diff options
| author | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2009-01-31 23:48:46 +0000 |
|---|---|---|
| committer | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2009-01-31 23:48:46 +0000 |
| commit | 1891fd835cc3cd60d7c3a2ec8bf90b51ca261bf0 (patch) | |
| tree | ff43d8cdfef537a33f87076a2fdab8fc897bcbe8 /lib/class | |
| parent | 75d22768ec66353cc2e28489865acbba002b0aae (diff) | |
| download | ampache-1891fd835cc3cd60d7c3a2ec8bf90b51ca261bf0.tar.gz ampache-1891fd835cc3cd60d7c3a2ec8bf90b51ca261bf0.tar.bz2 ampache-1891fd835cc3cd60d7c3a2ec8bf90b51ca261bf0.zip | |
ACL with IPv6 should be working / testing now
Diffstat (limited to 'lib/class')
| -rw-r--r-- | lib/class/access.class.php | 45 |
1 files changed, 43 insertions, 2 deletions
diff --git a/lib/class/access.class.php b/lib/class/access.class.php index 9f8e6016..28a98073 100644 --- a/lib/class/access.class.php +++ b/lib/class/access.class.php @@ -120,9 +120,27 @@ class Access { public static function create($data) { /* We need to verify the incomming data a littlebit */ + $start = @inet_pton($data['start']); + $end = @inet_pton($data['end']); - $start = Dba::escape(inet_pton($data['start'])); - $end = Dba::escape(inet_pton($data['end'])); + if (!$start AND $data['start'] != '0.0.0.0' AND $data['start'] != '::') { + Error::add('start',_('Invalid IPv4 / IPv6 Address Entered')); + return false; + } + if (!$end) { + Error::add('end',_('Invalid IPv4 / IPv6 Address Entered')); + return false; + } + + // Check existing ACL's to make sure we're not duplicating values here + if (self::exists($data)) { + debug_event('ACL Create','Error did not create duplicate ACL entrie for ' . $data['start'] . ' - ' . $data['end'],'1'); + return false; + } + + + $start = Dba::escape($start); + $end = Dba::escape($end); $name = Dba::escape($data['name']); $key = Dba::escape($data['key']); $user = $data['user'] ? Dba::escape($data['user']) : '-1'; @@ -139,6 +157,29 @@ class Access { } // create /** + * exists + * this sees if the ACL that we've specified already exists, prevent duplicates. This ignores the name + */ + public static function exists($data) { + + $start = Dba::escape(inet_pton($data['start'])); + $end = Dba::escape(inet_pton($data['end'])); + $type = self::validate_type($data['type']); + $user = $data['user'] ? Dba::escape($data['user']) : '-1'; + + $sql = "SELECT * FROM `access_list` WHERE `start`='$start' AND `end` = '$end' " . + "AND `type`='$type' AND `user`='$user'"; + $db_results = Dba::read($sql); + + if (Dba::fetch_assoc($db_results)) { + return true; + } + + return false; + + } // exists + + /** * delete * deletes the specified access_list entry */ |