From 1e9b461124a435fe64c62d065d09b01e1ca368e8 Mon Sep 17 00:00:00 2001 From: Renato Botelho Date: Thu, 12 Sep 2013 11:28:14 -0300 Subject: Remove call-time pass by reference for do_input_validation, helps ticket #2565 --- usr/local/www/diag_dns.php | 2 +- usr/local/www/diag_ping.php | 2 +- usr/local/www/diag_testport.php | 2 +- usr/local/www/diag_traceroute.php | 2 +- usr/local/www/firewall_aliases_edit.php | 2 +- usr/local/www/firewall_aliases_import.php | 2 +- usr/local/www/firewall_nat_1to1_edit.php | 2 +- usr/local/www/firewall_nat_edit.php | 2 +- usr/local/www/firewall_nat_npt_edit.php | 2 +- usr/local/www/firewall_nat_out_edit.php | 2 +- usr/local/www/firewall_rules_edit.php | 2 +- usr/local/www/interfaces.php | 14 +++++++------- usr/local/www/interfaces_bridge_edit.php | 2 +- usr/local/www/interfaces_gif_edit.php | 2 +- usr/local/www/interfaces_gre_edit.php | 2 +- usr/local/www/interfaces_lagg_edit.php | 2 +- usr/local/www/interfaces_ppps_edit.php | 6 +++--- usr/local/www/interfaces_vlan_edit.php | 2 +- usr/local/www/interfaces_wireless_edit.php | 2 +- usr/local/www/load_balancer_monitor_edit.php | 2 +- usr/local/www/load_balancer_pool_edit.php | 2 +- usr/local/www/load_balancer_relay_action_edit.php | 2 +- usr/local/www/load_balancer_relay_protocol_edit.php | 2 +- usr/local/www/load_balancer_virtual_server_edit.php | 2 +- usr/local/www/pkg_edit.php | 2 +- usr/local/www/services_captiveportal.php | 2 +- usr/local/www/services_captiveportal_hostname_edit.php | 2 +- usr/local/www/services_captiveportal_ip_edit.php | 2 +- usr/local/www/services_captiveportal_vouchers.php | 2 +- usr/local/www/services_captiveportal_vouchers_edit.php | 2 +- usr/local/www/services_captiveportal_zones_edit.php | 2 +- usr/local/www/services_dhcp_edit.php | 2 +- usr/local/www/services_dhcp_relay.php | 2 +- usr/local/www/services_dhcpv6.php | 2 +- usr/local/www/services_dhcpv6_edit.php | 2 +- usr/local/www/services_dhcpv6_relay.php | 2 +- usr/local/www/services_dnsmasq_domainoverride_edit.php | 2 +- usr/local/www/services_dnsmasq_edit.php | 4 ++-- usr/local/www/services_dyndns_edit.php | 2 +- usr/local/www/services_rfc2136_edit.php | 2 +- usr/local/www/services_snmp.php | 12 ++++++------ usr/local/www/services_wol_edit.php | 2 +- usr/local/www/system.php | 2 +- usr/local/www/system_authservers.php | 2 +- usr/local/www/system_camanager.php | 2 +- usr/local/www/system_certmanager.php | 4 ++-- usr/local/www/system_crlmanager.php | 2 +- usr/local/www/system_gateway_groups_edit.php | 2 +- usr/local/www/system_gateways_edit.php | 2 +- usr/local/www/system_groupmanager.php | 2 +- usr/local/www/system_groupmanager_addprivs.php | 2 +- usr/local/www/system_routes_edit.php | 2 +- usr/local/www/system_usermanager.php | 2 +- usr/local/www/system_usermanager_addprivs.php | 2 +- usr/local/www/system_usermanager_passwordmg.php | 2 +- usr/local/www/vpn_ipsec_keys_edit.php | 2 +- usr/local/www/vpn_ipsec_mobile.php | 2 +- usr/local/www/vpn_ipsec_phase1.php | 2 +- usr/local/www/vpn_ipsec_phase2.php | 2 +- usr/local/www/vpn_l2tp.php | 2 +- usr/local/www/vpn_l2tp_users_edit.php | 2 +- usr/local/www/vpn_openvpn_client.php | 2 +- usr/local/www/vpn_openvpn_csc.php | 2 +- usr/local/www/vpn_openvpn_server.php | 2 +- usr/local/www/vpn_pppoe_edit.php | 2 +- usr/local/www/vpn_pptp.php | 4 ++-- usr/local/www/vpn_pptp_users_edit.php | 2 +- 67 files changed, 83 insertions(+), 83 deletions(-) diff --git a/usr/local/www/diag_dns.php b/usr/local/www/diag_dns.php index 6b336a2..c5735dd 100644 --- a/usr/local/www/diag_dns.php +++ b/usr/local/www/diag_dns.php @@ -92,7 +92,7 @@ if ($_POST) { $reqdfields = explode(" ", "host"); $reqdfieldsn = explode(",", "Host"); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); $host = trim($_POST['host'], " \t\n\r\0\x0B[]"); $host_esc = escapeshellarg($host); diff --git a/usr/local/www/diag_ping.php b/usr/local/www/diag_ping.php index 6bb9184..391d939 100755 --- a/usr/local/www/diag_ping.php +++ b/usr/local/www/diag_ping.php @@ -55,7 +55,7 @@ if ($_POST || $_REQUEST['host']) { /* input validation */ $reqdfields = explode(" ", "host count"); $reqdfieldsn = array(gettext("Host"),gettext("Count")); - do_input_validation($_REQUEST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_REQUEST, $reqdfields, $reqdfieldsn, $input_errors); if (($_REQUEST['count'] < 1) || ($_REQUEST['count'] > MAX_COUNT)) { $input_errors[] = sprintf(gettext("Count must be between 1 and %s"), MAX_COUNT); diff --git a/usr/local/www/diag_testport.php b/usr/local/www/diag_testport.php index c8aa6a3..67d4d9e 100644 --- a/usr/local/www/diag_testport.php +++ b/usr/local/www/diag_testport.php @@ -58,7 +58,7 @@ if ($_POST || $_REQUEST['host']) { /* input validation */ $reqdfields = explode(" ", "host port"); $reqdfieldsn = array(gettext("Host"),gettext("Port")); - do_input_validation($_REQUEST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_REQUEST, $reqdfields, $reqdfieldsn, $input_errors); if (!is_ipaddr($_REQUEST['host']) && !is_hostname($_REQUEST['host'])) { $input_errors[] = gettext("Please enter a valid IP or hostname."); diff --git a/usr/local/www/diag_traceroute.php b/usr/local/www/diag_traceroute.php index 1e27020..35b40e1 100755 --- a/usr/local/www/diag_traceroute.php +++ b/usr/local/www/diag_traceroute.php @@ -61,7 +61,7 @@ if ($_POST || $_REQUEST['host']) { /* input validation */ $reqdfields = explode(" ", "host ttl"); $reqdfieldsn = array(gettext("Host"),gettext("ttl")); - do_input_validation($_REQUEST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_REQUEST, $reqdfields, $reqdfieldsn, $input_errors); if (($_REQUEST['ttl'] < 1) || ($_REQUEST['ttl'] > MAX_TTL)) { $input_errors[] = sprintf(gettext("Maximum number of hops must be between 1 and %s"), MAX_TTL); diff --git a/usr/local/www/firewall_aliases_edit.php b/usr/local/www/firewall_aliases_edit.php index 74c26f9..e1d7153 100755 --- a/usr/local/www/firewall_aliases_edit.php +++ b/usr/local/www/firewall_aliases_edit.php @@ -126,7 +126,7 @@ if ($_POST) { $reqdfields = explode(" ", "name"); $reqdfieldsn = array(gettext("Name")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); $x = is_validaliasname($_POST['name']); if (!isset($x)) { diff --git a/usr/local/www/firewall_aliases_import.php b/usr/local/www/firewall_aliases_import.php index 9b9d735..26e5e2d 100755 --- a/usr/local/www/firewall_aliases_import.php +++ b/usr/local/www/firewall_aliases_import.php @@ -58,7 +58,7 @@ if($_POST['aliasimport'] <> "") { $reqdfields = explode(" ", "name aliasimport"); $reqdfieldsn = array(gettext("Name"),gettext("Aliases")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (is_validaliasname($_POST['name']) == false) $input_errors[] = gettext("The alias name may only consist of the characters") . " a-z, A-Z, 0-9, _."; diff --git a/usr/local/www/firewall_nat_1to1_edit.php b/usr/local/www/firewall_nat_1to1_edit.php index 50c0fa9..2f27e91 100755 --- a/usr/local/www/firewall_nat_1to1_edit.php +++ b/usr/local/www/firewall_nat_1to1_edit.php @@ -121,7 +121,7 @@ if ($_POST) { $reqdfieldsn[] = gettext("Destination address"); } - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if ($_POST['external']) $_POST['external'] = trim($_POST['external']); diff --git a/usr/local/www/firewall_nat_edit.php b/usr/local/www/firewall_nat_edit.php index 574822c..38c3a84 100755 --- a/usr/local/www/firewall_nat_edit.php +++ b/usr/local/www/firewall_nat_edit.php @@ -208,7 +208,7 @@ if ($_POST) { $reqdfieldsn[] = gettext("Redirect target IP"); } - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (!$_POST['srcbeginport']) { $_POST['srcbeginport'] = 0; diff --git a/usr/local/www/firewall_nat_npt_edit.php b/usr/local/www/firewall_nat_npt_edit.php index f0ffbab..ace491d 100644 --- a/usr/local/www/firewall_nat_npt_edit.php +++ b/usr/local/www/firewall_nat_npt_edit.php @@ -107,7 +107,7 @@ if ($_POST) { $reqdfields[] = "dst"; $reqdfieldsn[] = gettext("Destination prefix"); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (!$input_errors) { $natent = array(); diff --git a/usr/local/www/firewall_nat_out_edit.php b/usr/local/www/firewall_nat_out_edit.php index 13c1850..2d1d89f 100755 --- a/usr/local/www/firewall_nat_out_edit.php +++ b/usr/local/www/firewall_nat_out_edit.php @@ -139,7 +139,7 @@ if ($_POST) { $reqdfields = explode(" ", "interface protocol source source_subnet destination destination_subnet"); $reqdfieldsn = array(gettext("Interface"),gettext("Protocol"),gettext("Source"),gettext("Source bit count"),gettext("Destination"),gettext("Destination bit count")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); $protocol_uses_ports = in_array($_POST['protocol'], explode(" ", "any tcp udp tcp/udp")); diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php index 381b3a8..cbdc3af 100755 --- a/usr/local/www/firewall_rules_edit.php +++ b/usr/local/www/firewall_rules_edit.php @@ -342,7 +342,7 @@ if ($_POST) { $reqdfieldsn[] = gettext("Destination bit count"); } - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (!$_POST['srcbeginport']) { $_POST['srcbeginport'] = 0; diff --git a/usr/local/www/interfaces.php b/usr/local/www/interfaces.php index 62931cd..4f672b4 100755 --- a/usr/local/www/interfaces.php +++ b/usr/local/www/interfaces.php @@ -497,7 +497,7 @@ if ($_POST['apply']) { case "staticv4": $reqdfields = explode(" ", "ipaddr subnet gateway"); $reqdfieldsn = array(gettext("IPv4 address"),gettext("Subnet bit count"),gettext("Gateway")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); break; case "none": if(is_array($config['virtualip']['vip'])) { @@ -513,7 +513,7 @@ if ($_POST['apply']) { case "ppp": $reqdfields = explode(" ", "port phone"); $reqdfieldsn = array(gettext("Modem Port"),gettext("Phone Number")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); break; case "pppoe": if ($_POST['pppoe_dialondemand']) { @@ -523,7 +523,7 @@ if ($_POST['apply']) { $reqdfields = explode(" ", "pppoe_username pppoe_password"); $reqdfieldsn = array(gettext("PPPoE username"),gettext("PPPoE password")); } - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); break; case "pptp": if ($_POST['pptp_dialondemand']) { @@ -533,7 +533,7 @@ if ($_POST['apply']) { $reqdfields = explode(" ", "pptp_username pptp_password pptp_local pptp_subnet pptp_remote"); $reqdfieldsn = array(gettext("PPTP username"),gettext("PPTP password"),gettext("PPTP local IP address"),gettext("PPTP subnet"),gettext("PPTP remote IP address")); } - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); break; case "l2tp": if ($_POST['pptp_dialondemand']) { @@ -543,14 +543,14 @@ if ($_POST['apply']) { $reqdfields = explode(" ", "pptp_username pptp_password pptp_remote"); $reqdfieldsn = array(gettext("L2TP username"),gettext("L2TP password"),gettext("L2TP remote IP address")); } - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); break; } switch(strtolower($_POST['type6'])) { case "staticv6": $reqdfields = explode(" ", "ipaddrv6 subnetv6 gatewayv6"); $reqdfieldsn = array(gettext("IPv6 address"),gettext("Subnet bit count"),gettext("Gateway")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); break; case "none": if(is_array($config['virtualip']['vip'])) { @@ -729,7 +729,7 @@ if ($_POST['apply']) { $reqdfields[] = "ssid"; $reqdfieldsn[] = gettext("SSID"); } - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); check_wireless_mode(); /* loop through keys and enforce size */ for ($i = 1; $i <= 4; $i++) { diff --git a/usr/local/www/interfaces_bridge_edit.php b/usr/local/www/interfaces_bridge_edit.php index 1565abc..36a9b1a 100644 --- a/usr/local/www/interfaces_bridge_edit.php +++ b/usr/local/www/interfaces_bridge_edit.php @@ -118,7 +118,7 @@ if ($_POST) { $reqdfields = explode(" ", "members"); $reqdfieldsn = array(gettext("Member Interfaces")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if ($_POST['maxage'] && !is_numeric($_POST['maxage'])) $input_errors[] = gettext("Maxage needs to be an integer between 6 and 40."); diff --git a/usr/local/www/interfaces_gif_edit.php b/usr/local/www/interfaces_gif_edit.php index b5eb89c..5d091ca 100644 --- a/usr/local/www/interfaces_gif_edit.php +++ b/usr/local/www/interfaces_gif_edit.php @@ -74,7 +74,7 @@ if ($_POST) { $reqdfields = explode(" ", "if tunnel-remote-addr tunnel-remote-net tunnel-local-addr"); $reqdfieldsn = array(gettext("Parent interface,Local address, Remote tunnel address, Remote tunnel network, Local tunnel address")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if ((!is_ipaddr($_POST['tunnel-local-addr'])) || (!is_ipaddr($_POST['tunnel-remote-addr'])) || (!is_ipaddr($_POST['remote-addr']))) { diff --git a/usr/local/www/interfaces_gre_edit.php b/usr/local/www/interfaces_gre_edit.php index 4551aa0..a4c877d 100644 --- a/usr/local/www/interfaces_gre_edit.php +++ b/usr/local/www/interfaces_gre_edit.php @@ -73,7 +73,7 @@ if ($_POST) { $reqdfields = explode(" ", "if tunnel-remote-addr tunnel-remote-net tunnel-local-addr"); $reqdfieldsn = array(gettext("Parent interface"),gettext("Local address"),gettext("Remote tunnel address"),gettext("Remote tunnel network"), gettext("Local tunnel address")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if ((!is_ipaddr($_POST['tunnel-local-addr'])) || (!is_ipaddr($_POST['tunnel-remote-addr'])) || (!is_ipaddr($_POST['remote-addr']))) { diff --git a/usr/local/www/interfaces_lagg_edit.php b/usr/local/www/interfaces_lagg_edit.php index 1a1d468..a2ad5c7 100644 --- a/usr/local/www/interfaces_lagg_edit.php +++ b/usr/local/www/interfaces_lagg_edit.php @@ -87,7 +87,7 @@ if ($_POST) { $reqdfields = explode(" ", "members proto"); $reqdfieldsn = array(gettext("Member interfaces"), gettext("Lagg protocol")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (is_array($_POST['members'])) { foreach ($_POST['members'] as $member) { diff --git a/usr/local/www/interfaces_ppps_edit.php b/usr/local/www/interfaces_ppps_edit.php index d953111..353b4b5 100644 --- a/usr/local/www/interfaces_ppps_edit.php +++ b/usr/local/www/interfaces_ppps_edit.php @@ -186,7 +186,7 @@ if ($_POST) { case "ppp": $reqdfields = explode(" ", "interfaces phone"); $reqdfieldsn = array(gettext("Link Interface(s)"),gettext("Phone Number")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); break; case "pppoe": if ($_POST['ondemand']) { @@ -196,7 +196,7 @@ if ($_POST) { $reqdfields = explode(" ", "interfaces username password"); $reqdfieldsn = array(gettext("Link Interface(s)"),gettext("Username"),gettext("Password")); } - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); break; case "l2tp": case "pptp": @@ -207,7 +207,7 @@ if ($_POST) { $reqdfields = explode(" ", "interfaces username password localip subnet gateway"); $reqdfieldsn = array(gettext("Link Interface(s)"),gettext("Username"),gettext("Password"),gettext("Local IP address"),gettext("Subnet"),gettext("Remote IP address")); } - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); break; default: $input_errors[] = gettext("Please choose a Link Type."); diff --git a/usr/local/www/interfaces_vlan_edit.php b/usr/local/www/interfaces_vlan_edit.php index ced8611..acd78e2 100755 --- a/usr/local/www/interfaces_vlan_edit.php +++ b/usr/local/www/interfaces_vlan_edit.php @@ -74,7 +74,7 @@ if ($_POST) { $reqdfields = explode(" ", "if tag"); $reqdfieldsn = array(gettext("Parent interface"),gettext("VLAN tag")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if ($_POST['tag'] && (!is_numericint($_POST['tag']) || ($_POST['tag'] < '1') || ($_POST['tag'] > '4094'))) { $input_errors[] = gettext("The VLAN tag must be an integer between 1 and 4094."); diff --git a/usr/local/www/interfaces_wireless_edit.php b/usr/local/www/interfaces_wireless_edit.php index 778ee2e..b34f266 100644 --- a/usr/local/www/interfaces_wireless_edit.php +++ b/usr/local/www/interfaces_wireless_edit.php @@ -85,7 +85,7 @@ if ($_POST) { $reqdfields = explode(" ", "if mode"); $reqdfieldsn = array(gettext("Parent interface"),gettext("Mode")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (!$input_errors) { $clone = array(); diff --git a/usr/local/www/load_balancer_monitor_edit.php b/usr/local/www/load_balancer_monitor_edit.php index 271b2f6..1a4206c 100755 --- a/usr/local/www/load_balancer_monitor_edit.php +++ b/usr/local/www/load_balancer_monitor_edit.php @@ -87,7 +87,7 @@ if ($_POST) { $reqdfields = explode(" ", "name type descr"); $reqdfieldsn = array(gettext("Name"),gettext("Type"),gettext("Description")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); /* Ensure that our monitor names are unique */ for ($i=0; isset($config['load_balancer']['monitor_type'][$i]); $i++) diff --git a/usr/local/www/load_balancer_pool_edit.php b/usr/local/www/load_balancer_pool_edit.php index 3eced6b..9ce0e2b 100755 --- a/usr/local/www/load_balancer_pool_edit.php +++ b/usr/local/www/load_balancer_pool_edit.php @@ -75,7 +75,7 @@ if ($_POST) { $reqdfields = explode(" ", "name mode port monitor servers"); $reqdfieldsn = array(gettext("Name"),gettext("Mode"),gettext("Port"),gettext("Monitor"),gettext("Server List")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); /* Ensure that our pool names are unique */ for ($i=0; isset($config['load_balancer']['lbpool'][$i]); $i++) diff --git a/usr/local/www/load_balancer_relay_action_edit.php b/usr/local/www/load_balancer_relay_action_edit.php index 44f0ecb..edbea87 100755 --- a/usr/local/www/load_balancer_relay_action_edit.php +++ b/usr/local/www/load_balancer_relay_action_edit.php @@ -116,7 +116,7 @@ if ($_POST) { $reqdfields = explode(" ", "name protocol direction action descr"); $reqdfieldsn = array(gettext("Name"),gettext("Protocol"),gettext("Direction"),gettext("Action"),gettext("Description")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); /* Ensure that our monitor names are unique */ for ($i=0; isset($config['load_balancer']['lbactions'][$i]); $i++) diff --git a/usr/local/www/load_balancer_relay_protocol_edit.php b/usr/local/www/load_balancer_relay_protocol_edit.php index 9dd02a0..387d00d 100755 --- a/usr/local/www/load_balancer_relay_protocol_edit.php +++ b/usr/local/www/load_balancer_relay_protocol_edit.php @@ -78,7 +78,7 @@ if ($_POST) { $reqdfields = explode(" ", "name type descr"); $reqdfieldsn = array(gettext("Name"),gettext("Type"),gettext("Description")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); /* Ensure that our monitor names are unique */ for ($i=0; isset($config['load_balancer']['lbprotocol'][$i]); $i++) diff --git a/usr/local/www/load_balancer_virtual_server_edit.php b/usr/local/www/load_balancer_virtual_server_edit.php index deda062..2f66c96 100755 --- a/usr/local/www/load_balancer_virtual_server_edit.php +++ b/usr/local/www/load_balancer_virtual_server_edit.php @@ -79,7 +79,7 @@ if ($_POST) { } } - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); for ($i=0; isset($config['load_balancer']['virtual_server'][$i]); $i++) if (($_POST['name'] == $config['load_balancer']['virtual_server'][$i]['name']) && ($i != $id)) diff --git a/usr/local/www/pkg_edit.php b/usr/local/www/pkg_edit.php index 90f6163..04f1ce8 100755 --- a/usr/local/www/pkg_edit.php +++ b/usr/local/www/pkg_edit.php @@ -137,7 +137,7 @@ if ($_POST) { $reqfieldsn[] = $field['fielddescr']; } } - do_input_validation($_POST, $reqfields, $reqfieldsn, &$input_errors); + do_input_validation($_POST, $reqfields, $reqfieldsn, $input_errors); if ($pkg['custom_php_validation_command']) eval($pkg['custom_php_validation_command']); diff --git a/usr/local/www/services_captiveportal.php b/usr/local/www/services_captiveportal.php index e41c102..8d7b211 100755 --- a/usr/local/www/services_captiveportal.php +++ b/usr/local/www/services_captiveportal.php @@ -155,7 +155,7 @@ if ($_POST) { $reqdfields = explode(" ", "zone cinterface"); $reqdfieldsn = array(gettext("Zone name"), gettext("Interface")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); /* make sure no interfaces are bridged or used on other zones */ if (is_array($_POST['cinterface'])) { diff --git a/usr/local/www/services_captiveportal_hostname_edit.php b/usr/local/www/services_captiveportal_hostname_edit.php index c1b6c25..dc7eee7 100755 --- a/usr/local/www/services_captiveportal_hostname_edit.php +++ b/usr/local/www/services_captiveportal_hostname_edit.php @@ -99,7 +99,7 @@ if ($_POST) { $reqdfields = explode(" ", "hostname"); $reqdfieldsn = array(gettext("Allowed Hostname")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (($_POST['hostname'] && !is_hostname($_POST['hostname']))) $input_errors[] = sprintf(gettext("A valid Hostname must be specified. [%s]"), $_POST['hostname']); diff --git a/usr/local/www/services_captiveportal_ip_edit.php b/usr/local/www/services_captiveportal_ip_edit.php index f16532c..a700e9b 100755 --- a/usr/local/www/services_captiveportal_ip_edit.php +++ b/usr/local/www/services_captiveportal_ip_edit.php @@ -98,7 +98,7 @@ if ($_POST) { $reqdfields = explode(" ", "ip sn"); $reqdfieldsn = array(gettext("Allowed IP address"), gettext("Subnet mask")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if ($_POST['ip'] && !is_ipaddr($_POST['ip'])) $input_errors[] = sprintf(gettext("A valid IP address must be specified. [%s]"), $_POST['ip']); diff --git a/usr/local/www/services_captiveportal_vouchers.php b/usr/local/www/services_captiveportal_vouchers.php index 0ba7c45..aa885e0 100644 --- a/usr/local/www/services_captiveportal_vouchers.php +++ b/usr/local/www/services_captiveportal_vouchers.php @@ -213,7 +213,7 @@ if ($_POST) { $reqdfieldsn = array(gettext("Synchronize Voucher Database IP"),gettext("Sync port"),gettext("Sync password"),gettext("Sync username")); } - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); } if (!