pfSense

Fix filter_rules_sort's compare function to know about floating rules so it won't change their order.

Use this sort before saving, so the rule just added is sorted into the proper category like the rest.

Unbreak graphs

Copy logic for when to show the cellular tab from status_rrd_graph.php. Fixes #714

Return this field to its old name to prevent a conflict of names and since the code that uses it still refers to it by that name. Issue reported at http://forum.pfsense.org/index.php/topic,29985.0.html

This caused the full name field to be ignored when creating a user and prevented making a certificate at the creation of the user (either could still be changed afterward).

Only use escapeshellarg when passing the arguments to the shell. Fixes #1005

• Call get_configured_interface_* functions only once in the code
• Optimize the test if the passed interface is a vaild one
• Fix the apply settings to actually do something rather than do nothing at all
• Some style and whitespace fixes

Note that this textbox controls HTTP_REFERER hostname checks as well

• Adding function get_configured_ip_addresses() which returns all interfaces and their configured IP address
• Add checkbox to System -> Advanced -> Admin for HTTP_REFERER checks
• Add and enforce HTTP_REFERER check if checkbox is not checked.

This will prevent HTML pages from crafting HTML GETs against the web interface and will prevent firewall admins from being "tricked" into clicking on links that may be harmful to their firewall.

Fix misc XSS issues from davey b