From 571ca4e3badaccf1a20558db46da7dce18b34032 Mon Sep 17 00:00:00 2001 From: Thom Pol Date: Wed, 16 Dec 2020 20:05:32 +0100 Subject: [PATCH 1/3] Allow subnet for xfer and also notify (#3122) --- interface/lib/classes/validate_dns.inc.php | 33 +++++++++++++++++----- interface/web/dns/form/dns_soa.tform.php | 13 +++------ interface/web/dns/lib/lang/ar_dns_soa.lng | 4 +-- interface/web/dns/lib/lang/bg_dns_soa.lng | 4 +-- interface/web/dns/lib/lang/el_dns_soa.lng | 2 +- interface/web/dns/lib/lang/en_dns_soa.lng | 4 +-- interface/web/dns/lib/lang/fi_dns_soa.lng | 4 +-- interface/web/dns/lib/lang/hu_dns_soa.lng | 4 +-- interface/web/dns/lib/lang/id_dns_soa.lng | 4 +-- interface/web/dns/lib/lang/ja_dns_soa.lng | 4 +-- interface/web/dns/lib/lang/nl_dns_soa.lng | 4 +-- interface/web/dns/lib/lang/pt_dns_soa.lng | 4 +-- interface/web/dns/lib/lang/ro_dns_soa.lng | 4 +-- interface/web/dns/lib/lang/se_dns_soa.lng | 2 +- interface/web/dns/lib/lang/sk_dns_soa.lng | 4 +-- 15 files changed, 54 insertions(+), 40 deletions(-) diff --git a/interface/lib/classes/validate_dns.inc.php b/interface/lib/classes/validate_dns.inc.php index 48759286a8..fd9faa593b 100644 --- a/interface/lib/classes/validate_dns.inc.php +++ b/interface/lib/classes/validate_dns.inc.php @@ -283,33 +283,52 @@ class validate_dns { } return $new_serial; } - - function validate_xfer($field_name, $field_value, $validator) { + + function validate_ip($field_name, $field_value, $validator) { global $app; - + $errorMessage = ''; - + if($validator['allowempty'] != 'y') $validator['allowempty'] = 'n'; if($validator['allowempty'] == 'y' && $field_value == '') { //* Do nothing } elseif ($field_value == 'any') { //* Do nothing } else { - //* Check if its a IPv4 or IPv6 address + //* Check if its a IPv4 or IPv6 address/range if(isset($validator['separator']) && $validator['separator'] != '') { //* When the field may contain several IP addresses, split them by the char defined as separator $field_value_array = explode($validator['separator'], $field_value); } else { $field_value_array[] = $field_value; } + // Check if it's a valid input foreach($field_value_array as $field_value) { - $field_value = trim($field_value); + // Check if the IP is valid without range + $ip = strstr($field_value, '/', true) ?: $field_value; + if (strpos($field_value, '/') !== false) { + $subnet = strstr($field_value, '/', false); + $subnet = ltrim($subnet, "/"); + } if(function_exists('filter_var')) { - if(!filter_var($field_value, FILTER_VALIDATE_IP)) { + if(!filter_var($ip, FILTER_VALIDATE_IP)) { $errmsg = $validator['errmsg']; $errorMessage .= $app->tform->lng($errmsg)."
\r\n"; } } else $this->errorMessage .= "function filter_var missing
\r\n"; + // Check if the range is valid + if ($subnet !== '') { + if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { + if ($subnet < 1 || $subnet > 128) { + $errmsg = $validator['errmsg']; + $errorMessage .= $app->tform->lng($errmsg)."
\r\n"; + } + } + elseif ($subnet < 1 || $subnet > 32) { + $errmsg = $validator['errmsg']; + $errorMessage .= $app->tform->lng($errmsg)."
