summaryrefslogtreecommitdiffstats
path: root/src/usr/local/www/easyrule.php
diff options
context:
space:
mode:
authorjim-p <jimp@pfsense.org>2017-02-07 13:35:24 -0500
committerjim-p <jimp@pfsense.org>2017-02-07 13:37:07 -0500
commitf0cf40f964f2a559ddcf495f492bd9d38f924512 (patch)
tree2fe9a307698ae60f66aa270620550cf09370f93a /src/usr/local/www/easyrule.php
parented7bfaa4b99fc6d4c4f3b2be1dfd738f3cc8e16b (diff)
downloadpfsense-f0cf40f964f2a559ddcf495f492bd9d38f924512.zip
pfsense-f0cf40f964f2a559ddcf495f492bd9d38f924512.tar.gz
Convert easyrule.php to use a confirmation landing page so that the parameters can be submitted via POST. Also, remove the JavaScript confirmation box since it is now redundant. Fixes #7228
The confirmation page displays the submitted parameters for an extra user sanity check. Also fixed a bunch of page formatting issues that were not apparent because users rarely if ever saw output from the page.
Diffstat (limited to 'src/usr/local/www/easyrule.php')
-rw-r--r--src/usr/local/www/easyrule.php85
1 files changed, 65 insertions, 20 deletions
diff --git a/src/usr/local/www/easyrule.php b/src/usr/local/www/easyrule.php
index d9ea48e..7b0c525 100644
--- a/src/usr/local/www/easyrule.php
+++ b/src/usr/local/www/easyrule.php
@@ -59,7 +59,6 @@
##|*MATCH=easyrule.php*
##|-PRIV
-$pgtitle = gettext("Firewall: EasyRule");
require_once("guiconfig.inc");
require_once("easyrule.inc");
require_once("filter.inc");
@@ -67,17 +66,23 @@ require_once("shaper.inc");
$retval = 0;
$message = "";
-$specialsrcdst = explode(" ", "any pptp pppoe l2tp openvpn");
+$confirmed = isset($_POST['confirmed']) && $_POST['confirmed'] == 'true';
-if ($_GET && isset($_GET['action'])) {
- switch ($_GET['action']) {
+/* $specialsrcdst must be a defined global for functions being called. */
+global $specialsrcdst;
+$specialsrcdst = explode(" ", "any pppoe l2tp openvpn");
+
+if ($_POST && $confirmed && isset($_POST['action'])) {
+ switch ($_POST['action']) {
case 'block':
/* Check that we have a valid host */
- easyrule_parse_block($_GET['int'], $_GET['src'], $_GET['ipproto']);
+ $message = easyrule_parse_block($_POST['int'], $_POST['src'], $_POST['ipproto']);
break;
case 'pass':
- easyrule_parse_pass($_GET['int'], $_GET['proto'], $_GET['src'], $_GET['dst'], $_GET['dstport'], $_GET['ipproto']);
+ $message = easyrule_parse_pass($_POST['int'], $_POST['proto'], $_POST['src'], $_POST['dst'], $_POST['dstport'], $_POST['ipproto']);
break;
+ default:
+ $message = gettext("Invalid action specified.");
}
}
@@ -85,23 +90,62 @@ if (stristr($retval, "error") == true) {
$message = $retval;
}
+$pgtitle = array(gettext("Firewall"), gettext("Easy Rule"));
include("head.inc");
-?>
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
- <tr>
- <td>
-<?php
if ($input_errors) {
print_input_errors($input_errors);
}
-
-if ($message) {
?>
-<br />
-<?=gettext("Message"); ?>: <?=$message;?>
-<br />
+<form action="easyrule.php" method="post">
+ <div class="panel panel-default">
+ <div class="panel-heading">
+ <h2 class="panel-title">
+ <?=gettext("Confirmation Required to Add Easy Rule");?>
