aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort
diff options
context:
space:
mode:
authorjim-p <jimp@pfsense.org>2015-10-05 15:10:46 -0400
committerjim-p <jimp@pfsense.org>2015-10-05 15:10:46 -0400
commit609bdbdee961cbe6f4b94ae5858131a87e9ac52c (patch)
tree43f148f9d7dd373ca01a6332efa00be6cfcf3323 /config/snort
parent68364fa7ee9073f2fb9fe9f7717fe430b377615b (diff)
downloadpfsense-packages-609bdbdee961cbe6f4b94ae5858131a87e9ac52c.tar.gz
pfsense-packages-609bdbdee961cbe6f4b94ae5858131a87e9ac52c.tar.bz2
pfsense-packages-609bdbdee961cbe6f4b94ae5858131a87e9ac52c.zip
Better handling of blertnumber in snort_blocked.php
Diffstat (limited to 'config/snort')
-rw-r--r--config/snort/snort_blocked.php8
1 files changed, 6 insertions, 2 deletions
diff --git a/config/snort/snort_blocked.php b/config/snort/snort_blocked.php
index 39119210..055497d9 100644
--- a/config/snort/snort_blocked.php
+++ b/config/snort/snort_blocked.php
@@ -46,7 +46,7 @@ if (!is_array($config['installedpackages']['snortglobal']['alertsblocks']))
$pconfig['brefresh'] = $config['installedpackages']['snortglobal']['alertsblocks']['brefresh'];
$pconfig['blertnumber'] = $config['installedpackages']['snortglobal']['alertsblocks']['blertnumber'];
-if (empty($pconfig['blertnumber']))
+if (empty($pconfig['blertnumber']) || !is_numeric($pconfig['blertnumber']))
$bnentries = '500';
else
$bnentries = $pconfig['blertnumber'];
@@ -130,6 +130,10 @@ if ($_POST['download'])
if ($_POST['save'])
{
+ if (!is_numeric($_POST['blertnumber'])) {
+ $input_errors[] = gettext("Alert number must be numeric");
+ }
+
/* no errors */
if (!$input_errors) {
$config['installedpackages']['snortglobal']['alertsblocks']['brefresh'] = $_POST['brefresh'] ? 'on' : 'off';
@@ -219,7 +223,7 @@ if ($savemsg) {
</td>
</tr>
<tr>
- <td colspan="2" class="listtopic"><?php printf(gettext("Last %s Hosts Blocked by Snort"), $bnentries); ?></td>
+ <td colspan="2" class="listtopic"><?php printf(gettext("Last %s Hosts Blocked by Snort"), htmlspecialchars($bnentries)); ?></td>
</tr>
<tr>
<td colspan="2">