\r\n"; + } + } } } return $errorMessage; diff --git a/interface/web/dns/form/dns_soa.tform.php b/interface/web/dns/form/dns_soa.tform.php index fea4bd1f98..fe71757788 100644 --- a/interface/web/dns/form/dns_soa.tform.php +++ b/interface/web/dns/form/dns_soa.tform.php @@ -244,18 +244,11 @@ $form["tabs"]['dns_soa'] = array ( 'formtype' => 'TEXT', 'validators' => array ( 0 => array ( 'type' => 'CUSTOM', 'class' => 'validate_dns', - 'function' => 'validate_xfer', + 'function' => 'validate_ip', 'allowempty' => 'y', 'separator' => ',', 'errmsg'=> 'xfer_error_regex'), ), - /* - 'validators' => array ( 0 => array ( 'type' => 'ISIP', - 'allowempty' => 'y', - 'separator' => ',', - 'errmsg'=> 'xfer_error_regex'), - ), - */ 'default' => '', 'value' => '', 'width' => '30', @@ -264,7 +257,9 @@ $form["tabs"]['dns_soa'] = array ( 'also_notify' => array ( 'datatype' => 'VARCHAR', 'formtype' => 'TEXT', - 'validators' => array ( 0 => array ( 'type' => 'ISIP', + 'validators' => array ( 0 => array ( 'type' => 'CUSTOM', + 'class' => 'validate_dns', + 'function' => 'validate_ip', 'allowempty' => 'y', 'separator' => ',', 'errmsg'=> 'also_notify_error_regex' diff --git a/interface/web/dns/lib/lang/ar_dns_soa.lng b/interface/web/dns/lib/lang/ar_dns_soa.lng index 8c13c59e8e..0d90b7091b 100644 --- a/interface/web/dns/lib/lang/ar_dns_soa.lng +++ b/interface/web/dns/lib/lang/ar_dns_soa.lng @@ -22,7 +22,7 @@ $wb['ns_error_regex'] = 'NS has a invalid format.'; $wb['mbox_error_empty'] = 'Email is empty.'; $wb['mbox_error_regex'] = 'Email format invalid.'; $wb['also_notify_txt'] = 'Also Notify'; -$wb['also_notify_error_regex'] = 'Please use an IP address.'; +$wb['also_notify_error_regex'] = 'Also notify: Please use a valid IP range, one or more IP addresses separated by a comma or use the keyword: any'; $wb['update_acl_txt'] = 'Update ACL'; $wb['seconds_txt'] = 'Seconds'; $wb['eg_domain_tld'] = 'e.g. domain.tld'; @@ -34,7 +34,7 @@ $wb['retry_range_error'] = 'Min. Retry time is 60 seconds.'; $wb['expire_range_error'] = 'Min. Expire time is 60 seconds.'; $wb['minimum_range_error'] = 'Min. Minimum time is 60 seconds.'; $wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.'; -$wb['xfer_error_regex'] = 'Also notify: Please use an IP address.'; +$wb['xfer_error_regex'] = 'Zone transfers: Please use a valid IP range, one or more IP addresses separated by a comma or use the keyword: any'; $wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry'; $wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)'; $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards. If you use PowerDNS, keys WILL be deleted!'; diff --git a/interface/web/dns/lib/lang/bg_dns_soa.lng b/interface/web/dns/lib/lang/bg_dns_soa.lng index c43ad91196..4cd3c705ac 100644 --- a/interface/web/dns/lib/lang/bg_dns_soa.lng +++ b/interface/web/dns/lib/lang/bg_dns_soa.lng @@ -23,7 +23,7 @@ $wb['mbox_error_empty'] = 'Полето с емайл е празно.'; $wb['mbox_error_regex'] = 'Полето е емайл е в грешен формат.'; $wb['also_notify_txt'] = 'Also Notify'; $wb['update_acl_txt'] = 'Обнови ACL'; -$wb['also_notify_error_regex'] = 'Please use an IP address.'; +$wb['also_notify_error_regex'] = 'Also notify: Please use a valid IP range, one or more IP addresses separated by a comma or use the keyword: any'; $wb['seconds_txt'] = 'Seconds'; $wb['eg_domain_tld'] = 'e.g. domain.tld'; $wb['eg_ns1_domain_tld'] = 'e.g. ns1.domain.tld'; @@ -34,7 +34,7 @@ $wb['retry_range_error'] = 'Min. Retry time is 60 seconds.'; $wb['expire_range_error'] = 'Min. Expire time is 60 seconds.'; $wb['minimum_range_error'] = 'Min. Minimum time is 60 seconds.'; $wb['ttl_range_error'] = 'Минималния TTL е 60 секунди.'; -$wb['xfer_error_regex'] = 'Also notify: Please use an IP address.'; +$wb['xfer_error_regex'] = 