Huji has uploaded a new change for review. (
https://gerrit.wikimedia.org/r/368324 )
Change subject: Use methods from the IP class to validate IPs and CIDR ranges
......................................................................
Use methods from the IP class to validate IPs and CIDR ranges
Bug: T171699
Change-Id: I87bcba21ab07c364b595d16a762d600f0ef8146c
---
M specials/SpecialCheckUser.php
1 file changed, 20 insertions(+), 27 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/CheckUser
refs/changes/24/368324/1
diff --git a/specials/SpecialCheckUser.php b/specials/SpecialCheckUser.php
index 952f23e..4ba2dd9 100644
--- a/specials/SpecialCheckUser.php
+++ b/specials/SpecialCheckUser.php
@@ -1518,43 +1518,36 @@
/**
* @param IDatabase $db
- * @param string $ip
+ * @param string $target an IP address or CIDR range
* @param string|bool $xfor
* @return array|false array for valid conditions, false if invalid
*/
- public static function getIpConds( $db, $ip, $xfor = false ) {
+ public static function getIpConds( $db, $target, $xfor = false ) {
global $wgCheckUserCIDRLimit;
$type = $xfor ? 'xff' : 'ip';
- $matches = [];
- if ( preg_match( '#^(\d+\.\d+\.\d+\.\d+)/(\d+)$#', $ip,
$matches ) ) {
- // IPv4 CIDR, 16-32 bits
- if ( $matches[2] < $wgCheckUserCIDRLimit['IPv4'] ||
$matches[2] > 32 ) {
- return false; // invalid
+ if( strpos( $target, '/' ) !== false ) {
+ list( $ip, $range ) = explode( '/', $target, 2 );
+ if ( IP::isIPv4( $ip ) ) {
+ // IPv4 CIDR, 16-32 bits
+ if ( $range < $wgCheckUserCIDRLimit['IPv4'] ||
$range > 32 ) {
+ return false; // invalid range, or too
wide
+ }
+ } elseif ( IP::isIPv6( $ip ) ) {
+ // IPv6 CIDR, 32-128 bits
+ if ( $range < $wgCheckUserCIDRLimit['IPv6'] ||
$range > 128 ) {
+ return false; // invalid range, or too
wide
+ }
}
- list( $start, $end ) = IP::parseRange( $ip );
+ list( $start, $end ) = IP::parseRange( $target );
return [ 'cuc_' . $type . '_hex BETWEEN ' .
$db->addQuotes( $start ) .
' AND ' . $db->addQuotes( $end ) ];
- } elseif ( preg_match(
-
'#^\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}/(\d+)$#',
- $ip, $matches )
- ) {
- // IPv6 CIDR, 32-128 bits
- if ( $matches[1] < $wgCheckUserCIDRLimit['IPv6'] ||
$matches[1] > 128 ) {
- return false; // invalid
+ } else {
+ if ( IP::isIPv4( $target ) || IP::isIPv6( $target ) ) {
+ return [ "cuc_{$type}_hex" => IP::toHex(
$target ) ];
+ } else {
+ return false; //invalid IP
}
- list( $start, $end ) = IP::parseRange( $ip );
- return [ 'cuc_' . $type . '_hex BETWEEN ' .
$db->addQuotes( $start ) .
- ' AND ' . $db->addQuotes( $end ) ];
- } elseif (
- // 32 bit IPv4
- preg_match( '#^(\d+)\.(\d+)\.(\d+)\.(\d+)$#', $ip ) ||
- // 128 bit IPv6
- preg_match(
'#^\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}$#', $ip )
- ) {
- return [ "cuc_{$type}_hex" => IP::toHex( $ip ) ];
}
- // Throw away this query, incomplete IP, these don't get
through the entry point anyway
- return false;
}
protected function getTimeConds( $period ) {
--
To view, visit https://gerrit.wikimedia.org/r/368324
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I87bcba21ab07c364b595d16a762d600f0ef8146c
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/CheckUser
Gerrit-Branch: master
Gerrit-Owner: Huji <huji.h...@gmail.com>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
