Sanitize the session_id/logout_id in captive portal.

author: Chris Buechler <cmb@pfsense.org> 2015-12-02 18:22:55 -0600
committer: Chris Buechler <cmb@pfsense.org> 2015-12-02 18:22:55 -0600
commit: 43180e9c49b913b5c6361822d839d51074890c20 (patch)
tree: 1c2cd1f72884070c969ea9590953ee42ddfdfb4c /usr/local
parent: 5245206c6a7aad728f905a5a4cc5bfae03edfefc (diff)
download: pfsense-43180e9c49b913b5c6361822d839d51074890c20.zip
pfsense-43180e9c49b913b5c6361822d839d51074890c20.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/usr/local/captiveportal/index.php b/usr/local/captiveportal/index.php
index a8b3842..eaaf920 100644
--- a/usr/local/captiveportal/index.php
+++ b/usr/local/captiveportal/index.php
@@ -137,7 +137,9 @@ setTimeout('window.close();',5000) ;
 </html>
 
 EOD;
-	captiveportal_disconnect_client($_POST['logout_id']);
+
+	$safe_logout_id = SQLite3::escapeString($_POST['logout_id']);
+	captiveportal_disconnect_client($safe_logout_id);
 
 } else if ($macfilter && $clientmac && captiveportal_blocked_mac($clientmac)) {
 	captiveportal_logportalauth($clientmac,$clientmac,$clientip,"Blocked MAC address");
author	Chris Buechler <cmb@pfsense.org>	2015-12-02 18:22:55 -0600
committer	Chris Buechler <cmb@pfsense.org>	2015-12-02 18:22:55 -0600
commit	43180e9c49b913b5c6361822d839d51074890c20 (patch)
tree	1c2cd1f72884070c969ea9590953ee42ddfdfb4c /usr/local
parent	5245206c6a7aad728f905a5a4cc5bfae03edfefc (diff)
download	pfsense-43180e9c49b913b5c6361822d839d51074890c20.zip pfsense-43180e9c49b913b5c6361822d839d51074890c20.tar.gz