domain_id_txt"] = 'Parent Website'; -$wb["redirect_type_txt"] = 'Redirect Type'; -$wb["redirect_path_txt"] = 'Redirect Path'; -$wb["active_txt"] = 'Active'; -$wb["document_root_txt"] = 'Documentroot'; -$wb["system_user_txt"] = 'Linux User'; -$wb["system_group_txt"] = 'Linux Group'; -$wb["ip_address_txt"] = 'IP-Address'; -$wb["vhost_type_txt"] = 'VHost Type'; -$wb["hd_quota_txt"] = 'Harddisk Quota'; -$wb["traffic_quota_txt"] = 'Traffic Quaota'; -$wb["cgi_txt"] = 'CGI'; -$wb["ssi_txt"] = 'SSI'; -$wb["ssl_txt"] = 'SSL'; -$wb["suexec_txt"] = 'SuEXEC'; -$wb["php_txt"] = 'PHP'; -$wb["client_txt"] = 'Client'; -$wb["limit_web_domain_txt"] = 'The max. number of web domains for your account is reached.'; -$wb["limit_web_aliasdomain_txt"] = 'The max. number of aliasdomains for your account is reached.'; -$wb["limit_web_subdomain_txt"] = 'The max. number of web subdomains for your account is reached.'; -$wb["apache_directives_txt"] = 'Apache directives'; -$wb["domain_error_empty"] = 'Domain is empty.'; -$wb["domain_error_unique"] = 'There is already a website or sub / aliasdomain with this domain name.'; -$wb["domain_error_regex"] = 'Domain name invalid.'; -$wb["host_txt"] = 'Host'; +<?php +$wb["ssl_state_txt"] = 'State'; +$wb["ssl_locality_txt"] = 'Locality'; +$wb["ssl_organisation_txt"] = 'Organisation'; +$wb["ssl_organisation_unit_txt"] = 'Organisation Unit'; +$wb["ssl_country_txt"] = 'Country'; +$wb["ssl_request_txt"] = 'SSL Request'; +$wb["ssl_cert_txt"] = 'SSL Certificate'; +$wb["ssl_bundle_txt"] = 'SSL Bundle'; +$wb["ssl_action_txt"] = 'SSL Action'; +$wb["server_id_txt"] = 'Server'; +$wb["domain_txt"] = 'Domain'; +$wb["type_txt"] = 'Type'; +$wb["parent_domain_id_txt"] = 'Parent Website'; +$wb["redirect_type_txt"] = 'Redirect Type'; +$wb["redirect_path_txt"] = 'Redirect Path'; +$wb["active_txt"] = 'Active'; +$wb["document_root_txt"] = 'Documentroot'; +$wb["system_user_txt"] = 'Linux User'; +$wb["system_group_txt"] = 'Linux Group'; +$wb["ip_address_txt"] = 'IP-Address'; +$wb["vhost_type_txt"] = 'VHost Type'; +$wb["hd_quota_txt"] = 'Harddisk Quota'; +$wb["traffic_quota_txt"] = 'Traffic Quaota'; +$wb["cgi_txt"] = 'CGI'; +$wb["ssi_txt"] = 'SSI'; +$wb["ssl_txt"] = 'SSL'; +$wb["suexec_txt"] = 'SuEXEC'; +$wb["php_txt"] = 'PHP'; +$wb["client_txt"] = 'Client'; +$wb["limit_web_domain_txt"] = 'The max. number of web domains for your account is reached.'; +$wb["limit_web_aliasdomain_txt"] = 'The max. number of aliasdomains for your account is reached.'; +$wb["limit_web_subdomain_txt"] = 'The max. number of web subdomains for your account is reached.'; +$wb["apache_directives_txt"] = 'Apache directives'; +$wb["domain_error_empty"] = 'Domain is empty.'; +$wb["domain_error_unique"] = 'There is already a website or sub / aliasdomain with this domain name.'; +$wb["domain_error_regex"] = 'Domain name invalid.'; +$wb["host_txt"] = 'Host'; +$wb["redirect_error_regex"] = 'Invalid redirect path. Valid redirects are for example: /test/ or http://www.domain.tld/test/'; ?> \ No newline at end of file -- Gitblit v1.9.1