diff options
author | Bill Marquette <billm@pfsense.org> | 2005-07-23 14:50:01 +0000 |
---|---|---|
committer | Bill Marquette <billm@pfsense.org> | 2005-07-23 14:50:01 +0000 |
commit | 09db10704f47f7993e877f83a73ee52a33c64f19 (patch) | |
tree | 39edad6aa645c7ee66e025286ea20fea8cc454dc /usr/local/www/firewall_rules_edit.php | |
parent | c7c6cba405ab57717900bb81d970b438b7e90af9 (diff) | |
download | pfsense-09db10704f47f7993e877f83a73ee52a33c64f19.zip pfsense-09db10704f47f7993e877f83a73ee52a33c64f19.tar.gz |
Don't allow user to enter descriptions longer than 63 chars
Diffstat (limited to 'usr/local/www/firewall_rules_edit.php')
-rwxr-xr-x | usr/local/www/firewall_rules_edit.php | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php index f61228e..55a2eeb 100755 --- a/usr/local/www/firewall_rules_edit.php +++ b/usr/local/www/firewall_rules_edit.php @@ -282,6 +282,7 @@ if ($_POST) { $filterent['log'] = true; else unset($filterent['log']); + /* XXX: enforce 63 char max length server side, client-side is already done */ $filterent['descr'] = $_POST['descr']; if ($_POST['gateway'] != "") { @@ -723,7 +724,7 @@ Hint: the difference between block and reject is that with reject, a packet (TCP <tr> <td width="22%" valign="top" class="vncell">Description</td> <td width="78%" class="vtable"> - <input name="descr" type="text" class="formfld" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>"> + <input name="descr" type="text" class="formfld" id="descr" size="63" maxlength="63" value="<?=htmlspecialchars($pconfig['descr']);?>"> <br> <span class="vexpl">You may enter a description here for your reference (not parsed).</span></td> </tr> |