Skip to content

Commit

Permalink
Merge pull request #1326 from eldstal/master
Browse files Browse the repository at this point in the history
Input sanitization for wpa client, Fix for #1325
  • Loading branch information
billz committed Mar 31, 2023
2 parents 10738f5 + db6bf4c commit ce7e84e
Showing 1 changed file with 6 additions and 2 deletions.
8 changes: 6 additions & 2 deletions includes/configure_client.php
Original file line number Diff line number Diff line change
Expand Up @@ -17,8 +17,12 @@ function DisplayWPAConfig()

if (isset($_POST['connect'])) {
$result = 0;
exec('sudo wpa_cli -i ' . $_SESSION['wifi_client_interface'] . ' select_network '.strval($_POST['connect']));
$status->addMessage('New network selected', 'success');
$iface = escapeshellarg($_SESSION['wifi_client_interface']);
$netid = escapeshellarg(strval($_POST['connect']));
if (is_numeric($netid)) {
exec('sudo wpa_cli -i ' . $iface . ' select_network ' . $netid);
$status->addMessage('New network selected', 'success');
}
} elseif (isset($_POST['wpa_reinit'])) {
$status->addMessage('Reinitializing wpa_supplicant', 'info', false);
$force_remove = true;
Expand Down

0 comments on commit ce7e84e

Please sign in to comment.