diff options
-rwxr-xr-x | usr/local/www/firewall_rules.php | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/usr/local/www/firewall_rules.php b/usr/local/www/firewall_rules.php index 599d6a3..876abc4 100755 --- a/usr/local/www/firewall_rules.php +++ b/usr/local/www/firewall_rules.php @@ -210,7 +210,7 @@ if ($_GET['act'] == "del") { unset($a_filter[$_GET['id']]); write_config(); mark_subsystem_dirty('filter'); - header("Location: firewall_rules.php?if={$if}"); + header("Location: firewall_rules.php?if=" . htmlspecialchars($if)); exit; } } @@ -228,7 +228,7 @@ if (isset($_POST['del_x'])) { } write_config(); mark_subsystem_dirty('filter'); - header("Location: firewall_rules.php?if={$if}"); + header("Location: firewall_rules.php?if=" . htmlspecialchars($if)); exit; } } else if ($_GET['act'] == "toggle") { @@ -239,7 +239,7 @@ if (isset($_POST['del_x'])) { $a_filter[$_GET['id']]['disabled'] = true; write_config(); mark_subsystem_dirty('filter'); - header("Location: firewall_rules.php?if={$if}"); + header("Location: firewall_rules.php?if=" . htmlspecialchars($if)); exit; } } else { @@ -283,7 +283,7 @@ if (isset($_POST['del_x'])) { $a_filter = $a_filter_new; write_config(); mark_subsystem_dirty('filter'); - header("Location: firewall_rules.php?if={$if}"); + header("Location: firewall_rules.php?if=" . htmlspecialchars($if)); exit; } } |