diff options
author | Ermal <eri@pfsense.org> | 2013-01-21 20:54:58 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2013-01-21 20:54:58 +0000 |
commit | 82e89ce3ad65586129583321d9459412ff9fd4af (patch) | |
tree | c9a43384d20b4eaa45d745b3b0d3bb292d49506f /usr/local/www/services_captiveportal_mac_edit.php | |
parent | 3335f5d1bdc707ca814efc65c8f70bea9cac4498 (diff) | |
download | pfsense-82e89ce3ad65586129583321d9459412ff9fd4af.zip pfsense-82e89ce3ad65586129583321d9459412ff9fd4af.tar.gz |
Use more secure file name for the operations to avoid issues
Diffstat (limited to 'usr/local/www/services_captiveportal_mac_edit.php')
-rwxr-xr-x | usr/local/www/services_captiveportal_mac_edit.php | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/usr/local/www/services_captiveportal_mac_edit.php b/usr/local/www/services_captiveportal_mac_edit.php index 7e31f42..b0e1ebb 100755 --- a/usr/local/www/services_captiveportal_mac_edit.php +++ b/usr/local/www/services_captiveportal_mac_edit.php @@ -156,10 +156,11 @@ if ($_POST) { } $rules .= captiveportal_passthrumac_configure_entry($mac); - file_put_contents("{$g['tmp_path']}/{$cpzone}_tmpmacedit{$id}", $rules); + $uniqid = uniqid("{$cpzone}_macedit"); + file_put_contents("{$g['tmp_path']}/{$uniqid}_tmp", $rules); captiveportal_ipfw_set_context($cpzone); - mwexec("/sbin/ipfw -q {$g['tmp_path']}/{$cpzone}_tmpmacedit{$id}"); - @unlink("{$g['tmp_path']}/{$cpzone}_tmpmacedit{$id}"); + mwexec("/sbin/ipfw -q {$g['tmp_path']}/{$uniqid}_tmp"); + @unlink("{$g['tmp_path']}/{$uniqid}_tmp"); } header("Location: services_captiveportal_mac.php?zone={$cpzone}"); |