diff options
Diffstat (limited to 'usr')
-rw-r--r-- | usr/local/captiveportal/index.php | 4 | ||||
-rw-r--r-- | usr/local/www/diag_authentication.php | 8 | ||||
-rw-r--r-- | usr/local/www/diag_backup.php | 2 | ||||
-rw-r--r-- | usr/local/www/firewall_nat.php | 2 | ||||
-rw-r--r-- | usr/local/www/firewall_rules.php | 2 | ||||
-rwxr-xr-x | usr/local/www/pkg.php | 11 | ||||
-rw-r--r-- | usr/local/www/services_unbound.php | 18 | ||||
-rw-r--r-- | usr/local/www/services_unbound_advanced.php | 2 | ||||
-rw-r--r-- | usr/local/www/status_gateways.php | 2 | ||||
-rw-r--r-- | usr/local/www/wizard.php | 11 |
10 files changed, 35 insertions, 27 deletions
diff --git a/usr/local/captiveportal/index.php b/usr/local/captiveportal/index.php index a8b3842..eaaf920 100644 --- a/usr/local/captiveportal/index.php +++ b/usr/local/captiveportal/index.php @@ -137,7 +137,9 @@ setTimeout('window.close();',5000) ; </html> EOD; - captiveportal_disconnect_client($_POST['logout_id']); + + $safe_logout_id = SQLite3::escapeString($_POST['logout_id']); + captiveportal_disconnect_client($safe_logout_id); } else if ($macfilter && $clientmac && captiveportal_blocked_mac($clientmac)) { captiveportal_logportalauth($clientmac,$clientmac,$clientip,"Blocked MAC address"); diff --git a/usr/local/www/diag_authentication.php b/usr/local/www/diag_authentication.php index 24d567e..a4c9290 100644 --- a/usr/local/www/diag_authentication.php +++ b/usr/local/www/diag_authentication.php @@ -66,6 +66,14 @@ if ($_POST) { $input_errors[] = gettext("Authentication failed."); } } +} else { + // Choose a reasonable initial default. + if (isset($config['system']['webgui']['authmode'])) { + $pconfig['authmode'] = $config['system']['webgui']['authmode']; + } + else { + $pconfig['authmode'] = "Local Database"; + } } $pgtitle = array(gettext("Diagnostics"),gettext("Authentication")); $shortcut_section = "authentication"; diff --git a/usr/local/www/diag_backup.php b/usr/local/www/diag_backup.php index a83bdab..ddab190 100644 --- a/usr/local/www/diag_backup.php +++ b/usr/local/www/diag_backup.php @@ -407,7 +407,7 @@ if ($_POST) { /* this will be picked up by /index.php */ conf_mount_rw(); mark_subsystem_dirty("restore"); - touch("/conf/needs_package_sync"); + touch("/conf/needs_package_sync_after_reboot"); /* remove cache, we will force a config reboot */ if(file_exists("{$g['tmp_path']}/config.cache")) unlink("{$g['tmp_path']}/config.cache"); diff --git a/usr/local/www/firewall_nat.php b/usr/local/www/firewall_nat.php index adbb948..e2c79b9 100644 --- a/usr/local/www/firewall_nat.php +++ b/usr/local/www/firewall_nat.php @@ -265,7 +265,7 @@ echo "<script type=\"text/javascript\" src=\"/javascript/domTT/fadomatic.js\"></ <?php if($natent['associated-rule-id'] == "pass"): ?> <img src="./themes/<?= $g['theme']; ?>/images/icons/icon_pass.gif" title="<?=gettext("All traffic matching this NAT entry is passed"); ?>" border="0" alt="pass" /> <?php elseif (!empty($natent['associated-rule-id'])): ?> - <img src="./themes/<?= $g['theme']; ?>/images/icons/icon_chain.png" width="17" height="17" title="<?=gettext("Firewall rule ID"); ?> <?=htmlspecialchars($nnatid); ?> <?=gettext("is managed with this rule"); ?>" border="0" alt="change" /> + <img src="./themes/<?= $g['theme']; ?>/images/icons/icon_chain.png" width="17" height="17" title="<?=gettext("Firewall rule ID"); ?> <?=htmlspecialchars($natent['associated-rule-id']); ?> <?=gettext("is managed with this rule"); ?>" border="0" alt="change" /> <?php endif; ?> </td> <td class="listlr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_edit.php?id=<?=$nnats;?>';"> diff --git a/usr/local/www/firewall_rules.php b/usr/local/www/firewall_rules.php index c05b001..6368ed0 100644 --- a/usr/local/www/firewall_rules.php +++ b/usr/local/www/firewall_rules.php @@ -391,7 +391,7 @@ include("head.inc"); <td class="listr" style="background-color: #E0E0E0">*</td> <td class="listr" style="background-color: #E0E0E0">*</td> <td class="listr" style="background-color: #E0E0E0">*</td> - <td class="listr" style="background-color: #E0E0E0">*</td> + <td class="listr" style="background-color: #E0E0E0"> </td> <td class="listbg"><?=gettext("Block bogon networks");?