From 9fb19cab962fd97fa19054c1f5cf0246a08e2978 Mon Sep 17 00:00:00 2001
From: jim-p <jimp@pfsense.org>
Date: Tue, 8 Sep 2015 15:15:58 -0400
Subject: Misc encoding/display issues in the Load Balancer code

---
 usr/local/www/load_balancer_pool.php                          | 2 ++
 usr/local/www/load_balancer_pool_edit.php                     | 6 ++++++
 usr/local/www/load_balancer_virtual_server.php                | 2 ++
 usr/local/www/load_balancer_virtual_server_edit.php           | 6 ++++++
 usr/local/www/status_lb_pool.php                              | 2 +-
 usr/local/www/status_lb_vs.php                                | 2 +-
 usr/local/www/widgets/widgets/load_balancer_status.widget.php | 2 +-
 7 files changed, 19 insertions(+), 3 deletions(-)

(limited to 'usr')

diff --git a/usr/local/www/load_balancer_pool.php b/usr/local/www/load_balancer_pool.php
index 46e4e1c..0a81931 100644
--- a/usr/local/www/load_balancer_pool.php
+++ b/usr/local/www/load_balancer_pool.php
@@ -92,9 +92,11 @@ for ($i = 0; isset($config['load_balancer']['monitor_type'][$i]); $i++) {
 	$mondex[$config['load_balancer']['monitor_type'][$i]['name']] = $i;
 }
 for ($i = 0; isset($config['load_balancer']['lbpool'][$i]); $i++) {
+	$a_pool[$i]['mode'] = htmlspecialchars($a_pool[$i]['mode']);
 	$a_pool[$i]['monitor'] = "<a href=\"/load_balancer_monitor_edit.php?id={$mondex[$a_pool[$i]['monitor']]}\">" . htmlspecialchars($a_pool[$i]['monitor']) . "</a>";
 }
 
+
 $pgtitle = array(gettext("Services"), gettext("Load Balancer"),gettext("Pool"));
 $shortcut_section = "relayd";
 
diff --git a/usr/local/www/load_balancer_pool_edit.php b/usr/local/www/load_balancer_pool_edit.php
index 457087b..72f36ce 100644
--- a/usr/local/www/load_balancer_pool_edit.php
+++ b/usr/local/www/load_balancer_pool_edit.php
@@ -74,6 +74,8 @@ if (isset($id) && $a_pool[$id]) {
 $changedesc = gettext("Load Balancer: Pool:") . " ";
 $changecount = 0;
 
+$allowed_modes = array("loadbalance", "failover");
+
 if ($_POST) {
 	$changecount++;
 
@@ -110,6 +112,10 @@ if ($_POST) {
 	if (!empty($_POST['retry']) && !is_port($_POST['retry']))
 		$input_errors[] = gettext("The retry value must be an integer between 1 and 65535.");
 
