diff options
author | Stephen Beaver <sbeaver@netgate.com> | 2015-12-28 16:11:17 -0500 |
---|---|---|
committer | Stephen Beaver <sbeaver@netgate.com> | 2015-12-28 16:11:17 -0500 |
commit | c8b10b4ce59161e21a93786d04237ad3f330178a (patch) | |
tree | 9e696532f61abc22b52ebb86d678ec7c1ac356c4 | |
parent | 690026d8256f15fd3b1df97ca1cba8f4815e425e (diff) | |
download | pfsense-c8b10b4ce59161e21a93786d04237ad3f330178a.zip pfsense-c8b10b4ce59161e21a93786d04237ad3f330178a.tar.gz |
Added new addPassword method and password == password_confirm validation where required.
-rw-r--r-- | src/usr/local/www/diag_backup.php | 39 | ||||
-rw-r--r-- | src/usr/local/www/firewall_virtual_ip_edit.php | 8 | ||||
-rw-r--r-- | src/usr/local/www/interfaces.php | 19 | ||||
-rw-r--r-- | src/usr/local/www/interfaces_ppps_edit.php | 5 | ||||
-rw-r--r-- | src/usr/local/www/services_captiveportal_vouchers.php | 5 | ||||
-rw-r--r-- | src/usr/local/www/services_dyndns_edit.php | 6 | ||||
-rw-r--r-- | src/usr/local/www/system_advanced_misc.php | 6 | ||||
-rwxr-xr-x | src/usr/local/www/system_hasync.php | 24 | ||||
-rw-r--r-- | src/usr/local/www/vpn_l2tp.php | 12 | ||||
-rw-r--r-- | src/usr/local/www/vpn_openvpn_client.php | 12 |
10 files changed, 90 insertions, 46 deletions
diff --git a/src/usr/local/www/diag_backup.php b/src/usr/local/www/diag_backup.php index bcf3619..173da92 100644 --- a/src/usr/local/www/diag_backup.php +++ b/src/usr/local/www/diag_backup.php @@ -225,10 +225,10 @@ if ($_POST) { if ($mode) { if ($mode == "download") { if ($_POST['encrypt']) { - if (!$_POST['encrypt_password'] || !$_POST['encrypt_passconf']) { + if (!$_POST['encrypt_password'] || !$_POST['encrypt_password_confirm']) { $input_errors[] = gettext("You must supply and confirm the password for encryption."); } - if ($_POST['encrypt_password'] != $_POST['encrypt_passconf']) { + if ($_POST['encrypt_password'] != $_POST['encrypt_password_confirm']) { $input_errors[] = gettext("The supplied 'Password' and 'Confirm' field values must match."); } } @@ -303,10 +303,10 @@ if ($_POST) { if ($mode == "restore") { if ($_POST['decrypt']) { - if (!$_POST['decrypt_password'] || !$_POST['decrypt_passconf']) { + if (!$_POST['decrypt_password'] || !$_POST['decrypt_password_confirm']) { $input_errors[] = gettext("You must supply and confirm the password for decryption."); } - if ($_POST['decrypt_password'] != $_POST['decrypt_passconf']) { + if ($_POST['decrypt_password'] != $_POST['decrypt_password_confirm']) { $input_errors[] = gettext("The supplied 'Password' and 'Confirm' field values must match."); } } @@ -659,20 +659,11 @@ $section->addInput(new Form_Checkbox( false )); -$section->addInput(new Form_Input( +$section->addPassword(new Form_Input( 'encrypt_password', - null, - 'password', - null, - ['placeholder' => 'Password'] -)); - -$section->addInput(new Form_Input( - 'encrypt_passconf', - null, + 'Password', 'password', - null, - ['placeholder' => 'Confirm password'] + null )); $group = new Form_Group(''); @@ -712,22 +703,14 @@ $section->addInput(new Form_Checkbox( false )); -$section->addInput(new Form_Input( +$section->addPassword(new Form_Input( 'decrypt_password', - null, + 'Password', 'password', null, ['placeholder' => 'Password'] )); -$section->addInput(new Form_Input( - 'decrypt_passconf', - null, - 'password', - null, - ['placeholder' => 'Confirm password'] -)); - $group = new Form_Group(''); $group->add(new Form_Button( 'Submit', @@ -782,9 +765,9 @@ events.push(function() { decryptHide = !