diff options
author | Renato Botelho <garga@FreeBSD.org> | 2014-03-12 11:35:57 -0300 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2014-03-12 11:42:49 -0300 |
commit | e41ec5848f21015068255c1d61d01edf442e8e7e (patch) | |
tree | 45c3214c1e3d638dbacb217cd3de95fb4aa6e770 /usr/local/www/system_camanager.php | |
parent | 49f3f28fea92114b09d3b2d8103398c4adcb3635 (diff) | |
download | pfsense-e41ec5848f21015068255c1d61d01edf442e8e7e.zip pfsense-e41ec5848f21015068255c1d61d01edf442e8e7e.tar.gz |
Improve checks for params 'id', 'dup' and other similar ones to make sure they are numeric integer, also, pass them through htmlspecialchars() before print
Diffstat (limited to 'usr/local/www/system_camanager.php')
-rw-r--r-- | usr/local/www/system_camanager.php | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/usr/local/www/system_camanager.php b/usr/local/www/system_camanager.php index ebbb882..63669e4 100644 --- a/usr/local/www/system_camanager.php +++ b/usr/local/www/system_camanager.php @@ -50,8 +50,9 @@ $openssl_digest_algs = array("sha1", "sha224", "sha256", "sha384", "sha512"); $pgtitle = array(gettext("System"), gettext("Certificate Authority Manager")); -$id = $_GET['id']; -if (isset($_POST['id'])) +if (is_numericint($_GET['id'])) + $id = $_GET['id']; +if (isset($_POST['id']) && is_numericint($_POST['id'])) $id = $_POST['id']; if (!is_array($config['ca'])) @@ -369,7 +370,7 @@ function method_change() { <form action="system_camanager.php" method="post" name="iform" id="iform"> <?php if ($act == "edit"): ?> <input type="hidden" name="edit" value="edit" id="edit" /> - <input type="hidden" name="id" value="<?php echo $id; ?>" id="id" /> + <input type="hidden" name="id" value="<?php echo htmlspecialchars($id); ?>" id="id" /> <input type="hidden" name="refid" value="<?php echo $pconfig['refid']; ?>" id="refid" /> <?php endif; ?> <table width="100%" border="0" cellpadding="6" cellspacing="0" summary="main area"> @@ -577,7 +578,7 @@ function method_change() { <td width="78%"> <input id="submit" name="save" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" /> <?php if (isset($id) && $a_ca[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>" /> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" /> <?php endif;?> </td> </tr> |