diff options
| author | jim-p <jimp@pfsense.org> | 2015-06-16 09:24:11 -0400 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2015-06-16 09:24:11 -0400 |
| commit | 6dbe58e1018b524d9085ac1a84eb6564d2adc955 (patch) | |
| tree | 31df810936f89c02cf3992ba276c3c6e1a5e602b | |
| parent | 1a44770de93377392993c5baa76a69cdee02185d (diff) | |
| download | pfsense-6dbe58e1018b524d9085ac1a84eb6564d2adc955.zip pfsense-6dbe58e1018b524d9085ac1a84eb6564d2adc955.tar.gz | |
Additional encoding for system_advanced_misc.php
| -rw-r--r-- | usr/local/www/system_advanced_misc.php | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/usr/local/www/system_advanced_misc.php b/usr/local/www/system_advanced_misc.php index 0707619..e7015a4 100644 --- a/usr/local/www/system_advanced_misc.php +++ b/usr/local/www/system_advanced_misc.php @@ -334,7 +334,7 @@ function tmpvar_checked(obj) { <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Proxy URL"); ?></td> <td width="78%" class="vtable"> - <input name="proxyurl" id="proxyurl" value="<?php if ($pconfig['proxyurl'] <> "") echo $pconfig['proxyurl']; ?>" class="formfld unknown" /> + <input name="proxyurl" id="proxyurl" value="<?php if ($pconfig['proxyurl'] <> "") echo htmlspecialchars($pconfig['proxyurl']); ?>" class="formfld unknown" /> <br /> <?php printf(gettext("Hostname or IP address of proxy server this system will use for its outbound Internet access.")); ?> </td> @@ -342,7 +342,7 @@ function tmpvar_checked(obj) { <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Proxy Port"); ?></td> <td width="78%" class="vtable"> - <input name="proxyport" id="proxyport" value="<?php if ($pconfig['proxyport'] <> "") echo $pconfig['proxyport']; ?>" class="formfld unknown" /> + <input name="proxyport" id="proxyport" value="<?php if ($pconfig['proxyport'] <> "") echo htmlspecialchars($pconfig['proxyport']); ?>" class="formfld unknown" /> <br /> <?php printf(gettext("Port where proxy server is listening.")); ?> </td> @@ -350,7 +350,7 @@ function tmpvar_checked(obj) { <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Proxy Username"); ?></td> <td width="78%" class="vtable"> - <input name="proxyuser" id="proxyuser" value="<?php if ($pconfig['proxyuser'] <> "") echo $pconfig['proxyuser']; ?>" class="formfld unknown" /> + <input name="proxyuser" id="proxyuser" value="<?php if ($pconfig['proxyuser'] <> "") echo htmlspecialchars($pconfig['proxyuser']); ?>" class="formfld unknown" /> <br /> <?php printf(gettext("Username for authentication to proxy server. Optional, leave blank to not use authentication.")); ?> </td> @@ -358,7 +358,7 @@ function tmpvar_checked(obj) { <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Proxy Password"); ?></td> <td width="78%" class="vtable"> - <input type="password" name="proxypass" id="proxypass" value="<?php if ($pconfig['proxypass'] <> "") echo $pconfig['proxypass']; ?>" class="formfld unknown" /> + <input type="password" name="proxypass" id="proxypass" value="<?php if ($pconfig['proxypass'] <> "") echo htmlspecialchars($pconfig['proxypass']); ?>" class="formfld unknown" /> <br /> <?php printf(gettext("Password for authentication to proxy server.")); ?> </td> @@ -380,7 +380,7 @@ function tmpvar_checked(obj) { "will be redirected to the next web server in the round " . "robin. Changing this option will restart the Load Balancing service."); ?> <br /> - <input name="srctrack" id="srctrack" value="<?php if ($pconfig['srctrack'] <> "") echo $pconfig['srctrack']; else "1400"; ?>" class="formfld unknown" <?php if ($pconfig['lb_use_sticky'] == false) echo "disabled=\"disabled\""; ?> /> + <input name="srctrack" id="srctrack" value="<?php if ($pconfig['srctrack'] <> "") echo htmlspecialchars($pconfig['srctrack']); else "1400"; ?>" class="formfld unknown" <?php if ($pconfig['lb_use_sticky'] == false) echo "disabled=\"disabled\""; ?> /> <br /> <?=gettext("Set the source tracking timeout for sticky connections. " . "By default this is 0, so source tracking is removed as soon as the state expires. " . @@ -587,7 +587,7 @@ function tmpvar_checked(obj) { <tr> <td width="22%" valign="top" class="vncell"><?=gettext("/tmp RAM Disk Size"); ?></td> <td width="78%" class="vtable"> - <input name="use_mfs_tmp_size" id="use_mfs_tmp_size" value="<?php if ($pconfig['use_mfs_tmp_size'] <> "") echo $pconfig['use_mfs_tmp_size']; ?>" class="formfld unknown" <?php if (($g['platform'] == "pfSense") && ($pconfig['use_mfs_tmpvar'] == false)) echo "disabled=\"disabled\""; ?> /> MB + <input name="use_mfs_tmp_size" id="use_mfs_tmp_size" value="<?php if ($pconfig['use_mfs_tmp_size'] <> "") echo htmlspecialchars($pconfig['use_mfs_tmp_size']); ?>" class="formfld unknown" <?php if (($g['platform'] == "pfSense") && ($pconfig['use_mfs_tmpvar'] == false)) echo "disabled=\"disabled\""; ?> /> MB <br /> <?=gettext("Set the size, in MB, for the /tmp RAM disk. " . "Leave blank for 40MB. Do not set lower than 40."); ?> @@ -596,7 +596,7 @@ function tmpvar_checked(obj) { <tr> <td width="22%" valign="top" class="vncell"><?=gettext("/var RAM Disk Size"); ?></td> <td width="78%" class="vtable"> - <input name="use_mfs_var_size" id="use_mfs_var_size" value="<?php if ($pconfig['use_mfs_var_size'] <> "") echo $pconfig['use_mfs_var_size']; ?>" class="formfld unknown" <?php if (($g['platform'] == "pfSense") && ($pconfig['use_mfs_tmpvar'] == false)) echo "disabled=\"disabled\""; ?> /> MB + <input name="use_mfs_var_size" id="use_mfs_var_size" value="<?php if ($pconfig['use_mfs_var_size'] <> "") echo htmlspecialchars($pconfig['use_mfs_var_size']); ?>" class="formfld unknown" <?php if (($g['platform'] == "pfSense") && ($pconfig['use_mfs_tmpvar'] == false)) echo "disabled=\"disabled\""; ?> /> MB <br /> <?=gettext("Set the size, in MB, for the /var RAM disk. " . "Leave blank for 60MB. Do not set lower than 60."); ?> |
