summaryrefslogtreecommitdiffstats
path: root/usr
diff options
context:
space:
mode:
Diffstat (limited to 'usr')
-rw-r--r--usr/local/captiveportal/index.php4
-rw-r--r--usr/local/www/diag_authentication.php8
-rw-r--r--usr/local/www/diag_backup.php2
-rw-r--r--usr/local/www/firewall_nat.php2
-rw-r--r--usr/local/www/firewall_rules.php2
-rwxr-xr-xusr/local/www/pkg.php11
-rw-r--r--usr/local/www/services_unbound.php18
-rw-r--r--usr/local/www/services_unbound_advanced.php2
-rw-r--r--usr/local/www/status_gateways.php2
-rw-r--r--usr/local/www/wizard.php11
10 files changed, 35 insertions, 27 deletions
diff --git a/usr/local/captiveportal/index.php b/usr/local/captiveportal/index.php
index a8b3842..eaaf920 100644
--- a/usr/local/captiveportal/index.php
+++ b/usr/local/captiveportal/index.php
@@ -137,7 +137,9 @@ setTimeout('window.close();',5000) ;
</html>
EOD;
- captiveportal_disconnect_client($_POST['logout_id']);
+
+ $safe_logout_id = SQLite3::escapeString($_POST['logout_id']);
+ captiveportal_disconnect_client($safe_logout_id);
} else if ($macfilter && $clientmac && captiveportal_blocked_mac($clientmac)) {
captiveportal_logportalauth($clientmac,$clientmac,$clientip,"Blocked MAC address");
diff --git a/usr/local/www/diag_authentication.php b/usr/local/www/diag_authentication.php
index 24d567e..a4c9290 100644
--- a/usr/local/www/diag_authentication.php
+++ b/usr/local/www/diag_authentication.php
@@ -66,6 +66,14 @@ if ($_POST) {
$input_errors[] = gettext("Authentication failed.");
}
}
+} else {
+ // Choose a reasonable initial default.
+ if (isset($config['system']['webgui']['authmode'])) {
+ $pconfig['authmode'] = $config['system']['webgui']['authmode'];
+ }
+ else {
+ $pconfig['authmode'] = "Local Database";
+ }
}
$pgtitle = array(gettext("Diagnostics"),gettext("Authentication"));
$shortcut_section = "authentication";
diff --git a/usr/local/www/diag_backup.php b/usr/local/www/diag_backup.php
index a83bdab..ddab190 100644
--- a/usr/local/www/diag_backup.php
+++ b/usr/local/www/diag_backup.php
@@ -407,7 +407,7 @@ if ($_POST) {
/* this will be picked up by /index.php */
conf_mount_rw();
mark_subsystem_dirty("restore");
- touch("/conf/needs_package_sync");
+ touch("/conf/needs_package_sync_after_reboot");
/* remove cache, we will force a config reboot */
if(file_exists("{$g['tmp_path']}/config.cache"))
unlink("{$g['tmp_path']}/config.cache");
diff --git a/usr/local/www/firewall_nat.php b/usr/local/www/firewall_nat.php
index adbb948..e2c79b9 100644
--- a/usr/local/www/firewall_nat.php
+++ b/usr/local/www/firewall_nat.php
@@ -265,7 +265,7 @@ echo "<script type=\"text/javascript\" src=\"/javascript/domTT/fadomatic.js\"></
<?php if($natent['associated-rule-id'] == "pass"): ?>
<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_pass.gif" title="<?=gettext("All traffic matching this NAT entry is passed"); ?>" border="0" alt="pass" />
<?php elseif (!empty($natent['associated-rule-id'])): ?>
- <img src="./themes/<?= $g['theme']; ?>/images/icons/icon_chain.png" width="17" height="17" title="<?=gettext("Firewall rule ID"); ?> <?=htmlspecialchars($nnatid); ?> <?=gettext("is managed with this rule"); ?>" border="0" alt="change" />
