From: jdegraeve <jdegraeve@e36fee2c-cc09-0410-a7cc-ebac5c6737de>
Date: Wed, 31 May 2006 20:59:59 +0000 (+0000)
Subject: Add variable validation to the webgui and specific captive portal functions for per... 
X-Git-Url: https://git.gsnw.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=dec2ccf906044b9669e5f6526f24e1e9d80c396e;p=m0n0chwall.git

Add variable validation to the webgui and specific captive portal functions for per-user bandwidth. Add support for radius '0' (unlimited) speed value to override default bandwidth settings.

git-svn-id: https://svn.m0n0.ch/wall/trunk@141 e36fee2c-cc09-0410-a7cc-ebac5c6737de
---

diff --git a/captiveportal/index.php b/captiveportal/index.php
index dbe477b..cc6edfe 100755
--- a/captiveportal/index.php
+++ b/captiveportal/index.php
@@ -290,17 +290,17 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut
          */
         $peruserbw = isset($config['captiveportal']['peruserbw']);
 
-        $bw_up = !empty($attributes['bw_up']) ? trim($attributes['bw_up']) : $config['captiveportal']['bwdefaultup'];
-        $bw_down = !empty($attributes['bw_down']) ? trim($attributes['bw_down']) : $config['captiveportal']['bwdefaultdn'];
+        $bw_up = isset($attributes['bw_up']) ? trim($attributes['bw_up']) : $config['captiveportal']['bwdefaultup'];
+        $bw_down = isset($attributes['bw_down']) ? trim($attributes['bw_down']) : $config['captiveportal']['bwdefaultdn'];
 
-        if ($peruserbw && !empty($bw_up)) {
+        if ($peruserbw && !empty($bw_up) && is_numeric($bw_up)) {
             $bw_up_pipeno = $ruleno + 40500;
             exec("/sbin/ipfw add $ruleno set 2 pipe $bw_up_pipeno ip from $clientip to any in");
             exec("/sbin/ipfw pipe $bw_up_pipeno config bw {$bw_up}Kbit/s queue 100");
         } else {
             exec("/sbin/ipfw add $ruleno set 2 skipto 50000 ip from $clientip to any in");
         }
-        if ($peruserbw && !empty($bw_down)) {
+        if ($peruserbw && !empty($bw_down) && is_numeric($bw_down)) {
             $bw_down_pipeno = $ruleno + 45500;
             exec("/sbin/ipfw add $ruleno set 2 pipe $bw_down_pipeno ip from any to $clientip out");
             exec("/sbin/ipfw pipe $bw_down_pipeno config bw {$bw_down}Kbit/s queue 100");
diff --git a/webgui/services_captiveportal.php b/webgui/services_captiveportal.php
index bf56d73..c3f5133 100755
--- a/webgui/services_captiveportal.php
+++ b/webgui/services_captiveportal.php
@@ -123,6 +123,12 @@ if ($_POST) {
 	if ($_POST['idletimeout'] && (!is_numeric($_POST['idletimeout']) || ($_POST['idletimeout'] < 1))) {
 		$input_errors[] = "The idle timeout must be at least 1 minute.";
 	}
+	if ($_POST['bwdefaultdn'] && (!is_numeric($_POST['bwdefaultdn']) || ($_POST['bwdefaultdn'] < 16))) {
+		$input_errors[] = "The per-user bandwidth download speed must be at least 16.";
+	}
+	if ($_POST['bwdefaultup'] && (!is_numeric($_POST['bwdefaultup']) || ($_POST['bwdefaultup'] < 16))) {
+		$input_errors[] = "The per-user bandwidth upload speed must be at least 16.";
+	}
 	if (($_POST['radiusip'] && !is_ipaddr($_POST['radiusip']))) {
 		$input_errors[] = "A valid IP address must be specified. [".$_POST['radiusip']."]";
 	}