frodovdr/raspap-webgui
1
0
Fork 0
mirror of https://github.com/billz/raspap-webgui.git synced 2025-03-01 10:31:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Validate wpa_passphrase w/ ctype_print

Browse Source
This commit is contained in:
billz
2021-05-07 11:33:17 +01:00
parent e76c31c9c6
commit 3969db61b0
1 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
includes/hostapd.php
View File

@@ -212,11 +212,14 @@ function SaveHostAPDConfig($wpa_array, $enc_types, $modes, $interfaces, $status)
$good_input = false; $good_input = false;
} }
if ($_POST['wpa'] !== 'none' # NB: A pass-phrase is a sequence of between 8 and 63 ASCII-encoded characters (IEEE Std. 802.11i-2004)
&& (strlen($_POST['wpa_passphrase']) < 8 || strlen($_POST['wpa_passphrase']) > 63) # Each character in the pass-phrase must have an encoding in the range of 32 to 126 (decimal). (IEEE Std. 802.11i-2004, Annex H.4.1)
) { if ($_POST['wpa'] !== 'none' && (strlen($_POST['wpa_passphrase']) < 8 || strlen($_POST['wpa_passphrase']) > 63)) {
$status->addMessage('WPA passphrase must be between 8 and 63 characters', 'danger'); $status->addMessage('WPA passphrase must be between 8 and 63 characters', 'danger');
$good_input = false; $good_input = false;
} elseif (!ctype_print($_POST['wpa_passphrase'])) {
$status->addMessage('WPA passphrase must be comprised of printable ASCII characters', 'danger');
$good_input = false;
} }
if (isset($_POST['hiddenSSID'])) { if (isset($_POST['hiddenSSID'])) {