(captiveportal) limit the max vouchers per call, closes https://github.com/opnsense/core/issues/722

(cherry picked from commit 0c8f5737)

(captiveportal) limit the max vouchers per call, closes https://github.com/opnsense/core/issues/722
(cherry picked from commit 0c8f5737)
2bd0a85c · Ad Schellevis · Franco Fichtner · ee259440 · 2bd0a85c
Commit 2bd0a85c authored Jan 29, 2016 by Ad Schellevis Committed by Franco Fichtner Jan 31, 2016
Show whitespace changes
Inline Side-by-side

Showing with 4 additions and 2 deletions

VoucherController.php ...trollers/OPNsense/CaptivePortal/Api/VoucherController.php +4 -2

No files found.
--- a/src/opnsense/mvc/app/controllers/OPNsense/CaptivePortal/Api/VoucherController.php
+++ b/src/opnsense/mvc/app/controllers/OPNsense/CaptivePortal/Api/VoucherController.php
@@ -113,6 +113,7 @@ class VoucherController extends ApiControllerBase
     */
    public function generateVouchersAction($provider)
    {
+        $response = array("status" => "error");
        if ($this->request->isPost()) {
            $authFactory = new AuthenticationFactory();
            $auth = $authFactory->get($provider);
@@ -120,11 +121,12 @@ class VoucherController extends ApiControllerBase
                $count = $this->request->getPost('count', 'int', 0);
                $validity = $this->request->getPost('validity', 'int', 0);
                $vouchergroup = $this->request->getPost('vouchergroup', 'striptags', '---');
-                if ($count > 0 && $validity > 0) {
+                if ($count > 0 && $count <= 10000 && $validity > 0) {
+                    $response['status'] = 'created';
                    return $auth->generateVouchers($vouchergroup, $count, $validity);
                }
            }
        }
-        return array();
+        return $response;
    }
 }