Changeset 813 for trunk/cgi-bin
- Timestamp:
- 03/08/16 16:08:40 (9 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/cgi-bin/main.cgi
r811 r813 964 964 965 965 # Backup fields. Minimal sanity checks. 966 for my $bkfield (qw(brand model)) { 967 if (!$webvar{"bk$bkfield"}) { 968 $page->param(err => "Backup $bkfield must be filled in if IP/netblock is flagged for backup"); 969 return; 970 } 971 if ($webvar{"bk$bkfield"} !~ /^[a-zA-Z0-9\s_.-]+$/) { 972 $page->param(err => "Invalid characters in backup $bkfield"); 973 return; 974 } 975 } 976 for my $bkfield (qw(type src user)) { # no spaces in these! 977 if ($webvar{"bk$bkfield"} && $webvar{"bk$bkfield"} !~ /^[a-zA-Z0-9_.-]+$/) { 978 $page->param(err => "Invalid characters in backup $bkfield"); 979 return; 980 } 981 } 982 if ($webvar{bkport}) { 983 $webvar{bkport} =~ s/^\s+//g; 984 $webvar{bkport} =~ s/\s+$//g; 985 if ($webvar{bkport} !~ /^\d+$/) { 986 $page->param(err => "Backup port must be numeric"); 987 return; 988 } 989 } 966 # Bypass if the user isn't authorized for backup data, or if the checkbox is unchecked 967 if ($IPDBacl{$authuser} =~ /s/ && defined($webvar{backupfields})) { 968 for my $bkfield (qw(brand model)) { 969 if (!$webvar{"bk$bkfield"}) { 970 $page->param(err => "Backup $bkfield must be filled in if IP/netblock is flagged for backup"); 971 return; 972 } 973 if ($webvar{"bk$bkfield"} !~ /^[a-zA-Z0-9\s_.-]+$/) { 974 $page->param(err => "Invalid characters in backup $bkfield"); 975 return; 976 } 977 } 978 for my $bkfield (qw(type src user)) { # no spaces in these! 979 if ($webvar{"bk$bkfield"} && $webvar{"bk$bkfield"} !~ /^[a-zA-Z0-9_.-]+$/) { 980 $page->param(err => "Invalid characters in backup $bkfield"); 981 return; 982 } 983 } 984 if ($webvar{bkport}) { 985 $webvar{bkport} =~ s/^\s+//g; 986 $webvar{bkport} =~ s/\s+$//g; 987 if ($webvar{bkport} !~ /^\d+$/) { 988 $page->param(err => "Backup port must be numeric"); 989 return; 990 } 991 } 990 992 ##fixme: code review: should normalize $webvar{cidr} variants so we can 991 993 # check for non-/32 allocations having the backup IP field filled in here, 992 994 # instead of failing on the allocation or update attempt 993 if ($webvar{bkip}) { 994 $webvar{bkip} =~ s/^\s+//g; 995 $webvar{bkip} =~ s/\s+$//g; 996 if ($webvar{bkip} !~ /^[\da-fA-F:.]+$/) { 997 $page->param(err => "Backup IP must be an IP"); 998 return; 999 } 1000 } 995 if ($webvar{bkip}) { 996 $webvar{bkip} =~ s/^\s+//g; 997 $webvar{bkip} =~ s/\s+$//g; 998 if ($webvar{bkip} !~ /^[\da-fA-F:.]+$/) { 999 $page->param(err => "Backup IP must be an IP"); 1000 return; 1001 } 1002 } 1003 } # backup 1001 1004 1002 1005 return 'OK';
Note:
See TracChangeset
for help on using the changeset viewer.