diff options
| author | N0YB <Al_Stu@Frontier.com> | 2014-01-27 22:49:32 -0800 |
|---|---|---|
| committer | N0YB <Al_Stu@Frontier.com> | 2014-01-27 22:49:32 -0800 |
| commit | 93dcedc1ec731d016e1f87fd8a77284f38c48d0b (patch) | |
| tree | 6276b5ac8d99cdd23f98af013d7257b7f906a0e6 | |
| parent | 4efc1c8df612199b71e125263a7c38984810b71c (diff) | |
| download | pfsense-93dcedc1ec731d016e1f87fd8a77284f38c48d0b.zip pfsense-93dcedc1ec731d016e1f87fd8a77284f38c48d0b.tar.gz | |
XHTML Compliance - Status: System logs: Firewall
An attribute value specification must be an attribute value literal unless SHORTTAG YES is specified
Quote (or escape) the quotes so they show up in the HTML.
Use style where attribute not supported.
Relocate tfoot to supported location and add tbody.
Apply htmlspecialchars to rule name.
Assorted tweaks.
| -rw-r--r-- | etc/inc/filter_log.inc | 2 | ||||
| -rwxr-xr-x | usr/local/www/diag_logs_filter.php | 161 | ||||
| -rw-r--r-- | usr/local/www/javascript/sorttable.js | 8 |
3 files changed, 94 insertions, 77 deletions
diff --git a/etc/inc/filter_log.inc b/etc/inc/filter_log.inc index 31d3f60..c0067fa 100644 --- a/etc/inc/filter_log.inc +++ b/etc/inc/filter_log.inc @@ -294,7 +294,7 @@ function find_rule_by_number_buffer($rulenum, $type){ } else { $ruleString = $buffer_rules_normal["@".$rulenum]; list(,$rulename,) = explode("\"",$ruleString); - $rulename = str_replace("USER_RULE: ",'<img src="/themes/'.$g['theme'].'/images/icons/icon_frmfld_user.png" width="11" height="12" title="USER_RULE" alt="USER_RULE"/> ',$rulename); + $rulename = str_replace("USER_RULE: ",'<img src="/themes/'.$g['theme'].'/images/icons/icon_frmfld_user.png" width="11" height="12" title="USER_RULE" alt="USER_RULE"/> ',htmlspecialchars($rulename)); } return $rulename." (@".$rulenum.")"; } diff --git a/usr/local/www/diag_logs_filter.php b/usr/local/www/diag_logs_filter.php index 6338396..4192649 100755 --- a/usr/local/www/diag_logs_filter.php +++ b/usr/local/www/diag_logs_filter.php @@ -68,7 +68,7 @@ $filtersubmit = getGETPOSTsettingvalue('filtersubmit', null); if ($filtersubmit) { $interfacefilter = getGETPOSTsettingvalue('interface', null); $filtertext = getGETPOSTsettingvalue('filtertext', ""); - $filterlogentries_qty = getGETPOSTsettingvalue('filterlogentries_qty', null); + $filter_qty = getGETPOSTsettingvalue('filter_qty', null); } $filterlogentries_submit = getGETPOSTsettingvalue('filterlogentries_submit', null); @@ -100,6 +100,9 @@ $nentries = $config['syslog']['nentries']; if ($filterlogentries_qty) $nentries = $filterlogentries_qty; +if ($filter_qty) + $nentries = $filter_qty; + if (!$nentries) $nentries = 50; @@ -135,11 +138,11 @@ include("head.inc"); <tr> <td> <div id="mainarea"> - <table class="tabcont sortable" width="100%" border="0" cellpadding="0" cellspacing="0" sortableMultirow="<?=$config['syslog']['filterdescriptions'] === "2"?2:1?>"> + <table class="tabcont sortable" width="100%" border="0" cellpadding="0" cellspacing="0" style="sortableMultirow:<?=$config['syslog']['filterdescriptions'] === "2"?2:1?>"> <thead> <tr> <td colspan="<?=(!isset($config['syslog']['rawfilter']))?7:2?>" align="left" valign="middle"> - <div id="filterlogentries_show" name="filterlogentries_show" class="widgetconfigdiv" style=<?=(!isset($config['syslog']['rawfilter']))?"":"display:none"?>> + <div id="filterlogentries_show" class="widgetconfigdiv" style=<?=(!isset($config['syslog']['rawfilter']))?'""':'"display:none"'?