aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
authorjim-p <jimp@pfsense.org>2014-02-18 16:15:54 -0500
committerjim-p <jimp@pfsense.org>2014-02-18 16:15:54 -0500
commita973e73b6fe151a342d5c998ed02c3fce482d006 (patch)
tree3db0645d2834c5124db6f2dd66d97a5005ca4702 /config
parent48a6f785e551967611ca49f40c05d1a567dd628e (diff)
downloadpfsense-packages-a973e73b6fe151a342d5c998ed02c3fce482d006.tar.gz
pfsense-packages-a973e73b6fe151a342d5c998ed02c3fce482d006.tar.bz2
pfsense-packages-a973e73b6fe151a342d5c998ed02c3fce482d006.zip
Use escapeshellarg for spamd; remove unused echo.
Diffstat (limited to 'config')
-rw-r--r--config/spamd/spamd.xml2
-rw-r--r--config/spamd/spamd_db.php2
-rw-r--r--config/spamd/spamd_db_ext.php2
3 files changed, 2 insertions, 4 deletions
diff --git a/config/spamd/spamd.xml b/config/spamd/spamd.xml
index 76d39af9..1a7b4272 100644
--- a/config/spamd/spamd.xml
+++ b/config/spamd/spamd.xml
@@ -42,7 +42,7 @@
<requirements>Describe your package requirements here</requirements>
<faq>Currently there are no FAQ items provided.</faq>
<name>spamdsources</name>
- <version>4.2</version>
+ <version>4.9.1 v1.1</version>
<title>SpamD: External Sources</title>
<include_file>/usr/local/pkg/spamd.inc</include_file>
<backup_file>/var/db/spamd</backup_file>
diff --git a/config/spamd/spamd_db.php b/config/spamd/spamd_db.php
index 112fdd71..c4c8ffe2 100644
--- a/config/spamd/spamd_db.php
+++ b/config/spamd/spamd_db.php
@@ -103,7 +103,7 @@ if($_POST['spamtrapemail'] <> "") {
}
if($_GET['getstatus'] <> "") {
- $status = exec("/usr/local/sbin/spamdb | grep \"{$_GET['getstatus']}\"");
+ $status = exec("/usr/local/sbin/spamdb | grep " . escapeshellarg($_GET['getstatus']));
if(stristr($status, "WHITE") == true) {
echo "WHITE";
} else if(stristr($status, "TRAPPED") == true) {
diff --git a/config/spamd/spamd_db_ext.php b/config/spamd/spamd_db_ext.php
index e029f676..61a90141 100644
--- a/config/spamd/spamd_db_ext.php
+++ b/config/spamd/spamd_db_ext.php
@@ -54,8 +54,6 @@ foreach($config['installedpackages']['spamdoutlook']['config'] as $outlook) {
}
}
-exec("echo {$_GET['action']} > /tmp/tmp");
-
/* handle AJAX operations */
if($_GET['action'] or $_POST['action']) {
if($_GET['action'])