Ensure this is always an array to avoid a PHP error from foreach.
Do not reset source and destination port range values when it's an associated rule created by nat port forward. It fixes #3778
Avoid generating an invalid racoon config if the user specified a mobile pool that is too small.
Require click-through POST confirmation when restoring or deleting a configuation from the backup history page.
Remove javascript alert DNS resolution action from the firewall log view. It was already removed from 2.2, and it's better not to allow a GET action to perform that action.
Do not execute on GET, only pre-fill Host box so the user can press the button to execute. Turn alias creation links into submit buttons for POST. While here, remove some backticks and simplify a little.
Shorten the wait at "reload" in startup wizard to 5 seconds from 60. That's more than adequate for current systems, no need to make people sit there for 1 minute. Many likely click out via the logo and miss the last screen entirely.
Encode interface/VIP descriptions before displaying them on the GRE and GIF pages also;While here, the GRE page was missing IP aliases from its list of bind IPs, add it in.
Encode interface/VIP descriptions before displaying them on the NTP daemon settings.
Encode the detail field of an alias entry before displaying its contents back to the user.
Escape the individual dnsmasq advanced/custom options
Fix input validation logic on diag_testport.php, escape more shell arguments for good measure
Allow hostnames in bulk import since they are valid entries in a network type alias.
Change Cancel button to call history.back() as done in Firewall Rules, the current method has issues with IE 11, it should fix #3728
Fix #3725:
- Fix match_filter_field() and also simplify logic- Fix $filterfieldsarray initialization- Avoid to have double spaces on filterfieldsarray['act']- Fix filter on Firewall Logs
Merge pull request #1208 from razzfazz/nat_add_missing_protocols
Remove also . and / from graph
Fix status_rrd_graph_img.php and also improve it:
- Remove escapeshellarg that broke command line- Only remove dangerous chars to avoid command injection- Replace all `hostname` calls by php_uname('n')- Replace all `date` calls by strftime()- Add $_gb to collect possibly garbage from exec return
Make sure single quotes are encoded and avoid javascript injection
Use CDATA for javascript
Fix indent and whitespaces
Simplify logic, add some protection to user input parameters
Fix whitespaces and indent
We need to allow subdirectories under /usr/local/pkg, here is the proper fix
Protect servicestatusfilter parameter with htmlspecialchars()
Protect rssfeed parameters with htmlspecialchars()
Avoid directory traversal on restorefullbackup
Fix core dump on viewing invalid package log
Remove . and / from pkg name to avoid directory traversal
Remove id=0 from miniupnpd menu and shortcut
Avoid directory traversal when reading package xml files, also check if file exists before try to read it
Make sure variables are escaped, also replace exec calls to run rm by unlink_if_exists()
Remove useless code, variable is set again on next line
Escape parameters passed to shell_exec()
Be more careful with host parameter and make sure it's escaped when call shell functions
Validate starttime and stoptime format
Be more precise to match members of a bridge interface, it should fix #3637
Do not allow interface group name to be bigger than 15 chars, helps ticket #3208
Add some protection to parameters that come through _GET
remove openbgpd bits from system_gateways_edit and system.inc. The packagematch is case-sensitive and hasn't matched the openbgpd package's name inat least 5 years, so it doesn't do anything. It's far from functional inany useful manner even fixing that issue.
Unset iflist and iflist_disabled
Show disabled interface when it was already part of interface group, it avoids to show a random interface instead and let user to add it by mistake. It should fix #3680
bring protocols on NAT edit page more in line with rule edit page
add guiconfig to widgets not including it. ticket #3498
remove text not relevant to Allowed IPs. Ticket #3594
Merge pull request #1131 from razzfazz/make_upnp_listen_on_if_optional
Merge pull request #1130 from razzfazz/status_upnp_int_port
Fix #3646, Revert part of 082c9d961e and fix highlight selected rules
make listening on interface rather than IP optional for miniupnp
add column for internal port on UPnP status page
Fix Bug #3627 Diagnostics: Tables - Remove button dont work after update to PfSense 2.1.2
This annoyed me also, so I thought it worth finding what changes exactly broke this.del_entry was broken on 2.1 branch by https://github.com/pfsense/pfsense/commit/fe3088b965a99772e76622d17ceae87288471edc...
