diff options
author | Chris Buechler <cmb@pfsense.org> | 2015-12-17 22:14:39 -0600 |
---|---|---|
committer | Chris Buechler <cmb@pfsense.org> | 2015-12-17 22:14:39 -0600 |
commit | 0548783251c1e98d6e9d93c75fcb967ef63c4904 (patch) | |
tree | ba054debac38463db6b57793debd56cfbcd49e33 /usr/local/www/services_captiveportal_ip_edit.php | |
parent | 6d05bb9af71b156b8fe9a3a9502d93e095f457de (diff) | |
download | pfsense-0548783251c1e98d6e9d93c75fcb967ef63c4904.zip pfsense-0548783251c1e98d6e9d93c75fcb967ef63c4904.tar.gz |
Add range validation to CP IP passthrough. Ticket #5655
Diffstat (limited to 'usr/local/www/services_captiveportal_ip_edit.php')
-rw-r--r-- | usr/local/www/services_captiveportal_ip_edit.php | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/usr/local/www/services_captiveportal_ip_edit.php b/usr/local/www/services_captiveportal_ip_edit.php index 4ad066a..7d5becb 100644 --- a/usr/local/www/services_captiveportal_ip_edit.php +++ b/usr/local/www/services_captiveportal_ip_edit.php @@ -108,11 +108,18 @@ if ($_POST) { if ($_POST['sn'] && (!is_numeric($_POST['sn']) || ($_POST['sn'] < 1) || ($_POST['sn'] > 32))) $input_errors[] = gettext("A valid subnet mask must be specified"); - if ($_POST['bw_up'] && !is_numeric($_POST['bw_up'])) + if ($_POST['bw_up'] && !is_numeric($_POST['bw_up'])) { $input_errors[] = gettext("Upload speed needs to be an integer"); - - if ($_POST['bw_down'] && !is_numeric($_POST['bw_down'])) + } + if ($_POST['bw_up'] && ($_POST['bw_up'] > 999999 || $_POST['bw_up'] < 1)) { + $input_errors[] = gettext("Upload speed must be between 1 and 999999"); + } + if ($_POST['bw_down'] && !is_numeric($_POST['bw_down'])) { $input_errors[] = gettext("Download speed needs to be an integer"); + } + if ($_POST['bw_down'] && ($_POST['bw_down'] > 999999 || $_POST['bw_down'] < 1)) { + $input_errors[] = gettext("Download speed must be between 1 and 999999"); + } foreach ($a_allowedips as $ipent) { if (isset($id) && ($a_allowedips[$id]) && ($a_allowedips[$id] === $ipent)) |