WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

PHP 5.3 compatibility

This commit is contained in:
Roland Gruber 2009-08-13 18:57:26 +00:00
parent 8c458fc90c
commit d4886bb03f
12 changed files with 44 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lam/lib/baseModule.inc
View File

@ -559,7 +559,7 @@ abstract class baseModule {
case 'regex_i': case 'regex_i':
// ignore empty fileds // ignore empty fileds
if ($options[$identifiers[$i]][0] == '') continue; if ($options[$identifiers[$i]][0] == '') continue;
if (! eregi($this->meta['profile_checks'][$identifiers[$i]]['regex'], $options[$identifiers[$i]][0])) { if (! preg_match('/' . $this->meta['profile_checks'][$identifiers[$i]]['regex'] . '/i', $options[$identifiers[$i]][0])) {
$messages[] = $this->meta['profile_checks'][$identifiers[$i]]['error_message']; $messages[] = $this->meta['profile_checks'][$identifiers[$i]]['error_message'];
} }
break; break;
@ -567,7 +567,7 @@ abstract class baseModule {
case 'regex': case 'regex':
// ignore empty fileds // ignore empty fileds
if ($options[$identifiers[$i]][0] == '') continue; if ($options[$identifiers[$i]][0] == '') continue;
if (! ereg($this->meta['profile_checks'][$identifiers[$i]]['regex'], $options[$identifiers[$i]][0])) { if (! preg_match('/' . $this->meta['profile_checks'][$identifiers[$i]]['regex'] . '/', $options[$identifiers[$i]][0])) {
$messages[] = $this->meta['profile_checks'][$identifiers[$i]]['error_message']; $messages[] = $this->meta['profile_checks'][$identifiers[$i]]['error_message'];
} }
break; break;
@ -691,7 +691,7 @@ abstract class baseModule {
case "regex_i": case "regex_i":
// ignore empty fileds // ignore empty fileds
if ($options[$identifiers[$i]][0] == '') continue; if ($options[$identifiers[$i]][0] == '') continue;
if (! eregi($this->meta['config_checks'][$scopes[$s]][$identifiers[$i]]['regex'], $options[$identifiers[$i]][0])) { if (! preg_match('/' . $this->meta['config_checks'][$scopes[$s]][$identifiers[$i]]['regex'] . '/i', $options[$identifiers[$i]][0])) {
$messages[] = $this->meta['config_checks'][$scopes[$s]][$identifiers[$i]]['error_message']; $messages[] = $this->meta['config_checks'][$scopes[$s]][$identifiers[$i]]['error_message'];
} }
break; break;
@ -699,7 +699,7 @@ abstract class baseModule {
case "regex": case "regex":
// ignore empty fileds // ignore empty fileds
if ($options[$identifiers[$i]][0] == '') continue; if ($options[$identifiers[$i]][0] == '') continue;
if (! ereg($this->meta['config_checks'][$scopes[$s]][$identifiers[$i]]['regex'], $options[$identifiers[$i]][0])) { if (! preg_match('/' . $this->meta['config_checks'][$scopes[$s]][$identifiers[$i]]['regex'] . '/', $options[$identifiers[$i]][0])) {
$messages[] = $this->meta['config_checks'][$scopes[$s]][$identifiers[$i]]['error_message']; $messages[] = $this->meta['config_checks'][$scopes[$s]][$identifiers[$i]]['error_message'];
} }
break; break;

