diff options
author | Seth Mos <seth.mos@dds.nl> | 2010-11-15 12:46:58 +0100 |
---|---|---|
committer | Seth Mos <seth.mos@dds.nl> | 2010-11-15 12:46:58 +0100 |
commit | 172007f50c215acf458340773a32052c28556aaa (patch) | |
tree | 02fa2faa661d7ee1e431201c99da0c1cc1dea43c /usr/local/www | |
parent | 4f3768154fc8e1cf705e1c5342aef89d3a32aefc (diff) | |
parent | 64ec1ddf3503679cdf866e37ca9e99ec9974dc6b (diff) | |
download | pfsense-172007f50c215acf458340773a32052c28556aaa.zip pfsense-172007f50c215acf458340773a32052c28556aaa.tar.gz |
Merge remote branch 'upstream/master'
Conflicts:
etc/inc/filter.inc
etc/inc/system.inc
usr/local/www/interfaces.php
usr/local/www/interfaces_gif_edit.php
Diffstat (limited to 'usr/local/www')
91 files changed, 1237 insertions, 458 deletions
diff --git a/usr/local/www/csrf/csrf-magic.js b/usr/local/www/csrf/csrf-magic.js new file mode 100644 index 0000000..820f6e8 --- /dev/null +++ b/usr/local/www/csrf/csrf-magic.js @@ -0,0 +1,177 @@ +/**
+ * @file
+ *
+ * Rewrites XMLHttpRequest to automatically send CSRF token with it. In theory
+ * plays nice with other JavaScript libraries, needs testing though.
+ */
+
+// Here are the basic overloaded method definitions
+// The wrapper must be set BEFORE onreadystatechange is written to, since
+// a bug in ActiveXObject prevents us from properly testing for it.
+CsrfMagic = function(real) {
+ // try to make it ourselves, if you didn't pass it
+ if (!real) try { real = new XMLHttpRequest; } catch (e) {;}
+ if (!real) try { real = new ActiveXObject('Msxml2.XMLHTTP'); } catch (e) {;}
+ if (!real) try { real = new ActiveXObject('Microsoft.XMLHTTP'); } catch (e) {;}
+ if (!real) try { real = new ActiveXObject('Msxml2.XMLHTTP.4.0'); } catch (e) {;}
+ this.csrf = real;
+ // properties
+ var csrfMagic = this;
+ real.onreadystatechange = function() {
+ csrfMagic._updateProps();
+ return csrfMagic.onreadystatechange ? csrfMagic.onreadystatechange() : null;
+ };
+ csrfMagic._updateProps();
+}
+
+CsrfMagic.prototype = {
+
+ open: function(method, url, async, username, password) {
+ if (method == 'POST') this.csrf_isPost = true;
+ // deal with Opera bug, thanks jQuery
+ if (username) return this.csrf_open(method, url, async, username, password);
+ else return this.csrf_open(method, url, async);
+ },
+ csrf_open: function(method, url, async, username, password) {
+ if (username) return this.csrf.open(method, url, async, username, password);
+ else return this.csrf.open(method, url, async);
+ },
+
+ send: function(data) {
+ if (!this.csrf_isPost) return this.csrf_send(data);
+ prepend = csrfMagicName + '=' + csrfMagicToken + '&';
+ if (this.csrf_purportedLength === undefined) {
+ this.csrf_setRequestHeader("Content-length", this.csrf_purportedLength + prepend.length);
+ delete this.csrf_purportedLength;
+ }
+ delete this.csrf_isPost;
+ return this.csrf_send(prepend + data);
+ },
+ csrf_send: function(data) {
+ return this.csrf.send(data);
+ },
+
+ setRequestHeader: function(header, value) {
+ // We have to auto-set this at the end, since we don't know how long the
+ // nonce is when added to the data.
+ if (this.csrf_isPost && header == "Content-length") {
+ this.csrf_purportedLength = value;
+ return;
+ }
+ return this.csrf_setRequestHeader(header, value);
+ },
+ csrf_setRequestHeader: function(header, value) {
+ return this.csrf.setRequestHeader(header, value);
+ },
+
+ abort: function() {
+ return this.csrf.abort();
+ },
+ getAllResponseHeaders: function() {
+ return this.csrf.getAllResponseHeaders();
+ },
+ getResponseHeader: function(header) {
+ return this.csrf.getResponseHeader(header);
+ } // ,
+}
+
+// proprietary
+CsrfMagic.prototype._updateProps = function() {
+ this.readyState = this.csrf.readyState;
+ if (this.readyState == 4) {
+ this.responseText = this.csrf.responseText;
+ this.responseXML = this.csrf.responseXML;
+ this.status = this.csrf.status;
+ this.statusText = this.csrf.statusText;
+ }
+}
+CsrfMagic.process = function(base) {
+ var prepend = csrfMagicName + '=' + csrfMagicToken;
+ if (base) return prepend + '&' + base;
+ return prepend;
+}
+// callback function for when everything on the page has loaded
+CsrfMagic.end = function() {
+ // This rewrites forms AGAIN, so in case buffering didn't work this
+ // certainly will.
+ forms = document.getElementsByTagName('form');
+ for (var i = 0; i < forms.length; i++) {
+ form = forms[i];
+ if (form.method.toUpperCase() !== 'POST') continue;
+ if (form.elements[csrfMagicName]) continue;
+ var input = document.createElement('input');
+ input.setAttribute('name', csrfMagicName);
+ input.setAttribute('value', csrfMagicToken);
+ input.setAttribute('type', 'hidden');
+ form.appendChild(input);
+ }
+}
+
+// Sets things up for Mozilla/Opera/nice browsers
+if (window.XMLHttpRequest && window.XMLHttpRequest.prototype) {
+ var x = XMLHttpRequest.prototype;
+ var c = CsrfMagic.prototype;
+
+ // Save the original functions
+ x.csrf_open = x.open;
+ x.csrf_send = x.send;
+ x.csrf_setRequestHeader = x.setRequestHeader;
+
+ // Notice that CsrfMagic is itself an instantiatable object, but only
+ // open, send and setRequestHeader are necessary as decorators.
+ x.open = c.open;
+ x.send = c.send;
+ x.setRequestHeader = c.setRequestHeader;
+} else {
+ // The only way we can do this is by modifying a library you have been
+ // using. We support YUI, script.aculo.us, prototype, MooTools,
+ // jQuery, Ext and Dojo.
+ if (window.jQuery) {
+ // jQuery didn't implement a new XMLHttpRequest function, so we have
+ // to do this the hard way.
+ jQuery.csrf_ajax = jQuery.ajax;
+ jQuery.ajax = function( s ) {
+ if (s.type && s.type.toUpperCase() == 'POST') {
+ s = jQuery.extend(true, s, jQuery.extend(true, {}, jQuery.ajaxSettings, s));
+ if ( s.data && s.processData && typeof s.data != "string" ) {
+ s.data = jQuery.param(s.data);
+ }
+ s.data = CsrfMagic.process(s.data);
+ }
+ return jQuery.csrf_ajax( s );
+ }
+ } else if (window.Prototype) {
+ // This works for script.aculo.us too
+ Ajax.csrf_getTransport = Ajax.getTransport;
+ Ajax.getTransport = function() {
+ return new CsrfMagic(Ajax.csrf_getTransport());
+ }
+ } else if (window.MooTools) {
+ Browser.csrf_Request = Browser.Request;
+ Browser.Request = function () {
+ return new CsrfMagic(Browser.csrf_Request());
+ }
+ } else if (window.YAHOO) {
+ YAHOO.util.Connect.csrf_createXhrObject = YAHOO.util.Connect.createXhrObject;
+ YAHOO.util.Connect.createXhrObject = function (transaction) {
+ obj = YAHOO.util.Connect.csrf_createXhrObject(transaction);
+ obj.conn = new CsrfMagic(obj.conn);
+ return obj;
+ }
+ } else if (window.Ext) {
+ // Ext can use other js libraries as loaders, so it has to come last
+ // Ext's implementation is pretty identical to Yahoo's, but we duplicate
+ // it for comprehensiveness's sake.
+ Ext.lib.Ajax.csrf_createXhrObject = Ext.lib.Ajax.createXhrObject;
+ Ext.lib.Ajax.createXhrObject = function (transaction) {
+ obj = Ext.lib.Ajax.csrf_createXhrObject(transaction);
+ obj.conn = new CsrfMagic(obj.conn);
+ return obj;
+ }
+ } else if (window.dojo) {
+ dojo.csrf__xhrObj = dojo._xhrObj;
+ dojo._xhrObj = function () {
+ return new CsrfMagic(dojo.csrf__xhrObj());
+ }
+ }
+}
diff --git a/usr/local/www/csrf/csrf-magic.php b/usr/local/www/csrf/csrf-magic.php new file mode 100644 index 0000000..447ecc9 --- /dev/null +++ b/usr/local/www/csrf/csrf-magic.php @@ -0,0 +1,372 @@ +<?php
+
+/**
+ * @file
+ *
+ * csrf-magic is a PHP library that makes adding CSRF-protection to your
+ * web applications a snap. No need to modify every form or create a database
+ * of valid nonces; just include this file at the top of every
+ * web-accessible page (or even better, your common include file included
+ * in every page), and forget about it! (There are, of course, configuration
+ * options for advanced users).
+ *
+ * This library is PHP4 and PHP5 compatible.
+ */
+
+// CONFIGURATION:
+
+/**
+ * By default, when you include this file csrf-magic will automatically check
+ * and exit if the CSRF token is invalid. This will defer executing
+ * csrf_check() until you're ready. You can also pass false as a parameter to
+ * that function, in which case the function will not exit but instead return
+ * a boolean false if the CSRF check failed. This allows for tighter integration
+ * with your system.
+ */
+$GLOBALS['csrf']['defer'] = false;
+
+/**
+ * This is the amount of seconds you wish to allow before any token becomes
+ * invalid; the default is two hours, which should be more than enough for
+ * most websites.
+ */
+$GLOBALS['csrf']['expires'] = 7200;
+
+/**
+ * Callback function to execute when there's the CSRF check fails and
+ * $fatal == true (see csrf_check). This will usually output an error message
+ * about the failure.
+ */
+$GLOBALS['csrf']['callback'] = 'csrf_callback';
+
+/**
+ * Whether or not to include our JavaScript library which also rewrites
+ * AJAX requests on this domain. Set this to the web path. This setting only works
+ * with supported JavaScript libraries in Internet Explorer; see README.txt for
+ * a list of supported libraries.
+ */
+$GLOBALS['csrf']['rewrite-js'] = false;
+
+/**
+ * A secret key used when hashing items. Please generate a random string and
+ * place it here. If you change this value, all previously generated tokens
+ * will become invalid.
+ */
+$GLOBALS['csrf']['secret'] = '';
+
+/**
+ * Set this to false to disable csrf-magic's output handler, and therefore,
+ * its rewriting capabilities. If you're serving non HTML content, you should
+ * definitely set this false.
+ */
+$GLOBALS['csrf']['rewrite'] = true;
+
+/**
+ * Whether or not to use IP addresses when binding a user to a token. This is
+ * less reliable and less secure than sessions, but is useful when you need
+ * to give facilities to anonymous users and do not wish to maintain a database
+ * of valid keys.
+ */
+$GLOBALS['csrf']['allow-ip'] = true;
+
+/**
+ * If this information is available, use the cookie by this name to determine
+ * whether or not to allow the request. This is a shortcut implementation
+ * very similar to 'key', but we randomly set the cookie ourselves.
+ */
+$GLOBALS['csrf']['cookie'] = '__csrf_cookie';
+
+/**
+ * If this information is available, set this to a unique identifier (it
+ * can be an integer or a unique username) for the current "user" of this
+ * application. The token will then be globally valid for all of that user's
+ * operations, but no one else. This requires that 'secret' be set.
+ */
+$GLOBALS['csrf']['user'] = false;
+
+/**
+ * This is an arbitrary secret value associated with the user's session. This
+ * will most probably be the contents of a cookie, as an attacker cannot easily
+ * determine this information. Warning: If the attacker knows this value, they
+ * can easily spoof a token. This is a generic implementation; sessions should
+ * work in most cases.
+ *
+ * Why would you want to use this? Lets suppose you have a squid cache for your
+ * website, and the presence of a session cookie bypasses it. Let's also say
+ * you allow anonymous users to interact with the website; submitting forms
+ * and AJAX. Previously, you didn't have any CSRF protection for anonymous users
+ * and so they never got sessions; you don't want to start using sessions either,
+ * otherwise you'll bypass the Squid cache. Setup a different cookie for CSRF
+ * tokens, and have Squid ignore that cookie for get requests, for anonymous
+ * users. (If you haven't guessed, this scheme was(?) used for MediaWiki).
+ */
+$GLOBALS['csrf']['key'] = false;
+
+/**
+ * The name of the magic CSRF token that will be placed in all forms, i.e.
+ * the contents of <input type="hidden" name="$name" value="CSRF-TOKEN" />
+ */
+$GLOBALS['csrf']['input-name'] = '__csrf_magic';
+
+/**
+ * Set this to false if your site must work inside of frame/iframe elements,
+ * but do so at your own risk: this configuration protects you against CSS
+ * overlay attacks that defeat tokens.
+ */
+$GLOBALS['csrf']['frame-breaker'] = true;
+
+/**
+ * Whether or not CSRF Magic should be allowed to start a new session in order
+ * to determine the key.
+ */
+$GLOBALS['csrf']['auto-session'] = true;
+
+/**
+ * Whether or not csrf-magic should produce XHTML style tags.
+ */
+$GLOBALS['csrf']['xhtml'] = true;
+
+// FUNCTIONS:
+
+// Don't edit this!
+$GLOBALS['csrf']['version'] = '1.0.1';
+
+/**
+ * Rewrites <form> on the fly to add CSRF tokens to them. This can also
+ * inject our JavaScript library.
+ */
+function csrf_ob_handler($buffer, $flags) {
+ // Even though the user told us to rewrite, we should do a quick heuristic
+ // to check if the page is *actually* HTML. We don't begin rewriting until
+ // we hit the first <html tag.
+ static $is_html = false;
+ if (!$is_html) {
+ // not HTML until proven otherwise
+ if (stripos($buffer, '<html') !== false) {
+ $is_html = true;
+ } else {
+ return $buffer;
+ }
+ }
+ $tokens = csrf_get_tokens();
+ $name = $GLOBALS['csrf']['input-name'];
+ $endslash = $GLOBALS['csrf']['xhtml'] ? ' /' : '';
+ $input = "<input type='hidden' name='$name' value=\"$tokens\"$endslash>";
+ $buffer = preg_replace('#(<form[^>]*method\s*=\s*["\']post["\'][^>]*>)#i', '$1' . $input, $buffer);
+ if ($GLOBALS['csrf']['frame-breaker']) {
+ $buffer = str_ireplace('</head>', '<script type="text/javascript">if (top != self) {top.location.href = self.location.href;}</script></head>', $buffer);
+ }
+ if ($js = $GLOBALS['csrf']['rewrite-js']) {
+ $buffer = str_ireplace(
+ '</head>',
+ '<script type="text/javascript">'.
+ 'var csrfMagicToken = "'.$tokens.'";'.
+ 'var csrfMagicName = "'.$name.'";</script>'.
+ '<script src="'.$js.'" type="text/javascript"></script></head>',
+ $buffer
+ );
+ $script = '<script type="text/javascript">CsrfMagic.end();</script>';
+ $buffer = str_ireplace('</body>', $script . '</body>', $buffer, $count);
+ if (!$count) {
+ $buffer .= $script;
+ }
+ }
+ return $buffer;
+}
+
+/**
+ * Checks if this is a post request, and if it is, checks if the nonce is valid.
+ * @param bool $fatal Whether or not to fatally error out if there is a problem.
+ * @return True if check passes or is not necessary, false if failure.
+ */
+function csrf_check($fatal = true) {
+ if ($_SERVER['REQUEST_METHOD'] !== 'POST') return true;
+ csrf_start();
+ $name = $GLOBALS['csrf']['input-name'];
+ $ok = false;
+ $tokens = '';
+ do {
+ if (!isset($_POST[$name])) break;
+ // we don't regenerate a token and check it because some token creation
+ // schemes are volatile.
+ $tokens = $_POST[$name];
+ if (!csrf_check_tokens($tokens)) break;
+ $ok = true;
+ } while (false);
+ if ($fatal && !$ok) {
+ $callback = $GLOBALS['csrf']['callback'];
+ if (trim($tokens, 'A..Za..z0..9:;,') !== '') $tokens = 'hidden';
+ $callback($tokens);
+ exit;
+ }
+ return $ok;
+}
+
+/**
+ * Retrieves a valid token(s) for a particular context. Tokens are separated
+ * by semicolons.
+ */
+function csrf_get_tokens() {
+ $has_cookies = !empty($_COOKIE);
+
+ // $ip implements a composite key, which is sent if the user hasn't sent
+ // any cookies. It may or may not be used, depending on whether or not
+ // the cookies "stick"
+ if (!$has_cookies && $secret) {
+ // :TODO: Harden this against proxy-spoofing attacks
+ $ip = ';ip:' . csrf_hash($_SERVER['IP_ADDRESS']);
+ } else {
+ $ip = '';
+ }
+ csrf_start();
+
+ // These are "strong" algorithms that don't require per se a secret
+ if (session_id()) return 'sid:' . csrf_hash(session_id()) . $ip;
+ if ($GLOBALS['csrf']['cookie']) {
+ $val = csrf_generate_secret();
+ setcookie($GLOBALS['csrf']['cookie'], $val);
+ return 'cookie:' . csrf_hash($val) . $ip;
+ }
+ if ($GLOBALS['csrf']['key']) return 'key:' . csrf_hash($GLOBALS['csrf']['key']) . $ip;
+ // These further algorithms require a server-side secret
+ if ($secret === '') return 'invalid';
+ if ($GLOBALS['csrf']['user'] !== false) {
+ return 'user:' . csrf_hash($GLOBALS['csrf']['user']);
+ }
+ if ($GLOBALS['csrf']['allow-ip']) {
+ return ltrim($ip, ';');
+ }
+ return 'invalid';
+}
+
+/**
+ * @param $tokens is safe for HTML consumption
+ */
+function csrf_callback($tokens) {
+ header($_SERVER['SERVER_PROTOCOL'] . ' 403 Forbidden');
+ echo "<html><head><title>CSRF check failed</title></head><body>CSRF check failed. Please enable cookies.<br />Debug: ".$tokens."</body></html>
+";
+}
+
+/**
+ * Checks if a composite token is valid. Outward facing code should use this
+ * instead of csrf_check_token()
+ */
+function csrf_check_tokens($tokens) {
+ if (is_string($tokens)) $tokens = explode(';', $tokens);
+ foreach ($tokens as $token) {
+ if (csrf_check_token($token)) return true;
+ }
+ return false;
+}
+
+/**
+ * Checks if a token is valid.
+ */
+function csrf_check_token($token) {
+ if (strpos($token, ':') === false) return false;
+ list($type, $value) = explode(':', $token, 2);
+ if (strpos($value, ',') === false) return false;
+ list($x, $time) = explode(',', $token, 2);
+ if ($GLOBALS['csrf']['expires']) {
+ if (time() > $time + $GLOBALS['csrf']['expires']) return false;
+ }
+ switch ($type) {
+ case 'sid':
+ return $value === csrf_hash(session_id(), $time);
+ case 'cookie':
+ $n = $GLOBALS['csrf']['cookie'];
+ if (!$n) return false;
+ if (!isset($_COOKIE[$n])) return false;
+ return $value === csrf_hash($_COOKIE[$n], $time);
+ case 'key':
+ if (!$GLOBALS['csrf']['key']) return false;
+ return $value === csrf_hash($GLOBALS['csrf']['key'], $time);
+ // We could disable these 'weaker' checks if 'key' was set, but
+ // that doesn't make me feel good then about the cookie-based
+ // implementation.
+ case 'user':
+ if ($GLOBALS['csrf']['secret'] === '') return false;
+ if ($GLOBALS['csrf']['user'] === false) return false;
+ return $value === csrf_hash($GLOBALS['csrf']['user'], $time);
+ case 'ip':
+ if (csrf_get_secret() === '') return false;
+ // do not allow IP-based checks if the username is set, or if
+ // the browser sent cookies
+ if ($GLOBALS['csrf']['user'] !== false) return false;
+ if (!empty($_COOKIE)) return false;
+ if (!$GLOBALS['csrf']['allow-ip']) return false;
+ return $value === csrf_hash($_SERVER['IP_ADDRESS'], $time);
+ }
+ return false;
+}
+
+/**
+ * Sets a configuration value.
+ */
+function csrf_conf($key, $val) {
+ if (!isset($GLOBALS['csrf'][$key])) {
+ trigger_error('No such configuration ' . $key, E_USER_WARNING);
+ return;
+ }
+ $GLOBALS['csrf'][$key] = $val;
+}
+
+/**
+ * Starts a session if we're allowed to.
+ */
+function csrf_start() {
+ if ($GLOBALS['csrf']['auto-session'] && !session_id()) {
+ session_start();
+ }
+}
+
+/**
+ * Retrieves the secret, and generates one if necessary.
+ */
+function csrf_get_secret() {
+ if ($GLOBALS['csrf']['secret']) return $GLOBALS['csrf']['secret'];
+ $dir = dirname(__FILE__);
+ $file = $dir . '/csrf-secret.php';
+ $secret = '';
+ if (file_exists($file)) {
+ include $file;
+ return $secret;
+ }
+ if (is_writable($dir)) {
+ $secret = csrf_generate_secret();
+ $fh = fopen($file, 'w');
+ fwrite($fh, '<?php $secret = "'.$secret.'";' . PHP_EOL);
+ fclose($fh);
+ return $secret;
+ }
+ return '';
+}
+
+/**
+ * Generates a random string as the hash of time, microtime, and mt_rand.
+ */
+function csrf_generate_secret($len = 32) {
+ $secret = '';
+ for ($i = 0; $i < 32; $i++) {
+ $secret .= chr(mt_rand(0, 255));
+ }
+ $secret .= time() . microtime();
+ return sha1($secret);
+}
+
+/**
+ * Generates a hash/expiry double. If time isn't set it will be calculated
+ * from the current time.
