From b3879db49f2473f56894aeb22eb5391a29489d34 Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Tue, 27 Apr 2010 21:54:42 -0400 Subject: Add input validation for the LB directors form --- config/varnish64/varnish.inc | 9 ++++++++- config/varnish64/varnish_lb_directors.xml | 3 +++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/config/varnish64/varnish.inc b/config/varnish64/varnish.inc index 735152f7..295533b9 100644 --- a/config/varnish64/varnish.inc +++ b/config/varnish64/varnish.inc @@ -31,8 +31,15 @@ */ /* ========================================================================== */ +function varnish_lb_directors_post_validate($post, $input_errors) { + if (preg_match("/[^a-zA-Z0-9]/", $post['directorname'])) + $input_errors[] = "The directorname name must only contain the characters a-Z or 0-9"; + if(stristr($post['directorurl'], 'http')) + $input_errors[] = "You do not need to include the http:// string in the director URL"; +} + function varnish_backends_post_validate($post, $input_errors) { - if (preg_match("/[^a-zA-Z0-9\.\-_]/", $post['backendname'])) + if (preg_match("/[^a-zA-Z0-9]/", $post['backendname'])) $input_errors[] = "The backend name must only contain the characters a-Z or 0-9"; if(!is_ipaddr($post['ipaddress'])) $input_errors[] = "A valid IP address is required for the field 'IPAddress'"; diff --git a/config/varnish64/varnish_lb_directors.xml b/config/varnish64/varnish_lb_directors.xml index ae596227..38431414 100644 --- a/config/varnish64/varnish_lb_directors.xml +++ b/config/varnish64/varnish_lb_directors.xml @@ -161,4 +161,7 @@ sync_package_varnish(); varnish_start(); + + varnish_lb_directors_post_validate($_POST, &$input_errors); + \ No newline at end of file -- cgit v1.2.3