Check the right field here
Unbreak 'add rule on top of the list' allowing after param to be -1
Move clog from /usr to /usr/local
Conflicts: etc/inc/filter_log.inc etc/inc/system.inc etc/rc usr/local/www/guiconfig.inc
make miniupnpd listen on interface instead of IP
The 'listening_ip' option in miniupnpd.conf can accept an interface namedirectly instead of having to translate it to an IPv4 address first. (This isactually required if IPv6 support is enabled.)
Don't refuse to delete a bridge in the GUI just because its bridge interface doesn't exist, just log that it doesn't exist and don't attempt to ifconfig destroy it, delete it from config
Remove problematic code without proper checks but even not needed here
List GWGs in Interface to send update from
Back-port of this fix done in master https://github.com/pfsense/pfsense/commit/31300a95f71b14dcb98c139388205223a36e8c8b and https://github.com/pfsense/pfsense/commit/8f56dd279432c4fd5a027310622e2650822e4651Unfortunately this never got back-merged to 2.1 branch. A user on the forum noticed the issue again on 2.1.1 - https://forum.pfsense.org/index.php?topic=74922.0...
Use an alphanumeric test rather than purely is_numericint because the ID is generated by uniqid and is not purely numeric. Fixes #3591
fixes Bug #3569
On packages that uses row_helper when user clicks on add or delete button, the page scrolls to top.It seems something with ajaxhttp://stackoverflow.com/questions/1061580/jquery-click-on-anchor-element-forces-scroll-to-top
A simple return false after jquery action fixes the unwanted scroll.
Fix #3555, on chrome it is not initializing correct minutes when adding a new time, just drop unused php variables and set it on js
Revert "XHTML Compliance"
This commit broke schedules edit, it should fix #3555.
This reverts commit e1002cd2724869eabdfe1f9258d4522d572722e4.
Handle the reinstallall case with confirmation. Fixes #3548
Fix days and weeks selection on schedules, reported at https://forum.pfsense.org/index.php?topic=74101.0
Only consider javascript files that ends with .js
Detect Zones and Cores for thermal sensors using regex, it fixes #3337
remove unused supportedbybsdperimeter tag
s/BSDP/ESF/
Automatic outbound NAT rules skip openvpn interfaces, lets skip them when creating the first set of manual rules too. It fixes #3528
standardize URLs
standardize on https://www.pfsense.org
standardize pfsense.com references to https://www.pfsense.org
fix white space
s/http/https/ for www.pfsense.org
Fix #3521, show correct field descr
fix text, remove product_website mentions here since that's not actually used anyway.
Use descr prepended to voucher fields containing descriptions to have them encoded as CDATA. Fixes #3441
Improve checks for params 'id', 'dup' and other similar ones to make sure they are numeric integer, also, pass them through htmlspecialchars() before print
Validate rule Advanced Options numeric entries
version of pull request #1021 for 2.1 branch
Pass id variable through htmlspecialchars before print it
Make Firewall Rules Advanced Options open if used - 2.1 branch
This is the same code as pull request 997 but for 2.1 branch
Merge pull request #991 from phil-davis/RELENG_2_1
Return GWG IP protocol (version) when no gateway IP - 2.1 version
Fix order of parameters to explode() here
Fix OpenVPN XML section name
Forum https://forum.pfsense.org/index.php?topic=73479.0
Merge pull request #1004 from phil-davis/patch-3
Add all advanced options to rule table hover text on 2.1 branch
XHTML Compliance
Services - DNS Forwarder
Services - DHCP Server
Diagnostics - Packet Capture
Diagnostics - Tables
VPN - PPTP - Users
VPN - PPTP - Configuration
VPN - PPPOE
VPN - L2TP - Users
VPN - L2TP - Configuration
VPN - IPsec - Pre-Shared Keys
Bug #3512
VPN - IPsec - Mobile Clients