From 63f0333cf8e2832126c225f464e6613bb40693bd Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Tue, 27 Apr 2010 22:08:53 -0400 Subject: Add input validation for the settings page --- config/varnish64/varnish.inc | 13 +++++++++++++ config/varnish64/varnish_settings.xml | 3 +++ 2 files changed, 16 insertions(+) (limited to 'config/varnish64') diff --git a/config/varnish64/varnish.inc b/config/varnish64/varnish.inc index 295533b9..d2d10e2c 100644 --- a/config/varnish64/varnish.inc +++ b/config/varnish64/varnish.inc @@ -31,6 +31,19 @@ */ /* ========================================================================== */ +function varnish_settings_post_validate($post, $input_errors) { + if($post['storagesize'] && !is_int($post['storagesize'])) + $input_errors[] = "A valid number is required for the field 'Storage type'"; + if($post['listeningport'] && !is_int($post['listeningport'])) + $input_errors[] = "A valid number is required for the field 'Listening port'"; + if($post['minworkers'] && !is_int($post['minworkers'])) + $input_errors[] = "A valid number is required for the field 'Minimum worker threads'"; + if($post['maxworkers'] && !is_int($post['maxworkers'])) + $input_errors[] = "A valid number is required for the field 'Maximum worker threads'"; + if($post['timeoutworkers'] && !is_int($post['timeoutworkers'])) + $input_errors[] = "A valid number is required for the field 'Worker thread timeout'"; +} + function varnish_lb_directors_post_validate($post, $input_errors) { if (preg_match("/[^a-zA-Z0-9]/", $post['directorname'])) $input_errors[] = "The directorname name must only contain the characters a-Z or 0-9"; diff --git a/config/varnish64/varnish_settings.xml b/config/varnish64/varnish_settings.xml index 82f1fa18..c3304c1a 100644 --- a/config/varnish64/varnish_settings.xml +++ b/config/varnish64/varnish_settings.xml @@ -120,4 +120,7 @@ sync_package_varnish(); varnish_start(); + + varnish_settings_post_validate($_POST, &$input_errors); + \ No newline at end of file -- cgit v1.2.3