+ */
+function csrf_hash($value, $time = null) {
+ if (!$time) $time = time();
+ return sha1($secret . $value . $time) . ',' . $time;
+}
+
+// Load user configuration
+if (function_exists('csrf_startup')) csrf_startup();
+// Initialize our handler
+if ($GLOBALS['csrf']['rewrite']) ob_start('csrf_ob_handler');
+// Perform check
+if (!$GLOBALS['csrf']['defer']) csrf_check();
diff --git a/usr/local/www/diag_authentication.php b/usr/local/www/diag_authentication.php index 19c0d69..a8f897c 100755 --- a/usr/local/www/diag_authentication.php +++ b/usr/local/www/diag_authentication.php @@ -105,13 +105,13 @@ include("head.inc"); <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Username"); ?></td> <td width="78%" class="vtable"> - <input class="formfld unknown" size='20' id='username' name='username' value='<?=$pconfig['username'];?>' /> + <input class="formfld unknown" size='20' id='username' name='username' value='<?=htmlspecialchars($pconfig['username']);?>' /> </td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Password"); ?></td> <td width="78%" class="vtable"> - <input class="formfld pwd" type='password' size='20' id='password' name='password' value='<?=$pconfig['password'];?>' /> + <input class="formfld pwd" type='password' size='20' id='password' name='password' value='<?=htmlspecialchars($pconfig['password']);?>' /> </td> </tr> <tr> diff --git a/usr/local/www/diag_dns.php b/usr/local/www/diag_dns.php index c286d44..ec42233 100644 --- a/usr/local/www/diag_dns.php +++ b/usr/local/www/diag_dns.php @@ -131,7 +131,7 @@ if ($_POST) { $type = "hostname"; $resolved = gethostbyname($host); if($resolved) { - $dig=`dig "$host" A | grep "$host" | grep -v ";" | awk '{ print $5 }'`; + $dig=`dig $host_esc A | grep $host_esc | grep -v ";" | awk '{ print $5 }'`; $resolved = split("\n", $dig); } $hostname = $host; @@ -182,12 +182,12 @@ include("head.inc"); ?> } if($found > 0) { if($alias_exists) { - echo "<br/><font size='-2'>An alias already exists for the hostname {$host}. To overwrite, click <a href='diag_dns.php?host=" . trim(urlencode($host)) . "&createalias=true&override=true'>here</a>."; + echo "<br/><font size='-2'>An alias already exists for the hostname " . htmlspecialchars($host) . ". To overwrite, click <a href='diag_dns.php?host=" . trim(urlencode(htmlspecialchars($host))) . "&createalias=true&override=true'>here</a>."; } else { if(!$createdalias) { - echo "<br/><font size='-2'><a href='diag_dns.php?host=" . trim(urlencode($host)) . "&createalias=true'>Create alias</a> out of these entries."; + echo "<br/><font size='-2'><a href='diag_dns.php?host=" . trim(urlencode(htmlspecialchars($host))) . "&createalias=true'>Create alias</a> out of these entries."; } else { - echo "<br/><font size='-2'>Alias created with name {$newalias['name']}"; + echo "<br/><font size='-2'>Alias created with name " . htmlspecialchars($newalias['name']); } } } @@ -234,8 +234,8 @@ include("head.inc"); ?> <tr> <td width="22%" valign="top" class="vncell"><?=gettext("More Information:");?></td> <td width="78%" class="vtable"> - <a target="_new" href ="/diag_ping.php?host=<?=$host?>&interface=wan&count=3"><?=gettext("Ping");?></a> <br/> - <a target="_new" href ="/diag_traceroute.php?host=<?=$host?>&ttl=18"><?=gettext("Traceroute");?></a> + <a target="_new" href ="/diag_ping.php?host=<?=htmlspecialchars($host)?>&interface=wan&count=3"><?=gettext("Ping");?></a> <br/> + <a target="_new" href ="/diag_traceroute.php?host=<?=htmlspecialchars($host)?>&ttl=18"><?=gettext("Traceroute");?></a> <p/> <?=gettext("NOTE: The following links are to external services, so their reliability cannot be guaranteed.");?><br/><br/> <a target="_new" href="http://private.dnsstuff.com/tools/whois.ch?ip=<?php echo $ipaddr; ?>"><?=gettext("IP WHOIS @ DNS Stuff");?></a><br /> diff --git a/usr/local/www/diag_dump_states.php b/usr/local/www/diag_dump_states.php index a2009c9..a8671c1 100755 --- a/usr/local/www/diag_dump_states.php +++ b/usr/local/www/diag_dump_states.php @@ -44,11 +44,9 @@ require_once("guiconfig.inc"); /* handle AJAX operations */ if($_GET['action']) { if($_GET['action'] == "remove") { - $srcip = $_GET['srcip']; - $dstip = $_GET['dstip']; - if (is_ipaddr($srcip) and is_ipaddr($dstip)) { - $retval = mwexec("/sbin/pfctl -k '{$srcip}' -k '{$dstip}'"); - echo htmlentities("|{$srcip}|{$dstip}|{$retval}|"); + if (is_ipaddr($_GET['srcip']) and is_ipaddr($_GET['dstip'])) { + $retval = mwexec("/sbin/pfctl -k " . escapeshellarg($_GET['srcip']) . " -k " . escapeshellarg($_GET['dstip'])); + echo htmlentities("|{$_GET['srcip']}|{$_GET['dstip']}|{$retval}|"); } else { echo gettext("invalid input"); } @@ -58,7 +56,7 @@ if($_GET['action']) { /* get our states */ if($_GET['filter']) { - exec("/sbin/pfctl -s state | grep " . escapeshellarg($_GET['filter']), $states); + exec("/sbin/pfctl -s state | grep " . escapeshellarg(htmlspecialchars($_GET['filter'])), $states); } else { exec("/sbin/pfctl -s state", $states); @@ -135,7 +133,7 @@ include("head.inc"); <td><?=gettext("Current state count:");?> <?=$current_statecount?></td> <td style="font-weight:bold;" align="right"> <?=gettext("Filter expression:");?> - <input type="text" name="filter" class="formfld search" value="<?=$_GET['filter'];?>" size="30" /> + <input type="text" name="filter" class="formfld search" value="<?=htmlspecialchars($_GET['filter']);?>" size="30" /> <input type="submit" class="formbtn" value="<?=gettext("Filter");?>" /> <td> </tr> diff --git a/usr/local/www/diag_ipsec.php b/usr/local/www/diag_ipsec.php index 9992f5c..e682a5f 100644 --- a/usr/local/www/diag_ipsec.php +++ b/usr/local/www/diag_ipsec.php @@ -51,6 +51,12 @@ require("guiconfig.inc"); include("head.inc"); require("ipsec.inc"); +if ($_GET['act'] == "connect") { + if (is_ipaddr($_GET['remoteid']) && is_ipaddr($_GET['source'])) { + exec("/sbin/ping -S " . escapeshellarg($_GET['source']) . " -c 1 " . escapeshellarg($_GET['remoteid'])); + } +} + if (!is_array($config['ipsec']['phase2'])) $config['ipsec']['phase2'] = array(); @@ -119,6 +125,26 @@ $sad = ipsec_dump_sad(); <img src ="/themes/<?=$g['theme']?>/images/icons/icon_<?=$icon?>.gif"> </center> </td> + <td class="list"> + <?php + $source = ""; + if ($ph2ent['localid']['type'] == 'lan') { + $source = get_interface_ip('lan'); + } else { + $source = get_interface_ip(find_ip_interface($ph2ent['localid']['address'])); + } + + ?> + <?php if (($ph2ent['remoteid']['type'] != "mobile") && ($icon != "pass") && ($source != "")): ?> + <center> + <a href="diag_ipsec.php?act=connect&remoteid=<?= $ph2ent['remoteid']['address'] ?>&source=<?= $source ?>"> + <img src ="/themes/<?=$g['theme']?>/images/icons/icon_service_start.gif" alt="Connect VPN" title="Connect VPN" border="0"> + </a> + </center> + <?php else: ?> + + <?php endif; ?> + </td> </tr> <?php } diff --git a/usr/local/www/diag_logs.php b/usr/local/www/diag_logs.php index 145d480..35b6231 100755 --- a/usr/local/www/diag_logs.php +++ b/usr/local/www/diag_logs.php @@ -54,10 +54,10 @@ if ($_POST['clear']) clear_log_file($system_logfile); if ($_GET['filtertext']) - $filtertext = $_GET['filtertext']; + $filtertext = htmlspecialchars($_GET['filtertext']); if ($_POST['filtertext']) - $filtertext = $_POST['filtertext']; + $filtertext = htmlspecialchars($_POST['filtertext']); if ($filtertext) $filtertextmeta="?filtertext=$filtertext"; diff --git a/usr/local/www/diag_logs_filter.php b/usr/local/www/diag_logs_filter.php index 02b2591..025a7a3 100755 --- a/usr/local/www/diag_logs_filter.php +++ b/usr/local/www/diag_logs_filter.php @@ -73,9 +73,9 @@ if($_GET['dnsip'] or $_POST['dnsip']) { $filtertext = ""; if($_GET['filtertext'] or $_POST['filtertext']) { if($_GET['filtertext']) - $filtertext = $_GET['filtertext']; + $filtertext = htmlspecialchars($_GET['filtertext']); if($_POST['filtertext']) - $filtertext = $_POST['filtertext']; + $filtertext = htmlspecialchars($_POST['filtertext']); } $filter_logfile = "{$g['varlog_path']}/filter.log"; diff --git a/usr/local/www/diag_logs_vpn.php b/usr/local/www/diag_logs_vpn.php index 36bdb58..adef3e1 100755 --- a/usr/local/www/diag_logs_vpn.php +++ b/usr/local/www/diag_logs_vpn.php @@ -49,8 +49,8 @@ $nentries = $config['syslog']['nentries']; if (!$nentries) $nentries = 50; -$vpntype = ($_GET['vpntype']) ? $_GET['vpntype'] : "pptp"; -$mode = ($_GET['mode']) ? $_GET['mode'] : "login"; +$vpntype = (htmlspecialchars($_GET['vpntype'])) ? htmlspecialchars($_GET['vpntype']) : "pptp"; +$mode = (htmlspecialchars($_GET['mode'])) ? htmlspecialchars($_GET['mode']) : "login"; if ($_POST['clear']) clear_log_file("/var/log/vpn.log"); diff --git a/usr/local/www/diag_smart.php b/usr/local/www/diag_smart.php index 11aae90..05239fa 100644 --- a/usr/local/www/diag_smart.php +++ b/usr/local/www/diag_smart.php @@ -208,7 +208,7 @@ switch($action) <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Email Address"); ?></td> <td width="78%" class="vtable"> - <input type="text" name="smartmonemail" value="<?=$pconfig['smartmonemail']?>"/> + <input type="text" name="smartmonemail" value="<?=htmlspecialchars($pconfig['smartmonemail'])?>"/> </td> </tr> <tr> diff --git a/usr/local/www/exec.php b/usr/local/www/exec.php index 2d29a83..e9b0259 100755 --- a/usr/local/www/exec.php +++ b/usr/local/www/exec.php @@ -104,8 +104,8 @@ if (isBlank( $_POST['txtRecallBuffer'] )) { } else { puts( " var arrRecallBuffer = new Array(" ); $arrBuffer = explode( "&", $_POST['txtRecallBuffer'] ); - for ($i=0; $i < (count( $arrBuffer ) - 1); $i++) puts( " '" . $arrBuffer[$i] . "'," ); - puts( " '" . $arrBuffer[count( $arrBuffer ) - 1] . "'" ); + for ($i=0; $i < (count( $arrBuffer ) - 1); $i++) puts( " '" . htmlspecialchars($arrBuffer[$i]) . "'," ); + puts( " '" . htmlspecialchars($arrBuffer[count( $arrBuffer ) - 1]) . "'" ); puts( " );" ); } @@ -259,7 +259,7 @@ if (!isBlank($_POST['txtPHPCommand'])) { <tr> <td valign="top"> </td> <td valign="top" class="label"> - <input type="hidden" name="txtRecallBuffer" value="<?=$_POST['txtRecallBuffer'] ?>"> + <input type="hidden" name="txtRecallBuffer" value="<?=htmlspecialchars($_POST['txtRecallBuffer']) ?>"> <input type="button" class="button" name="btnRecallPrev" value="<" onClick="btnRecall_onClick( this.form, -1 );"> <input type="submit" class="button" value="<?=gettext("Execute"); ?>"> <input type="button" class="button" name="btnRecallNext" value=">" onClick="btnRecall_onClick( this.form, 1 );"> diff --git a/usr/local/www/fbegin.inc b/usr/local/www/fbegin.inc index ac31fb6..d9c7641 100755 --- a/usr/local/www/fbegin.inc +++ b/usr/local/www/fbegin.inc @@ -125,7 +125,7 @@ $services_menu[] = array("IGMP proxy", "/services_igmpproxy.php"); $services_menu[] = array("Load Balancer", "/load_balancer_pool.php"); $services_menu[] = array("OLSR", "/pkg_edit.php?xml=olsrd.xml&id=0"); $services_menu[] = array("PPPoE Server", "/vpn_pppoe.php"); -$services_menu[] = array("RIP", "/pkg_edit.php?xml=routed/routed.xml&id=0"); +$services_menu[] = array("RIP", "/pkg_edit.php?xml=routed.xml&id=0"); $services_menu[] = array("SNMP", "/services_snmp.php"); if(count($config['interfaces']) > 1) { /* no use for UPnP in single-interface deployments @@ -222,7 +222,7 @@ if(! $g['disablehelpmenu']) { /* NOTICE ACKNOWLEDGE CODE by Erik Kristensen */ if ($_REQUEST['noticeaction'] == 'acknowledge') { - $notice_id = $_REQUEST['noticeid']; + $notice_id = htmlspecialchars($_REQUEST['noticeid']); close_notice($notice_id); } /**********************************************/ @@ -263,18 +263,18 @@ if ($_REQUEST['noticeaction'] == 'acknowledge') { $noticemsg = str_replace("<br>", "", $noticemsg); $extra_args = ""; if($_GET['xml']) - $extraargs="&xml=" . $_GET['xml']; + $extraargs="&xml=" . htmlspecialchars($_GET['xml']); if($_POST['xml']) - $extraargs="&xml=" . $_POST['xml']; + $extraargs="&xml=" . htmlspecialchars($_POST['xml']); if($_GET['id']) - $extraargs="&xml=" . $_GET['id']; + $extraargs="&xml=" . htmlspecialchars($_GET['id']); if($_POST['id']) - $extraargs="&xml=" . $_POST['id']; + $extraargs="&xml=" . htmlspecialchars($_POST['id']); $notice_msgs = '<a href="?noticeaction=acknowledge¬iceid=all' . $extraargs . '">Acknowledge All</a> .:. '; if ($value['url']) { - $notice_msgs .= $date.' - <a href="'.$url.'?'.$request_string.'¬iceaction=acknowledge¬iceid='.$key.'">['.$value['id'].']</a>'; + $notice_msgs .= $date.' - <a href="'.$url.'?' . htmlspecialchars($request_string) . '¬iceaction=acknowledge¬iceid='.$key.'">['.$value['id'].']</a>'; } else { - $notice_msgs .= $date.' - <a href="?'.$request_string.'¬iceaction=acknowledge¬iceid='.$key.'">['.$value['id'].']'.$noticemsg.'</a>'; + $notice_msgs .= $date.' - <a href="?' . htmlspecialchars($request_string) . '¬iceaction=acknowledge¬iceid='.$key.'">['.$value['id'].']'.htmlspecialchars($noticemsg).'</a>'; } $notice_msgs .= " .:. "; } diff --git a/usr/local/www/firewall_aliases_edit.php b/usr/local/www/firewall_aliases_edit.php index 8aa43f6..ec7572f 100755 --- a/usr/local/www/firewall_aliases_edit.php +++ b/usr/local/www/firewall_aliases_edit.php @@ -558,7 +558,7 @@ EOD; <input name="origname" type="hidden" id="origname" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['name']);?>" /> <input name="name" type="text" id="name" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['name']);?>" /> <?php if (isset($id) && $a_aliases[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>" /> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" /> <?php endif; ?> <br /> <span class="vexpl"> @@ -569,7 +569,7 @@ EOD; <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td> <td width="78%" class="vtable"> - <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=$pconfig['descr'];?>" /> + <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>" /> <br /> <span class="vexpl"> <?=gettext("You may enter a description here for your reference (not parsed)."); ?> diff --git a/usr/local/www/firewall_nat_1to1_edit.php b/usr/local/www/firewall_nat_1to1_edit.php index 8532755..199adef 100755 --- a/usr/local/www/firewall_nat_1to1_edit.php +++ b/usr/local/www/firewall_nat_1to1_edit.php @@ -305,11 +305,11 @@ function typesel_change() { <?=gettext("Hint: in most cases, you'll want to use WAN here"); ?>.</span></td> </tr> <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("External subnet"); ?></td> + <td width="22%" valign="top" class="vncellreq"><?=gettext("External subnet IP"); ?></td> <td width="78%" class="vtable"> <input name="external" type="text" class="formfldalias" id="external" size="20" value="<?=htmlspecialchars($pconfig['external']);?>"> <br/> - <span class="vexpl"><?=gettext("Enter the external (usually on a WAN) subnet's starting address for the 1:1 mapping."); ?><br> + <span class="vexpl"><?=gettext("Enter the external (usually on a WAN) subnet's starting address for the 1:1 mapping. The subnet mask from the source address below will be applied to this IP address."); ?><br> <?=gettext("Hint: this is generally an address owned by the router itself on the selected interface."); ?></span> </td> </tr> @@ -365,7 +365,7 @@ function typesel_change() { </tr> </table> <br/> - <span class="vexpl"><?=gettext("Enter the internal (LAN) subnet for the 1:1 mapping. The subnet size specified for the internal subnet also applies to the external subnet (they have to be the same)."); ?></span> + <span class="vexpl"><?=gettext("Enter the internal (LAN) subnet for the 1:1 mapping. The subnet size specified for the internal subnet will be applied to the external subnet."); ?></span> </td> </tr> <tr> @@ -447,7 +447,7 @@ function typesel_change() { <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>"> <input type="button" class="formbtn" value="<?=gettext("Cancel"); ?>" onclick="history.back()"> <?php if (isset($id) && $a_1to1[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/firewall_nat_edit.php b/usr/local/www/firewall_nat_edit.php index c6c50a5..d216a98 100755 --- a/usr/local/www/firewall_nat_edit.php +++ b/usr/local/www/firewall_nat_edit.php @@ -585,7 +585,7 @@ include("fbegin.inc"); ?> <option value="<?=$wkport;?>" <?php if ($wkport == $pconfig['srcbeginport']) { echo "selected"; $bfound = 1; } ?>><?=htmlspecialchars($wkportdesc);?></option> <?php endforeach; ?> </select> - <input autocomplete='off' class="formfldalias" name="srcbeginport_cust" id="srcbeginport_cust" type="text" size="5" value="<?php if (!$bfound && $pconfig['srcbeginport']) echo $pconfig['srcbeginport']; ?>"> + <input autocomplete='off' class="formfldalias" name="srcbeginport_cust" id="srcbeginport_cust" type="text" size="5" value="<?php if (!$bfound && $pconfig['srcbeginport']) echo htmlspecialchars($pconfig['srcbeginport']); ?>"> </td> </tr> <tr> @@ -598,7 +598,7 @@ include("fbegin.inc"); ?> <option value="<?=$wkport;?>" <?php if ($wkport == $pconfig['srcendport']) { echo "selected"; $bfound = 1; } ?>><?=htmlspecialchars($wkportdesc);?></option> <?php endforeach; ?> </select> - <input autocomplete='off' class="formfldalias" name="srcendport_cust" id="srcendport_cust" type="text" size="5" value="<?php if (!$bfound && $pconfig['srcendport']) echo $pconfig['srcendport']; ?>"> + <input autocomplete='off' class="formfldalias" name="srcendport_cust" id="srcendport_cust" type="text" size="5" value="<?php if (!$bfound && $pconfig['srcendport']) echo htmlspecialchars($pconfig['srcendport']); ?>"> </td> </tr> </table> @@ -695,7 +695,7 @@ include("fbegin.inc"); ?> <option value="<?=$wkport;?>" <?php if ($wkport == $pconfig['dstbeginport']) { echo "selected"; $bfound = 1; }?>><?=htmlspecialchars($wkportdesc);?></option> <?php endforeach; ?> </select> - <input autocomplete='off' class="formfldalias" name="dstbeginport_cust" id="dstbeginport_cust" type="text" size="5" value="<?php if (!$bfound && $pconfig['dstbeginport']) echo $pconfig['dstbeginport']; ?>"> + <input autocomplete='off' class="formfldalias" name="dstbeginport_cust" id="dstbeginport_cust" type="text" size="5" value="<?php if (!$bfound && $pconfig['dstbeginport']) echo htmlspecialchars($pconfig['dstbeginport']); ?>"> </td> </tr> <tr> @@ -708,7 +708,7 @@ include("fbegin.inc"); ?> <option value="<?=$wkport;?>" <?php if ($wkport == $pconfig['dstendport']) { echo "selected"; $bfound = 1; } ?>><?=htmlspecialchars($wkportdesc);?></option> <?php endforeach; ?> </select> - <input autocomplete='off' class="formfldalias" name="dstendport_cust" id="dstendport_cust" type="text" size="5" value="<?php if (!$bfound && $pconfig['dstendport']) echo $pconfig['dstendport']; ?>"> + <input autocomplete='off' class="formfldalias" name="dstendport_cust" id="dstendport_cust" type="text" size="5" value="<?php if (!$bfound && $pconfig['dstendport']) echo htmlspecialchars($pconfig['dstendport']); ?>"> </td> </tr> </table> @@ -741,7 +741,7 @@ include("fbegin.inc"); ?> <?=htmlspecialchars($wkportdesc);?> </option> <?php endforeach; ?> - </select> <input onChange="check_for_aliases();" autocomplete='off' class="formfldalias" name="localbeginport_cust" id="localbeginport_cust" type="text" size="5" value="<?php if (!$bfound) echo $pconfig['localbeginport']; ?>"> + </select> <input onChange="check_for_aliases();" autocomplete='off' class="formfldalias" name="localbeginport_cust" id="localbeginport_cust" type="text" size="5" value="<?php if (!$bfound) echo htmlspecialchars($pconfig['localbeginport']); ?>"> <br> <span class="vexpl"><?=gettext("Specify the port on the machine with the " . "IP address entered above. In case of a port range, specify " . @@ -825,7 +825,7 @@ include("fbegin.inc"); ?> <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>"> <input type="button" class="formbtn" value="<?=gettext("Cancel"); ?>" onclick="history.back()"> <?php if (isset($id) && $a_nat[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> </td> </tr> @@ -834,7 +834,7 @@ include("fbegin.inc"); ?> <script language="JavaScript"> <!-- ext_change(); - dst_change(document.iform.interface.value,'<?=$pconfig['interface']?>','<?=$pconfig['dst']?>'); + dst_change(document.iform.interface.value,'<?=htmlspecialchars($pconfig['interface'])?>','<?=htmlspecialchars($pconfig['dst'])?>'); var iface_old = document.iform.interface.value; typesel_change(); proto_change(); diff --git a/usr/local/www/firewall_nat_out.php b/usr/local/www/firewall_nat_out.php index fb59a60..bf72f2c 100755 --- a/usr/local/www/firewall_nat_out.php +++ b/usr/local/www/firewall_nat_out.php @@ -132,7 +132,7 @@ if (isset($_POST['save']) && $_POST['save'] == "Save") { $ossubnet = $config['pptpd']['pptp_subnet']; else $ossubnet = "32"; - $osn = gen_subnet($config['pptpd']['localip'], $osn); + $osn = gen_subnet($config['pptpd']['localip'], $ossubnet); $natent = array(); $natent['source']['network'] = "{$osn}/{$ossubnet}"; $natent['sourceport'] = ""; @@ -148,10 +148,10 @@ if (isset($_POST['save']) && $_POST['save'] == "Save") { if($config['pppoe']['mode'] == "server") { if (is_ipaddr($config['pppoe']['localip'])) { if($config['pppoe']['pppoe_subnet'] <> "") - $ossubnet = $config['pppoe']['pptp_subnet']; + $ossubnet = $config['pppoe']['pppoe_subnet']; else $ossubnet = "32"; - $osn = gen_subnet($config['pppoe']['localip'], $osn); + $osn = gen_subnet($config['pppoe']['localip'], $ossubnet); $natent = array(); $natent['source']['network'] = "{$osn}/{$ossubnet}"; $natent['sourceport'] = ""; @@ -167,10 +167,10 @@ if (isset($_POST['save']) && $_POST['save'] == "Save") { if($config['l2tp']['mode'] == "server") { if (is_ipaddr($config['l2tp']['localip'])) { if($config['l2tp']['l2tp_subnet'] <> "") - $ossubnet = $config['l2tp']['pptp_subnet']; + $ossubnet = $config['l2tp']['l2tp_subnet']; else $ossubnet = "32"; - $osn = gen_subnet($config['l2tp']['localip'], $osn); + $osn = gen_subnet($config['l2tp']['localip'], $ossubnet); $natent = array(); $natent['source']['network'] = "{$osn}/{$ossubnet}"; $natent['sourceport'] = ""; diff --git a/usr/local/www/firewall_nat_out_edit.php b/usr/local/www/firewall_nat_out_edit.php index fccb2e7..3484755 100755 --- a/usr/local/www/firewall_nat_out_edit.php +++ b/usr/local/www/firewall_nat_out_edit.php @@ -532,7 +532,7 @@ any)");?></td> <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>"> <input type="button" class="formbtn" value="<?=gettext("Cancel");?>" onclick="history.back()"> <?php if (isset($id) && $a_out[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/firewall_rules.php b/usr/local/www/firewall_rules.php index b3533e2..2cbc908 100755 --- a/usr/local/www/firewall_rules.php +++ b/usr/local/www/firewall_rules.php @@ -79,27 +79,33 @@ $ifdescs = get_configured_interface_with_descr(); // Drag and drop reordering if($_REQUEST['dragdroporder']) { // First create a new ruleset array and tmp arrays - $a_filter_unorder = array(); + $a_filter_before = array(); $a_filter_order = array(); $a_filter_order_tmp = array(); - // Pointer to id of item being reordered - $found = 0; + $a_filter_after = array(); + $found = false; $drag_order = $_REQUEST['dragtable']; // Next traverse through rules building a new order for interface for ($i = 0; isset($a_filter[$i]); $i++) { - if($a_filter[$i]['interface'] <> $_REQUEST['if']) - $a_filter_unorder[] = $a_filter[$i]; - else + if(( $_REQUEST['if'] == "FloatingRules" && isset($a_filter[$i]['floating']) ) || ( $a_filter[$i]['interface'] == $_REQUEST['if'] && !isset($a_filter[$i]['floating']) )) { $a_filter_order_tmp[] = $a_filter[$i]; + $found = true; + } else if (!