diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2010-11-06 12:40:54 -0400 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2010-11-06 12:40:54 -0400 |
commit | 98bcf1f8b57478833f65e3309d0cc98ba4933c0a (patch) | |
tree | a70b3fe2d320a3caa79eb924637446096cec01fe /usr/local/www/pkg_edit.php | |
parent | 6a93718873ca46605d228c024780ea86f43eb9b8 (diff) | |
download | pfsense-98bcf1f8b57478833f65e3309d0cc98ba4933c0a.zip pfsense-98bcf1f8b57478833f65e3309d0cc98ba4933c0a.tar.gz |
Fix misc input validation errors. Move routed/* to same dir as pkg items
Diffstat (limited to 'usr/local/www/pkg_edit.php')
-rwxr-xr-x | usr/local/www/pkg_edit.php | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/usr/local/www/pkg_edit.php b/usr/local/www/pkg_edit.php index f9cac9d..1f2b7d4 100755 --- a/usr/local/www/pkg_edit.php +++ b/usr/local/www/pkg_edit.php @@ -83,6 +83,12 @@ $pgtitle = $title; $id = $_GET['id']; if (isset($_POST['id'])) $id = htmlspecialchars($_POST['id']); + +if(!is_numeric($id)) { + Header("Location: /"); + exit; +} + // Not posting? Then user is editing a record. There must be a valid id // when editing a record. |