($('input[name="decrypt"]').is(':checked')); hideInput('encrypt_password', encryptHide); - hideInput('encrypt_passconf', encryptHide); + hideInput('encrypt_password_confirm', encryptHide); hideInput('decrypt_password', decryptHide); - hideInput('decrypt_passconf', decryptHide); + hideInput('decrypt_password_confirm', decryptHide); } // ---------- Click handlers ------------------------------------------------------------------ diff --git a/src/usr/local/www/firewall_virtual_ip_edit.php b/src/usr/local/www/firewall_virtual_ip_edit.php index 0e379bc..16d26ef 100644 --- a/src/usr/local/www/firewall_virtual_ip_edit.php +++ b/src/usr/local/www/firewall_virtual_ip_edit.php @@ -209,6 +209,10 @@ if ($_POST) { $input_errors[] = gettext("You must specify a CARP password that is shared between the two VHID members."); } + if ($_POST['password'] != $_POST['password_confirm']) { + $input_errors[] = gettext("Password and confirm password must match"); + } + if ($_POST['interface'] == 'lo0') { $input_errors[] = gettext("For this type of vip localhost is not allowed."); } else if (strpos($_POST['interface'], '_vip')) { @@ -419,7 +423,7 @@ $section->addInput(new Form_Checkbox( isset($pconfig['noexpand']) )); -$section->addInput(new Form_Input( +$section->addPassword(new Form_Input( 'password', 'Virtual IP Password', 'password', @@ -513,6 +517,7 @@ events.push(function() { disableInput('subnet_bits', true); disableInput('type', true); disableInput('password', true); + disableInput('password_confirm', true); hideCheckbox('noexpand', true); if (mode == 'ipalias') { @@ -526,6 +531,7 @@ events.push(function() { disableInput('advbase', false); disableInput('advskew', false); disableInput('password', false); + disableInput('password_confirm', false); disableInput('subnet_bits', false); $('#type').val('single'); } else if (mode == 'proxyarp') { diff --git a/src/usr/local/www/interfaces.php b/src/usr/local/www/interfaces.php index 104a1bf..547e93f 100644 --- a/src/usr/local/www/interfaces.php +++ b/src/usr/local/www/interfaces.php @@ -947,6 +947,19 @@ if ($_POST['apply']) { } } } + + if ($_POST['ppp_password'] != $_POST['ppp_password_confirm']) { + $input_errors[] = gettext("PPP Password and confirmed password must match!"); + } + + if ($_POST['pppoe_password'] != $_POST['ppoep_password_confirm']) { + $input_errors[] = gettext("PPPoE Password and confirmed password must match!"); + } + + if ($_POST['pptp_password'] != $_POST['pptp_password_confirm']) { + $input_errors[] = gettext("PTPP Password and confirmed password must match!"); + } + if (!$input_errors) { // These 3 fields can be a list of multiple data items when used for MLPPP. // The UI in this code only processes the first of the list, so save the data here then we can preserve any other entries. @@ -2452,7 +2465,7 @@ $section->addInput(new Form_Input( $pconfig['ppp_username'] )); -$section->addInput(new Form_Input( +$section->addPassword(new Form_Input( 'ppp_password', 'Password', 'password', @@ -2518,7 +2531,7 @@ $section->addInput(new Form_Input( $pconfig['pppoe_username'] )); -$section->addInput(new Form_Input( +$section->addPassword(new Form_Input( 'pppoe_password', 'Password', 'password', @@ -2649,7 +2662,7 @@ $section->addInput(new Form_Input( $pconfig['pptp_username'] )); -$section->addInput(new Form_Input( +$section->addPassword(new Form_Input( 'pptp_password', 'Password', 'password', diff --git a/src/usr/local/www/interfaces_ppps_edit.php b/src/usr/local/www/interfaces_ppps_edit.php index 843402a..d8d19af 100644 --- a/src/usr/local/www/interfaces_ppps_edit.php +++ b/src/usr/local/www/interfaces_ppps_edit.php @@ -257,6 +257,9 @@ if ($_POST) { $input_errors[] = gettext("Please choose a Link Type."); break; } + if ($_POST['passwordfld'] != $_POST['passwordfld_confirm']) { + $input_errors[] = gettext("Password and confirmed password