From 593d7525aeeebc30670547d7662195cade9b09f2 Mon Sep 17 00:00:00 2001
From: Franco Fichtner <franco@opnsense.org>
Date: Sat, 28 Jan 2017 23:37:41 +0100
Subject: [PATCH] wizard: do not interpret passed values for #1359

---
 src/www/wizard.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/www/wizard.php b/src/www/wizard.php
index ab19047c1..b6fc6a910 100644
--- a/src/www/wizard.php
+++ b/src/www/wizard.php
@@ -197,7 +197,7 @@ function update_config_field($field, $updatetext, $unset, $arraynum, $field_type
 	if($field_type == "interfaces_selection") {
 		$var = "\$config{$field_conv}";
 		$text = "if (isset({$var})) unset({$var});";
-		$text .= "\$config" . $field_conv . " = \"" . $updatetext . "\";";
+		$text .= "\$config" . $field_conv . " = '" . addslashes($updatetext) . "';";
 		eval($text);
 		return;
 	}
@@ -206,7 +206,7 @@ function update_config_field($field, $updatetext, $unset, $arraynum, $field_type
 		$text = "unset(\$config" . $field_conv . ");";
 		eval($text);
 	}
-	$text = "\$config" . $field_conv . " = \"" . addslashes($updatetext) . "\";";
+	$text = "\$config" . $field_conv . " = '" . addslashes($updatetext) . "';";
 	eval($text);
 }
 
-- 
2.21.0