From 702fa4d0ce035a444112e23f4e4d1a4c686d8163 Mon Sep 17 00:00:00 2001
From: Phil Davis <phil.davis@inf.org>
Date: Wed, 1 Feb 2017 16:43:51 +0545
Subject: Code with multiple %s in usr/local/www

---
 src/usr/local/www/diag_reboot.php                  |  4 ++--
 src/usr/local/www/diag_resetstate.php              |  6 +++---
 src/usr/local/www/firewall_nat_1to1_edit.php       |  6 +++---
 src/usr/local/www/firewall_rules.php               |  4 ++--
 src/usr/local/www/firewall_virtual_ip.php          |  2 +-
 src/usr/local/www/guiconfig.inc                    |  2 +-
 src/usr/local/www/interfaces_bridge_edit.php       |  6 +++---
 src/usr/local/www/interfaces_ppps_edit.php         |  2 +-
 src/usr/local/www/license.php                      |  4 ++--
 src/usr/local/www/pkg_mgr_install.php              |  4 ++--
 src/usr/local/www/services_captiveportal.php       |  2 +-
 .../local/www/services_captiveportal_hostname.php  |  6 +++---
 src/usr/local/www/services_captiveportal_ip.php    |  6 +++---
 .../local/www/services_captiveportal_ip_edit.php   |  2 +-
 .../local/www/services_captiveportal_mac_edit.php  |  4 ++--
 src/usr/local/www/services_dhcpv6.php              |  4 ++--
 src/usr/local/www/services_dhcpv6_edit.php         |  2 +-
 src/usr/local/www/services_dnsmasq.php             | 18 +++++++++---------
 .../local/www/services_router_advertisements.php   |  2 +-
 src/usr/local/www/services_unbound.php             | 22 +++++++++++-----------
 src/usr/local/www/services_unbound_acls.php        | 12 ++++++------
 src/usr/local/www/status_logs_common.inc           |  8 ++++----
 src/usr/local/www/status_ntpd.php                  |  4 ++--
 src/usr/local/www/status_upnp.php                  |  2 +-
 src/usr/local/www/system_crlmanager.php            |  4 ++--
 src/usr/local/www/system_usermanager_settings.php  |  8 ++++----
 src/usr/local/www/vpn_ipsec.php                    |  6 +++---
 src/usr/local/www/vpn_openvpn_server.php           |  6 +++---
 src/usr/local/www/wizard.php                       |  2 +-
 29 files changed, 80 insertions(+), 80 deletions(-)

(limited to 'src/usr')
diff --git a/src/usr/local/www/diag_reboot.php b/src/usr/local/www/diag_reboot.php
index 8052e40..64ca3c4 100644
--- a/src/usr/local/www/diag_reboot.php
+++ b/src/usr/local/www/diag_reboot.php
@@ -76,7 +76,7 @@ events.push(function() {
 	function startCountdown() {
 		setInterval(function() {
 			if (time == "<?=$guitimeout?>") {
-				$('#countdown').html('<h4><?=sprintf(gettext("Rebooting%sPage will automatically reload in %s seconds"), "<br />", "<span id=\"secs\"></span>");?></h4>');
+				$('#countdown').html('<h4><?=sprintf(gettext('Rebooting%1$sPage will automatically reload in %2$s seconds'), "<br />", "<span id=\"secs\"></span>");?></h4>');
 			}
 
 			if (time > 0) {
@@ -84,7 +84,7 @@ events.push(function() {
 				time--;
 			} else {
 				time = "<?=$guiretry?>";
-				$('#countdown').html('<h4><?=sprintf(gettext("Not yet ready%s Retrying in another %s seconds"), "<br />", "<span id=\"secs\"></span>");?></h4>');
+				$('#countdown').html('<h4><?=sprintf(gettext('Not yet ready%1$s Retrying in another %2$s seconds'), "<br />", "<span id=\"secs\"></span>");?></h4>');
 				$('#secs').html(time);
 				checkonline();
 			}
diff --git a/src/usr/local/www/diag_resetstate.php b/src/usr/local/www/diag_resetstate.php
index 105ab2a..3f3b70d 100644
--- a/src/usr/local/www/diag_resetstate.php
+++ b/src/usr/local/www/diag_resetstate.php
@@ -67,9 +67,9 @@ if ($savemsg) {
 
 $statetablehelp = sprintf(gettext('Resetting the state tables will remove all entries from the corresponding tables. This means that all open connections ' .
 					'will be broken and will have to be re-established. This may be necessary after making substantial changes to the ' .
-					'firewall and/or NAT rules, especially if there are IP protocol mappings (e.g. for PPTP or IPv6) with open connections.%s' .
-					'The firewall will normally leave the state tables intact when changing rules.%s' .
-					'%sNOTE:%s Resetting the firewall state table may cause the browser session to appear hung after clicking &quot;Reset&quot;. ' .
+					'firewall and/or NAT rules, especially if there are IP protocol mappings (e.g. for PPTP or IPv6) with open connections.%1$s' .
+					'The firewall will normally leave the state tables intact when changing rules.%2$s' .
+					'%3$sNOTE:%4$s Resetting the firewall state table may cause the browser session to appear hung after clicking &quot;Reset&quot;. ' .
 					'Simply refresh the page to continue.'), "<br /><br />", "<br /><br />", "<strong>", "</strong>");
 