must match."); + } if ($_POST['type'] == "ppp" && count($_POST['interfaces']) > 1) { $input_errors[] = gettext("Multilink connections (MLPPP) using the PPP link type is not currently supported. Please select only one Link Interface."); } @@ -597,7 +600,7 @@ $section->addInput(new Form_Input( $pconfig['username'] )); -$section->addInput(new Form_Input( +$section->addPassword(new Form_Input( 'passwordfld', 'Password', 'password', diff --git a/src/usr/local/www/services_captiveportal_vouchers.php b/src/usr/local/www/services_captiveportal_vouchers.php index 73f7976..39f62fc 100644 --- a/src/usr/local/www/services_captiveportal_vouchers.php +++ b/src/usr/local/www/services_captiveportal_vouchers.php @@ -278,6 +278,9 @@ if ($_POST) { if ($_POST['vouchersyncdbip'] && (is_ipaddr_configured($_POST['vouchersyncdbip']))) { $input_errors[] = gettext("You cannot sync the voucher database to this host (itself)."); } + if ($_POST['vouchersyncpass'] != $_POST['vouchersyncpass_confirm']) { + $input_errors[] = gettext("Password and confirmed password must match."); + } } if (!$input_errors) { @@ -605,7 +608,7 @@ $section->addInput(new Form_Input( $pconfig['vouchersyncusername'] ))->setHelp('This is the username of the master voucher nodes webConfigurator.'); -$section->addInput(new Form_Input( +$section->addPassword(new Form_Input( 'vouchersyncpass', 'Voucher sync password', 'password', diff --git a/src/usr/local/www/services_dyndns_edit.php b/src/usr/local/www/services_dyndns_edit.php index 7330874..a2d797b 100644 --- a/src/usr/local/www/services_dyndns_edit.php +++ b/src/usr/local/www/services_dyndns_edit.php @@ -136,6 +136,10 @@ if ($_POST) { do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); + if ($_POST['passwordfld'] != $_POST['passwordfld_confirm']) { + $input_errors[] = gettext("Password and confirmed password must match."); + } + if (isset($_POST['host']) && in_array("host", $reqdfields)) { /* Namecheap can have a @. in hostname */ if ($pconfig['type'] == "namecheap" && substr($_POST['host'], 0, 2) == '@.') { @@ -349,7 +353,7 @@ $section->addInput(new Form_Input( 'GleSYS: Enter your API user.' . '<br />' . 'For Custom Entries, Username and Password represent HTTP Authentication username and passwords.'); -$section->addInput(new Form_Input( +$section->addPassword(new Form_Input( 'passwordfld', 'Password', 'password', diff --git a/src/usr/local/www/system_advanced_misc.php b/src/usr/local/www/system_advanced_misc.php index 389496d..ad56a98 100644 --- a/src/usr/local/www/system_advanced_misc.php +++ b/src/usr/local/www/system_advanced_misc.php @@ -149,6 +149,10 @@ if ($_POST) { $input_errors[] = gettext("The proxy username contains invalid characters."); } + if($_POST['proxypass'] != $_POST['proxypass_confirm']) { + $input_errors[] = gettext("Proxy password and confirmation must match."); + } + if (!$input_errors) { if ($_POST['harddiskstandby'] <> "") { @@ -341,7 +345,7 @@ $section->addInput(new Form_Input( ))->setHelp('Username for authentication to proxy server. Optional, '. 'leave blank to not use authentication.'); -$section->addInput(new Form_Input( +$section->addPassword(new Form_Input( 'proxypass', 'Proxy Password', 'password', diff --git a/src/usr/local/www/system_hasync.php b/src/usr/local/www/system_hasync.php index f5aca57..8c44ae9 100755 --- a/src/usr/local/www/system_hasync.php +++ b/src/usr/local/www/system_hasync.php @@ -99,11 +99,19 @@ if ($_POST) { $a_hasync['pfsyncinterface'] = $pconfig['pfsyncinterface']; $a_hasync['synchronizetoip'] = $pconfig['synchronizetoip']; $a_hasync['username'] = $pconfig['username']; - $a_hasync['password'] = $pconfig['passwordfld']; - write_config("Updated High Availability Sync configuration"); - interfaces_sync_setup(); - header("Location: system_hasync.php"); - exit(); + + if ($pconfig['passwordfld'] == $pconfig['passwordfld_confirm']) { + $a_hasync['password'] = $pconfig['passwordfld']; + } else { + $input_errors[] = gettext("Password and confirmation must match."); + } + + if (!