diff options
author | Renato Botelho <garga@FreeBSD.org> | 2014-06-19 13:04:57 -0300 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2014-06-19 13:04:57 -0300 |
commit | 902da388054922274bac36701d0b3ffa09847602 (patch) | |
tree | dc068ffa5d20bad39e2ab5f7d9b009201115e37d /usr/local/www/status_rrd_graph_img.php | |
parent | bc27c6d1eed6eb64c3ffe240414f736ee8122367 (diff) | |
download | pfsense-902da388054922274bac36701d0b3ffa09847602.zip pfsense-902da388054922274bac36701d0b3ffa09847602.tar.gz |
Remove also . and / from graph
Diffstat (limited to 'usr/local/www/status_rrd_graph_img.php')
-rw-r--r-- | usr/local/www/status_rrd_graph_img.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/usr/local/www/status_rrd_graph_img.php b/usr/local/www/status_rrd_graph_img.php index 837103a..868e3a1 100644 --- a/usr/local/www/status_rrd_graph_img.php +++ b/usr/local/www/status_rrd_graph_img.php @@ -57,7 +57,7 @@ if ($_GET['style']) { /* this is used for temp name */ if ($_GET['graph']) { - $curgraph = str_replace(array("<", ">", ";", "&", "'", '"'), "", htmlspecialchars_decode($_GET['graph'], ENT_QUOTES | ENT_HTML401)); + $curgraph = str_replace(array("<", ">", ";", "&", "'", '"', '.', '/'), "", htmlspecialchars_decode($_GET['graph'], ENT_QUOTES | ENT_HTML401)); } else { $curgraph = "custom"; } |