5 лет назад · f9722239f8
--- a/func/main.sh
+++ b/func/main.sh
@@ -724,9 +724,14 @@ is_common_format_valid() {
 
				 
			
 
				 # Database format validator
			
 
				 is_database_format_valid() {
			
 
				-    exclude="[!|@|#|$|^|&|*|(|)|+|=|{|}|:|,|<|>|?|/|\|\"|'|;|%|\`| ]"
			
 
				-    if [[ "$1" =~ $exclude ]] || [ 65 -le ${#1} ]; then
			
 
				-        check_result $E_INVALID "invalid $2 format :: $1"
			
 
				+    if [ "$3" == "mysql" ]; then
			
 
				+        if ! [[ "$1" =~ ^[0-9a-zA-Z_]{1,64}$ ]]; then
			
 
				+            check_result $E_INVALID "invalid $2 format :: $1"
			
 
				+        fi
			
 
				+    else
			
 
				+        if ! [[ "$1" =~ ^[0-9a-z_]{1,63}$ ]]; then
			
 
				+            check_result $E_INVALID "invalid $2 format :: $1"
			
 
				+        fi    
			
 
				     fi
			
 
				 }
			
 
				 
			
@@ -739,12 +744,17 @@ is_date_format_valid() {
 
				 
			
 
				 # Database user validator
			
 
				 is_dbuser_format_valid() {
			
 
				-    exclude="[!|@|#|$|^|&|*|(|)|+|=|{|}|:|,|<|>|?|/|\|\"|'|;|%|\`| ]"
			
 
				-    if [ 31 -le ${#1} ]; then
			
 
				-        check_result $E_INVALID "mysql username can be up to 30 characters long"
			
 
				-    fi
			
 
				-    if [[ "$1" =~ $exclude ]]; then
			
 
				-        check_result $E_INVALID "invalid $2 format :: $1"
			
 
				+    if [ "$3" == "mysql" ]; then
			
 
				+        if [ 33 -le ${#1} ]; then
			
 
				+            check_result $E_INVALID "mysql username can be up to 32 characters long"
			
 
				+        fi
			
 
				+        if ! [[ "$1" =~ ^[0-9a-zA-Z_]{1,64}$ ]]; then
			
 
				+            check_result $E_INVALID "invalid $2 format :: $1"
			
 
				+        fi
			
 
				+    else
			
 
				+        if ! [[ "$1" =~ ^[0-9a-z_]{1,63}$ ]]; then
			
 
				+            check_result $E_INVALID "invalid $2 format :: $1"
			
 
				+        fi    
			
 
				     fi
			
 
				 }
			
 
				 
			
@@ -931,10 +941,10 @@ is_format_valid() {
 
				                 charset)        is_object_format_valid "$arg" "$arg_name" ;;
			
 
				                 charsets)       is_common_format_valid "$arg" 'charsets' ;;
			
 
				                 comment)        is_object_format_valid "$arg" 'comment' ;;
			
 
				-                database)       is_database_format_valid "$arg" 'database';;
			
 
				+                database)       is_database_format_valid "$arg" 'database' $type;;
			
 
				                 day)            is_cron_format_valid "$arg" $arg_name ;;
			
 
				                 dbpass)         is_password_format_valid "$arg" ;;
			
 
				-                dbuser)         is_dbuser_format_valid "$arg" 'dbuser';;
			
 
				+                dbuser)         is_dbuser_format_valid "$arg" 'dbuser' $type;;
			
 
				                 dkim)           is_boolean_format_valid "$arg" 'dkim' ;;
			
 
				                 dkim_size)      is_int_format_valid "$arg" ;;
			
 
				                 domain)         is_domain_format_valid "$arg" ;;
			
--- a/web/add/db/index.php
+++ b/web/add/db/index.php
@@ -40,6 +40,39 @@ if (!empty($_POST['ok'])) {
 
				         }
			
 
				     }
			
 
				 
			
 
				+    if (empty($_SESSION['error_msg'])) {
			
 
				+        if($_POST['v_type'] == 'mysql'){  
			
 
				+            if (strlen($user.'_'.$_POST['v_database']) > 64){
			
 
				+                $_SESSION['error_msg'] = __('Maximum length of database is %s characters', 64);
			
 
				+            }else if (!preg_match('/^[0-9a-zA-Z_]{1,64}$/',$user.'_'.$_POST['v_database'])){
			
 
				+                $_SESSION['error_msg'] = __('Database name may only contain lowercase/uppercase letters, numbers or a _');
			
 
				+            } 
			
 
				+        }else{
			
 
				+            if (strlen($user.'_'.$_POST['v_database']) > 63){
			
 
				+                $_SESSION['error_msg'] = __('Maximum length of database is %s characters', 63);
			
 
				+            }else if (!preg_match('/^[0-9a-z_]{1,63}$/',$user.'_'.$_POST['v_database'])){
			
