Use intval here to not trust php and also use empty which gives more protections

author: Ermal <eri@pfsense.org> 2013-12-24 16:25:57 +0000
committer: Ermal <eri@pfsense.org> 2013-12-24 16:25:57 +0000
commit: b0ae52134ebd4ce49a5bf41570efc3cf877adf0e (patch)
tree: 1da57bc7afd9748a9ccc35ceb1acccccea88588c /etc
parent: e675625187202c213c52cfe61ddef6aa8e2b6e5d (diff)
download: pfsense-b0ae52134ebd4ce49a5bf41570efc3cf877adf0e.zip
pfsense-b0ae52134ebd4ce49a5bf41570efc3cf877adf0e.tar.gz
1 files changed, 3 insertions, 3 deletions
diff --git a/etc/inc/captiveportal.inc b/etc/inc/captiveportal.inc
index 8950df3..a2cbc48 100644
--- a/etc/inc/captiveportal.inc
+++ b/etc/inc/captiveportal.inc
@@ -716,13 +716,13 @@ function captiveportal_prune_old() {
 				} else if ($cpcfg['reauthenticateacct'] == "interimupdate") {
 					$session_time = $pruning_time - $cpentry[0];
 					if (!empty($cpentry[10]) && $cpentry[10] > 60)
-						$interval = $cpentry[10];
+						$interval = intval($cpentry[10]);
 					else
 						$interval = 0;
 					$past_interval_min = ($session_time > $interval);
-					if ($interval != 0)
+					if (!empty($interval))
 						$within_interval = ($session_time % $interval >= 0 && $session_time % $interval <= 59);
-					if ($interval === 0 || ($interval > 0 && $past_interval_min && $within_interval)) {
+					if (empty($interval) || ($interval > 0 && $past_interval_min && $within_interval)) {
 						RADIUS_ACCOUNTING_STOP($cpentry[1], // ruleno
 							$cpentry[4], // username
 							$cpentry[5], // sessionid
author	Ermal <eri@pfsense.org>	2013-12-24 16:25:57 +0000
committer	Ermal <eri@pfsense.org>	2013-12-24 16:25:57 +0000
commit	b0ae52134ebd4ce49a5bf41570efc3cf877adf0e (patch)
tree	1da57bc7afd9748a9ccc35ceb1acccccea88588c /etc
parent	e675625187202c213c52cfe61ddef6aa8e2b6e5d (diff)
download	pfsense-b0ae52134ebd4ce49a5bf41570efc3cf877adf0e.zip pfsense-b0ae52134ebd4ce49a5bf41570efc3cf877adf0e.tar.gz