Révision 4cf82d52
Ajouté par jim-p il y a presque 13 ans
etc/inc/vpn.inc | ||
---|---|---|
1189 | 1189 |
$mpdsecret = ""; |
1190 | 1190 |
|
1191 | 1191 |
if (is_array($pptpdcfg['user'])) { |
1192 |
foreach ($pptpdcfg['user'] as $user) |
|
1193 |
$mpdsecret .= "{$user['name']} \"{$user['password']}\" {$user['ip']}\n"; |
|
1192 |
foreach ($pptpdcfg['user'] as $user) { |
|
1193 |
$pass = str_replace('"', '\"', $user['password']); |
|
1194 |
$mpdsecret .= "{$user['name']} \"{$pass}\" {$user['ip']}\n"; |
|
1195 |
} |
|
1194 | 1196 |
} |
1195 | 1197 |
|
1196 | 1198 |
fwrite($fd, $mpdsecret); |
usr/local/www/vpn_pptp_users_edit.php | ||
---|---|---|
84 | 84 |
if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['username'])) |
85 | 85 |
$input_errors[] = gettext("The username contains invalid characters."); |
86 | 86 |
|
87 |
if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['password'])) |
|
88 |
$input_errors[] = gettext("The password contains invalid characters."); |
|
89 |
|
|
90 | 87 |
if (preg_match("/^!/", $_POST['password'])) |
91 | 88 |
$input_errors[] = gettext("The password cannot start with '!'."); |
92 | 89 |
|
90 |
if (!preg_match("/^[\x20-\x7E]*$/", $_POST['password'])) |
|
91 |
$input_errors[] = gettext("The password contains invalid characters."); |
|
92 |
|
|
93 | 93 |
if (($_POST['password']) && ($_POST['password'] != $_POST['password2'])) { |
94 | 94 |
$input_errors[] = gettext("The passwords do not match."); |
95 | 95 |
} |
Formats disponibles : Unified diff
Relax PPTP password restrictions, just prevent starting with a !, and limit to common printable/keyboard characters so it doesn't result in invalid xml. Fixes #1720