From 90f90934c07691298c7ef96c869ad93b349c2706 Mon Sep 17 00:00:00 2001 From: Cristian Feldman Date: Fri, 18 May 2012 22:57:38 -0300 Subject: Fix of bug #2374 "When entering values in firewall rules leading and trailing spaces are not deleted" --- usr/local/www/firewall_aliases_edit.php | 4 ++++ usr/local/www/firewall_nat_1to1_edit.php | 7 +++++++ usr/local/www/firewall_nat_edit.php | 17 ++++++++++++----- usr/local/www/firewall_nat_npt_edit.php | 5 +++++ usr/local/www/firewall_nat_out_edit.php | 17 +++++++++++++++-- usr/local/www/firewall_rules_edit.php | 28 +++++++++++++++------------- usr/local/www/firewall_virtual_ip_edit.php | 3 +++ 7 files changed, 61 insertions(+), 20 deletions(-) (limited to 'usr/local') diff --git a/usr/local/www/firewall_aliases_edit.php b/usr/local/www/firewall_aliases_edit.php index e11d32e..09917f7 100755 --- a/usr/local/www/firewall_aliases_edit.php +++ b/usr/local/www/firewall_aliases_edit.php @@ -172,6 +172,10 @@ if ($_POST) { $final_address_details = array(); $alias['name'] = $_POST['name']; + for($x=0; isset($_POST['address'.$x]); $x++) { + $_POST['address'.$x] = trim($_POST['address'.$x]); + } + if ($_POST['type'] == "urltable") { $address = ""; $isfirst = 0; diff --git a/usr/local/www/firewall_nat_1to1_edit.php b/usr/local/www/firewall_nat_1to1_edit.php index d6dc9af..db79f6f 100755 --- a/usr/local/www/firewall_nat_1to1_edit.php +++ b/usr/local/www/firewall_nat_1to1_edit.php @@ -123,6 +123,13 @@ if ($_POST) { do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + if ($_POST['external']) + $_POST['external'] = trim($_POST['external']); + if ($_POST['src']) + $_POST['src'] = trim($_POST['src']); + if ($_POST['dst']) + $_POST['dst'] = trim($_POST['dst']); + if (is_specialnet($_POST['srctype'])) { $_POST['src'] = $_POST['srctype']; $_POST['srcmask'] = 0; diff --git a/usr/local/www/firewall_nat_edit.php b/usr/local/www/firewall_nat_edit.php index ad91112..b50967b 100755 --- a/usr/local/www/firewall_nat_edit.php +++ b/usr/local/www/firewall_nat_edit.php @@ -113,9 +113,9 @@ if ($_POST) { if(strtoupper($_POST['proto']) == "TCP" || strtoupper($_POST['proto']) == "UDP" || strtoupper($_POST['proto']) == "TCP/UDP") { if ($_POST['srcbeginport_cust'] && !$_POST['srcbeginport']) - $_POST['srcbeginport'] = $_POST['srcbeginport_cust']; + $_POST['srcbeginport'] = trim($_POST['srcbeginport_cust']); if ($_POST['srcendport_cust'] && !$_POST['srcendport']) - $_POST['srcendport'] = $_POST['srcendport_cust']; + $_POST['srcendport'] = trim($_POST['srcendport_cust']); if ($_POST['srcbeginport'] == "any") { $_POST['srcbeginport'] = 0; @@ -128,9 +128,9 @@ if ($_POST) { $_POST['srcendport'] = $_POST['srcbeginport']; if ($_POST['dstbeginport_cust'] && !$_POST['dstbeginport']) - $_POST['dstbeginport'] = $_POST['dstbeginport_cust']; + $_POST['dstbeginport'] = trim($_POST['dstbeginport_cust']); if ($_POST['dstendport_cust'] && !$_POST['dstendport']) - $_POST['dstendport'] = $_POST['dstendport_cust']; + $_POST['dstendport'] = trim($_POST['dstendport_cust']); if ($_POST['dstbeginport'] == "any") { $_POST['dstbeginport'] = 0; @@ -143,7 +143,7 @@ if ($_POST) { $_POST['dstendport'] = $_POST['dstbeginport']; if ($_POST['localbeginport_cust'] && !$_POST['localbeginport']) - $_POST['localbeginport'] = $_POST['localbeginport_cust']; + $_POST['localbeginport'] = trim($_POST['localbeginport_cust']); /* Make beginning port end port if not defined and endport is */ if (!