diff options
| author | Steve Beaver <sbeaver@netgate.com> | 2017-02-14 16:31:05 -0500 |
|---|---|---|
| committer | Steve Beaver <sbeaver@netgate.com> | 2017-02-14 16:31:05 -0500 |
| commit | 8d58ebae67880814c4ae602cd5313892927b1f3c (patch) | |
| tree | 2b6f12cd28e2ad88a9f859f2b21675b8f819a681 | |
| parent | 33ebc875126ef9a0de3670e47d21b13a883e8ab0 (diff) | |
| download | pfsense-8d58ebae67880814c4ae602cd5313892927b1f3c.zip pfsense-8d58ebae67880814c4ae602cd5313892927b1f3c.tar.gz | |
GET/POST conversion
| -rw-r--r-- | src/etc/inc/auth.inc | 4 | ||||
| -rw-r--r-- | src/etc/inc/filter_log.inc | 2 | ||||
| -rw-r--r-- | src/usr/local/www/pkg.php | 14 | ||||
| -rw-r--r-- | src/usr/local/www/pkg_edit.php | 11 | ||||
| -rw-r--r-- | src/usr/local/www/pkg_mgr_install.php | 4 | ||||
| -rw-r--r-- | src/usr/local/www/wizard.php | 18 |
6 files changed, 21 insertions, 32 deletions
diff --git a/src/etc/inc/auth.inc b/src/etc/inc/auth.inc index bca6b10..563987b 100644 --- a/src/etc/inc/auth.inc +++ b/src/etc/inc/auth.inc @@ -1863,14 +1863,14 @@ function session_auth() { * to submit a HTML form. It basically disables the observation * of the submit event and hence does not trigger Ajax. */ - if ($_GET['disable_ajax']) { + if ($_REQUEST['disable_ajax']) { $_SESSION['NO_AJAX'] = "True"; } /* * Same to re-enable Ajax. */ - if ($_GET['enable_ajax']) { + if ($_REQUEST['enable_ajax']) { unset($_SESSION['NO_AJAX']); } diff --git a/src/etc/inc/filter_log.inc b/src/etc/inc/filter_log.inc index 93b049c..7152bd9 100644 --- a/src/etc/inc/filter_log.inc +++ b/src/etc/inc/filter_log.inc @@ -559,7 +559,7 @@ function find_action_image($action) { /* AJAX specific handlers */ function handle_ajax() { global $config; - if (($_GET['lastsawtime'] or $_POST['lastsawtime']) and ($_GET['logfile'] or $_POST['logfile'])) { + if ($_REQUEST['lastsawtime'] && $_REQUEST['logfile']) { $lastsawtime = getGETPOSTsettingvalue('lastsawtime', null); $logfile = getGETPOSTsettingvalue('logfile', null); diff --git a/src/usr/local/www/pkg.php b/src/usr/local/www/pkg.php index 08c0b1c..55f5559 100644 --- a/src/usr/local/www/pkg.php +++ b/src/usr/local/www/pkg.php @@ -90,7 +90,7 @@ if ($_REQUEST['display_maximum_rows']) { $evaledvar = $config['installedpackages'][xml_safe_fieldname($pkg['name'])]['config']; -if ($_GET['act'] == "update") { +if ($_REQUEST['act'] == "update") { if (is_array($config['installedpackages'][$pkg['name']]) && $pkg['name'] != "" && $_REQUEST['ids'] !="") { #get current values @@ -113,7 +113,7 @@ if ($_GET['act'] == "update") { #function called via jquery, no need to continue after save changes. exit; } -if ($_GET['act'] == "del") { +if ($_REQUEST['act'] == "del") { // loop through our fieldnames and automatically setup the fieldnames // in the environment. ie: a fieldname of username with a value of // testuser would automatically eval $username = "testuser"; @@ -127,8 +127,8 @@ if ($_GET['act'] == "del") { $a_pkg = &$config['installedpackages'][xml_safe_fieldname($pkg['name'])]['config']; - if ($a_pkg[$_GET['id']]) { - unset($a_pkg[$_GET['id']]); + if ($a_pkg[$_REQUEST['id']]) { + unset($a_pkg[$_REQUEST['id']]); write_config(); if ($pkg['custom_delete_php_command'] != "") { if ($pkg['custom_php_command_before_form'] != "") { @@ -157,7 +157,7 @@ if ($pkg['custom_php_command_before_form'] != "") { // Breadcrumb if ($pkg['title'] != "") { /*if (!