diff options
| author | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2009-02-01 01:06:46 +0000 |
|---|---|---|
| committer | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2009-02-01 01:06:46 +0000 |
| commit | b9a2603025483deefbf7636de3f6c0786e95d293 (patch) | |
| tree | 5d2ece594fbed8a58874830c42d8182f025ef16b /lib/class/access.class.php | |
| parent | 1891fd835cc3cd60d7c3a2ec8bf90b51ca261bf0 (diff) | |
| download | ampache-b9a2603025483deefbf7636de3f6c0786e95d293.tar.gz ampache-b9a2603025483deefbf7636de3f6c0786e95d293.tar.bz2 ampache-b9a2603025483deefbf7636de3f6c0786e95d293.zip | |
Finish IPv6 support
Diffstat (limited to 'lib/class/access.class.php')
| -rw-r--r-- | lib/class/access.class.php | 28 |
1 files changed, 26 insertions, 2 deletions
diff --git a/lib/class/access.class.php b/lib/class/access.class.php index 28a98073..73c50b5e 100644 --- a/lib/class/access.class.php +++ b/lib/class/access.class.php @@ -94,6 +94,25 @@ class Access { */ public function update($data) { + /* We need to verify the incomming data a littlebit */ + $start = @inet_pton($data['start']); + $end = @inet_pton($data['end']); + + if (!$start AND $data['start'] != '0.0.0.0' AND $data['start'] != '::') { + Error::add('start',_('Invalid IPv4 / IPv6 Address Entered')); + return false; + } + if (!$end) { + Error::add('end',_('Invalid IPv4 / IPv6 Address Entered')); + return false; + } + + if (strlen(bin2hex($start)) != strlen(bin2hex($end))) { + Error::add('start',_('IP Address Version Mismatch')); + Error::add('end',_('IP Address Version Mismatch')); + return false; + } + $name = Dba::escape($data['name']); $type = self::validate_type($data['type']); $start = Dba::escape(inet_pton($data['start'])); @@ -132,13 +151,18 @@ class Access { return false; } + if (strlen(bin2hex($start)) != strlen(bin2hex($end))) { + Error::add('start',_('IP Address Version Mismatch')); + Error::add('end',_('IP Address Version Mismatch')); + return false; + } + // Check existing ACL's to make sure we're not duplicating values here if (self::exists($data)) { debug_event('ACL Create','Error did not create duplicate ACL entrie for ' . $data['start'] . ' - ' . $data['end'],'1'); return false; } - $start = Dba::escape($start); $end = Dba::escape($end); $name = Dba::escape($data['name']); @@ -237,7 +261,7 @@ class Access { } // end if access control is turned off // Clean incomming variables - $ip = $ip ? inet_pton($ip) : inet_pton($_SERVER['REMOTE_ADDR']); + $ip = $ip ? Dba::escape(inet_pton($ip)) : Dba::escape(inet_pton($_SERVER['REMOTE_ADDR'])); $user = Dba::escape($user); $key = Dba::escape($key); $level = Dba::escape($level); |