aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorScott Ullrich <sullrich@pfsense.org>2008-07-15 22:28:35 +0000
committerScott Ullrich <sullrich@pfsense.org>2008-07-15 22:28:35 +0000
commitedb2662cbbfec2e1ce4ae683ed2868e1f2175f39 (patch)
tree2840f5ab50141d98a8aa1c6ae59b524c10ed29f1
parentb3b190cab5ebc835ab3d6d34941844b8da23f574 (diff)
downloadpfsense-packages-edb2662cbbfec2e1ce4ae683ed2868e1f2175f39.tar.gz
pfsense-packages-edb2662cbbfec2e1ce4ae683ed2868e1f2175f39.tar.bz2
pfsense-packages-edb2662cbbfec2e1ce4ae683ed2868e1f2175f39.zip
Cleanup a bit.
-rw-r--r--packages/spamd_db.php10
1 files changed, 5 insertions, 5 deletions
diff --git a/packages/spamd_db.php b/packages/spamd_db.php
index 10cf7a26..5acc093f 100644
--- a/packages/spamd_db.php
+++ b/packages/spamd_db.php
@@ -35,7 +35,7 @@ if($_POST['filter'])
if($_POST['not'])
$not = true;
if($_POST['limit'])
- $limit = $_POST['limit'];
+ $limit = intval($_POST['limit']);
else
$limit = "25";
@@ -321,12 +321,12 @@ if (typeof getURL == 'undefined') {
if($filter) {
if($not) {
$fd = fopen("/tmp/spamdb", "w");
- $cmd = "/usr/local/sbin/spamdb | grep -v \"" . $filter . "\" | tail -n {$limit}";
+ $cmd = "/usr/local/sbin/spamdb | grep -v \"" . escapeshellarg($filter) . "\" | tail -n {$limit}";
fwrite($fd, $cmd);
fclose($fd);
$pkgdb = split("\n", `$cmd`);
if(file_exists("/var/db/blacklist.txt")) {
- $cmd = "cat /var/db/blacklist.txt | grep -v \"" . $filter . "\" ";
+ $cmd = "cat /var/db/blacklist.txt | grep -v \"" . escapeshellarg($filter) . "\" ";
$pkgdba = split("\n", `$cmd`);
foreach($pkgdba as $pkg) {
$pkgdb[] = "TRAPPED|{$pkg}|1149324397";
@@ -334,11 +334,11 @@ if (typeof getURL == 'undefined') {
}
} else {
- $cmd = "/usr/local/sbin/spamdb | grep \"{$filter}\" | tail -n {$limit}";
+ $cmd = "/usr/local/sbin/spamdb | grep " . escapeshellarg($filter) . " | tail -n {$limit}";
$pkgdb = split("\n", `$cmd`);
if(file_exists("/var/db/blacklist.txt")) {
- $cmd = "cat /var/db/blacklist.txt | grep \"{$filter}\" ";
+ $cmd = "cat /var/db/blacklist.txt | grep " . escapeshellarg($filter);
$pkgdba = split("\n", `$cmd`);
foreach($pkgdba as $pkg) {
$pkgdb[] = "TRAPPED|{$pkg}|1149324397";