diff options
author | Vinicius Coque <vinicius.coque@bluepex.com> | 2010-06-28 12:39:16 -0300 |
---|---|---|
committer | Vinicius Coque <vinicius.coque@bluepex.com> | 2010-06-28 12:39:16 -0300 |
commit | eaed8f3dc1acefedc77f830cddf0243ebcec3e3a (patch) | |
tree | 3785d39707adb4967771b7aa42f03125635f5135 /usr | |
parent | 45ad772ae72e25639d995af771cefb8584594d08 (diff) | |
parent | e88ace756391836878b81e8b4fb88776d96872c5 (diff) | |
download | pfsense-eaed8f3dc1acefedc77f830cddf0243ebcec3e3a.zip pfsense-eaed8f3dc1acefedc77f830cddf0243ebcec3e3a.tar.gz |
Merge remote branch 'mainline/master'
Diffstat (limited to 'usr')
-rwxr-xr-x | usr/local/www/status_gateways.php | 2 | ||||
-rwxr-xr-x | usr/local/www/system_gateways_edit.php | 2 | ||||
-rw-r--r-- | usr/local/www/system_usermanager.php | 19 | ||||
-rwxr-xr-x | usr/local/www/wizard.php | 2 | ||||
-rw-r--r-- | usr/local/www/wizards/setup_wizard.xml | 82 |
5 files changed, 103 insertions, 4 deletions
diff --git a/usr/local/www/status_gateways.php b/usr/local/www/status_gateways.php index 6d6c43d..72e14b2 100755 --- a/usr/local/www/status_gateways.php +++ b/usr/local/www/status_gateways.php @@ -118,7 +118,7 @@ include("head.inc"); ?> </table> </td> - <td class="listbg"> <?=$a_gateway[$gateway['name']]['descr']; ?></td> + <td class="listbg"> <?=$a_gateways[$gateway['name']]['descr']; ?></td> </tr> <?php } ?> </table> diff --git a/usr/local/www/system_gateways_edit.php b/usr/local/www/system_gateways_edit.php index 700ba41..98d1e81 100755 --- a/usr/local/www/system_gateways_edit.php +++ b/usr/local/www/system_gateways_edit.php @@ -375,7 +375,7 @@ function show_advanced_gateway() { ?> <input name="monitor" type="text" id="monitor" value="<?php echo $monitor; ?>" /> <strong><?=gettext("Alternative monitor IP"); ?></strong> <br /> - <?gettext("Enter an alternative address here to be used to monitor the link. This is used for the " . + <?=gettext("Enter an alternative address here to be used to monitor the link. This is used for the " . "quality RRD graphs as well as the load balancer entries. Use this if the gateway does not respond " . "to ICMP echo requests (pings)"); ?>.</strong> <br /> diff --git a/usr/local/www/system_usermanager.php b/usr/local/www/system_usermanager.php index 058046a..f89d834 100644 --- a/usr/local/www/system_usermanager.php +++ b/usr/local/www/system_usermanager.php @@ -207,15 +207,30 @@ if (isAllowedPage("system_usermanager")) { if (($_POST['passwordfld1']) && ($_POST['passwordfld1'] != $_POST['passwordfld2'])) $input_errors[] = gettext("The passwords do not match."); + if (isset($id) && $a_user[$id]) + $oldusername = $a_user[$id]['name']; + else + $oldusername = ""; /* make sure this user name is unique */ - if (!$input_errors && !(isset($id) && $a_user[$id])) { + if (!$input_errors) { foreach ($a_user as $userent) { - if ($userent['name'] == $_POST['usernamefld']) { + if ($userent['name'] == $_POST['usernamefld'] && $oldusername != $_POST['usernamefld']) { $input_errors[] = gettext("Another entry with the same username already exists."); break; } } } + /* also make sure it is not reserved */ + if (!