diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2007-12-03 23:27:31 +0000 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2007-12-03 23:27:31 +0000 |
commit | ce0a5816476bd4703b85a30396123f13da5be174 (patch) | |
tree | 034b39c70bb235bcd1c9a2ae3ac4dcf468b22d7c /usr | |
parent | 6af621d3b21406dd7967f9cc7ae3db7c052223ae (diff) | |
download | pfsense-ce0a5816476bd4703b85a30396123f13da5be174.zip pfsense-ce0a5816476bd4703b85a30396123f13da5be174.tar.gz |
Do a check on all ID's > -1. When we a dup a rule with id 0 the checks where bypassed.
Spotted-by: billm
Diffstat (limited to 'usr')
-rwxr-xr-x | usr/local/www/firewall_nat_edit.php | 2 | ||||
-rwxr-xr-x | usr/local/www/firewall_rules_edit.php | 3 |
2 files changed, 3 insertions, 2 deletions
diff --git a/usr/local/www/firewall_nat_edit.php b/usr/local/www/firewall_nat_edit.php index 6e111d8..a8f0031 100755 --- a/usr/local/www/firewall_nat_edit.php +++ b/usr/local/www/firewall_nat_edit.php @@ -61,7 +61,7 @@ if (isset($id) && $a_nat[$id]) { $pconfig['interface'] = "wan"; } -if($id) { +if($id > -1) { $if = $a_nat[$id]['interface']; $security_url = "firewall_nat_edit.php?if=". strtolower($if); if (!isSystemAdmin($HTTP_SERVER_VARS['AUTH_USER'])) { diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php index cd427d4..25e36a8 100755 --- a/usr/local/www/firewall_rules_edit.php +++ b/usr/local/www/firewall_rules_edit.php @@ -55,10 +55,11 @@ if (isset($_GET['dup'])) { $after = $_GET['dup']; } -if($id) { +if($id > -1) { $if = $a_filter[$id]['interface']; $security_url = "firewall_rules_edit.php?if=". strtolower($if); if (!isSystemAdmin($HTTP_SERVER_VARS['AUTH_USER'])) { + log_error("Checking for {$security_url}"); if(!in_array($security_url, $allowed)) { // User does not have access // echo "displaying error {$security_url}"; print_r($allowed); |