Run the decrypted backup through htmlentities, otherwise things like & in the actual config get turned into their decoded counterparts (&, ", etc) and if that result is copy/pasted, saved, and restored, it is invalid XML and gets tossed out.

author: jim-p <jimp@pfsense.org> 2011-10-11 15:35:33 -0400
committer: jim-p <jimp@pfsense.org> 2011-10-11 15:37:00 -0400
commit: e696bc409f773579808ebf0e2e9bd03ae17d1f1a (patch)
tree: 027a22f54500f0cfb1e0667ba76ab0693817a746
parent: 77fd0fadbb154fd07ccf8b44a7ab59f519abff8e (diff)
download: pfsense-packages-e696bc409f773579808ebf0e2e9bd03ae17d1f1a.tar.gz
pfsense-packages-e696bc409f773579808ebf0e2e9bd03ae17d1f1a.tar.bz2
pfsense-packages-e696bc409f773579808ebf0e2e9bd03ae17d1f1a.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/config/autoconfigbackup/autoconfigbackup.php b/config/autoconfigbackup/autoconfigbackup.php
index e43620c4..5ebe8e20 100644
--- a/config/autoconfigbackup/autoconfigbackup.php
+++ b/config/autoconfigbackup/autoconfigbackup.php
@@ -267,7 +267,7 @@ EOF;
 						$configtype = "Encrypted";
 						if (!tagfile_deformat($data, $data, "config.xml")) 
 							$input_errors[] = "The downloaded file does not appear to contain an encrypted pfSense configuration.";
-						$data = decrypt_data($data, $decrypt_password);
+						$data = htmlentities(decrypt_data($data, $decrypt_password));
 						if(!strstr($data, "pfsense")) {
 							$data = "Could not decrypt.  Different encryption key?";
 							$input_errors[] = "Could not decrypt config.xml";
author	jim-p <jimp@pfsense.org>	2011-10-11 15:35:33 -0400
committer	jim-p <jimp@pfsense.org>	2011-10-11 15:37:00 -0400
commit	e696bc409f773579808ebf0e2e9bd03ae17d1f1a (patch)
tree	027a22f54500f0cfb1e0667ba76ab0693817a746
parent	77fd0fadbb154fd07ccf8b44a7ab59f519abff8e (diff)
download	pfsense-packages-e696bc409f773579808ebf0e2e9bd03ae17d1f1a.tar.gz pfsense-packages-e696bc409f773579808ebf0e2e9bd03ae17d1f1a.tar.bz2 pfsense-packages-e696bc409f773579808ebf0e2e9bd03ae17d1f1a.zip