From 9b553b5f369a2af99cb0e49f1aacc7f28fb9b6c9 Mon Sep 17 00:00:00 2001 From: Usman Nasir Date: Wed, 19 Feb 2020 17:42:45 +0500 Subject: [PATCH] change domain verify regex --- plogical/backupSchedule.py | 2 +- plogical/backupScheduleLocal.py | 2 +- plogical/website.py | 6 +++--- websiteFunctions/website.py | 12 ++++++------ 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/plogical/backupSchedule.py b/plogical/backupSchedule.py index 9deecdb66..affcb63c8 100755 --- a/plogical/backupSchedule.py +++ b/plogical/backupSchedule.py @@ -249,7 +249,7 @@ def prepare(): pass for virtualHost in os.listdir("/home"): - if match(r'([\da-z\.-]+\.[a-z\.]{2,12}|[\d\.]+)([\/:?=&#]{1}[\da-z\.-]+)*[\/\?]?', virtualHost, M | I): + if match(r'^[a-zA-Z0-9][a-zA-Z0-9-]{1,61}[a-zA-Z0-9](?:\.[a-zA-Z]{2,})+$', virtualHost, M | I): backupSchedule.createBackup(virtualHost, ipAddress, backupLogPath, port) diff --git a/plogical/backupScheduleLocal.py b/plogical/backupScheduleLocal.py index 9c28e1d8b..5c3693d51 100755 --- a/plogical/backupScheduleLocal.py +++ b/plogical/backupScheduleLocal.py @@ -39,7 +39,7 @@ def prepare(): backupSchedule.remoteBackupLogging(backupLogPath, "") for virtualHost in os.listdir("/home"): - if match(r'([\da-z\.-]+\.[a-z\.]{2,12}|[\d\.]+)([\/:?=&#]{1}[\da-z\.-]+)*[\/\?]?', virtualHost, M | I): + if match(r'^[a-zA-Z0-9][a-zA-Z0-9-]{1,61}[a-zA-Z0-9](?:\.[a-zA-Z]{2,})+$', virtualHost, M | I): try: retValues = backupSchedule.createLocalBackup(virtualHost, backupLogPath) diff --git a/plogical/website.py b/plogical/website.py index 79a7dba68..18d702af4 100755 --- a/plogical/website.py +++ b/plogical/website.py @@ -159,7 +159,7 @@ def submitWebsiteCreation(self, userID=None, data=None): packageName = data['package'] websiteOwner = data['websiteOwner'] - if not match(r'([\da-z\.-]+\.[a-z\.]{2,12}|[\d\.]+)([\/:?=&#]{1}[\da-z\.-]+)*[\/\?]?', domain, + if not match(r'^[a-zA-Z0-9][a-zA-Z0-9-]{1,61}[a-zA-Z0-9](?:\.[a-zA-Z]{2,})+$', domain, M | I): data_ret = {'status': 0, 'createWebSiteStatus': 0, 'error_message': "Invalid domain."} json_data = json.dumps(data_ret) @@ -229,7 +229,7 @@ def submitDomainCreation(self, userID=None, data=None): path = data['path'] tempStatusPath = "/home/cyberpanel/" + str(randint(1000, 9999)) - if not match(r'([\da-z\.-]+\.[a-z\.]{2,12}|[\d\.]+)([\/:?=&#]{1}[\da-z\.-]+)*[\/\?]?', domain, + if not match(r'^[a-zA-Z0-9][a-zA-Z0-9-]{1,61}[a-zA-Z0-9](?:\.[a-zA-Z]{2,})+$', domain, M | I): data_ret = {'status': 0, 'createWebSiteStatus': 0, 'error_message': "Invalid domain."} json_data = json.dumps(data_ret) @@ -1349,7 +1349,7 @@ def submitAliasCreation(self, userID=None, data=None): aliasDomain = data['aliasDomain'] ssl = data['ssl'] - if not match(r'([\da-z\.-]+\.[a-z\.]{2,12}|[\d\.]+)([\/:?=&#]{1}[\da-z\.-]+)*[\/\?]?', aliasDomain, + if not match(r'^[a-zA-Z0-9][a-zA-Z0-9-]{1,61}[a-zA-Z0-9](?:\.[a-zA-Z]{2,})+$', aliasDomain, M | I): data_ret = {'status': 0, 'createAliasStatus': 0, 'error_message': "Invalid domain."