'Zone transfers: Please use a valid IP range, one or more IP addresses separated by a comma or use the keyword: any'; $wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry'; $wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)'; $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards. If you use PowerDNS, keys WILL be deleted!'; diff --git a/interface/web/dns/lib/lang/el_dns_soa.lng b/interface/web/dns/lib/lang/el_dns_soa.lng index aae62bef76..a22c9de413 100644 --- a/interface/web/dns/lib/lang/el_dns_soa.lng +++ b/interface/web/dns/lib/lang/el_dns_soa.lng @@ -34,7 +34,7 @@ $wb['retry_range_error'] = 'Min. Retry time is 60 seconds.'; $wb['expire_range_error'] = 'Min. Expire time is 60 seconds.'; $wb['minimum_range_error'] = 'Min. Minimum time is 60 seconds.'; $wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.'; -$wb['xfer_error_regex'] = 'Also notify: Please use an IP address.'; +$wb['xfer_error_regex'] = 'Zone transfers: Please use a valid IP range, one or more IP addresses separated by a comma or use the keyword: any'; $wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry'; $wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)'; $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards. If you use PowerDNS, keys WILL be deleted!'; diff --git a/interface/web/dns/lib/lang/en_dns_soa.lng b/interface/web/dns/lib/lang/en_dns_soa.lng index 9651eb2d10..7f42b9f27a 100644 --- a/interface/web/dns/lib/lang/en_dns_soa.lng +++ b/interface/web/dns/lib/lang/en_dns_soa.lng @@ -25,8 +25,8 @@ $wb['ns_error_regex'] = 'NS has a invalid format.'; $wb['mbox_error_empty'] = 'Email is empty.'; $wb['mbox_error_regex'] = 'Email format invalid.'; $wb['also_notify_txt'] = 'Also Notify'; -$wb['also_notify_error_regex'] = 'Also notify: Please use an IP address.'; -$wb['xfer_error_regex'] = 'Xfer: Please use one or more IP addresses, separated by , or use the keyword: any'; +$wb['also_notify_error_regex'] = 'Also notify: Please use a valid IP range, one or more IP addresses separated by a comma or use the keyword: any'; +$wb['xfer_error_regex'] = 'Zone transfers: Please use a valid IP range, one or more IP addresses separated by a comma or use the keyword: any'; $wb['update_acl_txt'] = 'Update ACL'; $wb['seconds_txt'] = 'Seconds'; $wb['eg_domain_tld'] = 'e.g. domain.tld'; diff --git a/interface/web/dns/lib/lang/fi_dns_soa.lng b/interface/web/dns/lib/lang/fi_dns_soa.lng index b34b2893fd..d90de950b0 100644 --- a/interface/web/dns/lib/lang/fi_dns_soa.lng +++ b/interface/web/dns/lib/lang/fi_dns_soa.lng @@ -22,7 +22,7 @@ $wb['ns_error_regex'] = 'Nimipalvelin-kenttä on tyhjä.'; $wb['mbox_error_empty'] = 'Sähköpostiosoite on tyhjä.'; $wb['mbox_error_regex'] = 'Sähköpostiosoite on vääränlainen'; $wb['also_notify_txt'] = 'Läheta ilmoitus'; -$wb['also_notify_error_regex'] = 'Please use an IP address.'; +$wb['also_notify_error_regex'] = 'Also notify: Please use a valid IP range, one or more IP addresses separated by a comma or use the keyword: any'; $wb['update_acl_txt'] = 'Päivitä ACL'; $wb['seconds_txt'] = 'Seconds'; $wb['eg_domain_tld'] = 'e.g. domain.tld'; @@ -34,7 +34,7 @@ $wb['retry_range_error'] = 'Min. Retry time is 60 seconds.'; $wb['expire_range_error'] = 'Min. Expire time is 60 seconds.'; $wb['minimum_range_error'] = 'Min. Minimum time is 60 seconds.'; $wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.'; -$wb['xfer_error_regex'] = 'Also notify: Please