$_POST['vouchersyncusername']) { diff --git a/usr/local/www/services_captiveportal_vouchers_edit.php b/usr/local/www/services_captiveportal_vouchers_edit.php index 9cd85e8..f30d0ac 100644 --- a/usr/local/www/services_captiveportal_vouchers_edit.php +++ b/usr/local/www/services_captiveportal_vouchers_edit.php @@ -91,7 +91,7 @@ if ($_POST) { $reqdfields = explode(" ", "number count minutes"); $reqdfieldsn = array(gettext("Number"),gettext("Count"),gettext("minutes")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); // Look for duplicate roll # foreach($a_roll as $re) { diff --git a/usr/local/www/services_captiveportal_zones_edit.php b/usr/local/www/services_captiveportal_zones_edit.php index b011352..e604280 100644 --- a/usr/local/www/services_captiveportal_zones_edit.php +++ b/usr/local/www/services_captiveportal_zones_edit.php @@ -58,7 +58,7 @@ if ($_POST) { $reqdfields = explode(" ", "zone"); $reqdfieldsn = array(gettext("Zone name")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (preg_match('/[^A-Za-z0-9_]/', $_POST['zone'])) { $input_errors[] = gettext("The zone name can only contain letters, digits, and underscores (_)."); diff --git a/usr/local/www/services_dhcp_edit.php b/usr/local/www/services_dhcp_edit.php index 5428747..da77afc 100755 --- a/usr/local/www/services_dhcp_edit.php +++ b/usr/local/www/services_dhcp_edit.php @@ -143,7 +143,7 @@ if ($_POST) { $reqdfields = array(); $reqdfieldsn = array(); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); /* either MAC or Client-ID must be specified */ if (empty($_POST['mac']) && empty($_POST['cid'])) diff --git a/usr/local/www/services_dhcp_relay.php b/usr/local/www/services_dhcp_relay.php index b2aa049..7623e49 100755 --- a/usr/local/www/services_dhcp_relay.php +++ b/usr/local/www/services_dhcp_relay.php @@ -71,7 +71,7 @@ if ($_POST) { $reqdfields = explode(" ", "server interface"); $reqdfieldsn = array(gettext("Destination Server"), gettext("Interface")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if ($_POST['server']) { $checksrv = explode(",", $_POST['server']); diff --git a/usr/local/www/services_dhcpv6.php b/usr/local/www/services_dhcpv6.php index 09a4696..1722915 100644 --- a/usr/local/www/services_dhcpv6.php +++ b/usr/local/www/services_dhcpv6.php @@ -167,7 +167,7 @@ if ($_POST) { $reqdfields = explode(" ", "range_from range_to"); $reqdfieldsn = array(gettext("Range begin"),gettext("Range end")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (($_POST['prefixrange_from'] && !is_ipaddrv6($_POST['prefixrange_from']))) $input_errors[] = gettext("A valid range must be specified."); diff --git a/usr/local/www/services_dhcpv6_edit.php b/usr/local/www/services_dhcpv6_edit.php index a4e48e6..32ac04a 100644 --- a/usr/local/www/services_dhcpv6_edit.php +++ b/usr/local/www/services_dhcpv6_edit.php @@ -110,7 +110,7 @@ if ($_POST) { $reqdfields = explode(" ", "duid"); $reqdfieldsn = array(gettext("DUID Identifier")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if ($_POST['hostname']) { preg_match("/\-\$/", $_POST['hostname'], $matches); diff --git a/usr/local/www/services_dhcpv6_relay.php b/usr/local/www/services_dhcpv6_relay.php index 4508198..ecd7818 100644 --- a/usr/local/www/services_dhcpv6_relay.php +++ b/usr/local/www/services_dhcpv6_relay.php @@ -72,7 +72,7 @@ if ($_POST) { $reqdfields = explode(" ", "server interface"); $reqdfieldsn = array(gettext("Destination Server"), gettext("Interface")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if ($_POST['server']) { $checksrv = explode(",", $_POST['server']); diff --git a/usr/local/www/services_dnsmasq_domainoverride_edit.php b/usr/local/www/services_dnsmasq_domainoverride_edit.php index c228353..8d0fce8 100755 --- a/usr/local/www/services_dnsmasq_domainoverride_edit.php +++ b/usr/local/www/services_dnsmasq_domainoverride_edit.php @@ -71,7 +71,7 @@ if ($_POST) { $reqdfields = explode(" ", "domain ip"); $reqdfieldsn = array(gettext("Domain"),gettext("IP address")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); function String_Begins_With($needle, $haystack) { return (substr($haystack, 0, strlen($needle))==$needle); diff --git a/usr/local/www/services_dnsmasq_edit.php b/usr/local/www/services_dnsmasq_edit.php index e38f977..c56f759 100755 --- a/usr/local/www/services_dnsmasq_edit.php +++ b/usr/local/www/services_dnsmasq_edit.php @@ -80,7 +80,7 @@ if ($_POST) { $reqdfields = explode(" ", "domain ip"); $reqdfieldsn = array(gettext("Domain"),gettext("IP address")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (($_POST['host'] && !is_hostname($_POST['host']))) $input_errors[] = gettext("The hostname