diff options
author | Ermal <eri@pfsense.org> | 2012-11-20 09:19:25 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2012-11-20 09:19:25 +0000 |
commit | 55344e2c5d9dd6b867583b787e50d7118283ead8 (patch) | |
tree | 2b78d428e9f0d81f107b198350fe03d688a7ac5c /usr/local/www/edit.php | |
parent | 3f5f5a2ac877070478803001dabc5e7f905526c4 (diff) | |
download | pfsense-55344e2c5d9dd6b867583b787e50d7118283ead8.zip pfsense-55344e2c5d9dd6b867583b787e50d7118283ead8.tar.gz |
Allow only post action and not get to avoid security problems
Diffstat (limited to 'usr/local/www/edit.php')
-rw-r--r-- | usr/local/www/edit.php | 28 |
1 files changed, 14 insertions, 14 deletions
diff --git a/usr/local/www/edit.php b/usr/local/www/edit.php index a95ebbf..8e1272b 100644 --- a/usr/local/www/edit.php +++ b/usr/local/www/edit.php @@ -36,46 +36,46 @@ ##|*MATCH=edit.php* ##|-PRIV -if($_REQUEST['action'] === "load" || $_REQUEST['action'] === "save") - $nocsrf = true; +//if($_POST['action'] === "load" || $_POST['action'] === "save") +// $nocsrf = true; $pgtitle = array(gettext("Diagnostics"), gettext("Edit file")); require("guiconfig.inc"); -if($_REQUEST['action']) { - switch($_REQUEST['action']) { +if($_POST['action']) { + switch($_POST['action']) { case 'load': - if(strlen($_REQUEST['file']) < 1) { + if(strlen($_POST['file']) < 1) { echo "|5|" . gettext("No file name specified") . ".|"; - } elseif(is_dir($_REQUEST['file'])) { + } elseif(is_dir($_POST['file'])) { echo "|4|" . gettext("Loading a directory is not supported") . ".|"; - } elseif(! is_file($_REQUEST['file'])) { + } elseif(! is_file($_POST['file'])) { echo "|3|" . gettext("File does not exist or is not a regular file") . ".|"; } else { - $data = file_get_contents(urldecode($_REQUEST['file'])); + $data = file_get_contents(urldecode($_POST['file'])); if($data === false) { echo "|1|" . gettext("Failed to read file") . ".|"; } else { - echo "|0|{$_REQUEST['file']}|{$data}|"; + echo "|0|{$_POST['file']}|{$data}|"; } } exit; case 'save': - if(strlen($_REQUEST['file']) < 1) { + if(strlen($_POST['file']) < 1) { echo "|" . gettext("No file name specified") . ".|"; } else { conf_mount_rw(); - $_REQUEST['data'] = str_replace("\r", "", base64_decode($_REQUEST['data'])); - $ret = file_put_contents($_REQUEST['file'], $_REQUEST['data']); + $_POST['data'] = str_replace("\r", "", base64_decode($_POST['data'])); + $ret = file_put_contents($_POST['file'], $_POST['data']); conf_mount_ro(); - if($_REQUEST['file'] == "/conf/config.xml" || $_REQUEST['file'] == "/cf/conf/config.xml") { + if($_POST['file'] == "/conf/config.xml" || $_POST['file'] == "/cf/conf/config.xml") { if(file_exists("/tmp/config.cache")) unlink("/tmp/config.cache"); disable_security_checks(); } if($ret === false) { echo "|" . gettext("Failed to write file") . ".|"; - } elseif($ret <> strlen($_REQUEST['data'])) { + } elseif($ret <> strlen($_POST['data'])) { echo "|" . gettext("Error while writing file") . ".|"; } else { echo "|" . gettext("File successfully saved") . ".|"; |