Project

General

Profile

Statistics
| Branch: | Tag: | Revision:

root/src/usr/local @ 79a2945a

# Date Author Comment
79a2945a 04/20/2017 06:48 PM Phil Davis

Do input validation on the actual array passed in

I was tearing my hair out for a while. If do_input_validation() is passed some array of keys/values that has been assembled elsewhere (not $_POST, $_GET or $_REQUEST superglobals) then it does not work. The code here, for at least the last 7 years, has actually been checking the array keys in the "hard-coded" superglobals. That is a bit surprising, since the array to be checked is passed in as $postdata parameter....
7f8e4d5f 04/20/2017 05:16 PM Sergio Carlos Morales Angeles

Escape IPv6 when passed to ndp delete command

(cherry picked from commit 1d92faa34f7c9aaa97b1983f273d2d73285befb5)
c14573f7 04/20/2017 05:16 PM Sergio Carlos Morales Angeles

Add ability to delete NDP entry

(cherry picked from commit 13105d9c79fe3ac8be2b01c152fb9fb6a95147b4)
726756de 04/20/2017 05:03 PM Phil Davis

Remember original alias name on edit input errors

(cherry picked from commit 1271754326fe648093204296652398b1edd24912)
9dfd9007 04/20/2017 05:03 PM Phil Davis

Refactor update_alias_names_upon_change

(cherry picked from commit 24807bfeaec218948937a1fdc2b4e863319e41a0)
ef6e941e 04/13/2017 11:05 PM Steve Beaver

Revise dev_mode change handler

(cherry picked from commit 8a0af41adc9c29ccf7b8dabb3b7658abf46054a6)
3290b312 04/13/2017 12:13 PM Steve Beaver

Fixed #7451
Revised onchage handlers to obviate need for second click in Chrome on MacOS

(cherry picked from commit dd3c646fa5744a550f91524035a92f509d6162cf)
3a10f23b 04/11/2017 05:42 PM Renato Botelho

Revert "Restore CSRF customizations"

This reverts commit 1d7a414705794f2527dc1b7b3bb5419db1024bb6.
8e1b1f95 04/11/2017 05:42 PM Renato Botelho

Revert "CSRF: Close session before exit"

This reverts commit d2495e5893baa63b2973b66f7c1b9787fada2e30.
d2495e58 04/10/2017 06:07 PM Renato Botelho

CSRF: Close session before exit

On CSRF, call phpsession_end() before exit to avoid syslog warning
about open session

Submitted by: PiBa-NL
1d7a4147 04/10/2017 06:07 PM Renato Botelho

Restore CSRF customizations
f860a1ea 04/10/2017 06:07 PM Renato Botelho

Update CSRF to latest version from github
98ba645a 04/10/2017 04:53 PM Steve Beaver

Fix UTF8 in base64 decode

(cherry picked from commit 557e082696823ea5fa09a36d98f01775bf1e0c77)
41032d86 04/04/2017 12:36 PM → luckman212

Adds ability to ignore DHCP offers from multiple servers
- Forum thread: https://forum.pfsense.org/index.php?topic=124046.msg705100#msg705100
- related dhclient source:
https://github.com/pfsense/FreeBSD-src/blob/devel/sbin/dhclient/clparse.c#L945

changed files:...
9ff57c24 04/03/2017 07:44 PM Doktor Notor

Typo fix
68539b5a 04/03/2017 07:44 PM Doktor Notor

Disallow IPv6 for RADIUS server.

See https://redmine.pfsense.org/issues/4154. No need for users to waste their time with debugging packets black hole.
a81de913 04/03/2017 06:49 PM Jim Pingle

Merge pull request #3613 from doktornotor/patch-15
a0ef9714 04/03/2017 02:42 PM Steve Beaver

Fixed #7445
Now properly handles service names that contain hyphens

(cherry picked from commit 21a8edd7836baf1e4ee2f347fdc1bafb4d96c9d9)
df384862 04/03/2017 02:04 PM Steve Beaver

Merge pull request #3687 from doktornotor/patch-1

(cherry picked from commit 7c820a5d1ddb0ecf66ccaf1c4c82cc6361e15a6b)
1dd19532 03/29/2017 12:42 PM Renato Botelho