 $sourcetablehelp = sprintf(gettext('Resetting the source tracking table will remove all source/destination associations. ' .
diff --git a/src/usr/local/www/firewall_nat_1to1_edit.php b/src/usr/local/www/firewall_nat_1to1_edit.php
index 49f572b..4994ff9 100644
--- a/src/usr/local/www/firewall_nat_1to1_edit.php
+++ b/src/usr/local/www/firewall_nat_1to1_edit.php
@@ -190,7 +190,7 @@ if ($_POST) {
 				// Check that the address family matches the other IP addresses entered.
 				if ($extipaddrtype && ($srcipaddrtype != $extipaddrtype)) {
 					$input_errors[] = sprintf(
-						gettext("The external IP address (%s) and internal IP address (%s) are of different address families.") .
+						gettext('The external IP address (%1$s) and internal IP address (%2$s) are of different address families.') .
 							get_must_be_both_text(),
 						$_POST['external'],
 						$_POST['src']);
@@ -216,14 +216,14 @@ if ($_POST) {
 				// Check that the address family matches the other IP addresses entered.
 				if ($extipaddrtype && ($dstipaddrtype != $extipaddrtype)) {
 					$input_errors[] = sprintf(
-						gettext("The external IP address (%s) and destination IP address (%s) are of different address families.") .
+						gettext('The external IP address (%1$s) and destination IP address (%2$s) are of different address families.') .
 							get_must_be_both_text(),
 						$_POST['external'],
 						$_POST['dst']);
 				}
 				if ($srcipaddrtype && ($dstipaddrtype != $srcipaddrtype)) {
 					$input_errors[] = sprintf(
-						gettext("The internal IP address (%s) and destination IP address (%s) are of different address families.") .
+						gettext('The internal IP address (%1$s) and destination IP address (%2$s) are of different address families.') .
 							get_must_be_both_text(),
 						$_POST['src'],
 						$_POST['dst']);
diff --git a/src/usr/local/www/firewall_rules.php b/src/usr/local/www/firewall_rules.php
index 55b6aef..3fc486e 100644
--- a/src/usr/local/www/firewall_rules.php
+++ b/src/usr/local/www/firewall_rules.php
@@ -871,8 +871,8 @@ if ($seprows[$nrules]) {
 			"chosen. If no rule here matches, the per-interface or default rules are used. "));
 	}
 
-	printf(gettext("%sClick the anchor icon %s to move checked rules before the clicked row. Hold down " .
-			"the shift key and click to move the rules after the clicked row."), '<br /><br />', '<i class="fa fa-anchor"></i>')
+	printf(gettext('%1$sClick the anchor icon %2$s to move checked rules before the clicked row. Hold down ' .
+			'the shift key and click to move the rules after the clicked row.'), '<br /><br />', '<i class="fa fa-anchor"></i>')
 ?>
 	</div>
 	</div>
diff --git a/src/usr/local/www/firewall_virtual_ip.php b/src/usr/local/www/firewall_virtual_ip.php
index a15a60b..f80ad52 100644
--- a/src/usr/local/www/firewall_virtual_ip.php
+++ b/src/usr/local/www/firewall_virtual_ip.php
@@ -110,7 +110,7 @@ if ($_GET['act'] == "del") {
 							} else {
 								$openvpn_desc = $openvpn['ipaddr'] . ":" . $openvpn['local_port'];
 							}
-							$input_errors[] = sprintf(gettext("This entry cannot be deleted because it is still referenced by OpenVPN %s %s."), $openvpn_type_text, $openvpn_desc);
+							$input_errors[] = sprintf(gettext('This entry cannot be deleted because it is still referenced by OpenVPN %1$s %2$s.'), $openvpn_type_text, $openvpn_desc);
 							break;
 						}
 					}
diff --git a/src/usr/local/www/guiconfig.inc b/src/usr/local/www/guiconfig.inc
index 2163dc2..5ae0861 100644
--- a/src/usr/local/www/guiconfig.inc
+++ b/src/usr/local/www/guiconfig.inc
@@ -394,7 +394,7 @@ function get_std_save_message($retval) {
 	}
 	if ($filter_related) {
 		$to_return .= " " . gettext("The firewall rules are now reloading in the background.") . "<br />" .
-		    sprintf(gettext("%sMonitor%s the filter reload progress."), "<a href='status_filter_reload.php'>", "</a>");
+		    sprintf(gettext('%1$sMonitor%2$s the filter reload progress.'), "<a href='status_filter_reload.php'>", "</a>");
 	}
 	return $to_return;
 }
diff --git a/src/usr/local/www/interfaces_bridge_edit.php b/src/usr/local/www/interfaces_bridge_edit.php
index 3f5caff..944d5f5 100644
--- a/src/usr/local/www/interfaces_bridge_edit.php
+++ b/src/usr/local/www/interfaces_bridge_edit.php
@@ -456,7 +456,7 @@ $section->addInput(new Form_Select(
 	true
 ))->setHelp('Add the interface named by interface as a span port on the bridge. Span ports transmit a copy of every frame received by the bridge. ' .
 			'This is most useful for snooping a bridged network passively on another host connected to one of the span ports of the bridge. <br />' .
-			'%sThe span interface cannot be part of the bridge member interfaces.%s', ['<strong>', '</strong>']);
+			'%1$sThe span interface cannot be part of the bridge member interfaces.%2$s', ['<strong>', '</strong>']);
 
 $edgelist = build_port_list($pconfig['edge']);
 
@@ -477,7 +477,7 @@ $section->addInput(new Form_Select(
 	$edgelist['list'],
 	true
 ))->setHelp('Allow interface to automatically detect edge status. This is the default for all interfaces added to a bridge.' .
-			'%sThis will disable the autoedge status of interfaces. %s', ['<strong>', '</strong>']);
+			'%1$sThis will disable the autoedge status of interfaces. %2$s', ['<strong>', '</strong>']);
 
 $edgelist = build_port_list($pconfig['ptp']);
 
@@ -498,7 +498,7 @@ $section->addInput(new Form_Select(
 	$edgelist['list'],
 	true
 ))->setHelp('Automatically detect the point-to-point status on interface by checking the full duplex link status. This is the default for interfaces added to the bridge.' .
-			'%sThe interfaces selected here will be removed from default autoedge status. %s', ['<strong>', '</strong>']);
+			'%1$sThe interfaces selected here will be removed from default autoedge status. %2$s', ['<strong>', '</strong>']);
 
