diff options
| author | Chris Buechler <cmb@pfsense.org> | 2010-06-10 01:58:22 -0400 |
|---|---|---|
| committer | Chris Buechler <cmb@pfsense.org> | 2010-06-10 01:58:22 -0400 |
| commit | c43d7a4ec17aa30de383968797b96a2c557cbd50 (patch) | |
| tree | a02f7be5eda998a4ef4e779dbd73cbd01ec6a03a /config/openbgpd | |
| parent | 3cadd57113a721bf41344f701d396e4964965ffb (diff) | |
| download | pfsense-packages-c43d7a4ec17aa30de383968797b96a2c557cbd50.tar.gz pfsense-packages-c43d7a4ec17aa30de383968797b96a2c557cbd50.tar.bz2 pfsense-packages-c43d7a4ec17aa30de383968797b96a2c557cbd50.zip | |
Add input validation for most fields. Remove broken input validation that made editing groups impossible.
Still don't have input validation for parameters, nor validation ensuring groups that are in use cannot be deleted.
Diffstat (limited to 'config/openbgpd')
| -rw-r--r-- | config/openbgpd/openbgpd.inc | 35 | ||||
| -rw-r--r-- | config/openbgpd/openbgpd.xml | 5 | ||||
| -rw-r--r-- | config/openbgpd/openbgpd_groups.xml | 4 |
3 files changed, 40 insertions, 4 deletions
diff --git a/config/openbgpd/openbgpd.inc b/config/openbgpd/openbgpd.inc index 4bf352c9..35485d3e 100644 --- a/config/openbgpd/openbgpd.inc +++ b/config/openbgpd/openbgpd.inc @@ -245,6 +245,41 @@ function check_group_usage($groupname) { return ""; } +function bgpd_validate_input() { + global $config, $g, $input_errors; + + + if (!empty($_POST['asnum']) && !is_numeric($_POST['asnum'])) + $input_errors[] = "AS must be entered as a number only."; + + if (!empty($_POST['routerid']) && !is_ipaddr($_POST['routerid'])) + $input_errors[] = "Router ID must be an IP address."; + + if (!empty($_POST['holdtime']) && !is_numeric($_POST['holdtime'])) + $input_errors[] = "Holdtime must be entered as a number."; + + if (!empty($_POST['listenip']) && !is_ipaddr($_POST['listenip'])) + $input_errors[] = "Listen IP must be an IP address or blank to bind to all IPs."; + +} + +function bgpd_validate_group() { + global $config, $g, $id, $input_errors; + + if (!is_numeric($_POST['remoteas'])) + $input_errors[] = "Remote AS must be entered as a number only."; + + if ($_POST['name'] == "") + $input_errors[] = "You must enter a name."; + + $_POST['name'] = remove_bad_chars($_POST['name']); + +} + +function remove_bad_chars($string) { + return preg_replace('/[^a-z|_|0-9]/i','',$string); +} + function grey_out_value_boxes() { echo <<<EOF <script language="javascript"> diff --git a/config/openbgpd/openbgpd.xml b/config/openbgpd/openbgpd.xml index f1130720..2d28de0f 100644 --- a/config/openbgpd/openbgpd.xml +++ b/config/openbgpd/openbgpd.xml @@ -132,7 +132,7 @@ <field> <fielddescr>Listen on IP</fielddescr> <fieldname>listenip</fieldname> - <description>Specify the local IP address bgpd(8) should listen on.</description> + <description>Specify the local IP address bgpd(8) should listen on, or leave blank to bind to all IPs.</description> <type>input</type> </field> @@ -166,4 +166,7 @@ <custom_php_resync_config_command> openbgpd_install_conf(); </custom_php_resync_config_command> + <custom_php_validation_command> + bgpd_validate_input(); + </custom_php_validation_command> </packagegui> diff --git a/config/openbgpd/openbgpd_groups.xml b/config/openbgpd/openbgpd_groups.xml index 7f479427..f43ab466 100644 --- a/config/openbgpd/openbgpd_groups.xml +++ b/config/openbgpd/openbgpd_groups.xml @@ -112,8 +112,6 @@ openbgpd_install_conf(); </custom_php_resync_config_command> <custom_php_validation_command> - $status = check_group_usage($_POST['groupname']); - if($status != "") - $input_errors[] = "Sorry this group is in use by {$status} and cannot be deleted."; + bgpd_validate_group(); </custom_php_validation_command> </packagegui> |