From 7d10b4c5af7dbdf851fb8137162e4326ed4784fb Mon Sep 17 00:00:00 2001
From: Clemens Schwaighofer <clemens.schwaighofer@egplusww.com>
Date: Tue, 4 Nov 2025 11:51:08 +0900
Subject: [PATCH] Change UUIdv4 validation to properly check for version 4
 UUIDs

---
 www/admin/class_test.uids.php    | 2 ++
 www/lib/CoreLibs/Create/Uids.php | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/www/admin/class_test.uids.php b/www/admin/class_test.uids.php
index d01598d5..bf194b57 100644
--- a/www/admin/class_test.uids.php
+++ b/www/admin/class_test.uids.php
@@ -56,6 +56,8 @@ print "UNIQU ID LONG : " . Uids::uniqIdLong() . "<br>";
 $uuidv4 = Uids::uuidv4();
 if (!Uids::validateUuuidv4($uuidv4)) {
 	print "Invalid UUIDv4: " . $uuidv4 . "<br>";
+} else {
+	print "Valid UUIDv4: " . $uuidv4 . "<br>";
 }
 if (!Uids::validateUuuidv4("foobar")) {
 	print "Invalid UUIDv4: hard coded<Br>";
diff --git a/www/lib/CoreLibs/Create/Uids.php b/www/lib/CoreLibs/Create/Uids.php
index 09bdc86b..d82ed36b 100644
--- a/www/lib/CoreLibs/Create/Uids.php
+++ b/www/lib/CoreLibs/Create/Uids.php
@@ -81,7 +81,7 @@ class Uids
 	 */
 	public static function validateUuuidv4(string $uuidv4): bool
 	{
-		if (!preg_match("/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/", $uuidv4)) {
+		if (!preg_match("/^[0-9a-f]{8}-[0-9a-f]{4}-4[0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i", $uuidv4)) {
 			return false;
 		}
 		return true;