+ </h2>
+ </div>
+ <div class="panel-body">
+ <div class="content">
<?php
-} else {
+if (!$confirmed && !empty($_REQUEST['action'])) { ?>
+ <?php if ($_GET['action'] == 'block'): ?>
+ <b><?=gettext("Rule Type")?>:</b> <?=htmlspecialchars(ucfirst(gettext($_GET['action'])))?>
+ <br/><b><?=gettext("Interface")?>:</b> <?=htmlspecialchars(strtoupper($_GET['int']))?>
+ <input type="hidden" name="int" value="<?=htmlspecialchars($_GET['int'])?>" />
+ <br/><b><?= gettext("Source") ?>:</b> <?=htmlspecialchars($_GET['src'])?>
+ <input type="hidden" name="src" value="<?=htmlspecialchars($_GET['src'])?>" />
+ <br/><b><?=gettext("IP Protocol")?>:</b> <?=htmlspecialchars(ucfirst($_GET['ipproto']))?>
+ <input type="hidden" name="ipproto" value="<?=htmlspecialchars($_GET['ipproto'])?>" />
+ <?php elseif ($_GET['action'] == 'pass'): ?>
+ <b><?=gettext("Rule Type")?>:</b> <?=htmlspecialchars(ucfirst(gettext($_GET['action'])))?>
+ <br/><b><?=gettext("Interface")?>:</b> <?=htmlspecialchars(strtoupper($_GET['int']))?>
+ <input type="hidden" name="int" value="<?=htmlspecialchars($_GET['int'])?>" />
+ <br/><b><?=gettext("Protocol")?>:</b> <?=htmlspecialchars(strtoupper($_GET['proto']))?>
+ <input type="hidden" name="proto" value="<?=htmlspecialchars($_GET['proto'])?>" />
+ <br/><b><?=gettext("Source")?>:</b> <?=htmlspecialchars($_GET['src'])?>
+ <input type="hidden" name="src" value="<?=htmlspecialchars($_GET['src'])?>" />
+ <br/><b><?=gettext("Destination")?>:</b> <?=htmlspecialchars($_GET['dst'])?>
+ <input type="hidden" name="dst" value="<?=htmlspecialchars($_GET['dst'])?>" />
+ <br/><b><?=gettext("Destination Port")?>:</b> <?=htmlspecialchars($_GET['dstport'])?>
+ <input type="hidden" name="dstport" value="<?=htmlspecialchars($_GET['dstport'])?>" />
+ <br/><b><?=gettext("IP Protocol")?>:</b> <?=htmlspecialchars(ucfirst($_GET['ipproto']))?>
+ <input type="hidden" name="ipproto" value="<?=htmlspecialchars($_GET['ipproto'])?>" />
+ <?php else:
+ $message = gettext("Invalid action specified.");
+ endif; ?>
+ <br/><br/>
+ <?php if (empty($message)): ?>
+ <input type="hidden" name="action" value="<?=htmlspecialchars($_GET['action'])?>" />
+ <input type="hidden" name="confirmed" value="true" />
+ <button type="submit" class="btn btn-success" name="erconfirm" id="erconfirm" value="<?=gettext("Confirm")?>">
+ <i class="fa fa-check icon-embed-btn"></i>
+ <?=gettext("Confirm")?>
+ </button>
+ <?php endif;
+}
+
+if ($message) {
+ print_info_box($message);
+} elseif (empty($_REQUEST['action'])) {
print_info_box(
gettext('This is the Easy Rule status page, mainly used to display errors when adding rules.') . ' ' .
gettext('There apparently was not an error, and this page was navigated to directly without any instructions for what it should do.') .
@@ -110,7 +154,8 @@ if ($message) {
', <a href="status_logs_filter.php">' . gettext("Status") . ' &gt; ' . gettext('System Logs') . ', ' . gettext('Firewall Tab') . '</a>.<br />');
}
?>
- </td>
- </tr>
-</table>
+ </div>
+ </div>
+ </div>
+</form>
<?php include("foot.inc"); ?>
OpenPOWER on IntegriCloud