Merge pull request #3580 from doktornotor/patch-9
2b1a4a89 03/29/2017 11:22 AM Pi Ba

load package add-on tabs into config to avoid parsing all installed package xml's, fix tabgroup filter

(cherry picked from commit bc0661b7b32a99016b9e71b0ece969f6584034c2)
ea846d78 03/28/2017 01:10 PM Phil Davis

Redmine #7435 Fix edit problems due to POST id code
e4958a8f 03/27/2017 05:41 PM Phil Davis

Add underscores to is_port* function names

(cherry picked from commit 593e9fe32d2959cd823fe5da55714ccfb9a0e958)
5b7e3a4c 03/26/2017 08:34 AM Phil Davis

Provide functions for checking port range alias combinations
01dc8395 03/24/2017 03:36 PM Jim Pingle

Show the button to reset CARP demotion status even when the value is negative, and change the reset code to accommodate. Also fixup text in that dialog. Fixes #7424
90ebc7b1 03/23/2017 04:16 PM Phil Davis

Fix display of BIOS only on Sytem Info widget
832535ef 03/23/2017 03:06 PM Jim Pingle

Show BIOS information in the system info widget, if it exists in kenv.
a61e8f95 03/21/2017 05:57 PM Phil Davis

System Info Widget enable All button when disable firmware check is set

If system firmware disablecheck is set, then the click event for the filter "All" button is also not included in the JS, so the "All" button is not effective.

The setTimeout for systemStatusGetUpdateStatus() can be moved up just below where it is declared and inside the existing "if" that conditionally includes that function - no need for it to be inside events.push...
c8763391 03/21/2017 09:36 AM Phil Davis

Fix #7317 Widget Filter All button gateways widget RELENG_2_3
fdacd72b 03/21/2017 09:27 AM Doktor Notor

Reduce numeric precision in gateways widget to single decimal place (Feature #6841)
a3176912 03/21/2017 09:25 AM Steve Beaver

Further internationalization
cdfd6c9b 03/21/2017 09:24 AM Steve Beaver

Add missing internationalization
faa6d21c 03/21/2017 09:22 AM Phil Davis

Revise gateway widget config form
f3738015 03/21/2017 08:58 AM Phil Davis

Allow hiding of gateways in Gateways Widget

Sometimes there are gateways that I do not care about, so it is handy to
be able to save some space on the dashboard by hiding them.
This uses similar code structure taken from service_status widget. I
made the Save and Clear buttons and all that stuff use the same styles...
d2a919c8 03/13/2017 10:58 AM Doktor Notor

Visually separate the package manager legend area (Bug #7203)
7df63e98 03/08/2017 06:34 PM Phil Davis

Fix #7317 Widget Filter All button

(cherry picked from commit 7067e174c27a1fe9b23d13806f1e52ce9bc2aaee)
25d8c2ce 03/08/2017 05:40 PM Phil Davis

Fix #7364 Console assigned VLAN disappears after reboot

(cherry picked from commit 75a1149e0104561446e6f90f98d98c6c13c52996)
5bc83b28 03/08/2017 04:55 PM Phil Davis

Fix #7306 Correctly filter log widget entries by interface description
(cherry picked from commit 27bc5848cfea95f97f70a4fe0c30da6319794a9a)
cfc0d396 03/08/2017 03:05 PM Jim Pingle

Remove whirlpool from the list of CA/Cert digest algorithms as it does not work properly. OpenSSL claims it's not valid ("unknown signature algorithm"). Fixes #7370
While I'm here, stop needlessly repeating the algo list, it's a global in certs.inc, so use that single copy of the list.
ddfa8daa 03/08/2017 02:58 PM Jim Pingle

Fix display of openssl errors when working with CA or certificate entries. Found this while looking into ticket #7370
27c86938 03/08/2017 02:34 PM Steve Beaver

Set new blog URL (https://www.netgate.com/blog/) as default for RSS widget

(cherry picked from commit 294f14f7897f973f1fa2a1506cfdd9117b5daf65)
de34683a 03/07/2017 06:02 PM Phil Davis

