Issues

ZF-6677: Zend_Validate_Hostname validates ip address even if it's disallowed

Description

The ip address is checked for validity before checking if it's allowed. This does not make much sense to me. If it's not allowed, it doesn't matter whether it's a valid ip address or not

current code:

    // Check input against IP address schema
    if ($this->_ipValidator->setTranslator($this->getTranslator())->isValid($valueString)) {
        if (!($this->_allow & self::ALLOW_IP)) {
            $this->_error(self::IP_ADDRESS_NOT_ALLOWED);
            return false;
        } else{
            return true;
        }
    }

proposed code:

    // Check input against IP address schema
   if (!($this->_allow & self::ALLOW_IP)) {
            $this->_error(self::IP_ADDRESS_NOT_ALLOWED);
            return false;
    }

    if ($this->_ipValidator->setTranslator($this->getTranslator())->isValid($valueString)) {
            return true;
    }

Comments

ah.. This goes along with the parent issue I guess. The reason it's inside of the isValid() check is because that's how we're determining that it's an ip address. Maybe I'm just unaware of how involved testing that a string is an ip address is. I was assuming it could be done with a simple regular expression

Marked as fixed as the parent issue is already fixed for the next minor release.