>> <form id="filterlogentries" name="filterlogentries" action="diag_logs_filter.php" method="post"> <?php $Include_Act = explode(",", str_replace(" ", ",", $filterfieldsarray['act'])); @@ -147,75 +150,75 @@ include("head.inc"); ?> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> - <td rowspan=2> - <div align=center><?=gettext("Action");?></div> - <div align=left> - <input id="actpass" name="actpass" type="checkbox" value="Pass" <?php if (in_arrayi('Pass', $Include_Act)) echo "checked"; ?> /> Pass<br> - <input id="actblock" name="actblock" type="checkbox" value="Block" <?php if (in_arrayi('Block', $Include_Act)) echo "checked"; ?> /> Block<br> - <input id="actreject" name="actreject" type="checkbox" value="Reject" <?php if (in_arrayi('Reject', $Include_Act)) echo "checked"; ?> /> Reject<br> + <td rowspan="2"> + <div align="center"><?=gettext("Action");?></div> + <div align="left"> + <input id="actpass" name="actpass" type="checkbox" value="Pass" <?php if (in_arrayi('Pass', $Include_Act)) echo "checked"; ?> /> Pass<br /> + <input id="actblock" name="actblock" type="checkbox" value="Block" <?php if (in_arrayi('Block', $Include_Act)) echo "checked"; ?> /> Block<br /> + <input id="actreject" name="actreject" type="checkbox" value="Reject" <?php if (in_arrayi('Reject', $Include_Act)) echo "checked"; ?> /> Reject<br /> </div> </td> <td> - <div align=center><?=gettext("Time");?></div> - <div align=center><input id="filterlogentries_time" name="filterlogentries_time" class="formfld search" type="text" size="12" value="<?= $filterfieldsarray['time'] ?>" /></div> + <div align="center"><?=gettext("Time");?></div> + <div align="center"><input id="filterlogentries_time" name="filterlogentries_time" class="formfld search" type="text" size="12" value="<?= $filterfieldsarray['time'] ?>" /></div> </td> <td> - <div align=center><?=gettext("Source IP Address");?></div> - <div align=center><input id="filterlogentries_sourceipaddress" name="filterlogentries_sourceipaddress" class="formfld search" type="text" size="35" value="<?= $filterfieldsarray['srcip'] ?>" /></div> + <div align="center"><?=gettext("Source IP Address");?></div> + <div align="center"><input id="filterlogentries_sourceipaddress" name="filterlogentries_sourceipaddress" class="formfld search" type="text" size="35" value="<?= $filterfieldsarray['srcip'] ?>" /></div> </td> <td> - <div align=center><?=gettext("Source Port");?></div> - <div align=center><input id="filterlogentries_sourceport" name="filterlogentries_sourceport" class="formfld search" type="text" size="10" value="<?= $filterfieldsarray['srcport'] ?>" /></div> + <div align="center"><?=gettext("Source Port");?></div> + <div align="center"><input id="filterlogentries_sourceport" name="filterlogentries_sourceport" class="formfld search" type="text" size="10" value="<?= $filterfieldsarray['srcport'] ?>" /></div> </td> <td> - <div align=center><?=gettext("Protocol");?></div> - <div align=center><input id="filterlogentries_protocol" name="filterlogentries_protocol" class="formfld search" type="text" size="5" value="<?= $filterfieldsarray['proto'] ?>" /></div> + <div align="center"><?=gettext("Protocol");?></div> + <div align="center"><input id="filterlogentries_protocol" name="filterlogentries_protocol" class="formfld search" type="text" size="5" value="<?= $filterfieldsarray['proto'] ?>" /></div> </td> <td> - <div align=center valign=top><?=gettext("Quantity");?></div> - <div align=center valign=top><input id="filterlogentries_qty" name="filterlogentries_qty" class="" type="text" size="6" value="<?