diff options
author | jim-p <jimp@pfsense.org> | 2015-03-05 09:00:18 -0500 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2015-03-05 09:00:18 -0500 |
commit | 707ed023f41ccd9a081f56b444f85022af8c7e2a (patch) | |
tree | e0c0b7b7e734498ab744afc05c477a3ef944f79e /usr/local | |
parent | 0fe628a62fe1e7b3d1afa20bf235a4dcbdaa44b4 (diff) | |
download | pfsense-707ed023f41ccd9a081f56b444f85022af8c7e2a.zip pfsense-707ed023f41ccd9a081f56b444f85022af8c7e2a.tar.gz |
Be more strict about the file to restore or delete when working with full backups.
Diffstat (limited to 'usr/local')
-rw-r--r-- | usr/local/www/system_firmware_restorefullbackup.php | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/usr/local/www/system_firmware_restorefullbackup.php b/usr/local/www/system_firmware_restorefullbackup.php index c482a29..b31d096 100644 --- a/usr/local/www/system_firmware_restorefullbackup.php +++ b/usr/local/www/system_firmware_restorefullbackup.php @@ -87,18 +87,22 @@ if($_GET['downloadbackup']) { } if ($_GET['deletefile']) { - $filename = $_GET['deletefile']; - if(file_exists("/root/{$filename}")) { + $filename = basename($_GET['deletefile']); + if(file_exists("/root/{$filename}") && (preg_match("/pfSense-full-backup-\d+-\d+\.tgz/", $filename) == 1)) { unlink("/root/" . $filename); - $savemsg = gettext("$filename has been deleted."); + $savemsg = htmlspecialchars($filename) . " " . gettext("has been deleted."); + } else { + $savemsg = htmlspecialchars($filename) . " " . gettext("has not been been deleted (invalid backup file or file does not exist)."); } } if ($_POST['restorefile']) { - $filename = $_POST['restorefile']; - if(file_exists("/root/{$filename}")) { + $filename = basename($_POST['restorefile']); + if(file_exists("/root/{$filename}") && (preg_match("/pfSense-full-backup-\d+-\d+\.tgz/", $filename) == 1)) { mwexec_bg("/etc/rc.restore_full_backup /root/" . escapeshellcmd($filename)); - $savemsg = gettext("The firewall is currently restoring $filename"); + $savemsg = gettext("The firewall is currently restoring") . " " . htmlspecialchars($filename); + } else { + $savemsg = htmlspecialchars($filename) . " " . gettext("has not been been restored (invalid backup file or file does not exist)."); } } |