$found) + $a_filter_before[] = $a_filter[$i]; + else + $a_filter_after[] = $a_filter[$i]; } // Reorder rules with the posted order - for ($i = 0; $i<count($drag_order); $i++) + for ($i = 0; $i<count($drag_order); $i++) $a_filter_order[] = $a_filter_order_tmp[$drag_order[$i]]; - unset($config['filter']['rule']); + // In case $drag_order didn't account for some rules, make sure we don't lose them + if(count($a_filter_order) < count($a_filter_order_tmp)) { + for ($i = 0; $i<count($a_filter_order_tmp); $i++) + if(!in_array($i, $drag_order)) + $a_filter_order[] = $a_filter_order_tmp[$i]; + } // Overwrite filter rules with newly created items - $config['filter']['rule'] = $a_filter_order; - foreach($a_filter_unorder as $aa) - $config['filter']['rule'][] = $aa; + $config['filter']['rule'] = array_merge($a_filter_before, $a_filter_order, $a_filter_after); // Write configuration $config = write_config("Drag and drop firewall rules ordering update."); // Redirect back to page @@ -365,11 +371,43 @@ if($_REQUEST['undodrag']) { <img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="<?gettext("delete selected rules"); ?>" border="0"><?php else: ?> <input name="del" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" title="<?=gettext("delete selected rules");?>" onclick="return confirm('<?=gettext('Do you really want to delete the selected rules?');?>')"><?php endif; ?> </td> - <td align="center" valign="middle"><a href="firewall_rules_edit.php?if=<?=$if;?>&after=-1"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add new rule");?>" width="17" height="17" border="0"></a></td> + <td align="center" valign="middle"><a href="firewall_rules_edit.php?if=<?=htmlspecialchars($if);?>&after=-1"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add new rule");?>" width="17" height="17" border="0"></a></td> </tr> </table> </td> </tr> +<?php // Show the anti-lockout rule if it's enabled, and we are on LAN with an if count > 1, or WAN with an if count of 1. + if (!isset($config['system']['webgui']['noantilockout']) && + (((count($config['interfaces']) > 1) && ($if == 'lan')) + || ((count($config['interfaces']) == 1) && ($if == 'wan')))): ?> + <tr valign="top" id="antilockout"> + <td class="list"> </td> + <td class="listt" align="center"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_pass.gif" width="11" height="11" border="0"></td> + <td class="listlr" style="background-color: #E0E0E0"></td> + <td class="listr" style="background-color: #E0E0E0">*</td> + <td class="listr" style="background-color: #E0E0E0">*</td> + <td class="listr" style="background-color: #E0E0E0">*</td> + <td class="listr" style="background-color: #E0E0E0"><?=$iflist[$if];?> Address</td> + <td class="listr" style="background-color: #E0E0E0">*</td> + <td class="listr" style="background-color: #E0E0E0">*</td> + <td class="listr" style="background-color: #E0E0E0">*</td> + <td class="listr" style="background-color: #E0E0E0"></td> + <td class="listbg"><?=gettext("Anti-Lockout Rule");?></td> + <td valign="middle" nowrap class="list"> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="<?=gettext("move selected rules before this rule");?>"></td> + <td><a href="system_advanced_admin.php"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit rule");?>" width="17" height="17" border="0"></a></td> + </tr> + <tr> + <td align="center" valign="middle"></td> + <td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus_d.gif" title="<?=gettext("add a new rule based on this one");?>" width="17" height="17" border="0"></td> + </tr> + </table> + </td> + </tr> +<?php endif; ?> + <?php if (isset($config['interfaces'][$if]['blockpriv'])): ?> <tr valign="top" id="frrfc1918"> <td class="list"> </td> @@ -388,7 +426,7 @@ if($_REQUEST['undodrag']) { <table border="0" cellspacing="0" cellpadding="1"> <tr> <td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="<?=gettext("move selected rules before this rule");?>"></td> - <td><a href="interfaces.php?if=<?=$if?>#rfc1918"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit rule");?>" width="17" height="17" border="0"></a></td> + <td><a href="interfaces.php?if=<?=htmlspecialchars($if)?>#rfc1918"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit rule");?>" width="17" height="17" border="0"></a></td> </tr> <tr> <td align="center" valign="middle"></td> @@ -416,7 +454,7 @@ if($_REQUEST['undodrag']) { <table border="0" cellspacing="0" cellpadding="1"> <tr> <td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="<?=gettext("move selected rules before this rule");?>"></td> - <td><a href="interfaces.php?if=<?=$if?>#rfc1918"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit rule");?>" width="17" height="17" border="0"></a></td> + <td><a href="interfaces.php?if=<?=htmlspecialchars($if)?>#rfc1918"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit rule");?>" width="17" height="17" border="0"></a></td> </tr> <tr> <td align="center" valign="middle"></td> @@ -459,7 +497,7 @@ if($_REQUEST['undodrag']) { $textss = $textse = ""; } ?> - <a href="?if=<?=$if;?>&act=toggle&id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfn;?>.gif" width="11" height="11" border="0" title="<?=gettext("click to toggle enabled/disabled status");?>"></a> + <a href="?if=<?=htmlspecialchars($if);?>&act=toggle&id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfn;?>.gif" width="11" height="11" border="0" title="<?=gettext("click to toggle enabled/disabled status");?>"></a> <?php if (isset($filterent['log'])): $iconfnlog = "log_s"; if (isset($filterent['disabled'])) @@ -695,7 +733,7 @@ if($_REQUEST['undodrag']) { <td><a href="firewall_rules_edit.php?id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit rule"); ?>" width="17" height="17" border="0"></a></td> </tr> <tr> - <td align="center" valign="middle"><a href="firewall_rules.php?act=del&if=<?=$if;?>&id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="<?=gettext("delete rule"); ?>" onclick="return confirm('Do you really want to delete this rule?')"></a></td> + <td align="center" valign="middle"><a href="firewall_rules.php?act=del&if=<?=htmlspecialchars($if);?>&id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="<?=gettext("delete rule"); ?>" onclick="return confirm('Do you really want to delete this rule?')"></a></td> <td><a href="firewall_rules_edit.php?dup=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add a new rule based on this one"); ?>" width="17" height="17" border="0"></a></td> </tr> </table> @@ -710,7 +748,7 @@ if($_REQUEST['undodrag']) { <span class="gray"> <?=gettext("No rules are currently defined for this interface"); ?><br> <?=gettext("All incoming connections on this interface will be blocked until you add pass rules."); ?><br><br> - <?=gettext("Click the"); ?> <a href="firewall_rules_edit.php?if=<?=$if;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add new rule");?>" border="0" width="17" height="17" align="absmiddle"></a><?=gettext(" button to add a new rule.");?></span> + <?=gettext("Click the"); ?> <a href="firewall_rules_edit.php?if=<?=htmlspecialchars($if);?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add new rule");?>" border="0" width="17" height="17" align="absmiddle"></a><?=gettext(" button to add a new rule.");?></span> </td> <?php endif; ?> <tr id="fr<?=$nrules;?>"> @@ -739,7 +777,7 @@ if($_REQUEST['undodrag']) { <img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="<?=gettext("delete selected rules");?>" border="0"><?php else: ?> <input name="del" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" title="<?=gettext("delete selected rules");?>" onclick="return confirm('<?=gettext('Do you really want to delete the selected rules?');?>')"><?php endif; ?> </td> - <td><a href="firewall_rules_edit.php?if=<?=$if;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add new rule");?>" width="17" height="17" border="0"></a></td> + <td><a href="firewall_rules_edit.php?if=<?=htmlspecialchars($if);?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add new rule");?>" width="17" height="17" border="0"></a></td> </tr> </table> </td> @@ -796,7 +834,7 @@ if($_REQUEST['undodrag']) { </td> </tr> </table> - <input type="hidden" name="if" value="<?=$if;?>"> + <input type="hidden" name="if" value="<?=htmlspecialchars($if);?>"> <script type="text/javascript"> var number_of_rules = <?=$nrules?>; <?php $nrules = 0; for ($i = 0; isset($a_filter[$i]); $i++): ?> @@ -818,7 +856,7 @@ if($_REQUEST['undodrag']) { $('redboxtable').hide(); $('loading').show(); document.body.style.cursor = 'wait'; - document.location = 'firewall_rules.php?if=<?=$if?>&dragdroporder=true&' + Sortable.serialize('dragtable', 'tr'); + document.location = 'firewall_rules.php?if=<?=htmlspecialchars($if);?>&dragdroporder=true&' + Sortable.serialize('dragtable', 'tr'); return; } $('loading').hide(); diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php index ff92196..e348c15 100755 --- a/usr/local/www/firewall_rules_edit.php +++ b/usr/local/www/firewall_rules_edit.php @@ -553,6 +553,7 @@ if ($_POST) { $a_filter[] = $filterent; } + filter_rules_sort(); write_config(); mark_subsystem_dirty('filter'); @@ -859,7 +860,7 @@ include("head.inc"); <option value="<?=$wkport;?>" <?php if ($wkport == $pconfig['srcbeginport']) { echo "selected"; $bfound = 1; } ?>><?=htmlspecialchars($wkportdesc);?></option> <?php endforeach; ?> </select> - <input <?=$edit_disabled;?> autocomplete='off' class="formfldalias" name="srcbeginport_cust" id="srcbeginport_cust" type="text" size="5" value="<?php if (!$bfound && $pconfig['srcbeginport']) echo $pconfig['srcbeginport']; ?>"> + <input <?=$edit_disabled;?> autocomplete='off' class="formfldalias" name="srcbeginport_cust" id="srcbeginport_cust" type="text" size="5" value="<?php if (!$bfound && $pconfig['srcbeginport']) echo htmlspecialchars($pconfig['srcbeginport']); ?>"> </td> </tr> <tr> @@ -872,7 +873,7 @@ include("head.inc"); <option value="<?=$wkport;?>" <?php if ($wkport == $pconfig['srcendport']) { echo "selected"; $bfound = 1; } ?>><?=htmlspecialchars($wkportdesc);?></option> <?php endforeach; ?> </select> - <input <?=$edit_disabled;?> autocomplete='off' class="formfldalias" name="srcendport_cust" id="srcendport_cust" type="text" size="5" value="<?php if (!$bfound && $pconfig['srcendport']) echo $pconfig['srcendport']; ?>"> + <input <?=$edit_disabled;?> autocomplete='off' class="formfldalias" name="srcendport_cust" id="srcendport_cust" type="text" size="5" value="<?php if (!$bfound && $pconfig['srcendport']) echo htmlspecialchars($pconfig['srcendport']); ?>"> </td> </tr> </table> @@ -950,7 +951,7 @@ include("head.inc"); <option value="<?=$wkport;?>" <?php if ($wkport == $pconfig['dstbeginport']) { echo "selected"; $bfound = 1; }?>><?=htmlspecialchars($wkportdesc);?></option> <?php endforeach; ?> </select> - <input <?=$edit_disabled;?> autocomplete='off' class="formfldalias" name="dstbeginport_cust" id="dstbeginport_cust" type="text" size="5" value="<?php if (!$bfound && $pconfig['dstbeginport']) echo $pconfig['dstbeginport']; ?>"> + <input <?=$edit_disabled;?> autocomplete='off' class="formfldalias" name="dstbeginport_cust" id="dstbeginport_cust" type="text" size="5" value="<?php if (!$bfound && $pconfig['dstbeginport']) echo htmlspecialchars($pconfig['dstbeginport']); ?>"> </td> </tr> <tr> @@ -963,7 +964,7 @@ include("head.inc"); <option value="<?=$wkport;?>" <?php if ($wkport == $pconfig['dstendport']) { echo "selected"; $bfound = 1; } ?>><?=htmlspecialchars($wkportdesc);?></option> <?php endforeach; ?> </select> - <input <?=$edit_disabled;?> autocomplete='off' class="formfldalias" name="dstendport_cust" id="dstendport_cust" type="text" size="5" value="<?php if (!$bfound && $pconfig['dstendport']) echo $pconfig['dstendport']; ?>"> + <input <?=$edit_disabled;?> autocomplete='off' class="formfldalias" name="dstendport_cust" id="dstendport_cust" type="text" size="5" value="<?php if (!$bfound && $pconfig['dstendport']) echo htmlspecialchars($pconfig['dstendport']); ?>"> </td> </tr> </table> @@ -999,9 +1000,9 @@ include("head.inc"); <br> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>"> <input type="button" class="formbtn" value="<?=gettext("Cancel"); ?>" onclick="history.back()"> <?php if (isset($id) && $a_filter[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> - <input name="after" type="hidden" value="<?=$after;?>"> + <input name="after" type="hidden" value="<?=htmlspecialchars($after);?>"> </td> </tr> <?php endif; ?> @@ -1080,11 +1081,11 @@ include("head.inc"); <input name="tagged" id="tagged" value="<?=htmlspecialchars($pconfig['tagged']);?>"> <br /><span class="vexpl"><?=gettext("You can match packet on a mark placed before on another rule.")?> </span> <p> - <input name="max" id="max" value="<?php echo $pconfig['max'] ?>"><br><?=gettext(" Maximum state entries this rule can create");?></p><p> - <input name="max-src-nodes" id="max-src-nodes" value="<?php echo $pconfig['max-src-nodes'] ?>"><br><?=gettext(" Maximum number of unique source hosts");?></p><p> - <input name="max-src-conn" id="max-src-conn" value="<?php echo $pconfig['max-src-conn'] ?>"><br><?=gettext(" Maximum number of established connections per host");?></p><p> - <input name="max-src-states" id="max-src-states" value="<?php echo $pconfig['max-src-states'] ?>"><br><?=gettext(" Maximum state entries per host");?></p><p> - <input name="max-src-conn-rate" id="max-src-conn-rate" value="<?php echo $pconfig['max-src-conn-rate'] ?>"> / + <input name="max" id="max" value="<?php echo htmlspecialchars($pconfig['max']) ?>"><br><?=gettext(" Maximum state entries this rule can create");?></p><p> + <input name="max-src-nodes" id="max-src-nodes" value="<?php echo htmlspecialchars($pconfig['max-src-nodes']) ?>"><br><?=gettext(" Maximum number of unique source hosts");?></p><p> + <input name="max-src-conn" id="max-src-conn" value="<?php echo htmlspecialchars($pconfig['max-src-conn']) ?>"><br><?=gettext(" Maximum number of established connections per host");?></p><p> + <input name="max-src-states" id="max-src-states" value="<?php echo htmlspecialchars($pconfig['max-src-states']) ?>"><br><?=gettext(" Maximum state entries per host");?></p><p> + <input name="max-src-conn-rate" id="max-src-conn-rate" value="<?php echo htmlspecialchars($pconfig['max-src-conn-rate']) ?>"> / <select name="max-src-conn-rates" id="max-src-conn-rates"> <option value=""<?php if(intval($pconfig['max-src-conn-rates']) < 1) echo " selected"; ?>></option> <?php for($x=1; $x<255; $x++) { @@ -1095,7 +1096,7 @@ include("head.inc"); <?=gettext("Maximum new connections / per second(s)");?> </p><p> - <input name="statetimeout" value="<?php echo $pconfig['statetimeout'] ?>"><br> + <input name="statetimeout" value="<?php echo htmlspecialchars($pconfig['statetimeout']) ?>"><br> <?=gettext("State Timeout in seconds");?> </p> @@ -1394,9 +1395,9 @@ include("head.inc"); <br> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>"> <input type="button" class="formbtn" value="<?=gettext("Cancel"); ?>" onclick="history.back()"> <?php if (isset($id) && $a_filter[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> - <input name="after" type="hidden" value="<?=$after;?>"> + <input name="after" type="hidden" value="<?=htmlspecialchars($after);?>"> </td> </tr> </table> diff --git a/usr/local/www/firewall_schedule_edit.php b/usr/local/www/firewall_schedule_edit.php index 74497c1..08b8b8c 100644 --- a/usr/local/www/firewall_schedule_edit.php +++ b/usr/local/www/firewall_schedule_edit.php @@ -622,11 +622,11 @@ function insertElements(tempFriendlyTime, starttimehour, starttimemin, stoptimeh tr.appendChild(td); td = d.createElement("td"); - td.innerHTML = "<input type='image' src='/themes/" + theme + "/images/icons/icon_e.gif' onclick='editRow(\"" + tempTime + "\",this); return false;' value='Edit'>"; + td.innerHTML = "<a onclick='editRow(\"" + tempTime + "\",this); return false;' href='#'><img border='0' src='/themes/" + theme + "/images/icons/icon_e.gif' /></a>"; tr.appendChild(td); td = d.createElement("td"); - td.innerHTML = "<input type='image' src='/themes/" + theme + "/images/icons/icon_x.gif' onclick='removeRow(this); return false;' value='Delete'>"; + td.innerHTML = "<a onclick='removeRow(this); return false;' href='#'><img border='0' src='/themes/" + theme + "/images/icons/icon_x.gif' /></a>"; tr.appendChild(td); td = d.createElement("td"); @@ -1131,10 +1131,10 @@ EOD; <input type='text' readonly class='vexpl' name='timedescr<?php echo $counter; ?>' id='timedescr<?php echo $counter; ?>' style=' word-wrap:break-word; width:100%; border:0px solid;' value='<?php echo $timedescr; ?>'> </td> <td> - <input type='image' src='/themes/<?php echo $g['theme']; ?>/images/icons/icon_e.gif' onclick='editRow("<?php echo $tempTime; ?>",this); return false;' value='Edit'> + <a onclick='editRow("<?php echo $tempTime; ?>",this); return false;' href='#'><img border='0' src='/themes/<?php echo $g['theme']; ?>/images/icons/icon_e.gif' /></a> </td> <td> - <input type='image' src='/themes/<?php echo $g['theme']; ?>/images/icons/icon_x.gif' onclick='removeRow(this); return false;' value='Delete'> + <a onclick='removeRow(this); return false;' href='#'><img border='0' src='/themes/<?php echo $g['theme']; ?>/images/icons/icon_x.gif' /></a> </td> <td> <input type='hidden' id='schedule<?php echo $counter; ?>' name='schedule<?php echo $counter; ?>' value='<?php echo $tempID; ?>'> @@ -1156,7 +1156,7 @@ EOD; <input id="submit" name="submit" type="submit" onclick="return checkForRanges();" class="formbtn" value="<?=gettext("Save"); ?>" /> <input id="cancelbutton" name="cancelbutton" type="button" class="formbtn" value="<?=gettext("Cancel"); ?>" onclick="history.back()" /> <?php if (isset($id) && $a_schedules[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>" /> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" /> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/firewall_shaper.php b/usr/local/www/firewall_shaper.php index 7de18d1..f3cdbab 100755 --- a/usr/local/www/firewall_shaper.php +++ b/usr/local/www/firewall_shaper.php @@ -65,17 +65,17 @@ if ($_GET) { if ($_GET['queue']) $qname = trim($_GET['queue']); if ($_GET['interface']) - $interface = trim($_GET['interface']); + $interface = htmlspecialchars(trim($_GET['interface'])); if ($_GET['action']) - $action = $_GET['action']; + $action = htmlspecialchars($_GET['action']); } if ($_POST) { if ($_POST['name']) - $qname = trim($_POST['name']); + $qname = htmlspecialchars(trim($_POST['name'])); if ($_POST['interface']) - $interface = trim($_POST['interface']); + $interface = htmlspecialchars(trim($_POST['interface'])); if ($_POST['parentqueue']) - $parentqueue = trim($_POST['parentqueue']); + $parentqueue = htmlspecialchars(trim($_POST['parentqueue'])); } if ($interface) { diff --git a/usr/local/www/firewall_shaper_layer7.php b/usr/local/www/firewall_shaper_layer7.php index a73506d..0a73a84 100755 --- a/usr/local/www/firewall_shaper_layer7.php +++ b/usr/local/www/firewall_shaper_layer7.php @@ -77,14 +77,14 @@ if($_GET['reset'] <> "") { if ($_GET) { if ($_GET['container']) - $name = trim($_GET['container']); + $name = htmlspecialchars(trim($_GET['container'])); if ($_GET['action']) - $action = $_GET['action']; + $action = htmlspecialchars($_GET['action']); } if($_POST) { if ($_POST['container']) { - $name = trim($_POST['container']); + $name = htmlspecialchars(trim($_POST['container'])); } } @@ -93,7 +93,6 @@ if ($name) { $container = $layer7_rules_list[$name]; } - if ($_GET) { switch ($action) { case "add": @@ -359,7 +358,7 @@ function addRow(table_id) { var tFielsNum = rows_count - initial_count[table_id]; if (rows_limit!=0 && tFielsNum >= rows_limit) return false; - var remove = '<input type = "image" src = "/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" onclick="removeRow(\''+table_id+'\',this.parentNode.parentNode)" value = "Delete" />'; + var remove = '<a onclick="removeRow(\''+table_id+'\',this.parentNode.parentNode)" href="#"><img border="0" src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" /></a>'; try { var newRow = tbl.insertRow(rows_count); @@ -540,7 +539,7 @@ include("fbegin.inc"); <?php endif; ?> </td> <td> - <input type="image" src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" onclick="removeRow('maintable',this.parentNode.parentNode); return false;" value="<?=gettext("Delete"); ?>" /> + <a onclick="removeRow('maintable',this.parentNode.parentNode); return false;" href="#"><img border="0" src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" /></a> </td> </tr> diff --git a/usr/local/www/firewall_shaper_queues.php b/usr/local/www/firewall_shaper_queues.php index ac3213a..32cf251 100755 --- a/usr/local/www/firewall_shaper_queues.php +++ b/usr/local/www/firewall_shaper_queues.php @@ -69,11 +69,11 @@ $tree .= "</ul>"; if ($_GET) { if ($_GET['queue']) - $qname = trim($_GET['queue']); + $qname = htmlspecialchars(trim($_GET['queue'])); if ($_GET['interface']) - $interface = trim($_GET['interface']); + $interface = htmlspecialchars(trim($_GET['interface'])); if ($_GET['action']) - $action = $_GET['action']; + $action = htmlspecialchars($_GET['action']); switch ($action) { case "delete": diff --git a/usr/local/www/firewall_shaper_vinterface.php b/usr/local/www/firewall_shaper_vinterface.php index 52f8698..865f048 100644 --- a/usr/local/www/firewall_shaper_vinterface.php +++ b/usr/local/www/firewall_shaper_vinterface.php @@ -62,21 +62,21 @@ read_dummynet_config(); if ($_GET) { if ($_GET['queue']) - $qname = trim($_GET['queue']); + $qname = htmlspecialchars(trim($_GET['queue'])); if ($_GET['pipe']) - $pipe = trim($_GET['pipe']); + $pipe = htmlspecialchars(trim($_GET['pipe'])); if ($_GET['action']) - $action = $_GET['action']; + $action = htmlspecialchars($_GET['action']); } if ($_POST) { if ($_POST['name']) - $qname = trim($_POST['name']); + $qname = htmlspecialchars(trim($_POST['name'])); if ($_POST['pipe']) - $pipe = trim($_POST['pipe']); + $pipe = htmlspecialchars(trim($_POST['pipe'])); else - $pipe = trim($_POST['name']); + $pipe = htmlspecialchars(trim($_POST['name'])); if ($_POST['parentqueue']) - $parentqueue = trim($_POST['parentqueue']); + $parentqueue = htmlspecialchars(trim($_POST['parentqueue'])); } if ($pipe) { diff --git a/usr/local/www/firewall_virtual_ip_edit.php b/usr/local/www/firewall_virtual_ip_edit.php index 1706cfd..a35c264 100755 --- a/usr/local/www/firewall_virtual_ip_edit.php +++ b/usr/local/www/firewall_virtual_ip_edit.php @@ -479,7 +479,7 @@ function typesel_change() { <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>"> <input type="button" class="formbtn" value="<?=gettext("Cancel"); ?>" onclick="history.back()"> <?php if (isset($id) && $a_vip[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/graph.php b/usr/local/www/graph.php index 14af862..fb11d42 100755 --- a/usr/local/www/graph.php +++ b/usr/local/www/graph.php @@ -51,6 +51,7 @@ header("Content-type: image/svg+xml"); /********** HTTP GET Based Conf ***********/ $ifnum=@$_GET["ifnum"]; // BSD / SNMP interface name / number +$ifnum = get_real_interface($ifnum); $ifname=@$_GET["ifname"]?$_GET["ifname"]:"Interface $ifnum"; //Interface name that will be showed on top right of graph /********* Other conf *******/ @@ -82,12 +83,12 @@ $attribs['error']='fill="blue" font-family="Arial" font-size="4"'; $attribs['collect_initial']='fill="gray" font-family="Tahoma, Verdana, Arial, Helvetica, sans-serif" font-size="4"'; //Error text if we cannot fetch data : depends on which method is used -$error_text = "Cannot get data about interface $ifnum"; +$error_text = "Cannot get data about interface " . htmlspecialchars($ifnum); $height=100; //SVG internal height : do not modify $width=200; //SVG internal width : do not modify -$fetch_link = "ifstats.php?if={$ifnum}"; +$fetch_link = "ifstats.php?if=" . htmlspecialchars($ifnum); /* check for custom theme colors */ if(file_exists("/usr/local/www/themes/{$g['theme']}/graph.php")) { @@ -112,7 +113,7 @@ print('<?xml version="1.0" encoding="iso-8859-1"?>' . "\n");?