diff options
author | jim-p <jimp@pfsense.org> | 2015-03-05 09:00:18 -0500 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2015-03-05 09:01:05 -0500 |
commit | eae1fb1df242d8cc492796890c0d29fc599f76f7 (patch) | |
tree | fb8d91e8eb199460151bea49fcf52058b2e95a99 /usr/local/www/system_firmware_restorefullbackup.php | |
parent | 8106d4467a32b1f19704bad3c928e9fd0282b113 (diff) | |
download | pfsense-eae1fb1df242d8cc492796890c0d29fc599f76f7.zip pfsense-eae1fb1df242d8cc492796890c0d29fc599f76f7.tar.gz |
Be more strict about the file to restore or delete when working with full backups.
Diffstat (limited to 'usr/local/www/system_firmware_restorefullbackup.php')
-rw-r--r-- | usr/local/www/system_firmware_restorefullbackup.php | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/usr/local/www/system_firmware_restorefullbackup.php b/usr/local/www/system_firmware_restorefullbackup.php index c482a29..b31d096 100644 --- a/usr/local/www/system_firmware_restorefullbackup.php +++ b/usr/local/www/system_firmware_restorefullbackup.php @@ -87,18 +87,22 @@ if($_GET['downloadbackup']) { } if ($_GET['deletefile']) { - $filename = $_GET['deletefile']; - if(file_exists("/root/{$filename}")) { + $filename = basename($_GET['deletefile']); + if(file_exists("/root/{$filename}") && (preg_match("/pfSense-full-backup-\d+-\d+\.tgz/", $filename) == 1)) { unlink("/root/" . $filename); - $savemsg = gettext("$filename has been deleted."); + $savemsg = htmlspecialchars($filename) . " " . gettext("has been deleted."); + } else { + $savemsg = htmlspecialchars($filename) . " " . gettext("has not been been deleted (invalid backup file or file does not exist)."); } } if ($_POST['restorefile']) { - $filename = $_POST['restorefile']; - if(file_exists("/root/{$filename}")) { + $filename = basename($_POST['restorefile']); + if(file_exists("/root/{$filename}") && (preg_match("/pfSense-full-backup-\d+-\d+\.tgz/", $filename) == 1)) { mwexec_bg("/etc/rc.restore_full_backup /root/" . escapeshellcmd($filename)); - $savemsg = gettext("The firewall is currently restoring $filename"); + $savemsg = gettext("The firewall is currently restoring") . " " . htmlspecialchars($filename); + } else { + $savemsg = htmlspecialchars($filename) . " " . gettext("has not been been restored (invalid backup file or file does not exist)."); } } |