$only_edit) { // Is any package still making use of this?? Is this something that is still wanted, considering the breadcrumb policy https://redmine.pfsense.org/issues/5527 - $pkg['title'] = $pkg['title'] . '/Edit'; // If this needs to live on, then it has to be moved to run AFTER "foreach ($pkg['tabs']['tab'] as $tab)"-loop. This due to $pgtitle[] = $tab['text']; + $pkg['title'] = $pkg['title'] . '/Edit'; // If this needs to live on, then it has to be moved to run AFTER "foreach ($pkg['tabs']['tab'] as $tab)"-loop. This due to $pgtitle[] = $tab['text']; }*/ if (strpos($pkg['title'], '/')) { $title = explode('/', $pkg['title']); @@ -286,8 +286,8 @@ function save_changes_to_xml(xml) { </script> <?php -if ($_GET['savemsg'] != "") { - $savemsg = htmlspecialchars($_GET['savemsg']); +if ($_REQUEST['savemsg'] != "") { + $savemsg = htmlspecialchars($_REQUEST['savemsg']); } if ($savemsg) { diff --git a/src/usr/local/www/pkg_edit.php b/src/usr/local/www/pkg_edit.php index d98b976..559645b 100644 --- a/src/usr/local/www/pkg_edit.php +++ b/src/usr/local/www/pkg_edit.php @@ -39,10 +39,7 @@ function pfSenseHeader($location) { header("Location: " . $location); } -$xml = htmlspecialchars($_GET['xml']); -if ($_POST['xml']) { - $xml = htmlspecialchars($_POST['xml']); -} +$xml = htmlspecialchars($_REQUEST['xml']); $xml_fullpath = realpath('/usr/local/pkg/' . $xml); @@ -67,7 +64,7 @@ if (!isset($pkg['adddeleteeditpagefields'])) { $only_edit = false; } -$id = $_GET['id']; +$id = $_REQUEST['id']; if (isset($_POST['id'])) { $id = htmlspecialchars($_POST['id']); } @@ -101,8 +98,8 @@ if ($config['installedpackages'] && $a_pkg = &$config['installedpackages'][xml_safe_fieldname($pkg['name'])]['config']; -if ($_GET['savemsg'] != "") { - $savemsg = htmlspecialchars($_GET['savemsg']); +if ($_REQUEST['savemsg'] != "") { + $savemsg = htmlspecialchars($_REQUEST['savemsg']); } if ($pkg['custom_php_command_before_form'] != "") { diff --git a/src/usr/local/www/pkg_mgr_install.php b/src/usr/local/www/pkg_mgr_install.php index e16c4e1..ecd80e1 100644 --- a/src/usr/local/www/pkg_mgr_install.php +++ b/src/usr/local/www/pkg_mgr_install.php @@ -292,9 +292,9 @@ if (!$confirmed && !$completed && ?> <?=gettext("Confirmation Required to reinstall all packages.");?> <?php - elseif ($_GET['from'] && $_GET['to']): + elseif ($_REQUEST['from'] && $_REQUEST['to']): ?> - <?=sprintf(gettext('Confirmation Required to upgrade package %1$s from %2$s to %3$s.'), $pkgname, htmlspecialchars($_GET['from']), htmlspecialchars($_GET['to']))?> + <?=sprintf(gettext('Confirmation Required to upgrade package %1$s from %2$s to %3$s.'), $pkgname, htmlspecialchars($_REQUEST['from']), htmlspecialchars($_REQUEST['to']))?> <?php elseif ($firmwareupdate): ?> diff --git a/src/usr/local/www/wizard.php b/src/usr/local/www/wizard.php index e0c1e8d..3bc72da 100644 --- a/src/usr/local/www/wizard.php +++ b/src/usr/local/www/wizard.php @@ -39,19 +39,14 @@ define('DEBUG', false); global $g; -$stepid = htmlspecialchars($_GET['stepid']); -if (isset($_POST['stepid'])) { - $stepid = htmlspecialchars($_POST['stepid']); -} +$stepid = htmlspecialchars($_REQUEST['stepid']); + if (!$stepid) { $stepid = "0"; } -$xml = htmlspecialchars($_GET['xml']); -if ($_POST['xml']) { - $xml = htmlspecialchars($_POST['xml']); -} +$xml = htmlspecialchars($_REQUEST['xml']); if (empty($xml)) { $xml = "not_defined"; @@ -409,11 +404,8 @@ if ($input_errors) { if ($savemsg) { print_info_box($savemsg, 'success'); } -if ($_GET['message'] != "") { - print_info_box(htmlspecialchars($_GET['message'])); -} -if ($_POST['message'] != "") { - print_info_box(htmlspecialchars($_POST['message'])); +if ($_REQUEST['message'] != "") { + print_info_box(htmlspecialchars($_REQUEST['message'])); } $completion = ($stepid == 0) ? 0:($stepid * 100) / ($totalsteps -1); |
