Sanitize the session_id/logout_id in captive portal.

author: Chris Buechler <cmb@pfsense.org> 2015-12-02 18:22:13 -0600
committer: Chris Buechler <cmb@pfsense.org> 2015-12-02 18:22:45 -0600
commit: 69c97c32f9e245ee12829939a1412b17866a4c0b (patch)
tree: 93932e31ed19b4491ce2934593e31897f0c8ac29 /src/usr/local/captiveportal/index.php
parent: e5ec3bc88ee1f13023d75af5b66ffc2e7d68335b (diff)
download: pfsense-69c97c32f9e245ee12829939a1412b17866a4c0b.zip
pfsense-69c97c32f9e245ee12829939a1412b17866a4c0b.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/src/usr/local/captiveportal/index.php b/src/usr/local/captiveportal/index.php
index 780d24b..6e6de39 100644
--- a/src/usr/local/captiveportal/index.php
+++ b/src/usr/local/captiveportal/index.php
@@ -155,7 +155,9 @@ setTimeout('window.close();',5000) ;
 </html>
 
 EOD;
-	captiveportal_disconnect_client($_POST['logout_id']);
+
+	$safe_logout_id = SQLite3::escapeString($_POST['logout_id']);
+	captiveportal_disconnect_client($safe_logout_id);
 
 } else if ($macfilter && $clientmac && captiveportal_blocked_mac($clientmac)) {
 	captiveportal_logportalauth($clientmac, $clientmac, $clientip, "Blocked MAC address");
author	Chris Buechler <cmb@pfsense.org>	2015-12-02 18:22:13 -0600
committer	Chris Buechler <cmb@pfsense.org>	2015-12-02 18:22:45 -0600
commit	69c97c32f9e245ee12829939a1412b17866a4c0b (patch)
tree	93932e31ed19b4491ce2934593e31897f0c8ac29 /src/usr/local/captiveportal/index.php
parent	e5ec3bc88ee1f13023d75af5b66ffc2e7d68335b (diff)
download	pfsense-69c97c32f9e245ee12829939a1412b17866a4c0b.zip pfsense-69c97c32f9e245ee12829939a1412b17866a4c0b.tar.gz