> <text id="graph_out_lbl" x="5" y="16" <?=$attribs['out']?>><?=gettext("Out"); ?></text> <text id="graph_in_txt" x="20" y="8" <?=$attribs['in']?>> </text> <text id="graph_out_txt" x="20" y="16" <?=$attribs['out']?>> </text> - <text id="ifname" x="<?=$width?>" y="8" <?=$attribs['graphname']?> text-anchor="end"><?=$ifname?></text> + <text id="ifname" x="<?=$width?>" y="8" <?=$attribs['graphname']?> text-anchor="end"><?=htmlspecialchars($ifname)?></text> <text id="switch_unit" x="<?=$width*0.55?>" y="5" <?=$attribs['switch_unit']?>><?=gettext("Switch to bytes/s"); ?></text> <text id="switch_scale" x="<?=$width*0.55?>" y="11" <?=$attribs['switch_scale']?>><?=gettext("AutoScale"); ?> (<?=$scale_type?>)</text> <text id="datetime" x="<?=$width*0.33?>" y="5" <?=$attribs['legend']?>> </text> diff --git a/usr/local/www/guiconfig.inc b/usr/local/www/guiconfig.inc index 458488e..bafb8fa 100755 --- a/usr/local/www/guiconfig.inc +++ b/usr/local/www/guiconfig.inc @@ -34,6 +34,12 @@ /* Include authentication routines */ /* THIS MUST BE ABOVE ALL OTHER CODE */ +if(!$nocsrf) { + function csrf_startup() { + csrf_conf('rewrite-js', '/csrf/csrf-magic.js'); + } + require_once("csrf/csrf-magic.php"); +} require_once("authgui.inc"); /* make sure nothing is cached */ @@ -454,29 +460,6 @@ function pprint_port($port) { return $pport; } -/* sort by interface only, retain the original order of rules that apply to - the same interface */ -function filter_rules_sort() { - global $config; - - /* mark each rule with the sequence number (to retain the order while sorting) */ - for ($i = 0; isset($config['filter']['rule'][$i]); $i++) - $config['filter']['rule'][$i]['seq'] = $i; - - function filtercmp($a, $b) { - if ($a['interface'] == $b['interface']) - return $a['seq'] - $b['seq']; - else - return -strcmp($a['interface'], $b['interface']); - } - - usort($config['filter']['rule'], "filtercmp"); - - /* strip the sequence numbers again */ - for ($i = 0; isset($config['filter']['rule'][$i]); $i++) - unset($config['filter']['rule'][$i]['seq']); -} - function firewall_check_for_advanced_options(&$item) { $item_set = ""; if($item['max']) diff --git a/usr/local/www/installer.php b/usr/local/www/installer.php index 32124a4..aa3b9c0 100644 --- a/usr/local/www/installer.php +++ b/usr/local/www/installer.php @@ -27,6 +27,8 @@ POSSIBILITY OF SUCH DAMAGE. */ +$nocsrf = true; + require("globals.inc"); require("guiconfig.inc"); @@ -289,7 +291,7 @@ function begin_install() { return; unlink_if_exists("/tmp/install_complete"); if($_REQUEST['disk']) - $disk = $_REQUEST['disk']; + $disk = htmlspecialchars($_REQUEST['disk']); else $disk = installer_find_first_disk(); if(!$disk) { @@ -302,7 +304,7 @@ function begin_install() { } // Handle other type of file systems if($_REQUEST['fstype']) - $fstype = strtoupper($_REQUEST['fstype']); + $fstype = htmlspecialchars(strtoupper($_REQUEST['fstype'])); else $fstype = "UFS+S"; write_out_pc_sysinstaller_config($disk, $fstype); @@ -422,15 +424,18 @@ function verify_before_install() { head_html(); body_html(); page_table_start(); - $disk = pcsysinstall_get_disk_info($_REQUEST['disk']); + $disk = pcsysinstall_get_disk_info(htmlspecialchars($_REQUEST['disk'])); $disksize = format_bytes($disk['size'] * 1048576); - $swapsize = $_REQUEST['swapsize']; + $swapsize = htmlspecialchars($_REQUEST['swapsize']); + $fstype_echo = htmlspecialchars($_REQUEST['fstype']); + $disk_echo = htmlspecialchars($_REQUEST['disk']); + $swapsize_echo = htmlspecialchars($_REQUEST['swapsize']); echo <<<EOF <form method="post" action="installer.php"> - <input type="hidden" name="fstype" value="{$_REQUEST['fstype']}"> - <input type="hidden" name="disk" value="{$_REQUEST['disk']}"> + <input type="hidden" name="fstype" value="{$fstype_echo}"> + <input type="hidden" name="disk" value="{$disk_echo}"> <input type="hidden" name="state" value="begin_install"> - <input type="hidden" name="swapsize" value="{$_REQUEST['swapsize']}"> + <input type="hidden" name="swapsize" value="{$swapsize_echo}"> <div id="mainlevel"> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> @@ -451,11 +456,11 @@ function verify_before_install() { </table> <p/> <table> - <tr><td align="right"><b>Disk:</td><td>{$_REQUEST['disk']}</td></tr> + <tr><td align="right"><b>Disk:</td><td>{$disk_echo}</td></tr> <tr><td align="right"><b>Description:</td><td>{$disk['desc']}</td></tr> <tr><td align="right"><b>Size:</td><td>{$disksize}</td></tr> - <tr><td align="right"><b>SWAP Size:</td><td>{$_REQUEST['swapsize']}</td></tr> - <tr><td align="right"><b>Filesystem:</td><td>{$_REQUEST['fstype']}</td></tr> + <tr><td align="right"><b>SWAP Size:</td><td>{$swapsize}</td></tr> + <tr><td align="right"><b>Filesystem:</td><td>{$fstype_echo}</td></tr> </table> </div> </center> diff --git a/usr/local/www/interfaces.php b/usr/local/www/interfaces.php index bae7255..2a03124 100755 --- a/usr/local/www/interfaces.php +++ b/usr/local/www/interfaces.php @@ -4,7 +4,7 @@ interfaces.php Copyright (C) 2004-2008 Scott Ullrich Copyright (C) 2006 Daniel S. Haischt. - Copyright (C) 2008 Ermal Luçi + Copyright (C) 2008-2010 Ermal Luçi All rights reserved. originally part of m0n0wall (http://m0n0.ch/wall) @@ -54,10 +54,16 @@ require_once("rrd.inc"); require_once("vpn.inc"); require_once("xmlparse_attr.inc"); -if ($_REQUEST['if']) { +// Get configured interface list +$ifdescrs = get_configured_interface_with_descr(false, true); + +$if = "wan"; +if ($_REQUEST['if']) $if = $_REQUEST['if']; -} else { - $if = "wan"; + +if (empty($ifdescrs[$if])) { + Header("Location: interfaces.php"); + exit; } define("CRON_MONTHLY_PATTERN", "0 0 1 * *"); @@ -76,10 +82,15 @@ function remove_bad_chars($string) { if (!is_array($config['gateways']['gateway_item'])) $config['gateways']['gateway_item'] = array(); - $a_gateways = &$config['gateways']['gateway_item']; $wancfg = &$config['interfaces'][$if]; +// Populate page descr if it does not exist. +if ($if == "wan" && !$wancfg['descr']) + $wancfg['descr'] = "WAN"; +else if ($if == "lan" && !$wancfg['descr']) + $wancfg['descr'] = "LAN"; + foreach ($a_ppps as $pppid => $ppp) { if ($wancfg['if'] == $ppp['if']) @@ -164,13 +175,6 @@ if ($wancfg['if'] == $a_ppps[$pppid]['if']) { $pconfig['dhcphostname'] = $wancfg['dhcphostname']; $pconfig['alias-address'] = $wancfg['alias-address']; $pconfig['alias-subnet'] = $wancfg['alias-subnet']; - -// Populate page descr if it does not exist. -if($if == "wan" && !$wancfg['descr']) { - $wancfg['descr'] = "WAN"; -} else if ($if == "lan" && !$wancfg['descr']) { - $wancfg['descr'] = "LAN"; -} $pconfig['descr'] = remove_bad_chars($wancfg['descr']); $pconfig['enable'] = isset($wancfg['enable']); @@ -204,9 +208,8 @@ switch($wancfg['ipaddr']) { if((is_ipaddr($wancfg['ipaddrv6'])) && (is_ipaddr($wancfg['ipaddr']))) { $pconfig['type'] = "staticv4v6"; } - } else { + } else $pconfig['type'] = "none"; - } break; } @@ -323,15 +326,18 @@ if ($_POST['apply']) { else { unlink_if_exists("{$g['tmp_path']}/config.cache"); clear_subsystem_dirty('interfaces'); - if ($pconfig['enable']) - interface_configure($if, true); - else - interface_bring_down($if); + if (file_exists("{$g['tmp_path']}/.interfaces.apply")) { + $toapplylist = unserialize(file_get_contents("{$g['tmp_path']}/.interfaces.apply")); + foreach ($toapplylist as $ifapply) { + if (isset($config['interfaces'][$ifapply]['enable'])) + interface_configure($ifapply, true); + else + interface_bring_down($ifapply); + } + } /* restart snmp so that it binds to correct address */ services_snmpd_configure(); - if ($if == "lan") - $savemsg = gettext("The changes have been applied. You may need to correct your web browser's IP address."); /* sync filter configuration */ setup_gateways_monitor(); @@ -342,22 +348,25 @@ if ($_POST['apply']) { enable_rrd_graphing(); } + @unlink("{$g['tmp_path']}/.interfaces.apply"); header("Location: interfaces.php?if={$if}"); exit; -} else - -if ($_POST && $_POST['enable'] != "yes") { +} else if ($_POST && $_POST['enable'] != "yes") { unset($wancfg['enable']); - if (isset($wancfg['wireless'])) { + if (isset($wancfg['wireless'])) interface_sync_wireless_clones($wancfg, false); - } write_config("Interface {$_POST['descr']}({$if}) is now disabled."); mark_subsystem_dirty('interfaces'); + if (file_exists("{$g['tmp_path']}/.interfaces.apply")) + $toapplylist = unserialize(file_get_contents("{$g['tmp_path']}/.interfaces.apply")); + else + $toapplylist = array(); + $toapplylist[$if] = $if; + file_put_contents("{$g['tmp_path']}/.interfaces.apply", serialize($toapplylist)); header("Location: interfaces.php?if={$if}"); exit; -} else +} else if ($_POST) { -if ($_POST) { unset($input_errors); $pconfig = $_POST; conf_mount_rw(); @@ -378,10 +387,8 @@ if ($_POST) { unset($_POST['pppoe_resetdate']); unset($_POST['pppoe_pr_preset_val']); } - /* optional interface if list */ - $iflist = get_configured_interface_with_descr(false, true); /* description unique? */ - foreach ($iflist as $ifent => $ifdescr) { + foreach ($ifdescrs as $ifent => $ifdescr) { if ($if != $ifent && $ifdescr == $_POST['descr']) { $input_errors[] = gettext("An interface with the specified description already exists."); break; @@ -762,17 +769,25 @@ if ($_POST) { handle_wireless_post(); } + conf_mount_ro(); write_config(); + + if (file_exists("{$g['tmp_path']}/.interfaces.apply")) + $toapplylist = unserialize(file_get_contents("{$g['tmp_path']}/.interfaces.apply")); + else + $toapplylist = array(); + $toapplylist[$if] = $if; + file_put_contents("{$g['tmp_path']}/.interfaces.apply", serialize($toapplylist)); + mark_subsystem_dirty('interfaces'); + /* regenerate cron settings/crontab file */ configure_cron(); - conf_mount_ro(); + header("Location: interfaces.php?if={$if}"); exit; } - - } // end if($_POST) function handle_wireless_post() { @@ -936,7 +951,7 @@ function check_wireless_mode() { } } -$pgtitle = array(gettext("Interfaces"), $pconfig['descr']); +$pgtitle = array(gettext("Interfaces"), strtoupper($pconfig['descr'])); $statusurl = "status_interfaces.php"; $closehead = false; @@ -2233,9 +2248,9 @@ $types = array("none" => gettext("None"), "staticv4" => gettext("Static IPv4"), <input id="cancel" type="button" class="formbtn" value="<?=gettext("Cancel"); ?>" onclick="history.back()"> <input name="if" type="hidden" id="if" value="<?=$if;?>"> <?php if ($wancfg['if'] == $a_ppps[$pppid]['if']) : ?> - <input name="ppp_port" type="hidden" value="<?=$pconfig['port'];?>"> + <input name="ppp_port" type="hidden" value="<?=htmlspecialchars($pconfig['port']);?>"> <?php endif; ?> - <input name="ptpid" type="hidden" value="<?=$pconfig['ptpid'];?>"> + <input name="ptpid" type="hidden" value="<?=htmlspecialchars($pconfig['ptpid']);?>"> </td> </tr> </table> diff --git a/usr/local/www/interfaces_assign.php b/usr/local/www/interfaces_assign.php index 41f0fd2..fbd6e7f 100755 --- a/usr/local/www/interfaces_assign.php +++ b/usr/local/www/interfaces_assign.php @@ -320,7 +320,7 @@ if ($_GET['act'] == "add") { $config['interfaces'][$newifname]['descr'] = $descr; } - uksort($config['interfaces'], "compare_interface_names"); + uksort($config['interfaces'], "compare_interface_friendly_names"); /* Find an unused port for this interface */ foreach ($portlist as $portname => $portinfo) { @@ -350,21 +350,6 @@ if ($_GET['act'] == "add") { } -function compare_interface_names($a, $b) { - if ($a == $b) - return 0; - else if ($a == 'wan') - return -1; - else if ($b == 'wan') - return 1; - else if ($a == 'lan') - return -1; - else if ($b == 'lan') - return 1; - - return strnatcmp($a, $b); -} - include("head.inc"); if(file_exists("/var/run/interface_mismatch_reboot_needed")) @@ -416,7 +401,7 @@ if(file_exists("/var/run/interface_mismatch_reboot_needed")) </tr> <?php foreach ($config['interfaces'] as $ifname => $iface): if ($iface['descr']) - $ifdescr = $iface['descr']; + $ifdescr = strtoupper($iface['descr']); else $ifdescr = strtoupper($ifname); ?> @@ -429,7 +414,7 @@ if(file_exists("/var/run/interface_mismatch_reboot_needed")) <?php if ($portinfo['isvlan']) { $descr = sprintf(gettext('VLAN %1$s on %2$s'),$portinfo['tag'],$portinfo['if']); if ($portinfo['descr']) - $descr .= " (" . $portinfo['descr'] . ")"; + $descr .= " (" . strtoupper($portinfo['descr']) . ")"; echo htmlspecialchars($descr); } elseif ($portinfo['iswlclone']) { $descr = $portinfo['cloneif']; diff --git a/usr/local/www/interfaces_bridge_edit.php b/usr/local/www/interfaces_bridge_edit.php index 6408fc0..06d5b94 100644 --- a/usr/local/www/interfaces_bridge_edit.php +++ b/usr/local/www/interfaces_bridge_edit.php @@ -268,7 +268,7 @@ function show_source_port_range() { <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td> <td width="78%" class="vtable"> - <input type="text" name="descr" id="descr" class="formfld unknown" size="50" value="<?=$pconfig['descr'];?>"> + <input type="text" name="descr" id="descr" class="formfld unknown" size="50" value="<?=htmlspecialchars($pconfig['descr']);?>"> </td> </tr> <tr id="sprtable" name="sprtable"> @@ -321,7 +321,7 @@ function show_source_port_range() { </td></tr> <tr><td valign="top" class="vncell" width="20%"><?=gettext("Valid time"); ?></td> <td class="vtable" width="80%"> - <input name="maxage" type="text" class="formfld unkown" id="maxage" size="8" value="<?=$pconfig['maxage'];?>"> <?=gettext("seconds"); ?> + <input name="maxage" type="text" class="formfld unkown" id="maxage" size="8" value="<?=htmlspecialchars($pconfig['maxage']);?>"> <?=gettext("seconds"); ?> <br/> <span class="vexpl"> <?=gettext("Set the time that a Spanning Tree Protocol configuration is " . @@ -331,7 +331,7 @@ function show_source_port_range() { </td></tr> <tr><td valign="top" class="vncell" width="20%"><?=gettext("Forward time"); ?> </td> <td class="vtable" width="80%"> - <input name="fwdelay" type="text" class="formfld unkown" id="fwdelay" size="8" value="<?=$pconfig['fwdelay'];?>"> <?=gettext("seconds"); ?> + <input name="fwdelay" type="text" class="formfld unkown" id="fwdelay" size="8" value="<?=htmlspecialchars($pconfig['fwdelay']);?>"> <?=gettext("seconds"); ?> <br/> <span class="vexpl"> <?=gettext("Set the time that must pass before an interface begins forwarding " . @@ -340,7 +340,7 @@ function show_source_port_range() { </td></tr> <tr><td valign="top" class="vncell" width="20%"><?=gettext("Hello time"); ?></td> <td class="vtable" width="80%"> - <input name="hellotime" type="text" class="formfld unkown" size="8" id="hellotime" value="<?=$pconfig['hellotime'];?>"> <?=gettext("seconds"); ?> + <input name="hellotime" type="text" class="formfld unkown" size="8" id="hellotime" value="<?=htmlspecialchars($pconfig['hellotime']);?>"> <?=gettext("seconds"); ?> <br/> <span class="vexpl"> <?=gettext("Set the time between broadcasting of Spanning Tree Protocol configuration messages. The hello time may only be changed when " . @@ -349,7 +349,7 @@ function show_source_port_range() { </td></tr> <tr><td valign="top" class="vncell" width="20%"><?=gettext("Priority"); ?></td> <td class="vtable" width="80%"> - <input name="priority" type="text" class="formfld unkown" id="priority" value="<?=$pconfig['priority'];?>"> + <input name="priority" type="text" class="formfld unkown" id="priority" value="<?=htmlspecialchars($pconfig['priority']);?>"> <br/> <span class="vexpl"> <?=gettext("Set the bridge priority for Spanning Tree. The default is 32768. " . @@ -358,7 +358,7 @@ function show_source_port_range() { </td></tr> <tr><td valign="top" class="vncell" width="20%"><?=gettext("Hold count"); ?></td> <td class="vtable" width="80%"> - <input name="holdcnt" type="text" class="formfld unkown" id="holdcnt" value="<?=$pconfig['holdcnt'];?>"> + <input name="holdcnt" type="text" class="formfld unkown" id="holdcnt" value="<?=htmlspecialchars($pconfig['holdcnt']);?>"> <br/> <span class="vexpl"> <?=gettext("Set the transmit hold count for Spanning Tree. This is the num- " . @@ -399,7 +399,7 @@ function show_source_port_range() { <tr style="display:none" id="sprtable2" name="sprtable2"> <td valign="top" class="vncell"><?=gettext("Cache size"); ?></td> <td class="vtable"> - <input name="maxaddr" size="10" type="text" class="formfld unkown" id="maxaddr" value="<?=$pconfig['maxaddr'];?>"> <?=gettext("entries"); ?> + <input name="maxaddr" size="10" type="text" class="formfld unkown" id="maxaddr" value="<?=htmlspecialchars($pconfig['maxaddr']);?>"> <?=gettext("entries"); ?> <br/><span class="vexpl"> <?=gettext("Set the size of the bridge address cache to size. The default is " . ".100 entries."); ?> @@ -409,7 +409,7 @@ function show_source_port_range() { <tr style="display:none" id="sprtable3" name="sprtable3"> <td valign="top" class="vncell"><?=gettext("Cache entry expire time"); ?></td> <td> - <input name="timeout" type="text" class="formfld unkown" id="timeout" size="10" value="<?=$pconfig['timeout'];?>"> <?=gettext("seconds"); ?> + <input name="timeout" type="text" class="formfld unkown" id="timeout" size="10" value="<?=htmlspecialchars($pconfig['timeout']);?>"> <?=gettext("seconds"); ?> <br/><span class="vexpl"> <?=gettext("Set the timeout of address cache entries to this number of seconds. If " . "seconds is zero, then address cache entries will not be expired. " . @@ -575,10 +575,10 @@ function show_source_port_range() { <tr> <td width="22%" valign="top"> </td> <td width="78%"> - <input type="hidden" name="bridgeif" value="<?=$pconfig['bridgeif']; ?>"> + <input type="hidden" name="bridgeif" value="<?=htmlspecialchars($pconfig['bridgeif']); ?>"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>"> <input type="button" value="<?=gettext("Cancel"); ?>" onclick="history.back()"> <?php if (isset($id) && $a_bridges[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/interfaces_gif_edit.php b/usr/local/www/interfaces_gif_edit.php index 9090d52..fc21620 100644 --- a/usr/local/www/interfaces_gif_edit.php +++ b/usr/local/www/interfaces_gif_edit.php @@ -150,21 +150,21 @@ include("head.inc"); <tr> <td valign="top" class="vncellreq"><?=gettext("gif remote address"); ?></td> <td class="vtable"> - <input name="remote-addr" type="text" class="formfld unknown" id="remote-addr" size="24" value="<?=$pconfig['remote-addr'];?>"> + <input name="remote-addr" type="text" class="formfld unknown" id="remote-addr" size="24" value="<?=htmlspecialchars($pconfig['remote-addr']);?>"> <br> <span class="vexpl"><?=gettext("Peer address where encapsulated gif packets will be sent. "); ?></span></td> </tr> <tr> <td valign="top" class="vncellreq"><?=gettext("gif tunnel local address"); ?></td> <td class="vtable"> - <input name="tunnel-local-addr" type="text" class="formfld unknown" id="tunnel-local-addr" size="24" value="<?=$pconfig['tunnel-local-addr'];?>"> + <input name="tunnel-local-addr" type="text" class="formfld unknown" id="tunnel-local-addr" size="24" value="<?=htmlspecialchars($pconfig['tunnel-local-addr']);?>"> <br> <span class="vexpl"><?=gettext("Local gif tunnel endpoint"); ?></span></td> </tr> <tr> <td valign="top" class="vncellreq"><?=gettext("gif tunnel remote address "); ?></td> <td class="vtable"> - <input name="tunnel-remote-addr" type="text" class="formfld unknown" id="tunnel-remote-addr" size="24" value="<?=$pconfig['tunnel-remote-addr'];?>"> + <input name="tunnel-remote-addr" type="text" class="formfld unknown" id="tunnel-remote-addr" size="24" value="<?=htmlspecialchars($pconfig['tunnel-remote-addr']);?>"> <select name="tunnel-remote-net" class="formselect" id="tunnel-remote-net"> <?php for ($i = 128; $i > 0; $i--) { @@ -206,10 +206,10 @@ include("head.inc"); <tr> <td width="22%" valign="top"> </td> <td width="78%"> - <input type="hidden" name="gifif" value="<?=$pconfig['gifif']; ?>"> + <input type="hidden" name="gifif" value="<?=htmlspecialchars($pconfig['gifif']); ?>"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>"> <input type="button" value="<?=gettext("Cancel"); ?>" onclick="history.back()"> <?php if (isset($id) && $a_gifs[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/interfaces_gre_edit.php b/usr/local/www/interfaces_gre_edit.php index 3eae000..f0f0a84 100644 --- a/usr/local/www/interfaces_gre_edit.php +++ b/usr/local/www/interfaces_gre_edit.php @@ -84,8 +84,8 @@ if ($_POST) { if (isset($id) && ($a_gres[$id]) && ($a_gres[$id] === $gre)) continue; - if (($gre['if'] == $_POST['if']) && ($gre['tunnel-remote-net'] == $_POST['tunnel-remote-net'])) { - $input_errors[] = sprintf(gettext("A gre with the network %s is already defined."),$gre['remote-network']); + if (($gre['if'] == $_POST['if']) && ($gre['tunnel-remote-addr'] == $_POST['tunnel-remote-addr'])) { + $input_errors[] = sprintf(gettext("A GRE tunnel with the network %s is already defined."),$gre['remote-network']); break; } } @@ -153,21 +153,21 @@ include("head.inc"); <tr> <td valign="top" class="vncellreq"><?=gettext("GRE remote address");?></td> <td class="vtable"> - <input name="remote-addr" type="text" class="formfld unknown" id="remote-addr" size="16" value="<?=$pconfig['remote-addr'];?>"> + <input name="remote-addr" type="text" class="formfld unknown" id="remote-addr" size="16" value="<?=htmlspecialchars($pconfig['remote-addr']);?>"> <br> <span class="vexpl"><?=gettext("Peer address where encapsulated GRE packets will be sent ");?></span></td> </tr> <tr> <td valign="top" class="vncellreq"><?=gettext("GRE tunnel local address ");?></td> <td class="vtable"> - <input name="tunnel-local-addr" type="text" class="formfld unknown" id="tunnel-local-addr" size="16" value="<?=$pconfig['tunnel-local-addr'];?>"> + <input name="tunnel-local-addr" type="text" class="formfld unknown" id="tunnel-local-addr" size="16" value="<?=htmlspecialchars($pconfig['tunnel-local-addr']);?>"> <br> <span class="vexpl"><?=gettext("Local GRE tunnel endpoint");?></span></td> </tr> <tr> <td valign="top" class="vncellreq"><?=gettext("GRE tunnel remote address ");?></td> <td class="vtable"> - <input name="tunnel-remote-addr" type="text" class="formfld unknown" id="tunnel-remote-addr" size="16" value="<?=$pconfig['tunnel-remote-addr'];?>"> + <input name="tunnel-remote-addr" type="text" class="formfld unknown" id="tunnel-remote-addr" size="16" value="<?=htmlspecialchars($pconfig['tunnel-remote-addr']);?>"> <select name="tunnel-remote-net" class="formselect" id="tunnel-remote-net"> <?php for ($i = 32; $i > 0; $i--) { @@ -218,10 +218,10 @@ include("head.inc"); <tr> <td width="22%" valign="top"> </td> <td width="78%"> - <input type="hidden" name="greif" value="<?=$pconfig['greif']; ?>"> + <input type="hidden" name="greif" value="<?=htmlspecialchars($pconfig['greif']); ?>"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>"> <input type="button" value="<?=gettext("Cancel");?>" onclick="history.back()"> <?php if (isset($id) && $a_gres[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/interfaces_groups_edit.php b/usr/local/www/interfaces_groups_edit.php index 1906a69..adfb102 100755 --- a/usr/local/www/interfaces_groups_edit.php +++ b/usr/local/www/interfaces_groups_edit.php @@ -212,7 +212,7 @@ var addRowTo = (function() { td = d.createElement("td"); td.rowSpan = "1"; - td.innerHTML = '<input type="image" src="/themes/' + theme + '/images/icons/icon_x.gif" onclick="removeRow(this);return false;" value="Delete">'; + td.innerHTML = '<a onclick="removeRow(this);return false;" href="#"><img border="0" src="/themes/' + theme + '/images/icons/icon_x.gif" /></a>'; tr.appendChild(td); tbody.appendChild(tr); totalrows++; @@ -251,7 +251,7 @@ function removeRow(el) { <tr> <td valign="top" class="vncellreq"><?=gettext("Group Name");?></td> <td class="vtable"> - <input class="formfld unknown" name="ifname" id="ifname" value="<?=$pconfig['ifname'];?>" /> + <input class="formfld unknown" name="ifname" id="ifname" value="<?