diff options
author | Chris Buechler <cmb@pfsense.org> | 2015-09-21 20:03:43 -0500 |
---|---|---|
committer | Chris Buechler <cmb@pfsense.org> | 2015-09-21 20:03:43 -0500 |
commit | 5dae062a10da998fa2a58ba082775b534225a9ca (patch) | |
tree | e8a903407f5528b1759e962ca2b4a10224dd1a35 /src | |
parent | 44fb628614c071e67dbf290100d123c114ebaeb6 (diff) | |
download | pfsense-5dae062a10da998fa2a58ba082775b534225a9ca.zip pfsense-5dae062a10da998fa2a58ba082775b534225a9ca.tar.gz |
interfaces_gif_edit.php: improve input validation, show input errors
Diffstat (limited to 'src')
-rw-r--r-- | src/usr/local/www/interfaces_gif_edit.php | 28 |
1 files changed, 27 insertions, 1 deletions
diff --git a/src/usr/local/www/interfaces_gif_edit.php b/src/usr/local/www/interfaces_gif_edit.php index fa5e1d2..8aa8722 100644 --- a/src/usr/local/www/interfaces_gif_edit.php +++ b/src/usr/local/www/interfaces_gif_edit.php @@ -83,6 +83,28 @@ if ($_POST) { (!is_ipaddr($_POST['remote-addr']))) { $input_errors[] = gettext("The tunnel local and tunnel remote fields must have valid IP addresses."); } + + if (!is_numericint($_POST['tunnel-remote-net'])) { + $input_errors[] = gettext("The gif tunnel subnet must be an integer."); + } + + if (is_ipaddrv4($_POST['tunnel-local-addr'])) { + if (!is_ipaddrv4($_POST['tunnel-remote-addr'])) { + $input_errors[] = gettext("The gif tunnel remote address must be IPv4 where tunnel local address is IPv4."); + } + if ($_POST['tunnel-remote-net'] > 32 || $_POST['tunnel-remote-net'] < 1) { + $input_errors[] = gettext("The gif tunnel subnet must be an integer between 1 and 32."); + } + } + + if (is_ipaddrv6($_POST['tunnel-local-addr'])) { + if (!is_ipaddrv6($_POST['tunnel-remote-addr'])) { + $input_errors[] = gettext("The gif tunnel remote address must be IPv6 where tunnel local address is IPv6."); + } + if ($_POST['tunnel-remote-net'] > 128 || $_POST['tunnel-remote-net'] < 1) { + $input_errors[] = gettext("The gif tunnel subnet must be an integer between 1 and 128."); + } + } $alias = strstr($_POST['if'], '|'); if ((is_ipaddrv4($alias) && !is_ipaddrv4($_POST['remote-addr'])) || @@ -148,6 +170,10 @@ function build_parent_list() { $pgtitle = array(gettext("Interfaces"),gettext("GIF"),gettext("Edit")); $shortcut_section = "interfaces"; include("head.inc"); + +if ($input_errors) + print_input_errors($input_errors); + require_once('classes/Form.class.php'); $form = new Form(); @@ -181,7 +207,7 @@ $section->addInput(new Form_IpAddress( $section->addInput(new Form_Select( 'tunnel-remote-net', - 'GIF tunnel remote subnet', + 'GIF tunnel subnet', $pconfig['tunnel-remote-net'], array_combine(range(128, 1, -1), range(128, 1, -1)) ))->setHelp('The subnet is used for determining the network that is tunnelled'); |