ids.cgi: Add code for e-mail input validation

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi
index 8d9fbfc16b42c343ebf15c4ecdef45c12c471dca..f341494737169e9e87baac7b8019498fd069fd11 100644 (file)
--- a/html/cgi-bin/ids.cgi
+++ b/html/cgi-bin/ids.cgi
@@ -574,6 +574,29 @@ if ($cgiparams{'RULESET'} eq $Lang::tr{'ids apply'}) {
                }
        }
 
+       # Check if the e-mail feature should be used.
+       if ($cgiparams{'ENABLE_EMAIL'} eq "on") {
+               # Check if a sender mail address has been provided.
+               unless($cgiparams{'EMAIL_SENDER'}) {
+                       $errormessage = $Lang::tr{'ids no email sender'};
+               }
+
+               # Check if the given sender mail address is valid.
+               if (&_validate_mail_address($cgiparams{'EMAIL_SENDER'})) {
+                       $errormessage = "$cgiparams{'EMAIL_SENDER'} - $Lang::tr{'ids invalid mail address'}";
+               }
+
+               # Check if at least one mail recipient has been given.
+               unless($cgiparams{'EMAIL_RECIPIENTS'}) {
+                       $errormessage = $Lang::tr{'ids no email recipients'};
+               }
+
+               # Check if the given recipient mail address or addresses are valid.
+               if (&_validate_mail_address($cgiparams{'EMAIL_RECIPIENTS'})) {
+                       $errormessage = "$cgiparams{'EMAIL_RECIPIENTS'} - $Lang::tr{'ids invalid mail address'}";
+               }
+       }
+
        # Go on if there are no error messages.
        if (!$errormessage) {
                # Store settings into settings file.
@@ -589,6 +612,9 @@ if ($cgiparams{'RULESET'} eq $Lang::tr{'ids apply'}) {
        # Generate file to store the HTTP ports.
        &IDS::generate_http_ports_file();
 
+       # Generate report generator config file.
+       &IDS::generate_report_generator_config();
+
        # Check if the IDS currently is running.
        if(&IDS::ids_is_running()) {
                # Check if ENABLE_IDS is set to on.
@@ -1027,7 +1053,7 @@ print <<END
                <br>
 
                <form method='post' action='$ENV{'SCRIPT_NAME'}'>
-                       <table width='100%' border='0'>
+                       <table class='form' width='100%' border='0'>
                                <tr>
                                        <td colspan='$num_zones'>
                                                <input type='checkbox' name='ENABLE_IDS' $checked{'ENABLE_IDS'}{'on'}>&nbsp;$Lang::tr{'ids enable'}
@@ -2091,3 +2117,27 @@ sub _rulefile_to_category($) {
        # Return the converted filename.
         return $category;
 }
+
+#
+## Private function to validate if a given string contains one or
+## more valid mail addresses.
+#
+sub _validate_mail_address($) {
+       my ($address) = @_;
+
+       # Temporary array, which holds the single mail addresses.
+       my @temp;
+
+       # Split the string of mail addresses into single pieces and
+       # store them into the temporary array.
+       @temp = split(/\,/, $address);
+
+       # Loop through the array of mail addresses.
+       foreach my $addr (@temp) {
+               # Return 1 if the processed mail address is invalid.
+               return 1 unless($addr =~ '^([a-zA-Z][\w\_\.]{6,15})\@([a-zA-Z0-9.-]+)\.([a-zA-Z]{2,4})$');
+       }
+
+       # Return nothing if the address is valid.
+       return;
+}

diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index 9a944f16af4ca9256b19ba0de874cbf53fc37bdb..c2ebf0bd0590892a4415ac39b58fb8dedc3e0a68 100644 (file)
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -1402,6 +1402,7 @@
 'ids force ruleset update' => 'Regelset jetzt aktualisieren',
 'ids hide' => 'Verstecken',
 'ids ignored hosts' => 'Ausnahmeliste',
+'ids invalid mail address' => 'Ist oder enthält eine ungültige E-Mail Addresse',
 'ids log hits' => 'Gesamtanzahl der Regeltreffer für',
 'ids log viewer' => 'Protokoll des Einbruchsverhinderungssystems',
 'ids logs' => 'IPS-Protokolldateien',
@@ -1409,6 +1410,8 @@
 'ids merge sid files' => 'Sid-to-message Dateien zusammenführen...',
 'ids monitor traffic only' => 'Netzwerkpakete nur überprüfen (nicht verwerfen)',
 'ids monitored interfaces' => 'Überwachte Netzwerkzonen',
+'ids no email recipients' => 'Keine Empfänger-Addresse angegeben',
+'ids no email sender' => 'Keine Sender-Addresse angegeben',
 'ids no enabled ruleset provider' => 'Es ist kein aktivierter Provider verfügbar. Bitte aktivieren Sie einen oder fügen Sie einen Provider hinzu.',
 'ids no network zone' => 'Bitte wählen Sie mindestens eine zu überwachende Netzwerkzone aus',
 'ids oinkcode required' => 'Für den ausgewählten Regelsatz wird ein Abonnement oder ein Oinkcode benötigt',

diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index a0f0ceb8a5f772fe736b570e844c31e0b7040496..09b524f2a8c16b7105d8c39cf8efa81ab6375178 100644 (file)
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -1460,6 +1460,7 @@
 'ids force ruleset update' => 'Force ruleset update',
 'ids hide' => 'Hide',
 'ids ignored hosts' => 'Whitelisted Hosts',
+'ids invalid mail address' => 'Is or contains an invalid mail address.',
 'ids log hits' => 'Total of number of activated rules for',
 'ids log viewer' => 'IPS Log Viewer',
 'ids logs' => 'IPS Logs',
@@ -1467,6 +1468,8 @@
 'ids merge sid files' => 'Merging sid to message files...',
 'ids monitor traffic only' => 'Monitor traffic only',
 'ids monitored interfaces' => 'Monitored Interfaces',
+'ids no email recipients' => 'No email recipients given',
+'ids no email sender' => 'No sender email address specified',
 'ids no enabled ruleset provider' => 'No enabled ruleset is available. Please activate or add one first.',
 'ids no network zone' => 'Please select at least one network zone to be monitored',
 'ids provider' => 'Provider',