$input_errors) { + write_config("Updated High Availability Sync configuration"); + interfaces_sync_setup(); + header("Location: system_hasync.php"); + exit(); + } } foreach ($checkbox_names as $name) { @@ -129,6 +137,10 @@ foreach ($ifaces as $ifname => $iface) { include("head.inc"); +if ($input_errors) { + print_input_errors($input_errors); +} + $form = new Form; $section = new Form_Section('State Synchronization Settings (pfsync)'); @@ -184,7 +196,7 @@ $section->addInput(new Form_Input( ))->setHelp('Enter the webConfigurator username of the system entered above for synchronizing your configuration.<br />' . 'Do not use the Synchronize Config to IP and username option on backup cluster members!'); -$section->addInput(new Form_Input( +$section->addPassword(new Form_Input( 'passwordfld', 'Remote System Password', 'password', diff --git a/src/usr/local/www/vpn_l2tp.php b/src/usr/local/www/vpn_l2tp.php index 17bb288..04a8990 100644 --- a/src/usr/local/www/vpn_l2tp.php +++ b/src/usr/local/www/vpn_l2tp.php @@ -115,6 +115,14 @@ if ($_POST) { $input_errors[] = gettext("A valid RADIUS server address must be specified."); } + if ($_POST['secret'] != $_POST['secret_confirm']) { + $input_errors[] = gettext("Secret and confirmation must match"); + } + + if ($_POST['radiussecret'] != $_POST['radiussecret_confirm']) { + $input_errors[] = gettext("Secret and confirmation must match"); + } + /* if this is an AJAX caller then handle via JSON */ if (isAjax() && is_array($input_errors)) { input_errors2Ajax($input_errors); @@ -276,7 +284,7 @@ $section->addInput(new Form_Input( ['min' => 0, 'max' => 255] )); -$section->addInput(new Form_Input( +$section->addPassword(new Form_Input( 'secret', 'Secret', 'password', @@ -333,7 +341,7 @@ $section->addInput(new Form_IpAddress( $pconfig['radiusserver'] ))->setHelp('Enter the IP address of the RADIUS server.'); -$section->addInput(new Form_Input( +$section->addPassword(new Form_Input( 'radiussecret', 'Secret', 'password', diff --git a/src/usr/local/www/vpn_openvpn_client.php b/src/usr/local/www/vpn_openvpn_client.php index 2fe4fca..63e52b1 100644 --- a/src/usr/local/www/vpn_openvpn_client.php +++ b/src/usr/local/www/vpn_openvpn_client.php @@ -267,6 +267,10 @@ if ($_POST) { if (empty($pconfig['proxy_user']) || empty($pconfig['proxy_passwd'])) { $input_errors[] = gettext("User name and password are required for proxy with authentication."); } + + if ($pconfig['proxy_passwd'] != $pconfig['proxy_passwd_confirm']) { + $input_errors[] = gettext("Password and confirmation must match."); + } } } @@ -328,6 +332,10 @@ if ($_POST) { $input_errors[] = gettext("If no Client Certificate is selected, a username and/or password must be entered."); } + if ($pconfig['auth_pass'] != $pconfig['auth_pass_confirm']) { + $input_errors[] = gettext("Password and confirmation must match."); + } + if (!$input_errors) { $client = array(); @@ -508,7 +516,7 @@ if ($act=="new" || $act=="edit"): $pconfig['proxy_user'] )); - $section->addInput(new Form_Input( + $section->addPassword(new Form_Input( 'proxy_passwd', 'Password', 'password', @@ -541,7 +549,7 @@ if ($act=="new" || $act=="edit"): $pconfig['auth_user'] ))->setHelp('Leave empty when no user name is needed'); - $section->addInput(new Form_Input( + $section->addPassword(new Form_Input( 'auth_pass', 'Password', 'password', |