diff options
| author | jim-p <jimp@pfsense.org> | 2011-01-10 16:23:49 -0500 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2011-01-10 16:23:49 -0500 |
| commit | 887b5af57341fb29f1d8dae271315b43beda33d9 (patch) | |
| tree | ed9ea6a32f59f1a34b6ee92138f728e1a42388bd /usr/local/www/vpn_pptp_users_edit.php | |
| parent | d0dc2fd1ab660c05422bf8001ce7a02cc25bb041 (diff) | |
| download | pfsense-887b5af57341fb29f1d8dae271315b43beda33d9.zip pfsense-887b5af57341fb29f1d8dae271315b43beda33d9.tar.gz | |
Be more restrictive with PPTP passwords, invalid characters can blow up the config.
Diffstat (limited to 'usr/local/www/vpn_pptp_users_edit.php')
| -rwxr-xr-x | usr/local/www/vpn_pptp_users_edit.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/usr/local/www/vpn_pptp_users_edit.php b/usr/local/www/vpn_pptp_users_edit.php index 73ba7cc..1cd0075 100755 --- a/usr/local/www/vpn_pptp_users_edit.php +++ b/usr/local/www/vpn_pptp_users_edit.php @@ -84,7 +84,7 @@ if ($_POST) { if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['username'])) $input_errors[] = gettext("The username contains invalid characters."); - if (preg_match("/[[:cntrl:]\"]/", $_POST['password'])) + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['passwordfld'])) $input_errors[] = gettext("The password contains invalid characters."); if (preg_match("/^!/", $_POST['password'])) |
