diff options
author | Chris Buechler <cmb@pfsense.org> | 2015-12-02 18:22:55 -0600 |
---|---|---|
committer | Chris Buechler <cmb@pfsense.org> | 2015-12-02 18:22:55 -0600 |
commit | 43180e9c49b913b5c6361822d839d51074890c20 (patch) | |
tree | 1c2cd1f72884070c969ea9590953ee42ddfdfb4c /etc | |
parent | 5245206c6a7aad728f905a5a4cc5bfae03edfefc (diff) | |
download | pfsense-43180e9c49b913b5c6361822d839d51074890c20.zip pfsense-43180e9c49b913b5c6361822d839d51074890c20.tar.gz |
Sanitize the session_id/logout_id in captive portal.
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/captiveportal.inc | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/etc/inc/captiveportal.inc b/etc/inc/captiveportal.inc index 8e20ceb..0145962 100644 --- a/etc/inc/captiveportal.inc +++ b/etc/inc/captiveportal.inc @@ -915,6 +915,7 @@ function captiveportal_disconnect($dbent, $radiusservers,$term_cause = 1,$stop_t function captiveportal_disconnect_client($sessionid, $term_cause = 1, $logoutReason = "LOGOUT") { global $g, $config; + $sessionid = SQLite3::escapeString($sessionid); $radiusservers = captiveportal_get_radius_servers(); /* read database */ |