diff options
| author | jim-p <jimp@pfsense.org> | 2015-06-16 12:02:36 -0400 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2015-06-16 12:02:36 -0400 |
| commit | a5e950ae272a9afda84f99d64152be53cba3b2be (patch) | |
| tree | aabc39cb8cf9cc35dfdc5e40ab7c7deaaf6ba943 /usr/local/www | |
| parent | df6a9c6d7c187b9a8e382d6501e57b96864b9d3f (diff) | |
| download | pfsense-a5e950ae272a9afda84f99d64152be53cba3b2be.zip pfsense-a5e950ae272a9afda84f99d64152be53cba3b2be.tar.gz | |
Encoding in system_advanced_sysctl.php
Diffstat (limited to 'usr/local/www')
| -rw-r--r-- | usr/local/www/system_advanced_sysctl.php | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/usr/local/www/system_advanced_sysctl.php b/usr/local/www/system_advanced_sysctl.php index b9abd99..be12322 100644 --- a/usr/local/www/system_advanced_sysctl.php +++ b/usr/local/www/system_advanced_sysctl.php @@ -194,18 +194,18 @@ include("head.inc"); <?php foreach ($tunables as $i => $tunable): if (!isset($tunable['modified'])) { - $i = $tunable['tunable']; + $i = urlencode($tunable['tunable']); } ?> <tr> <td class="listlr" ondblclick="document.location='system_advanced_sysctl.php?act=edit&id=<?=$i;?>';"> - <?php echo $tunable['tunable']; ?> + <?php echo htmlspecialchars($tunable['tunable']); ?> </td> <td class="listr" align="left" ondblclick="document.location='system_advanced_sysctl.php?act=edit&id=<?=$i;?>';"> - <?php echo $tunable['descr']; ?> + <?php echo htmlspecialchars($tunable['descr']); ?> </td> <td class="listr" align="left" ondblclick="document.location='system_advanced_sysctl.php?act=edit&id=<?=$i;?>';"> - <?php echo $tunable['value']; ?> + <?php echo htmlspecialchars($tunable['value']); ?> <?php if ($tunable['value'] == "default") { echo "(" . get_default_sysctl_value($tunable['tunable']) . ")"; @@ -263,19 +263,19 @@ include("head.inc"); <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Tunable"); ?></td> <td width="78%" class="vtable"> - <input size="65" name="tunable" value="<?php echo $pconfig['tunable']; ?>" /> + <input size="65" name="tunable" value="<?php echo htmlspecialchars($pconfig['tunable']); ?>" /> </td> </tr> <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Description"); ?></td> <td width="78%" class="vtable"> - <textarea rows="7" cols="50" name="descr"><?php echo $pconfig['descr']; ?></textarea> + <textarea rows="7" cols="50" name="descr"><?php echo htmlspecialchars($pconfig['descr']); ?></textarea> </td> </tr> <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Value"); ?></td> <td width="78%" class="vtable"> - <input size="65" name="value" value="<?php echo $pconfig['value']; ?>" /> + <input size="65" name="value" value="<?php echo htmlspecialchars($pconfig['value']); ?>" /> </td> </tr> <tr> |