$_POST['srcbeginport'] && $_POST['srcendport']) @@ -209,6 +209,13 @@ if ($_POST) { $_POST['dstendport'] = 0; } + if ($_POST['src']) + $_POST['src'] = trim($_POST['src']); + if ($_POST['dst']) + $_POST['dst'] = trim($_POST['dst']); + if ($_POST['localip']) + $_POST['localip'] = trim($_POST['localip']); + if (!isset($_POST['nordr']) && ($_POST['localip'] && !is_ipaddroralias($_POST['localip']))) { $input_errors[] = sprintf(gettext("\"%s\" is not a valid redirect target IP address or host alias."), $_POST['localip']); } diff --git a/usr/local/www/firewall_nat_npt_edit.php b/usr/local/www/firewall_nat_npt_edit.php index 3537186..ee03792 100644 --- a/usr/local/www/firewall_nat_npt_edit.php +++ b/usr/local/www/firewall_nat_npt_edit.php @@ -116,6 +116,11 @@ if ($_POST) { $natent['descr'] = $_POST['descr']; $natent['interface'] = $_POST['interface']; + if ($_POST['src']) + $_POST['src'] = trim($_POST['src']); + if ($_POST['dst']) + $_POST['dst'] = trim($_POST['dst']); + pconfig_to_address($natent['source'], $_POST['src'], $_POST['srcmask'], $_POST['srcnot']); diff --git a/usr/local/www/firewall_nat_out_edit.php b/usr/local/www/firewall_nat_out_edit.php index 2ef7210..62d0ecc 100755 --- a/usr/local/www/firewall_nat_out_edit.php +++ b/usr/local/www/firewall_nat_out_edit.php @@ -133,13 +133,26 @@ if ($_POST) { $protocol_uses_ports = in_array($_POST['protocol'], explode(" ", "any tcp udp tcp/udp")); + if ($_POST['source']) + $_POST['source'] = trim($_POST['source']); + if ($_POST['destination']) + $_POST['destination'] = trim($_POST['destination']); + if ($_POST['targetip']) + $_POST['targetip'] = trim($_POST['targetip']); + if ($_POST['sourceport']) + $_POST['sourceport'] = trim($_POST['sourceport']); + if ($_POST['dstport']) + $_POST['dstport'] = trim($_POST['dstport']); + if ($_POST['natport']) + $_POST['natport'] = trim($_POST['natport']); + if($protocol_uses_ports && $_POST['sourceport'] <> "" && !is_portoralias($_POST['sourceport'])) $input_errors[] = gettext("You must supply either a valid port or port alias for the source port entry."); - if($protocol_uses_ports and $_POST['dstport'] <> "" and !is_portoralias($_POST['dstport'])) + if($protocol_uses_ports && $_POST['dstport'] <> "" && !is_portoralias($_POST['dstport'])) $input_errors[] = gettext("You must supply either a valid port or port alias for the destination port entry."); - if($protocol_uses_ports and $_POST['natport'] <> "" and !is_port($_POST['natport']) and !isset($_POST['nonat'])) + if($protocol_uses_ports && $_POST['natport'] <> "" && !is_port($_POST['natport']) && !isset($_POST['nonat'])) $input_errors[] = gettext("You must supply a valid port for the nat port entry."); if ($_POST['source_type'] != "any") { diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php index 2629731..8b24f46 100755 --- a/usr/local/www/firewall_rules_edit.php +++ b/usr/local/www/firewall_rules_edit.php @@ -228,19 +228,16 @@ if ($_POST) { } } - if (($_POST['proto'] != "tcp") && ($_POST['proto'] != "udp") && ($_POST['proto'] != "tcp/udp")) { $_POST['srcbeginport'] = 0; $_POST['srcendport'] = 0; $_POST['dstbeginport'] = 0; $_POST['dstendport'] = 0; } else { - if ($_POST['srcbeginport_cust'] && !$_POST['srcbeginport']) - $_POST['srcbeginport'] = $_POST['srcbeginport_cust']; + $_POST['srcbeginport'] = trim($_POST['srcbeginport_cust']); if ($_POST['srcendport_cust'] && !