Révision 1de3a5dd
Ajouté par jim-p il y a presque 10 ans
| usr/local/www/diag_testport.php | ||
|---|---|---|
| 68 | 68 |
$input_errors[] = gettext("Please enter a valid port number.");
|
| 69 | 69 |
} |
| 70 | 70 |
|
| 71 |
if (is_numeric($_REQUEST['srcport']) && !is_port($_REQUEST['srcport'])) {
|
|
| 71 |
if (!is_numeric($_REQUEST['srcport']) || !is_port($_REQUEST['srcport'])) {
|
|
| 72 | 72 |
$input_errors[] = gettext("Please enter a valid source port number, or leave the field blank.");
|
| 73 | 73 |
} |
| 74 | 74 |
|
| ... | ... | |
| 189 | 189 |
echo '<pre>'; |
| 190 | 190 |
$result = ""; |
| 191 | 191 |
$nc_base_cmd = "/usr/bin/nc"; |
| 192 |
$nc_args = "-w {$timeout}";
|
|
| 192 |
$nc_args = "-w " . escapeshellarg($timeout);
|
|
| 193 | 193 |
if (!$showtext) |
| 194 | 194 |
$nc_args .= " -z "; |
| 195 | 195 |
if (!empty($srcport)) |
| 196 |
$nc_args .= " -p {$srcport} ";
|
|
| 196 |
$nc_args .= " -p " . escapeshellarg($srcport) . " ";
|
|
| 197 | 197 |
|
| 198 | 198 |
/* Attempt to determine the interface address, if possible. Else try both. */ |
| 199 | 199 |
if (is_ipaddrv4($host)) {
|
Formats disponibles : Unified diff
Fix input validation logic on diag_testport.php, escape more shell arguments for good measure