diff options
author | Ermal Luçi <eri@pfsense.org> | 2013-02-12 11:52:49 -0800 |
---|---|---|
committer | Ermal Luçi <eri@pfsense.org> | 2013-02-12 11:52:49 -0800 |
commit | 60754bef9f796fc46a07076d9b75a699af3594b0 (patch) | |
tree | cfb639e8d1cab1cf573000509b78caea716784e6 /usr | |
parent | bde982dd5aad41254273300676d1d5c2ecf367c3 (diff) | |
parent | 89b1c40c41ea16d0beac1ffbde9334f657e66e5c (diff) | |
download | pfsense-60754bef9f796fc46a07076d9b75a699af3594b0.zip pfsense-60754bef9f796fc46a07076d9b75a699af3594b0.tar.gz |
Merge pull request #409 from miken32/nas-identifier
add input validation for NAS-Identifier
Diffstat (limited to 'usr')
-rwxr-xr-x | usr/local/www/services_captiveportal.php | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/usr/local/www/services_captiveportal.php b/usr/local/www/services_captiveportal.php index 35616a2..b465baa 100755 --- a/usr/local/www/services_captiveportal.php +++ b/usr/local/www/services_captiveportal.php @@ -224,6 +224,9 @@ if ($_POST) { if ($_POST['maxproc'] && (!is_numeric($_POST['maxproc']) || ($_POST['maxproc'] < 4) || ($_POST['maxproc'] > 100))) { $input_errors[] = gettext("The maximum number of concurrent connections per client IP address may not be larger than the global maximum."); } + if (trim($_POST['radiusnasid']) !== "" && !preg_match("/^[\x21-\x7e]{3,253}$/i", trim($_POST['radiusnasid']))) { + $input_errors[] = gettext("The NAS-Identifier must be 3-253 characters long and should only contain ASCII characters."); + } if (!$input_errors) { $newcp =& $a_cp[$cpzone]; @@ -827,8 +830,8 @@ function enable_change(enable_change) { <tr> <td class="vncell" valign="top"><?=gettext("NAS Identifier"); ?></td> - <td class="vtable"><input name="radiusnasid" type="text" class="formfld unknown" id="radiusnasid" value="<?=htmlspecialchars($pconfig['radiusnasid']);?>"/><br/> - <?=gettext("Specify a NAS identifier to override the default value") . " " . php_uname("n"); ?></td> + <td class="vtable"><input name="radiusnasid" type="text" maxlength="253" class="formfld unknown" id="radiusnasid" value="<?=htmlspecialchars($pconfig['radiusnasid']);?>"/><br/> + <?=gettext("Specify a NAS identifier to override the default value") . " (" . php_uname("n") . ")"; ?></td> </tr> <tr> <td class="vncell" valign="top"><?=gettext("MAC address format"); ?></td> |