diff options
author | Warren Baker <warren@decoy.co.za> | 2013-01-10 11:17:14 +0200 |
---|---|---|
committer | Warren Baker <warren@decoy.co.za> | 2013-01-10 11:17:14 +0200 |
commit | ea031bdeb9e2730b3d2e9035b9fb5f1048d698f8 (patch) | |
tree | c374278b296e5927deac06a5a94d0c4a80b26b4c | |
parent | 38de3c9d28e3702a7d72ac605a29a3faec95cd73 (diff) | |
download | pfsense-ea031bdeb9e2730b3d2e9035b9fb5f1048d698f8.zip pfsense-ea031bdeb9e2730b3d2e9035b9fb5f1048d698f8.tar.gz |
Dont pass -o option to view types that dont support it, it causes a segfault. Also make sure that when viewing all states that the correct switch is passed
-rw-r--r-- | usr/local/www/diag_system_pftop.php | 24 |
1 files changed, 17 insertions, 7 deletions
diff --git a/usr/local/www/diag_system_pftop.php b/usr/local/www/diag_system_pftop.php index 6ba81b7..da2eb82 100644 --- a/usr/local/www/diag_system_pftop.php +++ b/usr/local/www/diag_system_pftop.php @@ -53,16 +53,21 @@ if($_REQUEST['getactivity']) { if($_REQUEST['sorttype'] && in_array($_REQUEST['sorttype'], $sorttypes) && $_REQUEST['viewtype'] && in_array($_REQUEST['viewtype'], $viewtypes) && $_REQUEST['states'] && in_array($_REQUEST['states'], $numstates)) { - $sorttype = escapeshellarg($_REQUEST['sorttype']); $viewtype = escapeshellarg($_REQUEST['viewtype']); - $numstate = (in_array($_REQUEST['viewtype'], $viewall) ? "-a" : escapeshellarg($_REQUEST['states'])); + if (in_array($_REQUEST['viewtype'], $viewall)) { + $sorttype = ""; + $numstate = "-a"; + } else { + $sorttype = "-o " . escapeshellarg($_REQUEST['sorttype']); + $numstate = ($_REQUEST['states'] == "all" ? "-a" : escapeshellarg($_REQUEST['states'])); + } } else { $sorttype = "bytes"; $viewtype = "default"; $numstate = "100"; } - - $text = `pftop -b -o {$sorttype} -v {$viewtype} $numstate`; + log_error("pftop -b {$sorttype} -v {$viewtype} $numstate"); + $text = `pftop -b {$sorttype} -v {$viewtype} {$numstate}`; echo $text; exit; } @@ -72,9 +77,14 @@ include("head.inc"); if($_REQUEST['sorttype'] && in_array($_REQUEST['sorttype'], $sorttypes) && $_REQUEST['viewtype'] && in_array($_REQUEST['viewtype'], $viewtypes) && $_REQUEST['states'] && in_array($_REQUEST['states'], $numstates)) { - $sorttype = htmlentities($_REQUEST['sorttype']); - $viewtype = htmlentities($_REQUEST['viewtype']); - $numstate = (in_array($_REQUEST['viewtype'], $viewall) ? "-a" : htmlentities($_REQUEST['states'])); + $viewtype = escapeshellarg($_REQUEST['viewtype']); + if (in_array($_REQUEST['viewtype'], $viewall)) { + $sorttype = ""; + $numstate = "-a"; + } else { + $sorttype = "-o " . escapeshellarg($_REQUEST['sorttype']); + $numstate = ($_REQUEST['states'] == "all" ? "-a" : escapeshellarg($_REQUEST['states'])); + } } else { $sorttype = "bytes"; $viewtype = "default"; |