= $filterlogentries_qty ?>" /></div> + <div style="align:center; valign:top"><?=gettext("Quantity");?></div> + <div style="align:center; valign:top"><input id="filterlogentries_qty" name="filterlogentries_qty" class="" type="text" size="6" value="<?= $filterlogentries_qty ?>" /></div> </td> </tr> <tr> - <td valign=top> - <div align=center><?=gettext("Interface");?></div> - <div align=center><input id="filterlogentries_interfaces" name="filterlogentries_interfaces" class="formfld search" type="text" size="12" value="<?= $filterfieldsarray['interface'] ?>" /></div> + <td valign="top"> + <div align="center"><?=gettext("Interface");?></div> + <div align="center"><input id="filterlogentries_interfaces" name="filterlogentries_interfaces" class="formfld search" type="text" size="12" value="<?= $filterfieldsarray['interface'] ?>" /></div> </td> - <td valign=top> - <div align=center><?=gettext("Destination IP Address");?></div> - <div align=center><input id="filterlogentries_destinationipaddress" name="filterlogentries_destinationipaddress" class="formfld search" type="text" size="35" value="<?= $filterfieldsarray['dstip'] ?>" /></div> + <td valign="top"> + <div align="center"><?=gettext("Destination IP Address");?></div> + <div align="center"><input id="filterlogentries_destinationipaddress" name="filterlogentries_destinationipaddress" class="formfld search" type="text" size="35" value="<?= $filterfieldsarray['dstip'] ?>" /></div> </td> - <td valign=top> - <div align=center><?=gettext("Destination Port");?></div> - <div align=center><input id="filterlogentries_destinationport" name="filterlogentries_destinationport" class="formfld search" type="text" size="10" value="<?= $filterfieldsarray['dstport'] ?>" /></div> + <td valign="top"> + <div align="center"><?=gettext("Destination Port");?></div> + <div align="center"><input id="filterlogentries_destinationport" name="filterlogentries_destinationport" class="formfld search" type="text" size="10" value="<?= $filterfieldsarray['dstport'] ?>" /></div> </td> - <td valign=top> - <div align=center><?=gettext("Protocol Flags");?></div> - <div align=center><input id="filterlogentries_protocolflags" name="filterlogentries_protocolflags" class="formfld search" type="text" size="5" value="<?= $filterfieldsarray['tcpflags'] ?>" /></div> + <td valign="top"> + <div align="center"><?=gettext("Protocol Flags");?></div> + <div align="center"><input id="filterlogentries_protocolflags" name="filterlogentries_protocolflags" class="formfld search" type="text" size="5" value="<?= $filterfieldsarray['tcpflags'] ?>" /></div> </td> - <td valign=bottom> - <div align=center><input id="filterlogentries_submit" name="filterlogentries_submit" type="submit" class="formbtn" value="<?=gettext("Filter");?>" /></div> + <td valign="bottom"> + <div align="center"><input id="filterlogentries_submit" name="filterlogentries_submit" type="submit" class="formbtn" value="<?=gettext("Filter");?>" /></div> </td> </tr> <tr> <td></td> - <td colspan=5> - <?printf(gettext('Matches %1$s regular expression%2$s.'), '<a target="_blank" href="http://www.php.net/manual/en/book.pcre.php">', '</a>');?>   - <?=gettext("Precede with exclamation (!) as first character to exclude match.");?>   + <td colspan="5"> + <?printf(gettext('Matches %1$s regular expression%2$s.'), '<a target="_blank" href="http://www.php.net/manual/en/book.pcre.php">', '</a>');?> + <?