diff options
author | Steve Beaver <sbeaver@netgate.com> | 2017-02-10 08:03:26 -0500 |
---|---|---|
committer | Steve Beaver <sbeaver@netgate.com> | 2017-02-10 08:03:26 -0500 |
commit | d565c1825d8a8649d660065e39580868e08611b1 (patch) | |
tree | 52b78af4c61d3cb7f9bcfde86b4a7e5ca02fb547 /src/usr | |
parent | 59d06739e3b2f5668ce2cb5c06efb0e5d96ec534 (diff) | |
download | pfsense-d565c1825d8a8649d660065e39580868e08611b1.zip pfsense-d565c1825d8a8649d660065e39580868e08611b1.tar.gz |
GET/POST conversion system_crlmanger.php
Diffstat (limited to 'src/usr')
-rw-r--r-- | src/usr/local/www/system_camanager.php | 2 | ||||
-rw-r--r-- | src/usr/local/www/system_crlmanager.php | 88 |
2 files changed, 42 insertions, 48 deletions
diff --git a/src/usr/local/www/system_camanager.php b/src/usr/local/www/system_camanager.php index accddff..f46ba7e 100644 --- a/src/usr/local/www/system_camanager.php +++ b/src/usr/local/www/system_camanager.php @@ -110,7 +110,7 @@ if ($act == "edit") { } if ($act == "new") { - $pconfig['method'] = $_GET['method']; + $pconfig['method'] = $_POST['method']; $pconfig['keylen'] = "2048"; $pconfig['digest_alg'] = "sha256"; $pconfig['lifetime'] = "3650"; diff --git a/src/usr/local/www/system_crlmanager.php b/src/usr/local/www/system_crlmanager.php index 54a65f3..7bff142 100644 --- a/src/usr/local/www/system_crlmanager.php +++ b/src/usr/local/www/system_crlmanager.php @@ -37,9 +37,6 @@ $crl_methods = array( "internal" => gettext("Create an internal Certificate Revocation List"), "existing" => gettext("Import an existing Certificate Revocation List")); -if (ctype_alnum($_GET['id'])) { - $id = $_GET['id']; -} if (isset($_POST['id']) && ctype_alnum($_POST['id'])) { $id = $_POST['id']; } @@ -68,10 +65,8 @@ foreach ($a_crl as $cid => $acrl) { } } -$act = $_GET['act']; -if ($_POST['act']) { - $act = $_POST['act']; -} +$act = $_POST['act']; + if (!empty($id)) { $thiscrl =& lookup_crl($id); @@ -103,8 +98,8 @@ if ($act == "del") { } if ($act == "new") { - $pconfig['method'] = $_GET['method']; - $pconfig['caref'] = $_GET['caref']; + $pconfig['method'] = $_POST['method']; + $pconfig['caref'] = $_POST['caref']; $pconfig['lifetime'] = "9999"; $pconfig['serial'] = "0"; } @@ -123,40 +118,39 @@ if ($act == "exp") { } if ($act == "addcert") { - if ($_POST) { - unset($input_errors); - $pconfig = $_POST; - if (!$pconfig['crlref'] || !$pconfig['certref']) { - pfSenseHeader("system_crlmanager.php"); - exit; - } + unset($input_errors); + $pconfig = $_POST; - // certref, crlref - $crl =& lookup_crl($pconfig['crlref']); - $cert = lookup_cert($pconfig['certref']); + if (!$pconfig['crlref'] || !$pconfig['certref']) { + pfSenseHeader("system_crlmanager.php"); + exit; + } - if (!$crl['caref'] || !$cert['caref']) { - $input_errors[] = gettext("Both the Certificate and CRL must be specified."); - } + // certref, crlref + $crl =& lookup_crl($pconfig['crlref']); + $cert = lookup_cert($pconfig['certref']); - if ($crl['caref'] != $cert['caref']) { - $input_errors[] = gettext("CA mismatch between the Certificate and CRL. Unable to Revoke."); - } - if (!is_crl_internal($crl)) { - $input_errors[] = gettext("Cannot revoke certificates for an imported/external CRL."); - } + if (!$crl['caref'] || !$cert['caref']) { + $input_errors[] = gettext("Both the Certificate and CRL must be specified."); + } - if (!$input_errors) { - $reason = (empty($pconfig['crlreason'])) ? OCSP_REVOKED_STATUS_UNSPECIFIED : $pconfig['crlreason']; - cert_revoke($cert, $crl, $reason); - // refresh IPsec and OpenVPN CRLs - openvpn_refresh_crls(); - vpn_ipsec_configure(); - write_config("Revoked cert {$cert['descr']} in CRL {$crl['descr']}."); - pfSenseHeader("system_crlmanager.php"); - exit; - } + if ($crl['caref'] != $cert['caref']) { + $input_errors[] = gettext("CA mismatch between the Certificate and CRL. Unable to Revoke."); + } + if (!is_crl_internal($crl)) { + $input_errors[] = gettext("Cannot revoke certificates for an imported/external CRL."); + } + + if (!