Revision 667889e7
Added by Scott Ullrich over 17 years ago
| usr/local/www/diag_dump_states.php | ||
|---|---|---|
| 31 | 31 |
$pgtitle = "Diagnostics: Show States"; |
| 32 | 32 |
include("head.inc");
|
| 33 | 33 |
|
| 34 |
$srcip = htmlentities($_GET['srcip']); |
|
| 35 |
$dstip = htmlentities($_GET['dstip']); |
|
| 36 |
$action = htmlentities($_GET['action']); |
|
| 37 |
$filter = htmlentities($_GET['filter']); |
|
| 38 |
|
|
| 34 | 39 |
/* handle AJAX operations */ |
| 35 | 40 |
if($_GET['action']) {
|
| 36 |
if($_GET['action'] == "remove") {
|
|
| 37 |
$retval = mwexec("/sbin/pfctl -k '{$_GET['srcip']}' -k '{$_GET['dstip']}'");
|
|
| 38 |
echo "|{$_GET['srcip']}|{$_GET['dstip']}|{$retval}|";
|
|
| 41 |
if($action == "remove") {
|
|
| 42 |
$retval = mwexec("/sbin/pfctl -k '{$srcip}' -k '{$dstip}'");
|
|
| 43 |
echo "|{$srcip}|{$dstip}|{$retval}|";
|
|
| 39 | 44 |
exit; |
| 40 | 45 |
} |
| 41 | 46 |
} |
Also available in: Unified diff
Close off XSS execution hole.
Submitted-by: Charles Hooper