summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--usr/local/www/wizards/openvpn_wizard.inc8
1 files changed, 8 insertions, 0 deletions
diff --git a/usr/local/www/wizards/openvpn_wizard.inc b/usr/local/www/wizards/openvpn_wizard.inc
index 4603aa7..ee530a2 100644
--- a/usr/local/www/wizards/openvpn_wizard.inc
+++ b/usr/local/www/wizards/openvpn_wizard.inc
@@ -198,6 +198,10 @@ function step7_submitphpaction() {
}
}
+ if (preg_match("/[\?\>\<\&\/\\\"\']/", $_POST['descr'])) {
+ $input_errors[] = "The field 'Descriptive Name' contains invalid characters.";
+ }
+
if (empty($_POST['descr']) || empty($_POST['keylength']) || empty($_POST['lifetime']) ||
empty($_POST['country']) || empty($_POST['state']) || empty($_POST['city']) ||
empty($_POST['organization']) || empty($_POST['email'])) {
@@ -297,6 +301,10 @@ function step9_submitphpaction() {
}
}
+ if (preg_match("/[\?\>\<\&\/\\\"\']/", $_POST['descr'])) {
+ $input_errors[] = "The field 'Descriptive Name' contains invalid characters.";
+ }
+
if (empty($_POST['descr']) || empty($_POST['keylength']) || empty($_POST['lifetime']) ||
empty($_POST['country']) || empty($_POST['state']) || empty($_POST['city']) ||
empty($_POST['organization']) || empty($_POST['email'])) {
OpenPOWER on IntegriCloud