From 9b89182d4e71dee30a69793a6c714941d8bc16cc Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Tue, 19 Jan 2010 10:53:43 -0500
Subject: [PATCH] Improved input checks in the DNS wizard. Related to: FS#939 - DNS Bug

---
 interface/web/dns/dns_wizard.php |    5 +++++
 1 files changed, 5 insertions(+), 0 deletions(-)

diff --git a/interface/web/dns/dns_wizard.php b/interface/web/dns/dns_wizard.php
index 794065c..4d0a2c9 100644
--- a/interface/web/dns/dns_wizard.php
+++ b/interface/web/dns/dns_wizard.php
@@ -137,6 +137,11 @@
 	if(isset($_POST['ns2']) && $_POST['ns2'] == '') $error .= $app->lng('error_ns2_empty').'<br />';
 	if(isset($_POST['email']) && $_POST['email'] == '') $error .= $app->lng('error_email_empty').'<br />';
 	
+	if(!preg_match('/^[\w\.\-]{2,64}\.[a-zA-Z]{2,10}[\.]{0,1}$/',$_POST['domain'])) $error .= $app->lng('error_domain_regex').'<br />';
+	if(!preg_match('/^[\w\.\-]{2,64}\.[a-zA-Z]{2,10}[\.]{0,1}$/',$_POST['ns1'])) $error .= $app->lng('error_ns1_regex').'<br />';
+	if(!preg_match('/^[\w\.\-]{2,64}\.[a-zA-Z]{2,10}[\.]{0,1}$/',$_POST['ns2'])) $error .= $app->lng('error_ns2_regex').'<br />';
+	if(!preg_match('/^\w+[\w.-]*\w+@\w+[\w.-]*\w+\.[a-z]{2,10}$/i',$_POST['email'])) $error .= $app->lng('error_email_regex').'<br />';
+	
 	// make sure that the record belongs to the clinet group and not the admin group when a dmin inserts it
 	if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($_POST['client_group_id'])) {
 		$sys_groupid = intval($_POST['client_group_id']);

--
Gitblit v1.9.1