From de1d4101dfbc2bba7a97b81d5a505e6352261024 Mon Sep 17 00:00:00 2001
From: jim-p <jimp@pfsense.org>
Date: Wed, 22 Jun 2016 12:32:22 -0400
Subject: % and / are also allowed in values

---
 src/usr/local/www/system_advanced_sysctl.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/usr/local/www/system_advanced_sysctl.php b/src/usr/local/www/system_advanced_sysctl.php
index 6467f25..c069079 100644
--- a/src/usr/local/www/system_advanced_sysctl.php
+++ b/src/usr/local/www/system_advanced_sysctl.php
@@ -142,8 +142,8 @@ if ($_POST) {
 
 		if (!$_POST['tunable'] || !isset($_POST['value'])) {
 			$input_errors[] = gettext("Both a name and a value must be specified.");
-		} else if (preg_match("/[^a-zA-Z0-9.\-_]/", $_POST['value'])) {
-			$input_errors[] = gettext("The value may only contain alphanumeric characters, - and _.");
+		} else if (preg_match("/[^a-zA-Z0-9.\-_%\/]/", $_POST['value'])) {
+			$input_errors[] = gettext("The value may only contain alphanumeric characters, -, _, %, and /.");
 		} else {
 			$tunableent['tunable'] = htmlspecialchars($_POST['tunable']);
 			$tunableent['value'] = htmlspecialchars($_POST['value']);
-- 
cgit v1.1