=gettext("Precede with exclamation (!) as first character to exclude match.");?> </td> </tr> </table> </form> </div> - <div id="filterform_show" name="filterform_show" class="widgetconfigdiv" style=<?=(!isset($config['syslog']['rawfilter']))?"display:none":""?>> + <div id="filterform_show" class="widgetconfigdiv" style=<?=(!isset($config['syslog']['rawfilter']))?'"display:none"':'""'?>> <form id="filterform" name="filterform" action="diag_logs_filter.php" method="post"> <table width="0%" border="0" cellpadding="0" cellspacing="0"> <tr> <td> - <div align=center valign=top><?=gettext("Interface");?></div> - <div align=center valign=top> - <select name="interface" onChange="dst_change(this.value,iface_old,document.iform.dsttype.value);iface_old = document.iform.interface.value;typesel_change();"> - <option value="" <?=$interfacefilter?"":"selected"?>>*Any interface</option> + <div style="align:center; valign:top"><?=gettext("Interface");?></div> + <div style="align:center; valign:top"> + <select name="interface" onchange="dst_change(this.value,iface_old,document.iform.dsttype.value);iface_old = document.iform.interface.value;typesel_change();"> + <option value="" <?=$interfacefilter?"":"selected=\"selected\""?>>*Any interface</option> <?php $iflist = get_configured_interface_with_descr(false, true); //$iflist = get_interface_list(); @@ -242,39 +245,39 @@ include("head.inc"); $interfaces["openvpn"] = "OpenVPN"; foreach ($interfaces as $iface => $ifacename): ?> - <option value="<?=$iface;?>" <?=($iface==$interfacefilter)?"selected":"";?>><?=htmlspecialchars($ifacename);?></option> + <option value="<?=$iface;?>" <?=($iface==$interfacefilter)?"selected=\"selected\"":"";?>><?=htmlspecialchars($ifacename);?></option> <?php endforeach; ?> </select> </div> </td> <td> - <div align=center valign=top><?=gettext("Filter expression");?></div> - <div align=center valign=top><input id="filtertext" name="filtertext" class="formfld search" style="vertical-align:top;" type="text" size="35" value="<?=$filtertext?>" /></div> + <div style="align:center; valign:top"><?=gettext("Filter expression");?></div> + <div style="align:center; valign:top"><input id="filtertext" name="filtertext" class="formfld search" style="vertical-align:top;" type="text" size="35" value="<?=$filtertext?>" /></div> </td> <td> - <div align=center valign=top><?=gettext("Quantity");?></div> - <div align=center valign=top><input id="filterlogentries_qty" name="filterlogentries_qty" class="" style="vertical-align:top;" type="text" size="6" value="<?= $filterlogentries_qty ?>" /></div> + <div style="align:center; valign:top"><?=gettext("Quantity");?></div> + <div style="align:center; valign:top"><input id="filter_qty" name="filter_qty" class="" style="vertical-align:top;" type="text" size="6" value="<?= $filter_qty ?>" /></div> </td> <td> - <div align=center valign=top> </div> - <div align=center valign=top><input id="filtersubmit" name="filtersubmit" type="submit" class="formbtn" style="vertical-align:top;" value="<?=gettext("Filter");?>" /></div> + <div style="align:center; valign:top"> </div> + <div style="align:center; valign:top"><input id="filtersubmit" name="filtersubmit" type="submit" class="formbtn" style="vertical-align:top;" value="<?=gettext("Filter");?>" /></div> </td> </tr> <tr> <td></td> - <td colspan=2> - <?printf(gettext('Matches %1$s regular expression%2$s.'), '<a target="_blank" href="http://www.php.net/manual/en/book.pcre.php">', '</a>');?