Revision 64c50ecd
Added by Jim Pingle almost 10 years ago
| usr/local/www/diag_authentication.php | ||
|---|---|---|
| 99 | 99 |
if ($auth_server['name'] == $pconfig['authmode']) |
| 100 | 100 |
$selected = "selected=\"selected\""; |
| 101 | 101 |
?> |
| 102 |
<option value="<?=$auth_server['name'];?>" <?=$selected;?>><?=$auth_server['name'];?></option>
|
|
| 102 |
<option value="<?=htmlspecialchars($auth_server['name']);?>" <?=$selected;?>><?=htmlspecialchars($auth_server['name']);?></option>
|
|
| 103 | 103 |
<?php endforeach; ?> |
| 104 | 104 |
</select> |
| 105 | 105 |
</td> |
| usr/local/www/system_usermanager_settings.php | ||
|---|---|---|
| 152 | 152 |
if (!isset($pconfig['authmode']) && $auth_server['name'] == "Local Database") |
| 153 | 153 |
$selected = "selected=\"selected\""; |
| 154 | 154 |
?> |
| 155 |
<option value="<?=$auth_server['name'];?>" <?=$selected;?>><?=$auth_server['name'];?></option>
|
|
| 155 |
<option value="<?=htmlspecialchars($auth_server['name']);?>" <?=$selected;?>><?=htmlspecialchars($auth_server['name']);?></option>
|
|
| 156 | 156 |
<?php |
| 157 | 157 |
endforeach; |
| 158 | 158 |
?> |
| usr/local/www/system_usermanager_settings_test.php | ||
|---|---|---|
| 88 | 88 |
|
| 89 | 89 |
echo "<table width='100%'>"; |
| 90 | 90 |
|
| 91 |
echo "<tr><td>" . gettext("Attempting connection to") . " " . "<td><center>$auth_server</b></center></td>";
|
|
| 91 |
echo "<tr><td>" . gettext("Attempting connection to") . " " . "<td><center>" . htmlspecialchars($auth_server). "</b></center></td>";
|
|
| 92 | 92 |
if(ldap_test_connection($authcfg)) {
|
| 93 | 93 |
echo "<td><center><font color=green>OK</center></td></tr>"; |
| 94 | 94 |
|
| 95 |
echo "<tr><td>" . gettext("Attempting bind to") . " " . "<td><center>$auth_server</b></center></td>";
|
|
| 95 |
echo "<tr><td>" . gettext("Attempting bind to") . " " . "<td><center>" . htmlspecialchars($auth_server). "</b></center></td>";
|
|
| 96 | 96 |
if(ldap_test_bind($authcfg)) {
|
| 97 | 97 |
echo "<td><center><font color=green>OK</center></td></tr>"; |
| 98 | 98 |
|
| 99 |
echo "<tr><td>" . gettext("Attempting to fetch Organizational Units from") . " " . "<td><center>$auth_server</b></center></td>";
|
|
| 99 |
echo "<tr><td>" . gettext("Attempting to fetch Organizational Units from") . " " . "<td><center>" . htmlspecialchars($auth_server). "</b></center></td>";
|
|
| 100 | 100 |
$ous = ldap_get_user_ous(true, $authcfg); |
| 101 | 101 |
if(count($ous)>1) {
|
| 102 | 102 |
echo "<td><center><font color=green>OK</center></td></tr>"; |
| usr/local/www/vpn_ipsec_mobile.php | ||
|---|---|---|
| 393 | 393 |
$selected = ""; |
| 394 | 394 |
if (in_array($auth_server['name'], $authmodes)) |
| 395 | 395 |
$selected = "selected=\"selected\""; |
| 396 |
echo "<option value='{$auth_server['name']}' {$selected}>{$auth_server['name']}</option>\n";
|
|
| 396 |
echo "<option value=\"" . htmlspecialchars($auth_server['name']). "\" {$selected}>" . htmlspecialchars($auth_server['name']). "</option>\n";
|
|
| 397 | 397 |
} |
| 398 | 398 |
?> |
| 399 | 399 |
</select> |
| usr/local/www/vpn_openvpn_server.php | ||
|---|---|---|
| 810 | 810 |
if (in_array($auth_server_key, $authmodes)) |
| 811 | 811 |
$selected = "selected=\"selected\""; |
| 812 | 812 |
?> |
| 813 |
<option value="<?=$auth_server_key;?>" <?=$selected;?>><?=$auth_server['name'];?></option>
|
|
| 813 |
<option value="<?=htmlspecialchars($auth_server_key);?>" <?=$selected;?>><?=htmlspecialchars($auth_server['name']);?></option>
|
|
| 814 | 814 |
<?php endforeach; ?> |
| 815 | 815 |
</select> |
| 816 | 816 |
</td> |
Also available in: Unified diff
Encode auth server name before display.