From 984c64a43ba1ea8735175a6adb37eddaa2e3f88c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ermal=20Lu=E7i?= <eri@pfsense.org>
Date: Wed, 9 Dec 2009 12:37:34 +0000
Subject: Add the same checks to the aliases import functionality as the ones
 that are done during creation/editing of aliases. Ticket #146

---
 usr/local/www/firewall_aliases_edit.php   |  4 +---
 usr/local/www/firewall_aliases_import.php | 36 +++++++++++++++++++++++++++++++
 2 files changed, 37 insertions(+), 3 deletions(-)

(limited to 'usr')

diff --git a/usr/local/www/firewall_aliases_edit.php b/usr/local/www/firewall_aliases_edit.php
index 49466c3..c90e34d 100755
--- a/usr/local/www/firewall_aliases_edit.php
+++ b/usr/local/www/firewall_aliases_edit.php
@@ -46,7 +46,7 @@
 $pgtitle = array("Firewall","Aliases","Edit");
 
 // Keywords not allowed in names
-$reserved_keywords = array("pass", "out", "queue", "max", "min");
+$reserved_keywords = array("pass", "out", "queue", "max", "min", "pptp");
 
 require("guiconfig.inc");
 require_once("functions.inc");
@@ -141,8 +141,6 @@ if ($_POST) {
 	$pconfig = $_POST;
 
 	/* input validation */
-	if(strtolower($_POST['name']) == "pptp")
-		$input_errors[] = gettext("Aliases may not be named PPTP.");
 
 	$x = is_validaliasname($_POST['name']);
 	if (!isset($x)) {
diff --git a/usr/local/www/firewall_aliases_import.php b/usr/local/www/firewall_aliases_import.php
index fab4dae..18c797d 100755
--- a/usr/local/www/firewall_aliases_import.php
+++ b/usr/local/www/firewall_aliases_import.php
@@ -39,10 +39,18 @@
 
 $pgtitle = array("Firewall","Aliases","Import");
 
+$reserved_keywords = array("pass", "out", "queue", "max", "min", "pptp");
+
 require("guiconfig.inc");
 require("filter.inc");
 require("shaper.inc");
 
+$reserved_ifs = get_configured_interface_list(false, true);
+$reserved_keywords = array_merge($reserved_keywords, $reserved_ifs);
+
+if (!is_array($config['aliases']['alias']))
+        $config['aliases']['alias'] = array();
+
 aliases_sort();
 $a_aliases = &$config['aliases']['alias'];
 
@@ -52,10 +60,38 @@ if($_POST['aliasimport'] <> "") {
 
 	do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
 		
+	if (is_validaliasname($_POST['name']) == false)
+		$input_errors[] = "The alias name may only consist of the characters a-z, A-Z, 0-9, _.";
+
+	/* check for name conflicts */
+        foreach ($a_aliases as $alias) {
+                if (isset($id) && ($a_aliases[$id]) && ($a_aliases[$id] === $alias))
+                        continue;
+
+                if ($alias['name'] == $_POST['name']) {
+                        $input_errors[] = "An alias with this name already exists.";
+                        break;
+                }
+        }
+
+	/* Check for reserved keyword names */
+        foreach($reserved_keywords as $rk)
+                if ($rk == $_POST['name'])
+                        $input_errors[] = "Cannot use a reserved keyword as alias name $rk";
+
+        /* check for name interface description conflicts */
+        foreach($config['interfaces'] as $interface) {
+                if($interface['descr'] == $_POST['name']) {
+                        $input_errors[] = "An interface description with this name already exists.";
+                        break;
+                }
+        }
+
 	if (!$input_errors) {			
 		$alias = array();
 		$alias['address'] = str_replace("\n", " ", $_POST['aliasimport']);
 		$alias['name'] = $_POST['name'];
+		$alias['type'] = "network";
 		$alias['descr'] = $_POST['descr'];
 		$a_aliases[] = $alias;
 		write_config();
-- 
cgit v1.1