interfaces: url_safe() redirects for #1168

15214186 · Franco Fichtner · 6d8de705 · 15214186 · 15214186 · 15214186
Commit 15214186 authored Oct 09, 2016 by Franco Fichtner
20 changed files
--- a/src/www/interfaces.php
+++ b/src/www/interfaces.php
@@ -336,7 +336,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
        $if = $_GET['if'];
    } else {
        // no interface provided, redirect to interface assignments
-        header("Location: interfaces_assign.php");
+        header(url_safe('Location: /interfaces_assign.php'));
        exit;
    }
@@ -535,7 +535,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
            }
        }
        @unlink('/tmp/.interfaces.apply');
-        header("Location: interfaces.php?if={$if}");
+        header(url_safe('Location: /interfaces.php?if=%s', array($if)));
        exit;
    } elseif (empty($pconfig['enable'])) {
        if (isset($a_interfaces[$if]['enable'])) {
@@ -556,7 +556,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
        $toapplylist[$if]['ppps'] = $a_ppps;
        /* we need to be able remove IP aliases for IPv6 */
        file_put_contents('/tmp/.interfaces.apply', serialize($toapplylist));
-        header("Location: interfaces.php?if={$if}");
+        header(url_safe('Location: /interfaces.php?if=%s', array($if)));
        exit;
    } else {
        // locate sequence in ppp list
@@ -1271,7 +1271,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
            mark_subsystem_dirty('interfaces');
-            header("Location: interfaces.php?if={$if}");
+            header(url_safe('Location: /interfaces.php?if=%s', array($if)));
            exit;
        }
    }

--- a/src/www/interfaces_assign.php
+++ b/src/www/interfaces_assign.php
@@ -134,7 +134,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        // if interface is already used, redirect.
        foreach (legacy_config_get_interfaces() as $ifname => $ifdata) {
            if ($ifdata['if'] == $_POST['if_add']) {
-                header("Location: interfaces_assign.php");
+                header(url_safe('Location: /interfaces_assign.php'));
                exit;
            }
        }
@@ -166,7 +166,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        }
        write_config();
-        header("Location: interfaces_assign.php");
+        header(url_safe('Location: /interfaces_assign.php'));
        exit;
    } elseif (!empty($_POST['id']) && !empty($_POST['action']) && $_POST['action'] == 'del' & !empty($config['interfaces'][$_POST['id']]) ) {
        // ** Delete interface **
@@ -216,8 +216,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
                unset($config['dhcpd']['wan']);
            }
            link_interface_to_vlans($realid, "update");
-            // redirect
+            header(url_safe('Location: /interfaces_assign.php'));
-            header("Location: interfaces_assign.php");
            exit;
        }
    } elseif (isset($_POST['Submit'])) {
@@ -326,8 +325,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
              filter_configure();
              enable_rrd_graphing();
          }
-          // redirect
+          header(url_safe('Location: /interfaces_assign.php'));
-          header("Location: interfaces_assign.php");
          exit;
        }
    }

--- a/src/www/interfaces_bridge.php
+++ b/src/www/interfaces_bridge.php
@@ -64,7 +64,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            }
            unset($a_bridges[$id]);
            write_config();
-            header("Location: interfaces_bridge.php");
+            header(url_safe('Location: /interfaces_bridge.php'));
            exit;
        }
    }

--- a/src/www/interfaces_bridge_edit.php
+++ b/src/www/interfaces_bridge_edit.php
@@ -205,7 +205,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
            if ($confif <> "") {
                interface_configure($confif);
            }
-            header("Location: interfaces_bridge.php");
+            header(url_safe('Location: /interfaces_bridge.php'));
            exit;
        }
    }

--- a/src/www/interfaces_gif.php
+++ b/src/www/interfaces_gif.php
@@ -57,7 +57,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            mwexec("/sbin/ifconfig " . escapeshellarg($a_gifs[$id]['gifif']) . " destroy");
            unset($a_gifs[$id]);
            write_config();
-            header("Location: interfaces_gif.php");
+            header(url_safe('Location: /interfaces_gif.php'));
            exit;
        }
    }

--- a/src/www/interfaces_gif_edit.php
+++ b/src/www/interfaces_gif_edit.php
@@ -137,7 +137,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
            if ($confif <> "") {
                interface_configure($confif);
            }
-            header("Location: interfaces_gif.php");
+            header(url_safe('Location: /interfaces_gif.php'));
            exit;
        }
    }

--- a/src/www/interfaces_gre.php
+++ b/src/www/interfaces_gre.php
@@ -58,7 +58,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            mwexec("/sbin/ifconfig " . escapeshellarg($a_gres[$id]['greif']) . " destroy");
            unset($a_gres[$id]);
            write_config();
-            header("Location: interfaces_gre.php");
+            header(url_safe('Location: /interfaces_gre.php'));
            exit;
        }
    }

