From ac880ee72b4ff0859ef7473f0d96c1d9f98f0427 Mon Sep 17 00:00:00 2001
From: Renato Botelho <garga@FreeBSD.org>
Date: Mon, 25 May 2015 11:10:45 -0300
Subject: Call htmlspecialchars() to remove dangerouns chars from zone
 parameter. Also redirect user to services_captiveportal_zones.php when an
 invalid zone is passed

---
 usr/local/www/services_captiveportal_zones.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'usr')

diff --git a/usr/local/www/services_captiveportal_zones.php b/usr/local/www/services_captiveportal_zones.php
index 8974167..3b865ed 100644
--- a/usr/local/www/services_captiveportal_zones.php
+++ b/usr/local/www/services_captiveportal_zones.php
@@ -49,7 +49,7 @@ if (!is_array($config['captiveportal']))
 $a_cp = &$config['captiveportal'];
 
 if ($_GET['act'] == "del" && !empty($_GET['zone'])) {
-	$cpzone = $_GET['zone'];
+	$cpzone = htmlspecialchars($_GET['zone']);
 	if ($a_cp[$cpzone]) {
 		$cpzoneid = $a_cp[$cpzone]['zoneid'];
 		unset($a_cp[$cpzone]['enable']);
@@ -58,9 +58,9 @@ if ($_GET['act'] == "del" && !empty($_GET['zone'])) {
 		if (isset($config['voucher'][$cpzone]))
 			unset($config['voucher'][$cpzone]);
 		write_config();
-		header("Location: services_captiveportal_zones.php");
-		exit;
 	}
+	header("Location: services_captiveportal_zones.php");
+	exit;
 }
 
 $pgtitle = array(gettext("Captive Portal"),gettext("Zones"));
-- 
cgit v1.1