>   + <td colspan="2"> + <?printf(gettext('Matches %1$s regular expression%2$s.'), '<a target="_blank" href="http://www.php.net/manual/en/book.pcre.php">', '</a>');?> </td> </tr> </table> </form> </div> <div style="float: left;"> - <br> + <br /> <?=gettext("Normal View");?> | <a href="diag_logs_filter_dynamic.php"><?=gettext("Dynamic View");?></a> | <a href="diag_logs_filter_summary.php"><?=gettext("Summary View");?></a> </div> <div style="float: right; vertical-align:middle"> - <br> + <br /> <?php if (!isset($config['syslog']['rawfilter']) && (isset($config['syslog']['filterdescriptions']) && $config['syslog']['filterdescriptions'] === "2")):?> <a href="#" onclick="toggleListDescriptions()">Show/hide rule descriptions</a> <?php endif;?> @@ -300,17 +303,27 @@ include("head.inc"); </td> </tr> <tr class="sortableHeaderRowIdentifier"> - <td width="10%" class="listhdrr"><?=gettext("Act");?></ td> - <td width="10%" class="listhdrr"><?=gettext("Time");?></ td> - <td width="15%" class="listhdrr"><?=gettext("If");?></ td> + <td width="10%" class="listhdrr"><?=gettext("Act");?></td> + <td width="10%" class="listhdrr"><?=gettext("Time");?></td> + <td width="15%" class="listhdrr"><?=gettext("If");?></td> <?php if ($config['syslog']['filterdescriptions'] === "1"):?> - <td width="10%" class="listhdrr"><?=gettext("Rule");?></ td> + <td width="10%" class="listhdrr"><?=gettext("Rule");?></td> <?php endif;?> - <td width="25%" class="listhdrr"><?=gettext("Source");?></ td> - <td width="25%" class="listhdrr"><?=gettext("Destination");?></ td> - <td width="15%" class="listhdrr"><?=gettext("Proto");?></ td> + <td width="25%" class="listhdrr"><?=gettext("Source");?></td> + <td width="25%" class="listhdrr"><?=gettext("Destination");?></td> + <td width="15%" class="listhdrr"><?=gettext("Proto");?></td> </tr> </thead> + <tfoot> + <tr> + <td align="left" valign="top" colspan="3"> + <form id="clearform" name="clearform" action="diag_logs_filter.php" method="post" style="margin-top: 14px;"> + <input id="submit" name="clear" type="submit" class="formbtn" value="<?=gettext("Clear log");?>" /> + </form> + </td> + </tr> + </tfoot> + <tbody> <?php if ($config['syslog']['filterdescriptions']) buffer_rules_load(); @@ -319,7 +332,7 @@ include("head.inc"); $evenRowClass = $rowIndex % 2 ? " listMReven" : " listMRodd"; $rowIndex++;?> <tr class="<?=$evenRowClass?>"> - <td class="listMRlr" nowrap="nowrap" align="center" sorttable_customkey="<?=$filterent['act']?>"> + <td class="listMRlr" nowrap="nowrap" align="center" style="sorttable_customkey:<?=$filterent['act']?>"> <center> <a onclick="javascript:getURL('diag_logs_filter.php?getrulenum=<?php echo "{$filterent['rulenum']},{$filterent['act']}"; ?>', outputrule);"> <img border="0" src="<?php echo find_action_image($filterent['act']);?>" width="11" height="11" align="middle" alt="<?php echo $filterent['act'];?>" title="<?php echo $filterent['act'];?>" /> @@ -333,7 +346,7 @@ include("head.inc"); <?php if ($config['syslog']['filterdescriptions'] === "1") echo("<td class=\"listMRr\" nowrap=\"nowrap\">".find_rule_by_number_buffer($filterent['rulenum'],$filterent['act'])."</td>"); - + $int = strtolower($filterent['interface']); $proto = strtolower($filterent['proto']); if(is_ipaddrv6($filterent['srcip'])) { @@ -348,7 +361,7 @@ include("head.inc"); $dststr = $filterent['dstip'] . get_port_with_service($filterent['dstport'], $proto); ?> <td class="listMRr" nowrap="nowrap"> - <a onclick="javascript:getURL('diag_dns.php?host=<?php echo "{$filterent['srcip']}"; ?