$input_errors) { + $system_users = explode("\n", file_get_contents("/etc/passwd")); + foreach ($system_users as $s_user) { + $ent = explode(":", $s_user); + if ($ent[0] == $_POST['usernamefld'] && $oldusername != $_POST['usernamefld']) { + $input_errors[] = gettext("That username is reserved by the system."); + break; + } + } + } /* * Check for a valid expirationdate if one is set at all (valid means, diff --git a/usr/local/www/wizard.php b/usr/local/www/wizard.php index a59e83d..5ba3ff8 100755 --- a/usr/local/www/wizard.php +++ b/usr/local/www/wizard.php @@ -697,6 +697,8 @@ function showchange() { echo "<td class=\"vtable\">"; echo "<select class='formselect' name='{$name}'>\n"; foreach ($timezonelist as $tz) { + if(strstr($tz, "GMT")) + continue; $SELECTED = ""; if ($value == $tz) $SELECTED = " SELECTED"; echo "<option value='" . htmlspecialchars($tz) . "' {$SELECTED}>"; diff --git a/usr/local/www/wizards/setup_wizard.xml b/usr/local/www/wizards/setup_wizard.xml index 64ffef1..d0ef4b3 100644 --- a/usr/local/www/wizards/setup_wizard.xml +++ b/usr/local/www/wizards/setup_wizard.xml @@ -59,6 +59,8 @@ <type>input</type> <bindstofield>system->hostname</bindstofield> <description>EXAMPLE: myserver</description> + <validate>^[a-z0-9.|-]+$</validate> + <message>Invalid Hostname</message> </field> <field> <name>Domain</name> @@ -75,12 +77,16 @@ <!-- we must unset the fields because this is an array. --> <unsetfield>yes</unsetfield> <arraynum>0</arraynum> + <validate>^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$</validate> + <message>Primary DNS Server field is invalid</message> </field> <field> <name>Secondary DNS Server</name> <type>input</type> <bindstofield>system->dnsserver</bindstofield> <arraynum>1</arraynum> + <validate>^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$</validate> + <message>Secondary DNS Server field is invalid</message> </field> <field> <name>Override DNS</name> @@ -93,6 +99,26 @@ <type>submit</type> </field> </fields> + <stepsubmitphpaction> + <![CDATA[ + if(empty($_POST['hostname']) || !is_hostname($_POST['hostname'])) { + print_info_box_np("Hostname is invalid. Please press back in your browser window and correct."); + die; + } + if(empty($_POST['domain']) || !is_domain($_POST['domain'])) { + print_info_box_np("Domain is invalid. Please press back in your browser window and correct."); + die; + } + if(!empty($_POST['primarydnsserver']) && !is_ipaddr($_POST['primarydnsserver'])) { + print_info_box_np("Primary DNS server is invalid. Please press back in your browser window and correct."); + die; + } + if(!empty($_POST['secondarydnsserver']) && !is_ipaddr($_POST['secondarydnsserver'])) { + print_info_box_np("Second DNS server is invalid. Please press back in your browser window and correct."); + die; + } + ]]> + </stepsubmitphpaction> </step> <step> <id>3</id> @@ -104,6 +130,8 @@ <description>Enter the hostname (FQDN) of the time server.</description> <type>input</type> <bindstofield>system->timeservers</bindstofield> + <validate>^[a-z0-9.|-]+$</validate> + <message>Invalid Time Server Field</message> </field> <field> <name>Timezone</name> @@ -115,6 +143,14 @@ <type>submit</type> </field> </fields> + <stepsubmitphpaction> + <![CDATA[ + if(!empty($_POST['timeserverhostname']) && !(is_hostname($_POST['timeserverhostname']) || is_ipaddr($_POST['timeserverhostname']))) { + print_info_box_np("Invalid Time Server. Please press back in your browser window and correct."); + die; + } + ]]> + </stepsubmitphpaction> </step> <step> <id>4</id> @@ -180,6 +216,8 @@ <bindstofield>interfaces->wan->spoofmac</bindstofield> <type>input</type> <description> This field can be used to modify ("spoof") the MAC address of the WAN interface (may be required with some cable connections). Enter a MAC address in the following format: xx:xx:xx:xx:xx:xx or leave blank.