10
lam/lib/config.inc
View File

@ -518,7 +518,7 @@ class LAMConfig {
*/ */
public function set_Adminstring($value) { public function set_Adminstring($value) {
if (is_string($value) && if (is_string($value) &&
eregi("^[^;]+(;[^;]+)*$", $value)) { preg_match("/^[^;]+(;[^;]+)*$/", $value)) {
$this->Admins = $value; $this->Admins = $value;
} }
else return false; else return false;
@ -630,7 +630,7 @@ class LAMConfig {
* @return boolean true if $value has correct format * @return boolean true if $value has correct format
*/ */
public function set_listAttributes($value, $scope) { public function set_listAttributes($value, $scope) {
if (is_string($value) && eregi("^((#[^:;]+)|([^:;]*:[^:;]+))(;((#[^:;]+)|([^:;]*:[^:;]+)))*$", $value)) { if (is_string($value) && preg_match("/^((#[^:;]+)|([^:;]*:[^:;]+))(;((#[^:;]+)|([^:;]*:[^:;]+)))*$/", $value)) {
$this->typeSettings['attr_' . $scope] = $value; $this->typeSettings['attr_' . $scope] = $value;
return true; return true;
} }
@ -677,7 +677,7 @@ class LAMConfig {
*/ */
public function set_scriptPath($value) { public function set_scriptPath($value) {
if (!$value) $this->scriptPath = ""; // optional parameter if (!$value) $this->scriptPath = ""; // optional parameter
elseif (is_string($value) && eregi("^/([a-z0-9_\\-])+(/([a-z0-9_\\.\\-])+)+$", $value)) $this->scriptPath = $value; elseif (is_string($value) && preg_match("/^\\/([a-z0-9_-])+(\\/([a-z0-9_\\.-])+)+$/i", $value)) $this->scriptPath = $value;
else return false; else return false;
return true; return true;
} }
@ -709,7 +709,7 @@ class LAMConfig {
$valid_ips = array(); $valid_ips = array();
foreach($array_string as $arr_value) { foreach($array_string as $arr_value) {
// Explode name and IP, if a name exists // Explode name and IP, if a name exists
if (eregi(":", $arr_value)) { if (preg_match("/:/", $arr_value)) {
$arr_value_explode = explode(":", $arr_value); $arr_value_explode = explode(":", $arr_value);
$ip = $arr_value_explode[1]; $ip = $arr_value_explode[1];
$servername = $arr_value_explode[0]; $servername = $arr_value_explode[0];
@ -718,7 +718,7 @@ class LAMConfig {
$ip = $arr_value; $ip = $arr_value;
$servername = ""; $servername = "";
} }
if (isset($ip) && is_string($ip) && eregi("^[a-z0-9\\-]+(\\.[a-z0-9\\-]+)*$", $ip)) { if (isset($ip) && is_string($ip) && preg_match("/^[a-z0-9-]+(\\.[a-z0-9-]+)*$/i", $ip)) {
// Check if the IP has a server name // Check if the IP has a server name
if (!empty($servername)) { if (!empty($servername)) {
$valid_ips[] = $servername.":".$ip; $valid_ips[] = $servername.":".$ip;

4
lam/lib/lists.inc
View File

@ -210,7 +210,7 @@ class lamList {
if (isset($_POST["filter" . strtolower($this->attrArray[$i])])) { if (isset($_POST["filter" . strtolower($this->attrArray[$i])])) {
$foundFilter = $_POST["filter" . strtolower($this->attrArray[$i])]; $foundFilter = $_POST["filter" . strtolower($this->attrArray[$i])];
} }
if (isset($foundFilter) && eregi('^([0-9a-z _\\*\\$\\.-])+$', $foundFilter)) { if (isset($foundFilter) && preg_match('/^([0-9a-z _\\*\\$\\.-])+$/i', $foundFilter)) {
$filter[$this->attrArray[$i]]['original'] = $foundFilter; $filter[$this->attrArray[$i]]['original'] = $foundFilter;
$filter[$this->attrArray[$i]]['regex'] = $foundFilter; $filter[$this->attrArray[$i]]['regex'] = $foundFilter;
// replace special characters // replace special characters
@ -253,7 +253,7 @@ class lamList {
// check if filter fits // check if filter fits
$found = false; $found = false;
for ($i = 0; $i < sizeof($this->entries[$r][$attributes[$a]]); $i++) { for ($i = 0; $i < sizeof($this->entries[$r][$attributes[$a]]); $i++) {
if (eregi($filter[$attributes[$a]]['regex'], $this->entries[$r][$attributes[$a]][$i])) { if (preg_match('/' . $filter[$attributes[$a]]['regex'] . '/i', $this->entries[$r][$attributes[$a]][$i])) {
$found = true; $found = true;
break; break;
} }

