From a04cc2c5f1c13715ff839058728893197e05e64b Mon Sep 17 00:00:00 2001 From: Phil Davis Date: Tue, 6 Dec 2016 21:32:42 +0545 Subject: NAT 1:1 edit - preserve user selections on edit-save with input errors 1) Edit a NAT 1:1 rule, change the source and/or destination type to "Network", but do not input any network address/mask. 2) Press Save, input errors are reported telling that the network source and/or destination address/mask is required - good. However, the source and/or destination type is no longer "Network" - it defaults back to single or any. To fix, firstly move "$pconfig = $_POST" to after where all the various special things have been done to $_POST - this makes $pconfig have the correctly-massaged stuff that the user $_POSTed. Then add the special code to srctype_selected() and dsttype_selected() to handle the case when these have been specifically $_POSTed by the user (rather than inferring them from the src/dst vales and the logic in is_specialnet() ). This is equivalent to the fix for firewall_rules_edit.php at commit https://github.com/pfsense/pfsense/commit/81e2aa253a946b36a92e88f19b8761efe771b7a1 (cherry picked from commit d99ce9ccbfde0b557afb03576d38a17f5c9ed3b9) --- src/usr/local/www/firewall_nat_1to1_edit.php | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) (limited to 'src/usr/local/www/firewall_nat_1to1_edit.php') diff --git a/src/usr/local/www/firewall_nat_1to1_edit.php b/src/usr/local/www/firewall_nat_1to1_edit.php index 1c7ba4b..f40a160 100644 --- a/src/usr/local/www/firewall_nat_1to1_edit.php +++ b/src/usr/local/www/firewall_nat_1to1_edit.php @@ -132,7 +132,6 @@ if (isset($_GET['dup'])) { if ($_POST) { unset($input_errors); - $pconfig = $_POST; /* run through $_POST items encoding HTML entities so that the user * cannot think he is slick and perform a XSS attack on the unwilling */ @@ -194,6 +193,8 @@ if ($_POST) { $_POST['dsttype'] = "single"; } + $pconfig = $_POST; + /* For external, user can enter only ip's */ if (($_POST['external'] && !is_ipaddr($_POST['external']))) { $input_errors[] = gettext("A valid external subnet must be specified."); @@ -308,6 +309,11 @@ function build_srctype_list() { function srctype_selected() { global $pconfig; + if ($pconfig['srctype']) { + // The rule type came from the $_POST array, after input errors, so keep it. + return $pconfig['srctype']; + } + $sel = is_specialnet($pconfig['src']); if (!$sel) { @@ -370,6 +376,11 @@ function build_dsttype_list() { function dsttype_selected() { global $pconfig; + if ($pconfig['dsttype']) { + // The rule type came from the $_POST array, after input errors, so keep it. + return $pconfig['dsttype']; + } + $sel = is_specialnet($pconfig['dst']); if (empty($pconfig['dst']) || $pconfig['dst'] == "any") { -- cgit v1.1