diff options
author | jim-p <jimp@pfsense.org> | 2016-06-22 12:32:22 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2016-06-22 12:32:48 -0400 |
commit | de1d4101dfbc2bba7a97b81d5a505e6352261024 (patch) | |
tree | c1fe80a1a55c101c1081141a55f5ab5569d0823f /src | |
parent | bb44b41af0869a29080b9cdd8e03afbb8bc9bcaa (diff) | |
download | pfsense-de1d4101dfbc2bba7a97b81d5a505e6352261024.zip pfsense-de1d4101dfbc2bba7a97b81d5a505e6352261024.tar.gz |
% and / are also allowed in values
Diffstat (limited to 'src')
-rw-r--r-- | src/usr/local/www/system_advanced_sysctl.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/usr/local/www/system_advanced_sysctl.php b/src/usr/local/www/system_advanced_sysctl.php index 6467f25..c069079 100644 --- a/src/usr/local/www/system_advanced_sysctl.php +++ b/src/usr/local/www/system_advanced_sysctl.php @@ -142,8 +142,8 @@ if ($_POST) { if (!$_POST['tunable'] || !isset($_POST['value'])) { $input_errors[] = gettext("Both a name and a value must be specified."); - } else if (preg_match("/[^a-zA-Z0-9.\-_]/", $_POST['value'])) { - $input_errors[] = gettext("The value may only contain alphanumeric characters, - and _."); + } else if (preg_match("/[^a-zA-Z0-9.\-_%\/]/", $_POST['value'])) { + $input_errors[] = gettext("The value may only contain alphanumeric characters, -, _, %, and /."); } else { $tunableent['tunable'] = htmlspecialchars($_POST['tunable']); $tunableent['value'] = htmlspecialchars($_POST['value']); |