diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2010-04-27 21:48:44 -0400 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2010-04-27 21:48:44 -0400 |
commit | d998c5cf12d1bfa4da7b3e0c21555b230d989bca (patch) | |
tree | 84bfe289fbb18557018e4d198268c510b9fb2a55 | |
parent | 5781f08636ae29e66ea9591616b95f6a1c080f36 (diff) | |
download | pfsense-packages-d998c5cf12d1bfa4da7b3e0c21555b230d989bca.tar.gz pfsense-packages-d998c5cf12d1bfa4da7b3e0c21555b230d989bca.tar.bz2 pfsense-packages-d998c5cf12d1bfa4da7b3e0c21555b230d989bca.zip |
Add input validation for the Backends form
-rw-r--r-- | config/varnish64/varnish.inc | 25 | ||||
-rw-r--r-- | config/varnish64/varnish_backends.xml | 19 |
2 files changed, 35 insertions, 9 deletions
diff --git a/config/varnish64/varnish.inc b/config/varnish64/varnish.inc index 7535b1bb..735152f7 100644 --- a/config/varnish64/varnish.inc +++ b/config/varnish64/varnish.inc @@ -31,12 +31,33 @@ */ /* ========================================================================== */ +function varnish_backends_post_validate($post, $input_errors) { + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $post['backendname'])) + $input_errors[] = "The backend name must only contain the characters a-Z or 0-9"; + if(!is_ipaddr($post['ipaddress'])) + $input_errors[] = "A valid IP address is required for the field 'IPAddress'"; + if($post['first_byte_timeout'] && !is_int($post['first_byte_timeout'])) + $input_errors[] = "A valid number is required for the field 'first byte timeout'"; + if($post['connect_timeout'] && !is_int($post['connect_timeout'])) + $input_errors[] = "A valid number is required for the field 'connect timeout'"; + if($post['probe_interval'] && !is_int($post['probe_interval'])) + $input_errors[] = "A valid number is required for the field 'probe interval'"; + if($post['probe_interval'] && !is_int($post['probe_interval'])) + $input_errors[] = "A valid number is required for the field 'probe interval'"; + if($post['probe_timeout'] && !is_int($post['probe_timeout'])) + $input_errors[] = "A valid number is required for the field 'probe timeout'"; + if($post['probe_window'] && !is_int($post['probe_window'])) + $input_errors[] = "A valid number is required for the field 'probe window'"; + if($post['probe_threshold'] && !is_int($post['probe_threshold'])) + $input_errors[] = "A valid number is required for the field 'probe threshold'"; +} + function varnish_install() { - create_varnish_rcd_file(); + create_varnish_rcd_file(); } function varnish_deinstall() { - create_varnish_rcd_file(); + create_varnish_rcd_file(); } function varnish_start() { diff --git a/config/varnish64/varnish_backends.xml b/config/varnish64/varnish_backends.xml index 65a03499..68736c44 100644 --- a/config/varnish64/varnish_backends.xml +++ b/config/varnish64/varnish_backends.xml @@ -109,22 +109,24 @@ </adddeleteeditpagefields> <fields> <field> - <fielddescr>IPAddress</fielddescr> - <fieldname>ipaddress</fieldname> - <description>Enter the IP Address of the backend web server.</description> - <type>input</type> - </field> - <field> <fielddescr>Backend name</fielddescr> <fieldname>backendname</fieldname> <description>Enter the name of this backend web server.</description> <type>input</type> + <validate>^[a-z0-9.|-]+$</validate> + </field> + <field> + <fielddescr>IPAddress</fielddescr> + <fieldname>ipaddress</fieldname> + <description>Enter the IP Address of the backend web server.</description> + <type>input</type> </field> <field> <fielddescr>Port</fielddescr> <fieldname>port</fieldname> <description>Enter the TCP/IP port of the webserver.</description> <type>input</type> + <validate>^[0-9]+$</validate> </field> <field> <fielddescr>First byte timeout</fielddescr> @@ -140,7 +142,7 @@ </field> <field> <fielddescr>Probe URL</fielddescr> - <fieldname>probe_url</fieldname> + <fieldname>probe_interval</fieldname> <description>Enter the URL that varnish will use to ensure that this backend is healthy.</description> <type>input</type> </field> @@ -196,4 +198,7 @@ sync_package_varnish(); varnish_start(); </custom_php_resync_config_command> + <custom_php_validation_command> + varnish_backends_post_validate($_POST, &$input_errors); + </custom_php_validation_command> </packagegui>
\ No newline at end of file |