Redmine #7301 Put dot after the word break

Signed-off-by: Phil Davis <>
(cherry picked from commit 81b1b44ad7e4d7abc635b08533359b9df45b54b2)
b77ddf68 03/07/2017 06:02 PM Phil Davis

Redmine #7301 Provide word-break opportunity for dynamic DNS host names

Signed-off-by: Phil Davis <>
(cherry picked from commit 138e79d42cb1771e3b8fcc727270187f5c7ee7db)
2ff475b7 03/07/2017 11:16 AM Doktor Notor

Add reasons to write_config() calls
(cherry picked from commit 919a43a7caa551cb14e72a5cd82ec1629b3a9aa5)
06321cfb 03/07/2017 11:16 AM Doktor Notor

Remove useless add_base_packages_menu_items() function

Not really sure what was the idea 7+ years ago, but the code just doesn't make sense now.
(cherry picked from commit 94503103d8ce4e34de79f221f4fdd24f07dccb93)
aa4d7205 03/06/2017 06:34 PM Renato Botelho

Deduplicate code
f751b20a 03/06/2017 05:47 PM Jim Pingle

Allow CloudFlare DDNS entries to use "" or "." for the hostname portion of the domain in the GUI to update the domain's @ record. Then in the backend code, remove that from the FQDN since CloudFlare doesn't like that to be sent explicitly. Fixes #7357

Fix is confirmed to work by two forum users: https://forum.pfsense.org/index.php?topic=122099.msg699763#msg699763
858c011d 03/06/2017 05:40 PM Jim Pingle

Do not enforce a max limit on state timeout when editing a firewall rule. Fixes #7356
9bfb115b 03/05/2017 04:29 PM Doktor Notor

Remove useless config_lock()/config_unlock() calls
adb19456 03/03/2017 03:40 PM Jim Pingle

Adjust fix for ticket #7294 for 2.3.x, it used a setHelp change that was only valid on 2.4.
956b03cd 03/02/2017 07:53 PM Phil Davis

Fix 7294 keep full rule description

Signed-off-by: Phil Davis <>
(cherry picked from commit 680e15baef76a9c598d52d3f2b9ab498077336a8)
6029dbd3 03/02/2017 07:33 PM Doktor Notor

Show PPPoE/PPTP/L2TP uptime on the Interfaces widget (Feature #6032)
(cherry picked from commit dc0f5e46a03e0ea797fb74df03e09c58f44a5c1a)
293724bc 03/02/2017 07:31 PM NOYB NOYB

User Manager - Status Icon - Sort Order

Make status column sort order work correctly with the icons.

(2.4, 2.3)

(cherry picked from commit 0fdbaca8f16d0424cb2565ff4341e7620a7bdd2d)
877676ee 03/02/2017 01:25 PM Renato Botelho

Use the same cache filename pattern for RFC2136 IPv6 items as used by dyndns
5be33f49 03/02/2017 01:21 PM Renato Botelho

Use | to separate dyndns IPv4 fields on cache file as done by rfc2136 items and for all IPv6 items
1877e4d9 02/27/2017 02:13 AM Phil Davis

Fix #7300 provide default value for ipprotocol for old rules
1ea0460f 02/25/2017 05:02 AM Doktor Notor

Remove another leftover
00a952af 02/24/2017 10:56 AM Doktor Notor

Fix NTP widget to show server time (Issue #7245)
8dbde62f 02/22/2017 06:11 PM Steve Beaver

Fixes #7296
HTML tags not allowed in selector option values

(cherry picked from commit 57f4327a60c0cabf43161a6cfde98479b42a7092)
49a9421d 02/22/2017 04:10 PM Doktor Notor

Check that DHCP registration isn't enabled for DNS forwarder/resolver when disabling DHCP server
(cherry picked from commit e83c9b733c86f39a14a874b115f2b8e0adc952e7)
97517b69 02/22/2017 04:10 PM Doktor Notor

Only allow the DHCP registration options to be enabled when DHCP server is enabled as well
(cherry picked from commit c6d03f09e035806dca8ac3314b41a3eaf523ab3f)
7ff16d90 02/22/2017 04:09 PM Doktor Notor

Only allow the DHCP registration options to be enabled when DHCP server is enabled as well
(cherry picked from commit 13fca9bcb3fdecfb6f9707e621b49f89569abfd7)
17d09ce9 02/21/2017 07:10 PM NOYB NOYB

User Manager - Status Icon

Use icon for status rather than textual asterisk to indicate disabled account.