use an IP address.'; +$wb['xfer_error_regex'] = 'Zone transfers: Please use a valid IP range, one or more IP addresses separated by a comma or use the keyword: any'; $wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry'; $wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)'; $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards. If you use PowerDNS, keys WILL be deleted!'; diff --git a/interface/web/dns/lib/lang/hu_dns_soa.lng b/interface/web/dns/lib/lang/hu_dns_soa.lng index 445de86d69..38d3272f04 100644 --- a/interface/web/dns/lib/lang/hu_dns_soa.lng +++ b/interface/web/dns/lib/lang/hu_dns_soa.lng @@ -22,7 +22,7 @@ $wb['ns_error_regex'] = 'NS has a invalid format.'; $wb['mbox_error_empty'] = 'Email is empty.'; $wb['mbox_error_regex'] = 'Email format invalid.'; $wb['also_notify_txt'] = 'Also Notify'; -$wb['also_notify_error_regex'] = 'Please use an IP address.'; +$wb['also_notify_error_regex'] = 'Also notify: Please use a valid IP range, one or more IP addresses separated by a comma or use the keyword: any'; $wb['update_acl_txt'] = 'Update ACL'; $wb['seconds_txt'] = 'Seconds'; $wb['eg_domain_tld'] = 'e.g. domain.tld'; @@ -34,7 +34,7 @@ $wb['retry_range_error'] = 'Min. Retry time is 60 seconds.'; $wb['expire_range_error'] = 'Min. Expire time is 60 seconds.'; $wb['minimum_range_error'] = 'Min. Minimum time is 60 seconds.'; $wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.'; -$wb['xfer_error_regex'] = 'Also notify: Please use an IP address.'; +$wb['xfer_error_regex'] = 'Zone transfers: Please use a valid IP range, one or more IP addresses separated by a comma or use the keyword: any'; $wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry'; $wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)'; $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards. If you use PowerDNS, keys WILL be deleted!'; diff --git a/interface/web/dns/lib/lang/id_dns_soa.lng b/interface/web/dns/lib/lang/id_dns_soa.lng index c9a43ad057..2c1842e6f2 100644 --- a/interface/web/dns/lib/lang/id_dns_soa.lng +++ b/interface/web/dns/lib/lang/id_dns_soa.lng @@ -22,7 +22,7 @@ $wb['ns_error_regex'] = 'Format NS salah.'; $wb['mbox_error_empty'] = 'Email kosong.'; $wb['mbox_error_regex'] = 'Format Email tidak valid.'; $wb['also_notify_txt'] = 'Notifikasi Juga'; -$wb['also_notify_error_regex'] = 'Please use an IP address.'; +$wb['also_notify_error_regex'] = 'Also notify: Please use a valid IP range, one or more IP addresses separated by a comma or use the keyword: any'; $wb['update_acl_txt'] = 'Mutakhirkan ACL'; $wb['seconds_txt'] = 'Seconds'; $wb['eg_domain_tld'] = 'e.g. domain.tld'; @@ -34,7 +34,7 @@ $wb['retry_range_error'] = 'Min. Retry time is 60 seconds.'; $wb['expire_range_error'] = 'Min. Expire time is 60 seconds.'; $wb['minimum_range_error'] = 'Min. Minimum time is 60 seconds.'; $wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.'; -$wb['xfer_error_regex'] = 'Also notify: Please use an IP address.'; +$wb['xfer_error_regex'] = 'Zone transfers: Please use a valid IP range, one or more IP addresses separated by a comma or use the keyword: any'; $wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry'; $wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)'; $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards. If you use PowerDNS, keys WILL be deleted!'; diff --git a/interface/web/dns/lib/lang/ja_dns_soa.lng b/interface/web/dns/lib/lang/ja_dns_soa.lng index 7ab5799750..a2e5e20c71 100644 --- a/interface/web/dns/lib/lang/ja_dns_soa.lng +++ b/interface/web/dns/lib/lang/ja_dns_soa.lng @@ -22,7 +22,7 @@ $wb['ns_error_regex'] = 'NS が不正な文字を含んでいます。'