can only contain the characters A-Z, 0-9 and '-'."); @@ -119,7 +119,7 @@ if ($_POST) { $aliasreqdfieldsn = array(gettext("Alias Domain")); var_dump(array('fields' => $aliasreqdfields, 'names' => $aliasreqdfieldsn, 'alias' => $alias)); - do_input_validation($_POST, $aliasreqdfields, $aliasreqdfieldsn, &$input_errors); + do_input_validation($_POST, $aliasreqdfields, $aliasreqdfieldsn, $input_errors); if (($alias['host'] && !is_hostname($alias['host']))) { $input_errors[] = gettext("Hostnames in alias list can only contain the characters A-Z, 0-9 and '-'."); } diff --git a/usr/local/www/services_dyndns_edit.php b/usr/local/www/services_dyndns_edit.php index e7e1f55..ac5ada6 100644 --- a/usr/local/www/services_dyndns_edit.php +++ b/usr/local/www/services_dyndns_edit.php @@ -105,7 +105,7 @@ if ($_POST) { $reqdfieldsn[] = gettext("Update URL"); } - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (($_POST['host'] && !is_domain($_POST['host']))) $input_errors[] = gettext("The Hostname contains invalid characters."); diff --git a/usr/local/www/services_rfc2136_edit.php b/usr/local/www/services_rfc2136_edit.php index 965940f..d2bf4a3 100644 --- a/usr/local/www/services_rfc2136_edit.php +++ b/usr/local/www/services_rfc2136_edit.php @@ -71,7 +71,7 @@ if ($_POST) { $reqdfields = array_merge($reqdfields, explode(" ", "host ttl keyname keydata")); $reqdfieldsn = array_merge($reqdfieldsn, array(gettext("Hostname"), gettext("TTL"), gettext("Key name"), gettext("Key"))); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (($_POST['host'] && !is_domain($_POST['host']))) $input_errors[] = gettext("The DNS update host name contains invalid characters."); diff --git a/usr/local/www/services_snmp.php b/usr/local/www/services_snmp.php index 6e50a86..32e3baa 100755 --- a/usr/local/www/services_snmp.php +++ b/usr/local/www/services_snmp.php @@ -94,11 +94,11 @@ if ($_POST) { $reqdfields = explode(" ", "rocommunity"); $reqdfieldsn = array(gettext("Community")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); $reqdfields = explode(" ", "pollport"); $reqdfieldsn = array(gettext("Polling Port")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); } @@ -108,15 +108,15 @@ if ($_POST) { $reqdfields = explode(" ", "trapserver"); $reqdfieldsn = array(gettext("Trap server")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); $reqdfields = explode(" ", "trapserverport"); $reqdfieldsn = array(gettext("Trap server port")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); $reqdfields = explode(" ", "trapstring"); $reqdfieldsn = array(gettext("Trap string")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); } @@ -124,7 +124,7 @@ if ($_POST) { if ($_POST['rwenable']) { $reqdfields = explode(" ", "rwcommunity"); $reqdfieldsn = explode(",", "Write community string"); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); } */ diff --git a/usr/local/www/services_wol_edit.php b/usr/local/www/services_wol_edit.php index ca31048..c829631 100755 --- a/usr/local/www/services_wol_edit.php +++ b/usr/local/www/services_wol_edit.php @@ -81,7 +81,7 @@ if ($_POST) { $reqdfields = explode(" ", "interface mac"); $reqdfieldsn = array(gettext("Interface"),gettext("MAC address")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); /* normalize MAC addresses - lowercase and convert Windows-ized hyphenated MACs to colon delimited */ $_POST['mac'] = strtolower(str_replace("-", ":", $_POST['mac'])); diff --git a/usr/local/www/system.php b/usr/local/www/system.php index d27637c..2cbdccf 100755 --- a/usr/local/www/system.php +++ b/usr/local/www/system.php @@ -106,7 +106,7 @@ if ($_POST) { $reqdfields = explode(" ", "hostname domain"); $reqdfieldsn = array(gettext("Hostname"),gettext("Domain")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if ($_POST['hostname'] && !is_hostname($_POST['hostname'])) { $input_errors[] = gettext("The hostname may only contain the characters a-z, 0-9 and '-'."); diff --git a/usr/local/www/system_authservers.php b/usr/local/www/system_authservers.php index 2984d8c..62d0ed8 100644 --- a/usr/local/www/system_authservers.php +++ b/usr/local/www/system_authservers.php @@ -207,7 +207,7 @@ if ($_POST) { } } - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['host'])) $input_errors[] = gettext("The host name contains invalid characters."); diff --git a/usr/local/www/system_camanager.php b/usr/local/www/system_camanager.php index 254d4e2..e94e483 100644 --- a/usr/local/www/system_camanager.php +++ b/usr/local/www/system_camanager.php @@ -203,7 +203,7 @@ if ($_POST) { gettext("Distinguished name Common Name")); } - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if ($pconfig['method'] != "existing") { /* Make sure we do not have invalid characters in the fields for the certificate */ for ($i = 0; $i < count($reqdfields); $i++) { diff --git a/usr/local/www/system_certmanager.php b/usr/local/www/system_certmanager.php index 1276c99..02bd5ce 100644 --- a/usr/local/www/system_certmanager.php +++ b/usr/local/www/system_certmanager.php @@ -245,7 +245,7 @@ if ($_POST) { } $altnames = array(); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if ($pconfig['method'] != "import") { /* subjectAltNames */ foreach ($_POST as $key => $value) { @@ -414,7 +414,7 @@ if ($_POST) { gettext("Descriptive name"), gettext("Final Certificate data")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); // old way /* make sure this csr and certificate subjects match */ diff --git a/usr/local/www/system_crlmanager.php b/usr/local/www/system_crlmanager.php index 5d60318..3ca450c 100644 --- a/usr/local/www/system_crlmanager.php +++ b/usr/local/www/system_crlmanager.php @@ -200,7 +200,7 @@ if ($_POST) { gettext("Certificate Authority")); } - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); /* if this is an AJAX caller then handle via JSON */ if (isAjax() && is_array($input_errors)) { diff --git a/usr/local/www/system_gateway_groups_edit.php b/usr/local/www/system_gateway_groups_edit.php index fadc283..1656e9a 100755 --- a/usr/local/www/system_gateway_groups_edit.php +++ b/usr/local/www/system_gateway_groups_edit.php @@ -82,7 +82,7 @@ if ($_POST) { $reqdfields = explode(" ", "name"); $reqdfieldsn = explode(",", "Name"); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (! isset($_POST['name'])) { $input_errors[] = gettext("A valid gateway group name must be specified."); diff --git a/usr/local/www/system_gateways_edit.php b/usr/local/www/system_gateways_edit.php index a1a0df5..9f910fc 100755 --- a/usr/local/www/system_gateways_edit.php +++ b/usr/local/www/system_gateways_edit.php @@ -99,7 +99,7 @@ if ($_POST) { $reqdfields = explode(" ", "name interface"); $reqdfieldsn = array(gettext("Name"), gettext("Interface")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (! isset($_POST['name'])) { $input_errors[] = "A valid gateway name must be specified."; diff --git a/usr/local/www/system_groupmanager.php b/usr/local/www/system_groupmanager.php index 27cd2f2..a02e986 100644 --- a/usr/local/www/system_groupmanager.php +++ b/usr/local/www/system_groupmanager.php @@ -116,7 +116,7 @@ if ($_POST) { $reqdfields = explode(" ", "groupname"); $reqdfieldsn = array(gettext("Group Name")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (preg_match("/[^a-zA-Z0-9\.\-_ ]/", $_POST['groupname'])) $input_errors[] = gettext("The group name contains invalid characters."); diff --git a/usr/local/www/system_groupmanager_addprivs.php b/usr/local/www/system_groupmanager_addprivs.php index 29f0193..f4e0dd0 100644 --- a/usr/local/www/system_groupmanager_addprivs.php +++ b/usr/local/www/system_groupmanager_addprivs.php @@ -78,7 +78,7 @@ if ($_POST) { $reqdfields = explode(" ", "sysprivs"); $reqdfieldsn = array(gettext("Selected priveleges")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); /* if this is an AJAX caller then handle via JSON */ if(isAjax() && is_array($input_errors)) { diff --git a/usr/local/www/system_routes_edit.php b/usr/local/www/system_routes_edit.php index 7b78e30..110375b 100755 --- a/usr/local/www/system_routes_edit.php +++ b/usr/local/www/system_routes_edit.php @@ -96,7 +96,7 @@ if ($_POST) { gettext("Destination network bit count") . "," . gettext("Gateway")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (($_POST['network'] && !is_ipaddr($_POST['network']) && !is_alias($_POST['network']))) { $input_errors[] = gettext("A valid IPv4 or IPv6 destination network must be specified."); diff --git a/usr/local/www/system_usermanager.php b/usr/local/www/system_usermanager.php index 4974fc6..c516d8b 100644 --- a/usr/local/www/system_usermanager.php +++ b/usr/local/www/system_usermanager.php @@ -193,7 +193,7 @@ if ($_POST) { } } - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['usernamefld'])) $input_errors[] = gettext("The username contains invalid characters."); diff --git a/usr/local/www/system_usermanager_addprivs.php b/usr/local/www/system_usermanager_addprivs.php index c7e1d3a..df537e9 100644 --- a/usr/local/www/system_usermanager_addprivs.php +++ b/usr/local/www/system_usermanager_addprivs.php @@ -83,7 +83,7 @@ if ($_POST) { $reqdfields = explode(" ", "sysprivs"); $reqdfieldsn = array(gettext("Selected priveleges")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); /* if this is an AJAX caller then handle via JSON */ if(isAjax() && is_array($input_errors)) { diff --git a/usr/local/www/system_usermanager_passwordmg.php b/usr/local/www/system_usermanager_passwordmg.php index 55f8150..10ff645 100644 --- a/usr/local/www/system_usermanager_passwordmg.php +++ b/usr/local/www/system_usermanager_passwordmg.php @@ -48,7 +48,7 @@ if (isset($_POST['save'])) { $reqdfields = explode(" ", "passwordfld1"); $reqdfieldsn = array(gettext("Password")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if ($_POST['passwordfld1'] != $_POST['passwordfld2']) $input_errors[] = gettext("The passwords do not match."); diff --git a/usr/local/www/vpn_ipsec_keys_edit.php b/usr/local/www/vpn_ipsec_keys_edit.php index 5a04c08..a561990 100644 --- a/usr/local/www/vpn_ipsec_keys_edit.php +++ b/usr/local/www/vpn_ipsec_keys_edit.php @@ -68,7 +68,7 @@ if ($_POST) { $reqdfields = explode(" ", "ident psk"); $reqdfieldsn = array(gettext("Identifier"),gettext("Pre-Shared Key")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (preg_match("/[^a-zA-Z0-9@\.