From 475405dbb8c5a29f27850165e6618396b1cfe3ab Mon Sep 17 00:00:00 2001 From: DanielSeifert Date: Tue, 23 Jun 2015 07:49:41 +0000 Subject: [PATCH] validate IP syntax (#4094) --- copy_this/modules/d3/d3geoip/models/d3geoip.php | 11 ++++++++--- setup+doku/Precheck/d3precheck.php | 4 ++-- 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/copy_this/modules/d3/d3geoip/models/d3geoip.php b/copy_this/modules/d3/d3geoip/models/d3geoip.php index 270408f..3d5654f 100644 --- a/copy_this/modules/d3/d3geoip/models/d3geoip.php +++ b/copy_this/modules/d3/d3geoip/models/d3geoip.php @@ -48,8 +48,13 @@ class d3GeoIP extends oxbase $sIP = $this->getIP(); } - $iIPNum = $this->_getNumIp($sIP); - $sISOAlpha = $this->LoadByIPNum($iIPNum); + $iIPNum = $this->_getNumIp( + oxRegistry::getConfig()->checkParamSpecialChars( + str_replace(' ', '', $sIP) + ) + ); + + $sISOAlpha = $this->loadByIPNum($iIPNum); if (!$sISOAlpha) { @@ -93,7 +98,7 @@ class d3GeoIP extends oxbase stopProfile(__METHOD__); - return $sIP; + return oxRegistry::getConfig()->checkParamSpecialChars(str_replace(' ', '', $sIP)); } /** diff --git a/setup+doku/Precheck/d3precheck.php b/setup+doku/Precheck/d3precheck.php index 900f3c5..3802750 100644 --- a/setup+doku/Precheck/d3precheck.php +++ b/setup+doku/Precheck/d3precheck.php @@ -86,9 +86,9 @@ class requConfig // benötigt PHP-Extension (kaskadierbar (siehe "Desc1")) 'hasExtension' => array( array( - 'blExec' => 0, + 'blExec' => 1, 'aParams' => array( - 'type' => 'curl', + 'type' => 'bcmath', ), ), array(