diff options
Diffstat (limited to 'usr/local/www/diag_dns.php')
| -rw-r--r-- | usr/local/www/diag_dns.php | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/usr/local/www/diag_dns.php b/usr/local/www/diag_dns.php index ee7c30f..df6bbeb 100644 --- a/usr/local/www/diag_dns.php +++ b/usr/local/www/diag_dns.php @@ -46,7 +46,8 @@ if ($_POST) { do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); $host = trim($_POST['host']); - + $host_esc = escapeshellarg(trim($_POST['host'])); + if (!is_hostname($host) || is_ipaddr($host)) $input_errors[] = "Host must be a valid hostname or IP address."; @@ -56,7 +57,7 @@ if ($_POST) { list($pconfig['dns1'],$pconfig['dns2'],$pconfig['dns3'],$pconfig['dns4']) = $config['system']['dnsserver']; for ($dnscounter=1; $dnscounter<5; $dnscounter++) { $dns_server = $pconfig['dns' . $dnscounter]; - $query_time = `dig {$host} @{$dns_server} | grep Query | cut -d':' -f2`; + $query_time = `dig {$host_esc} @{$dns_server} | grep Query | cut -d':' -f2`; if($query_time == "") $query_time = "No response"; $new_qt = array(); @@ -155,10 +156,10 @@ include("head.inc"); ?> </td> </tr> <?php } ?> - <tr><td> </td></tr> <tr> <td width="22%" valign="top"> </td> <td width="78%"> + <br/> <input name="Submit" type="submit" class="formbtn" value="DNS Lookup"> </td> </tr> |