$_POST['srcendport']) - $_POST['srcendport'] = $_POST['srcendport_cust']; - + $_POST['srcendport'] = trim($_POST['srcendport_cust']); if ($_POST['srcbeginport'] == "any") { $_POST['srcbeginport'] = 0; $_POST['srcendport'] = 0; @@ -252,9 +249,9 @@ if ($_POST) { $_POST['srcendport'] = $_POST['srcbeginport']; if ($_POST['dstbeginport_cust'] && !$_POST['dstbeginport']) - $_POST['dstbeginport'] = $_POST['dstbeginport_cust']; + $_POST['dstbeginport'] = trim($_POST['dstbeginport_cust']); if ($_POST['dstendport_cust'] && !$_POST['dstendport']) - $_POST['dstendport'] = $_POST['dstendport_cust']; + $_POST['dstendport'] = trim($_POST['dstendport_cust']); if ($_POST['dstbeginport'] == "any") { $_POST['dstbeginport'] = 0; @@ -325,12 +322,12 @@ if ($_POST) { if ($_POST['srcbeginport'] && !is_portoralias($_POST['srcbeginport'])) $input_errors[] = sprintf(gettext("%s is not a valid start source port. It must be a port alias or integer between 1 and 65535."),$_POST['srcbeginposrt']); - if ($_POST['srcendport'] && !is_portoralias($_POST['srcendport'])) - $input_errors[] = sprintf(gettext("%s is not a valid end source port. It must be a port alias or integer between 1 and 65535."),$_POST['srcendport']); - if ($_POST['dstbeginport'] && !is_portoralias($_POST['dstbeginport'])) - $input_errors[] = sprintf(gettext("%s is not a valid start destination port. It must be a port alias or integer between 1 and 65535."),$_POST['dstbeginport']); - if ($_POST['dstendport'] && !is_portoralias($_POST['dstendport'])) - $input_errors[] = sprintf(gettext("%s is not a valid end destination port. It must be a port alias or integer between 1 and 65535."),$_POST['dstendport']); + if ($_POST['srcendport'] && !is_portoralias($_POST['srcendport'])) + $input_errors[] = sprintf(gettext("%s is not a valid end source port. It must be a port alias or integer between 1 and 65535."),$_POST['srcendport']); + if ($_POST['dstbeginport'] && !is_portoralias($_POST['dstbeginport'])) + $input_errors[] = sprintf(gettext("%s is not a valid start destination port. It must be a port alias or integer between 1 and 65535."),$_POST['dstbeginport']); + if ($_POST['dstendport'] && !is_portoralias($_POST['dstendport'])) + $input_errors[] = sprintf(gettext("%s is not a valid end destination port. It must be a port alias or integer between 1 and 65535."),$_POST['dstendport']); if ( !$_POST['srcbeginport_cust'] && $_POST['srcendport_cust']) if (is_alias($_POST['srcendport_cust'])) $input_errors[] = 'If you put port alias in Source port range to: field you must put the same port alias in from: field'; @@ -352,6 +349,11 @@ if ($_POST) { $input_errors[] = 'You cannot specify numbers and port aliases at the same time in Destination port range from: and to: field'; } + if ($_POST['src']) + $_POST['src'] = trim($_POST['src']); + if ($_POST['dst']) + $_POST['dst'] = trim($_POST['dst']); + /* if user enters an alias and selects "network" then disallow. */ if($_POST['srctype'] == "network") { if(is_alias($_POST['src'])) diff --git a/usr/local/www/firewall_virtual_ip_edit.php b/usr/local/www/firewall_virtual_ip_edit.php index df176f9..c0a21dc 100755 --- a/usr/local/www/firewall_virtual_ip_edit.php +++ b/usr/local/www/firewall_virtual_ip_edit.php @@ -107,6 +107,9 @@ if ($_POST) { do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + if ($_POST['subnet']) + $_POST['subnet'] = trim($_POST['subnet']); + if (($_POST['subnet'] && !is_ipaddr($_POST['subnet']))) $input_errors[] = gettext("A valid IP address must be specified."); -- cgit v1.1