From 2333d2a48293d4d5ffab335d1904586c69a050ee Mon Sep 17 00:00:00 2001
From: jim-p <jimp@pfsense.org>
Date: Fri, 20 May 2016 11:33:48 -0400
Subject: Better fix for escaping in ticket #6371

---
 src/usr/local/www/diag_smart.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/usr/local/www/diag_smart.php b/src/usr/local/www/diag_smart.php
index 9b6bfd4..e7be8de 100644
--- a/src/usr/local/www/diag_smart.php
+++ b/src/usr/local/www/diag_smart.php
@@ -111,7 +111,7 @@ function update_email($email) {
 	// Did they pass an email?
 	if (!empty($email)) {
 		// Put it in the smartd.conf file
-		shell_exec("/usr/bin/sed -i .old 's/^DEVICESCAN.*/DEVICESCAN -H -m " . escapeshellarg(str_replace('`', '', $email)) . "/' /usr/local/etc/smartd.conf");
+		shell_exec("/usr/bin/sed -i .old " . escapeshellarg("s/^DEVICESCAN.*/DEVICESCAN -H -m {$email}/") . " /usr/local/etc/smartd.conf");
 	} else {
 		// Remove email flags in smartd.conf
 		shell_exec("/usr/bin/sed -i .old 's/^DEVICESCAN.*/DEVICESCAN/' /usr/local/etc/smartd.conf");
-- 
cgit v1.1