Projet

Général

Profil

« Précédent | Suivant » 

Révision aba02f65

Ajouté par Renato Botelho il y a presque 10 ans

Simplify logic, add some protection to user input parameters

Voir les différences:

usr/local/www/widgets/widgets/log.widget.php
40 40 
/* In an effort to reduce duplicate code, many shared functions have been moved here. */
41 41 
require_once("filter_log.inc");
42 42 

  		




  43
  
  
    
if($_POST['filterlogentries']) {


  		




  44
  
  
    
	unset($config['widgets']['filterlogentries']);


  		




  45
  
  
    
	if( ($_POST['filterlogentries']) and ($_POST['filterlogentries'] != ' ') ) $config['widgets']['filterlogentries'] = $_POST['filterlogentries'];


  		




  
  43
  
    
if(is_numeric($_POST['filterlogentries'])) {


  		




  
  44
  
    
	$config['widgets']['filterlogentries'] = $_POST['filterlogentries'];


  		




  46
  45
  
    

  		




  47
  
  
    
	unset($config['widgets']['filterlogentriesacts']);


  		




  48
  
  
    
	if($_POST['actpass'])   $config['widgets']['filterlogentriesacts'] .= $_POST['actpass']   . " ";


  		




  49
  
  
    
	if($_POST['actblock'])  $config['widgets']['filterlogentriesacts'] .= $_POST['actblock']  . " ";


  		




  50
  
  
    
	if($_POST['actreject']) $config['widgets']['filterlogentriesacts'] .= $_POST['actreject'] . " ";


  		




  51
  
  
    
	if (isset($config['widgets']['filterlogentriesacts'])) $config['widgets']['filterlogentriesacts'] = trim($config['widgets']['filterlogentriesacts']);


  		




  
  46
  
    
	$acts = array();


  		




  
  47
  
    
	if ($_POST['actpass'])   $acts[] = "Pass";


  		




  
  48
  
    
	if ($_POST['actblock'])  $acts[] = "Block";


  		




  
  49
  
    
	if ($_POST['actreject']) $acts[] = "Reject";


  		




  52
  50
  
    

  		




  53
  
  
    
	unset($config['widgets']['filterlogentriesinterfaces']);


  		




  54
  
  
    
	if( ($_POST['filterlogentriesinterfaces']) and ($_POST['filterlogentriesinterfaces'] != "All") ) $config['widgets']['filterlogentriesinterfaces'] = $_POST['filterlogentriesinterfaces'];


  		




  55
  
  
    
	if (isset($config['widgets']['filterlogentriesinterfaces'])) $config['widgets']['filterlogentriesinterfaces'] = trim($config['widgets']['filterlogentriesinterfaces']);


  		




  
  51
  
    
	if (!empty($acts))


  		




  
  52
  
    
		$config['widgets']['filterlogentriesacts'] = implode(" ", $acts);


  		




  
  53
  
    
	else


  		




  
  54
  
    
		unset($config['widgets']['filterlogentriesacts']);


  		




  
  55
  
    
	unset($acts);


  		




  
  56
  
    

  		




  
  57
  
    
	if( ($_POST['filterlogentriesinterfaces']) and ($_POST['filterlogentriesinterfaces'] != "All") )


  		




  
  58
  
    
		$config['widgets']['filterlogentriesinterfaces'] = trim($_POST['filterlogentriesinterfaces']);


  		




  
  59
  
    
	else


  		




  
  60
  
    
		unset($config['widgets']['filterlogentriesinterfaces']);


  		




  56
  61
  
    

  		




  57
  62
  
    
	write_config("Saved Filter Log Entries via Dashboard");


  		




  58
  
  
    
	$filename = $_SERVER['HTTP_REFERER'];


  		




  59
  
  
    
	if(headers_sent($file, $line)){


  		




  60
  
  
    
		echo "<script type=\"text/javascript\">\n";


  		




  61
  
  
    
		echo "//<![CDATA[\n";


  		




  62
  
  
    
		echo "window.location.href=\"" . $filename . "\";\n";


  		




  63
  
  
    
		echo "//]]>\n";


  		




  64
  
  
    
		echo "</script>\n";


  		




  65
  
  
    
		echo "<noscript>\n";


  		




  66
  
  
    
		echo "<meta http-equiv=\"refresh\" content=\"0;url=" . $filename . "\" />\n";


  		




  67
  
  
    
		echo "</noscript>\n";


  		




  68
  
  
    
	}


  		




  69
  
  
    
	header("Location: /");


  		




  
  63
  
    
	Header("Location: /");


  		




  
  64
  
    
	exit(0);


  		




  70
  65
  
    
}


  		




  71
  66
  
    

  		




  72
  67
  
    
$nentries = isset($config['widgets']['filterlogentries']) ? $config['widgets']['filterlogentries'] : 5;


  		




  ......




  76
  71
  
    
$nentriesacts       = isset($config['widgets']['filterlogentriesacts'])       ? $config['widgets']['filterlogentriesacts']       : 'All';


  		




  77
  72
  
    
$nentriesinterfaces = isset($config['widgets']['filterlogentriesinterfaces']) ? $config['widgets']['filterlogentriesinterfaces'] : 'All';


  		




  78
  73
  
    

  		




  79
  
  
    
$filterfieldsarray = array("act", "interface");


  		




  80
  
  
    
$filterfieldsarray['act'] = $nentriesacts;


  		




  81
  
  
    
$filterfieldsarray['interface'] = $nentriesinterfaces;


  		




  
  74
  
    
$filterfieldsarray = array(


  		




  
  75
  
    
	"act" => $nentriesacts,


  		




  
  76
  
    
	"interface" => $nentriesinterfaces


  		




  
  77
  
    
);


  		




  82
  78
  
    

  		




  83
  79
  
    
$filter_logfile = "{$g['varlog_path']}/filter.log";


  		




  84
  80
  
    
$filterlog = conv_log_filter($filter_logfile, $nentries, 50, $filterfieldsarray);        //Get log entries


  		




  ......




  139
  135
  
    
		</select>


  		




  140
  136
  
    

  		




  141
  137
  
    
<?php


  		




  142
  
  
    
		$Include_Act = explode(",", str_replace(" ", ",", $nentriesacts));


  		




  
  138
  
    
		$Include_Act = explode(" ", $nentriesacts);


  		




  143
  139
  
    
		if ($nentriesinterfaces == "All") $nentriesinterfaces = "";


  		




  144
  140
  
    
?>


  		




  145
  141
  
    
		<input id="actpass"   name="actpass"   type="checkbox" value="Pass"   <?php if (in_arrayi('Pass',   $Include_Act)) echo "checked=\"checked\""; ?> /> Pass


  		




  ......




  158
  154
  
    
			</option>


  		




  159
  155
  
    
<?php


  		




  160
  156
  
    
		endforeach;


  		




  
  157
  
    
		unset($interfaces);


  		




  
  158
  
    
		unset($Include_Act);


  		




  161
  159
  
    
?>


  		




  162
  160
  
    
		</select>


  		




  163
  161
  
    

  		












Formats disponibles :  Unified diff