+	if (!in_array($_POST['mode'], $allowed_modes)) {
+		$input_errors[] = gettext("The submitted mode is not valid.");
+	}
+
 	if (is_array($_POST['servers'])) {
 		foreach($pconfig['servers'] as $svrent) {
 			if (!is_ipaddr($svrent) && !is_subnetv4($svrent)) {
diff --git a/usr/local/www/load_balancer_virtual_server.php b/usr/local/www/load_balancer_virtual_server.php
index 04a4d7b..4940864 100644
--- a/usr/local/www/load_balancer_virtual_server.php
+++ b/usr/local/www/load_balancer_virtual_server.php
@@ -87,6 +87,8 @@ for ($i = 0; isset($config['load_balancer']['lbpool'][$i]); $i++) {
 }
 for ($i = 0; isset($config['load_balancer']['virtual_server'][$i]); $i++) {
 	if($a_vs[$i]) {
+		$a_vs[$i]['mode'] = htmlspecialchars($a_vs[$i]['mode']);
+		$a_vs[$i]['relay_protocol'] = htmlspecialchars($a_vs[$i]['relay_protocol']);
 		$a_vs[$i]['poolname'] = "<a href=\"/load_balancer_pool_edit.php?id={$poodex[$a_vs[$i]['poolname']]}\">" . htmlspecialchars($a_vs[$i]['poolname']) . "</a>";
 		if ($a_vs[$i]['sitedown'] != '') {
 			$a_vs[$i]['sitedown'] = "<a href=\"/load_balancer_pool_edit.php?id={$poodex[$a_vs[$i]['sitedown']]}\">" . htmlspecialchars($a_vs[$i]['sitedown']) . "</a>";
diff --git a/usr/local/www/load_balancer_virtual_server_edit.php b/usr/local/www/load_balancer_virtual_server_edit.php
index 8e6ffe8..50f59ed 100644
--- a/usr/local/www/load_balancer_virtual_server_edit.php
+++ b/usr/local/www/load_balancer_virtual_server_edit.php
@@ -69,6 +69,8 @@ if (isset($id) && $a_vs[$id]) {
 $changedesc = gettext("Load Balancer: Virtual Server:") . " ";
 $changecount = 0;
 
+$allowed_protocols = array("tcp", "dns");
+
 if ($_POST) {
 	unset($input_errors);
 	$pconfig = $_POST;
@@ -107,6 +109,10 @@ if ($_POST) {
 	else if (is_subnetv4($_POST['ipaddr']) && subnet_size($_POST['ipaddr']) > 64)
 		$input_errors[] = sprintf(gettext("%s is a subnet containing more than 64 IP addresses."), $_POST['ipaddr']);
 
+	if (!in_array($_POST['relay_protocol'], $allowed_protocols)) {
+		$input_errors[] = gettext("The submitted relay protocol is not valid.");
+	}
+
 	if ((strtolower($_POST['relay_protocol']) == "dns") && !empty($_POST['sitedown']))
 		$input_errors[] = gettext("You cannot select a Fall Back Pool when using the DNS relay protocol.");
 
diff --git a/usr/local/www/status_lb_pool.php b/usr/local/www/status_lb_pool.php
index 6e689a3..140a18a 100644
--- a/usr/local/www/status_lb_pool.php
+++ b/usr/local/www/status_lb_pool.php
@@ -209,7 +209,7 @@ if ($_POST) {
 			<?php echo $pool['monitor']; ?>
 		</td>
 		<td class="listbg" >
-			<?=$pool['descr'];?>
+			<?=htmlspecialchars($pool['descr']);?>
 		</td>
 		</tr>
 		<?php endforeach; ?>
diff --git a/usr/local/www/status_lb_vs.php b/usr/local/www/status_lb_vs.php
index 62ae530..952aea7 100644
--- a/usr/local/www/status_lb_vs.php
+++ b/usr/local/www/status_lb_vs.php
@@ -132,7 +132,7 @@ include("head.inc");
 			?>
                   </td>
                   <td class="listbg" >
-						<?=$vsent['descr'];?>
+						<?=htmlspecialchars($vsent['descr']);?>
                   </td>
                 </tr>
 		<?php $i++; endforeach; ?>
diff --git a/usr/local/www/widgets/widgets/load_balancer_status.widget.php b/usr/local/www/widgets/widgets/load_balancer_status.widget.php
index 098a028..9accedc 100644
--- a/usr/local/www/widgets/widgets/load_balancer_status.widget.php
+++ b/usr/local/www/widgets/widgets/load_balancer_status.widget.php
@@ -140,7 +140,7 @@ if (!$nentries)
 		</table>
 		</td>
 		<td class="listbg" >
-			<font color="#FFFFFF"><?=$vsent['descr'];?></font>
+			<font color="#FFFFFF"><?=htmlspecialchars($vsent['descr']);?></font>
 		</td>
 	</tr>
 	<?php $i++; endforeach; ?>
-- 
cgit v1.1