\-]/", $_POST['ident'])) $input_errors[] = gettext("The identifier contains invalid characters."); diff --git a/usr/local/www/vpn_ipsec_mobile.php b/usr/local/www/vpn_ipsec_mobile.php index 30927c2..d483f8b 100755 --- a/usr/local/www/vpn_ipsec_mobile.php +++ b/usr/local/www/vpn_ipsec_mobile.php @@ -131,7 +131,7 @@ if ($_POST['submit']) { $reqdfields = explode(" ", "user_source group_source"); $reqdfieldsn = array(gettext("User Authentication Source"),gettext("Group Authentication Source")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if ($pconfig['pool_enable']) if (!is_ipaddr($pconfig['pool_address'])) diff --git a/usr/local/www/vpn_ipsec_phase1.php b/usr/local/www/vpn_ipsec_phase1.php index 90c2c34..76a78ae 100644 --- a/usr/local/www/vpn_ipsec_phase1.php +++ b/usr/local/www/vpn_ipsec_phase1.php @@ -171,7 +171,7 @@ if ($_POST) { $reqdfieldsn[] = gettext("Remote gateway"); } - do_input_validation($pconfig, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($pconfig, $reqdfields, $reqdfieldsn, $input_errors); if (($pconfig['lifetime'] && !is_numeric($pconfig['lifetime']))) $input_errors[] = gettext("The P1 lifetime must be an integer."); diff --git a/usr/local/www/vpn_ipsec_phase2.php b/usr/local/www/vpn_ipsec_phase2.php index 483c8ac..b5c0f41 100644 --- a/usr/local/www/vpn_ipsec_phase2.php +++ b/usr/local/www/vpn_ipsec_phase2.php @@ -118,7 +118,7 @@ if ($_POST) { $reqdfieldsn[] = gettext("Remote network type"); } - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if(($pconfig['mode'] == "tunnel") || ($pconfig['mode'] == "tunnel6")) { diff --git a/usr/local/www/vpn_l2tp.php b/usr/local/www/vpn_l2tp.php index cedcef5..47228c1 100644 --- a/usr/local/www/vpn_l2tp.php +++ b/usr/local/www/vpn_l2tp.php @@ -79,7 +79,7 @@ if ($_POST) { array(gettext("RADIUS server address"),gettext("RADIUS shared secret"))); } - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (($_POST['localip'] && !is_ipaddr($_POST['localip']))) { $input_errors[] = gettext("A valid server address must be specified."); diff --git a/usr/local/www/vpn_l2tp_users_edit.php b/usr/local/www/vpn_l2tp_users_edit.php index 28e9707..f4ef5f0 100644 --- a/usr/local/www/vpn_l2tp_users_edit.php +++ b/usr/local/www/vpn_l2tp_users_edit.php @@ -82,7 +82,7 @@ if ($_POST) { $reqdfieldsn = array(gettext("Username"),gettext("Password")); } - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['usernamefld'])) $input_errors[] = gettext("The username contains invalid characters."); diff --git a/usr/local/www/vpn_openvpn_client.php b/usr/local/www/vpn_openvpn_client.php index 6452895..4f0b6db 100644 --- a/usr/local/www/vpn_openvpn_client.php +++ b/usr/local/www/vpn_openvpn_client.php @@ -242,7 +242,7 @@ if ($_POST) { $reqdfieldsn = array(gettext('Shared key')); } - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (!$input_errors) { diff --git a/usr/local/www/vpn_openvpn_csc.php b/usr/local/www/vpn_openvpn_csc.php index 9d0bc67..2e575ac 100644 --- a/usr/local/www/vpn_openvpn_csc.php +++ b/usr/local/www/vpn_openvpn_csc.php @@ -162,7 +162,7 @@ if ($_POST) { $reqdfields[] = 'common_name'; $reqdfieldsn[] = 'Common name'; - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (!$input_errors) { diff --git a/usr/local/www/vpn_openvpn_server.php b/usr/local/www/vpn_openvpn_server.php index c3addba..c8b70c3 100644 --- a/usr/local/www/vpn_openvpn_server.php +++ b/usr/local/www/vpn_openvpn_server.php @@ -338,7 +338,7 @@ if ($_POST) { if (ip2ulong($pconfig['serverbridge_dhcp_start']) > ip2ulong($pconfig['serverbridge_dhcp_end'])) $input_errors[] = gettext("The Server Bridge DHCP range is invalid (start higher than end)."); } - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (!$input_errors) { diff --git a/usr/local/www/vpn_pppoe_edit.php b/usr/local/www/vpn_pppoe_edit.php index ad401e2..b7c4ef0 100755 --- a/usr/local/www/vpn_pppoe_edit.php +++ b/usr/local/www/vpn_pppoe_edit.php @@ -117,7 +117,7 @@ if ($_POST) { array(gettext("RADIUS server address"),gettext("RADIUS shared secret"))); } - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (($_POST['localip'] && !is_ipaddr($_POST['localip']))) $input_errors[] = gettext("A valid server address must be specified."); diff --git a/usr/local/www/vpn_pptp.php b/usr/local/www/vpn_pptp.php index a5da316..ac3dc8c 100755 --- a/usr/local/www/vpn_pptp.php +++ b/usr/local/www/vpn_pptp.php @@ -87,7 +87,7 @@ if ($_POST) { array(gettext("RADIUS server address"),gettext("RADIUS shared secret"))); } - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (($_POST['localip'] && !is_ipaddr($_POST['localip']))) { $input_errors[] = gettext("A valid server address must be specified."); @@ -119,7 +119,7 @@ if ($_POST) { $reqdfields = explode(" ", "redir"); $reqdfieldsn = array(gettext("PPTP redirection target address")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (($_POST['redir'] && !is_ipaddr($_POST['redir']))) { $input_errors[] = gettext("A valid target address must be specified."); diff --git a/usr/local/www/vpn_pptp_users_edit.php b/usr/local/www/vpn_pptp_users_edit.php index cf375e8..24c0063 100755 --- a/usr/local/www/vpn_pptp_users_edit.php +++ b/usr/local/www/vpn_pptp_users_edit.php @@ -79,7 +79,7 @@ if ($_POST) { $reqdfieldsn = array(gettext("Username"),gettext("Password")); } - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['username'])) $input_errors[] = gettext("The username contains invalid characters."); -- cgit v1.1