; $wb['mbox_error_empty'] = 'メールアドレスを指定してください'; $wb['mbox_error_regex'] = 'メールアドレスの形式が不正です。'; $wb['also_notify_txt'] = 'Also Notify'; -$wb['also_notify_error_regex'] = 'Please use an IP address.'; +$wb['also_notify_error_regex'] = 'Also notify: Please use a valid IP range, one or more IP addresses separated by a comma or use the keyword: any'; $wb['update_acl_txt'] = 'Update ACL'; $wb['seconds_txt'] = 'Seconds'; $wb['eg_domain_tld'] = 'e.g. domain.tld'; @@ -34,7 +34,7 @@ $wb['retry_range_error'] = 'Min. Retry time is 60 seconds.'; $wb['expire_range_error'] = 'Min. Expire time is 60 seconds.'; $wb['minimum_range_error'] = 'Min. Minimum time is 60 seconds.'; $wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.'; -$wb['xfer_error_regex'] = 'Also notify: Please use an IP address.'; +$wb['xfer_error_regex'] = 'Zone transfers: Please use a valid IP range, one or more IP addresses separated by a comma or use the keyword: any'; $wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry'; $wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)'; $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards. If you use PowerDNS, keys WILL be deleted!'; diff --git a/interface/web/dns/lib/lang/nl_dns_soa.lng b/interface/web/dns/lib/lang/nl_dns_soa.lng index 1f875df3c9..2b2b734e3b 100644 --- a/interface/web/dns/lib/lang/nl_dns_soa.lng +++ b/interface/web/dns/lib/lang/nl_dns_soa.lng @@ -22,7 +22,7 @@ $wb['ns_error_regex'] = 'NS heeft een ongeldig format.'; $wb['mbox_error_empty'] = 'E-mail is niet ingvuld.'; $wb['mbox_error_regex'] = 'E-mail formaat ongeldig.'; $wb['also_notify_txt'] = 'ook notifcatie'; -$wb['also_notify_error_regex'] = 'Please use an IP address.'; +$wb['also_notify_error_regex'] = 'Also notify: Please use a valid IP range, one or more IP addresses separated by a comma or use the keyword: any'; $wb['update_acl_txt'] = 'Update ACL'; $wb['seconds_txt'] = 'Seconds'; $wb['eg_domain_tld'] = 'e.g. domain.tld'; @@ -34,7 +34,7 @@ $wb['retry_range_error'] = 'Min. Retry time is 60 seconds.'; $wb['expire_range_error'] = 'Min. Expire time is 60 seconds.'; $wb['minimum_range_error'] = 'Min. Minimum time is 60 seconds.'; $wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.'; -$wb['xfer_error_regex'] = 'Also notify: Please use an IP address.'; +$wb['xfer_error_regex'] = 'Zone transfers: Please use a valid IP range, one or more IP addresses separated by a comma or use the keyword: any'; $wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry'; $wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)'; $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards. If you use PowerDNS, keys WILL be deleted!'; diff --git a/interface/web/dns/lib/lang/pt_dns_soa.lng b/interface/web/dns/lib/lang/pt_dns_soa.lng index 7b6ac864a1..7d4c692855 100644 --- a/interface/web/dns/lib/lang/pt_dns_soa.lng +++ b/interface/web/dns/lib/lang/pt_dns_soa.lng @@ -22,7 +22,7 @@ $wb['ns_error_regex'] = 'NS tem um formato inválido.'; $wb['mbox_error_empty'] = 'Correio está em branco.'; $wb['mbox_error_regex'] = 'Correio com formato inválido.'; $wb['also_notify_txt'] = 'Also Notify'; -$wb['also_notify_error_regex'] = 'Please use an IP address.'; +$wb['also_notify_error_regex'] = 'Also notify: Please