</description> + <validate>^([0-9a-f]{2}([:-]||$)){6}$</validate> + <message>MAC Address field is invalid</message> </field> <field> <donotdisable>true</donotdisable> @@ -198,6 +236,8 @@ <type>input</type> <typehint> / </typehint> <combinefieldsbegin>true</combinefieldsbegin> + <validate>^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$</validate> + <message>IP Address field is invalid</message> </field> <field> <combinefieldsend>true</combinefieldsend> @@ -211,6 +251,8 @@ <name>Gateway</name> <bindstofield>interfaces->wan->gateway</bindstofield> <type>input</type> + <validate>^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$</validate> + <message>Gateway IP Address field is invalid</message> </field> <field> <name>DHCP client configuration</name> @@ -272,6 +314,8 @@ <type>input</type> <typehint> / </typehint> <bindstofield>pptp->local</bindstofield> + <validate>^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$</validate> + <message>PPTP Local IP Address field is invalid</message> </field> <field> <combinefieldsend>true</combinefieldsend> @@ -285,6 +329,8 @@ <name>PPTP Remote IP Address</name> <bindstofield>pptp->remote</bindstofield> <type>input</type> + <validate>^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$</validate> + <message>PPTP Remote IP Address field is invalid</message> </field> <field> <name>PPTP Dial on demand</name> @@ -328,6 +374,34 @@ <type>submit</type> </field> </fields> + <stepsubmitphpaction> + <![CDATA[ + if(!empty($_POST['mtu']) && ($_POST['mtu'] < 576)) { + print_info_box_np("MTU Must be at least 576 (Per RFC 791). Please press back in your browser window and correct."); + die; + } + if(!empty($_POST['macaddress']) && !is_macaddr($_POST['macaddress'])) { + print_info_box_np("Invalid MAC Address. Please press back in your browser window and correct."); + die; + } + if(!empty($_POST['ipaddress']) && ($_POST['selectedtype'] == "Static") && (!is_ipaddr($_POST['ipaddress']))) { + print_info_box_np("Invalid WAN IP Address. Please press back in your browser window and correct."); + die; + } + if(!empty($_POST['dhcphostname']) && !is_hostname($_POST['dhcphostname'])) { + print_info_box_np("Invalid DHCP Hostname. Please press back in your browser window and correct."); + die; + } + if(!empty($_POST['pptplocalipaddress']) && !is_ipaddr($_POST['pptplocalipaddress'])) { + print_info_box_np("Invalid PPTP Local IP Address. Please press back in your browser window and correct."); + die; + } + if(!empty($_POST['pptpremoteipaddress']) && !is_ipaddr($_POST['pptpremoteipaddress'])) { + print_info_box_np("Invalid PPTP Remopte IP Address. Please press back in your browser window and correct."); + die; + } + ]]> + </stepsubmitphpaction> <stepsubmitbeforesave> <![CDATA[ if($_POST['selectedtype'] == "Static") { @@ -352,6 +426,8 @@ <type>input</type> <bindstofield>interfaces->lan->ipaddr</bindstofield> <description>Type dhcp if this interface uses DHCP to obtain its IP address.</description> + <validate>^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$</validate> + <message>LAN IP Address field is invalid</message> </field> <field> <name>Subnet Mask</name> @@ -364,6 +440,11 @@ </field> </fields> <stepsubmitphpaction> + <![CDATA[ + if(empty($_POST['lanipaddress']) || !is_ipaddr($_POST['lanipaddress'])) { + print_info_box_np("Invalid LAN IP Address. Please press back in your browser window and correct."); + die; + } $ft = split("\.", $_POST['lanipaddress']); $ft_ip = $ft[0] . "." . $ft[1] . "." . $ft[2] . "."; $config['dhcpd']['lan']['range']['from'] = $ft_ip . "10"; @@ -371,6 +452,7 @@ $hi = split("\.", $highestip); $highestip = $hi[3]-10; $config['dhcpd']['lan']['range']['to'] = $ft_ip . $highestip; + ]]> </stepsubmitphpaction> </step> <step> |