 $edgelist = build_port_list($pconfig['static']);
 
diff --git a/src/usr/local/www/interfaces_ppps_edit.php b/src/usr/local/www/interfaces_ppps_edit.php
index dc3ebc5..c8524f3 100644
--- a/src/usr/local/www/interfaces_ppps_edit.php
+++ b/src/usr/local/www/interfaces_ppps_edit.php
@@ -724,7 +724,7 @@ $section->addInput(new Form_Checkbox(
 	'Uptime logging',
 	'Enable persistent logging of connection uptime. ',
 	isset($pconfig['uptime'])
-))->setHelp(sprintf('Causes cumulative uptime to be recorded and displayed on the %sStatus->Interfaces%s page.', '<a href="status_interfaces.php">', '</a>'));
+))->setHelp(sprintf('Causes cumulative uptime to be recorded and displayed on the %1$sStatus->Interfaces%2$s page.', '<a href="status_interfaces.php">', '</a>'));
 
 if ($pconfig['type'] == 'pppoe') {
 	$group = new Form_Group('Service name');
diff --git a/src/usr/local/www/license.php b/src/usr/local/www/license.php
index d31c31d..0e0098f 100644
--- a/src/usr/local/www/license.php
+++ b/src/usr/local/www/license.php
@@ -32,7 +32,7 @@ include("head.inc");
 <div class="panel panel-default">
 	<div class="panel-heading"><h2 class="panel-title"><?=gettext("License")?></h2></div>
 	<div class="panel-body content">
-		<p><strong><?php printf(gettext("%s is Copyright &copy; %s %s. All rights reserved."), $g['product_name'], $g['product_copyright_years'], $g['product_copyright'])?></strong></p>
+		<p><strong><?php printf(gettext('%1$s is Copyright &copy; %2$s %3$s. All rights reserved.'), $g['product_name'], $g['product_copyright_years'], $g['product_copyright'])?></strong></p>
 		<p><?=gettext("m0n0wall is Copyright &copy; 2002-2015 by Manuel Kasper (mk@neon1.net). All rights reserved.")?></p>
 		<p><?=gettext("Licensed under the Apache License, Version 2.0 (the \"License\");<br />you may not use this file except in compliance with the License.<br />You may obtain a copy of the License at")?></p>
 		<p><a href="http://www.apache.org/licenses/LICENSE-2.0">http://www.apache.org/licenses/LICENSE-2.0</a></p>
@@ -43,7 +43,7 @@ include("head.inc");
 	<div class="panel-heading"><h2 class="panel-title"><?=gettext("Third Party Credits")?></h2></div>
 	<div class="panel-body content">
 		<p>
-			<?php printf(gettext("%s is based upon/includes various free software packages, listed below. The authors of %s would like to thank the authors of these software packages for their efforts."), $g['product_name'], $g['product_name'])?><br />
+			<?php printf(gettext('%1$s is based upon/includes various free software packages, listed below. The authors of %1$s would like to thank the authors of these software packages for their efforts.'), $g['product_name'])?><br />
 		</p>
 		<ul class="list-group">
 			<li class="list-group-item">
diff --git a/src/usr/local/www/pkg_mgr_install.php b/src/usr/local/www/pkg_mgr_install.php
index 47f2b0b..9e11d80 100644
--- a/src/usr/local/www/pkg_mgr_install.php
+++ b/src/usr/local/www/pkg_mgr_install.php
@@ -698,7 +698,7 @@ function checkonline() {
 function startCountdown() {
 	setInterval(function() {
 		if (time == "<?=$guitimeout?>") {
-			$('#countdown').html('<h4><?=sprintf(gettext("Rebooting%sPage will automatically reload in %s seconds"), "<br />", "<span id=\"secs\"></span>");?></h4>');
+			$('#countdown').html('<h4><?=sprintf(gettext('Rebooting%1$sPage will automatically reload in %2$s seconds'), "<br />", "<span id=\"secs\"></span>");?></h4>');
 		}
 
 		if (time > 0) {
@@ -706,7 +706,7 @@ function startCountdown() {
 			time--;
 		} else {
 			time = "<?=$guiretry?>";
-			$('#countdown').html('<h4><?=sprintf(gettext("Not yet ready%s Retrying in another %s seconds"), "<br />", "<span id=\"secs\"></span>");?></h4>');
+			$('#countdown').html('<h4><?=sprintf(gettext('Not yet ready%1$s Retrying in another %2$s seconds'), "<br />", "<span id=\"secs\"></span>");?></h4>');
 			$('#secs').html(time);
 			checkonline();
 		}
diff --git a/src/usr/local/www/services_captiveportal.php b/src/usr/local/www/services_captiveportal.php
index 54db037..221f909 100644
--- a/src/usr/local/www/services_captiveportal.php
+++ b/src/usr/local/www/services_captiveportal.php
@@ -233,7 +233,7 @@ if ($_POST) {
 				foreach ($a_cp as $cpkey => $cp) {
 					if ($cpkey != $cpzone || empty($cpzone)) {
 						if (in_array($cpbrif, explode(",", $cp['interface']))) {
-							$input_errors[] = sprintf(gettext("The captive portal cannot be used on interface %s since it is used already on %s instance."), $cpbrif, $cp['zone']);
+							$input_errors[] = sprintf(gettext('The captive portal cannot be used on interface %1$s since it is used already on %2$s instance.'), $cpbrif, $cp['zone']);
 						}
 					}
 				}
diff --git a/src/usr/local/www/services_captiveportal_hostname.php b/src/usr/local/www/services_captiveportal_hostname.php
index 0f7c873..4388484 100644
--- a/src/usr/local/www/services_captiveportal_hostname.php
+++ b/src/usr/local/www/services_captiveportal_hostname.php
@@ -141,9 +141,9 @@ $i++;
 endforeach; ?>
 		<tbody>
 	</table>
-	<?=$directionicons['to'] . ' = ' . sprintf(gettext('All connections %sto%s the hostname are allowed'), '<u>', '</u>') . ', '?>
-	<?=$directionicons['from'] . ' = ' . sprintf(gettext('All connections %sfrom%s the hostname are allowed'), '<u>', '</u>') . ', '?>
-	<?=$directionicons['both'] . ' = ' . sprintf(gettext('All connections %sto or from%s are allowed'), '<u>', '</u>')?>
+	<?=$directionicons['to'] . ' = ' . sprintf(gettext('All connections %1$sto%2$s the hostname are allowed'), '<u>', '</u>') . ', '?>
+	<?=$directionicons['from'] . ' = ' . sprintf(gettext('All connections %1$sfrom%2$s the hostname are allowed'), '<u>', '</u>') . ', '?>
+	<?=$directionicons['both'] . ' = ' . sprintf(gettext('All connections %1$sto or from%2$s are allowed'), '<u>', '</u>')?>
 <?php
 else:
 ?>
diff --git a/src/usr/local/www/services_captiveportal_ip.php b/src/usr/local/www/services_captiveportal_ip.php
index ab11d00..9b2e0da 100644
--- a/src/usr/local/www/services_captiveportal_ip.php
+++ b/src/usr/local/www/services_captiveportal_ip.php
@@ -138,9 +138,9 @@ if (is_array($a_cp[$cpzone]['allowedip'])): ?>
 		<tbody>
 	</table>
 
