IP checking false positives and no ipv6 check

The currently implemented method marks all IPs between 0.0.0.0 - 999.999.999.999 as valid IP Address. Which generates false positives as any IP after 255.255.255.255 is not a valid IP address. Also, there is no check for IPv6 IP addresses. filter_var() solves both the issues.
author: rajatsharma94 <rajat.shrma94@gmail.com> 2015-07-23 15:35:17 +0200
committer: rajatsharma94 <rajat.shrma94@gmail.com> 2015-07-23 15:35:17 +0200
commit: d2f63a1803503a09b2d92d4aedd793636d470c7b (patch)
tree: 7086b9174c19eca891425d96d209af30ef5f9901 /system/helpers
parent: 5545dcdc170eca21c3d2c91e10556698f9512643 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php
index cf6be776f..dbe090058 100644
--- a/system/helpers/path_helper.php
+++ b/system/helpers/path_helper.php
@@ -61,7 +61,7 @@ if ( ! function_exists('set_realpath'))
 	function set_realpath($path, $check_existance = FALSE)
 	{
 		// Security check to make sure the path is NOT a URL. No remote file inclusion!
-		if (preg_match('#^(http:\/\/|https:\/\/|www\.|ftp)#i', $path))
+		if (preg_match('#^(http:\/\/|https:\/\/|www\.|ftp)#i', $path) || (!filter_var($ip, FILTER_VALIDATE_IP) === false))
 		{
 			show_error('The path you submitted must be a local server path, not a URL');
 		}
author	rajatsharma94 <rajat.shrma94@gmail.com>	2015-07-23 15:35:17 +0200
committer	rajatsharma94 <rajat.shrma94@gmail.com>	2015-07-23 15:35:17 +0200
commit	d2f63a1803503a09b2d92d4aedd793636d470c7b (patch)
tree	7086b9174c19eca891425d96d209af30ef5f9901 /system/helpers
parent	5545dcdc170eca21c3d2c91e10556698f9512643 (diff)