$pconfig['url'] = $a_checkip[$id]['url']; $pconfig['username'] = $a_checkip[$id]['username']; $pconfig['password'] = $a_checkip[$id]['password']; $pconfig['verifysslpeer'] = isset($a_checkip[$id]['verifysslpeer']); $pconfig['descr'] = $a_checkip[$id]['descr']; } if ($_POST) { unset($input_errors); $pconfig = $_POST; /* input validation */ $reqdfields = array(); $reqdfieldsn = array(); $reqdfields = array_merge($reqdfields, explode(" ", "name url")); $reqdfieldsn = array_merge($reqdfieldsn, array(gettext("Name"), gettext("URL"))); do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if ($_POST['name'] && !is_validaliasname($_POST['name'])) { $input_errors[] = gettext("The Check IP Service name contains invalid characters."); } if ($_POST['url'] && !is_URL($_POST['url'])) { $input_errors[] = gettext("The Check IP Service URL is not valid."); } if ($_POST['passwordfld'] != $_POST['passwordfld_confirm']) { $input_errors[] = gettext("Password and confirmed password must match."); } if (!$input_errors) { $checkip = array(); $checkip['enable'] = $_POST['enable'] ? true : false; $checkip['name'] = $_POST['name']; $checkip['url'] = $_POST['url']; $checkip['username'] = $_POST['username']; if ($_POST['passwordfld'] != DMYPWD) {
} if ($_POST) { unset($input_errors); $vertical_bar_err_text = gettext("Vertical bars (|) at start or end, or double in the middle of descriptions not allowed. Descriptions have been cleaned. Check and save again."); /* input validation */ $reqdfields = explode(" ", "name"); $reqdfieldsn = array(gettext("Name")); do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); $x = is_validaliasname($_POST['name']); if (!isset($x)) { $input_errors[] = gettext("Reserved word used for alias name."); } else { if ($_POST['type'] == "port" && (getservbyname($_POST['name'], "tcp") || getservbyname($_POST['name'], "udp"))) { $input_errors[] = gettext("Reserved word used for alias name."); } else { if (is_validaliasname($_POST['name']) == false) { $input_errors[] = gettext("The alias name must be less than 32 characters long, may not consist of only numbers, and may only contain the following characters") . " a-z, A-Z, 0-9, _."; } } } /* check for name conflicts */ foreach ($a_aliases as $key => $alias) { if ($alias['name'] == $_POST['name'] && (empty($a_aliases[$id]) || $key != $id)) { $input_errors[] = gettext("An alias with this name already exists."); break; } } /* Check for reserved keyword names */ foreach ($reserved_keywords as $rk) { if ($rk == $_POST['name']) { $input_errors[] = sprintf(gettext("Cannot use a reserved keyword as alias name %s"), $rk);
$pconfig['item'] = array(); } } elseif ($_SERVER['REQUEST_METHOD'] === 'POST') { $pconfig = $_POST; if (isset($_POST['id']) && isset($a_gateway_groups[$_POST['id']])) { $id = $_POST['id']; } $input_errors = array(); /* input validation */ $reqdfields = explode(" ", "name"); $reqdfieldsn = explode(",", "Name"); do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (empty($pconfig['name'])) { $input_errors[] = gettext("A valid gateway group name must be specified."); } if (!is_validaliasname($pconfig['name'])) { $input_errors[] = gettext("The gateway name must not contain invalid characters."); } if (!empty($pconfig['name'])) { /* check for overlaps */ if (is_array($a_gateway_groups)) { foreach ($a_gateway_groups as $gateway_group) { if (isset($id) && $a_gateway_groups[$id] && $a_gateway_groups[$id] === $gateway_group) { if ($gateway_group['name'] != $pconfig['name']) { $input_errors[] = gettext("Changing name on a gateway group is not allowed."); } continue; } if ($gateway_group['name'] == $pconfig['name']) { $input_errors[] = sprintf(gettext('A gateway group with this name "%s" already exists.'), $pconfig['name']); break;
} $reserved_ifs = get_configured_interface_list(false, true); $reserved_keywords = array_merge($reserved_keywords, $reserved_ifs, $reserved_table_names); foreach ($reserved_keywords as $rk) { if ($rk == $pconfig['name']) { $input_errors[] = sprintf(gettext("Cannot use a reserved keyword as alias name %s"), $rk); } } /* check for name interface description conflicts */ foreach ($config['interfaces'] as $interface) { if ($interface['descr'] == $pconfig['name']) { $input_errors[] = gettext("An interface description with this name already exists."); break; } } if (is_validaliasname($pconfig['name']) !== true) { $input_errors[] = gettext("The alias name must be less than 32 characters long and may only consist of the characters") . " a-z, A-Z, 0-9, _."; } if (!empty($pconfig['updatefreq']) && !is_numericint($pconfig['updatefreq'])) { $input_errors[] = gettext("Update Frequency should be a number"); } /* check for name conflicts */ if (empty($a_aliases[$id])) { foreach ($a_aliases as $alias) { if ($alias['name'] == $_POST['name']) { $input_errors[] = gettext("An alias with this name already exists."); break; } } } /* user may not change type */
} if (!isset($config['aliases']['alias'])) { $config['aliases']['alias'] = array(); } if ($_SERVER['REQUEST_METHOD'] === 'GET') { // initialize form vars $pconfig = array("name" => null, "descr" => null, "aliasimport" => null); } elseif ($_SERVER['REQUEST_METHOD'] === 'POST') { // save form data $input_errors = array(); $pconfig = $_POST; // input validation $reqdfields = explode(" ", "name aliasimport"); $reqdfieldsn = array(gettext("Name"), gettext("Aliases")); do_input_validation($pconfig, $reqdfields, $reqdfieldsn, $input_errors); if (is_validaliasname($pconfig['name']) == false) { $input_errors[] = gettext("The alias name may only consist of the characters") . " a-z, A-Z, 0-9, _."; } /* check for name duplicates */ if (is_alias($pconfig['name'])) { $input_errors[] = gettext("An alias with this name already exists."); } // Add all Load balance names to reserved_keywords if (isset($config['load_balancer']['lbpool'])) { foreach ($config['load_balancer']['lbpool'] as $lbpool) { $reserved_keywords[] = $lbpool['name']; } } // Keywords not allowed in names $reserved_keywords = array("all", "pass", "block", "out", "queue", "max", "min", "pptp", "pppoe", "L2TP", "OpenVPN", "IPsec"); $reserved_ifs = get_configured_interface_list(false, true);
} elseif ($_SERVER['REQUEST_METHOD'] === 'POST') { if (isset($_POST['id']) && isset($a_schedules[$_POST['id']])) { $id = $_POST['id']; } $pconfig = $_POST; // validate if (strtolower($pconfig['name']) == "lan") { $input_errors[] = gettext("Schedule may not be named LAN."); } if (strtolower($pconfig['name']) == "wan") { $input_errors[] = gettext("Schedule may not be named WAN."); } if (strtolower($pconfig['name']) == "") { $input_errors[] = gettext("Schedule name cannot be blank."); } $x = is_validaliasname($pconfig['name']); if (!isset($x)) { $input_errors[] = gettext("Reserved word used for schedule name."); } elseif ($x == false) { $input_errors[] = gettext("The schedule name may only consist of the characters a-z, A-Z, 0-9"); } /* check for name conflicts */ foreach ($a_schedules as $schedId => $schedule) { if ($schedId != $id && $schedule['name'] == $pconfig['name']) { $input_errors[] = gettext("A Schedule with this name already exists."); break; } } // parse time ranges $pconfig['timerange'] = array(); $timerangeFound = false;