=htmlspecialchars($pconfig['ifname']);?>" /> <br /> <?=gettext("No numbers or spaces are allowed. Only characters in a-zA-Z");?> </td> @@ -259,7 +259,7 @@ function removeRow(el) { <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Description");?></td> <td width="78%" class="vtable"> - <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=$pconfig['descr'];?>" /> + <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>" /> <br /> <span class="vexpl"> <?=gettext("You may enter a description here for your reference (not parsed).");?> @@ -298,7 +298,7 @@ function removeRow(el) { </select> </td> <td> - <input type="image" src="/themes/<?echo $g['theme'];?>/images/icons/icon_x.gif" onclick="removeRow(this); return false;" value="<?=gettext("Delete");?>" /> + <a onclick="removeRow(this); return false;" href="#"><img border="0" src="/themes/<?echo $g['theme'];?>/images/icons/icon_x.gif" /></a> </td> </tr> <?php @@ -323,7 +323,7 @@ function removeRow(el) { <input id="submit" name="submit" type="submit" class="formbtn" value="<?=gettext("Save");?>" /> <a href="interfaces_groups.php"><input id="cancelbutton" name="cancelbutton" type="button" class="formbtn" value="<?=gettext("Cancel");?>" /></a> <?php if (isset($id) && $a_ifgroups[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>" /> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" /> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/interfaces_lagg_edit.php b/usr/local/www/interfaces_lagg_edit.php index c7d1ef9..b65597c 100644 --- a/usr/local/www/interfaces_lagg_edit.php +++ b/usr/local/www/interfaces_lagg_edit.php @@ -205,10 +205,10 @@ include("head.inc"); <tr> <td width="22%" valign="top"> </td> <td width="78%"> - <input type="hidden" name="laggif" value="<?=$pconfig['laggif']; ?>"> + <input type="hidden" name="laggif" value="<?=htmlspecialchars($pconfig['laggif']); ?>"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>"> <input type="button" value="<?=gettext("Cancel"); ?>" onclick="history.back()"> <?php if (isset($id) && $a_laggs[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/interfaces_ppps_edit.php b/usr/local/www/interfaces_ppps_edit.php index 1f9e2bf..46fb414 100644 --- a/usr/local/www/interfaces_ppps_edit.php +++ b/usr/local/www/interfaces_ppps_edit.php @@ -789,7 +789,7 @@ $types = array("select" => gettext("Select"), "ppp" => "PPP", "pppoe" => "PPPoE" <input type="button" value="<?=gettext("Cancel"); ?>" onclick="history.back()"> <input name="ptpid" type="hidden" value="<?=htmlspecialchars($pconfig['ptpid']);?>"> <?php if (isset($id) && $a_ppps[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/interfaces_qinq_edit.php b/usr/local/www/interfaces_qinq_edit.php index a820e14..e8b698e 100755 --- a/usr/local/www/interfaces_qinq_edit.php +++ b/usr/local/www/interfaces_qinq_edit.php @@ -248,7 +248,7 @@ var addRowTo = (function() { td = d.createElement("td"); td.rowSpan = "1"; - td.innerHTML = '<input type="image" src="/themes/' + theme + '/images/icons/icon_x.gif" onclick="removeRow(this);return false;" value="Delete">'; + td.innerHTML = '<a onclick="removeRow(this);return false;" href="#"><img border="0" src="/themes/' + theme + '/images/icons/icon_x.gif" /></a>'; tr.appendChild(td); tbody.appendChild(tr); totalrows++; @@ -307,7 +307,7 @@ function removeRow(el) { <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("First level tag");?></td> <td width="78%" class="vtable"> - <input name="tag" type="text" class="formfld unknown" id="tag" size="10" value="<?=$pconfig['tag'];?>" /> + <input name="tag" type="text" class="formfld unknown" id="tag" size="10" value="<?=htmlspecialchars($pconfig['tag']);?>" /> <br /> <span class="vexpl"> <?=gettext("This is the first level VLAN tag. On top of this are stacked the member VLANs defined below.");?> @@ -336,7 +336,7 @@ function removeRow(el) { <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Description");?></td> <td width="78%" class="vtable"> - <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=$pconfig['descr'];?>" /> + <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>" /> <br /> <span class="vexpl"> <?=gettext("You may enter a description here for your reference (not parsed).");?> @@ -370,7 +370,7 @@ function removeRow(el) { <input name="members<?php echo $tracker; ?>" class="formselect" id="members<?php echo $tracker; ?>" value="<? echo $members;?>"> </td> <td> - <input type="image" src="/themes/<?echo $g['theme'];?>/images/icons/icon_x.gif" onclick="removeRow(this); return false;" value="<?=gettext("Delete");?>" /> + <a onclick="removeRow(this); return false;" href="#"><img border="0" src="/themes/<?echo $g['theme'];?>/images/icons/icon_x.gif" /></a> </td> </tr> <?php @@ -395,7 +395,7 @@ function removeRow(el) { <input id="submit" name="submit" type="submit" class="formbtn" value="<?=gettext("Save");?>" /> <a href="interfaces_qinq.php"><input id="cancelbutton" name="cancelbutton" type="button" class="formbtn" value="<?=gettext("Cancel");?>" /></a> <?php if (isset($id) && $a_qinqs[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>" /> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" /> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/interfaces_vlan_edit.php b/usr/local/www/interfaces_vlan_edit.php index 3f26441..447722a 100755 --- a/usr/local/www/interfaces_vlan_edit.php +++ b/usr/local/www/interfaces_vlan_edit.php @@ -172,10 +172,10 @@ include("head.inc"); <tr> <td width="22%" valign="top"> </td> <td width="78%"> - <input type="hidden" name="vlanif" value="<?=$pconfig['vlanif']; ?>"> + <input type="hidden" name="vlanif" value="<?=htmlspecialchars($pconfig['vlanif']); ?>"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>"> <input type="button" value="<?=gettext("Cancel");?>" onclick="history.back()"> <?php if (isset($id) && $a_vlans[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/interfaces_wireless_edit.php b/usr/local/www/interfaces_wireless_edit.php index c5c511a..686345d 100644 --- a/usr/local/www/interfaces_wireless_edit.php +++ b/usr/local/www/interfaces_wireless_edit.php @@ -191,10 +191,10 @@ include("head.inc"); <tr> <td width="22%" valign="top"> </td> <td width="78%"> - <input type="hidden" name="cloneif" value="<?=$pconfig['cloneif']; ?>"> + <input type="hidden" name="cloneif" value="<?=htmlspecialchars($pconfig['cloneif']); ?>"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>"> <input type="button" value="<?=gettext("Cancel");?>" onclick="history.back()"> <?php if (isset($id) && $a_clones[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/javascript/row_helper.js b/usr/local/www/javascript/row_helper.js index 68a00bd..dc8a282 100755 --- a/usr/local/www/javascript/row_helper.js +++ b/usr/local/www/javascript/row_helper.js @@ -24,7 +24,9 @@ var addRowTo = (function() { tr = d.createElement("tr"); for (i = 0; i < field_counter_js; i++) { td = d.createElement("td"); - if(rowtype[i] == 'textbox') { + if(typeof(rowtype[i]) == 'function') { + td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input>" + rowtype[i](rowname[i], rowsize[i], totalrows) + " "; + } else if(rowtype[i] == 'textbox') { td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><input size='" + rowsize[i] + "' class='formfld unknown' name='" + rowname[i] + totalrows + "' id='" + rowname[i] + totalrows + "'></input> "; } else if(rowtype[i] == 'password') { td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><input type='password' size='" + rowsize[i] + "' class='formfld pwd' name='" + rowname[i] + totalrows + "' id='" + rowname[i] + totalrows + "'></input> "; diff --git a/usr/local/www/javascript/row_helper_dynamic.js b/usr/local/www/javascript/row_helper_dynamic.js index 210e416..bef6120 100755 --- a/usr/local/www/javascript/row_helper_dynamic.js +++ b/usr/local/www/javascript/row_helper_dynamic.js @@ -27,7 +27,9 @@ var addRowTo = (function() { objectSize = rowsize[i]; for (i = 0; i < field_counter_js; i++) { td = d.createElement("td"); - if(rowtype[i] == 'textbox') { + if(typeof(rowtype[i]) == 'function') { + td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input>" + rowtype[i](rowname[i], objectSize, totalrows) + " "; + } else if(rowtype[i] == 'textbox') { td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><input size='" + objectSize + "' name='" + rowname[i] + totalrows + "' id='" + rowname[i] + totalrows + "'></input> "; } else if(rowtype[i] == 'select') { td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><select name='" + rowname[i] + totalrows + "' id='" + rowname[i] + totalrows + "'>" + newrow[i] + "</select> "; diff --git a/usr/local/www/load_balancer_monitor_edit.php b/usr/local/www/load_balancer_monitor_edit.php index 7cc9ef3..865148a 100755 --- a/usr/local/www/load_balancer_monitor_edit.php +++ b/usr/local/www/load_balancer_monitor_edit.php @@ -355,7 +355,7 @@ function updateType(t){ <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>"><input type="button" class="formbtn" value="<?=gettext("Cancel"); ?>" onclick="history.back()"> <?php if (isset($id) && $a_monitor[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/load_balancer_pool_edit.php b/usr/local/www/load_balancer_pool_edit.php index 0e15dc2..51b3bec 100755 --- a/usr/local/www/load_balancer_pool_edit.php +++ b/usr/local/www/load_balancer_pool_edit.php @@ -297,7 +297,7 @@ echo "</select>"; <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" onClick="AllServers('serversSelect', true); AllServers('serversDisabledSelect', true);"> <input type="button" class="formbtn" value="<?=gettext("Cancel"); ?>" onclick="history.back()"> <?php if (isset($id) && $a_pool[$id] && $_GET['act'] != 'dup'): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/load_balancer_relay_action_edit.php b/usr/local/www/load_balancer_relay_action_edit.php index 396cd9b..390ee17 100755 --- a/usr/local/www/load_balancer_relay_action_edit.php +++ b/usr/local/www/load_balancer_relay_action_edit.php @@ -392,10 +392,10 @@ function num_options() { document.observe("dom:loaded", function() { - updateProtocol('<?=$pconfig['protocol']?>'); - updateDirection('<?=$pconfig['direction']?>'); - updateType('<?=$pconfig['type']?>'); - updateAction('<?=$pconfig['action']?>'); + updateProtocol('<?=htmlspecialchars($pconfig['protocol'])?>'); + updateDirection('<?=htmlspecialchars($pconfig['direction'])?>'); + updateType('<?=htmlspecialchars($pconfig['type'])?>'); + updateAction('<?=htmlspecialchars($pconfig['action'])?>'); }); </script> @@ -556,7 +556,7 @@ document.observe("dom:loaded", function() { <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>"><input type="button" class="formbtn" value="<?=gettext("Cancel"); ?>" onclick="history.back()"> <?php if (isset($id) && $a_action[$id] && $_GET['act'] != 'dup'): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/load_balancer_relay_protocol_edit.php b/usr/local/www/load_balancer_relay_protocol_edit.php index 1c0daa8..a885aa2 100755 --- a/usr/local/www/load_balancer_relay_protocol_edit.php +++ b/usr/local/www/load_balancer_relay_protocol_edit.php @@ -279,7 +279,7 @@ echo "</select>"; <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" onClick="AllOptions($('lbaction'), true); AllOptions($('available_action'), false);"><input type="button" class="formbtn" value="<?=gettext("Cancel"); ?>" onclick="history.back()"> <?php if (isset($id) && $a_protocol[$id] && $_GET['act'] != 'dup'): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/load_balancer_virtual_server_edit.php b/usr/local/www/load_balancer_virtual_server_edit.php index e93f0d6..96a557c 100755 --- a/usr/local/www/load_balancer_virtual_server_edit.php +++ b/usr/local/www/load_balancer_virtual_server_edit.php @@ -167,7 +167,7 @@ document.observe("dom:loaded", function() { }); // Go ahead and disable the relay stuff, we'll trigger - updateRelay("<?=$pconfig['mode'];?>"); + updateRelay("<?=htmlspecialchars($pconfig['mode']);?>"); }); @@ -231,7 +231,7 @@ document.observe("dom:loaded", function() { <b><?=gettext("NOTE:"); ?></b> <?=gettext("Please add a pool on the Pools tab to use this feature."); ?> <?php else: ?> <select id="sitedown" name="sitedown"> - <option value=""<?=$pconfig['sitedown'] == '' ? ' selected' : ''?>><?=gettext("none"); ?></option> + <option value=""<?=htmlspecialchars($pconfig['sitedown']) == '' ? ' selected' : ''?>><?=gettext("none"); ?></option> <?php for ($i = 0; isset($config['load_balancer']['lbpool'][$i]); $i++) { $selected = ""; @@ -250,8 +250,8 @@ document.observe("dom:loaded", function() { <tr align="left"> <td width="22%" valign="top" class="vncellreq">Mode</td> <td width="78%" class="vtable" colspan="2"> - <input id="redirect_mode" type="radio" name="mode" value="redirect"<?=$pconfig['mode'] == 'redirect' ? ' checked="checked"': ''?>> Redirect - <input id="relay_mode" type="radio" name="mode" value="relay"<?=$pconfig['mode'] == 'relay' ? ' checked="checked"': ''?>> Relay + <input id="redirect_mode" type="radio" name="mode" value="redirect"<?=htmlspecialchars($pconfig['mode']) == 'redirect' ? ' checked="checked"': ''?>> Redirect + <input id="relay_mode" type="radio" name="mode" value="relay"<?=htmlspecialchars($pconfig['mode']) == 'relay' ? ' checked="checked"': ''?>> Relay <br> </td> @@ -278,7 +278,7 @@ document.observe("dom:loaded", function() { <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Submit"); ?>"> <input type="button" class="formbtn" value="<?=gettext("Cancel"); ?>" onclick="history.back()"> <?php if (isset($id) && $a_vs[$id] && $_GET['act'] != 'dup'): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/pkg.php b/usr/local/www/pkg.php index e77f38a..32c9463 100755 --- a/usr/local/www/pkg.php +++ b/usr/local/www/pkg.php @@ -45,7 +45,7 @@ function gentitle_pkg($pgname) { return $config['system']['hostname'] . "." . $config['system']['domain'] . " - " . $pgname; } -$xml = htmlspecialchars($_REQUEST['xml']); +$xml = $_REQUEST['xml']; if($xml == "") { print_info_box_np(gettext("ERROR: No package defined.")); @@ -53,6 +53,10 @@ if($xml == "") { } else { if(file_exists("/usr/local/pkg/" . $xml)) $pkg = parse_xml_config_pkg("/usr/local/pkg/" . $xml, "packagegui"); + else { + echo "File not found " . htmlspecialchars($xml); + exit; + } } if($pkg['donotsave'] <> "") { @@ -410,11 +414,6 @@ if ($pkg['tabs'] <> "") { </form> <?php include("fend.inc"); ?> -<script type="text/javascript"> -NiftyCheck(); -Rounded("div#mainarea","bl br","#FFF","#eeeeee","smooth"); -</script> - <?php echo "<!-- filter_fieldname: {$filter_fieldname} -->"; echo "<!-- filter_regex: {$filter_regex} -->"; diff --git a/usr/local/www/pkg_edit.php b/usr/local/www/pkg_edit.php index f9cac9d..52bc31a 100755 --- a/usr/local/www/pkg_edit.php +++ b/usr/local/www/pkg_edit.php @@ -83,6 +83,12 @@ $pgtitle = $title; $id = $_GET['id']; if (isset($_POST['id'])) $id = htmlspecialchars($_POST['id']); + +if(!is_numeric($id)) { + Header("Location: /"); + exit; +} + // Not posting? Then user is editing a record. There must be a valid id // when editing a record. @@ -725,7 +731,7 @@ if ($pkg['tabs'] <> "") { $rowcounter++; echo "<td>"; - echo "<input type=\"image\" src=\"./themes/".$g['theme']."/images/icons/icon_x.gif\" onclick=\"removeRow(this); return false;\" value=\"" . gettext("Delete") . "\">"; + echo "<a onclick=\"removeRow(this); return false;\" href=\"#\"><img border=\"0\" src=\"./themes/".$g['theme']."/images/icons/icon_x.gif\" /></a>"; echo "</td>\n"; echo "</tr>\n"; } @@ -762,7 +768,7 @@ if ($pkg['tabs'] <> "") { $rowcounter++; echo "<td>"; - echo "<input type=\"image\" src=\"./themes/".$g['theme']."/images/icons/icon_x.gif\" onclick=\"removeRow(this); return false;\" value=\"" . gettext("Delete") . "\">"; + echo "<a onclick=\"removeRow(this); return false;\" href=\"#\"><img border=\"0\" src=\"./themes/".$g['theme']."/images/icons/icon_x.gif\" /></a>"; echo "</td>\n"; echo "</tr>\n"; } @@ -863,7 +869,7 @@ function display_row($trc, $value, $fieldname, $type, $rowhelper, $size) { global $text, $config; echo "<td>\n"; if($type == "input") { - echo "<input size='" . $size . "' name='" . $fieldname . $trc . "' id='" . $fieldname . $trc . "' value='" . $value . "'>\n"; + echo "<input size='" . $size . "' name='" . $fieldname . $trc . "' id='" . $fieldname . $trc . "' class='formfld unknown' value='" . $value . "'>\n"; } else if($type == "checkbox") { if($value) echo "<input size='" . $size . "' type='checkbox' id='" . $fieldname . $trc . "' name='" . $fieldname . $trc . "' value='ON' CHECKED>\n"; diff --git a/usr/local/www/services_captiveportal_ip_edit.php b/usr/local/www/services_captiveportal_ip_edit.php index b9b4efc..d6119ce 100755 --- a/usr/local/www/services_captiveportal_ip_edit.php +++ b/usr/local/www/services_captiveportal_ip_edit.php @@ -207,7 +207,7 @@ include("head.inc"); <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>"> <?php if (isset($id) && $a_allowedips[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/services_captiveportal_mac_edit.php b/usr/local/www/services_captiveportal_mac_edit.php index f0d92c3..aabf4b3 100755 --- a/usr/local/www/services_captiveportal_mac_edit.php +++ b/usr/local/www/services_captiveportal_mac_edit.php @@ -184,7 +184,7 @@ include("head.inc"); <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>"> <?php if (isset($id) && $a_passthrumacs[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> <?php if (isset($pconfig['username']) && $pconfig['username']): ?> <input name="username" type="hidden" value="<?=htmlspecialchars($pconfig['username']);?>"> diff --git a/usr/local/www/services_captiveportal_vouchers_edit.php b/usr/local/www/services_captiveportal_vouchers_edit.php index 96e563f..94724a9 100644 --- a/usr/local/www/services_captiveportal_vouchers_edit.php +++ b/usr/local/www/services_captiveportal_vouchers_edit.php @@ -191,7 +191,7 @@ include("head.inc"); <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>"> <?php if (isset($id) && $a_roll[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/services_dhcp.php b/usr/local/www/services_dhcp.php index 0365ccb..e6c3f68 100755 --- a/usr/local/www/services_dhcp.php +++ b/usr/local/www/services_dhcp.php @@ -198,7 +198,8 @@ if ($_POST) { if(isset($_POST["number{$x}"]) && ctype_digit($_POST["number{$x}"])) { $numbervalue = array(); $numbervalue['number'] = htmlspecialchars($_POST["number{$x}"]); - $numbervalue['value'] = htmlspecialchars($_POST["value{$x}"]); + $numbervalue['type'] = htmlspecialchars($_POST["itemtype{$x}"]); + $numbervalue['value'] = str_replace('"', '"', htmlspecialchars($_POST["value{$x}"])); $numberoptions['item'][] = $numbervalue; } } @@ -260,6 +261,31 @@ if ($_POST) { if ($_POST['staticarp'] && $noip) $input_errors[] = "Cannot enable static ARP when you have static map entries without IP addresses. Ensure all static maps have IP addresses and try again."; + if(is_array($pconfig['numberoptions']['item'])) { + foreach ($pconfig['numberoptions']['item'] as $numberoption) { + if ( $numberoption['type'] == 'text' && strstr($numberoption['value'], '"') ) + $input_errors[] = gettext("Text type cannot include quotation marks."); + else if ( $numberoption['type'] == 'string' && !preg_match('/^"[^"]*"$/', $numberoption['value']) && !preg_match('/^[0-9a-z]{2}(?:\:[0-9a-z]{2})*$/i', $numberoption['value']) ) + $input_errors[] = gettext("String type must be enclosed in quotes like \"this\" or must be a series of octets specified in hexadecimal, separated by colons, like 01:23:45:67:89:ab:cd:ef"); + else if ( $numberoption['type'] == 'flag' && $numberoption['value'] != 'true' && $numberoption['value'] != 'false' && $numberoption['value'] != 'on' && $numberoption['value'] != 'off' ) + $input_errors[] = gettext("Boolean type must be true, false, on, or off."); + else if ( $numberoption['type'] == 'uint8' && (!is_numeric($numberoption['value']) || $numberoption['value'] < 0 || $numberoption['value'] > 255) ) + $input_errors[] = gettext("Unsigned 8-bit integer type must be a number in the range 0 to 255."); + else if ( $numberoption['type'] == 'uint16' && (!is_numeric($numberoption['value']) || $numberoption['value'] < 0 || $numberoption['value'] > 65535) ) + $input_errors[] = gettext("Unsigned 16-bit integer type must be a number in the range 0 to 65535."); + else if ( $numberoption['type'] == 'uint32' && (!is_numeric($numberoption['value']) || $numberoption['value'] < 0 || $numberoption['value'] > 4294967295) ) + $input_errors[] = gettext("Unsigned 32-bit integer type must be a number in the range 0 to 4294967295."); + else if ( $numberoption['type'] == 'int8' && (!is_numeric($numberoption['value']) || $numberoption['value'] < -128 || $numberoption['value'] > 127) ) + $input_errors[] = gettext("Signed 8-bit integer type must be a number in the range -128 to 127."); + else if ( $numberoption['type'] == 'int16' && (!is_numeric($numberoption['value']) || $numberoption['value'] < -32768 || $numberoption['value'] > 32767) ) + $input_errors[] = gettext("Signed 16-bit integer type must be a number in the range -32768 to 32767."); + else if ( $numberoption['type'] == 'int32' && (!is_numeric($numberoption['value']) || $numberoption['value'] < -2147483648 || $numberoption['value'] > 2147483647) ) + $input_errors[] = gettext("Signed 32-bit integer type must be a number in the range -2147483648 to 2147483647."); + else if ( $numberoption['type'] == 'ip-address' && !is_ipaddr($numberoption['value']) && !is_hostname($numberoption['value']) ) + $input_errors[] = gettext("IP address or host type must be an IP address or host name."); + } + } + if (!$input_errors) { /* make sure the range lies within the current subnet */ $subnet_start = ip2ulong(long2ip32(ip2long($ifcfgip) & gen_subnet_mask_long($ifcfgsn))); @@ -401,12 +427,25 @@ include("head.inc"); </script> <script type="text/javascript"> + function itemtype_field(fieldname, fieldsize, n) { + return '<select name="' + fieldname + n + '" class="formselect" id="' + fieldname + n + '"><?php + $customitemtypes = array('text' => gettext('Text'), 'string' => gettext('String'), 'flag' => gettext('Boolean'), + 'uint8' => gettext('Unsigned 8-bit integer'), 'uint16' => gettext('Unsigned 16-bit integer'), 'uint32' => gettext('Unsigned 32-bit integer'), + 'int8' => gettext('Signed 8-bit integer'), 'int16' => gettext('Signed 16-bit integer'), 'int32' => gettext('Signed 32-bit integer'), 'ip-address' => gettext('IP address or host')); + foreach ($customitemtypes as $typename => $typedescr) { + echo "<option value=\"{$typename}\">{$typedescr}</option>"; + } + ?></select>'; + } + rowname[0] = "number"; rowtype[0] = "textbox"; rowsize[0] = "10"; - rowname[1] = "value"; - rowtype[1] = "textbox"; - rowsize[1] = "55"; + rowname[1] = "itemtype"; + rowtype[1] = itemtype_field; + rowname[2] = "value"; + rowtype[2] = "textbox"; + rowsize[2] = "40"; </script> <script type="text/javascript" language="JavaScript"> @@ -768,7 +807,8 @@ include("head.inc"); </tr> <tr> <td><div id="onecolumn"><?=gettext("Number");?></div></td> - <td><div id="twocolumn"><?=gettext("Value");?></div></td> + <td><div id="twocolumn"><?=gettext("Type");?></div></td> + <td><div id="threecolumn"><?=gettext("Value");?></div></td> </tr> <?php $counter = 0; ?> <?php @@ -777,6 +817,7 @@ include("head.inc"); ?> <?php $number = $item['number']; + $itemtype = $item['type']; $value = $item['value']; ?> <tr> @@ -784,10 +825,21 @@ include("head.inc"); <input autocomplete="off" name="number<?php echo $counter; ?>" type="text" class="formfld" id="number<?php echo $counter; ?>" size="10" value="<?=htmlspecialchars($number);?>" /> </td> <td> - <input autocomplete="off" name="value<?php echo $counter; ?>" type="text" class="formfld" id="value<?php echo $counter; ?>" size="55" value="<?