-	<?=$directionicons['to']   . ' = ' . sprintf(gettext('All connections %sto%s the address are allowed'), '<u>', '</u>') . ', '?>
-	<?=$directionicons['from'] . ' = ' . sprintf(gettext('All connections %sfrom%s the address are allowed'), '<u>', '</u>') . ', '?>
-	<?=$directionicons['both'] . ' = ' . sprintf(gettext('All connections %sto or from%s are allowed'), '<u>', '</u>')?>
+	<?=$directionicons['to']   . ' = ' . sprintf(gettext('All connections %1$sto%2$s the address are allowed'), '<u>', '</u>') . ', '?>
+	<?=$directionicons['from'] . ' = ' . sprintf(gettext('All connections %1$sfrom%2$s the address are allowed'), '<u>', '</u>') . ', '?>
+	<?=$directionicons['both'] . ' = ' . sprintf(gettext('All connections %1$sto or from%2$s are allowed'), '<u>', '</u>')?>
 <?php
 else:
 ?>
diff --git a/src/usr/local/www/services_captiveportal_ip_edit.php b/src/usr/local/www/services_captiveportal_ip_edit.php
index 9bf83d6..9bfa581 100644
--- a/src/usr/local/www/services_captiveportal_ip_edit.php
+++ b/src/usr/local/www/services_captiveportal_ip_edit.php
@@ -128,7 +128,7 @@ if ($_POST) {
 		}
 
 		if ($ipent['ip'] == $_POST['ip']) {
-			$input_errors[] = sprintf("[%s] %s.", $_POST['ip'], gettext("already allowed")) ;
+			$input_errors[] = sprintf(gettext('[%s] already allowed.'), $_POST['ip']);
 			break ;
 		}
 	}
diff --git a/src/usr/local/www/services_captiveportal_mac_edit.php b/src/usr/local/www/services_captiveportal_mac_edit.php
index 4cd30a3..cea3bbc 100644
--- a/src/usr/local/www/services_captiveportal_mac_edit.php
+++ b/src/usr/local/www/services_captiveportal_mac_edit.php
@@ -113,7 +113,7 @@ if ($_POST) {
 				}
 			}
 		} else {
-			$input_errors[] = sprintf("%s. [%s]", gettext("A valid MAC address must be specified"), $_POST['mac']);
+			$input_errors[] = sprintf(gettext('A valid MAC address must be specified. [%s]'), $_POST['mac']);
 		}
 	}
 	if ($_POST['bw_up'] && !is_numeric($_POST['bw_up'])) {
@@ -135,7 +135,7 @@ if ($_POST) {
 		}
 
 		if ($macent['mac'] == $_POST['mac']) {
-			$input_errors[] = sprintf("[%s] %s.", $_POST['mac'], gettext("already exists"));
+			$input_errors[] = sprintf(gettext('[%s] already exists.'), $_POST['mac']);
 			break;
 		}
 	}
diff --git a/src/usr/local/www/services_dhcpv6.php b/src/usr/local/www/services_dhcpv6.php
index f120688..a433698 100644
--- a/src/usr/local/www/services_dhcpv6.php
+++ b/src/usr/local/www/services_dhcpv6.php
@@ -258,7 +258,7 @@ if (isset($_POST['apply'])) {
 		} elseif ($config['interfaces'][$if]['ipaddrv6'] == 'track6' &&
 			!Net_IPv6::isInNetmask($_POST['range_from'], '::', $ifcfgsn)) {
 			$input_errors[] = sprintf(gettext(
-				"The prefix (upper %s bits) must be zero.  Use the form %s"),
+				'The prefix (upper %1$s bits) must be zero.  Use the form %2$s'),
 				$ifcfgsn, $str_help_mask);
 			$range_from_to_ok = false;
 		}
@@ -270,7 +270,7 @@ if (isset($_POST['apply'])) {
 		} elseif ($config['interfaces'][$if]['ipaddrv6'] == 'track6' &&
 			!Net_IPv6::isInNetmask($_POST['range_to'], '::', $ifcfgsn)) {
 			$input_errors[] = sprintf(gettext(
-				"The prefix (upper %s bits) must be zero.  Use the form %s"),
+				'The prefix (upper %1$s bits) must be zero.  Use the form %2$s'),
 				$ifcfgsn, $str_help_mask);
 			$range_from_to_ok = false;
 		}
diff --git a/src/usr/local/www/services_dhcpv6_edit.php b/src/usr/local/www/services_dhcpv6_edit.php
index e2947c3..4808963 100644
--- a/src/usr/local/www/services_dhcpv6_edit.php
+++ b/src/usr/local/www/services_dhcpv6_edit.php
@@ -131,7 +131,7 @@ if ($_POST) {
 			$pdlen = 64 - $trackcfg['dhcp6-ia-pd-len'];
 			if (!Net_IPv6::isInNetmask($_POST['ipaddrv6'], '::', $pdlen)) {
 				$input_errors[] = sprintf(gettext(
-				    "The prefix (upper %s bits) must be zero.  Use the form %s"),
+				    'The prefix (upper %1$s bits) must be zero.  Use the form %2$s'),
 				    $pdlen, dhcpv6_pd_str_help($ifcfgsnv6));
 			}
 		}
diff --git a/src/usr/local/www/services_dnsmasq.php b/src/usr/local/www/services_dnsmasq.php
index 7221408..f0002f5 100644
--- a/src/usr/local/www/services_dnsmasq.php
+++ b/src/usr/local/www/services_dnsmasq.php
@@ -255,11 +255,11 @@ $section->addInput(new Form_Checkbox(
 	'DHCP Registration',
 	'Register DHCP leases in DNS forwarder',
 	$pconfig['regdhcp']
-))->setHelp(sprintf("If this option is set, then machines that specify".
-			" their hostname when requesting a DHCP lease will be registered".
-			" in the DNS forwarder, so that their name can be resolved.".
-			" The domain in %sSystem: General Setup%s should also".
-			" be set to the proper value.",'<a href="system.php">','</a>'))
+))->setHelp(sprintf('If this option is set, then machines that specify'.
+			' their hostname when requesting a DHCP lease will be registered'.
+			' in the DNS forwarder, so that their name can be resolved.'.
+			' The domain in %1$sSystem: General Setup%2$s should also'.
+			' be set to the proper value.','<a href="system.php">','</a>'))
 	->addClass('toggle-dhcp');
 