>&dialog_output=true', outputrule);" title="<?=gettext("Reverse Resolve with DNS");?>"> + <a onclick="javascript:getURL('diag_dns.php?host=<?php echo "{$filterent['srcip']}"; ?>&dialog_output=true', outputrule);" title="<?=gettext("Reverse Resolve with DNS");?>"> <img border="0" src="/themes/<?= $g['theme']; ?>/images/icons/icon_log_d.gif" alt="Icon Reverse Resolve with DNS"/></a> <a href="diag_dns.php?host=<?php echo $filterent['srcip']; ?>" title="<?=gettext("Reverse Resolve with DNS");?>"> <img border="0" src="/themes/<?= $g['theme']; ?>/images/icons/icon_log.gif" alt="Icon Reverse Resolve with DNS"/></a> @@ -357,7 +370,7 @@ include("head.inc"); <?php echo $srcstr;?> </td> <td class="listMRr" nowrap="nowrap"> - <a onclick="javascript:getURL('diag_dns.php?host=<?php echo "{$filterent['dstip']}"; ?>&dialog_output=true', outputrule);" title="<?=gettext("Reverse Resolve with DNS");?>"> + <a onclick="javascript:getURL('diag_dns.php?host=<?php echo "{$filterent['dstip']}"; ?>&dialog_output=true', outputrule);" title="<?=gettext("Reverse Resolve with DNS");?>"> <img border="0" src="/themes/<?= $g['theme']; ?>/images/icons/icon_log_d.gif" alt="Icon Reverse Resolve with DNS" /></a> <a href="diag_dns.php?host=<?php echo $filterent['dstip']; ?>" title="<?=gettext("Reverse Resolve with DNS");?>"> <img border="0" src="/themes/<?= $g['theme']; ?>/images/icons/icon_log.gif" alt="Icon Reverse Resolve with DNS" /></a> @@ -379,27 +392,31 @@ include("head.inc"); <?php endif; endforeach; buffer_rules_clear(); ?> + </tbody> <?php else: ?> <tr> <td colspan="2" class="listtopic"> <?php printf(gettext("Last %s firewall log entries"),$nentries);?></td> </tr> + </thead> + <tfoot> + <tr> + <td align="left" valign="top" colspan="3"> + <form id="clearform" name="clearform" action="diag_logs_filter.php" method="post" style="margin-top: 14px;"> + <input id="submit" name="clear" type="submit" class="formbtn" value="<?=gettext("Clear log");?>" /> + </form> + </td> + </tr> + </tfoot> + <tbody> <?php if($filtertext) dump_clog($filter_logfile, $nentries, true, array("$filtertext")); else dump_clog($filter_logfile, $nentries); ?> + </tbody> <?php endif; ?> - <tfoot> - <tr> - <td align="left" valign="top" colspan="3"> - <form id="clearform" name="clearform" action="diag_logs_filter.php" method="post" style="margin-top: 14px;"> - <input id="submit" name="clear" type="submit" class="formbtn" value="<?=gettext("Clear log");?>" /> - </form> - </td> - </tr> - </tfoot> </table> </div> </td> diff --git a/usr/local/www/javascript/sorttable.js b/usr/local/www/javascript/sorttable.js index ce2e68a..a780aa5 100644 --- a/usr/local/www/javascript/sorttable.js +++ b/usr/local/www/javascript/sorttable.js @@ -74,8 +74,8 @@ sorttable = { if (headrow == undefined) return; - if (table.getAttribute("sortableMultirow") != undefined) - sortableMultirow = parseInt(table.getAttribute("sortableMultirow")); + if (table.style.sortableMultirow != undefined) + sortableMultirow = parseInt(table.style.sortableMultirow); else sortableMultirow = 1; @@ -247,8 +247,8 @@ sorttable = { hasInputs = (typeof node.getElementsByTagName == 'function') && node.getElementsByTagName('input').length; - if (node.getAttribute("sorttable_customkey") != null) { - return node.getAttribute("sorttable_customkey"); + if (node.style.sorttable_customkey != null) { + return node.style.sorttable_customkey; } else if (typeof node.textContent != 'undefined' && !hasInputs) { return node.textContent.replace(/^\s+|\s+$/g, ''); |