8
lam/lib/modules/dhcp_settings.inc
View File

@ -349,7 +349,7 @@ By default, the nodes are configured as H-Nodes which fits for small networks. I
} }
if (!empty($this->dhcpSettings['domainname']) && (strlen($this->dhcpSettings['domainname'])>15 || if (!empty($this->dhcpSettings['domainname']) && (strlen($this->dhcpSettings['domainname'])>15 ||
strlen($this->dhcpSettings['domainname'])<3 || !eregi("^[A-Za-z0-9\._-]*$", $this->dhcpSettings['domainname']))) return false; strlen($this->dhcpSettings['domainname'])<3 || !preg_match("/^[A-Za-z0-9\._-]*$/", $this->dhcpSettings['domainname']))) return false;
//DNS //DNS
if (!empty($this->dhcpSettings['dns'])) { if (!empty($this->dhcpSettings['dns'])) {
$ex = explode(",", $this->dhcpSettings['dns']); $ex = explode(",", $this->dhcpSettings['dns']);
@ -457,7 +457,7 @@ By default, the nodes are configured as H-Nodes which fits for small networks. I
} }
// Is domainname? // Is domainname?
if ($ex[0]=="domain-name") { if ($ex[0]=="domain-name") {
$this->dhcpSettings['domainname'] = ereg_replace("\"","", $ex[1]); $this->dhcpSettings['domainname'] = str_replace('"',"", $ex[1]);
} }
// Is netbios-name-servers? // Is netbios-name-servers?
if ($ex[0]=="domain-name-servers") { if ($ex[0]=="domain-name-servers") {
@ -553,7 +553,7 @@ By default, the nodes are configured as H-Nodes which fits for small networks. I
$this->dhcpSettings['domainname'] = $_POST['domainname']; $this->dhcpSettings['domainname'] = $_POST['domainname'];
unset($this->attributes['dhcpOption'][5]); unset($this->attributes['dhcpOption'][5]);
} }
elseif (eregi("^[A-Za-z0-9\._-]*$", $_POST['domainname'])) { elseif (preg_match("/^[A-Za-z0-9\._-]*$/", $_POST['domainname'])) {
$this->dhcpSettings['domainname'] = $_POST['domainname']; $this->dhcpSettings['domainname'] = $_POST['domainname'];
$this->attributes['dhcpOption'][5] = "domain-name \"".$_POST['domainname']."\""; $this->attributes['dhcpOption'][5] = "domain-name \"".$_POST['domainname']."\"";
} }
@ -996,7 +996,7 @@ By default, the nodes are configured as H-Nodes which fits for small networks. I
array_push($error, $i); array_push($error, $i);
$messages[] = $error; $messages[] = $error;
} }
elseif (eregi("^[A-Za-z0-9\._-]*$", $rawAccounts[$i][$ids['dhcp_settings_domainName']])) { elseif (preg_match("/^[A-Za-z0-9\._-]*$/", $rawAccounts[$i][$ids['dhcp_settings_domainName']])) {
$partialAccounts[$i]['dhcpOption'][] = "domain-name \"".$rawAccounts[$i][$ids['dhcp_settings_domainName']]."\""; $partialAccounts[$i]['dhcpOption'][] = "domain-name \"".$rawAccounts[$i][$ids['dhcp_settings_domainName']]."\"";
} }
else { else {

