diff options
author | Steve Beaver <sbeaver@netgate.com> | 2017-02-10 15:34:58 -0500 |
---|---|---|
committer | Steve Beaver <sbeaver@netgate.com> | 2017-02-10 15:34:58 -0500 |
commit | e3947e772a9caa00403001ddeda9270d1f821547 (patch) | |
tree | bc573bb906ac3a90039543740b919fafc51c6203 /src/usr/local/www | |
parent | a13715575daa1fd79d24e05b51a3d4988b8f23ec (diff) | |
download | pfsense-e3947e772a9caa00403001ddeda9270d1f821547.zip pfsense-e3947e772a9caa00403001ddeda9270d1f821547.tar.gz |
GET/POST conversion firewall_rules
guiconfig.php display_top_tabs supports "usepost" as an optional 4th argument
Diffstat (limited to 'src/usr/local/www')
-rw-r--r-- | src/usr/local/www/firewall_rules.php | 77 | ||||
-rw-r--r-- | src/usr/local/www/firewall_rules_edit.php | 24 | ||||
-rw-r--r-- | src/usr/local/www/firewall_schedule.php | 14 | ||||
-rw-r--r-- | src/usr/local/www/firewall_schedule_edit.php | 6 | ||||
-rw-r--r-- | src/usr/local/www/guiconfig.inc | 4 |
5 files changed, 56 insertions, 69 deletions
diff --git a/src/usr/local/www/firewall_rules.php b/src/usr/local/www/firewall_rules.php index 3fc486e..747ea50 100644 --- a/src/usr/local/www/firewall_rules.php +++ b/src/usr/local/www/firewall_rules.php @@ -85,7 +85,7 @@ function print_states($tracker) { printf("<a href=\"diag_dump_states.php?ruleid=%s\" data-toggle=\"popover\" data-trigger=\"hover focus\" title=\"%s\" ", $rulesid, gettext("States details")); - printf("data-content=\"evaluations: %s<br>packets: %s<br>bytes: %s<br>states: %s<br>state creations: %s\" data-html=\"true\">", + printf("data-content=\"evaluations: %s<br>packets: %s<br>bytes: %s<br>states: %s<br>state creations: %s\" data-html=\"true\" usepost>", format_number($evaluations), format_number($packets), format_bytes($bytes), format_number($states), format_number($stcreations)); printf("%s/%s</a><br>", format_number($states), format_bytes($bytes)); @@ -114,8 +114,6 @@ if (!is_array($config['filter']['rule'])) { filter_rules_sort(); $a_filter = &$config['filter']['rule']; -$if = $_GET['if']; - if ($_POST['if']) { $if = $_POST['if']; } @@ -169,27 +167,26 @@ if (!$if || !isset($iflist[$if])) { } } -if ($_POST) { - $pconfig = $_POST; +$pconfig = $_POST; - if ($_POST['apply']) { - $retval = 0; - $retval |= filter_configure(); +if ($_POST['apply']) { + $retval = 0; + $retval |= filter_configure(); - clear_subsystem_dirty('filter'); - } + clear_subsystem_dirty('filter'); } -if ($_GET['act'] == "del") { - if ($a_filter[$_GET['id']]) { - if (!empty($a_filter[$_GET['id']]['associated-rule-id'])) { - delete_nat_association($a_filter[$_GET['id']]['associated-rule-id']); + +if ($_POST['act'] == "del") { + if ($a_filter[$_POST['id']]) { + if (!empty($a_filter[$_POST['id']]['associated-rule-id'])) { + delete_nat_association($a_filter[$_POST['id']]['associated-rule-id']); } - unset($a_filter[$_GET['id']]); + unset($a_filter[$_POST['id']]); // Update the separators $a_separators = &$config['filter']['separator'][strtolower($if)]; - $ridx = ifridx($if, $_GET['id']); // get rule index within interface + $ridx = ifridx($if, $_POST['id']); // get rule index within interface $mvnrows = -1; move_separators($a_separators, $ridx, $mvnrows); @@ -237,12 +234,12 @@ if (isset($_POST['del_x'])) { header("Location: firewall_rules.php?if=" . htmlspecialchars($if)); exit; } -} else if ($_GET['act'] == "toggle") { - if ($a_filter[$_GET['id']]) { - if (isset($a_filter[$_GET['id']]['disabled'])) { - unset($a_filter[$_GET['id']]['disabled']); +} else if ($_POST['act'] == "toggle") { + if ($a_filter[$_POST['id']]) { + if (isset($a_filter[$_POST['id']]['disabled'])) { + unset($a_filter[$_POST['id']]['disabled']); } else { - $a_filter[$_GET['id']]['disabled'] = true; + $a_filter[$_POST['id']]['disabled'] = true; } if (write_config()) { mark_subsystem_dirty('filter'); @@ -336,7 +333,7 @@ if (is_subsystem_dirty('filter')) { print_apply_box(gettext("The firewall rule configuration has been changed.") . "<br />" . gettext("The changes must be applied for them to take effect.")); } -display_top_tabs($tab_array); +display_top_tabs($tab_array, false, 'pills', "usepost"); $showantilockout = false; $showprivate = false; @@ -436,7 +433,7 @@ $columns_in_table = 13; <td></td> <td><?=gettext("Block private networks");?></td> <td> - <a href="interfaces.php?if=<?=htmlspecialchars($if)?>" title="<?=gettext("Settings");?>"><i class="fa fa-cog"></i></a> + <a href="interfaces.php?if=<?=htmlspecialchars($if)?>" title="<?=gettext("Settings");?>" usepost><i class="fa fa-cog"></i></a> </td> </tr> <?php endif;?> @@ -455,7 +452,7 @@ $columns_in_table = 13; <td></td> <td><?=gettext("Block bogon networks");?></td> <td> - <a href="interfaces.php?if=<?=htmlspecialchars($if)?>" title="<?=gettext("Settings");?>"><i class="fa fa-cog"></i></a> + <a href="interfaces.php?if=<?=htmlspecialchars($if)?>" title="<?=gettext("Settings");?>" usepost><i class="fa fa-cog"></i></a> </td> </tr> <?php endif;?> @@ -500,7 +497,7 @@ foreach ($a_filter as $filteri => $filterent): } ?> <td title="<?=$title_text?>"> - <a href="?if=<?=htmlspecialchars($if);?>&act=toggle&id=<?=$filteri;?>"> + <a href="?if=<?=htmlspecialchars($if);?>&act=toggle&id=<?=$filteri;?>" usepost> <i class="fa fa-<?=$iconfn?>" title="<?=gettext("click to toggle enabled/disabled status");?>"></i> </a> <?php @@ -633,7 +630,7 @@ foreach ($a_filter as $filteri => $filterent): #FIXME $sched_caption_escaped = str_replace("'", "\'", $schedule['descr']); $schedule_span_begin = '<a href="/firewall_schedule_edit.php?id=' . $idx . '" data-toggle="popover" data-trigger="hover focus" title="' . $schedule['name'] . '" data-content="' . - $sched_caption_escaped . '" data-html="true">'; + $sched_caption_escaped . '" data-html="true" usepost>'; $schedule_span_end = "</a>"; } $idx++; @@ -708,7 +705,7 @@ foreach ($a_filter as $filteri => $filterent): </td> <td> <?php if (isset($alias['src'])): ?> - <a href="/firewall_aliases_edit.php?id=<?=$alias['src']?>" data-toggle="popover" data-trigger="hover focus" title="<?=gettext('Alias details')?>" data-content="<?=alias_info_popup($alias['src'])?>" data-html="true"> + <a href="/firewall_aliases_edit.php?id=<?