diff options
author | Renato Botelho <renato@netgate.com> | 2016-01-26 08:26:03 -0200 |
---|---|---|
committer | Renato Botelho <renato@netgate.com> | 2016-01-26 08:26:03 -0200 |
commit | 5559b4a97e46a71878c8c1cc23c5d628aa611068 (patch) | |
tree | d9373042362f1d36c9bb41500aeb1ccfc70c9287 | |
parent | ca052b35b146bd7c7b5aaa07cf4ffe68dbfa1ced (diff) | |
parent | f155b6e4300f6566985b8b7080a4e02c640955ed (diff) | |
download | pfsense-5559b4a97e46a71878c8c1cc23c5d628aa611068.zip pfsense-5559b4a97e46a71878c8c1cc23c5d628aa611068.tar.gz |
Merge pull request #2528 from phil-davis/patch-6
-rwxr-xr-x | usr/local/www/pkg.php | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/usr/local/www/pkg.php b/usr/local/www/pkg.php index 4b600cc..c60806d 100755 --- a/usr/local/www/pkg.php +++ b/usr/local/www/pkg.php @@ -53,8 +53,15 @@ if($xml == "") { } else { $pkg_xml_prefix = "/usr/local/pkg/"; $pkg_full_path = "{$pkg_xml_prefix}/{$xml}"; - if (substr_compare(realpath($pkg_full_path), $pkg_xml_prefix, 0, strlen($pkg_xml_prefix))) { - print_info_box_np(gettext("ERROR: Invalid path specified.")); + $pkg_realpath = realpath($pkg_full_path); + if (empty($pkg_realpath)) { + $path_error = sprintf(gettext("ERROR: Package path %s not found."), htmlspecialchars($pkg_full_path)); + } else if (substr_compare($pkg_realpath, $pkg_xml_prefix, 0, strlen($pkg_xml_prefix))) { + $path_error = sprintf(gettext("ERROR: Invalid path %s specified."), htmlspecialchars($pkg_full_path)); + } + + if (!empty($path_error)) { + print_info_box_np($path_error . "<br />" . gettext("Try reinstalling the package.") . "<br />" . gettext("Use the back button on your browser to return to the previous page.")); die; } |