diff options
author | jim-p <jimp@pfsense.org> | 2014-04-09 08:45:31 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2014-04-09 08:52:25 -0400 |
commit | 80f48850307dea4ceb08dc1a785dd24322b5283d (patch) | |
tree | a46938b49ccc85da8f72554c87f3727e0033093b /usr | |
parent | 6e767d170cfb629ebf3e3d9d8677c15c741ae0d2 (diff) | |
download | pfsense-80f48850307dea4ceb08dc1a785dd24322b5283d.zip pfsense-80f48850307dea4ceb08dc1a785dd24322b5283d.tar.gz |
Use an alphanumeric test rather than purely is_numericint because the ID is generated by uniqid and is not purely numeric. Fixes #3591
Diffstat (limited to 'usr')
-rw-r--r-- | usr/local/www/system_crlmanager.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/usr/local/www/system_crlmanager.php b/usr/local/www/system_crlmanager.php index b9624b9..db13fcd 100644 --- a/usr/local/www/system_crlmanager.php +++ b/usr/local/www/system_crlmanager.php @@ -49,9 +49,9 @@ $crl_methods = array( "internal" => gettext("Create an internal Certificate Revocation List"), "existing" => gettext("Import an existing Certificate Revocation List")); -if (is_numericint($_GET['id'])) +if (ctype_alnum($_GET['id'])) $id = $_GET['id']; -if (isset($_POST['id']) && is_numericint($_POST['id'])) +if (isset($_POST['id']) && ctype_alnum($_POST['id'])) $id = $_POST['id']; if (!is_array($config['ca'])) |