diff options
| author | jim-p <jimp@pfsense.org> | 2015-12-21 09:33:45 -0500 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2015-12-21 09:33:45 -0500 |
| commit | 49e83995cef02354b39a506a3bc0feb469cb5637 (patch) | |
| tree | 480d3f0af6aaf3b127a5fb42abb4ce5124a7b03f /usr | |
| parent | d83a4dfcdb0f61f4d7311c42e917f27691834a84 (diff) | |
| download | pfsense-49e83995cef02354b39a506a3bc0feb469cb5637.zip pfsense-49e83995cef02354b39a506a3bc0feb469cb5637.tar.gz | |
Encode gateway attributes before printing.
Diffstat (limited to 'usr')
| -rw-r--r-- | usr/local/www/status_gateways.php | 6 | ||||
| -rw-r--r-- | usr/local/www/system_gateways.php | 4 |
2 files changed, 5 insertions, 5 deletions
diff --git a/usr/local/www/status_gateways.php b/usr/local/www/status_gateways.php index afc73d5..2069f0d 100644 --- a/usr/local/www/status_gateways.php +++ b/usr/local/www/status_gateways.php @@ -83,7 +83,7 @@ include("head.inc"); ?> <tr> <td class="listlr"> - <?=$gateway['name'];?> + <?=htmlspecialchars($gateway['name']);?> </td> <td class="listr" align="center" > <?php echo lookup_gateway_ip_by_name($gname);?> @@ -92,7 +92,7 @@ include("head.inc"); <?php if ($gateways_status[$gname]) echo $gateways_status[$gname]['monitorip']; else - echo $gateway['monitor']; + echo htmlspecialchars($gateway['monitor']); ?> </td> <td class="listr" align="center"> @@ -148,7 +148,7 @@ include("head.inc"); ?> </table> </td> - <td class="listbg"> <?=$gateway['descr']; ?></td> + <td class="listbg"> <?=htmlspecialchars($gateway['descr']); ?></td> </tr> <?php } ?> </table> diff --git a/usr/local/www/system_gateways.php b/usr/local/www/system_gateways.php index aa0d833..0352e36 100644 --- a/usr/local/www/system_gateways.php +++ b/usr/local/www/system_gateways.php @@ -285,7 +285,7 @@ include("head.inc"); <td class="listlr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>" ondblclick="document.location='system_gateways_edit.php?id=<?=$i;?>';"> <?php echo $textss; - echo $gateway['name']; + echo htmlspecialchars($gateway['name']); if(isset($gateway['defaultgw'])) echo " <strong>(default)</strong>"; echo $textse; @@ -301,7 +301,7 @@ include("head.inc"); <td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>" ondblclick="document.location='system_gateways_edit.php?id=<?=$i;?>';"> <?php echo $textss; - echo $gateway['gateway'] . " "; + echo htmlspecialchars($gateway['gateway']) . " "; echo $textse; ?> </td> |