4
lam/lib/modules/eduPerson.inc
View File

@ -410,7 +410,7 @@ class eduPerson extends baseModule {
// principal name // principal name
$this->attributes['eduPersonPrincipalName'][0] = $_POST['principalName']; $this->attributes['eduPersonPrincipalName'][0] = $_POST['principalName'];
if ($_POST['principalName'] != '') { if ($_POST['principalName'] != '') {
if (eregi('^[0-9a-z_\\.@-]+$', $_POST['principalName']) === false) { if (!preg_match('/^[0-9a-z_\\.@-]+$/i', $_POST['principalName'])) {
$errors[] = $this->messages['principalName'][0]; $errors[] = $this->messages['principalName'][0];
} }
} }
@ -508,7 +508,7 @@ class eduPerson extends baseModule {
if (!in_array("eduPerson", $partialAccounts[$i]['objectClass'])) $partialAccounts[$i]['objectClass'][] = "eduPerson"; if (!in_array("eduPerson", $partialAccounts[$i]['objectClass'])) $partialAccounts[$i]['objectClass'][] = "eduPerson";
// principal name // principal name
if ($rawAccounts[$i][$ids['eduPerson_principalName']] != "") { if ($rawAccounts[$i][$ids['eduPerson_principalName']] != "") {
if (eregi('^[0-9a-z_\\.@-]+$', $rawAccounts[$i][$ids['eduPerson_principalName']]) === false) { if (!preg_match('/^[0-9a-z_\\.@-]+$/i', $rawAccounts[$i][$ids['eduPerson_principalName']])) {
$error = $this->messages['principalName'][1]; $error = $this->messages['principalName'][1];
array_push($error, $i); array_push($error, $i);
$messages[] = $error; $messages[] = $error;

6
lam/lib/modules/fixed_ip.inc
View File

@ -150,7 +150,7 @@ class fixed_ip extends baseModule {
} }
foreach($ex AS $value) { foreach($ex AS $value) {
if (!eregi("[0-9a-fA-F][0-9a-fA-F]", $value) || strlen($value)!="2") { if (!preg_match("/[0-9a-fA-F][0-9a-fA-F]/", $value) || strlen($value)!="2") {
$invalid = true; $invalid = true;
} }
} }
@ -290,7 +290,7 @@ class fixed_ip extends baseModule {
if (strlen($_POST['pc_'.$id])>30) { if (strlen($_POST['pc_'.$id])>30) {
$error = true; $error = true;
} }
if (!eregi("^[A-Za-z0-9\._-]*$",$_POST['pc_'.$id])) { if (!preg_match("/^[A-Za-z0-9\._-]*$/",$_POST['pc_'.$id])) {
$error = true; $error = true;
} }
$this->fixed_ip[$id]['cn'] = $_POST['pc_'.$id]; $this->fixed_ip[$id]['cn'] = $_POST['pc_'.$id];
@ -360,7 +360,7 @@ class fixed_ip extends baseModule {
elseif (in_array($this->fixed_ip[$id]['cn'], $pcs) ) { elseif (in_array($this->fixed_ip[$id]['cn'], $pcs) ) {
$pcError = _("This PC name already exists."); $pcError = _("This PC name already exists.");
} }
elseif (!eregi("^[A-Za-z0-9\._-]*$",$_POST['pc_'.$id])) { elseif (!preg_match("/^[A-Za-z0-9\._-]*$/",$_POST['pc_'.$id])) {
$pcError = _("The PC name may only contain A-Z, a-z and 0-9."); $pcError = _("The PC name may only contain A-Z, a-z and 0-9.");
} }
$pcs[] = $this->fixed_ip[$id]['cn']; $pcs[] = $this->fixed_ip[$id]['cn'];

