Details
-
Type:
Sub-task
-
Status:
Resolved
-
Priority:
Minor
-
Resolution: Fixed
-
Affects Version/s: 1.8.0
-
Fix Version/s: 1.9.0
-
Component/s: Zend_Validate
-
Labels:None
Description
The ip address is checked for validity before checking if it's allowed. This does not make much sense to me. If it's not allowed, it doesn't matter whether it's a valid ip address or not
current code:
// Check input against IP address schema
if ($this->_ipValidator->setTranslator($this->getTranslator())->isValid($valueString)) {
if (!($this->_allow & self::ALLOW_IP)) {
$this->_error(self::IP_ADDRESS_NOT_ALLOWED);
return false;
} else{
return true;
}
}
proposed code:
// Check input against IP address schema
if (!($this->_allow & self::ALLOW_IP)) {
$this->_error(self::IP_ADDRESS_NOT_ALLOWED);
return false;
}
if ($this->_ipValidator->setTranslator($this->getTranslator())->isValid($valueString)) { return true; }
ah.. This goes along with the parent issue I guess. The reason it's inside of the isValid() check is because that's how we're determining that it's an ip address. Maybe I'm just unaware of how involved testing that a string is an ip address is. I was assuming it could be done with a simple regular expression