Skip to content

O
OpnSense
Commit 08d56e23 authored by Ad Schellevis's avatar Ad Schellevis Committed by Franco Fichtner
Browse files
Options

(captive portal) cleanse groupname, closes https://github.com/opnsense/core/issues/730 

(cherry picked from commit 08663618)
parent c403ee51
Show whitespace changes
Inline Side-by-side
Showing with 7 additions and 2 deletions
src/opnsense/mvc/app/controllers/OPNsense/CaptivePortal/Api/VoucherController.php
View file @ 08d56e23
......@@ -121,8 +121,11 @@ class VoucherController extends ApiControllerBase
$count = $this->request->getPost('count', 'int', 0);
$validity = $this->request->getPost('validity', 'int', 0);
$vouchergroup = $this->request->getPost('vouchergroup', 'striptags', '---');
// remove characters which are known to provide issues when using in the url
foreach (array("&", "#") as $skip_chars) {
$vouchergroup = str_replace($skip_chars, "", $vouchergroup);
}
if ($count > 0 && $count <= 10000 && $validity > 0) {
$response['status'] = 'created';
return $auth->generateVouchers($vouchergroup, $count, $validity);
}
}
......
src/opnsense/mvc/app/views/OPNsense/CaptivePortal/vouchers.volt
View file @ 08d56e23
......@@ -199,6 +199,7 @@ POSSIBILITY OF SUCH DAMAGE.
// remove previous link
$('#downloadFile').remove();
}
$('<a></a>')
.attr('id','downloadFile')
.attr('href','data:text/csv;charset=utf8,' + encodeURIComponent(output_data))
......@@ -209,10 +210,11 @@ POSSIBILITY OF SUCH DAMAGE.
$('#downloadFile').get(0).click();
});
$("#generateVouchers").modal('hide')
$("#generateVouchers").modal('hide');
// reload grid after creating new vouchers
updateVoucherGroupList();
});
});
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023