use a valid IP range, one or more IP addresses separated by a comma or use the keyword: any'; $wb['update_acl_txt'] = 'Actualizar ACL'; $wb['seconds_txt'] = 'Seconds'; $wb['eg_domain_tld'] = 'e.g. domain.tld'; @@ -34,7 +34,7 @@ $wb['retry_range_error'] = 'Min. Retry time is 60 seconds.'; $wb['expire_range_error'] = 'Min. Expire time is 60 seconds.'; $wb['minimum_range_error'] = 'Min. Minimum time is 60 seconds.'; $wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.'; -$wb['xfer_error_regex'] = 'Also notify: Please use an IP address.'; +$wb['xfer_error_regex'] = 'Zone transfers: Please use a valid IP range, one or more IP addresses separated by a comma or use the keyword: any'; $wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry'; $wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)'; $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards. If you use PowerDNS, keys WILL be deleted!'; diff --git a/interface/web/dns/lib/lang/ro_dns_soa.lng b/interface/web/dns/lib/lang/ro_dns_soa.lng index 9ae957f240..f1125b6981 100644 --- a/interface/web/dns/lib/lang/ro_dns_soa.lng +++ b/interface/web/dns/lib/lang/ro_dns_soa.lng @@ -22,7 +22,7 @@ $wb['ns_error_regex'] = 'NS are un format invalid'; $wb['mbox_error_empty'] = 'Email-ul este gol'; $wb['mbox_error_regex'] = 'Format email invalid.'; $wb['also_notify_txt'] = 'Also Notify'; -$wb['also_notify_error_regex'] = 'Please use an IP address.'; +$wb['also_notify_error_regex'] = 'Also notify: Please use a valid IP range, one or more IP addresses separated by a comma or use the keyword: any'; $wb['update_acl_txt'] = 'Update ACL'; $wb['seconds_txt'] = 'Seconds'; $wb['eg_domain_tld'] = 'e.g. domain.tld'; @@ -34,7 +34,7 @@ $wb['retry_range_error'] = 'Min. Retry time is 60 seconds.'; $wb['expire_range_error'] = 'Min. Expire time is 60 seconds.'; $wb['minimum_range_error'] = 'Min. Minimum time is 60 seconds.'; $wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.'; -$wb['xfer_error_regex'] = 'Also notify: Please use an IP address.'; +$wb['xfer_error_regex'] = 'Zone transfers: Please use a valid IP range, one or more IP addresses separated by a comma or use the keyword: any'; $wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry'; $wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)'; $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards. If you use PowerDNS, keys WILL be deleted!'; diff --git a/interface/web/dns/lib/lang/se_dns_soa.lng b/interface/web/dns/lib/lang/se_dns_soa.lng index 8e380f85a3..a27181699d 100644 --- a/interface/web/dns/lib/lang/se_dns_soa.lng +++ b/interface/web/dns/lib/lang/se_dns_soa.lng @@ -34,7 +34,7 @@ $wb['retry_range_error'] = 'Min. Retry time is 60 seconds.'; $wb['expire_range_error'] = 'Min. Expire time is 60 seconds.'; $wb['minimum_range_error'] = 'Min. Minimum time is 60 seconds.'; $wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.'; -$wb['xfer_error_regex'] = 'Also notify: Please use an IP address.'; +$wb['xfer_error_regex'] = 'Zone transfers: Please use a valid IP range, one or more IP addresses separated by a comma or use the keyword: any'; $wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry'; $wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)'; $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards. If you use PowerDNS, keys WILL be deleted!'; diff --git a/interface/web/dns/lib/lang/sk_dns_soa.lng b/interface/web/dns/lib/lang/sk_dns_soa.lng