From b6a99e7dcad10836cd2277ba2bd9a6c19afe90f1 Mon Sep 17 00:00:00 2001
From: rubencm <rubencm@gmail.com>
Date: Thu, 24 Oct 2019 20:03:32 +0000
Subject: [ticket/16188] Remove some legacy code and fix bug

PHPBB3-16189
---
 phpBB/includes/functions.php          | 3 +++
 phpBB/includes/functions_transfer.php | 4 ++--
 phpBB/includes/functions_user.php     | 7 +------
 3 files changed, 6 insertions(+), 8 deletions(-)

(limited to 'phpBB/includes')

diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index b4090c6a40..b2c7d6d6b1 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -2851,10 +2851,13 @@ function get_preg_expression($mode)
 		// Whoa these look impressive!
 		// The code to generate the following two regular expressions which match valid IPv4/IPv6 addresses
 		// can be found in the develop directory
+
+		// @deprecated
 		case 'ipv4':
 			return '#^(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])$#';
 		break;
 
+		// @deprecated
 		case 'ipv6':
 			return '#^(?:(?:(?:[\dA-F]{1,4}:){6}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:::(?:[\dA-F]{1,4}:){0,5}(?:[\dA-F]{1,4}(?::[\dA-F]{1,4})?|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:):(?:[\dA-F]{1,4}:){4}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,2}:(?:[\dA-F]{1,4}:){3}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,3}:(?:[\dA-F]{1,4}:){2}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,4}:(?:[\dA-F]{1,4}:)(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,5}:(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,6}:[\dA-F]{1,4})|(?:(?:[\dA-F]{1,4}:){1,7}:)|(?:::))$#i';
 		break;
diff --git a/phpBB/includes/functions_transfer.php b/phpBB/includes/functions_transfer.php
index 7427b89917..f0070b4b1e 100644
--- a/phpBB/includes/functions_transfer.php
+++ b/phpBB/includes/functions_transfer.php
@@ -810,7 +810,7 @@ class ftp_fsock extends transfer
 			$server_ip = substr($socket_name, 0, strrpos($socket_name, ':'));
 		}
 
-		if (!isset($server_ip) || preg_match(get_preg_expression('ipv4'), $server_ip))
+		if (isset($server_ip) && filter_var($server_ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) // ipv4
 		{
 			// Passive mode
 			$this->_send_command('PASV', '', false);
@@ -831,7 +831,7 @@ class ftp_fsock extends transfer
 			$server_ip = $temp[0] . '.' . $temp[1] . '.' . $temp[2] . '.' . $temp[3];
 			$server_port = $temp[4] * 256 + $temp[5];
 		}
-		else
+		else // ipv6
 		{
 			// Extended Passive Mode - RFC2428
 			$this->_send_command('EPSV', '', false);
diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php
index 7dd850111e..5c94a90d9d 100644
--- a/phpBB/includes/functions_user.php
+++ b/phpBB/includes/functions_user.php
@@ -1455,12 +1455,7 @@ function user_unban($mode, $ban)
 */
 function user_ipwhois($ip)
 {
-	if (empty($ip))
-	{
-		return '';
-	}
-
-	if (!preg_match(get_preg_expression('ipv4'), $ip) && !preg_match(get_preg_expression('ipv6'), $ip))
+	if (!filter_var($ip, FILTER_VALIDATE_IP))
 	{
 		return '';
 	}
-- 
cgit v1.2.1