+ <img src="./themes/<?= $g['theme']; ?>/images/icons/icon_chain.png" width="17" height="17" title="<?=gettext("Firewall rule ID"); ?> <?=htmlspecialchars($natent['associated-rule-id']); ?> <?=gettext("is managed with this rule"); ?>" border="0" alt="change" />
<?php endif; ?>
</td>
<td class="listlr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_edit.php?id=<?=$nnats;?>';">
diff --git a/usr/local/www/firewall_rules.php b/usr/local/www/firewall_rules.php
index c05b001..6368ed0 100644
--- a/usr/local/www/firewall_rules.php
+++ b/usr/local/www/firewall_rules.php
@@ -391,7 +391,7 @@ include("head.inc");
<td class="listr" style="background-color: #E0E0E0">*</td>
<td class="listr" style="background-color: #E0E0E0">*</td>
<td class="listr" style="background-color: #E0E0E0">*</td>
- <td class="listr" style="background-color: #E0E0E0">*</td>
+ <td class="listr" style="background-color: #E0E0E0">&nbsp;</td>
<td class="listbg"><?=gettext("Block bogon networks");?></td>
<td valign="middle" class="list nowrap">
<table border="0" cellspacing="0" cellpadding="1" summary="move rules before">
diff --git a/usr/local/www/pkg.php b/usr/local/www/pkg.php
index 9173965..e07206e 100755
--- a/usr/local/www/pkg.php
+++ b/usr/local/www/pkg.php
@@ -56,8 +56,15 @@ if($xml == "") {
print_info_box_np(gettext("ERROR: No package defined."));
exit;
} else {
- if(file_exists("/usr/local/pkg/" . $xml))
- $pkg = parse_xml_config_pkg("/usr/local/pkg/" . $xml, "packagegui");
+ $pkg_xml_prefix = "/usr/local/pkg/";
+ $pkg_full_path = "{$pkg_xml_prefix}/{$xml}";
+ if (substr_compare(realpath($pkg_full_path), $pkg_xml_prefix, 0, strlen($pkg_xml_prefix))) {
+ print_info_box_np(gettext("ERROR: Invalid path specified."));
+ die;
+ }
+
+ if(file_exists($pkg_full_path))
+ $pkg = parse_xml_config_pkg($pkg_full_path, "packagegui");
else {
echo "File not found " . htmlspecialchars($xml);
exit;
diff --git a/usr/local/www/services_unbound.php b/usr/local/www/services_unbound.php
index 528cdb6..fc84327 100644
--- a/usr/local/www/services_unbound.php
+++ b/usr/local/www/services_unbound.php
@@ -76,9 +76,6 @@ if (isset($config['unbound']['regdhcp'])) {
if (isset($config['unbound']['regdhcpstatic'])) {
$pconfig['regdhcpstatic'] = true;
}
-if (isset($config['unbound']['txtsupport'])) {
- $pconfig['txtsupport'] = true;
-}
$pconfig['port'] = $config['unbound']['port'];
$pconfig['custom_options'] = base64_decode($config['unbound']['custom_options']);
@@ -159,11 +156,6 @@ if ($_POST) {
} else {
unset($a_unboundcfg['regdhcpstatic']);
}
- if (isset($_POST['txtsupport'])) {
- $a_unboundcfg['txtsupport'] = true;
- } else {
- unset($a_unboundcfg['txtsupport']);
- }
if (is_array($_POST['active_interface']) && !empty($_POST['active_interface'])) {
$a_unboundcfg['active_interface'] = implode(",", $_POST['active_interface']);
}
@@ -213,7 +205,7 @@ include_once("head.inc");
function enable_change(enable_over) {
var endis;
endis = !(jQuery('#enable').is(":checked") || enable_over);
- jQuery("#active_interface,#outgoing_interface,#dnssec,#forwarding,#regdhcp,#regdhcpstatic,#dhcpfirst,#port,#txtsupport,#custom_options").prop('disabled', endis);
