diff options
| author | bmeeks8 <bmeeks8@bellsouth.net> | 2014-03-19 17:24:00 -0400 |
|---|---|---|
| committer | bmeeks8 <bmeeks8@bellsouth.net> | 2014-03-19 17:24:00 -0400 |
| commit | 5cb08a96dec952ae6e1fd657e6940ea79af4f8d8 (patch) | |
| tree | 3785b260aa6654f8cca35bab5b188f2cd86cb9f8 /config/suricata/suricata_list_view.php | |
| parent | 96899344ac872f5e811ea5394192c7c233457124 (diff) | |
| download | pfsense-packages-5cb08a96dec952ae6e1fd657e6940ea79af4f8d8.tar.gz pfsense-packages-5cb08a96dec952ae6e1fd657e6940ea79af4f8d8.tar.bz2 pfsense-packages-5cb08a96dec952ae6e1fd657e6940ea79af4f8d8.zip | |
Add new Log Mgmt tab link and improve parameter checking.
Diffstat (limited to 'config/suricata/suricata_list_view.php')
| -rw-r--r-- | config/suricata/suricata_list_view.php | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/config/suricata/suricata_list_view.php b/config/suricata/suricata_list_view.php index 2ff121f2..b6616909 100644 --- a/config/suricata/suricata_list_view.php +++ b/config/suricata/suricata_list_view.php @@ -34,9 +34,11 @@ global $g, $config; $contents = ''; -$id = $_GET['id']; -$wlist = $_GET['wlist']; -$type = $_GET['type']; +if (isset($_GET['id']) && is_numericint($_GET['id'])) + $id = htmlspecialchars($_GET['id']); + +$wlist = htmlspecialchars($_GET['wlist']); +$type = htmlspecialchars($_GET['type']); if (isset($id) && isset($wlist)) { $a_rule = $config['installedpackages']['suricata']['rule'][$id]; @@ -86,7 +88,7 @@ $pgtitle = array(gettext("Suricata"), gettext(ucfirst($type) . " Viewer")); <tr> <td colspan="2" valign="top" class="label"> <div style="background: #eeeeee; width:100%; height:100%;" id="textareaitem"><!-- NOTE: The opening *and* the closing textarea tag must be on the same line. --> - <textarea style="width:100%; height:100%;" readonly wrap="off" rows="25" cols="80" name="code2"><?=$contents;?></textarea> + <textarea style="width:100%; height:100%;" readonly wrap="off" rows="25" cols="80" name="code2"><?=htmlspecialchars($contents);?></textarea> </div> </td> </tr> |