diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2008-11-25 18:13:11 +0000 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2008-11-25 18:13:11 +0000 |
commit | 69a202983456a93c3699161c2c81dc0b001c5af1 (patch) | |
tree | 32f712c697d8a419091eea1d78c164f0ed877943 | |
parent | ebc9d78413c9e97fe15441b289b0fbee43204f92 (diff) | |
download | pfsense-69a202983456a93c3699161c2c81dc0b001c5af1.zip pfsense-69a202983456a93c3699161c2c81dc0b001c5af1.tar.gz |
* guiconfig.inc comes first
* use escapeshellarg()
-rwxr-xr-x | usr/local/www/diag_logs_filter.php | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/usr/local/www/diag_logs_filter.php b/usr/local/www/diag_logs_filter.php index 5430333..2441f27 100755 --- a/usr/local/www/diag_logs_filter.php +++ b/usr/local/www/diag_logs_filter.php @@ -30,18 +30,18 @@ POSSIBILITY OF SUCH DAMAGE. */ +require("guiconfig.inc"); + if($_GET['getrulenum'] or $_POST['getrulenum']) { if($_GET['getrulenum']) - $rulenum = $_GET['getrulenum']; + $rulenum = escapeshellarg($_GET['getrulenum']); if($_POST['getrulenum']) - $rulenum = $_POST['getrulenum']; + $rulenum = escapeshellarg($_POST['getrulenum']); $rule = `pfctl -vvsr | grep @{$rulenum}`; echo "The rule that triggered this action is:\n\n{$rule}"; exit; } -require("guiconfig.inc"); - $filter_logfile = "{$g['varlog_path']}/filter.log"; $nentries = $config['syslog']['nentries']; |