 $section->addInput(new Form_Checkbox(
@@ -267,10 +267,10 @@ $section->addInput(new Form_Checkbox(
 	'Static DHCP',
 	'Register DHCP static mappings in DNS forwarder',
 	$pconfig['regdhcpstatic']
-))->setHelp(sprintf("If this option is set, then DHCP static mappings will ".
-					"be registered in the DNS forwarder, so that their name can be ".
-					"resolved. The domain in %sSystem: General Setup%s should also ".
-					"be set to the proper value.",'<a href="system.php">','</a>'))
+))->setHelp(sprintf('If this option is set, then DHCP static mappings will '.
+					'be registered in the DNS forwarder, so that their name can be '.
+					'resolved. The domain in %1$sSystem: General Setup%2$s should also '.
+					'be set to the proper value.','<a href="system.php">','</a>'))
 	->addClass('toggle-dhcp');
 
 $section->addInput(new Form_Checkbox(
diff --git a/src/usr/local/www/services_router_advertisements.php b/src/usr/local/www/services_router_advertisements.php
index c9aeaa5..8af551f 100644
--- a/src/usr/local/www/services_router_advertisements.php
+++ b/src/usr/local/www/services_router_advertisements.php
@@ -160,7 +160,7 @@ if ($_POST) {
 		} else {
 			$pconfig['subnets'][] = $address . "/" . $bits;
 			if (!is_ipaddrv6($address)) {
-				$input_errors[] = sprintf(gettext("An invalid subnet or alias was specified. [%s/%s]"), $address, $bits);
+				$input_errors[] = sprintf(gettext('An invalid subnet or alias was specified. [%1$s/%2$s]'), $address, $bits);
 			}
 		}
 	}
diff --git a/src/usr/local/www/services_unbound.php b/src/usr/local/www/services_unbound.php
index 93f4b7e..b0ced5d 100644
--- a/src/usr/local/www/services_unbound.php
+++ b/src/usr/local/www/services_unbound.php
@@ -319,7 +319,7 @@ $section->addInput(new Form_Checkbox(
 	'Enable Forwarding Mode',
 	$pconfig['forwarding']
 ))->setHelp(sprintf('If this option is set, DNS queries will be forwarded to the upstream DNS servers defined under'.
-					' %sSystem &gt; General Setup%s or those obtained via DHCP/PPP on WAN'.
+					' %1$sSystem &gt; General Setup%2$s or those obtained via DHCP/PPP on WAN'.
 					' (if DNS Server Override is enabled there).','<a href="system.php">','</a>'));
 
 $section->addInput(new Form_Checkbox(
@@ -329,7 +329,7 @@ $section->addInput(new Form_Checkbox(
 	$pconfig['regdhcp']
 ))->setHelp(sprintf('If this option is set, then machines that specify their hostname when requesting a DHCP lease will be registered'.
 					' in the DNS Resolver, so that their name can be resolved.'.
-					' The domain in %sSystem &gt; General Setup%s should also be set to the proper value.','<a href="system.php">','</a>'));
+					' The domain in %1$sSystem &gt; General Setup%2$s should also be set to the proper value.','<a href="system.php">','</a>'));
 
 $section->addInput(new Form_Checkbox(
 	'regdhcpstatic',
@@ -337,7 +337,7 @@ $section->addInput(new Form_Checkbox(
 	'Register DHCP static mappings in the DNS Resolver',
 	$pconfig['regdhcpstatic']
 ))->setHelp(sprintf('If this option is set, then DHCP static mappings will be registered in the DNS Resolver, so that their name can be resolved. '.
-					'The domain in %sSystem &gt; General Setup%s should also be set to the proper value.','<a href="system.php">','</a>'));
+					'The domain in %1$sSystem &gt; General Setup%2$s should also be set to the proper value.','<a href="system.php">','</a>'));
 
 $btnadv = new Form_Button(
 	'btnadvcustom',
@@ -554,14 +554,14 @@ endforeach;
 </nav>
 