=$alias['src']?>" data-toggle="popover" data-trigger="hover focus" title="<?=gettext('Alias details')?>" data-content="<?=alias_info_popup($alias['src'])?>" data-html="true" usepost> <?=str_replace('_', ' ', htmlspecialchars(pprint_address($filterent['source'])))?> </a> <?php else: ?> @@ -717,7 +714,7 @@ foreach ($a_filter as $filteri => $filterent): </td> <td> <?php if (isset($alias['srcport'])): ?> - <a href="/firewall_aliases_edit.php?id=<?=$alias['srcport']?>" data-toggle="popover" data-trigger="hover focus" title="<?=gettext('Alias details')?>" data-content="<?=alias_info_popup($alias['srcport'])?>" data-html="true"> + <a href="/firewall_aliases_edit.php?id=<?=$alias['srcport']?>" data-toggle="popover" data-trigger="hover focus" title="<?=gettext('Alias details')?>" data-content="<?=alias_info_popup($alias['srcport'])?>" data-html="true" usepost> <?=str_replace('_', ' ', htmlspecialchars(pprint_port($filterent['source']['port'])))?> </a> <?php else: ?> @@ -726,7 +723,7 @@ foreach ($a_filter as $filteri => $filterent): </td> <td> <?php if (isset($alias['dst'])): ?> - <a href="/firewall_aliases_edit.php?id=<?=$alias['dst']?>" data-toggle="popover" data-trigger="hover focus" title="<?=gettext('Alias details')?>" data-content="<?=alias_info_popup($alias['dst'])?>" data-html="true"> + <a href="/firewall_aliases_edit.php?id=<?=$alias['dst']?>" data-toggle="popover" data-trigger="hover focus" title="<?=gettext('Alias details')?>" data-content="<?=alias_info_popup($alias['dst'])?>" data-html="true" usepost> <?=str_replace('_', ' ', htmlspecialchars(pprint_address($filterent['destination'])))?> </a> <?php else: ?> @@ -735,7 +732,7 @@ foreach ($a_filter as $filteri => $filterent): </td> <td> <?php if (isset($alias['dstport'])): ?> - <a href="/firewall_aliases_edit.php?id=<?=$alias['dstport']?>" data-toggle="popover" data-trigger="hover focus" title="<?=gettext('Alias details')?>" data-content="<?=alias_info_popup($alias['dstport'])?>" data-html="true"> + <a href="/firewall_aliases_edit.php?id=<?=$alias['dstport']?>" data-toggle="popover" data-trigger="hover focus" title="<?=gettext('Alias details')?>" data-content="<?=alias_info_popup($alias['dstport'])?>" data-html="true" usepost> <?=str_replace('_', ' ', htmlspecialchars(pprint_port($filterent['destination']['port'])))?> </a> <?php else: ?> @@ -753,12 +750,12 @@ foreach ($a_filter as $filteri => $filterent): <?php if (isset($filterent['ackqueue']) && isset($filterent['defaultqueue'])) { $desc = str_replace('_', ' ', $filterent['ackqueue']); - echo "<a href=\"firewall_shaper_queues.php?queue={$filterent['ackqueue']}&action=show\">{$desc}</a>"; + echo "<a href=\"firewall_shaper_queues.php?queue={$filterent['ackqueue']}&action=show\" usepost>{$desc}</a>"; $desc = str_replace('_', ' ', $filterent['defaultqueue']); - echo "/<a href=\"firewall_shaper_queues.php?queue={$filterent['defaultqueue']}&action=show\">{$desc}</a>"; + echo "/<a href=\"firewall_shaper_queues.php?queue={$filterent['defaultqueue']}&action=show\" usepost>{$desc}</a>"; } else if (isset($filterent['defaultqueue'])) { $desc = str_replace('_', ' ', $filterent['defaultqueue']); - echo "<a href=\"firewall_shaper_queues.php?queue={$filterent['defaultqueue']}&action=show\">{$desc}</a>"; + echo "<a href=\"firewall_shaper_queues.php?queue={$filterent['defaultqueue']}&action=show\" usepost>{$desc}</a>"; } else { echo gettext("none"); } @@ -776,17 +773,17 @@ foreach ($a_filter as $filteri => $filterent): <td class="action-icons"> <!