frodovdr
/
raspap-webgui
mirror of https://github.com/billz/raspap-webgui.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #1326 from eldstal/master 

Input sanitization for wpa client, Fix for #1325
This commit is contained in:
Bill Zimmerman 2023-04-01 00:19:23 +02:00 committed by GitHub
parent 10738f5b7b db6bf4c6b4
commit ce7e84ec61
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
includes/configure_client.php
View File

@ -17,8 +17,12 @@ function DisplayWPAConfig()
if (isset($_POST['connect'])) {
$result = 0;
exec('sudo wpa_cli -i ' . $_SESSION['wifi_client_interface'] . ' select_network '.strval($_POST['connect']));
$status->addMessage('New network selected', 'success');
$iface = escapeshellarg($_SESSION['wifi_client_interface']);
$netid = escapeshellarg(strval($_POST['connect']));
if (is_numeric($netid)) {
exec('sudo wpa_cli -i ' . $iface . ' select_network ' . $netid);
$status->addMessage('New network selected', 'success');
}
} elseif (isset($_POST['wpa_reinit'])) {
$status->addMessage('Reinitializing wpa_supplicant', 'info', false);
$force_remove = true;