 
				+                var_dump(preg_match('/^[0-9a-z_]{1,63}$/',$user.'_'.$_POST['v_database']));
			
 
				+                $_SESSION['error_msg'] = __('Database name may only contain lowercase letters, numbers or a _');
			
 
				+            }           
			
 
				+        }
			
 
				+    }
			
 
				+
			
 
				+    if (empty($_SESSION['error_msg'])) {
			
 
				+        if($_POST['v_type'] == 'mysql'){  
			
 
				+            if (strlen($user.'_'.$_POST['v_dbuser']) > 32){
			
 
				+                $_SESSION['error_msg'] = __('Maximum length of database is %s characters', 32);
			
 
				+            }else if (!preg_match('/^[0-9a-zA-Z_]{1,32}$/',$user.'_'.$_POST['v_dbuser'])){
			
 
				+                $_SESSION['error_msg'] = __('Username may only contain lowercase/uppercase letters, numbers or a _');
			
 
				+            } 
			
 
				+        }else{
			
 
				+            if (strlen($user.'_'.$_POST['v_dbuser']) > 63){
			
 
				+                $_SESSION['error_msg'] = __('Maximum length of database is %s characters', 63);
			
 
				+            }else if (!preg_match('/^[0-9a-z_]{1,63}$/',$user.'_'.$_POST['v_dbuser'])){
			
 
				+                $_SESSION['error_msg'] = __('Username may only contain lowercase letters, numbers or a _');
			
 
				+            }  
			
 
				+        }         
			
 
				+    }   
			
 
				+
			
 
				     // Check password length
			
 
				     if (empty($_SESSION['error_msg'])) {
			
 
				          if (!validate_password($_POST['v_password'])) { $_SESSION['error_msg'] = __('Password does not match the minimum requirements');}
			
--- a/web/edit/db/index.php
+++ b/web/edit/db/index.php
@@ -50,7 +50,23 @@ if (!empty($_POST['save'])) {
 
				         header('location: /login/');
			
 
				         exit();
			
 
				     }
			
 
				-
			
 
				+    
			
 
				+    if (empty($_SESSION['error_msg'])) {
			
 
				+        if($_POST['v_type'] == 'mysql'){  
			
 
				+            if (strlen($user.'_'.$_POST['v_dbuser']) > 32){
			
 
				+                $_SESSION['error_msg'] = __('Maximum length of database is %s characters', 32);
			
 
				+            }else if (!preg_match('/^[0-9a-zA-Z_]{1,32}$/',$user.'_'.$_POST['v_dbuser'])){
			
 
				+                $_SESSION['error_msg'] = __('Username may only contain lowercase/uppercase letters, numbers or a _');
			
 
				+            } 
			
 
				+        }else{
			
 
				+            if (strlen($user.'_'.$_POST['v_dbuser']) > 63){
			
 
				+                $_SESSION['error_msg'] = __('Maximum length of database is %s characters', 63);
			
 
				+            }else if (!preg_match('/^[0-9a-z_]{1,63}$/',$user.'_'.$_POST['v_dbuser'])){
			
 
				+                $_SESSION['error_msg'] = __('Username may only contain lowercase letters, numbers or a _');
			
 
				+            }  
			
 
				+        }         
			
 
				+    }  
			
 
				+    
			
 
				     // Change database user
			
 
				     if (($v_dbuser != $_POST['v_dbuser']) && (empty($_SESSION['error_msg']))) {
			
 
				         $v_dbuser = preg_replace("/^".$user."_/", "", $_POST['v_dbuser']);
			
--- a/web/templates/admin/add_db.html
+++ b/web/templates/admin/add_db.html
@@ -71,7 +71,7 @@
 
				                                     <?php
			
 
				                                         print __('User');
			
 
				                                         // if (is_it_mysql_or_mariadb()=='mysql')
			
 
				-                                        echo "&nbsp;&nbsp;&nbsp;&nbsp;<em><small>(".__('maximum characters length, including prefix', 16).")</small></em>";
			
 
				+                                        echo "&nbsp;&nbsp;&nbsp;&nbsp;<em><small>(".__('maximum characters length, including prefix', 32).")</small></em>";
			
 
				                                     ?>
			
 
				                                 </td>
			
 
				                             </tr>
			
--- a/web/templates/admin/edit_db.html
+++ b/web/templates/admin/edit_db.html
@@ -68,6 +68,7 @@
 
				                             <tr>
			
 
				                                 <td class="vst-text input-label">
			
 
				                                     <?php print __('User');?>
			
 
				+                                    <?php echo "&nbsp;&nbsp;&nbsp;&nbsp;<em><small>(".__('maximum characters length, including prefix', 32).")</small></em>"; ?>
			
 
				                                 </td>
			
 
				                             </tr>
			
 
				                             <tr>