></td> <td valign="middle" class="list nowrap"> <table border="0" cellspacing="0" cellpadding="1" summary="move rules before"> diff --git a/usr/local/www/pkg.php b/usr/local/www/pkg.php index 9173965..e07206e 100755 --- a/usr/local/www/pkg.php +++ b/usr/local/www/pkg.php @@ -56,8 +56,15 @@ if($xml == "") { print_info_box_np(gettext("ERROR: No package defined.")); exit; } else { - if(file_exists("/usr/local/pkg/" . $xml)) - $pkg = parse_xml_config_pkg("/usr/local/pkg/" . $xml, "packagegui"); + $pkg_xml_prefix = "/usr/local/pkg/"; + $pkg_full_path = "{$pkg_xml_prefix}/{$xml}"; + if (substr_compare(realpath($pkg_full_path), $pkg_xml_prefix, 0, strlen($pkg_xml_prefix))) { + print_info_box_np(gettext("ERROR: Invalid path specified.")); + die; + } + + if(file_exists($pkg_full_path)) + $pkg = parse_xml_config_pkg($pkg_full_path, "packagegui"); else { echo "File not found " . htmlspecialchars($xml); exit; diff --git a/usr/local/www/services_unbound.php b/usr/local/www/services_unbound.php index 528cdb6..fc84327 100644 --- a/usr/local/www/services_unbound.php +++ b/usr/local/www/services_unbound.php @@ -76,9 +76,6 @@ if (isset($config['unbound']['regdhcp'])) { if (isset($config['unbound']['regdhcpstatic'])) { $pconfig['regdhcpstatic'] = true; } -if (isset($config['unbound']['txtsupport'])) { - $pconfig['txtsupport'] = true; -} $pconfig['port'] = $config['unbound']['port']; $pconfig['custom_options'] = base64_decode($config['unbound']['custom_options']); @@ -159,11 +156,6 @@ if ($_POST) { } else { unset($a_unboundcfg['regdhcpstatic']); } - if (isset($_POST['txtsupport'])) { - $a_unboundcfg['txtsupport'] = true; - } else { - unset($a_unboundcfg['txtsupport']); - } if (is_array($_POST['active_interface']) && !empty($_POST['active_interface'])) { $a_unboundcfg['active_interface'] = implode(",", $_POST['active_interface']); } @@ -213,7 +205,7 @@ include_once("head.inc"); function enable_change(enable_over) { var endis; endis = !(jQuery('#enable').is(":checked") || enable_over); - jQuery("#active_interface,#outgoing_interface,#dnssec,#forwarding,#regdhcp,#regdhcpstatic,#dhcpfirst,#port,#txtsupport,#custom_options").prop('disabled', endis); + jQuery("#active_interface,#outgoing_interface,#dnssec,#forwarding,#regdhcp,#regdhcpstatic,#dhcpfirst,#port,#custom_options").prop('disabled', endis); } function show_advanced_dns() { jQuery("#showadv").show(); @@ -359,14 +351,6 @@ function show_advanced_dns() { </td> </tr> <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("TXT Comment Support");?></td> - <td width="78%" class="vtable"><p> - <input name="txtsupport" type="checkbox" id="txtsupport" value="yes" <?php echo (isset($pconfig['txtsupport']) ? "checked=\"checked\"" : "");?> /> - <strong><?=gettext("If this option is set, then any descriptions associated with Host entries and DHCP Static mappings will create a corresponding TXT record.");?><br /> - </strong></p> - </td> - </tr> - <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Advanced");?></td> <td width="78%" class="vtable"> <div id="showadvbox" <?php if ($pconfig['custom_options']) echo "style='display:none'"; ?>> diff --git a/usr/local/www/services_unbound_advanced.php b/usr/local/www/services_unbound_advanced.php index 8c3d764..480cc7e 100644 --- a/usr/local/www/services_unbound_advanced.php +++ b/usr/local/www/services_unbound_advanced.php @@ -100,7 +100,7 @@ if ($_POST) { if (isset($_POST['outgoing_num_tcp']) && !in_array($_POST['outgoing_num_tcp'], array('0', '10', '20', '30', '40', '50'), true)) { $input_errors[] = "A valid value must be specified for Outgoing TCP Buffers."; } - if (isset($_POST['outgoing_num_tcp']) && !in_array($_POST['incoming_num_tcp'], array('0', '10', '20', '30', '40', '50'), true)) { + if (isset($_POST['incoming_num_tcp']) && !in_array($_POST['incoming_num_tcp'], array('0', '10', '20', '30', '40', '50'), true)) { $input_errors[] = "A valid value must be specified for Incoming TCP Buffers."; } if (isset($_POST['edns_buffer_size']) && !in_array($_POST['edns_buffer_size'], array('512', '1480', '4096'), true)) { diff --git a/usr/local/www/status_gateways.php b/usr/local/www/status_gateways.php index a151788..afc73d5 100644 --- a/usr/local/www/status_gateways.php +++ b/usr/local/www/status_gateways.php @@ -92,7 +92,7 @@ include("head.inc"); <?php if ($gateways_status[$gname]) echo $gateways_status[$gname]['monitorip']; else - echo $gateway['monitorip']; + echo $gateway['monitor']; ?> </td> <td class="listr" align="center"> diff --git a/usr/local/www/wizard.php b/usr/local/www/wizard.php index 251c58f..d5aa350 100644 --- a/usr/local/www/wizard.php +++ b/usr/local/www/wizard.php @@ -66,8 +66,15 @@ if(empty($xml)) { print_info_box_np(sprintf(gettext("ERROR: Could not open %s."), $xml)); die; } else { - if (file_exists("{$g['www_path']}/wizards/{$xml}")) - $pkg = parse_xml_config_pkg("{$g['www_path']}/wizards/" . $xml, "pfsensewizard"); + $wizard_xml_prefix = "{$g['www_path']}/wizards"; + $wizard_full_path = "{$wizard_xml_prefix}/{$xml}"; + if (substr_compare(realpath($wizard_full_path), $wizard_xml_prefix, 0, strlen($wizard_xml_prefix))) { + print_info_box_np(gettext("ERROR: Invalid path specified.")); + die; + } + + if (file_exists($wizard_full_path)) + $pkg = parse_xml_config_pkg($wizard_full_path, "pfsensewizard"); else { print_info_box_np(sprintf(gettext("ERROR: Could not open %s."), $xml)); die; |