From d998c5cf12d1bfa4da7b3e0c21555b230d989bca Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Tue, 27 Apr 2010 21:48:44 -0400 Subject: Add input validation for the Backends form --- config/varnish64/varnish.inc | 25 +++++++++++++++++++++++-- config/varnish64/varnish_backends.xml | 19 ++++++++++++------- 2 files changed, 35 insertions(+), 9 deletions(-) (limited to 'config/varnish64') diff --git a/config/varnish64/varnish.inc b/config/varnish64/varnish.inc index 7535b1bb..735152f7 100644 --- a/config/varnish64/varnish.inc +++ b/config/varnish64/varnish.inc @@ -31,12 +31,33 @@ */ /* ========================================================================== */ +function varnish_backends_post_validate($post, $input_errors) { + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $post['backendname'])) + $input_errors[] = "The backend name must only contain the characters a-Z or 0-9"; + if(!is_ipaddr($post['ipaddress'])) + $input_errors[] = "A valid IP address is required for the field 'IPAddress'"; + if($post['first_byte_timeout'] && !is_int($post['first_byte_timeout'])) + $input_errors[] = "A valid number is required for the field 'first byte timeout'"; + if($post['connect_timeout'] && !is_int($post['connect_timeout'])) + $input_errors[] = "A valid number is required for the field 'connect timeout'"; + if($post['probe_interval'] && !is_int($post['probe_interval'])) + $input_errors[] = "A valid number is required for the field 'probe interval'"; + if($post['probe_interval'] && !is_int($post['probe_interval'])) + $input_errors[] = "A valid number is required for the field 'probe interval'"; + if($post['probe_timeout'] && !is_int($post['probe_timeout'])) + $input_errors[] = "A valid number is required for the field 'probe timeout'"; + if($post['probe_window'] && !is_int($post['probe_window'])) + $input_errors[] = "A valid number is required for the field 'probe window'"; + if($post['probe_threshold'] && !is_int($post['probe_threshold'])) + $input_errors[] = "A valid number is required for the field 'probe threshold'"; +} + function varnish_install() { - create_varnish_rcd_file(); + create_varnish_rcd_file(); } function varnish_deinstall() { - create_varnish_rcd_file(); + create_varnish_rcd_file(); } function varnish_start() { diff --git a/config/varnish64/varnish_backends.xml b/config/varnish64/varnish_backends.xml index 65a03499..68736c44 100644 --- a/config/varnish64/varnish_backends.xml +++ b/config/varnish64/varnish_backends.xml @@ -108,23 +108,25 @@ - - IPAddress - ipaddress - Enter the IP Address of the backend web server. - input - Backend name backendname Enter the name of this backend web server. input + ^[a-z0-9.|-]+$ + + + IPAddress + ipaddress + Enter the IP Address of the backend web server. + input Port port Enter the TCP/IP port of the webserver. input + ^[0-9]+$ First byte timeout @@ -140,7 +142,7 @@ Probe URL - probe_url + probe_interval Enter the URL that varnish will use to ensure that this backend is healthy. input @@ -196,4 +198,7 @@ sync_package_varnish(); varnish_start(); + + varnish_backends_post_validate($_POST, &$input_errors); + \ No newline at end of file -- cgit v1.2.3