diff options
author | jim-p <jimp@pfsense.org> | 2017-02-07 13:35:24 -0500 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2017-02-07 13:37:03 -0500 |
commit | 4cef56bf20314009ad83bf747901ed1adeda8c70 (patch) | |
tree | 0767a60e0a80549fb558c79e7fd3a9e67e4b4ca8 /src | |
parent | dcef6e2dd621cd1f78bb54272d27d7152cad02c8 (diff) | |
download | pfsense-4cef56bf20314009ad83bf747901ed1adeda8c70.zip pfsense-4cef56bf20314009ad83bf747901ed1adeda8c70.tar.gz |
Convert easyrule.php to use a confirmation landing page so that the parameters can be submitted via POST. Also, remove the JavaScript confirmation box since it is now redundant. Fixes #7228
The confirmation page displays the submitted parameters for an extra user sanity check. Also fixed a bunch of page formatting issues that were not apparent because users rarely if ever saw output from the page.
Diffstat (limited to 'src')
-rw-r--r-- | src/usr/local/www/easyrule.php | 85 | ||||
-rw-r--r-- | src/usr/local/www/status_logs_filter.php | 4 |
2 files changed, 67 insertions, 22 deletions
diff --git a/src/usr/local/www/easyrule.php b/src/usr/local/www/easyrule.php index 44f22a2..551130c 100644 --- a/src/usr/local/www/easyrule.php +++ b/src/usr/local/www/easyrule.php @@ -59,7 +59,6 @@ ##|*MATCH=easyrule.php* ##|-PRIV -$pgtitle = gettext("Firewall: EasyRule"); require_once("guiconfig.inc"); require_once("easyrule.inc"); require_once("filter.inc"); @@ -67,17 +66,23 @@ require_once("shaper.inc"); $retval = 0; $message = ""; -$specialsrcdst = explode(" ", "any pptp pppoe l2tp openvpn"); +$confirmed = isset($_POST['confirmed']) && $_POST['confirmed'] == 'true'; -if ($_GET && isset($_GET['action'])) { - switch ($_GET['action']) { +/* $specialsrcdst must be a defined global for functions being called. */ +global $specialsrcdst; +$specialsrcdst = explode(" ", "any pppoe l2tp openvpn"); + +if ($_POST && $confirmed && isset($_POST['action'])) { + switch ($_POST['action']) { case 'block': /* Check that we have a valid host */ - easyrule_parse_block($_GET['int'], $_GET['src'], $_GET['ipproto']); + $message = easyrule_parse_block($_POST['int'], $_POST['src'], $_POST['ipproto']); break; case 'pass': - easyrule_parse_pass($_GET['int'], $_GET['proto'], $_GET['src'], $_GET['dst'], $_GET['dstport'], $_GET['ipproto']); + $message = easyrule_parse_pass($_POST['int'], $_POST['proto'], $_POST['src'], $_POST['dst'], $_POST['dstport'], $_POST['ipproto']); break; + default: + $message = gettext("Invalid action specified."); } } @@ -85,23 +90,62 @@ if (stristr($retval, "error") == true) { $message = $retval; } +$pgtitle = array(gettext("Firewall"), gettext("Easy Rule")); include("head.inc"); -?> -<table width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr> - <td> -<?php if ($input_errors) { print_input_errors($input_errors); } - -if ($message) { ?> -<br /> -<?=gettext("Message"); ?>: <?=$message;?> -<br /> +<form action="easyrule.php" method="post"> + <div class="panel panel-default"> + <div class="panel-heading"> + <h2 class="panel-title"> + <?=gettext("Confirmation Required to Add Easy Rule");?> + </h2> + </div> + <div class="panel-body"> + <div class="content"> <?php -} else { +if (!$confirmed && !empty($_REQUEST['action'])) { ?> + <?php if ($_GET['action'] == 'block'): ?> + <b><?=gettext("Rule Type")?>:</b> <?=htmlspecialchars(ucfirst(gettext($_GET['action'])))?> + <br/><b><?=gettext("Interface")?>:</b> <?=htmlspecialchars(strtoupper($_GET['int']))?> + <input type="hidden" name="int" value="<?=htmlspecialchars($_GET['int'])?>" /> + <br/><b><?= gettext("Source") ?>:</b> <?=htmlspecialchars($_GET['src'])?> + <input type="hidden" name="src" value="<?=htmlspecialchars($_GET['src'])?>" /> + <br/><b><?=gettext("IP Protocol")?>:</b> <?=htmlspecialchars(ucfirst($_GET['ipproto']))?> + <input type="hidden" name="ipproto" value="<?=htmlspecialchars($_GET['ipproto'])?>" /> + <?php elseif ($_GET['action'] == 'pass'): ?> + <b><?=gettext("Rule Type")?>:</b> <?=htmlspecialchars(ucfirst(gettext($_GET['action'])))?> + <br/><b><?=gettext("Interface")?>:</b> <?