+ jQuery("#active_interface,#outgoing_interface,#dnssec,#forwarding,#regdhcp,#regdhcpstatic,#dhcpfirst,#port,#custom_options").prop('disabled', endis);
}
function show_advanced_dns() {
jQuery("#showadv").show();
@@ -359,14 +351,6 @@ function show_advanced_dns() {
</td>
</tr>
<tr>
- <td width="22%" valign="top" class="vncellreq"><?=gettext("TXT Comment Support");?></td>
- <td width="78%" class="vtable"><p>
- <input name="txtsupport" type="checkbox" id="txtsupport" value="yes" <?php echo (isset($pconfig['txtsupport']) ? "checked=\"checked\"" : "");?> />
- <strong><?=gettext("If this option is set, then any descriptions associated with Host entries and DHCP Static mappings will create a corresponding TXT record.");?><br />
- </strong></p>
- </td>
- </tr>
- <tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Advanced");?></td>
<td width="78%" class="vtable">
<div id="showadvbox" <?php if ($pconfig['custom_options']) echo "style='display:none'"; ?>>
diff --git a/usr/local/www/services_unbound_advanced.php b/usr/local/www/services_unbound_advanced.php
index 8c3d764..480cc7e 100644
--- a/usr/local/www/services_unbound_advanced.php
+++ b/usr/local/www/services_unbound_advanced.php
@@ -100,7 +100,7 @@ if ($_POST) {
if (isset($_POST['outgoing_num_tcp']) && !in_array($_POST['outgoing_num_tcp'], array('0', '10', '20', '30', '40', '50'), true)) {
$input_errors[] = "A valid value must be specified for Outgoing TCP Buffers.";
}
- if (isset($_POST['outgoing_num_tcp']) && !in_array($_POST['incoming_num_tcp'], array('0', '10', '20', '30', '40', '50'), true)) {
+ if (isset($_POST['incoming_num_tcp']) && !in_array($_POST['incoming_num_tcp'], array('0', '10', '20', '30', '40', '50'), true)) {
$input_errors[] = "A valid value must be specified for Incoming TCP Buffers.";
}
if (isset($_POST['edns_buffer_size']) && !in_array($_POST['edns_buffer_size'], array('512', '1480', '4096'), true)) {
diff --git a/usr/local/www/status_gateways.php b/usr/local/www/status_gateways.php
index a151788..afc73d5 100644
--- a/usr/local/www/status_gateways.php
+++ b/usr/local/www/status_gateways.php
@@ -92,7 +92,7 @@ include("head.inc");
<?php if ($gateways_status[$gname])
echo $gateways_status[$gname]['monitorip'];
else
- echo $gateway['monitorip'];
+ echo $gateway['monitor'];
?>
</td>
<td class="listr" align="center">
diff --git a/usr/local/www/wizard.php b/usr/local/www/wizard.php
index 251c58f..d5aa350 100644
--- a/usr/local/www/wizard.php
+++ b/usr/local/www/wizard.php
@@ -66,8 +66,15 @@ if(empty($xml)) {
print_info_box_np(sprintf(gettext("ERROR: Could not open %s."), $xml));
die;
} else {
- if (file_exists("{$g['www_path']}/wizards/{$xml}"))
- $pkg = parse_xml_config_pkg("{$g['www_path']}/wizards/" . $xml, "pfsensewizard");
+ $wizard_xml_prefix = "{$g['www_path']}/wizards";
+ $wizard_full_path = "{$wizard_xml_prefix}/{$xml}";
+ if (substr_compare(realpath($wizard_full_path), $wizard_xml_prefix, 0, strlen($wizard_xml_prefix))) {
+ print_info_box_np(gettext("ERROR: Invalid path specified."));
+ die;
+ }
+
+ if (file_exists($wizard_full_path))
+ $pkg = parse_xml_config_pkg($wizard_full_path, "pfsensewizard");
else {
print_info_box_np(sprintf(gettext("ERROR: Could not open %s."), $xml));
die;
OpenPOWER on IntegriCloud