diff options
| author | Seth Mos <seth.mos@dds.nl> | 2010-11-15 12:46:58 +0100 |
|---|---|---|
| committer | Seth Mos <seth.mos@dds.nl> | 2010-11-15 12:46:58 +0100 |
| commit | 172007f50c215acf458340773a32052c28556aaa (patch) | |
| tree | 02fa2faa661d7ee1e431201c99da0c1cc1dea43c /usr/local/www/fbegin.inc | |
| parent | 4f3768154fc8e1cf705e1c5342aef89d3a32aefc (diff) | |
| parent | 64ec1ddf3503679cdf866e37ca9e99ec9974dc6b (diff) | |
| download | pfsense-172007f50c215acf458340773a32052c28556aaa.zip pfsense-172007f50c215acf458340773a32052c28556aaa.tar.gz | |
Merge remote branch 'upstream/master'
Conflicts:
etc/inc/filter.inc
etc/inc/system.inc
usr/local/www/interfaces.php
usr/local/www/interfaces_gif_edit.php
Diffstat (limited to 'usr/local/www/fbegin.inc')
| -rwxr-xr-x | usr/local/www/fbegin.inc | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/usr/local/www/fbegin.inc b/usr/local/www/fbegin.inc index ac31fb6..d9c7641 100755 --- a/usr/local/www/fbegin.inc +++ b/usr/local/www/fbegin.inc @@ -125,7 +125,7 @@ $services_menu[] = array("IGMP proxy", "/services_igmpproxy.php"); $services_menu[] = array("Load Balancer", "/load_balancer_pool.php"); $services_menu[] = array("OLSR", "/pkg_edit.php?xml=olsrd.xml&id=0"); $services_menu[] = array("PPPoE Server", "/vpn_pppoe.php"); -$services_menu[] = array("RIP", "/pkg_edit.php?xml=routed/routed.xml&id=0"); +$services_menu[] = array("RIP", "/pkg_edit.php?xml=routed.xml&id=0"); $services_menu[] = array("SNMP", "/services_snmp.php"); if(count($config['interfaces']) > 1) { /* no use for UPnP in single-interface deployments @@ -222,7 +222,7 @@ if(! $g['disablehelpmenu']) { /* NOTICE ACKNOWLEDGE CODE by Erik Kristensen */ if ($_REQUEST['noticeaction'] == 'acknowledge') { - $notice_id = $_REQUEST['noticeid']; + $notice_id = htmlspecialchars($_REQUEST['noticeid']); close_notice($notice_id); } /**********************************************/ @@ -263,18 +263,18 @@ if ($_REQUEST['noticeaction'] == 'acknowledge') { $noticemsg = str_replace("<br>", "", $noticemsg); $extra_args = ""; if($_GET['xml']) - $extraargs="&xml=" . $_GET['xml']; + $extraargs="&xml=" . htmlspecialchars($_GET['xml']); if($_POST['xml']) - $extraargs="&xml=" . $_POST['xml']; + $extraargs="&xml=" . htmlspecialchars($_POST['xml']); if($_GET['id']) - $extraargs="&xml=" . $_GET['id']; + $extraargs="&xml=" . htmlspecialchars($_GET['id']); if($_POST['id']) - $extraargs="&xml=" . $_POST['id']; + $extraargs="&xml=" . htmlspecialchars($_POST['id']); $notice_msgs = '<a href="?noticeaction=acknowledge¬iceid=all' . $extraargs . '">Acknowledge All</a> .:. '; if ($value['url']) { - $notice_msgs .= $date.' - <a href="'.$url.'?'.$request_string.'¬iceaction=acknowledge¬iceid='.$key.'">['.$value['id'].']</a>'; + $notice_msgs .= $date.' - <a href="'.$url.'?' . htmlspecialchars($request_string) . '¬iceaction=acknowledge¬iceid='.$key.'">['.$value['id'].']</a>'; } else { - $notice_msgs .= $date.' - <a href="?'.$request_string.'¬iceaction=acknowledge¬iceid='.$key.'">['.$value['id'].']'.$noticemsg.'</a>'; + $notice_msgs .= $date.' - <a href="?' . htmlspecialchars($request_string) . '¬iceaction=acknowledge¬iceid='.$key.'">['.$value['id'].']'.htmlspecialchars($noticemsg).'</a>'; } $notice_msgs .= " .:. "; } |
