summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Fix whitespaces and indentRenato Botelho2014-06-181-46/+45
|
* We need to allow subdirectories under /usr/local/pkg, here is the proper fixRenato Botelho2014-06-181-7/+5
|
* Set 'Disable webConfigurator login autocomplete' as on by defaultRenato Botelho2014-06-181-0/+1
|
* Always set httponly attribute on cookiesRenato Botelho2014-06-181-10/+8
|
* Protect servicestatusfilter parameter with htmlspecialchars()Renato Botelho2014-06-171-1/+1
|
* Protect rssfeed parameters with htmlspecialchars()Renato Botelho2014-06-171-6/+6
|
* Add comment I forgot on last commitRenato Botelho2014-06-171-0/+1
|
* Re-generate session ID on a successful login to avoid session fixationRenato Botelho2014-06-171-0/+1
|
* Avoid directory traversal on restorefullbackupRenato Botelho2014-06-171-2/+2
|
* Fix core dump on viewing invalid package logMatt Smith2014-06-172-3/+7
|
* Remove . and / from pkg name to avoid directory traversalRenato Botelho2014-06-171-5/+5
|
* Remove id=0 from miniupnpd menu and shortcutRenato Botelho2014-06-172-3/+3
|
* Avoid directory traversal when reading package xml files, also check if file ↵Renato Botelho2014-06-171-1/+6
| | | | exists before try to read it
* Make sure variables are escaped, also replace exec calls to run rm by ↵Renato Botelho2014-06-171-4/+4
| | | | unlink_if_exists()
* Remove useless code, variable is set again on next lineRenato Botelho2014-06-171-3/+0
|
* Escape parameters passed to shell_exec()Renato Botelho2014-06-172-2/+2
|
* Be more careful with host parameter and make sure it's escaped when call ↵Renato Botelho2014-06-171-7/+6
| | | | shell functions
* Validate starttime and stoptime formatRenato Botelho2014-06-171-0/+8
|
* Do not expire already disabled users, it fixes #3644Renato Botelho2014-06-121-1/+1
|
* Be more precise to match members of a bridge interface, it should fix #3637Renato Botelho2014-06-101-1/+3
|
* Revert "Revert "Fix #3700 and other syntax issues:""Renato Botelho2014-06-102-16/+17
| | | | This reverts commit 4cc2ae78d3027c349969437f08a88b1fb88c9de8.
* Revert "Fix sh syntax"Renato Botelho2014-06-101-3/+3
| | | | This reverts commit cd49f9cd5d21a6592ba690cd315f19266092bee5.
* Fix sh syntaxRenato Botelho2014-06-101-3/+3
|
* Revert "Fix #3700 and other syntax issues:"Renato Botelho2014-06-102-17/+16
| | | | This reverts commit e912bfae186b6b657daf52607f9d027f46be0478.
* Fix #3700 and other syntax issues:Renato Botelho2014-06-102-16/+17
| | | | | | | | | - Remove -G parameter from pfctl since it doesn't exist anymore - Initialize $old_router - Fix sh syntax on variable assign, it couldn't have space before = - Simplify logic - Avoid flush states twice, if it was done on IP change, don't do it again if router also has changed
* Do not allow interface group name to be bigger than 15 chars, helps ticket #3208Renato Botelho2014-06-091-1/+1
|
* Escape argument on call to is_process_running too, also remove some ↵Renato Botelho2014-06-061-3/+3
| | | | unecessary mwexec() calls
* Add some protection to parameters that come through _GETRenato Botelho2014-06-062-13/+17
|
* Escape this before running.jim-p2014-06-061-1/+1
|
* Bump version to 2.1.4Renato Botelho2014-06-051-1/+1
|
* Fix #3691, use curl instead of fetch to download update filesRenato Botelho2014-06-051-17/+13
|
* allow ipaliases to be configured on lo0Matt Smith2014-06-031-2/+2
|
* remove openbgpd bits from system_gateways_edit and system.inc. The packageChris Buechler2014-05-302-8/+2
| | | | | | match is case-sensitive and hasn't matched the openbgpd package's name in at least 5 years, so it doesn't do anything. It's far from functional in any useful manner even fixing that issue.
* client-config-dir is also useful when using OpenVPN's internal DHCP while ↵jim-p2014-05-301-0/+1
| | | | bridging.
* Unset iflist and iflist_disabledRenato Botelho2014-05-292-1/+6
|
* Show disabled interface when it was already part of interface group, it ↵Renato Botelho2014-05-292-6/+14
| | | | avoids to show a random interface instead and let user to add it by mistake. It should fix #3680
* Convert protocol ssl:// to https:// when creating http headersManuel Silvoso2014-05-281-1/+1
|
* Properly handle this rename, and squelch errors if it fails.jim-p2014-05-211-1/+1
|
* Delete all ip aliases when interface is disabled, it should fix #3650Renato Botelho2014-05-211-7/+21
|
* fix variable typo. ticket #3669Chris Buechler2014-05-201-1/+1
|
* /etc/version_kernel and /etc/version_base no longer exist, use php_uname to ↵jim-p2014-05-161-2/+4
| | | | get the info instead.
* add guiconfig to widgets not including it. ticket #3498Chris Buechler2014-05-142-0/+2
|
* remove text not relevant to Allowed IPs. Ticket #3594Chris Buechler2014-05-141-18/+2
|
* Merge pull request #1131 from razzfazz/make_upnp_listen_on_if_optionalRenato Botelho2014-05-092-2/+11
|\
| * make listening on interface rather than IP optional for miniupnpDaniel Becker2014-05-062-2/+11
| |
* | Merge pull request #1130 from razzfazz/status_upnp_int_portRenato Botelho2014-05-081-3/+8
|\ \
| * | add column for internal port on UPnP status pageDaniel Becker2014-05-051-3/+8
| | |
* | | Fix #3646, Revert part of 082c9d961e and fix highlight selected rulesRenato Botelho2014-05-082-17/+17
| |/ |/|
* | Remove units from burst as it is always specified in bytes. (Per ipfw(8)).jim-p2014-05-061-2/+2
|/ | | | Worked for me in testing, I watched a file briefly burst until and then be clamped down to the limiter's rate.
* Merge the forgotten Ticket #3062 patch for CP pipeno leaking issue which ↵Ermal2014-05-031-1/+6
| | | | leads to the 'Maximum login reached' on CP
OpenPOWER on IntegriCloud