=htmlspecialchars($value);?>" /> + <select name="itemtype<?php echo $counter; ?>" class="formselect" id="itemtype<?php echo $counter; ?>"> + <?php + foreach ($customitemtypes as $typename => $typedescr) { + echo "<option value=\"{$typename}\" "; + if ($itemtype == $typename) echo "selected"; + echo ">" . $typedescr . "</option>"; + } + ?> + </select> + </td> + <td> + <input autocomplete="off" name="value<?php echo $counter; ?>" type="text" class="formfld" id="value<?php echo $counter; ?>" size="40" value="<?=htmlspecialchars($value);?>" /> </td> <td> - <input type="image" src="/themes/<?echo $g['theme'];?>/images/icons/icon_x.gif" onclick="removeRow(this); return false;" value="<?=gettext("Delete");?>" /> + <a onclick="removeRow(this); return false;" href="#"><img border="0" src="/themes/<?echo $g['theme'];?>/images/icons/icon_x.gif" /></a> </td> </tr> <?php $counter++; ?> @@ -800,7 +852,7 @@ include("head.inc"); <img border="0" src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" alt="" title="<?=gettext("add another entry");?>" /> </a> <script type="text/javascript"> - field_counter_js = 2; + field_counter_js = 3; rows = 1; totalrows = <?php echo $counter; ?>; loaded = <?php echo $counter; ?>; @@ -812,7 +864,7 @@ include("head.inc"); <tr> <td width="22%" valign="top"> </td> <td width="78%"> - <input name="if" type="hidden" value="<?=$if;?>"> + <input name="if" type="hidden" value="<?=htmlspecialchars($if);?>"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>" onclick="enable_change(true)"> </td> </tr> @@ -840,7 +892,7 @@ include("head.inc"); <table border="0" cellspacing="0" cellpadding="1"> <tr> <td valign="middle" width="17"></td> - <td valign="middle"><a href="services_dhcp_edit.php?if=<?=$if;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a></td> + <td valign="middle"><a href="services_dhcp_edit.php?if=<?=htmlspecialchars($if);?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a></td> </tr> </table> </td> @@ -849,23 +901,23 @@ include("head.inc"); <?php $i = 0; foreach ($a_maps as $mapent): ?> <?php if($mapent['mac'] <> "" or $mapent['ipaddr'] <> ""): ?> <tr> - <td class="listlr" ondblclick="document.location='services_dhcp_edit.php?if=<?=$if;?>&id=<?=$i;?>';"> + <td class="listlr" ondblclick="document.location='services_dhcp_edit.php?if=<?=htmlspecialchars($if);?>&id=<?=$i;?>';"> <?=htmlspecialchars($mapent['mac']);?> </td> - <td class="listr" ondblclick="document.location='services_dhcp_edit.php?if=<?=$if;?>&id=<?=$i;?>';"> + <td class="listr" ondblclick="document.location='services_dhcp_edit.php?if=<?=htmlspecialchars($if);?>&id=<?=$i;?>';"> <?=htmlspecialchars($mapent['ipaddr']);?> </td> - <td class="listr" ondblclick="document.location='services_dhcp_edit.php?if=<?=$if;?>&id=<?=$i;?>';"> + <td class="listr" ondblclick="document.location='services_dhcp_edit.php?if=<?=htmlspecialchars($if);?>&id=<?=$i;?>';"> <?=htmlspecialchars($mapent['hostname']);?> </td> - <td class="listbg" ondblclick="document.location='services_dhcp_edit.php?if=<?=$if;?>&id=<?=$i;?>';"> + <td class="listbg" ondblclick="document.location='services_dhcp_edit.php?if=<?=htmlspecialchars($if);?>&id=<?=$i;?>';"> <?=htmlspecialchars($mapent['descr']);?> </td> <td valign="middle" nowrap class="list"> <table border="0" cellspacing="0" cellpadding="1"> <tr> - <td valign="middle"><a href="services_dhcp_edit.php?if=<?=$if;?>&id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0"></a></td> - <td valign="middle"><a href="services_dhcp.php?if=<?=$if;?>&act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this mapping?");?>')"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0"></a></td> + <td valign="middle"><a href="services_dhcp_edit.php?if=<?=htmlspecialchars($if);?>&id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0"></a></td> + <td valign="middle"><a href="services_dhcp.php?if=<?=htmlspecialchars($if);?>&act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this mapping?");?>')"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0"></a></td> </tr> </table> </td> @@ -879,7 +931,7 @@ include("head.inc"); <table border="0" cellspacing="0" cellpadding="1"> <tr> <td valign="middle" width="17"></td> - <td valign="middle"><a href="services_dhcp_edit.php?if=<?=$if;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a></td> + <td valign="middle"><a href="services_dhcp_edit.php?if=<?=htmlspecialchars($if);?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a></td> </tr> </table> </td> diff --git a/usr/local/www/services_dhcp_edit.php b/usr/local/www/services_dhcp_edit.php index 525a983..cddc8e0 100755 --- a/usr/local/www/services_dhcp_edit.php +++ b/usr/local/www/services_dhcp_edit.php @@ -253,9 +253,9 @@ include("head.inc"); <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>"> <input class="formbtn" type="button" value="<?=gettext("Cancel");?>" onclick="history.back()"> <?php if (isset($id) && $a_maps[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> - <input name="if" type="hidden" value="<?=$if;?>"> + <input name="if" type="hidden" value="<?=htmlspecialchars($if);?>"> </td> </tr> </table> diff --git a/usr/local/www/services_dnsmasq_domainoverride_edit.php b/usr/local/www/services_dnsmasq_domainoverride_edit.php index e55b6ee..948ecb0 100755 --- a/usr/local/www/services_dnsmasq_domainoverride_edit.php +++ b/usr/local/www/services_dnsmasq_domainoverride_edit.php @@ -129,7 +129,7 @@ include("head.inc"); <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>"> <input class="formbtn" type="button" value="<?=gettext("Cancel");?>" onclick="history.back()"> <?php if (isset($id) && $a_domainOverrides[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/services_dnsmasq_edit.php b/usr/local/www/services_dnsmasq_edit.php index a80ff00..3638054 100755 --- a/usr/local/www/services_dnsmasq_edit.php +++ b/usr/local/www/services_dnsmasq_edit.php @@ -170,7 +170,7 @@ include("head.inc"); <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>"> <input class="formbtn" type="button" value="<?=gettext("Cancel");?>" onclick="history.back()"> <?php if (isset($id) && $a_hosts[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/services_dyndns_edit.php b/usr/local/www/services_dyndns_edit.php index c221e97..7d3072c 100644 --- a/usr/local/www/services_dyndns_edit.php +++ b/usr/local/www/services_dyndns_edit.php @@ -231,7 +231,7 @@ include("head.inc"); <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>" onClick="enable_change(true)"> <a href="services_dyndns.php"><input name="cancel" type="button" class="formbtn" value="<?=gettext("Cancel");?>"></a> <?php if (isset($id) && $a_dyndns[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/services_igmpproxy_edit.php b/usr/local/www/services_igmpproxy_edit.php index 52bb636..63cb10e 100755 --- a/usr/local/www/services_igmpproxy_edit.php +++ b/usr/local/www/services_igmpproxy_edit.php @@ -174,7 +174,7 @@ include("head.inc"); <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Description");?></td> <td width="78%" class="vtable"> - <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=$pconfig['descr'];?>" /> + <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>" /> <br /> <span class="vexpl"> <?=gettext("You may enter a description here for your reference (not parsed).");?> @@ -255,7 +255,7 @@ include("head.inc"); </select> </td> <td> - <input type="image" src="/themes/<?echo $g['theme'];?>/images/icons/icon_x.gif" onclick="removeRow(this); return false;" value="<?=gettext("Delete");?>" /> + <a onclick="removeRow(this); return false;" href="#"><img border="0" src="/themes/<?echo $g['theme'];?>/images/icons/icon_x.gif" /></a> </td> </tr> <?php @@ -280,7 +280,7 @@ include("head.inc"); <input id="submit" name="submit" type="submit" class="formbtn" value="<?=gettext("Save");?>" /> <a href="services_igmpproxy.php"><input id="cancelbutton" name="cancelbutton" type="button" class="formbtn" value="<?=gettext("Cancel");?>" /></a> <?php if (isset($id) && $a_igmpproxy[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>" /> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" /> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/services_rfc2136_edit.php b/usr/local/www/services_rfc2136_edit.php index d11278c..7c5f114 100644 --- a/usr/local/www/services_rfc2136_edit.php +++ b/usr/local/www/services_rfc2136_edit.php @@ -199,7 +199,7 @@ include("head.inc"); <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>" onClick="enable_change(true)"> <a href="services_rfc2136.php"><input name="Cancel" type="button" class="formbtn" value="<?=gettext("Cancel");?>"></a> <?php if (isset($id) && $a_rfc2136[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/services_snmp.php b/usr/local/www/services_snmp.php index 8b79c66..0b61bbf 100755 --- a/usr/local/www/services_snmp.php +++ b/usr/local/www/services_snmp.php @@ -274,7 +274,7 @@ function enable_change(whichone) { <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Polling Port ");?></td> <td width="78%" class="vtable"> - <input name="pollport" type="text" class="formfld unknown" id="pollport" size="40" value="<?=$pconfig['pollport'] ? htmlspecialchars($pconfig['pollport']) : htmlspecialchars(161);?>"> + <input name="pollport" type="text" class="formfld unknown" id="pollport" size="40" value="<?=htmlspecialchars($pconfig['pollport']) ? htmlspecialchars($pconfig['pollport']) : htmlspecialchars(161);?>"> <br><?=gettext("Enter the port to accept polling events on (default 161)");?></br> </td> </tr> @@ -343,7 +343,7 @@ function enable_change(whichone) { <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Trap server port ");?></td> <td width="78%" class="vtable"> - <input name="trapserverport" type="text" class="formfld unknown" id="trapserverport" size="40" value="<?=$pconfig['trapserverport'] ? htmlspecialchars($pconfig['trapserverport']) : htmlspecialchars(162);?>"> + <input name="trapserverport" type="text" class="formfld unknown" id="trapserverport" size="40" value="<?=htmlspecialchars($pconfig['trapserverport']) ? htmlspecialchars($pconfig['trapserverport']) : htmlspecialchars(162);?>"> <br><?=gettext("Enter the port to send the traps to (default 162)");?></br> </td> </tr> diff --git a/usr/local/www/services_wol_edit.php b/usr/local/www/services_wol_edit.php index f495abf..ca31048 100755 --- a/usr/local/www/services_wol_edit.php +++ b/usr/local/www/services_wol_edit.php @@ -156,7 +156,7 @@ include("head.inc"); <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>"> <input class="formbtn" type="button" value="<?=gettext("Cancel");?>" onclick="history.back()"> <?php if (isset($id) && $a_wol[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/status_captiveportal.php b/usr/local/www/status_captiveportal.php index 8000281..3625e40 100755 --- a/usr/local/www/status_captiveportal.php +++ b/usr/local/www/status_captiveportal.php @@ -120,14 +120,14 @@ if ($_GET['order']) { <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> - <td class="listhdrr"><a href="?order=ip&showact=<?=$_GET['showact'];?>"><?=gettext("IP address");?></a></td> - <td class="listhdrr"><a href="?order=mac&showact=<?=$_GET['showact'];?>"><?=gettext("MAC address");?></a></td> - <td class="listhdrr"><a href="?order=user&showact=<?=$_GET['showact'];?>"><?=gettext("Username");?></a></td> + <td class="listhdrr"><a href="?order=ip&showact=<?=htmlspecialchars($_GET['showact']);?>"><?=gettext("IP address");?></a></td> + <td class="listhdrr"><a href="?order=mac&showact=<?=htmlspecialchars($_GET['showact']);?>"><?=gettext("MAC address");?></a></td> + <td class="listhdrr"><a href="?order=user&showact=<?=htmlspecialchars($_GET['showact']);?>"><?=gettext("Username");?></a></td> <?php if ($_GET['showact']): ?> - <td class="listhdrr"><a href="?order=start&showact=<?=$_GET['showact'];?>"><?=gettext("Session start");?></a></td> - <td class="listhdr"><a href="?order=lastact&showact=<?=$_GET['showact'];?>"><?=gettext("Last activity");?></a></td> + <td class="listhdrr"><a href="?order=start&showact=<?=htmlspecialchars($_GET['showact']);?>"><?=gettext("Session start");?></a></td> + <td class="listhdr"><a href="?order=lastact&showact=<?=htmlspecialchars($_GET['showact']);?>"><?=gettext("Last activity");?></a></td> <?php else: ?> - <td class="listhdr"><a href="?order=start&showact=<?=$_GET['showact'];?>"><?=gettext("Session start");?></a></td> + <td class="listhdr"><a href="?order=start&showact=<?=htmlspecialchars($_GET['showact']);?>"><?=gettext("Session start");?></a></td> <?php endif; ?> <td class="list sort_ignore"></td> </tr> @@ -141,7 +141,7 @@ if ($_GET['order']) { <td class="listr"><?php if ($cpent[5]) echo htmlspecialchars(date("m/d/Y H:i:s", $cpent[5]));?></td> <?php endif; ?> <td valign="middle" class="list" nowrap> - <a href="?order=<?=$_GET['order'];?>&showact=<?=$_GET['showact'];?>&act=del&id=<?=$cpent[1];?>" onclick="return confirm('<?=gettext("Do you really want to disconnect this client?");?>')"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="<?=gettext("Disconnect");?>"></a></td> + <a href="?order=<?=$_GET['order'];?>&showact=<?=htmlspecialchars($_GET['showact']);?>&act=del&id=<?=$cpent[1];?>" onclick="return confirm('<?=gettext("Do you really want to disconnect this client?");?>')"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="<?=gettext("Disconnect");?>"></a></td> </tr> <?php endforeach; ?> </table> diff --git a/usr/local/www/status_captiveportal_vouchers.php b/usr/local/www/status_captiveportal_vouchers.php index 39a6f56..4d3afd8 100644 --- a/usr/local/www/status_captiveportal_vouchers.php +++ b/usr/local/www/status_captiveportal_vouchers.php @@ -99,11 +99,11 @@ include("fbegin.inc"); <table width="100%" border="0" cellpadding="0" cellspacing="0" summary="content pane"> <tr> - <td class="listhdrr"><a href="?order=0&showact=<?=$_GET['showact'];?>"><?=gettext("Voucher"); ?></a></td> - <td class="listhdrr"><a href="?order=1&showact=<?=$_GET['showact'];?>"><?=gettext("Roll"); ?></a></td> - <td class="listhdrr"><a href="?order=2&showact=<?=$_GET['showact'];?>"><?=gettext("Activated at"); ?></a></td> - <td class="listhdrr"><a href="?order=3&showact=<?=$_GET['showact'];?>"><?=gettext("Expires in"); ?></a></td> - <td class="listhdr"><a href="?order=4&showact=<?=$_GET['showact'];?>"><?=gettext("Expires at"); ?></a></td> + <td class="listhdrr"><a href="?order=0&showact=<?=htmlspecialchars($_GET['showact']);?>"><?=gettext("Voucher"); ?></a></td> + <td class="listhdrr"><a href="?order=1&showact=<?=htmlspecialchars($_GET['showact']);?>"><?=gettext("Roll"); ?></a></td> + <td class="listhdrr"><a href="?order=2&showact=<?=htmlspecialchars($_GET['showact']);?>"><?=gettext("Activated at"); ?></a></td> + <td class="listhdrr"><a href="?order=3&showact=<?=htmlspecialchars($_GET['showact']);?>"><?=gettext("Expires in"); ?></a></td> + <td class="listhdr"><a href="?order=4&showact=<?=htmlspecialchars($_GET['showact']);?>"><?=gettext("Expires at"); ?></a></td> <td class="list"></td> </tr> <?php foreach ($db as $dbent): ?> diff --git a/usr/local/www/status_dhcp_leases.php b/usr/local/www/status_dhcp_leases.php index f7981c8..896b1af 100755 --- a/usr/local/www/status_dhcp_leases.php +++ b/usr/local/www/status_dhcp_leases.php @@ -382,7 +382,7 @@ foreach ($leases as $data) { /* Only show the button for offline dynamic leases */ if (($data['type'] == "dynamic") && ($data['online'] != "online")) { - echo "<td class=\"list\" valign=\"middle\"><a href=\"status_dhcp_leases.php?deleteip={$data['ip']}&all={$_GET['all']}\">"; + echo "<td class=\"list\" valign=\"middle\"><a href=\"status_dhcp_leases.php?deleteip={$data['ip']}&all=" . htmlspecialchars($_GET['all']) . "\">"; echo "<img src=\"/themes/{$g['theme']}/images/icons/icon_x.gif\" width=\"17\" height=\"17\" border=\"0\" title=\"" . gettext("delete this DHCP lease") . "\"></a></td>\n"; } echo "</tr>\n"; @@ -393,7 +393,7 @@ foreach ($leases as $data) { </table> <p> <form action="status_dhcp_leases.php" method="GET"> -<input type="hidden" name="order" value="<?=$_GET['order'];?>"> +<input type="hidden" name="order" value="<?=htmlspecialchars($_GET['order']);?>"> <?php if ($_GET['all']): ?> <input type="hidden" name="all" value="0"> <input type="submit" class="formbtn" value="<?=gettext("Show active and static leases only"); ?>"> diff --git a/usr/local/www/status_graph.php b/usr/local/www/status_graph.php index ddcfd2d..a68b6bd 100755 --- a/usr/local/www/status_graph.php +++ b/usr/local/www/status_graph.php @@ -54,10 +54,22 @@ if ($_POST['height']) else $height = "200"; -if ($_GET['if']) +// Get configured interface list +$ifdescrs = get_configured_interface_with_descr(); +$ifdescrs["enc0"] = "IPSEC"; + +if ($_GET['if']) { $curif = $_GET['if']; -else + $found = false; + foreach($ifdescrs as $descr => $ifdescr) + if($descr == $curif) $found = true; + if(!$found) { + Header("Location: status_graph.php"); + exit; + } +} else { $curif = "wan"; +} $pgtitle = array(gettext("Status"),gettext("Traffic Graph")); @@ -72,7 +84,7 @@ include("head.inc"); <script language="javascript" type="text/javascript"> function updateBandwidth(){ - var hostinterface = "<?php echo $curif; ?>"; + var hostinterface = "<?php echo htmlspecialchars($curif); ?>"; bandwidthAjax(hostinterface); } @@ -149,12 +161,6 @@ function updateBandwidthHosts(data){ <?php include("fbegin.inc"); ?> <?php -$ifdescrs = array('wan' => gettext('WAN'), 'lan' => gettext('LAN')); - -for($j = 1; isset($config['interfaces']['opt' . $j]); $j++) { - if(isset($config['interfaces']['opt' . $j]['enable'])) - $ifdescrs['opt' . $j] = $config['interfaces']['opt' . $j]['descr']; -} /* link the ipsec interface magically */ if (isset($config['ipsec']['enable']) || isset($config['ipsec']['mobileclients']['enable'])) @@ -168,19 +174,18 @@ if (isset($config['ipsec']['enable']) || isset($config['ipsec']['mobileclients'] foreach ($ifdescrs as $ifn => $ifd) { echo "<option value=\"$ifn\""; if ($ifn == $curif) echo " selected"; - echo ">" . htmlspecialchars($ifd) . "</option>\n"; + echo ">" . strtoupper(htmlspecialchars($ifd)) . " (" . strtoupper($ifn) . ")</option>\n"; } ?> </select> </form> -<p><span class="red"><strong><?=gettext("Note"); ?>:</strong></span> <?=gettext("the"); ?> <a href="http://www.adobe.com/svg/viewer/install/" target="_blank"><?=gettext("Adobe SVG Viewer"); ?></a>, <?=gettext("Firefox 1.5 or later or other browser supporting SVG is required to view the graph"); ?>. <p><form method="post" action="status_graph.php"> </form> <p> <div id="niftyOutter"> <div id="col1" style="float: left; width: 46%; padding: 5px; position: relative;"> - <object data="graph.php?ifnum=<?=$curif;?>&ifname=<?=rawurlencode($ifdescrs[$curif]);?>" type="image/svg+xml" width="<?=$width;?>" height="<?=$height;?>"> - <param name="src" value="graph.php?ifnum=<?=$curif;?>&ifname=<?=rawurlencode($ifdescrs[$curif]);?>" /> + <object data="graph.php?ifnum=<?=htmlspecialchars($curif);?>&ifname=<?=strtoupper(rawurlencode($ifdescrs[htmlspecialchars($curif)]));?>" type="image/svg+xml" width="<?=$width;?>" height="<?=$height;?>"> + <param name="src" value="graph.php?ifnum=<?=htmlspecialchars($curif);?>&ifname=<?=strtoupper(rawurlencode($ifdescrs[htmlspecialchars($curif)]));?>" /> <?=gettext("Your browser does not support the type SVG! You need to either use Firefox or download the Adobe SVG plugin"); ?>. </object> </div> @@ -275,6 +280,7 @@ foreach ($ifdescrs as $ifn => $ifd) { </div> <div style="clear: both;"></div> </div> +<p><span class="red"><strong><?=gettext("Note"); ?>:</strong></span> <?=gettext("the"); ?> <a href="http://www.adobe.com/svg/viewer/install/" target="_blank"><?=gettext("Adobe SVG Viewer"); ?></a>, <?=gettext("Firefox 1.5 or later or other browser supporting SVG is required to view the graph"); ?>. <?php include("fend.inc"); ?> diff --git a/usr/local/www/status_rrd_graph.php b/usr/local/www/status_rrd_graph.php index b4f6911..48f5734 100755 --- a/usr/local/www/status_rrd_graph.php +++ b/usr/local/www/status_rrd_graph.php @@ -54,7 +54,7 @@ $databases = glob("*.rrd"); if ($_GET['cat']) { - $curcat = $_GET['cat']; + $curcat = htmlspecialchars($_GET['cat']); } else { if(! empty($config['rrd']['category'])) { $curcat = $config['rrd']['category']; @@ -281,7 +281,6 @@ function get_dates($curperiod, $graph) { return $dates; } - ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include("fbegin.inc"); ?> diff --git a/usr/local/www/status_rrd_graph_settings.php b/usr/local/www/status_rrd_graph_settings.php index 7c01d8d..6fb943a 100755 --- a/usr/local/www/status_rrd_graph_settings.php +++ b/usr/local/www/status_rrd_graph_settings.php @@ -90,7 +90,7 @@ foreach($databases as $database) { if(stristr($database, "queues")) { $queues = true; } - if(stristr($database, "cellular")) { + if(stristr($database, "-cellular") && !empty($config['ppps'])) { $cellular = true; } if(stristr($database, "-vpnusers")) { diff --git a/usr/local/www/status_services.php b/usr/local/www/status_services.php index 97aa1ce..779e396 100755 --- a/usr/local/www/status_services.php +++ b/usr/local/www/status_services.php @@ -104,7 +104,7 @@ if($_GET['mode'] == "restartservice" and !empty($_GET['service'])) { restart_service($_GET['service']); break; } - $savemsg = sprintf(gettext("%s has been restarted."),$_GET['service']); + $savemsg = sprintf(gettext("%s has been restarted."),htmlspecialchars($_GET['service'])); sleep(5); } @@ -148,7 +148,7 @@ if($_GET['mode'] == "startservice" and !empty($_GET['service'])) { start_service($_GET['service']); break; } - $savemsg = sprintf(gettext("%s has been started."),$_GET['service']); + $savemsg = sprintf(gettext("%s has been started."),htmlspecialchars($_GET['service'])); sleep(5); } @@ -203,7 +203,7 @@ if($_GET['mode'] == "stopservice" && !empty($_GET['service'])) { stop_service($_GET['service']); break; } - $savemsg = sprintf(gettext("%s has been stopped."), $_GET['service']); + $savemsg = sprintf(gettext("%s has been stopped."), htmlspecialchars($_GET['service'])); sleep(5); } diff --git a/usr/local/www/status_wireless.php b/usr/local/www/status_wireless.php index 0aa56ba..cc04bb3 100755 --- a/usr/local/www/status_wireless.php +++ b/usr/local/www/status_wireless.php @@ -115,7 +115,7 @@ display_top_tabs($tab_array); /* Split by Mac address for the SSID Field */ $split = preg_split("/([0-9a-f][[0-9a-f]\:[0-9a-f][[0-9a-f]\:[0-9a-f][[0-9a-f]\:[0-9a-f][[0-9a-f]\:[0-9a-f][[0-9a-f]\:[0-9a-f][[0-9a-f])/i", $state); preg_match("/([0-9a-f][[0-9a-f]\:[0-9a-f][[0-9a-f]\:[0-9a-f][[0-9a-f]\:[0-9a-f][[0-9a-f]\:[0-9a-f][[0-9a-f]\:[0-9a-f][[0-9a-f])/i", $state, $bssid); - $ssid = $split[0]; + $ssid = htmlspecialchars($split[0]); $bssid = $bssid[0]; /* Split the rest by using spaces for this line using the 2nd part */ $split = preg_split("/[ ]+/i", $split[1]); diff --git a/usr/local/www/system_advanced_admin.php b/usr/local/www/system_advanced_admin.php index f34d1c7..2bdf7e2 100644 --- a/usr/local/www/system_advanced_admin.php +++ b/usr/local/www/system_advanced_admin.php @@ -3,7 +3,7 @@ /* system_advanced_admin.php part of pfSense - Copyright (C) 2005-2007 Scott Ullrich + Copyright (C) 2005-2010 Scott Ullrich Copyright (C) 2008 Shrew Soft Inc @@ -56,6 +56,7 @@ $pconfig['disablehttpredirect'] = isset($config['system']['webgui']['disablehttp $pconfig['disableconsolemenu'] = isset($config['system']['disableconsolemenu']); $pconfig['noantilockout'] = isset($config['system']['webgui']['noantilockout']); $pconfig['nodnsrebindcheck'] = isset($config['system']['webgui']['nodnsrebindcheck']); +$pconfig['nohttpreferercheck'] = isset($config['system']['webgui']['nohttpreferercheck']); $pconfig['althostnames'] = $config['system']['webgui']['althostnames']; $pconfig['enableserial'] = $config['system']['enableserial']; $pconfig['enablesshd'] = $config['system']['enablesshd']; @@ -140,6 +141,11 @@ if ($_POST) { else unset($config['system']['webgui']['nodnsrebindcheck']); + if ($_POST['nohttpreferercheck'] == "yes") + $config['system']['webgui']['nohttpreferercheck'] = true; + else + unset($config['system']['webgui']['nohttpreferercheck']); + if ($_POST['althostnames']) $config['system']['webgui']['althostnames'] = $_POST['althostnames']; else @@ -353,13 +359,25 @@ function prot_change() { <td width="78%" class="vtable"> <input name="althostnames" type="text" class="formfld unknown" id="althostnames" size="75" value="<?