 <div class="infoblock">
-	<?php print_info_box(sprintf(gettext("If the DNS Resolver is enabled, the DHCP".
-		" service (if enabled) will automatically serve the LAN IP".
-		" address as a DNS server to DHCP clients so they will use".
-		" the DNS Resolver. If Forwarding is enabled, the DNS Resolver will use the DNS servers".
-		" entered in %sSystem &gt; General Setup%s".
-		" or those obtained via DHCP or PPP on WAN if &quot;Allow".
-		" DNS server list to be overridden by DHCP/PPP on WAN&quot;".
-		" is checked."), '<a href="system.php">', '</a>'), 'info', false); ?>
+	<?php print_info_box(sprintf(gettext('If the DNS Resolver is enabled, the DHCP'.
+		' service (if enabled) will automatically serve the LAN IP'.
+		' address as a DNS server to DHCP clients so they will use'.
+		' the DNS Resolver. If Forwarding is enabled, the DNS Resolver will use the DNS servers'.
+		' entered in %1$sSystem &gt; General Setup%2$s'.
+		' or those obtained via DHCP or PPP on WAN if &quot;Allow'.
+		' DNS server list to be overridden by DHCP/PPP on WAN&quot;'.
+		' is checked.'), '<a href="system.php">', '</a>'), 'info', false); ?>
 </div>
 
 <?php include("foot.inc");
diff --git a/src/usr/local/www/services_unbound_acls.php b/src/usr/local/www/services_unbound_acls.php
index 42ab941..e2eb7ee 100644
--- a/src/usr/local/www/services_unbound_acls.php
+++ b/src/usr/local/www/services_unbound_acls.php
@@ -166,12 +166,12 @@ if ($_POST) {
 }
 
 $actionHelp =
-					sprintf(gettext('%sDeny:%s Stops queries from hosts within the netblock defined below.%s'), '<span class="text-success"><strong>', '</strong></span>', '<br />') .
-					sprintf(gettext('%sRefuse:%s Stops queries from hosts within the netblock defined below, but sends a DNS rcode REFUSED error message back to the client.%s'), '<span class="text-success"><strong>', '</strong></span>', '<br />') .
-					sprintf(gettext('%sAllow:%s Allow queries from hosts within the netblock defined below.%s'), '<span class="text-success"><strong>', '</strong></span>', '<br />') .
-					sprintf(gettext('%sAllow Snoop:%s Allow recursive and nonrecursive access from hosts within the netblock defined below. Used for cache snooping and ideally should only be configured for the administrative host.%s'), '<span class="text-success"><strong>', '</strong></span>', '<br />') .
-					sprintf(gettext('%sDeny Nonlocal:%s Allow only authoritative local-data queries from hosts within the netblock defined below. Messages that are disallowed are dropped.%s'), '<span class="text-success"><strong>', '</strong></span>', '<br />') .
-					sprintf(gettext('%sRefuse Nonlocal:%s Allow only authoritative local-data queries from hosts within the netblock defined below. Sends a DNS rcode REFUSED error message back to the client for messages that are disallowed.'), '<span class="text-success"><strong>', '</strong></span>');
+					sprintf(gettext('%1$sDeny:%2$s Stops queries from hosts within the netblock defined below.%3$s'), '<span class="text-success"><strong>', '</strong></span>', '<br />') .
+					sprintf(gettext('%1$sRefuse:%2$s Stops queries from hosts within the netblock defined below, but sends a DNS rcode REFUSED error message back to the client.%3$s'), '<span class="text-success"><strong>', '</strong></span>', '<br />') .
+					sprintf(gettext('%1$sAllow:%2$s Allow queries from hosts within the netblock defined below.%3$s'), '<span class="text-success"><strong>', '</strong></span>', '<br />') .
+					sprintf(gettext('%1$sAllow Snoop:%2$s Allow recursive and nonrecursive access from hosts within the netblock defined below. Used for cache snooping and ideally should only be configured for the administrative host.%3$s'), '<span class="text-success"><strong>', '</strong></span>', '<br />') .
+					sprintf(gettext('%1$sDeny Nonlocal:%2$s Allow only authoritative local-data queries from hosts within the netblock defined below. Messages that are disallowed are dropped.%3$s'), '<span class="text-success"><strong>', '</strong></span>', '<br />') .
+					sprintf(gettext('%1$sRefuse Nonlocal:%2$s Allow only authoritative local-data queries from hosts within the netblock defined below. Sends a DNS rcode REFUSED error message back to the client for messages that are disallowed.'), '<span class="text-success"><strong>', '</strong></span>');
 
 $pgtitle = array(gettext("Services"), gettext("DNS Resolver"), gettext("Access Lists"));
 $pglinks = array("", "services_unbound.php", "@self");
diff --git a/src/usr/local/www/status_logs_common.inc b/src/usr/local/www/status_logs_common.inc
index be05902..88b9a3e 100644
--- a/src/usr/local/www/status_logs_common.inc
+++ b/src/usr/local/www/status_logs_common.inc
@@ -140,15 +140,15 @@ function system_log_table_panel_title() {
 
 	if ($rawfilter) {
 		if (($filtersubmit) || ($filterlogentries_submit)) {
-			$rtnstr .= sprintf(gettext("%s Matched %s Log Entries."), "<span id='count'>_ _</span>", gettext($allowed_logs[$logfile]["name"]));
+			$rtnstr .= sprintf(gettext('%1$s Matched %2$s Log Entries.'), "<span id='count'>_ _</span>", gettext($allowed_logs[$logfile]["name"]));
 		} else {
-			$rtnstr .= sprintf(gettext("Last %s %s Log Entries."), "<span id='count'>_ _</span>", gettext($allowed_logs[$logfile]["name"]));
+			$rtnstr .= sprintf(gettext('Last %1$s %2$s Log Entries.'), "<span id='count'>_ _</span>", gettext($allowed_logs[$logfile]["name"]));
 		}
 	} else {
 		if (($filtersubmit) || ($filterlogentries_submit)) {
-			$rtnstr .= sprintf(gettext("%d Matched %s Log Entries."), count($filterlog), gettext($allowed_logs[$logfile]["name"]));
+			$rtnstr .= sprintf(gettext('%1$d Matched %2$s Log Entries.'), count($filterlog), gettext($allowed_logs[$logfile]["name"]));
 		} else {
-			$rtnstr .= sprintf(gettext("Last %d %s Log Entries."), count($filterlog), gettext($allowed_logs[$logfile]["name"]));
+			$rtnstr .= sprintf(gettext('Last %1$d %2$s Log Entries.'), count($filterlog), gettext($allowed_logs[$logfile]["name"]));
 		}
 	}
 
