From 62be77b87821b9f794bbe2aaa2a67072a2af64c8 Mon Sep 17 00:00:00 2001 From: Ryan Wagoner Date: Sun, 18 Feb 2007 01:12:06 +0000 Subject: -only allow Aa-Zz 0-9 _ - in the ups name field -correct field names for input validation --- packages/nut/nut.inc | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) (limited to 'packages/nut') diff --git a/packages/nut/nut.inc b/packages/nut/nut.inc index 32af50cf..abf3e73f 100644 --- a/packages/nut/nut.inc +++ b/packages/nut/nut.inc @@ -129,23 +129,27 @@ /* monitor remote validation */ if($post['monitor'] == 'remote') { if(!$post['remotename']) - $input_errors[] = 'You must specify a name in the \'Remote Name\' field'; + $input_errors[] = 'You must specify a name in the \'Remote UPS Name\' field'; + if($post['remotename'] && !eregi('^[a-z0-9_.-]+$', $post['remotename'])) + $input_errors[] = 'Only [Aa-Zz], [0-9], and [-_] accepted in the \'Remote UPS Name\' field'; if(!$post['remoteaddr'] || !nut_validate_ip($post['remoteaddr'],false)) - $input_errors[] = 'You must specify a valid address \'Remote Address\' field'; + $input_errors[] = 'You must specify a valid address \'Remote UPS Address\' field'; if(!$post['remoteuser']) - $input_errors[] = 'You must specify a name in the \'Remote User\' field'; + $input_errors[] = 'You must specify a name in the \'Remote UPS User\' field'; if(!$post['remotepass']) - $input_errors[] = 'You must specify a name in the \'Remote Password\' field'; + $input_errors[] = 'You must specify a name in the \'Remote UPS Password\' field'; } /* monitor local validation */ elseif($post['monitor'] == 'local') { if(!$post['name']) - $input_errors[] = 'You must specify a name in the \'Name\' field'; + $input_errors[] = 'You must specify a name in the \'Local UPS Name\' field'; + if($post['name'] && !eregi('^[a-z0-9_.-]+$', $post['name'])) + $input_errors[] = 'Only [Aa-Zz], [0-9], and [-_] accepted in the \'Local UPS Name\' field'; if(!$post['driver']) - $input_errors[] = 'You must select a driver in the \'Driver\' field'; + $input_errors[] = 'You must select a driver in the \'Local UPS Driver\' field'; if(!$post['port']) - $input_errors[] = 'You must select a port in the \'Port\' field'; + $input_errors[] = 'You must select a port in the \'Local UPS Port\' field'; if($post['allowaddr'] && !nut_validate_ip($post['allowaddr'],true)) $input_errors[] = 'You must specify a valid address \'Local Remote Access Address\' field'; } -- cgit v1.2.3