=htmlspecialchars($pconfig['althostnames']);?>"/> <br/> - <strong><?=gettext("Alternate Hostnames for DNS Rebinding Checks"); ?></strong> + <strong><?=gettext("Alternate Hostnames for DNS Rebinding and HTTP_REFERER Checks"); ?></strong> <br/> <?php echo gettext("Here you can specify alternate hostnames by which the router may be queried, to " . "bypass the DNS Rebinding Attack checks. Separate hostnames with spaces."); ?> </td> </tr> <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Browser HTTP_REFERER enforcement"); ?></td> + <td width="78%" class="vtable"> + <input name="nohttpreferercheck" type="checkbox" id="nohttpreferercheck" value="yes" <?php if ($pconfig['nohttpreferercheck']) echo "checked"; ?> /> + <strong><?=gettext("Disable HTTP_REFERER enforcement check"); ?></strong> + <br/> + <?php echo gettext("When this is unchecked, access to the webConfigurator " . + "is protected against HTTP_REFERER redirection attempts. " . + "Check this box to disable this protection if you find that it interferes with " . + "webConfigurator access in certain corner cases such as using 3rd party scripts to interact with pfSense. More information on HTTP_REFERER is available from <a target='_new' href='http://en.wikipedia.org/wiki/HTTP_referrer'>Wikipedia</a>."); ?> + </td> + </tr> + <tr> <td colspan="2" class="list" height="12"> </td> </tr> <tr> diff --git a/usr/local/www/system_authservers.php b/usr/local/www/system_authservers.php index 8a18ed6..fad6b34 100644 --- a/usr/local/www/system_authservers.php +++ b/usr/local/www/system_authservers.php @@ -429,7 +429,7 @@ function select_clicked() { <?php if (!isset($id)): ?> <input name="name" type="text" class="formfld unknown" id="name" size="20" value="<?=htmlspecialchars($pconfig['name']);?>"/> <?php else: ?> - <strong><?=$pconfig[name];?></strong> + <strong><?=htmlspecialchars($pconfig['name']);?></strong> <input name='name' type='hidden' id='name' value="<?=htmlspecialchars($pconfig['name']);?>"/> <?php endif; ?> </td> @@ -742,7 +742,7 @@ function select_clicked() { <?php include("fend.inc"); ?> <script type="text/javascript"> <!-- -server_typechange('<?=$pconfig['type'];?>'); +server_typechange('<?=htmlspecialchars($pconfig['type']);?>'); <?php if (!isset($id) || $pconfig['type'] == "ldap"): ?> ldap_bindchange(); ldap_urlchange(); diff --git a/usr/local/www/system_camanager.php b/usr/local/www/system_camanager.php index 8d60553..2662775 100644 --- a/usr/local/www/system_camanager.php +++ b/usr/local/www/system_camanager.php @@ -288,7 +288,7 @@ function method_change() { <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Certificate data");?></td> <td width="78%" class="vtable"> - <textarea name="cert" id="cert" cols="65" rows="7" class="formfld_cert"><?=$pconfig['cert'];?></textarea> + <textarea name="cert" id="cert" cols="65" rows="7" class="formfld_cert"><?=htmlspecialchars($pconfig['cert']);?></textarea> <br> <?=gettext("Paste a certificate in X.509 PEM format here.");?></td> </td> @@ -296,7 +296,7 @@ function method_change() { <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Certificate Private Key");?><br/><?=gettext("(optional)");?></td> <td width="78%" class="vtable"> - <textarea name="key" id="key" cols="65" rows="7" class="formfld_cert"><?=$pconfig['key'];?></textarea> + <textarea name="key" id="key" cols="65" rows="7" class="formfld_cert"><?=htmlspecialchars($pconfig['key']);?></textarea> <br> <?=gettext("Paste the private key for the above certificate here. This is optional in most cases, but required if you need to generate a Certificate Revocation List (CRL).");?></td> </td> diff --git a/usr/local/www/system_certmanager.php b/usr/local/www/system_certmanager.php index a3395c9..36a11bb 100644 --- a/usr/local/www/system_certmanager.php +++ b/usr/local/www/system_certmanager.php @@ -457,7 +457,7 @@ function internalca_change() { <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Certificate data");?></td> <td width="78%" class="vtable"> - <textarea name="cert" id="cert" cols="65" rows="7" class="formfld_cert"><?=$pconfig['cert'];?></textarea> + <textarea name="cert" id="cert" cols="65" rows="7" class="formfld_cert"><?=htmlspecialchars($pconfig['cert']);?></textarea> <br> <?=gettext("Paste a certificate in X.509 PEM format here.");?></td> </td> @@ -465,7 +465,7 @@ function internalca_change() { <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Private key data");?></td> <td width="78%" class="vtable"> - <textarea name="key" id="key" cols="65" rows="7" class="formfld_cert"><?=$pconfig['key'];?></textarea> + <textarea name="key" id="key" cols="65" rows="7" class="formfld_cert"><?=htmlspecialchars($pconfig['key']);?></textarea> <br> <?=gettext("Paste a private key in X.509 PEM format here.");?></td> </td> @@ -758,7 +758,7 @@ function internalca_change() { <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Signing Request data");?></td> <td width="78%" class="vtable"> - <textarea name="csr" id="csr" cols="65" rows="7" class="formfld_cert" readonly><?=$pconfig['csr'];?></textarea> + <textarea name="csr" id="csr" cols="65" rows="7" class="formfld_cert" readonly><?=htmlspecialchars($pconfig['csr']);?></textarea> <br> <?=gettext("Copy the certificate signing data from here and forward it to your certificate authority for signing.");?></td> </td> @@ -766,7 +766,7 @@ function internalca_change() { <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Final Certificate data");?></td> <td width="78%" class="vtable"> - <textarea name="cert" id="cert" cols="65" rows="7" class="formfld_cert"><?=$pconfig['cert'];?></textarea> + <textarea name="cert" id="cert" cols="65" rows="7" class="formfld_cert"><?=htmlspecialchars($pconfig['cert']);?></textarea> <br> <?=gettext("Paste the certificate received from your cerificate authority here.");?></td> </td> diff --git a/usr/local/www/system_crlmanager.php b/usr/local/www/system_crlmanager.php index 201fba7..9a78cb6 100644 --- a/usr/local/www/system_crlmanager.php +++ b/usr/local/www/system_crlmanager.php @@ -67,33 +67,37 @@ if (!is_array($config['crl'])) $a_crl =& $config['crl']; +foreach ($a_crl as $cid => $acrl) + if (!isset($acrl['refid'])) + unset ($a_crl[$cid]); + $act = $_GET['act']; if ($_POST['act']) $act = $_POST['act']; -if ($act == "del") { +if (!empty($id)) + $thiscrl =& lookup_crl($id); - if (!$a_crl[$id]) { - pfSenseHeader("system_crlmanager.php"); - exit; - } - if (crl_in_use($a_crl[$id]['refid'])) { +// If we were given an invalid crlref in the id, no sense in continuing as it would only cause errors. +if (!$thiscrl && (($act != "") && ($act != "new"))) { + pfSenseHeader("system_crlmanager.php"); + $act=""; + $savemsg = gettext("Invalid CRL reference."); +} + +if ($act == "del") { + $name = $thiscrl['descr']; + if (crl_in_use($id)) { $savemsg = sprintf(gettext("Certificate Revocation List %s is in use and cannot be deleted"), $name) . "<br/>"; } else { - $name = $a_crl[$id]['descr']; - unset($a_crl[$id]); + foreach ($a_crl as $cid => $acrl) + if ($acrl['refid'] == $thiscrl['refid']) + unset($a_crl[$cid]); write_config("Deleted CRL {$name}."); $savemsg = sprintf(gettext("Certificate Revocation List %s successfully deleted"), $name) . "<br/>"; } } -if ($act == "edit") { - if (!$a_crl[$id]) { - pfSenseHeader("system_crlmanager.php"); - exit; - } -} - if ($act == "new") { $pconfig['method'] = $_GET['method']; $pconfig['caref'] = $_GET['caref']; @@ -102,14 +106,8 @@ if ($act == "new") { } if ($act == "exp") { - - if (!$a_crl[$id]) { - pfSenseHeader("system_crlmanager.php"); - exit; - } - - $exp_name = urlencode("{$a_crl[$id]['descr']}.crl"); - $exp_data = base64_decode($a_crl[$id]['text']); + $exp_name = urlencode("{$thiscrl['descr']}.crl"); + $exp_data = base64_decode($thiscrl['text']); $exp_size = strlen($exp_data); header("Content-Type: application/octet-stream"); @@ -157,19 +155,31 @@ if ($act == "addcert") { } if ($act == "delcert") { - $crl =& lookup_crl($_GET['crlref']); - if (!$crl['cert'][$id]) { + if (!is_array($thiscrl['cert'])) { pfSenseHeader("system_crlmanager.php"); exit; } - $name = $crl['cert'][$id]['descr']; - cert_unrevoke($crl['cert'][$id], $crl); - write_config("Deleted Cert {$name} from CRL {$crl['descr']}."); - $savemsg = sprintf(gettext("Deleted Certificate %s from CRL %s"), $name, $crl['descr']) . "<br/>"; - require_once('openvpn.inc'); - openvpn_refresh_crls(); - pfSenseHeader("system_crlmanager.php"); - exit; + $found = false; + foreach ($thiscrl['cert'] as $acert) { + if ($acert['refid'] == $_GET['certref']) { + $found = true; + $thiscert = $acert; + } + } + if (!$found) { + pfSenseHeader("system_crlmanager.php"); + exit; + } + $name = $thiscert['descr']; + if (cert_unrevoke($thiscert, $thiscrl)) { + write_config(sprintf(gettext("Deleted Certificate %s from CRL %s"), $name, $thiscrl['descr'])); + $savemsg = sprintf(gettext("Deleted Certificate %s from CRL %s"), $name, $thiscrl['descr']) . "<br/>"; + require_once('openvpn.inc'); + openvpn_refresh_crls(); + } else { + $savemsg = sprintf(gettext("Failed to delete Certificate %s from CRL %s"), $name, $thiscrl['descr']) . "<br/>"; + } + $act="edit"; } if ($_POST) { @@ -206,8 +216,8 @@ if ($_POST) { $crl = array(); $crl['refid'] = uniqid(); - if (isset($id) && $a_crl[$id]) - $crl = $a_crl[$id]; + if ($thiscrl) + $crl =& $thiscrl; $crl['descr'] = $pconfig['descr']; $crl['caref'] = $pconfig['caref']; @@ -222,9 +232,7 @@ if ($_POST) { $crl['cert'] = array(); } - if (isset($id) && $a_crl[$id]) - $a_crl[$id] = $crl; - else + if (!$thiscrl) $a_crl[] = $crl; write_config("Saved CRL {$crl['caref']}"); @@ -336,7 +344,7 @@ function method_change() { <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("CRL data");?></td> <td width="78%" class="vtable"> - <textarea name="cert" id="cert" cols="65" rows="7" class="formfld_crl"><?=$pconfig['crltext'];?></textarea> + <textarea name="crltext" id="crltext" cols="65" rows="7" class="formfld_crl"><?=$pconfig['crltext'];?></textarea> <br> <?=gettext("Paste a Certificate Revocation List in X.509 CRL format here.");?></td> </td> @@ -373,7 +381,7 @@ function method_change() { <td width="22%" valign="top"> </td> <td width="78%"> <input id="submit" name="save" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" /> - <?php if (isset($id) && $a_crl[$id]): ?> + <?php if (isset($id) && $thiscrl): ?> <input name="id" type="hidden" value="<?=$id;?>" /> <?php endif;?> </td> @@ -381,7 +389,7 @@ function method_change() { </table> </form> <?php elseif ($act == "edit"): ?> - <?php $crl = $a_crl[$id]; ?> + <?php $crl = $thiscrl; ?> <form action="system_crlmanager.php" method="post" name="iform" id="iform"> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <thead> @@ -420,7 +428,7 @@ function method_change() { <?php echo date("D M j G:i:s T Y", $cert["revoke_time"]); ?> </td> <td class="list"> - <a href="system_crlmanager.php?act=delcert&crlref=<?php echo $crl['refid']; ?>&id=<?php echo $i; ?>" onclick="return confirm('<?=gettext("Do you really want to delete this Certificate from the CRL?");?>')"> + <a href="system_crlmanager.php?act=delcert&id=<?php echo $crl['refid']; ?>&certref=<?php echo $cert['refid']; ?>" onclick="return confirm('<?=gettext("Do you really want to delete this Certificate from the CRL?");?>')"> <img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("Delete this certificate from the CRL ");?>" alt="<?=gettext("Delete this certificate from the CRL ");?>" width="17" height="17" border="0" /> </a> </td> @@ -458,6 +466,7 @@ function method_change() { </select> <input name="act" type="hidden" value="addcert" /> <input name="crlref" type="hidden" value="<?=$crl['refid'];?>" /> + <input name="id" type="hidden" value="<?=$crl['refid'];?>" /> <input id="submit" name="add" type="submit" class="formbtn" value="<?=gettext("Add"); ?>" /> </td> <td class="list"> </td> @@ -528,16 +537,16 @@ function method_change() { <td class="listr"><?php echo ($internal) ? count($tmpcrl['cert']) : "Unknown (imported)"; ?></td> <td class="listr"><?php echo ($inuse) ? "YES" : "NO"; ?></td> <td valign="middle" nowrap class="list"> - <a href="system_crlmanager.php?act=exp&id=<?=$i;?>")"> + <a href="system_crlmanager.php?act=exp&id=<?=$tmpcrl['refid'];?>")"> <img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="<?=gettext("Export CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" alt="<?=gettext("Export CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" width="17" height="17" border="0" /> </a> <?php if ($internal): ?> - <a href="system_crlmanager.php?act=edit&id=<?=$i;?>")"> - <img src="/themes/<?= $g['theme'];?>/images/icons/icon_e.gif" title="<?=gettext("Export CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" alt="<?=gettext("Edit CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" width="17" height="17" border="0" /> + <a href="system_crlmanager.php?act=edit&id=<?=$tmpcrl['refid'];?>")"> + <img src="/themes/<?= $g['theme'];?>/images/icons/icon_e.gif" title="<?=gettext("Edit CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" alt="<?=gettext("Edit CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" width="17" height="17" border="0" /> </a> <?php endif; ?> <?php if (!$inuse): ?> - <a href="system_crlmanager.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this Certificate Revocation List?") . ' (' . htmlspecialchars($tmpcrl['descr']) . ')';?>')"> + <a href="system_crlmanager.php?act=del&id=<?=$tmpcrl['refid'];?>" onclick="return confirm('<?=gettext("Do you really want to delete this Certificate Revocation List?") . ' (' . htmlspecialchars($tmpcrl['descr']) . ')';?>')"> <img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("Delete CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" alt="<?=gettext("Delete CRL") . " " . htmlspecialchars($tmpcrl['descr']); ?>" width="17" height="17" border="0" /> </a> <?php endif; ?> diff --git a/usr/local/www/system_firmware_settings.php b/usr/local/www/system_firmware_settings.php index 216604a..ea3c215 100755 --- a/usr/local/www/system_firmware_settings.php +++ b/usr/local/www/system_firmware_settings.php @@ -57,11 +57,19 @@ if ($_POST) { else unset($config['system']['firmware']['allowinvalidsig']); + if($_POST['synconupgrade'] == "yes") + $config['system']['gitsync']['synconupgrade'] = true; + else + unset($config['system']['gitsync']['synconupgrade']); + $config['system']['gitsync']['repositoryurl'] = $_POST['repositoryurl']; + $config['system']['gitsync']['branch'] = $_POST['branch']; + write_config(); } } $curcfg = $config['system']['firmware']; +$gitcfg = $config['system']['gitsync']; $pgtitle = array(gettext("System"),gettext("Firmware"),gettext("Settings")); include("head.inc"); @@ -156,6 +164,36 @@ function enable_altfirmwareurl(enable_over) { <?=gettext("Allow updating the system with auto-updater and images with no signature."); ?> </td> </tr> +<?php if(file_exists("/usr/local/bin/git")): ?> + <tr> + <td colspan="2" class="list" height="12"> </td> + </tr> + <tr> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Gitsync"); ?></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Auto sync on update"); ?></td> + <td width="78%" class="vtable"> + <input name="synconupgrade" type="checkbox" id="synconupgrade" value="yes" <?php if (isset($gitcfg['synconupgrade'])) echo "checked"; ?> /> + <br /> + <?=gettext("After updating, sync with the following repository/branch before reboot."); ?> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Repository URL"); ?></td> + <td width="78%" class="vtable"> + <input name="repositoryurl" type="input" class="formfld url" id="repositoryurl" size="64" value="<?php if ($gitcfg['repositoryurl']) echo $gitcfg['repositoryurl']; ?>"> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Branch name"); ?></td> + <td width="78%" class="vtable"> + <input name="branch" type="input" class="formfld unknown" id="branch" size="64" value="<?php if ($gitcfg['branch']) echo $gitcfg['branch']; ?>"> + <br /> + <?=gettext("Sync will not be performed if a branch is not specified."); ?> + </td> + </tr> +<?php endif; ?> <script>enable_altfirmwareurl();</script> <tr> <td width="22%" valign="top"> </td> diff --git a/usr/local/www/system_gateway_groups_edit.php b/usr/local/www/system_gateway_groups_edit.php index f0e5619..10f001e 100755 --- a/usr/local/www/system_gateway_groups_edit.php +++ b/usr/local/www/system_gateway_groups_edit.php @@ -222,7 +222,7 @@ value="<?=htmlspecialchars($pconfig['descr']);?>"> <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>"> <input type="button" value="<?=gettext("Cancel"); ?>" class="formbtn" onclick="history.back()"> <?php if (isset($id) && $a_gateway_groups[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/system_gateways_edit.php b/usr/local/www/system_gateways_edit.php index 166e6ab..6de6a8b 100755 --- a/usr/local/www/system_gateways_edit.php +++ b/usr/local/www/system_gateways_edit.php @@ -443,7 +443,7 @@ function show_advanced_gateway() { <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>"> <input type="button" value="<?=gettext("Cancel");?>" class="formbtn" onclick="history.back()"> <?php if (isset($id) && $a_gateways[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/system_groupmanager.php b/usr/local/www/system_groupmanager.php index d3978f0..4bf1c25 100644 --- a/usr/local/www/system_groupmanager.php +++ b/usr/local/www/system_groupmanager.php @@ -262,7 +262,7 @@ function presubmit() { <td width="22%" valign="top" class="vncell"><?=gettext("Defined by");?></td> <td width="78%" class="vtable"> <strong><?=strtoupper($pconfig['gtype']);?></strong> - <input name="gtype" type="hidden" value="<?=$pconfig['gtype']?>"/> + <input name="gtype" type="hidden" value="<?=htmlspecialchars($pconfig['gtype'])?>"/> </td> </tr> <tr> @@ -360,7 +360,7 @@ function presubmit() { <?=htmlspecialchars($priv_list[$priv]['descr']);?> </td> <td valign="middle" nowrap class="list"> - <a href="system_groupmanager.php?act=delpriv&id=<?=$id?>&privid=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this privilege?");?>')"> + <a href="system_groupmanager.php?act=delpriv&id=<?=htmlspecialchars($id)?>&privid=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this privilege?");?>')"> <img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" alt="" /> </a> </td> @@ -373,7 +373,7 @@ function presubmit() { <tr> <td class="list" colspan="2"></td> <td class="list"> - <a href="system_groupmanager_addprivs.php?groupid=<?=$id?>"> + <a href="system_groupmanager_addprivs.php?groupid=<?=htmlspecialchars($id)?>"> <img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" alt="" /> </a> @@ -389,8 +389,8 @@ function presubmit() { <td width="78%"> <input name="save" type="submit" class="formbtn" value="<?=gettext("Save");?>"> <?php if (isset($id) && $a_group[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> - <input name="gid" type="hidden" value="<?=$pconfig['gid'];?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> + <input name="gid" type="hidden" value="<?=htmlspecialchars($pconfig['gid']);?>"> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/system_routes_edit.php b/usr/local/www/system_routes_edit.php index d48c542..89f2288 100755 --- a/usr/local/www/system_routes_edit.php +++ b/usr/local/www/system_routes_edit.php @@ -260,7 +260,7 @@ include("head.inc"); <td width="78%"> <input id="save" name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>"> <input id="cancel" type="button" value="<?=gettext("Cancel"); ?>" class="formbtn" onclick="history.back()"> <?php if (isset($id) && $a_routes[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/system_usermanager.php b/usr/local/www/system_usermanager.php index 34fe611..9256c40 100644 --- a/usr/local/www/system_usermanager.php +++ b/usr/local/www/system_usermanager.php @@ -466,7 +466,7 @@ function sshkeyClicked(obj) { <td width="22%" valign="top" class="vncell"><?=gettext("Defined by");?></td> <td width="78%" class="vtable"> <strong><?=strtoupper($pconfig['utype']);?></strong> - <input name="utype" type="hidden" value="<?=$pconfig['utype']?>"/> + <input name="utype" type="hidden" value="<?=htmlspecialchars($pconfig['utype'])?>"/> </td> </tr> <tr> @@ -504,7 +504,7 @@ function sshkeyClicked(obj) { <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Expiration date"); ?></td> <td width="78%" class="vtable"> - <input name="expires" type="text" class="formfld unknown" id="expires" size="10" value="<?=$pconfig['expires'];?>"> + <input name="expires" type="text" class="formfld unknown" id="expires" size="10" value="<?=htmlspecialchars($pconfig['expires']);?>"> <a href="javascript:NewCal('expires','mmddyyyy')"> <img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_cal.gif" width="16" height="16" border="0" alt="<?=gettext("Pick a date");?>"> </a> @@ -708,7 +708,7 @@ function sshkeyClicked(obj) { <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Descriptive name");?></td> <td width="78%" class="vtable"> - <input name="descr" type="text" class="formfld unknown" id="descr" size="20" value="<?=htmlspecialchars($pconfig['descr']);?>"/> + <input name="name" type="text" class="formfld unknown" id="name" size="20" value="<?=htmlspecialchars($pconfig['name']);?>"/> </td> </tr> <tr> diff --git a/usr/local/www/vpn_ipsec_keys_edit.php b/usr/local/www/vpn_ipsec_keys_edit.php index 020ca27..343d0d8 100644 --- a/usr/local/www/vpn_ipsec_keys_edit.php +++ b/usr/local/www/vpn_ipsec_keys_edit.php @@ -127,7 +127,7 @@ include("head.inc"); <tr> <td valign="top" class="vncellreq"><?=gettext("Identifier"); ?></td> <td class="vtable"> - <?=$mandfldhtml;?><input name="ident" type="text" class="formfld unknown" id="ident" size="30" value="<?=$pconfig['ident'];?>"> + <?=$mandfldhtml;?><input name="ident" type="text" class="formfld unknown" id="ident" size="30" value="<?=htmlspecialchars($pconfig['ident']);?>"> <br> <?=gettext("This can be either an IP address, fully qualified domain name or an e-mail address"); ?>. </td> @@ -143,7 +143,7 @@ include("head.inc"); <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>"> <?php if (isset($id) && $a_secret[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/vpn_ipsec_mobile.php b/usr/local/www/vpn_ipsec_mobile.php index 384d34b..4e9c537 100755 --- a/usr/local/www/vpn_ipsec_mobile.php +++ b/usr/local/www/vpn_ipsec_mobile.php @@ -394,7 +394,7 @@ function login_banner_change() { <tr> <td> <?=gettext("Network"); ?>: - <input name="pool_address" type="text" class="formfld unknown" id="pool_address" size="20" value="<?=$pconfig['pool_address'];?>"> + <input name="pool_address" type="text" class="formfld unknown" id="pool_address" size="20" value="<?=htmlspecialchars($pconfig['pool_address']);?>"> / <select name="pool_netbits" class="formselect" id="pool_netbits"> <?php for ($i = 32; $i >= 0; $i--): ?> @@ -482,25 +482,25 @@ function login_banner_change() { <tr> <td> <?=gettext("Server"); ?> #1: - <input name="dns_server1" type="text" class="formfld unknown" id="dns_server1" size="20" value="<?=$pconfig['dns_server1'];?>"> + <input name="dns_server1" type="text" class="formfld unknown" id="dns_server1" size="20" value="<?