-- <?=(isset($filterent['disabled']) ? 'enable' : 'disable')?> --> <a class="fa fa-anchor icon-pointer" id="Xmove_<?=$filteri?>" title="<?=$XmoveTitle?>"></a> - <a href="firewall_rules_edit.php?id=<?=$filteri;?>" class="fa fa-pencil" title="<?=gettext('Edit')?>"></a> - <a href="firewall_rules_edit.php?dup=<?=$filteri;?>" class="fa fa-clone" title="<?=gettext('Copy')?>"></a> + <a href="firewall_rules_edit.php?id=<?=$filteri;?>" class="fa fa-pencil" title="<?=gettext('Edit')?>" usepost></a> + <a href="firewall_rules_edit.php?dup=<?=$filteri;?>" class="fa fa-clone" title="<?=gettext('Copy')?>" usepost></a> <?php if (isset($filterent['disabled'])) { ?> - <a href="?act=toggle&if=<?=htmlspecialchars($if);?>&id=<?=$filteri;?>" class="fa fa-check-square-o" title="<?=gettext('Enable')?>"></a> + <a href="?act=toggle&if=<?=htmlspecialchars($if);?>&id=<?=$filteri;?>" class="fa fa-check-square-o" title="<?=gettext('Enable')?>" usepost></a> <?php } else { ?> - <a href="?act=toggle&if=<?=htmlspecialchars($if);?>&id=<?=$filteri;?>" class="fa fa-ban" title="<?=gettext('Disable')?>"></a> + <a href="?act=toggle&if=<?=htmlspecialchars($if);?>&id=<?=$filteri;?>" class="fa fa-ban" title="<?=gettext('Disable')?>" usepost></a> <?php } ?> - <a href="?act=del&if=<?=htmlspecialchars($if);?>&id=<?=$filteri;?>" class="fa fa-trash" title="<?=gettext('Delete this rule')?>"></a> + <a href="?act=del&if=<?=htmlspecialchars($if);?>&id=<?=$filteri;?>" class="fa fa-trash" title="<?=gettext('Delete this rule')?>" usepost></a> </td> </tr> <?php @@ -819,11 +816,11 @@ if ($seprows[$nrules]) { <?php endif;?> <nav class="action-buttons"> - <a href="firewall_rules_edit.php?if=<?=htmlspecialchars($if);?>&after=-1" role="button" class="btn btn-sm btn-success" title="<?=gettext('Add rule to the top of the list')?>"> + <a href="firewall_rules_edit.php?if=<?=htmlspecialchars($if);?>&after=-1" role="button" class="btn btn-sm btn-success" title="<?=gettext('Add rule to the top of the list')?>" usepost> <i class="fa fa-level-up icon-embed-btn"></i> <?=gettext("Add");?> </a> - <a href="firewall_rules_edit.php?if=<?=htmlspecialchars($if);?>" role="button" class="btn btn-sm btn-success" title="<?=gettext('Add rule to the end of the list')?>"> + <a href="firewall_rules_edit.php?if=<?=htmlspecialchars($if);?>" role="button" class="btn btn-sm btn-success" title="<?=gettext('Add rule to the end of the list')?>" usepost> <i class="fa fa-level-down icon-embed-btn"></i> <?=gettext("Add");?