diff --git a/src/usr/local/www/status_ntpd.php b/src/usr/local/www/status_ntpd.php
index eb73922..8436f6e 100644
--- a/src/usr/local/www/status_ntpd.php
+++ b/src/usr/local/www/status_ntpd.php
@@ -185,13 +185,13 @@ function print_status() {
 
 		print("<tr>\n");
 		print('<td class="warning" colspan="11">');
-		printf(gettext("Statistics unavailable because ntpq and ntpdc queries are disabled in the %sNTP service settings%s"), '<a href="services_ntpd.php">', '</a>');
+		printf(gettext('Statistics unavailable because ntpq and ntpdc queries are disabled in the %1$sNTP service settings%2$s'), '<a href="services_ntpd.php">', '</a>');
 		print("</td>\n");
 		print("</tr>\n");
 	elseif (count($ntpq_servers) == 0):
 		print("<tr>\n");
 		print('<td class="warning" colspan="11">');
-		printf(gettext("No peers found, %sis the ntp service running?%s"), '<a href="status_services.php">', '</a>');
+		printf(gettext('No peers found, %1$sis the ntp service running?%2$s'), '<a href="status_services.php">', '</a>');
 		print("</td>\n");
 		print("</tr>\n");
 	else:
diff --git a/src/usr/local/www/status_upnp.php b/src/usr/local/www/status_upnp.php
index 45f2c8a..8607540 100644
--- a/src/usr/local/www/status_upnp.php
+++ b/src/usr/local/www/status_upnp.php
@@ -52,7 +52,7 @@ if (!$config['installedpackages'] ||
     !$config['installedpackages']['miniupnpd']['config'][0]['iface_array'] ||
     !$config['installedpackages']['miniupnpd']['config'][0]['enable']) {
 
-	print_info_box(sprintf(gettext('UPnP is currently disabled. It can be enabled here: %s%s%s.'), '<a href="pkg_edit.php?xml=miniupnpd.xml">', gettext('Services &gt; UPnP &amp; NAT-PMP'), '</a>'), 'danger');
+	print_info_box(sprintf(gettext('UPnP is currently disabled. It can be enabled here: %1$s%2$s%3$s.'), '<a href="pkg_edit.php?xml=miniupnpd.xml">', gettext('Services &gt; UPnP &amp; NAT-PMP'), '</a>'), 'danger');
 	include("foot.inc");
 	exit;
 }
diff --git a/src/usr/local/www/system_crlmanager.php b/src/usr/local/www/system_crlmanager.php
index 836d9a6..54a65f3 100644
--- a/src/usr/local/www/system_crlmanager.php
+++ b/src/usr/local/www/system_crlmanager.php
@@ -179,14 +179,14 @@ if ($act == "delcert") {
 	$certname = htmlspecialchars($thiscert['descr']);
 	$crlname = htmlspecialchars($thiscrl['descr']);
 	if (cert_unrevoke($thiscert, $thiscrl)) {
-		$savemsg = sprintf(gettext("Deleted Certificate %s from CRL %s."), $certname, $crlname);
+		$savemsg = sprintf(gettext('Deleted Certificate %1$s from CRL %2$s.'), $certname, $crlname);
 		$class = "success";
 		// refresh IPsec and OpenVPN CRLs
 		openvpn_refresh_crls();
 		vpn_ipsec_configure();
 		write_config($savemsg);
 	} else {
-		$savemsg = sprintf(gettext("Failed to delete Certificate %s from CRL %s."), $certname, $crlname);
+		$savemsg = sprintf(gettext('Failed to delete Certificate %1$s from CRL %2$s.'), $certname, $crlname);
 		$class = "danger";
 	}
 	$act="edit";
diff --git a/src/usr/local/www/system_usermanager_settings.php b/src/usr/local/www/system_usermanager_settings.php
index c8228f5..7ccc2d5 100644
--- a/src/usr/local/www/system_usermanager_settings.php
+++ b/src/usr/local/www/system_usermanager_settings.php
@@ -41,22 +41,22 @@ if ($_REQUEST['ajax']) {
 	}
 
 	if (!$authcfg) {
-		printf(gettext("%sError: Could not find settings for %s%s"), '<span class="text-danger">', htmlspecialchars($authserver), "</span>");
+		printf(gettext('%1$sError: Could not find settings for %2$s%3$s'), '<span class="text-danger">', htmlspecialchars($authserver), "</span>");
 		exit;
 	} else {
 		print("<pre>");
 
 		print('<table class="table table-hover table-striped table-condensed">');
 
-		print("<tr><td>" . sprintf(gettext("Attempting connection to %s%s%s"), "<td><center>", htmlspecialchars($auth_server), "</center></td>"));
+		print("<tr><td>" . sprintf(gettext('Attempting connection to %1$s%2$s%3$s'), "<td><center>", htmlspecialchars($auth_server), "</center></td>"));
 		if (ldap_test_connection($authcfg)) {
 			print("<td><span class=\"text-center text-success\">" . gettext("OK") . "</span></td></tr>");
 
-			print("<tr><td>" . sprintf(gettext("Attempting bind to %s%s%s"), "<td><center>", htmlspecialchars($auth_server), "</center></td>"));
+			print("<tr><td>" . sprintf(gettext('Attempting bind to %1$s%2$s%3$s'), "<td><center>", htmlspecialchars($auth_server), "</center></td>"));
 			if (ldap_test_bind($authcfg)) {
 				print('<td><span class="text-center text-success">' . gettext("OK") . "</span></td></tr>");
 