=htmlspecialchars($pconfig['dns_server1']);?>"> </td> </tr> <tr> <td> <?=gettext("Server"); ?> #2: - <input name="dns_server2" type="text" class="formfld unknown" id="dns_server2" size="20" value="<?=$pconfig['dns_server2'];?>"> + <input name="dns_server2" type="text" class="formfld unknown" id="dns_server2" size="20" value="<?=htmlspecialchars($pconfig['dns_server2']);?>"> </td> </tr> <tr> <td> <?=gettext("Server"); ?> #3: - <input name="dns_server3" type="text" class="formfld unknown" id="dns_server3" size="20" value="<?=$pconfig['dns_server3'];?>"> + <input name="dns_server3" type="text" class="formfld unknown" id="dns_server3" size="20" value="<?=htmlspecialchars($pconfig['dns_server3']);?>"> </td> </tr> <tr> <td> <?=gettext("Server"); ?> #4: - <input name="dns_server4" type="text" class="formfld unknown" id="dns_server4" size="20" value="<?=$pconfig['dns_server4'];?>"> + <input name="dns_server4" type="text" class="formfld unknown" id="dns_server4" size="20" value="<?=htmlspecialchars($pconfig['dns_server4']);?>"> </td> </tr> </table> @@ -524,13 +524,13 @@ function login_banner_change() { <tr> <td> <?=gettext("Server"); ?> #1: - <input name="wins_server1" type="text" class="formfld unknown" id="wins_server1" size="20" value="<?=$pconfig['wins_server1'];?>"> + <input name="wins_server1" type="text" class="formfld unknown" id="wins_server1" size="20" value="<?=htmlspecialchars($pconfig['wins_server1']);?>"> </td> </tr> <tr> <td> <?=gettext("Server"); ?> #2: - <input name="wins_server2" type="text" class="formfld unknown" id="wins_server2" size="20" value="<?=$pconfig['wins_server2'];?>"> + <input name="wins_server2" type="text" class="formfld unknown" id="wins_server2" size="20" value="<?=htmlspecialchars($pconfig['wins_server2']);?>"> </td> </tr> </table> @@ -584,7 +584,7 @@ function login_banner_change() { <tr> <td> <?php $banner = htmlspecialchars($pconfig['login_banner']); ?> - <textarea name="login_banner" cols="65" rows="7" id="login_banner" class="formpre"><?=$banner;?></textarea> + <textarea name="login_banner" cols="65" rows="7" id="login_banner" class="formpre"><?=htmlspecialchars($banner);?></textarea> </td> </tr> </table> diff --git a/usr/local/www/vpn_ipsec_phase1.php b/usr/local/www/vpn_ipsec_phase1.php index c2ba332..c498858 100644 --- a/usr/local/www/vpn_ipsec_phase1.php +++ b/usr/local/www/vpn_ipsec_phase1.php @@ -527,7 +527,7 @@ function dpdchkbox_change() { <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Remote gateway"); ?></td> <td width="78%" class="vtable"> - <?=$mandfldhtml;?><input name="remotegw" type="text" class="formfld unknown" id="remotegw" size="20" value="<?=$pconfig['remotegw'];?>"> + <?=$mandfldhtml;?><input name="remotegw" type="text" class="formfld unknown" id="remotegw" size="20" value="<?=htmlspecialchars($pconfig['remotegw']);?>"> <br> <?=gettext("Enter the public IP address or host name of the remote gateway"); ?> </td> @@ -599,7 +599,7 @@ function dpdchkbox_change() { </option> <?php endforeach; ?> </select> - <input name="myid_data" type="text" class="formfld unknown" id="myid_data" size="30" value="<?=$pconfig['myid_data'];?>"> + <input name="myid_data" type="text" class="formfld unknown" id="myid_data" size="30" value="<?=htmlspecialchars($pconfig['myid_data']);?>"> </td> </tr> <tr id="opt_peerid"> @@ -616,7 +616,7 @@ function dpdchkbox_change() { </option> <?php endforeach; ?> </select> - <input name="peerid_data" type="text" class="formfld unknown" id="peerid_data" size="30" value="<?=$pconfig['peerid_data'];?>"> + <input name="peerid_data" type="text" class="formfld unknown" id="peerid_data" size="30" value="<?=htmlspecialchars($pconfig['peerid_data']);?>"> <?php if ($pconfig['mobile']) { ?> <br/><br/><?=gettext("NOTE: This is known as the \"group\" setting on some VPN client implementations"); ?>. <?php } ?> @@ -705,7 +705,7 @@ function dpdchkbox_change() { <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Lifetime"); ?></td> <td width="78%" class="vtable"> - <input name="lifetime" type="text" class="formfld unknown" id="lifetime" size="20" value="<?=$pconfig['lifetime'];?>"> + <input name="lifetime" type="text" class="formfld unknown" id="lifetime" size="20" value="<?=htmlspecialchars($pconfig['lifetime']);?>"> <?=gettext("seconds"); ?> </td> </tr> @@ -775,13 +775,13 @@ function dpdchkbox_change() { <?=gettext("Enable DPD"); ?><br> <div id="opt_dpd"> <br> - <input name="dpd_delay" type="text" class="formfld unknown" id="dpd_delay" size="5" value="<?=$pconfig['dpd_delay'];?>"> + <input name="dpd_delay" type="text" class="formfld unknown" id="dpd_delay" size="5" value="<?=htmlspecialchars($pconfig['dpd_delay']);?>"> <?=gettext("seconds"); ?><br> <span class="vexpl"> <?=gettext("Delay between requesting peer acknowledgement"); ?>. </span><br> <br> - <input name="dpd_maxfail" type="text" class="formfld unknown" id="dpd_maxfail" size="5" value="<?=$pconfig['dpd_maxfail'];?>"> + <input name="dpd_maxfail" type="text" class="formfld unknown" id="dpd_maxfail" size="5" value="<?=htmlspecialchars($pconfig['dpd_maxfail']);?>"> <?=gettext("retries"); ?><br> <span class="vexpl"> <?=gettext("Number of consecutive failures allowed before disconnect"); ?>. @@ -799,7 +799,7 @@ function dpdchkbox_change() { <?php if ($pconfig['mobile']): ?> <input name="mobile" type="hidden" value="true"> <?php endif; ?> - <input name="ikeid" type="hidden" value="<?=$pconfig['ikeid'];?>"> + <input name="ikeid" type="hidden" value="<?=htmlspecialchars($pconfig['ikeid']);?>"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>"> </td> </tr> diff --git a/usr/local/www/vpn_ipsec_phase2.php b/usr/local/www/vpn_ipsec_phase2.php index 824ba19..f8d601d 100644 --- a/usr/local/www/vpn_ipsec_phase2.php +++ b/usr/local/www/vpn_ipsec_phase2.php @@ -367,7 +367,7 @@ function change_protocol() { <td><?=gettext("Address:");?> </td> <td><?=$mandfldhtmlspc;?></td> <td> - <input name="localid_address" type="text" class="formfld unknown" id="localid_address" size="20" value="<?=$pconfig['localid_address'];?>"> + <input name="localid_address" type="text" class="formfld unknown" id="localid_address" size="20" value="<?=htmlspecialchars($pconfig['localid_address']);?>"> / <select name="localid_netbits" class="formselect" id="localid_netbits"> <?php for ($i = 32; $i >= 0; $i--): ?> @@ -402,7 +402,7 @@ function change_protocol() { <td><?=gettext("Address"); ?>: </td> <td><?=$mandfldhtmlspc;?></td> <td> - <input name="remoteid_address" type="text" class="formfld unknown" id="remoteid_address" size="20" value="<?=$pconfig['remoteid_address'];?>"> + <input name="remoteid_address" type="text" class="formfld unknown" id="remoteid_address" size="20" value="<?=htmlspecialchars($pconfig['remoteid_address']);?>"> / <select name="remoteid_netbits" class="formselect" id="remoteid_netbits"> <?php for ($i = 32; $i >= 0; $i--) { @@ -536,7 +536,7 @@ function change_protocol() { <select class="formselect" disabled> <option selected><?=$p2_pfskeygroups[$a_client['pfs_group']];?></option> </select> - <input name="pfsgroup" type="hidden" value="<?=$pconfig['pfsgroup'];?>"> + <input name="pfsgroup" type="hidden" value="<?=htmlspecialchars($pconfig['pfsgroup']);?>"> <br> <span class="vexpl"><em><?=gettext("Set globally in mobile client options"); ?></em></span> <?php endif; ?> @@ -545,7 +545,7 @@ function change_protocol() { <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Lifetime"); ?></td> <td width="78%" class="vtable"> - <input name="lifetime" type="text" class="formfld unknown" id="lifetime" size="20" value="<?=$pconfig['lifetime'];?>"> + <input name="lifetime" type="text" class="formfld unknown" id="lifetime" size="20" value="<?=htmlspecialchars($pconfig['lifetime']);?>"> <?=gettext("seconds"); ?> </td> </tr> @@ -558,7 +558,7 @@ function change_protocol() { <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Automatically ping host"); ?></td> <td width="78%" class="vtable"> - <input name="pinghost" type="text" class="formfld unknown" id="pinghost" size="20" value="<?=$pconfig['pinghost'];?>"> + <input name="pinghost" type="text" class="formfld unknown" id="pinghost" size="20" value="<?=htmlspecialchars($pconfig['pinghost']);?>"> <?=gettext("IP address"); ?> </td> </tr> @@ -573,7 +573,7 @@ function change_protocol() { <input name="remoteid_type" type="hidden" value="mobile"> <?php endif; ?> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>"> - <input name="ikeid" type="hidden" value="<?=$pconfig['ikeid'];?>"> + <input name="ikeid" type="hidden" value="<?=htmlspecialchars($pconfig['ikeid']);?>"> </td> </tr> </table> @@ -584,11 +584,11 @@ function change_protocol() { </form> <script lannguage="JavaScript"> <!-- -change_mode('<?=$pconfig['mode']?>'); -change_protocol('<?=$pconfig['proto']?>'); -typesel_change_local(<?=$pconfig['localid_netbits']?>); +change_mode('<?=htmlspecialchars($pconfig['mode'])?>'); +change_protocol('<?=htmlspecialchars($pconfig['proto'])?>'); +typesel_change_local(<?=htmlspecialchars($pconfig['localid_netbits'])?>); <?php if (!isset($pconfig['mobile'])): ?> -typesel_change_remote(<?=$pconfig['remoteid_netbits']?>); +typesel_change_remote(<?=htmlspecialchars($pconfig['remoteid_netbits'])?>); <?php endif; ?> //--> </script> diff --git a/usr/local/www/vpn_l2tp_users_edit.php b/usr/local/www/vpn_l2tp_users_edit.php index 31a33b7..5c4cdc3 100644 --- a/usr/local/www/vpn_l2tp_users_edit.php +++ b/usr/local/www/vpn_l2tp_users_edit.php @@ -176,7 +176,7 @@ include("head.inc"); <input id="submit" name="Submit" type="submit" class="formbtn" value="<?=gettext('Save');?>" /> <input id="cancelbutton" name="cancelbutton" type="button" class="formbtn" value="<?=gettext("Cancel");?>" onclick="history.back()" /> <?php if (isset($id) && $a_secret[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>" /> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" /> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/vpn_openvpn_client.php b/usr/local/www/vpn_openvpn_client.php index 4b23c95..04bbeb9 100644 --- a/usr/local/www/vpn_openvpn_client.php +++ b/usr/local/www/vpn_openvpn_client.php @@ -46,6 +46,21 @@ if (!is_array($config['openvpn']['openvpn-client'])) $a_client = &$config['openvpn']['openvpn-client']; +if (!is_array($config['ca'])) + $config['ca'] = array(); + +$a_ca =& $config['ca']; + +if (!is_array($config['cert'])) + $config['cert'] = array(); + +$a_cert =& $config['cert']; + +if (!is_array($config['crl'])) + $config['crl'] = array(); + +$a_crl =& $config['crl']; + $id = $_GET['id']; if (isset($_POST['id'])) $id = $_POST['id']; @@ -331,10 +346,17 @@ function autotls_change() { //--> </script> <?php - if ($input_errors) - print_input_errors($input_errors); - if ($savemsg) - print_info_box($savemsg); +if (!$savemsg) + $savemsg = ""; +if (count($a_ca) == 0) + $savemsg .= "You have no Certificate Authorities defined. You must visit the <a href=\"system_camanager.php\">Certificate Manager</a> to make one."; +if (count($a_cert) == 0) + $savemsg .= "<br/>You have no Certificates defined. You must visit the <a href=\"system_camanager.php\">Certificate Manager</a> to make one."; + +if ($input_errors) + print_input_errors($input_errors); +if ($savemsg) + print_info_box($savemsg); ?> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> @@ -610,7 +632,7 @@ function autotls_change() { <td width="78%" class="vtable"> <select name='caref' class="formselect"> <?php - foreach ($config['ca'] as $ca): + foreach ($a_ca as $ca): $selected = ""; if ($pconfig['caref'] == $ca['refid']) $selected = "selected"; @@ -625,7 +647,7 @@ function autotls_change() { <td width="78%" class="vtable"> <select name='certref' class="formselect"> <?php - foreach ($config['cert'] as $cert): + foreach ($a_cert as $cert): $selected = ""; $caname = ""; $inuse = ""; @@ -787,7 +809,7 @@ function autotls_change() { <table border="0" cellpadding="2" cellspacing="0"> <tr> <td> - <textarea rows="6" cols="78" name="custom_options" id="custom_options"><?=$pconfig['custom_options'];?></textarea><br/> + <textarea rows="6" cols="78" name="custom_options" id="custom_options"><?=htmlspecialchars($pconfig['custom_options']);?></textarea><br/> <?=gettext("Enter any additional options you would like to add to the OpenVPN client configuration here, separated by a semicolon"); ?><br/> <?=gettext("EXAMPLE: route 10.0.0.0 255.255.255.0;"); ?> </td> diff --git a/usr/local/www/vpn_openvpn_csc.php b/usr/local/www/vpn_openvpn_csc.php index e23b202..e980332 100644 --- a/usr/local/www/vpn_openvpn_csc.php +++ b/usr/local/www/vpn_openvpn_csc.php @@ -476,7 +476,7 @@ function netbios_change() { <span class="vexpl"> <?=gettext("Server"); ?> #1: </span> - <input name="dns_server1" type="text" class="formfld unknown" id="dns_server1" size="20" value="<?=$pconfig['dns_server1'];?>"> + <input name="dns_server1" type="text" class="formfld unknown" id="dns_server1" size="20" value="<?=htmlspecialchars($pconfig['dns_server1']);?>"> </td> </tr> <tr> @@ -484,7 +484,7 @@ function netbios_change() { <span class="vexpl"> <?=gettext("Server"); ?> #2: </span> - <input name="dns_server2" type="text" class="formfld unknown" id="dns_server2" size="20" value="<?=$pconfig['dns_server2'];?>"> + <input name="dns_server2" type="text" class="formfld unknown" id="dns_server2" size="20" value="<?=htmlspecialchars($pconfig['dns_server2']);?>"> </td> </tr> <tr> @@ -492,7 +492,7 @@ function netbios_change() { <span class="vexpl"> <?=gettext("Server"); ?> #3: </span> - <input name="dns_server3" type="text" class="formfld unknown" id="dns_server3" size="20" value="<?=$pconfig['dns_server3'];?>"> + <input name="dns_server3" type="text" class="formfld unknown" id="dns_server3" size="20" value="<?=htmlspecialchars($pconfig['dns_server3']);?>"> </td> </tr> <tr> @@ -500,7 +500,7 @@ function netbios_change() { <span class="vexpl"> <?=gettext("Server"); ?> #4: </span> - <input name="dns_server4" type="text" class="formfld unknown" id="dns_server4" size="20" value="<?=$pconfig['dns_server4'];?>"> + <input name="dns_server4" type="text" class="formfld unknown" id="dns_server4" size="20" value="<?=htmlspecialchars($pconfig['dns_server4']);?>"> </td> </tr> </table> diff --git a/usr/local/www/vpn_openvpn_server.php b/usr/local/www/vpn_openvpn_server.php index ca6c261..7cb4332 100644 --- a/usr/local/www/vpn_openvpn_server.php +++ b/usr/local/www/vpn_openvpn_server.php @@ -46,6 +46,25 @@ if (!is_array($config['openvpn']['openvpn-server'])) $a_server = &$config['openvpn']['openvpn-server']; +if (!is_array($config['ca'])) + $config['ca'] = array(); + +$a_ca =& $config['ca']; + +if (!is_array($config['cert'])) + $config['cert'] = array(); + +$a_cert =& $config['cert']; + +if (!is_array($config['crl'])) + $config['crl'] = array(); + +$a_crl =& $config['crl']; + +foreach ($a_crl as $cid => $acrl) + if (!isset($acrl['refid'])) + unset ($a_crl[$cid]); + $id = $_GET['id']; if (isset($_POST['id'])) $id = $_POST['id']; @@ -526,10 +545,17 @@ function netbios_change() { //--> </script> <?php - if ($input_errors) - print_input_errors($input_errors); - if ($savemsg) - print_info_box($savemsg); +if (!$savemsg) + $savemsg = ""; +if (count($a_ca) == 0) + $savemsg .= "You have no Certificate Authorities defined. You must visit the <a href=\"system_camanager.php\">Certificate Manager</a> to make one."; +if (count($a_cert) == 0) + $savemsg .= "<br/>You have no Certificates defined. You must visit the <a href=\"system_camanager.php\">Certificate Manager</a> to make one."; + +if ($input_errors) + print_input_errors($input_errors); +if ($savemsg) + print_info_box_np($savemsg); ?> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> @@ -716,7 +742,7 @@ function netbios_change() { <td width="78%" class="vtable"> <select name='caref' class="formselect"> <?php - foreach ($config['ca'] as $ca): + foreach ($a_ca as $ca): $selected = ""; if ($pconfig['caref'] == $ca['refid']) $selected = "selected"; @@ -732,7 +758,7 @@ function netbios_change() { <select name='crlref' class="formselect"> <option value="">None</option> <?php - foreach ($config['crl'] as $crl): + foreach ($a_crl as $crl): if (is_crl_internal($crl) && (count($crl['cert']) <= 0)) continue; $selected = ""; @@ -749,7 +775,7 @@ function netbios_change() { <td width="78%" class="vtable"> <select name='certref' class="formselect"> <?php - foreach ($config['cert'] as $cert): + foreach ($a_cert as $cert): $selected = ""; $caname = ""; $inuse = ""; @@ -1073,7 +1099,7 @@ function netbios_change() { <span class="vexpl"> <?=gettext("Server"); ?> #1: </span> - <input name="dns_server1" type="text" class="formfld unknown" id="dns_server1" size="20" value="<?=$pconfig['dns_server1'];?>"> + <input name="dns_server1" type="text" class="formfld unknown" id="dns_server1" size="20" value="<?=htmlspecialchars($pconfig['dns_server1']);?>"> </td> </tr> <tr> @@ -1081,7 +1107,7 @@ function netbios_change() { <span class="vexpl"> <?=gettext("Server"); ?> #2: </span> - <input name="dns_server2" type="text" class="formfld unknown" id="dns_server2" size="20" value="<?=$pconfig['dns_server2'];?>"> + <input name="dns_server2" type="text" class="formfld unknown" id="dns_server2" size="20" value="<?=htmlspecialchars($pconfig['dns_server2']);?>"> </td> </tr> <tr> @@ -1089,7 +1115,7 @@ function netbios_change() { <span class="vexpl"> <?=gettext("Server"); ?> #3: </span> - <input name="dns_server3" type="text" class="formfld unknown" id="dns_server3" size="20" value="<?=$pconfig['dns_server3'];?>"> + <input name="dns_server3" type="text" class="formfld unknown" id="dns_server3" size="20" value="<?=htmlspecialchars($pconfig['dns_server3']);?>"> </td> </tr> <tr> @@ -1097,7 +1123,7 @@ function netbios_change() { <span class="vexpl"> <?=gettext("Server"); ?> #4: </span> - <input name="dns_server4" type="text" class="formfld unknown" id="dns_server4" size="20" value="<?=$pconfig['dns_server4'];?>"> + <input name="dns_server4" type="text" class="formfld unknown" id="dns_server4" size="20" value="<?=htmlspecialchars($pconfig['dns_server4']);?>"> </td> </tr> </table> @@ -1125,7 +1151,7 @@ function netbios_change() { <span class="vexpl"> <?=gettext("Server"); ?> #1: </span> - <input name="ntp_server1" type="text" class="formfld unknown" id="ntp_server1" size="20" value="<?=$pconfig['ntp_server1'];?>"> + <input name="ntp_server1" type="text" class="formfld unknown" id="ntp_server1" size="20" value="<?=htmlspecialchars($pconfig['ntp_server1']);?>"> </td> </tr> <tr> @@ -1133,7 +1159,7 @@ function netbios_change() { <span class="vexpl"> <?=gettext("Server"); ?> #2: </span> - <input name="ntp_server2" type="text" class="formfld unknown" id="ntp_server2" size="20" value="<?=$pconfig['ntp_server2'];?>"> + <input name="ntp_server2" type="text" class="formfld unknown" id="ntp_server2" size="20" value="<?=htmlspecialchars($pconfig['ntp_server2']);?>"> </td> </tr> </table> @@ -1221,7 +1247,7 @@ function netbios_change() { <span class="vexpl"> <?=gettext("Server"); ?> #1: </span> - <input name="wins_server1" type="text" class="formfld unknown" id="wins_server1" size="20" value="<?=$pconfig['wins_server1'];?>"> + <input name="wins_server1" type="text" class="formfld unknown" id="wins_server1" size="20" value="<?=htmlspecialchars($pconfig['wins_server1']);?>"> </td> </tr> <tr> @@ -1229,7 +1255,7 @@ function netbios_change() { <span class="vexpl"> <?=gettext("Server"); ?> #2: </span> - <input name="wins_server2" type="text" class="formfld unknown" id="wins_server2" size="20" value="<?=$pconfig['wins_server2'];?>"> + <input name="wins_server2" type="text" class="formfld unknown" id="wins_server2" size="20" value="<?=htmlspecialchars($pconfig['wins_server2']);?>"> </td> </tr> </table> @@ -1250,7 +1276,7 @@ function netbios_change() { <table border="0" cellpadding="2" cellspacing="0"> <tr> <td> - <textarea rows="6" cols="78" name="custom_options" id="custom_options"><?=$pconfig['custom_options'];?></textarea><br/> + <textarea rows="6" cols="78" name="custom_options" id="custom_options"><?=htmlspecialchars($pconfig['custom_options']);?></textarea><br/> <?=gettext("Enter any additional options you would like to add to the OpenVPN server configuration here, separated by a semicolon"); ?><br/> <?=gettext("EXAMPLE: push \"route 10.0.0.0 255.255.255.0\""); ?>; </td> diff --git a/usr/local/www/vpn_pppoe_edit.php b/usr/local/www/vpn_pppoe_edit.php index b04ed0c..6c94797 100755 --- a/usr/local/www/vpn_pppoe_edit.php +++ b/usr/local/www/vpn_pppoe_edit.php @@ -556,7 +556,7 @@ function enable_change(enable_over) { <input name="ip<?php echo $tracker; ?>" type="text" class="formfld unknown" id="ip<?php echo $tracker; ?>" size="10" value="<?=htmlspecialchars($ip);?>" /> </td> <td> - <input type="image" src="/themes/<?echo $g['theme'];?>/images/icons/icon_x.gif" onclick="removeRow(this); return false;" value="<?=gettext("Delete");?>" /> + <a onclick="removeRow(this); return false;" href="#"><img border="0" src="/themes/<?echo $g['theme'];?>/images/icons/icon_x.gif" /></a> </td> </tr> <?php diff --git a/usr/local/www/vpn_pptp_users_edit.php b/usr/local/www/vpn_pptp_users_edit.php index f159931..73ba7cc 100755 --- a/usr/local/www/vpn_pptp_users_edit.php +++ b/usr/local/www/vpn_pptp_users_edit.php @@ -167,7 +167,7 @@ include("head.inc"); <td class="vncell" width="78%"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>"> <?php if (isset($id) && $a_secret[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> </td> </tr> diff --git a/usr/local/www/widgets/widgets/system_information.widget.php b/usr/local/www/widgets/widgets/system_information.widget.php index aadd78e..b808fde 100644 --- a/usr/local/www/widgets/widgets/system_information.widget.php +++ b/usr/local/www/widgets/widgets/system_information.widget.php @@ -224,7 +224,7 @@ $curcfg = $config['system']['firmware']; <td width="25%" class="vncellt">SWAP usage</td> <td width="75%" class="listr"> <?php $swapusage = swap_usage(); ?> - <img src="./themes/<?= $g['theme']; ?>/images/misc/bar_left.gif" height="15" width="4" border="0" align="middle" alt="left bar" /><img src="./themes/<?= $g['theme']; ?>/images/misc/bar_blue.gif" height="15" width="<?= $swapUsage; ?>" border="0" align="middle" alt="red bar" /><img src="./themes/<?= $g['theme']; ?>/images/misc/bar_gray.gif" height="15" width="<?= (100 - $swapUsage); ?>" border="0" align="middle" alt="gray bar" /><img src="./themes/<?= $g['theme']; ?>/images/misc/bar_right.gif" height="15" width="5" border="0" align="middle" alt="right bar" /> + <img src="./themes/<?= $g['theme']; ?>/images/misc/bar_left.gif" height="15" width="4" border="0" align="middle" alt="left bar" /><img src="./themes/<?= $g['theme']; ?>/images/misc/bar_blue.gif" height="15" width="<?= $swapusage; ?>" border="0" align="middle" alt="red bar" /><img src="./themes/<?= $g['theme']; ?>/images/misc/bar_gray.gif" height="15" width="<?= (100 - $swapusage); ?>" border="0" align="middle" alt="gray bar" /><img src="./themes/<?= $g['theme']; ?>/images/misc/bar_right.gif" height="15" width="5" border="0" align="middle" alt="right bar" /> <input style="border: 0px solid white;" size="30" name="swapusagemeter" id="swapusagemeter" value="<?= $swapusage.'%'; ?>" /> </td> diff --git a/usr/local/www/wizard.php b/usr/local/www/wizard.php index 9dc4d80..965a2aa 100755 --- a/usr/local/www/wizard.php +++ b/usr/local/www/wizard.php @@ -155,7 +155,7 @@ function update_config_field($field, $updatetext, $unset, $arraynum, $field_type $text = "unset(\$config" . $field_conv . ");"; eval($text); } - $text = "\$config" . $field_conv . " = \"" . $updatetext . "\";"; + $text = "\$config" . $field_conv . " = \"" . addslashes($updatetext) . "\";"; eval($text); } |