> </a> diff --git a/src/usr/local/www/firewall_rules_edit.php b/src/usr/local/www/firewall_rules_edit.php index dd87533..d4d6e29 100644 --- a/src/usr/local/www/firewall_rules_edit.php +++ b/src/usr/local/www/firewall_rules_edit.php @@ -139,23 +139,17 @@ if (!is_array($config['filter']['rule'])) { filter_rules_sort(); $a_filter = &$config['filter']['rule']; -if (is_numericint($_GET['id'])) { - $id = $_GET['id']; -} if (isset($_POST['id']) && is_numericint($_POST['id'])) { $id = $_POST['id']; } -if (is_numericint($_GET['after']) || $_GET['after'] == "-1") { - $after = $_GET['after']; -} if (isset($_POST['after']) && (is_numericint($_POST['after']) || $_POST['after'] == "-1")) { $after = $_POST['after']; } -if (isset($_GET['dup']) && is_numericint($_GET['dup'])) { - $id = $_GET['dup']; - $after = $_GET['dup']; +if (isset($_POST['dup']) && is_numericint($_POST['dup'])) { + $id = $_POST['dup']; + $after = $_POST['dup']; } if (isset($id) && $a_filter[$id]) { @@ -284,7 +278,7 @@ if (isset($id) && $a_filter[$id]) { $pconfig['sched'] = (($a_filter[$id]['sched'] == "none") ? '' : $a_filter[$id]['sched']); $pconfig['vlanprio'] = (($a_filter[$id]['vlanprio'] == "none") ? '' : $a_filter[$id]['vlanprio']); $pconfig['vlanprioset'] = (($a_filter[$id]['vlanprioset'] == "none") ? '' : $a_filter[$id]['vlanprioset']); - if (!isset($_GET['dup']) || !is_numericint($_GET['dup'])) { + if (!isset($_POST['dup']) || !is_numericint($_POST['dup'])) { $pconfig['associated-rule-id'] = $a_filter[$id]['associated-rule-id']; } @@ -292,8 +286,8 @@ if (isset($id) && $a_filter[$id]) { } else { /* defaults */ - if ($_GET['if']) { - $pconfig['interface'] = $_GET['if']; + if ($_POST['if']) { + $pconfig['interface'] = $_POST['if']; } $pconfig['type'] = "pass"; $pconfig['proto'] = "tcp"; // for new blank rules, default=tcp, also ensures ports fields are visible @@ -303,7 +297,7 @@ if (isset($id) && $a_filter[$id]) { /* Allow the FloatingRules to work */ $if = $pconfig['interface']; -if (isset($_GET['dup']) && is_numericint($_GET['dup'])) { +if (isset($_POST['dup']) && is_numericint($_POST['dup'])) { unset($id); } @@ -313,7 +307,7 @@ read_dummynet_config(); /* XXX: */ $dnqlist =& get_unique_dnqueue_list(); $a_gatewaygroups = return_gateway_groups_array(); -if ($_POST) { +if ($_POST['save']) { unset($input_errors); @@ -1195,7 +1189,7 @@ if ($edit_disabled) { $extra = ''; foreach ($config['nat']['rule'] as $index => $nat_rule) { if ($nat_rule['associated-rule-id'] === $pconfig['associated-rule-id']) { - $extra = '<br/><a href="firewall_nat_edit.php?id='. $index .'">'. gettext('View the NAT rule') .'</a>'; + $extra = '<br/><a href="firewall_nat_edit.php?id='. $index .'" usepost>'. gettext('View the NAT rule') .'</a>'; } } diff --git a/src/usr/local/www/firewall_schedule.php b/src/usr/local/www/firewall_schedule.php index 1c7b866..b759aba 100644 --- a/src/usr/local/www/firewall_schedule.php +++ b/src/usr/local/www/firewall_schedule.php @@ -47,12 +47,12 @@ if (!is_array($config['schedules']['schedule'])) { $a_schedules = &$config['schedules']['schedule']; -if ($_GET['act'] == "del") { - if ($a_schedules[$_GET['id']]) { +if ($_POST['act'] == "del") { + if ($a_schedules[$_POST['id']]) { /* make sure rule is not being