--- a/src/www/interfaces_gre_edit.php
+++ b/src/www/interfaces_gre_edit.php
@@ -111,7 +111,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
            if ($confif <> "") {
                interface_configure($confif);
            }
-            header("Location: interfaces_gre.php");
+            header(url_safe('Location: /interfaces_gre.php'));
            exit;
        }
    }

--- a/src/www/interfaces_groups.php
+++ b/src/www/interfaces_groups.php
@@ -52,7 +52,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        }
        unset($a_ifgroups[$id]);
        write_config();
-        header("Location: interfaces_groups.php");
+        header(url_safe('Location: /interfaces_groups.php'));
        exit;
    }
 }

--- a/src/www/interfaces_groups_edit.php
+++ b/src/www/interfaces_groups_edit.php
@@ -126,7 +126,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
      }
      write_config();
      interface_group_setup($ifgroupentry);
-      header("Location: interfaces_groups.php");
+      header(url_safe('Location: /interfaces_groups.php'));
      exit;
    }
 }

--- a/src/www/interfaces_lagg.php
+++ b/src/www/interfaces_lagg.php
@@ -68,7 +68,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            mwexec_bg("/sbin/ifconfig " . escapeshellarg($a_laggs[$id]['laggif']) . " destroy");
            unset($a_laggs[$id]);
            write_config();
-            header("Location: interfaces_lagg.php");
+            header(url_safe('Location: /interfaces_lagg.php'));
            exit;
        }
    }

--- a/src/www/interfaces_lagg_edit.php
+++ b/src/www/interfaces_lagg_edit.php
@@ -147,7 +147,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
            if ($confif <> "") {
                interface_configure($confif);
            }
-            header("Location: interfaces_lagg.php");
+            header(url_safe('Location: /interfaces_lagg.php'));
            exit;
        }
    }

--- a/src/www/interfaces_ppps.php
+++ b/src/www/interfaces_ppps.php
@@ -59,7 +59,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        } else {
            unset($a_ppps[$id]);
            write_config();
-            header("Location: interfaces_ppps.php");
+            header(url_safe('Location: /interfaces_ppps.php'));
            exit;
        }
    }

--- a/src/www/interfaces_ppps_edit.php
+++ b/src/www/interfaces_ppps_edit.php
@@ -251,7 +251,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
          if ($config['interfaces'][$pppif]['if'] == $ppp['if'])
            interface_ppps_configure($pppif);
        }
-        header("Location: interfaces_ppps.php");
+        header(url_safe('Location: /interfaces_ppps.php'));
        exit;
    }
 }

--- a/src/www/interfaces_qinq.php
+++ b/src/www/interfaces_qinq.php
@@ -73,7 +73,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            write_config();
-            header("Location: interfaces_qinq.php");
+            header(url_safe('Location: /interfaces_qinq.php'));
            exit;
        }
    }

--- a/src/www/interfaces_qinq_edit.php
+++ b/src/www/interfaces_qinq_edit.php
@@ -119,7 +119,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
        }
        write_config();
-        header("Location: interfaces_qinq.php");
+        header(url_safe('Location: /interfaces_qinq.php'));
        exit;
      }
 }

--- a/src/www/interfaces_vlan.php
+++ b/src/www/interfaces_vlan.php
@@ -61,7 +61,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            }
            unset($a_vlans[$id]);
            write_config();
-            header("Location: interfaces_vlan.php");
+            header(url_safe('Location: /interfaces_vlan.php'));
            exit;
          }
    }

--- a/src/www/interfaces_vlan_edit.php
+++ b/src/www/interfaces_vlan_edit.php
@@ -132,7 +132,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
            if ($confif <> "") {
                interface_configure($confif);
            }
-            header("Location: interfaces_vlan.php");
+            header(url_safe('Location: /interfaces_vlan.php'));
            exit;
        }
    }

--- a/src/www/interfaces_wireless.php
+++ b/src/www/interfaces_wireless.php
@@ -58,7 +58,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            unset($a_clones[$_POST['id']]);
            write_config();
-            header("Location: interfaces_wireless.php");
+            header(url_safe('Location: /interfaces_wireless.php'));
            exit;
        }
    }

--- a/src/www/interfaces_wireless_edit.php
+++ b/src/www/interfaces_wireless_edit.php
@@ -121,7 +121,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
                });
                write_config();
-                header("Location: interfaces_wireless.php");
+                header(url_safe('Location: /interfaces_wireless.php'));
                exit;
            }
        }