} # check the interface name. valid values are alphanumeric characters and special characters like ".-_/ " if ($_POST['interface'] && !preg_match('/^[0-9a-zA-Z.\\/\\-_ ]+$/i', $_POST['interface'])) { $Result->show("danger", _("Invalid interface."), true); } if ($_POST['action'] != 'delete') { # check the zone ID. valid value: integer if (!preg_match('/^[0-9]+$/i', $_POST['zoneId'])) { $Result->show("danger", _("Invalid zone ID."), true); } elseif (preg_match('/^0$/i', $_POST['zoneId'])) { $Result->show("danger", _("Invalid zone ID."), true); } # check the device ID. valid value: integer if (!preg_match('/^[0-9]+$/i', $_POST['deviceId'])) { $Result->show("danger", _("Invalid device ID."), true); } elseif (preg_match('/^0$/i', $_POST['deviceId'])) { $Result->show("danger", _("Please select a device."), true); } # check the mapping ID. valid value: integer if ($_POST['id'] && !preg_match('/^[0-9]+$/i', $_POST['id'])) { $Result->show("danger", _("Invalid mapping ID."), true); } } # build the query parameter arrary $values = array('id' => $_POST['id'], 'zoneId' => $_POST['zoneId'], 'alias' => $_POST['alias'], 'deviceId' => $_POST['deviceId'], 'interface' => $_POST['interface']); # modify if (!$Zones->modify_mapping($_POST['action'], $values)) { $Result->show("danger", _("Cannot add mapping"), true); } else { $Result->show("success", _("Mapping modified successfully"), true); }
$Result->show("danger", _("Invalid or no zone ID. "), true); } # validate $_POST['deviceId'] values if ($_POST['deviceId'] && !preg_match('/^[0-9]+$/i', $_POST['deviceId'])) { $Result->show("danger", _("Invalid device ID. Do not manipulate the POST values!"), true); } # check the zone alias. valid values are alphanumeric characters and special characters like ".-_ " if ($_POST['alias'] && !preg_match('/^[0-9a-zA-Z.\\/\\-_ ]+$/i', $_POST['alias'])) { $Result->show("danger", _("Invalid zone alias value."), true); } # check the interface name. valid values are alphanumeric characters and special characters like ".-_/ " if ($_POST['interface'] && !preg_match('/^[0-9a-zA-Z.\\/\\-_ ]+$/i', $_POST['interface'])) { $Result->show("danger", _("Invalid interface."), true); } # check if there is any device mapping necessary if ($_POST['deviceId']) { # build the query parameter arrary $values = array('id' => '', 'zoneId' => $_POST['zoneId'], 'alias' => $_POST['alias'], 'deviceId' => $_POST['deviceId'], 'interface' => $_POST['interface']); # modify if (!$Zones->modify_mapping('add', $values)) { $Result->show("danger", _("Cannot add mapping"), true); } } # check and then add the network to the zone if possible if ($Zones->check_zone_network($_POST['subnetId'])) { if (!$Zones->add_zone_network($_POST['zoneId'], $_POST['subnetId'])) { $Result->show("danger", _("Cannot add this network to a zone."), true); } else { $Result->show("success", _("Zone modified successfully"), true); } }