Pi-Hole/web
1
0
Fork 0
mirror of https://github.com/pi-hole/web.git synced 2026-04-24 10:50:23 +01:00
Code Issues Packages Projects Releases Wiki Activity

Convert domains to lower-case and validate them before adding them.

Browse Source 
Signed-off-by: DL6ER <dl6er@dl6er.de>
This commit is contained in:
DL6ER
2019-12-23 09:07:13 +00:00
parent ee91b3bc87
commit 563aaa14df
1 changed files with 16 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
scripts/pi-hole/php/groups.php
View File

@@ -362,11 +362,24 @@ if ($_POST['action'] == 'get_groups') {
throw new Exception('While preparing statement: ' . $db->lastErrorMsg());
}
if (!$stmt->bindValue(':domain', $_POST['domain'], SQLITE3_TEXT)) {
$type = intval($_POST['type']);
$domain = $_POST['domain'];
if($type === ListType::whitelist || $type === ListType::blacklist)
{
// If adding to the exact lists, we convert the domain lower case and check whether it is valid
$domain = strtolower($domain);
if(filter_var($domain, FILTER_VALIDATE_DOMAIN, FILTER_FLAG_HOSTNAME) === false)
{
throw new Exception('Domain ' . htmlentities(utf8_encode($domain)) . 'is not a valid domain.');
}
}
if (!$stmt->bindValue(':domain', $domain, SQLITE3_TEXT)) {
throw new Exception('While binding domain: ' . $db->lastErrorMsg());
}
if (!$stmt->bindValue(':type', intval($_POST['type']), SQLITE3_TEXT)) {
if (!$stmt->bindValue(':type', $type, SQLITE3_TEXT)) {
throw new Exception('While binding type: ' . $db->lastErrorMsg());
}
@@ -395,7 +408,7 @@ if ($_POST['action'] == 'get_groups') {
if ($status !== 0) {
$status = 1;
}
if (!$stmt->bindValue(':enabled', $status, SQLITE3_INTEGER)) {
throw new Exception('While binding enabled: ' . $db->lastErrorMsg());
}