(2.4, 2.3)

(cherry picked from commit edd88334dbe95af4600ae493fa86d45244cbaecb)
fe8fdf94 02/21/2017 07:09 PM Renato Botelho

Merge pull request #3528 from phil-davis/system-information-widget-filter-2_3
3715f2ed 02/21/2017 07:08 PM Renato Botelho

Merge pull request #3527 from phil-davis/breadcrumbs-2_3
1f3a58e7 02/14/2017 05:23 PM Jared Dillard

fix colspan background on dark theme
44f59761 02/14/2017 05:21 PM Steve Beaver

Add "required field" highlighting
65bd77d4 02/14/2017 11:24 AM Phil Davis

Only save valid widget locations in config

Some widgets create extra panels, e.g. the widgets that now have the filter functionality. Those panels are processed in the ".each" at line 424. They do not have an id in the form "widget-*" and when the old code tries to find the "*" part it gets "undefined". This results in the layout being saved like:...
63c0e334 02/14/2017 11:22 AM Phil Davis

Allow 5 dashboard columns to work

Selecting 1,2,3,4 or 6 dashboards columns results in an exact integer result here and all is good. But 5 columns results in "2.4" and "col-sm-2.4" is not a thing in bootstrap.
We need just the best int we can choose here, which is one that is just the int part of the division. That ensures that the 5 columns extend over less than the standard bootstrap total of 12 "units" wide....
eb5bc42b 02/13/2017 05:38 PM Jim Pingle

Fix saving Hybrid RSA + Xauth. Fixes #7258
8b5cf433 02/13/2017 03:58 PM Renato Botelho

Revert "Add privs to control display of notices"

Fix #7051

This reverts commit 04665e78537906f7375668ca665cba17f95a4864.
1a4e4d04 02/13/2017 11:15 AM Phil Davis

IPv4 Tunnel Network is required for OpenVPN server

(cherry picked from commit e4488e51cf424907e06ef7cc73370aa0657e5e25)
af36378e 02/11/2017 12:51 PM Phil Davis

System Information widget filter gettext()

(cherry picked from commit f5d762f90924510c097a9065dff135dab01f46f0)
3204c695 02/11/2017 12:48 PM Phil Davis

System Information Widget Filter

(cherry picked from commit 718b3b0b1b75de09a87866cb37b5a0752643283a)
d99503fb 02/11/2017 12:40 PM Phil Davis

Fix cut-paste error in Breadcrumb Links
(cherry picked from commit 0e5ee5ae260c42a05b79edf74fb491fca52bacb4)
de02dc29 02/11/2017 12:40 PM Phil Davis

Breadcrumb links

(cherry picked from commit edcd75357f0e93b124159314d3306197d5312e6c)
990bc1fb 02/11/2017 12:40 PM Phil Davis

Breadcrumb links support

(cherry picked from commit c50f228a1583fe694993778e8576322877a15bba)
c9e18377 02/11/2017 02:03 AM Jim Pingle

Add foot.inc back to status.php
f8002180 02/10/2017 05:57 PM → luckman212

4th attempt!
- Reworked based on recent comments from @rbgarga

(cherry picked from commit c516cb287a78f7b05459e7fcba410f443d8eb8af)
c2f4b759 02/10/2017 05:57 PM → luckman212

3rd try!
- incorporate suggestions from @rbgarga with slight modification

(cherry picked from commit 6c2f093000b05285546e81dd1a578fc9b573b72b)
307243e7 02/10/2017 05:57 PM → luckman212

2nd try. . .

