Revisions to GET/POST conversion limiting POSTs to save, apply, and delete functions

author: Steve Beaver <sbeaver@netgate.com> 2017-02-13 10:47:47 -0500
committer: Steve Beaver <sbeaver@netgate.com> 2017-02-13 10:48:25 -0500
commit: 4611e283323f0eaf44bc4ded4ad4f7cf9d8cdbe1 (patch)
tree: 44a60f536cefad3d50cefccf780c98094e217d1a /src/usr/local/www/system_gateways.php
parent: ac4fe723a521e35a29fb55075cdfdb2230d74aa2 (diff)
download: pfsense-4611e283323f0eaf44bc4ded4ad4f7cf9d8cdbe1.zip
pfsense-4611e283323f0eaf44bc4ded4ad4f7cf9d8cdbe1.tar.gz
1 files changed, 27 insertions, 29 deletions
diff --git a/src/usr/local/www/system_gateways.php b/src/usr/local/www/system_gateways.php
index 89c8923..62b350a 100644
--- a/src/usr/local/www/system_gateways.php
+++ b/src/usr/local/www/system_gateways.php
@@ -45,28 +45,26 @@ if (!is_array($config['gateways']['gateway_item'])) {
 
 $a_gateway_item = &$config['gateways']['gateway_item'];
 
-if ($_POST) {
+$pconfig = $_REQUEST;
 
-	$pconfig = $_POST;
-
-	if ($_POST['apply']) {
+if ($_POST['apply']) {
 
-		$retval = 0;
+	$retval = 0;
 
-		$retval |= system_routing_configure();
-		$retval |= system_resolvconf_generate();
-		$retval |= filter_configure();
-		/* reconfigure our gateway monitor */
-		setup_gateways_monitor();
-		/* Dynamic DNS on gw groups may have changed */
-		send_event("service reload dyndnsall");
+	$retval |= system_routing_configure();
+	$retval |= system_resolvconf_generate();
+	$retval |= filter_configure();
+	/* reconfigure our gateway monitor */
+	setup_gateways_monitor();
+	/* Dynamic DNS on gw groups may have changed */
+	send_event("service reload dyndnsall");
 
-		if ($retval == 0) {
-			clear_subsystem_dirty('staticroutes');
-		}
+	if ($retval == 0) {
+		clear_subsystem_dirty('staticroutes');
 	}
 }
 
+
 function can_delete_disable_gateway_item($id, $disable = false) {
 	global $config, $input_errors, $a_gateways;
 
@@ -154,10 +152,10 @@ function delete_gateway_item($id) {
 }
 
 unset($input_errors);
-if ($_POST['act'] == "del") {
-	if (can_delete_disable_gateway_item($_POST['id'])) {
-		$realid = $a_gateways[$_POST['id']]['attribute'];
-		delete_gateway_item($_POST['id']);
+if ($_REQUEST['act'] == "del") {
+	if (can_delete_disable_gateway_item($_REQUEST['id'])) {
+		$realid = $a_gateways[$_REQUEST['id']]['attribute'];
+		delete_gateway_item($_REQUEST['id']);
 		write_config("Gateways: removed gateway {$realid}");
 		mark_subsystem_dirty('staticroutes');
 		header("Location: system_gateways.php");
@@ -165,10 +163,10 @@ if ($_POST['act'] == "del") {
 	}
 }
 
-if (isset($_POST['del_x'])) {
+if (isset($_REQUEST['del_x'])) {
 	/* delete selected items */
-	if (is_array($_POST['rule']) && count($_POST['rule'])) {
-		foreach ($_POST['rule'] as $rulei) {
+	if (is_array($_REQUEST['rule']) && count($_REQUEST['rule'])) {
+		foreach ($_REQUEST['rule'] as $rulei) {
 			if (!can_delete_disable_gateway_item($rulei)) {
 				break;
 			}
@@ -176,7 +174,7 @@ if (isset($_POST['del_x'])) {
 
 		if (!isset($input_errors)) {
 			$items_deleted = "";
-			foreach ($_POST['rule'] as $rulei) {
+			foreach ($_REQUEST['rule'] as $rulei) {
 				delete_gateway_item($rulei);
 				$items_deleted .= "{$rulei} ";
 			}
@@ -189,12 +187,12 @@ if (isset($_POST['del_x'])) {
 		}
 	}
 
-} else if ($_POST['act'] == "toggle" && $a_gateways[$_POST['id']]) {
-	$realid = $a_gateways[$_POST['id']]['attribute'];
+} else if ($_REQUEST['act'] == "toggle" && $a_gateways[$_REQUEST['id']]) {
+	$realid = $a_gateways[$_REQUEST['id']]['attribute'];
 	$disable_gw = !isset($a_gateway_item[$realid]['disabled']);
 	if ($disable_gw) {
 		// The user wants to disable the gateway, so check if that is OK.
-		$ok_to_toggle = can_delete_disable_gateway_item($_POST['id'], $disable_gw);
+		$ok_to_toggle = can_delete_disable_gateway_item($_REQUEST['id'], $disable_gw);
 	} else {
 		// The user wants to enable the gateway. That is always OK.
 		$ok_to_toggle = true;
@@ -302,8 +300,8 @@ foreach ($a_gateways as $i => $gateway):
 							<?=htmlspecialchars($gateway['descr'])?>
 						</td>
 						<td>
-							<a href="system_gateways_edit.php?id=<?=$i?>" class="fa fa-pencil" title="<?=gettext('Edit gateway');?>" usepost></a>
-							<a href="system_gateways_edit.php?dup=<?=$i?>" class="fa fa-clone" title="<?=gettext('Copy gateway')?>" usepost></a>
+							<a href="system_gateways_edit.php?id=<?=$i?>" class="fa fa-pencil" title="<?=gettext('Edit gateway');?>"></a>
+							<a href="system_gateways_edit.php?dup=<?=$i?>" class="fa fa-clone" title="<?=gettext('Copy gateway')?>"></a>
 
 <?php if (is_numeric($gateway['attribute'])): ?>
 	<?php if (isset($gateway['disabled'])) {
@@ -327,7 +325,7 @@ foreach ($a_gateways as $i => $gateway):
 </div>
 
 <nav class="action-buttons">
-	<a href="system_gateways_edit.php" role="button" class="btn btn-success" usepost>
+	<a href="system_gateways_edit.php" role="button" class="btn btn-success">
 		<i class="fa fa-plus icon-embed-btn"></i>
 		<?=gettext("Add");?>
 	</a>
author	Steve Beaver <sbeaver@netgate.com>	2017-02-13 10:47:47 -0500
committer	Steve Beaver <sbeaver@netgate.com>	2017-02-13 10:48:25 -0500
commit	4611e283323f0eaf44bc4ded4ad4f7cf9d8cdbe1 (patch)
tree	44a60f536cefad3d50cefccf780c98094e217d1a /src/usr/local/www/system_gateways.php
parent	ac4fe723a521e35a29fb55075cdfdb2230d74aa2 (diff)
download	pfsense-4611e283323f0eaf44bc4ded4ad4f7cf9d8cdbe1.zip pfsense-4611e283323f0eaf44bc4ded4ad4f7cf9d8cdbe1.tar.gz