-				print("<tr><td>" . sprintf(gettext("Attempting to fetch Organizational Units from %s%s%s"), "<td><center>", htmlspecialchars($auth_server), "</center></td>"));
+				print("<tr><td>" . sprintf(gettext('Attempting to fetch Organizational Units from %1$s%2$s%3$s'), "<td><center>", htmlspecialchars($auth_server), "</center></td>"));
 				$ous = ldap_get_user_ous(true, $authcfg);
 
 				if (count($ous)>1) {
diff --git a/src/usr/local/www/vpn_ipsec.php b/src/usr/local/www/vpn_ipsec.php
index b47a0e5..317571c 100644
--- a/src/usr/local/www/vpn_ipsec.php
+++ b/src/usr/local/www/vpn_ipsec.php
@@ -525,9 +525,9 @@ if (is_subsystem_dirty('ipsec')) {
 </form>
 
 <div class="infoblock">
-	<?php print_info_box(sprintf(gettext("The IPsec status can be checked at %s%s%s."), '<a href="status_ipsec.php">', gettext("Status:IPsec"), '</a>') . '<br />' .
-	sprintf(gettext("IPsec debug mode can be enabled at %s%s%s."), '<a href="vpn_ipsec_settings.php">', gettext("VPN:IPsec:Advanced Settings"), '</a>') . '<br />' .
-	sprintf(gettext("IPsec can be set to prefer older SAs at %s%s%s."), '<a href="vpn_ipsec_settings.php">', gettext("VPN:IPsec:Advanced Settings"), '</a>'), 'info', false); ?>
+	<?php print_info_box(sprintf(gettext('The IPsec status can be checked at %1$s%2$s%3$s.'), '<a href="status_ipsec.php">', gettext("Status:IPsec"), '</a>') . '<br />' .
+	sprintf(gettext('IPsec debug mode can be enabled at %1$s%2$s%3$s.'), '<a href="vpn_ipsec_settings.php">', gettext("VPN:IPsec:Advanced Settings"), '</a>') . '<br />' .
+	sprintf(gettext('IPsec can be set to prefer older SAs at %1$s%2$s%3$s.'), '<a href="vpn_ipsec_settings.php">', gettext("VPN:IPsec:Advanced Settings"), '</a>'), 'info', false); ?>
 </div>
 
 <script type="text/javascript">
diff --git a/src/usr/local/www/vpn_openvpn_server.php b/src/usr/local/www/vpn_openvpn_server.php
index bbb0ee6..f767d66 100644
--- a/src/usr/local/www/vpn_openvpn_server.php
+++ b/src/usr/local/www/vpn_openvpn_server.php
@@ -829,7 +829,7 @@ if ($act=="new" || $act=="edit"):
 			}
 		}
 	} else {
-		$certhelp = sprintf('%s%s%s$s', '<span id="certtype">', gettext('No Certificates defined. One may be created here: '), '<a href="system_camanager.php">' . gettext("System &gt; Cert. Manager") . '</a>', '</span>');
+		$certhelp = sprintf(gettext('No Certificates defined. One may be created here: %1$s%2$s%3$s'), '<span id="certtype">', '<a href="system_camanager.php">' . gettext("System &gt; Cert. Manager") . '</a>', '</span>');
 	}
 
 	$cl = openvpn_build_cert_list(false, true);
@@ -1354,7 +1354,7 @@ else:
 						<?=htmlspecialchars($server['tunnel_networkv6'])?>
 					</td>
 					<td>
-						<?=sprintf("Crypto: %s/%s", $server['crypto'], $server['digest']);?>
+						<?=sprintf('Crypto: %1$s/%2$s', $server['crypto'], $server['digest']);?>
 					<?php if (is_numeric($server['dh_length'])): ?>
 						<?=sprintf("<br/>D-H Params: %d bits", $server['dh_length']);?>
 					<?php elseif ($server['dh_length'] == "none"): ?>
@@ -1362,7 +1362,7 @@ else:
 					<?php endif; ?>
 					</td>
 					<td>
-						<?=htmlspecialchars(sprintf('%s (%s)', $server['description'], $server['dev_mode']))?>
+						<?=htmlspecialchars(sprintf('%1$s (%2$s)', $server['description'], $server['dev_mode']))?>
 					</td>
 					<td>
 						<a class="fa fa-pencil"	title="<?=gettext('Edit server')?>" href="vpn_openvpn_server.php?act=edit&amp;id=<?=$i?>"></a>
diff --git a/src/usr/local/www/wizard.php b/src/usr/local/www/wizard.php
index 55f5451..8ce1e0b 100644
--- a/src/usr/local/www/wizard.php
+++ b/src/usr/local/www/wizard.php
@@ -73,7 +73,7 @@ if (empty($xml)) {
 }
 
 if (!is_array($pkg)) {
-	print_info_box(sprintf(gettext("Could not parse %s/wizards/%s file."), $g['www_path'], $xml), 'danger');
+	print_info_box(sprintf(gettext('Could not parse %1$s/wizards/%2$s file.'), $g['www_path'], $xml), 'danger');
 	die;
 }
 
-- 
cgit v1.1


" . sprintf(gettext("Attempting connection to %s%s%s"), "	", htmlspecialchars($auth_server), "
" . sprintf(gettext('Attempting connection to %1$s%2$s%3$s'), "	", htmlspecialchars($auth_server), "	" . gettext("OK") . "
" . sprintf(gettext("Attempting bind to %s%s%s"), "	", htmlspecialchars($auth_server), "
" . sprintf(gettext('Attempting bind to %1$s%2$s%3$s'), "	", htmlspecialchars($auth_server), "	' . gettext("OK") . "
" . sprintf(gettext("Attempting to fetch Organizational Units from %s%s%s"), "	", htmlspecialchars($auth_server), "
" . sprintf(gettext('Attempting to fetch Organizational Units from %1$s%2$s%3$s'), "	", htmlspecialchars($auth_server), "