frodovdr/raspap-webgui
1
0
Fork 0
mirror of https://github.com/billz/raspap-webgui.git synced 2023-10-10 13:37:24 +02:00
Code Issues Releases Wiki Activity

Update method to POST + escapeshellarg()

Browse Source
This commit is contained in:
billz 2021-05-01 17:24:37 +01:00
parent 08164f43f1
commit 3a41b52c1d
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ajax/networking/get_netcfg.php
View File

@ -3,11 +3,11 @@
require '../../includes/csrf.php'; require '../../includes/csrf.php';
require_once '../../includes/config.php'; require_once '../../includes/config.php';
$interface = $_GET['iface']; $interface = $_POST['iface'];
if (isset($interface)) { if (isset($interface)) {
// fetch dnsmasq.conf settings for interface // fetch dnsmasq.conf settings for interface
exec('cat '. RASPI_DNSMASQ_PREFIX.$interface.'.conf', $return); exec('cat '. RASPI_DNSMASQ_PREFIX.escapeshellarg($interface).'.conf', $return);
$conf = ParseConfig($return); $conf = ParseConfig($return);
$dhcpdata['DHCPEnabled'] = empty($conf) ? false : true; $dhcpdata['DHCPEnabled'] = empty($conf) ? false : true;

4
app/js/custom.js
View File

@ -178,8 +178,8 @@ Populates the DHCP server form fields
Option toggles are set dynamically depending on the loaded configuration Option toggles are set dynamically depending on the loaded configuration
*/ */
function loadInterfaceDHCPSelect() { function loadInterfaceDHCPSelect() {
var iface = $('#cbxdhcpiface').val(); var strInterface = $('#cbxdhcpiface').val();
$.get('ajax/networking/get_netcfg.php?iface='+iface,function(data){ $.post('ajax/networking/get_netcfg.php',{iface:strInterface},function(data){
jsonData = JSON.parse(data); jsonData = JSON.parse(data);
$('#dhcp-iface')[0].checked = jsonData.DHCPEnabled; $('#dhcp-iface')[0].checked = jsonData.DHCPEnabled;
$('#txtipaddress').val(jsonData.StaticIP); $('#txtipaddress').val(jsonData.StaticIP);