diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2010-11-06 12:40:54 -0400 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2010-11-06 12:40:54 -0400 |
commit | 98bcf1f8b57478833f65e3309d0cc98ba4933c0a (patch) | |
tree | a70b3fe2d320a3caa79eb924637446096cec01fe /usr/local/www/pkg.php | |
parent | 6a93718873ca46605d228c024780ea86f43eb9b8 (diff) | |
download | pfsense-98bcf1f8b57478833f65e3309d0cc98ba4933c0a.zip pfsense-98bcf1f8b57478833f65e3309d0cc98ba4933c0a.tar.gz |
Fix misc input validation errors. Move routed/* to same dir as pkg items
Diffstat (limited to 'usr/local/www/pkg.php')
-rwxr-xr-x | usr/local/www/pkg.php | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/usr/local/www/pkg.php b/usr/local/www/pkg.php index e77f38a..5e4a65f 100755 --- a/usr/local/www/pkg.php +++ b/usr/local/www/pkg.php @@ -45,7 +45,7 @@ function gentitle_pkg($pgname) { return $config['system']['hostname'] . "." . $config['system']['domain'] . " - " . $pgname; } -$xml = htmlspecialchars($_REQUEST['xml']); +$xml = $_REQUEST['xml']; if($xml == "") { print_info_box_np(gettext("ERROR: No package defined.")); @@ -53,6 +53,10 @@ if($xml == "") { } else { if(file_exists("/usr/local/pkg/" . $xml)) $pkg = parse_xml_config_pkg("/usr/local/pkg/" . $xml, "packagegui"); + else { + echo "File not found " . htmlspecialchars($xml); + exit; + } } if($pkg['donotsave'] <> "") { |