diff options
author | Ermal <eri@pfsense.org> | 2013-12-24 16:25:57 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2013-12-24 16:25:57 +0000 |
commit | b0ae52134ebd4ce49a5bf41570efc3cf877adf0e (patch) | |
tree | 1da57bc7afd9748a9ccc35ceb1acccccea88588c /etc | |
parent | e675625187202c213c52cfe61ddef6aa8e2b6e5d (diff) | |
download | pfsense-b0ae52134ebd4ce49a5bf41570efc3cf877adf0e.zip pfsense-b0ae52134ebd4ce49a5bf41570efc3cf877adf0e.tar.gz |
Use intval here to not trust php and also use empty which gives more protections
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/captiveportal.inc | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/etc/inc/captiveportal.inc b/etc/inc/captiveportal.inc index 8950df3..a2cbc48 100644 --- a/etc/inc/captiveportal.inc +++ b/etc/inc/captiveportal.inc @@ -716,13 +716,13 @@ function captiveportal_prune_old() { } else if ($cpcfg['reauthenticateacct'] == "interimupdate") { $session_time = $pruning_time - $cpentry[0]; if (!empty($cpentry[10]) && $cpentry[10] > 60) - $interval = $cpentry[10]; + $interval = intval($cpentry[10]); else $interval = 0; $past_interval_min = ($session_time > $interval); - if ($interval != 0) + if (!empty($interval)) $within_interval = ($session_time % $interval >= 0 && $session_time % $interval <= 59); - if ($interval === 0 || ($interval > 0 && $past_interval_min && $within_interval)) { + if (empty($interval) || ($interval > 0 && $past_interval_min && $within_interval)) { RADIUS_ACCOUNTING_STOP($cpentry[1], // ruleno $cpentry[4], // username $cpentry[5], // sessionid |