diff options
-rwxr-xr-x | usr/local/www/diag_logs_filter.php | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/usr/local/www/diag_logs_filter.php b/usr/local/www/diag_logs_filter.php index 850a338..3544983 100755 --- a/usr/local/www/diag_logs_filter.php +++ b/usr/local/www/diag_logs_filter.php @@ -37,19 +37,18 @@ ##|*MATCH=diag_logs_filter.php* ##|-PRIV +require("guiconfig.inc"); if($_GET['getrulenum'] or $_POST['getrulenum']) { if($_GET['getrulenum']) - $rulenum = $_GET['getrulenum']; + $rulenum = escapeshellarg($_GET['getrulenum']); if($_POST['getrulenum']) - $rulenum = $_POST['getrulenum']; + $rulenum = escapeshellarg($_POST['getrulenum']); $rule = `pfctl -vvsr | grep @{$rulenum}`; echo "The rule that triggered this action is:\n\n{$rule}"; exit; } -require("guiconfig.inc"); - $filter_logfile = "{$g['varlog_path']}/filter.log"; $nentries = $config['syslog']['nentries']; |