summaryrefslogtreecommitdiffstats
path: root/usr/local/www
diff options
context:
space:
mode:
authorErmal <eri@pfsense.org>2012-11-20 09:19:47 +0000
committerErmal <eri@pfsense.org>2012-11-20 09:19:47 +0000
commit36f509579fd40903299477ffd4a4900e57786d73 (patch)
tree9eb73433241f585fb5f6bf326c56a16e354a7e78 /usr/local/www
parent1e5eedbbb5a2ff2a28fb221daba9e40c4c88a4d9 (diff)
downloadpfsense-36f509579fd40903299477ffd4a4900e57786d73.zip
pfsense-36f509579fd40903299477ffd4a4900e57786d73.tar.gz
Allow only post action and not get to avoid security problems
Diffstat (limited to 'usr/local/www')
-rw-r--r--usr/local/www/edit.php27
1 files changed, 12 insertions, 15 deletions
diff --git a/usr/local/www/edit.php b/usr/local/www/edit.php
index 56088b4..a87dfa4 100644
--- a/usr/local/www/edit.php
+++ b/usr/local/www/edit.php
@@ -36,46 +36,43 @@
##|*MATCH=edit.php*
##|-PRIV
-if($_REQUEST['action'] === "load" || $_REQUEST['action'] === "save")
- $nocsrf = true;
-
$pgtitle = array(gettext("Diagnostics"), gettext("Edit file"));
require("guiconfig.inc");
-if($_REQUEST['action']) {
- switch($_REQUEST['action']) {
+if($_POST['action']) {
+ switch($_POST['action']) {
case 'load':
- if(strlen($_REQUEST['file']) < 1) {
+ if(strlen($_POST['file']) < 1) {
echo "|5|" . gettext("No file name specified") . ".|";
- } elseif(is_dir($_REQUEST['file'])) {
+ } elseif(is_dir($_POST['file'])) {
echo "|4|" . gettext("Loading a directory is not supported") . ".|";
- } elseif(! is_file($_REQUEST['file'])) {
+ } elseif(! is_file($_POST['file'])) {
echo "|3|" . gettext("File does not exist or is not a regular file") . ".|";
} else {
- $data = file_get_contents(urldecode($_REQUEST['file']));
+ $data = file_get_contents(urldecode($_POST['file']));
if($data === false) {
echo "|1|" . gettext("Failed to read file") . ".|";
} else {
- echo "|0|{$_REQUEST['file']}|{$data}|";
+ echo "|0|{$_POST['file']}|{$data}|";
}
}
exit;
case 'save':
- if(strlen($_REQUEST['file']) < 1) {
+ if(strlen($_POST['file']) < 1) {
echo "|" . gettext("No file name specified") . ".|";
} else {
conf_mount_rw();
- $_REQUEST['data'] = str_replace("\r", "", base64_decode($_REQUEST['data']));
- $ret = file_put_contents($_REQUEST['file'], $_REQUEST['data']);
+ $_POST['data'] = str_replace("\r", "", base64_decode($_POST['data']));
+ $ret = file_put_contents($_POST['file'], $_POST['data']);
conf_mount_ro();
- if($_REQUEST['file'] == "/conf/config.xml" || $_REQUEST['file'] == "/cf/conf/config.xml") {
+ if($_POST['file'] == "/conf/config.xml" || $_POST['file'] == "/cf/conf/config.xml") {
if(file_exists("/tmp/config.cache"))
unlink("/tmp/config.cache");
disable_security_checks();
}
if($ret === false) {
echo "|" . gettext("Failed to write file") . ".|";
- } elseif($ret <> strlen($_REQUEST['data'])) {
+ } elseif($ret <> strlen($_POST['data'])) {
echo "|" . gettext("Error while writing file") . ".|";
} else {
echo "|" . gettext("File successfully saved") . ".|";
OpenPOWER on IntegriCloud