} json_data = json.dumps(data_ret) diff --git a/websiteFunctions/website.py b/websiteFunctions/website.py index f7f47abee..b78f9aae6 100755 --- a/websiteFunctions/website.py +++ b/websiteFunctions/website.py @@ -180,7 +180,7 @@ def submitWebsiteCreation(self, userID=None, data=None): return ACLManager.loadErrorJson('createWebSiteStatus', 0) - if not match(r'([\da-z\.-]+\.[a-z\.]{2,12}|[\d\.]+)([\/:?=&#]{1}[\da-z\.-]+)*[\/\?]?', domain, + if not match(r'^[a-zA-Z0-9][a-zA-Z0-9-]{1,61}[a-zA-Z0-9](?:\.[a-zA-Z]{2,})+$', domain, M | I): data_ret = {'status': 0, 'createWebSiteStatus': 0, 'error_message': "Invalid domain."} json_data = json.dumps(data_ret) @@ -260,7 +260,7 @@ def submitDomainCreation(self, userID=None, data=None): path = data['path'] tempStatusPath = "/home/cyberpanel/" + str(randint(1000, 9999)) - if not match(r'([\da-z\.-]+\.[a-z\.]{2,12}|[\d\.]+)([\/:?=&#]{1}[\da-z\.-]+)*[\/\?]?', domain, + if not match(r'^[a-zA-Z0-9][a-zA-Z0-9-]{1,61}[a-zA-Z0-9](?:\.[a-zA-Z]{2,})+$', domain, M | I): data_ret = {'status': 0, 'createWebSiteStatus': 0, 'error_message': "Invalid domain."} json_data = json.dumps(data_ret) @@ -1607,7 +1607,7 @@ def submitAliasCreation(self, userID=None, data=None): aliasDomain = data['aliasDomain'] ssl = data['ssl'] - if not match(r'([\da-z\.-]+\.[a-z\.]{2,12}|[\d\.]+)([\/:?=&#]{1}[\da-z\.-]+)*[\/\?]?', aliasDomain, + if not match(r'^[a-zA-Z0-9][a-zA-Z0-9-]{1,61}[a-zA-Z0-9](?:\.[a-zA-Z]{2,})+$', aliasDomain, M | I): data_ret = {'status': 0, 'createAliasStatus': 0, 'error_message': "Invalid domain."} json_data = json.dumps(data_ret) @@ -2697,13 +2697,13 @@ def startCloning(self, userID=None, data=None): self.domain = data['masterDomain'] - if not match(r'([\da-z\.-]+\.[a-z\.]{2,12}|[\d\.]+)([\/:?=&#]{1}[\da-z\.-]+)*[\/\?]?', self.domain, + if not match(r'^[a-zA-Z0-9][a-zA-Z0-9-]{1,61}[a-zA-Z0-9](?:\.[a-zA-Z]{2,})+$', self.domain, M | I): data_ret = {'status': 0, 'createWebSiteStatus': 0, 'error_message': "Invalid domain."} json_data = json.dumps(data_ret) return HttpResponse(json_data) - if not match(r'([\da-z\.-]+\.[a-z\.]{2,12}|[\d\.]+)([\/:?=&#]{1}[\da-z\.-]+)*[\/\?]?', data['domainName'], + if not match(r'^[a-zA-Z0-9][a-zA-Z0-9-]{1,61}[a-zA-Z0-9](?:\.[a-zA-Z]{2,})+$', data['domainName'], M | I): data_ret = {'status': 0, 'createWebSiteStatus': 0, 'error_message': "Invalid domain."} json_data = json.dumps(data_ret) @@ -2770,7 +2770,7 @@ def startSync(self, userID=None, data=None): currentACL = ACLManager.loadedACL(userID) admin = Administrator.objects.get(pk=userID) - if not match(r'([\da-z\.-]+\.[a-z\.]{2,12}|[\d\.]+)([\/:?=&#]{1}[\da-z\.-]+)*[\/\?]?', data['childDomain'], + if not match(r'^[a-zA-Z0-9][a-zA-Z0-9-]{1,61}[a-zA-Z0-9](?:\.[a-zA-Z]{2,})+$', data['childDomain'], M | I): data_ret = {'status': 0, 'createWebSiteStatus': 0, 'error_message': "Invalid domain."} json_data = json.dumps(data_ret)