referenced by any nat or filter rules */ $is_schedule_referenced = false; $referenced_by = false; - $schedule_name = $a_schedules[$_GET['id']]['name']; + $schedule_name = $a_schedules[$_POST['id']]['name']; if (is_array($config['filter']['rule'])) { foreach ($config['filter']['rule'] as $rule) { @@ -68,7 +68,7 @@ if ($_GET['act'] == "del") { if ($is_schedule_referenced == true) { $savemsg = sprintf(gettext("Cannot delete schedule. Currently in use by %s."), $referenced_by); } else { - unset($a_schedules[$_GET['id']]); + unset($a_schedules[$_POST['id']]); write_config(); header("Location: firewall_schedule.php"); exit; @@ -223,8 +223,8 @@ foreach ($a_schedules as $schedule): </td> <td> - <a class="fa fa-pencil" title="<?=gettext("Edit schedule"); ?>" href="firewall_schedule_edit.php?id=<?=$i?>"></a> - <a class="fa fa-trash" title="<?=gettext("Delete schedule")?>" href="firewall_schedule.php?act=del&id=<?=$i?>"></a> + <a class="fa fa-pencil" title="<?=gettext("Edit schedule"); ?>" href="firewall_schedule_edit.php?id=<?=$i?>" usepost></a> + <a class="fa fa-trash" title="<?=gettext("Delete schedule")?>" href="firewall_schedule.php?act=del&id=<?=$i?>" usepost></a> </td> </tr> @@ -240,7 +240,7 @@ endforeach; <?=($i > 0) ? CLOCK . gettext(' Indicates that the schedule is currently active.'):''?> <nav class="action-buttons"> - <a href="firewall_schedule_edit.php" class="btn btn-sm btn-success"> + <a href="firewall_schedule_edit.php" class="btn btn-sm btn-success" usepost> <i class="fa fa-plus icon-embed-btn"></i> <?=gettext("Add")?> </a> diff --git a/src/usr/local/www/firewall_schedule_edit.php b/src/usr/local/www/firewall_schedule_edit.php index 9b56d40..1e950b7 100644 --- a/src/usr/local/www/firewall_schedule_edit.php +++ b/src/usr/local/www/firewall_schedule_edit.php @@ -63,10 +63,6 @@ if (!is_array($config['schedules']['schedule'])) { $a_schedules = &$config['schedules']['schedule']; -if (is_numericint($_GET['id'])) { - $id = $_GET['id']; -} - if (isset($_POST['id']) && is_numericint($_POST['id'])) { $id = $_POST['id']; } @@ -79,7 +75,7 @@ if (isset($id) && $a_schedules[$id]) { $getSchedule = true; } -if ($_POST) { +if ($_POST['save']) { if (strtolower($_POST['name']) == "lan") { $input_errors[] = gettext("Schedule may not be named LAN."); diff --git a/src/usr/local/www/guiconfig.inc b/src/usr/local/www/guiconfig.inc index 6218658..44de398 100644 --- a/src/usr/local/www/guiconfig.inc +++ b/src/usr/local/www/guiconfig.inc @@ -989,7 +989,7 @@ function echo_array($array, $return_me = false) { * RESULT * null ******/ -function display_top_tabs(& $tab_array, $no_drop_down = false, $type = 'pills') { +function display_top_tabs(& $tab_array, $no_drop_down = false, $type = 'pills', $usepost = "") { global $config; global $g; global $tab_array_indent; @@ -1068,7 +1068,7 @@ function display_top_tabs(& $tab_array, $no_drop_down = false, $type = 'pills') echo ' class="active"'; } - echo '><a href="' . $ta[2] . '">' . $ta[0] . '</a></li>'; + echo '><a href="' . $ta[2] . '" ' . $usepost . '>' . $ta[0] . '</a></li>'; } echo '</ul>'; |