/etc/inc/util.inc:
- arp_get_mac_by_ip() updated to support IPv6
- attempt at code streamline

/usr/local/www/services_dhcp_edit.php:
- streamline code, now just a simple call to arp_get_mac_by_ip()

(cherry picked from commit dd83f869b79a858bd74c7a8bb4adcd49217445b0)
9a20d170 02/10/2017 05:57 PM → luckman212

enhancements to services_dhcp_edit.php
- added ndp call to get MAC addr if remote client is connected via IPv6
- automatically hide `Copy MAC` button if arp/ndp returns null
- switch to exec() instead of backticks for calls to arp
- uses builtin is_ipaddr() function from util.inc...
804f6a16 02/10/2017 05:42 PM Jim Pingle

Sync up status.php with master, but keep the 2.3/10.3-specific parts. Fixes #7246
7a755921 02/10/2017 05:42 PM Jim Pingle

Do not output PHP shell starup message unless it is run interactively. Fixes #7045
3093b965 02/10/2017 05:39 PM Graham Collinson

Fix for bug 6966 https://redmine.pfsense.org/issues/6966

Change-Id: I9471c2bbd8941e70965a86d369c8de87be9a4417
(cherry picked from commit 109a304e154a179bd340b06880ce95baec4dab03)
e86b541f 02/10/2017 05:00 PM Jim Pingle

Revert "Fixed #6753"
User feedback suggests the sorted menu was better, despite the lack of consistency elsewhere.
This reverts commit 96ff627ff95e0fcadf8c15dbd6fe681309cb0fd8.
c620a9bb 02/10/2017 04:21 PM Renato Botelho

Mark missing parameter as required. It got lost during backport from master as spotted by @phil-davis
2c391a23 02/10/2017 04:16 PM Phil Davis

Required fields - Alias Type

should be a required field. And this 1-char change can also be backported to RELENG_2_3. I noticed this while looking at GUI pages in 2.3.3
(cherry picked from commit 8ea10c11441b5aed0b10eb14038aa8f8adbfb3de)
7790e0df 02/10/2017 04:11 PM Renato Botelho

Fix #7157

trafficgraph: Don't update the on screen visual graph while invisible,
which avoids creating a large queue of pending timer objects waiting
for the next requestAnimationFrame to happen.

Submitted by: PiBa-NL at https://github.com/pfsense/pfsense/pull/3450
c674ae38 02/10/2017 04:07 PM Renato Botelho

Ticket #7157: Backport upstream fix from https://github.com/novus/nvd3/commit/305cbad96e94f61a3c0bae02d16c28e09249fbc0
edf69b0c 02/10/2017 04:04 PM Phil Davis

Example of setting required items

(cherry picked from commit 32a85c63c9411463c98a0605772b3e2c01702971)
ac5e11a7 02/10/2017 02:12 PM Steve Beaver

Revise setHelpText to accommodate required fields
5f6c3712 02/10/2017 02:12 PM Steve Beaver

Provide Javascript set_Required function
5b18b8a4 02/10/2017 02:12 PM Steve Beaver

Provide CSS for required fields
cc8783a5 02/10/2017 02:12 PM Steve Beaver

Add "Required field" capability to Groups.class.php
dd23f616 02/09/2017 10:51 AM Phil Davis

status_upnp remove nested getext()

I don't think this does anything useful.
(cherry picked from commit 3224663a3759935b47406c789b9f5cea3eb88136)
310f4f21 02/08/2017 09:21 AM Phil Davis

Part fix #7233 keep correct staticmap_array_index

The index needs to be incremented even for entries that were skipped for display because they (for whatever reason) have no MAC or CID set. So use the key directly from the array.
(cherry picked from commit 9aa3c5e84984958caa19ac76ecba849b94a8b360)
c940afee 02/08/2017 09:05 AM Phil Davis

Part Fix #7233 Allow deletion of empty static map entries
(cherry picked from commit 2ea70e1a474fd871a007c76841f2a33f34082c58)
0f742e51 02/07/2017 09:35 PM Phil Davis

diag_backup do not use button text for comparisons

(cherry picked from commit 9a7e1c9580c5779c86bc97d6d82c43401c7a4b12)
2c5c799a 02/07/2017 07:31 PM Jim Pingle

Rather than setting the value directly, minimize exposure to eval() in update_config_field() from wizard.php by constructing a variable reference, then set the value using the reference rather than passing user input through eval(). Fixes #7230