diff options
| author | jim-p <jimp@pfsense.org> | 2010-08-13 09:32:19 -0400 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2010-08-13 09:33:36 -0400 |
| commit | 5f25bfea6de50b8b0ebb03e41eb343d61940303b (patch) | |
| tree | a02ea52143acfb86986aaa4711f68a9ab41876c7 | |
| parent | 7e2ca7b5db8acc92ba875b36fdf38cfe61743351 (diff) | |
| download | pfsense-5f25bfea6de50b8b0ebb03e41eb343d61940303b.zip pfsense-5f25bfea6de50b8b0ebb03e41eb343d61940303b.tar.gz | |
Don't allow a user-entered PPTP password to start with !, this will cause mpd to attempt an external auth program.
| -rwxr-xr-x | usr/local/www/vpn_pptp_users_edit.php | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/usr/local/www/vpn_pptp_users_edit.php b/usr/local/www/vpn_pptp_users_edit.php index 9494c76..f159931 100755 --- a/usr/local/www/vpn_pptp_users_edit.php +++ b/usr/local/www/vpn_pptp_users_edit.php @@ -87,6 +87,9 @@ if ($_POST) { if (preg_match("/[[:cntrl:]\"]/", $_POST['password'])) $input_errors[] = gettext("The password contains invalid characters."); + if (preg_match("/^!/", $_POST['password'])) + $input_errors[] = gettext("The password cannot start with '!'."); + if (($_POST['password']) && ($_POST['password'] != $_POST['password2'])) { $input_errors[] = gettext("The passwords do not match."); } |