index c96399cc4e..a03b15d477 100644 --- a/interface/web/dns/lib/lang/sk_dns_soa.lng +++ b/interface/web/dns/lib/lang/sk_dns_soa.lng @@ -22,7 +22,7 @@ $wb['ns_error_regex'] = 'NS má neplatný formát.'; $wb['mbox_error_empty'] = 'Email je prázdny.'; $wb['mbox_error_regex'] = 'Email má neplatný formát.'; $wb['also_notify_txt'] = 'Also Notify'; -$wb['also_notify_error_regex'] = 'Please use an IP address.'; +$wb['also_notify_error_regex'] = 'Also notify: Please use a valid IP range, one or more IP addresses separated by a comma or use the keyword: any'; $wb['update_acl_txt'] = 'Update ACL'; $wb['seconds_txt'] = 'Seconds'; $wb['eg_domain_tld'] = 'e.g. domain.tld'; @@ -34,7 +34,7 @@ $wb['retry_range_error'] = 'Min. Retry time is 60 seconds.'; $wb['expire_range_error'] = 'Min. Expire time is 60 seconds.'; $wb['minimum_range_error'] = 'Min. Minimum time is 60 seconds.'; $wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.'; -$wb['xfer_error_regex'] = 'Also notify: Please use an IP address.'; +$wb['xfer_error_regex'] = 'Zone transfers: Please use a valid IP range, one or more IP addresses separated by a comma or use the keyword: any'; $wb['dnssec_info_txt'] = 'DNSSEC DS-Data for registry'; $wb['dnssec_wanted_txt'] = 'Sign zone (DNSSEC)'; $wb['dnssec_wanted_info'] = 'When disabling DNSSEC keys are not going to be deleted if DNSSEC was enabled before and keys already have been generated but the zone will no longer be delivered in signed format afterwards. If you use PowerDNS, keys WILL be deleted!'; -- GitLab From 5d0e31b7571d978590333d3579a8d5e971c6c67e Mon Sep 17 00:00:00 2001 From: Thom Pol Date: Tue, 22 Dec 2020 13:12:00 +0100 Subject: [PATCH 2/3] Apply suggestion from !1358 --- interface/lib/classes/validate_dns.inc.php | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/interface/lib/classes/validate_dns.inc.php b/interface/lib/classes/validate_dns.inc.php index fd9faa593b..345396fbba 100644 --- a/interface/lib/classes/validate_dns.inc.php +++ b/interface/lib/classes/validate_dns.inc.php @@ -305,10 +305,12 @@ class validate_dns { // Check if it's a valid input foreach($field_value_array as $field_value) { // Check if the IP is valid without range - $ip = strstr($field_value, '/', true) ?: $field_value; - if (strpos($field_value, '/') !== false) { - $subnet = strstr($field_value, '/', false); - $subnet = ltrim($subnet, "/"); + $subnet = ''; + $ip = $field_value; + if(strpos($ip, '/') !== false) { + list($ip, $subnet) = explode('/', $ip, 2); + $ip = trim($ip); + $subnet = intval($subnet); } if(function_exists('filter_var')) { if(!filter_var($ip, FILTER_VALIDATE_IP)) { -- GitLab From 0a423117bc9ed66a4bb290eb62688173523c54ec Mon Sep 17 00:00:00 2001 From: Marius Burkard Date: Tue, 22 Dec 2020 15:05:55 +0100 Subject: [PATCH 3/3] Apply 1 suggestion(s) to 1 file(s) --- interface/lib/classes/validate_dns.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/interface/lib/classes/validate_dns.inc.php b/interface/lib/classes/validate_dns.inc.php index 345396fbba..c4b94b5f77 100644 --- a/interface/lib/classes/validate_dns.inc.php +++ b/interface/lib/classes/validate_dns.inc.php @@ -306,7 +306,7 @@ class validate_dns { foreach($field_value_array as $field_value) { // Check if the IP is valid without range $subnet = ''; - $ip = $field_value; + $ip = trim($field_value); if(strpos($ip, '/') !== false) { list($ip, $subnet) = explode('/', $ip, 2); $ip = trim($ip); -- GitLab