12
lam/lib/modules/posixAccount.inc
View File

@ -813,7 +813,7 @@ class posixAccount extends baseModule {
// get last character of username // get last character of username
$lastchar = substr($this->attributes['uid'][0], strlen($this->attributes['uid'][0])-1, 1); $lastchar = substr($this->attributes['uid'][0], strlen($this->attributes['uid'][0])-1, 1);
// Last character is no number // Last character is no number
if ( !ereg('^([0-9])+$', $lastchar)) { if ( !preg_match('/^([0-9])+$/', $lastchar)) {
// Last character is no number. Therefore we only have to add "2" to it. // Last character is no number. Therefore we only have to add "2" to it.
if ($this->get_scope()=='host') { if ($this->get_scope()=='host') {
$this->attributes['uid'][0] = $this->attributes['uid'][0] . '2$'; $this->attributes['uid'][0] = $this->attributes['uid'][0] . '2$';
@ -833,7 +833,7 @@ class posixAccount extends baseModule {
$mark = false; $mark = false;
// Set $i to the last character which is a number in $account_new->general_username // Set $i to the last character which is a number in $account_new->general_username
while (!$mark) while (!$mark)
if (ereg('^([0-9])+$',substr($this->attributes['uid'][0], $i, strlen($this->attributes['uid'][0])-$i))) $i--; if (preg_match('/^([0-9])+$/',substr($this->attributes['uid'][0], $i, strlen($this->attributes['uid'][0])-$i))) $i--;
else $mark=true; else $mark=true;
// increase last number with one // increase last number with one
$firstchars = substr($this->attributes['uid'][0], 0, $i+1); $firstchars = substr($this->attributes['uid'][0], 0, $i+1);
@ -1263,10 +1263,10 @@ class posixAccount extends baseModule {
// user settings // user settings
if (in_array('user', $scopes)) { if (in_array('user', $scopes)) {
// min/maxUID are required, check if they are numeric // min/maxUID are required, check if they are numeric
if (!isset($options['posixAccount_minUID'][0]) || !ereg('^[0-9]+$', $options['posixAccount_minUID'][0])) { if (!isset($options['posixAccount_minUID'][0]) || !preg_match('/^[0-9]+$/', $options['posixAccount_minUID'][0])) {
$return[] = $this->messages['minUID'][0]; $return[] = $this->messages['minUID'][0];
} }
if (!isset($options['posixAccount_maxUID'][0]) || !ereg('^[0-9]+$', $options['posixAccount_maxUID'][0])) { if (!isset($options['posixAccount_maxUID'][0]) || !preg_match('/^[0-9]+$/', $options['posixAccount_maxUID'][0])) {
$return[] = $this->messages['maxUID'][0]; $return[] = $this->messages['maxUID'][0];
} }
// minUID < maxUID // minUID < maxUID
@ -1279,10 +1279,10 @@ class posixAccount extends baseModule {
// host settings // host settings
if (in_array('host', $scopes)) { if (in_array('host', $scopes)) {
// min/maxUID are required, check if they are numeric // min/maxUID are required, check if they are numeric
if (!isset($options['posixAccount_minMachine'][0]) || !ereg('^[0-9]+$', $options['posixAccount_minMachine'][0])) { if (!isset($options['posixAccount_minMachine'][0]) || !preg_match('/^[0-9]+$/', $options['posixAccount_minMachine'][0])) {
$return[] = $this->messages['minMachine'][0]; $return[] = $this->messages['minMachine'][0];
} }
if (!isset($options['posixAccount_maxMachine'][0]) || !ereg('^[0-9]+$', $options['posixAccount_maxMachine'][0])) { if (!isset($options['posixAccount_maxMachine'][0]) || !preg_match('/^[0-9]+$/', $options['posixAccount_maxMachine'][0])) {
$return[] = $this->messages['maxMachine'][0]; $return[] = $this->messages['maxMachine'][0];
} }
// minUID < maxUID // minUID < maxUID

