diff options
author | jim-p <jimp@pfsense.org> | 2011-01-10 16:23:49 -0500 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2011-01-10 16:23:49 -0500 |
commit | 887b5af57341fb29f1d8dae271315b43beda33d9 (patch) | |
tree | ed9ea6a32f59f1a34b6ee92138f728e1a42388bd | |
parent | d0dc2fd1ab660c05422bf8001ce7a02cc25bb041 (diff) | |
download | pfsense-887b5af57341fb29f1d8dae271315b43beda33d9.zip pfsense-887b5af57341fb29f1d8dae271315b43beda33d9.tar.gz |
Be more restrictive with PPTP passwords, invalid characters can blow up the config.
-rwxr-xr-x | usr/local/www/vpn_pptp_users_edit.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/usr/local/www/vpn_pptp_users_edit.php b/usr/local/www/vpn_pptp_users_edit.php index 73ba7cc..1cd0075 100755 --- a/usr/local/www/vpn_pptp_users_edit.php +++ b/usr/local/www/vpn_pptp_users_edit.php @@ -84,7 +84,7 @@ if ($_POST) { if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['username'])) $input_errors[] = gettext("The username contains invalid characters."); - if (preg_match("/[[:cntrl:]\"]/", $_POST['password'])) + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['passwordfld'])) $input_errors[] = gettext("The password contains invalid characters."); if (preg_match("/^!/", $_POST['password'])) |