diff options
author | Renato Botelho <garga@FreeBSD.org> | 2014-02-04 12:33:29 -0200 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2014-02-04 12:34:42 -0200 |
commit | d31ca3363dcb7b243f71118744123a5ba71665cb (patch) | |
tree | d9478b15b7a4316a10b7a9b5d4a415c272285a1c /usr/local/www/diag_logs_vpn.php | |
parent | 39ed87e54d14af2603cc66e65ac5e13a9c9843b1 (diff) | |
download | pfsense-d31ca3363dcb7b243f71118744123a5ba71665cb.zip pfsense-d31ca3363dcb7b243f71118744123a5ba71665cb.tar.gz |
Add escapeshellarg() calls on exec parameters. While I'm here, replace some exec() calls by php functions like symlink, copy, unlink, mkdir
Diffstat (limited to 'usr/local/www/diag_logs_vpn.php')
-rwxr-xr-x | usr/local/www/diag_logs_vpn.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/usr/local/www/diag_logs_vpn.php b/usr/local/www/diag_logs_vpn.php index 7920306..715eb69 100755 --- a/usr/local/www/diag_logs_vpn.php +++ b/usr/local/www/diag_logs_vpn.php @@ -90,9 +90,9 @@ function dump_clog_vpn($logfile, $tail) { $logarr = ""; if(isset($config['system']['usefifolog'])) - exec("/usr/sbin/fifolog_reader " . $logfile . " | tail {$sor} -n " . $tail, $logarr); + exec("/usr/sbin/fifolog_reader " . escapeshellarg($logfile) . " | tail {$sor} -n " . $tail, $logarr); else - exec("/usr/sbin/clog " . $logfile . " | tail {$sor} -n " . $tail, $logarr); + exec("/usr/sbin/clog " . escapeshellarg($logfile) . " | tail {$sor} -n " . $tail, $logarr); foreach ($logarr as $logent) { $logent = preg_split("/\s+/", $logent, 6); @@ -191,4 +191,4 @@ include("head.inc"); </table> <?php include("fend.inc"); ?> </body> -</html>
\ No newline at end of file +</html> |