9
lam/lib/modules/posixGroup.inc
View File

@ -621,8 +621,9 @@ class posixGroup extends baseModule {
} }
if ($this->manageCnAttribute && ($this->attributes['cn'][0]!=$_POST['cn'])) { if ($this->manageCnAttribute && ($this->attributes['cn'][0]!=$_POST['cn'])) {
$this->attributes['cn'][0] = $_POST['cn']; $this->attributes['cn'][0] = $_POST['cn'];
if (($this->attributes['cn'][0] != $_POST['cn']) && ereg('[A-Z]$', $_POST['cn'])) if (preg_match('/^[A-Z]+$/', $_POST['cn'])) {
$errors[] = $this->messages['cn'][0]; $errors[] = $this->messages['cn'][0];
}
// Check if Groupname contains only valid characters // Check if Groupname contains only valid characters
if ( !get_preg($this->attributes['cn'][0],'groupname')) if ( !get_preg($this->attributes['cn'][0],'groupname'))
$errors[] = $this->messages['cn'][2]; $errors[] = $this->messages['cn'][2];
@ -637,7 +638,7 @@ class posixGroup extends baseModule {
// get last character of username // get last character of username
$lastchar = substr($this->attributes['cn'][0], strlen($this->attributes['cn'][0])-1, 1); $lastchar = substr($this->attributes['cn'][0], strlen($this->attributes['cn'][0])-1, 1);
// Last character is no number // Last character is no number
if ( !ereg('^([0-9])+$', $lastchar)) if ( !preg_match('/^([0-9])+$/', $lastchar))
/* Last character is no number. Therefore we only have to /* Last character is no number. Therefore we only have to
* add "2" to it. * add "2" to it.
*/ */
@ -653,7 +654,7 @@ class posixGroup extends baseModule {
$mark = false; $mark = false;
// Set $i to the last character which is a number in $account_new->general_username // Set $i to the last character which is a number in $account_new->general_username
while (!$mark) { while (!$mark) {
if (ereg('^([0-9])+$',substr($this->attributes['cn'][0], $i, strlen($this->attributes['cn'][0])-$i))) $i--; if (preg_match('/^([0-9])+$/',substr($this->attributes['cn'][0], $i, strlen($this->attributes['cn'][0])-$i))) $i--;
else $mark=true; else $mark=true;
} }
// increase last number with one // increase last number with one
@ -665,7 +666,7 @@ class posixGroup extends baseModule {
} }
// Show warning if lam has changed username // Show warning if lam has changed username
if ($this->attributes['cn'][0] != $_POST['cn']) { if ($this->attributes['cn'][0] != $_POST['cn']) {
$errors[] = $this->messages['cn'][0]; $errors[] = $this->messages['cn'][1];
} }
// show info when gidnumber has changed // show info when gidnumber has changed
if (($this->orig['gidNumber'][0]!=$this->attributes['gidNumber'][0]) && $this->orig['gidNumber'][0]!='' && $_POST['gidNumber']!=$this->attributes['gidNumber'][0]) { if (($this->orig['gidNumber'][0]!=$this->attributes['gidNumber'][0]) && $this->orig['gidNumber'][0]!='' && $_POST['gidNumber']!=$this->attributes['gidNumber'][0]) {

2
lam/lib/modules/sambaAccount.inc
View File

@ -1029,7 +1029,7 @@ class sambaAccount extends baseModule {
} }
// home drive // home drive
if ($rawAccounts[$i][$ids['sambaAccount_homeDrive']] != "") { if ($rawAccounts[$i][$ids['sambaAccount_homeDrive']] != "") {
if (eregi("[d-z]:", $rawAccounts[$i][$ids['sambaAccount_homeDrive']])) { if (preg_match("/[d-z]:/i", $rawAccounts[$i][$ids['sambaAccount_homeDrive']])) {
$partialAccounts[$i]['homeDrive'] = $rawAccounts[$i][$ids['sambaAccount_homeDrive']]; $partialAccounts[$i]['homeDrive'] = $rawAccounts[$i][$ids['sambaAccount_homeDrive']];
} }
else { else {

2
lam/lib/modules/sambaSamAccount.inc
View File

@ -1997,7 +1997,7 @@ class sambaSamAccount extends baseModule {
} }
// home drive // home drive
if ($rawAccounts[$i][$ids['sambaSamAccount_homeDrive']] != "") { if ($rawAccounts[$i][$ids['sambaSamAccount_homeDrive']] != "") {
if (eregi("[d-z]:", $rawAccounts[$i][$ids['sambaSamAccount_homeDrive']])) { if (preg_match("/[d-z]:/i", $rawAccounts[$i][$ids['sambaSamAccount_homeDrive']])) {
$partialAccounts[$i]['sambaHomeDrive'] = $rawAccounts[$i][$ids['sambaSamAccount_homeDrive']]; $partialAccounts[$i]['sambaHomeDrive'] = $rawAccounts[$i][$ids['sambaSamAccount_homeDrive']];
} }
else { else {

