From 0d2bd3b419ed271a6e183fc20eef497eb3f88e61 Mon Sep 17 00:00:00 2001
From: arionum <34399752+arionum@users.noreply.github.com>
Date: Thu, 17 Sep 2020 21:13:17 +0300
Subject: [PATCH] Update functions.inc.php

---
 include/functions.inc.php | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/include/functions.inc.php b/include/functions.inc.php
index 4c3ceb9..a87f807 100755
--- a/include/functions.inc.php
+++ b/include/functions.inc.php
@@ -250,6 +250,11 @@ function ec_verify($data, $signature, $key)
     }
     return false;
 }
+// verify the validity of an url
+function isValidURL($url)
+{
+    return preg_match('|^(ht)?(f)?tp(s)?://[a-z0-9-]+(.[a-z0-9-]+)*(:[0-9]+)?(/.*)?$|i', $url);
+}
 
 // POST data to an URL (usualy peer). The data is an array, json encoded with is sent as $_POST['data']
 function peer_post($url, $data = [], $timeout = 60, $debug = false)
@@ -258,6 +263,9 @@ function peer_post($url, $data = [], $timeout = 60, $debug = false)
     if ($debug) {
         echo "\nPeer post: $url\n";
     }
+    if (!isValidURL($url)) {
+        return false;
+    }
     $postdata = http_build_query(
         [
             'data' => json_encode($data),