summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorjim-p <jimp@pfsense.org>2015-12-21 10:15:30 -0500
committerjim-p <jimp@pfsense.org>2015-12-21 10:15:30 -0500
commit4fa888b46cbd7816b9063de2a06f249105457111 (patch)
tree01c2430e29483c8055e434ce405c8dcc64e8cdfd
parent49e83995cef02354b39a506a3bc0feb469cb5637 (diff)
downloadpfsense-4fa888b46cbd7816b9063de2a06f249105457111.zip
pfsense-4fa888b46cbd7816b9063de2a06f249105457111.tar.gz
Encode hostname before printing; remove some related dead code.
-rw-r--r--etc/inc/functions.inc2
-rw-r--r--usr/local/www/carp_status.php5
-rwxr-xr-xusr/local/www/head.inc9
-rwxr-xr-xusr/local/www/pkg.php5
-rw-r--r--usr/local/www/pkg_edit.php5
-rw-r--r--usr/local/www/widgets/widgets/system_information.widget.php2
-rw-r--r--usr/local/www/wizard.php5
7 files changed, 7 insertions, 26 deletions
diff --git a/etc/inc/functions.inc b/etc/inc/functions.inc
index b7b7001..4336063 100644
--- a/etc/inc/functions.inc
+++ b/etc/inc/functions.inc
@@ -119,7 +119,7 @@ if(!function_exists("get_menu_messages")) {
}
else {
$menu_messages='<div id="hostname">';
- $menu_messages.=$config['system']['hostname'] . "." . $config['system']['domain'];
+ $menu_messages.=htmlspecialchars($config['system']['hostname'] . "." . $config['system']['domain']);
$menu_messages.='</div>';
}
return ($menu_messages);
diff --git a/usr/local/www/carp_status.php b/usr/local/www/carp_status.php
index 05af0b9..7a4a5be 100644
--- a/usr/local/www/carp_status.php
+++ b/usr/local/www/carp_status.php
@@ -41,11 +41,6 @@
require_once("guiconfig.inc");
require_once("globals.inc");
-function gentitle_pkg($pgname) {
- global $config;
- return $config['system']['hostname'] . "." . $config['system']['domain'] . " - " . $pgname;
-}
-
unset($interface_arr_cache);
unset($carp_interface_count_cache);
unset($interface_ip_arr_cache);
diff --git a/usr/local/www/head.inc b/usr/local/www/head.inc
index 9535de3..0fb23e2 100755
--- a/usr/local/www/head.inc
+++ b/usr/local/www/head.inc
@@ -7,10 +7,11 @@ $g['theme'] = get_current_theme();
$pagetitle = gentitle( $pgtitle );
-if (isset($config['system']['webgui']['pagenamefirst']))
- $tabtitle = $pagetitle . " - " . $config['system']['hostname'] . "." . $config['system']['domain'];
-else
- $tabtitle = $config['system']['hostname'] . "." . $config['system']['domain'] . " - " . $pagetitle;
+if (isset($config['system']['webgui']['pagenamefirst'])) {
+ $tabtitle = $pagetitle . " - " . htmlspecialchars($config['system']['hostname'] . "." . $config['system']['domain']);
+} else {
+ $tabtitle = htmlspecialchars($config['system']['hostname'] . "." . $config['system']['domain']) . " - " . $pagetitle;
+}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
diff --git a/usr/local/www/pkg.php b/usr/local/www/pkg.php
index e07206e..4b600cc 100755
--- a/usr/local/www/pkg.php
+++ b/usr/local/www/pkg.php
@@ -41,11 +41,6 @@
require_once("guiconfig.inc");
require_once("pkg-utils.inc");
-function gentitle_pkg($pgname) {
- global $config;
- return $config['system']['hostname'] . "." . $config['system']['domain'] . " - " . $pgname;
-}
-
function domTT_title($title_msg){
print "onmouseout=\"this.style.color = ''; domTT_mouseout(this, event);\" onmouseover=\"domTT_activate(this, event, 'content', '".gettext($title_msg)."', 'trail', true, 'delay', 0, 'fade', 'both', 'fadeMax', 93, 'styleClass', 'niceTitle');\"";
}
diff --git a/usr/local/www/pkg_edit.php b/usr/local/www/pkg_edit.php
index 04caf0a..5047543 100644
--- a/usr/local/www/pkg_edit.php
+++ b/usr/local/www/pkg_edit.php
@@ -50,11 +50,6 @@ require_once("pkg-utils.inc");
/* dummy stubs needed by some code that was MFC'd */
function pfSenseHeader($location) { header("Location: " . $location); }
-function gentitle_pkg($pgname) {
- global $pfSense_config;
- return $pfSense_config['system']['hostname'] . "." . $pfSense_config['system']['domain'] . " - " . $pgname;
-}
-
function domTT_title($title_msg){
if (!empty($title_msg)){
$title_msg=preg_replace("/\s+/"," ",$title_msg);
diff --git a/usr/local/www/widgets/widgets/system_information.widget.php b/usr/local/www/widgets/widgets/system_information.widget.php
index 2eed279..8344b9d 100644
--- a/usr/local/www/widgets/widgets/system_information.widget.php
+++ b/usr/local/www/widgets/widgets/system_information.widget.php
@@ -116,7 +116,7 @@ $filesystems = get_mounted_filesystems();
<tbody>
<tr>
<td width="25%" class="vncellt"><?=gettext("Name");?></td>
- <td width="75%" class="listr"><?php echo $config['system']['hostname'] . "." . $config['system']['domain']; ?></td>
+ <td width="75%" class="listr"><?php echo htmlspecialchars($config['system']['hostname'] . "." . $config['system']['domain']); ?></td>
</tr>
<tr>
<td width="25%" valign="top" class="vncellt"><?=gettext("Version");?></td>
diff --git a/usr/local/www/wizard.php b/usr/local/www/wizard.php
index d5aa350..8e5cd7f 100644
--- a/usr/local/www/wizard.php
+++ b/usr/local/www/wizard.php
@@ -44,11 +44,6 @@ require_once("filter.inc");
require("shaper.inc");
require_once("rrd.inc");
-function gentitle_pkg($pgname) {
- global $config;
- return $config['system']['hostname'] . "." . $config['system']['domain'] . " - " . $pgname;
-}
-
global $g;
$stepid = htmlspecialchars($_GET['stepid']);
OpenPOWER on IntegriCloud