diff options
author | jim-p <jimp@pfsense.org> | 2014-02-18 16:15:54 -0500 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2014-02-18 16:15:54 -0500 |
commit | a973e73b6fe151a342d5c998ed02c3fce482d006 (patch) | |
tree | 3db0645d2834c5124db6f2dd66d97a5005ca4702 /config | |
parent | 48a6f785e551967611ca49f40c05d1a567dd628e (diff) | |
download | pfsense-packages-a973e73b6fe151a342d5c998ed02c3fce482d006.tar.gz pfsense-packages-a973e73b6fe151a342d5c998ed02c3fce482d006.tar.bz2 pfsense-packages-a973e73b6fe151a342d5c998ed02c3fce482d006.zip |
Use escapeshellarg for spamd; remove unused echo.
Diffstat (limited to 'config')
-rw-r--r-- | config/spamd/spamd.xml | 2 | ||||
-rw-r--r-- | config/spamd/spamd_db.php | 2 | ||||
-rw-r--r-- | config/spamd/spamd_db_ext.php | 2 |
3 files changed, 2 insertions, 4 deletions
diff --git a/config/spamd/spamd.xml b/config/spamd/spamd.xml index 76d39af9..1a7b4272 100644 --- a/config/spamd/spamd.xml +++ b/config/spamd/spamd.xml @@ -42,7 +42,7 @@ <requirements>Describe your package requirements here</requirements> <faq>Currently there are no FAQ items provided.</faq> <name>spamdsources</name> - <version>4.2</version> + <version>4.9.1 v1.1</version> <title>SpamD: External Sources</title> <include_file>/usr/local/pkg/spamd.inc</include_file> <backup_file>/var/db/spamd</backup_file> diff --git a/config/spamd/spamd_db.php b/config/spamd/spamd_db.php index 112fdd71..c4c8ffe2 100644 --- a/config/spamd/spamd_db.php +++ b/config/spamd/spamd_db.php @@ -103,7 +103,7 @@ if($_POST['spamtrapemail'] <> "") { } if($_GET['getstatus'] <> "") { - $status = exec("/usr/local/sbin/spamdb | grep \"{$_GET['getstatus']}\""); + $status = exec("/usr/local/sbin/spamdb | grep " . escapeshellarg($_GET['getstatus'])); if(stristr($status, "WHITE") == true) { echo "WHITE"; } else if(stristr($status, "TRAPPED") == true) { diff --git a/config/spamd/spamd_db_ext.php b/config/spamd/spamd_db_ext.php index e029f676..61a90141 100644 --- a/config/spamd/spamd_db_ext.php +++ b/config/spamd/spamd_db_ext.php @@ -54,8 +54,6 @@ foreach($config['installedpackages']['spamdoutlook']['config'] as $outlook) { } } -exec("echo {$_GET['action']} > /tmp/tmp"); - /* handle AJAX operations */ if($_GET['action'] or $_POST['action']) { if($_GET['action']) |