6
lam/lib/profiles.inc
View File

@ -64,7 +64,7 @@ function getAccountProfiles($scope) {
* @return array hash array (attribute => value) * @return array hash array (attribute => value)
*/ */
function loadAccountProfile($profile, $scope) { function loadAccountProfile($profile, $scope) {
if (!eregi("^[0-9a-z _-]+$", $profile) || !eregi("^[a-z]+$", $scope)) return false; if (!preg_match("/^[0-9a-z _-]+$/i", $profile) || !preg_match("/^[a-z]+$/i", $scope)) return false;
$settings = array(); $settings = array();
$file = substr(__FILE__, 0, strlen(__FILE__) - 17) . "/config/profiles/" . $profile . "." . $scope; $file = substr(__FILE__, 0, strlen(__FILE__) - 17) . "/config/profiles/" . $profile . "." . $scope;
if (is_file($file) == True) { if (is_file($file) == True) {
@ -110,7 +110,7 @@ function loadAccountProfile($profile, $scope) {
function saveAccountProfile($attributes, $profile, $scope) { function saveAccountProfile($attributes, $profile, $scope) {
if (!$_SESSION['loggedIn'] == true) return false; if (!$_SESSION['loggedIn'] == true) return false;
// check profile name // check profile name
if (!eregi("^[0-9a-z _-]+$", $profile) || !eregi("^[a-z]+$", $scope)) return false; if (!preg_match("/^[0-9a-z _-]+$/i", $profile) || !preg_match("/^[a-z]+$/i", $scope)) return false;
if (!is_array($attributes)) { if (!is_array($attributes)) {
return false; return false;
} }
@ -146,7 +146,7 @@ function saveAccountProfile($attributes, $profile, $scope) {
*/ */
function delAccountProfile($file, $scope) { function delAccountProfile($file, $scope) {
if (!$_SESSION['loggedIn'] == true) return false; if (!$_SESSION['loggedIn'] == true) return false;
if (!eregi("^[0-9a-z _-]+$", $file) || !eregi("^[a-z]+$", $scope)) return false; if (!preg_match("/^[0-9a-z _-]+$/i", $file) || !preg_match("/^[a-z]+$/i", $scope)) return false;
$prof = substr(__FILE__, 0, strlen(__FILE__) - 16) . "config/profiles/" . $file . "." . $scope; $prof = substr(__FILE__, 0, strlen(__FILE__) - 16) . "config/profiles/" . $file . "." . $scope;
if (is_file($prof)) { if (is_file($prof)) {
return @unlink($prof); return @unlink($prof);

16
lam/lib/security.inc
View File

@ -86,12 +86,12 @@ function checkClientIP() {
$grantAccess = false; $grantAccess = false;
for ($i = 0; $i < sizeof($allowedHosts); $i++) { for ($i = 0; $i < sizeof($allowedHosts); $i++) {
$host = $allowedHosts[$i]; $host = $allowedHosts[$i];
$ipRegex = '^[0-9\\.\\*]+$'; $ipRegex = '/^[0-9\\.\\*]+$/';
if (!ereg($ipRegex, $host)) continue; if (!preg_match($ipRegex, $host)) continue;
$hostRegex = str_replace(".", "\\.", $host); $hostRegex = str_replace(".", "\\.", $host);
$hostRegex = '^' . str_replace("*", ".*", $hostRegex) . '$'; $hostRegex = '/^' . str_replace("*", ".*", $hostRegex) . '$/';
$clientIP = $_SERVER['REMOTE_ADDR']; $clientIP = $_SERVER['REMOTE_ADDR'];
if (ereg($hostRegex, $clientIP)) { if (preg_match($hostRegex, $clientIP)) {
// client is allowed to access LAM // client is allowed to access LAM
$grantAccess = true; $grantAccess = true;
} }
@ -238,16 +238,16 @@ function checkPasswordStrength($password) {
$numeric = 0; $numeric = 0;
$symbols = 0; $symbols = 0;
for ($i = 0; $i < strlen($password); $i++) { for ($i = 0; $i < strlen($password); $i++) {
if (ereg("[a-z]", $password[$i])) { if (preg_match("/[a-z]/", $password[$i])) {
$lower++; $lower++;
} }
if (ereg("[A-Z]", $password[$i])) { if (preg_match("/[A-Z]/", $password[$i])) {
$upper++; $upper++;
} }
if (ereg("[0-9]", $password[$i])) { if (preg_match("/[0-9]/", $password[$i])) {
$numeric++; $numeric++;
} }
if (eregi("[^a-z0-9]", $password[$i])) { if (preg_match("/[^a-z0-9]/i", $password[$i])) {
$symbols++; $symbols++;
} }
} }