summaryrefslogtreecommitdiffstats
path: root/usr/local/www
diff options
context:
space:
mode:
authorRenato Botelho <garga@FreeBSD.org>2014-06-17 09:40:06 -0300
committerRenato Botelho <garga@FreeBSD.org>2014-06-17 09:40:06 -0300
commite41ab9aa320b4e64a8b99271bb7d3d094da59d56 (patch)
tree698dd841812af499c2159f8df5d4cf3083b555d4 /usr/local/www
parentee4ba9fba1f9d49396f3a4882a3239a83c5036d6 (diff)
downloadpfsense-e41ab9aa320b4e64a8b99271bb7d3d094da59d56.zip
pfsense-e41ab9aa320b4e64a8b99271bb7d3d094da59d56.tar.gz
Escape parameters passed to shell_exec()
Diffstat (limited to 'usr/local/www')
-rw-r--r--usr/local/www/diag_smart.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/usr/local/www/diag_smart.php b/usr/local/www/diag_smart.php
index d2309e6..73f3405 100644
--- a/usr/local/www/diag_smart.php
+++ b/usr/local/www/diag_smart.php
@@ -85,7 +85,7 @@ function update_email($email)
if(!empty($email))
{
// Put it in the smartd.conf file
- shell_exec("/usr/bin/sed -i old 's/^DEVICESCAN.*/DEVICESCAN -H -m " . $email . "/' /usr/local/etc/smartd.conf");
+ shell_exec("/usr/bin/sed -i old 's/^DEVICESCAN.*/DEVICESCAN -H -m " . escapeshellarg($email) . "/' /usr/local/etc/smartd.conf");
}
// Nope
else
OpenPOWER on IntegriCloud