From 9f58e3b8312c6046108f5e0fd0b7759e48cb0c06 Mon Sep 17 00:00:00 2001
From: Scott Ullrich <sullrich@pfsense.org>
Date: Tue, 25 Nov 2008 18:15:37 +0000
Subject: * guiconfig.inc comes first * use escapeshellarg()

---
 usr/local/www/diag_logs_filter.php | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/usr/local/www/diag_logs_filter.php b/usr/local/www/diag_logs_filter.php
index 850a338..3544983 100755
--- a/usr/local/www/diag_logs_filter.php
+++ b/usr/local/www/diag_logs_filter.php
@@ -37,19 +37,18 @@
 ##|*MATCH=diag_logs_filter.php*
 ##|-PRIV
 
+require("guiconfig.inc");
 
 if($_GET['getrulenum'] or $_POST['getrulenum']) {
 	if($_GET['getrulenum'])
-		$rulenum = $_GET['getrulenum'];
+		$rulenum = escapeshellarg($_GET['getrulenum']);
 	if($_POST['getrulenum'])
-		$rulenum = $_POST['getrulenum'];
+		$rulenum = escapeshellarg($_POST['getrulenum']);
 	$rule = `pfctl -vvsr | grep @{$rulenum}`;
 	echo "The rule that triggered this action is:\n\n{$rule}";
 	exit;
 }
 
-require("guiconfig.inc");
-
 $filter_logfile = "{$g['varlog_path']}/filter.log";
 
 $nentries = $config['syslog']['nentries'];
-- 
cgit v1.1