From 3206da28612b9e9a6f75b5f47a75abe9eda22590 Mon Sep 17 00:00:00 2001
From: Stefan Kalscheuer <stefan@stklcode.de>
Date: Sat, 15 Jul 2017 17:50:55 +0200
Subject: [PATCH] Fix cidr_match() for IPv6 with PHP 7.1

With PHP 7.1 implicit conversion of non-trimmed strings to integer raises an error. Input value fpr IPv6 subnets is now trimmed and a check for numeric value is added.
---
 inc/statifyblacklist.class.php | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/inc/statifyblacklist.class.php b/inc/statifyblacklist.class.php
index 8daa768..0a2144d 100644
--- a/inc/statifyblacklist.class.php
+++ b/inc/statifyblacklist.class.php
@@ -287,7 +287,13 @@ class StatifyBlacklist {
 			}
 
 			if ( false !== strpos( $net, '/' ) ) {   // Parse CIDR subnet.
-				list( $base, $mask ) = explode( '/', $net, 2 );
+				list( $base, $mask ) = explode( '/', trim( $net ), 2 );
+
+				if ( ! is_numeric( $mask ) ) {
+					return false;
+				} else {
+					$mask = (int) $mask;
+				}
 
 				if ( $mask < 1 || $mask > 128 ) {
 					return false;