$input_errors) { + $reason = (empty($pconfig['crlreason'])) ? OCSP_REVOKED_STATUS_UNSPECIFIED : $pconfig['crlreason']; + cert_revoke($cert, $crl, $reason); + // refresh IPsec and OpenVPN CRLs + openvpn_refresh_crls(); + vpn_ipsec_configure(); + write_config("Revoked cert {$cert['descr']} in CRL {$crl['descr']}."); + pfSenseHeader("system_crlmanager.php"); + exit; } } @@ -167,7 +161,7 @@ if ($act == "delcert") { } $found = false; foreach ($thiscrl['cert'] as $acert) { - if ($acert['refid'] == $_GET['certref']) { + if ($acert['refid'] == $_POST['certref']) { $found = true; $thiscert = $acert; } @@ -192,7 +186,7 @@ if ($act == "delcert") { $act="edit"; } -if ($_POST) { +if ($_POST['save']) { $input_errors = array(); $pconfig = $_POST; @@ -493,7 +487,7 @@ if ($act == "new" || $act == gettext("Save") || $input_errors) { <?=date("D M j G:i:s T Y", $cert["revoke_time"]); ?> </td> <td class="list"> - <a href="system_crlmanager.php?act=delcert&id=<?=$crl['refid']; ?>&certref=<?=$cert['refid']; ?>"> + <a href="system_crlmanager.php?act=delcert&id=<?=$crl['refid']; ?>&certref=<?=$cert['refid']; ?>" usepost> <i class="fa fa-trash" title="<?=gettext("Delete this certificate from the CRL")?>" alt="<?=gettext("Delete this certificate from the CRL")?>"></i> </a> </td> @@ -613,14 +607,14 @@ if ($act == "new" || $act == gettext("Save") || $input_errors) { <?php if ($cainternal == "YES"): ?> - <a href="system_crlmanager.php?act=new&caref=<?=$ca['refid']; ?>" class="btn btn-xs btn-success"> + <a href="system_crlmanager.php?act=new&caref=<?=$ca['refid']; ?>" class="btn btn-xs btn-success" usepost> <i class="fa fa-plus icon-embed-btn"></i> <?=gettext("Add or Import CRL")?> </a> <?php else: ?> - <a href="system_crlmanager.php?act=new&caref=<?=$ca['refid']; ?>&importonly=yes" class="btn btn-xs btn-success"> + <a href="system_crlmanager.php?act=new&caref=<?=$ca['refid']; ?>&importonly=yes" class="btn btn-xs btn-success" usepost> <i class="fa fa-plus icon-embed-btn"></i> <?=gettext("Add or Import CRL")?> </a> @@ -642,18 +636,18 @@ if ($act == "new" || $act == gettext("Save") || $input_errors) { <td><?=($internal) ? count($tmpcrl['cert']) : "Unknown (imported)"; ?></td> <td><i class="fa fa-<?=($inuse) ? "check" : "times"; ?>"></i></td> <td> - <a href="system_crlmanager.php?act=exp&id=<?=$tmpcrl['refid']?>" class="fa fa-download" title="<?=gettext("Export CRL")?>"></a> + <a href="system_crlmanager.php?act=exp&id=<?=$tmpcrl['refid']?>" class="fa fa-download" title="<?=gettext("Export CRL")?>" usepost></a> <?php if ($internal): ?> - <a href="system_crlmanager.php?act=edit&id=<?=$tmpcrl['refid']?>" class="fa fa-pencil" title="<?=gettext("Edit CRL")?>"></a> + <a href="system_crlmanager.php?act=edit&id=<?=$tmpcrl['refid']?>" class="fa fa-pencil" title="<?=gettext("Edit CRL")?>" usepost></a> <?php else: ?> - <a href="system_crlmanager.php?act=editimported&id=<?=$tmpcrl['refid']?>" class="fa fa-pencil" title="<?=gettext("Edit CRL")?>"></a> + <a href="system_crlmanager.php?act=editimported&id=<?=$tmpcrl['refid']?>" class="fa fa-pencil" title="<?=gettext("Edit CRL")?>" usepost></a> <?php endif; if (!$inuse): ?> - <a href="system_crlmanager.php?act=del&id=<?=$tmpcrl['refid']?>" class="fa fa-trash" title="<?=gettext("Delete CRL")?>"></a> + <a href="system_crlmanager.php?act=del&id=<?=$tmpcrl['refid']?>" class="fa fa-trash" title="<?=gettext("Delete CRL")?>" usepost></a> <?php endif; ?> |