=htmlspecialchars(strtoupper($_GET['int']))?> + <input type="hidden" name="int" value="<?=htmlspecialchars($_GET['int'])?>" /> + <br/><b><?=gettext("Protocol")?>:</b> <?=htmlspecialchars(strtoupper($_GET['proto']))?> + <input type="hidden" name="proto" value="<?=htmlspecialchars($_GET['proto'])?>" /> + <br/><b><?=gettext("Source")?>:</b> <?=htmlspecialchars($_GET['src'])?> + <input type="hidden" name="src" value="<?=htmlspecialchars($_GET['src'])?>" /> + <br/><b><?=gettext("Destination")?>:</b> <?=htmlspecialchars($_GET['dst'])?> + <input type="hidden" name="dst" value="<?=htmlspecialchars($_GET['dst'])?>" /> + <br/><b><?=gettext("Destination Port")?>:</b> <?=htmlspecialchars($_GET['dstport'])?> + <input type="hidden" name="dstport" value="<?=htmlspecialchars($_GET['dstport'])?>" /> + <br/><b><?=gettext("IP Protocol")?>:</b> <?=htmlspecialchars(ucfirst($_GET['ipproto']))?> + <input type="hidden" name="ipproto" value="<?=htmlspecialchars($_GET['ipproto'])?>" /> + <?php else: + $message = gettext("Invalid action specified."); + endif; ?> + <br/><br/> + <?php if (empty($message)): ?> + <input type="hidden" name="action" value="<?=htmlspecialchars($_GET['action'])?>" /> + <input type="hidden" name="confirmed" value="true" /> + <button type="submit" class="btn btn-success" name="erconfirm" id="erconfirm" value="<?=gettext("Confirm")?>"> + <i class="fa fa-check icon-embed-btn"></i> + <?=gettext("Confirm")?> + </button> + <?php endif; +} + +if ($message) { + print_info_box($message); +} elseif (empty($_REQUEST['action'])) { print_info_box( gettext('This is the Easy Rule status page, mainly used to display errors when adding rules.') . ' ' . gettext('There apparently was not an error, and this page was navigated to directly without any instructions for what it should do.') . @@ -110,7 +154,8 @@ if ($message) { ', <a href="status_logs_filter.php">' . gettext("Status") . ' > ' . gettext('System Logs') . ', ' . gettext('Firewall Tab') . '</a>.<br />'); } ?> - </td> - </tr> -</table> + </div> + </div> + </div> +</form> <?php include("foot.inc"); ?> diff --git a/src/usr/local/www/status_logs_filter.php b/src/usr/local/www/status_logs_filter.php index 9d1e035..0509f39 100644 --- a/src/usr/local/www/status_logs_filter.php +++ b/src/usr/local/www/status_logs_filter.php @@ -267,7 +267,7 @@ if (!$rawfilter) { <i class="fa fa-info icon-pointer icon-primary" onclick="javascript:resolve_with_ajax('<?="{$rawsrcip}"; ?>');" title="<?=gettext("Click to resolve")?>"> </i> - <a class="fa fa-minus-square-o icon-pointer icon-primary" href="easyrule.php?<?="action=block&int={$int}&src={$filterent['srcip']}&ipproto={$ipproto}"; ?>" title="<?=gettext("Easy Rule: Add to Block List")?>" onclick="return confirm('<?=gettext("Confirmation required to add this BLOCK rule.")?>')"> + <a class="fa fa-minus-square-o icon-pointer icon-primary" href="easyrule.php?<?="action=block&int={$int}&src={$filterent['srcip']}&ipproto={$ipproto}"; ?>" title="<?=gettext("Easy Rule: Add to Block List")?>"> </a> <?=$srcstr . '<span class="RESOLVE-' . $src_htmlclass . '"></span>'?> @@ -276,7 +276,7 @@ if (!$rawfilter) { <i class="fa fa-info icon-pointer icon-primary; ICON-<?= $dst_htmlclass; ?>" onclick="javascript:resolve_with_ajax('<?="{$rawdstip}"; ?>');" title="<?=gettext("Click to resolve")?>"> </i> - <a class="fa fa-plus-square-o icon-pointer icon-primary" href="easyrule.php?<?="action=pass&int={$int}&proto={$proto}&src={$filterent['srcip']}&dst={$filterent['dstip']}&dstport={$filterent['dstport']}&ipproto={$ipproto}"; ?>" title="<?=gettext("Easy Rule: Pass this traffic")?>" onclick="return confirm('<?=gettext("Confirmation required to add this PASS rule.")?>')"> + <a class="fa fa-plus-square-o icon-pointer icon-primary" href="easyrule.php?<?="action=pass&int={$int}&proto={$proto}&src={$filterent['srcip']}&dst={$filterent['dstip']}&dstport={$filterent['dstport']}&ipproto={$ipproto}"; ?>" title="<?=gettext("Easy Rule: Pass this traffic")?>"> </a> <?=$dststr . '<span class="RESOLVE-' . $dst_htmlclass . '"></span>'?> </td> |