Revision 2c5c799a
Added by Jim Pingle over 8 years ago
| src/usr/local/www/wizard.php | ||
|---|---|---|
| 165 | 165 |
function update_config_field($field, $updatetext, $unset, $arraynum, $field_type) {
|
| 166 | 166 |
global $config; |
| 167 | 167 |
$field_split = explode("->", $field);
|
| 168 |
$thisvar = null; |
|
| 168 | 169 |
foreach ($field_split as $f) {
|
| 169 | 170 |
$field_conv .= "['" . $f . "']"; |
| 170 | 171 |
} |
| ... | ... | |
| 188 | 189 |
if ($field_type == "interfaces_selection") {
|
| 189 | 190 |
$var = "\$config{$field_conv}";
|
| 190 | 191 |
$text = "if (isset({$var})) unset({$var});";
|
| 191 |
$text .= "\$config" . $field_conv . " = \"" . $updatetext . "\";";
|
|
| 192 |
$text .= "\$thisvar = &\$config" . $field_conv . ";";
|
|
| 192 | 193 |
eval($text); |
| 194 |
$thisvar = $updatetext; |
|
| 193 | 195 |
return; |
| 194 | 196 |
} |
| 195 | 197 |
|
| ... | ... | |
| 197 | 199 |
$text = "unset(\$config" . $field_conv . ");"; |
| 198 | 200 |
eval($text); |
| 199 | 201 |
} |
| 200 |
$text = "\$config" . $field_conv . " = \"" . addslashes($updatetext) . "\";";
|
|
| 202 |
$text .= "\$thisvar = &\$config" . $field_conv . ";";
|
|
| 201 | 203 |
eval($text); |
| 204 |
$thisvar = $updatetext; |
|
| 202 | 205 |
} |
| 203 | 206 |
|
| 204 | 207 |
$title = preg_replace("/pfSense/i", $g['product_name'], $pkg['step'][$stepid]['title']);
|
Also available in: Unified diff
Rather than setting the value directly, minimize exposure to eval() in update_config_field() from wizard.php by constructing a variable reference, then set the value using the reference rather than passing user input through eval(). Fixes #7230