diff options
author | Renato Botelho <garga@FreeBSD.org> | 2014-09-11 17:40:23 -0300 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2014-09-11 18:22:17 -0300 |
commit | 1a6769a630b73e20dc093df7d9b59e8bd4dfce74 (patch) | |
tree | ab332b3cebb1e5527278a1b0e0d2ce0090472416 /usr/local/www/system_usermanager_addprivs.php | |
parent | 7c2d0050ecb2895b4203151145c44cdcccffa073 (diff) | |
download | pfsense-1a6769a630b73e20dc093df7d9b59e8bd4dfce74.zip pfsense-1a6769a630b73e20dc093df7d9b59e8bd4dfce74.tar.gz |
Replace GET by POST on system_usermanager.php and make necessary adjustments on necessary pages. It fixes #3856
Diffstat (limited to 'usr/local/www/system_usermanager_addprivs.php')
-rw-r--r-- | usr/local/www/system_usermanager_addprivs.php | 12 |
1 files changed, 4 insertions, 8 deletions
diff --git a/usr/local/www/system_usermanager_addprivs.php b/usr/local/www/system_usermanager_addprivs.php index bf4a02e..1d0a9e6 100644 --- a/usr/local/www/system_usermanager_addprivs.php +++ b/usr/local/www/system_usermanager_addprivs.php @@ -51,17 +51,13 @@ if (is_numericint($_GET['userid'])) if (isset($_POST['userid']) && is_numericint($_POST['userid'])) $userid = $_POST['userid']; -$a_user = & $config['system']['user'][$userid]; -if (!is_array($a_user)) { - pfSenseHeader("system_usermanager.php?id={$userid}"); - exit; -} - -if (!is_array($a_user)) { +if (!isset($config['system']['user'][$userid]) && !is_array($config['system']['user'][$userid])) { pfSenseHeader("system_usermanager.php"); exit; } +$a_user = & $config['system']['user'][$userid]; + if (!is_array($a_user['priv'])) $a_user['priv'] = array(); @@ -99,7 +95,7 @@ if ($_POST) { $savemsg = get_std_save_message($retval); conf_mount_ro(); - pfSenseHeader("system_usermanager.php?act=edit&id={$userid}"); + post_redirect("system_usermanager.php", array('act' => 'edit', 'userid' => $userid)); exit; } |