diff --git a/src/www/vpn_ipsec.php b/src/www/vpn_ipsec.php index 6105226aa..9690a1db7 100644 --- a/src/www/vpn_ipsec.php +++ b/src/www/vpn_ipsec.php @@ -87,177 +87,86 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { clear_subsystem_dirty('ipsec'); } } - } elseif (isset($_POST['submit'])) { + } elseif (isset($_POST['save'])) { $config['ipsec']['enable'] = !empty($_POST['enable']) ? true : false; write_config(); vpn_ipsec_configure(); header("Location: vpn_ipsec.php"); exit; - } elseif (isset($_POST['del_x'])) { - /* delete selected p1 entries */ - if (isset($_POST['p1entry']) && count($_POST['p1entry'])) { - foreach ($_POST['p1entry'] as $p1entrydel) { - unset($config['ipsec']['phase1'][$p1entrydel]); - } - if (write_config()) { - mark_subsystem_dirty('ipsec'); - } - header("Location: vpn_ipsec.php"); - exit; + } elseif (!empty($_POST['act']) && $_POST['act'] == "delphase1" ) { + $del_items = array(); + if (isset($_POST['id']) && isset($config['ipsec']['phase1'][$_POST['id']])){ + $del_items[] = $_POST['id']; + } elseif (empty($_POST['id']) && isset($_POST['p1entry']) && count($_POST['p1entry'])) { + $del_items = $_POST['p1entry']; } - } elseif (isset($_POST['delp2_x'])) { - /* delete selected p2 entries */ - if (isset($_POST['p2entry']) && count($_POST['p2entry'])) { - foreach ($_POST['p2entry'] as $p2entrydel) { - unset($config['ipsec']['phase2'][$p2entrydel]); - } - if (write_config()) { - mark_subsystem_dirty('ipsec'); - } - header("Location: vpn_ipsec.php"); - exit; - } - } else { - // move, delete, toggle items by id. - // - /* yuck - IE won't send value attributes for image buttons, - while Mozilla does - so we use .x/.y to find move button clicks instead... */ - unset($delbtn, $delbtnp2, $movebtn, $movebtnp2, $togglebtn, $togglebtnp2); - foreach ($_POST as $pn => $pd) { - if (preg_match("/del_(\d+)_x/", $pn, $matches)) { - $delbtn = $matches[1]; - } elseif (preg_match("/delp2_(\d+)_x/", $pn, $matches)) { - $delbtnp2 = $matches[1]; - } elseif (preg_match("/move_(\d+)_x/", $pn, $matches)) { - $movebtn = $matches[1]; - } elseif (preg_match("/movep2_(\d+)_x/", $pn, $matches)) { - $movebtnp2 = $matches[1]; - } elseif (preg_match("/toggle_(\d+)_x/", $pn, $matches)) { - $togglebtn = $matches[1]; - } elseif (preg_match("/togglep2_(\d+)_x/", $pn, $matches)) { - $togglebtnp2 = $matches[1]; - } - } - $save = 1; - /* move selected p1 entries before this */ - if (isset($movebtn) && isset($_POST['p1entry']) && count($_POST['p1entry'])) { - $a_phase1_new = array(); - - /* copy all p1 entries < $movebtn and not selected */ - for ($i = 0; $i < $movebtn; $i++) { - if (!in_array($i, $_POST['p1entry'])) { - $a_phase1_new[] = $a_phase1[$i]; - } - } - - /* copy all selected p1 entries */ - for ($i = 0; $i < count($a_phase1); $i++) { - if ($i == $movebtn) { - continue; - } - if (in_array($i, $_POST['p1entry'])) { - $a_phase1_new[] = $a_phase1[$i]; - } - } - - /* copy $movebtn p1 entry */ - if ($movebtn < count($a_phase1)) { - $a_phase1_new[] = $a_phase1[$movebtn]; - } - - /* copy all p1 entries > $movebtn and not selected */ - for ($i = $movebtn+1; $i < count($a_phase1); $i++) { - if (!in_array($i, $_POST['p1entry'])) { - $a_phase1_new[] = $a_phase1[$i]; - } - } - if (count($a_phase1_new) > 0) { - $a_phase1 = $a_phase1_new; - } - - } elseif (isset($movebtnp2) && isset($_POST['p2entry']) && count($_POST['p2entry'])) { - /* move selected p2 entries before this */ - $a_phase2_new = array(); - - /* copy all p2 entries < $movebtnp2 and not selected */ - for ($i = 0; $i < $movebtnp2; $i++) { - if (!in_array($i, $_POST['p2entry'])) { - $a_phase2_new[] = $a_phase2[$i]; - } - } - - /* copy all selected p2 entries */ - for ($i = 0; $i < count($a_phase2); $i++) { - if ($i == $movebtnp2) { - continue; - } - if (in_array($i, $_POST['p2entry'])) { - $a_phase2_new[] = $a_phase2[$i]; - } - } - - /* copy $movebtnp2 p2 entry */ - if ($movebtnp2 < count($a_phase2)) { - $a_phase2_new[] = $a_phase2[$movebtnp2]; - } - - /* copy all p2 entries > $movebtnp2 and not selected */ - for ($i = $movebtnp2+1; $i < count($a_phase2); $i++) { - if (!in_array($i, $_POST['p2entry'])) { - $a_phase2_new[] = $a_phase2[$i]; - } - } - if (count($a_phase2_new) > 0) { - $a_phase2 = $a_phase2_new; - } - - } elseif (isset($togglebtn)) { - if (isset($a_phase1[$togglebtn]['disabled'])) { - unset($a_phase1[$togglebtn]['disabled']); - } else { - $a_phase1[$togglebtn]['disabled'] = true; - } - - } elseif (isset($togglebtnp2)) { - if (isset($a_phase2[$togglebtnp2]['disabled'])) { - unset($a_phase2[$togglebtnp2]['disabled']); - } else { - $a_phase2[$togglebtnp2]['disabled'] = true; - } - - } elseif (isset($delbtn)) { + foreach ($del_items as $p1entrydel) { /* remove static route if interface is not WAN */ - if ($a_phase1[$delbtn]['interface'] <> "wan") { - mwexec("/sbin/route delete -host {$a_phase1[$delbtn]['remote-gateway']}"); + if ($a_phase1[$p1entrydel]['interface'] <> "wan") { + mwexec('/sbin/route delete -host ' . escapeshellarg($a_phase1[$p1entrydel]['remote-gateway'])); } - /* remove all phase2 entries that match the ikeid */ - $ikeid = $a_phase1[$delbtn]['ikeid']; + $ikeid = $a_phase1[$p1entrydel]['ikeid']; foreach ($a_phase2 as $p2index => $ph2tmp) { if ($ph2tmp['ikeid'] == $ikeid) { unset($a_phase2[$p2index]); } } - - unset($a_phase1[$delbtn]); - - } elseif (isset($delbtnp2)) { - unset($a_phase2[$delbtnp2]); - - } else { - $save = 0; + unset($config['ipsec']['phase1'][$p1entrydel]); } - if ($save === 1) { - if (write_config()) { - mark_subsystem_dirty('ipsec'); + if (write_config()) { + mark_subsystem_dirty('ipsec'); + } + header("Location: vpn_ipsec.php"); + exit; + } elseif (!empty($_POST['act']) && $_POST['act'] == "delphase2" ) { + if (isset($_POST['id']) && isset($config['ipsec']['phase2'][$_POST['id']])){ + unset($config['ipsec']['phase2'][$_POST['id']]); + } elseif (empty($_POST['id']) && isset($_POST['p2entry']) && count($_POST['p2entry'])) { + foreach ($_POST['p2entry'] as $p1entrydel) { + unset($config['ipsec']['phase2'][$p1entrydel]); } } + if (write_config()) { + mark_subsystem_dirty('ipsec'); + } + header("Location: vpn_ipsec.php"); + exit; + } elseif (!empty($_POST['act']) && $_POST['act'] == "movep1" ) { + // move phase 1 records + if (isset($_POST['p1entry']) && count($_POST['p1entry']) > 0) { + // if rule not set/found, move to end + if (!isset($_POST['id']) || !isset($a_phase1[$_POST['id']])) { + $id = count($a_phase1); + } else { + $id = $_POST['id']; + } + $a_phase1 = legacy_move_config_list_items($a_phase1, $id, $_POST['p1entry']); + } + if (write_config()) { + mark_subsystem_dirty('ipsec'); + } + header("Location: vpn_ipsec.php"); + exit; + } elseif (!empty($_POST['act']) && $_POST['act'] == "movep2" ) { + // move phase 2 records + if (isset($_POST['p2entry']) && count($_POST['p2entry']) > 0) { + // if rule not set/found, move to end + if (!isset($_POST['id']) || !isset($a_phase2[$_POST['id']])) { + $id = count($a_phase2); + } else { + $id = $_POST['id']; + } + $a_phase2 = legacy_move_config_list_items($a_phase2, $id, $_POST['p2entry']); + } + if (write_config()) { + mark_subsystem_dirty('ipsec'); + } header("Location: vpn_ipsec.php"); exit; } - } // form data @@ -268,37 +177,132 @@ legacy_html_escape_form_data($pconfig); $shortcut_section = 'ipsec'; include("head.inc"); - ?> - - - -
-
-
-
- " . gettext("You must apply the changes in order for them to take effect.")); - } - ?> -
+ +
+
+
+" . gettext("You must apply the changes in order for them to take effect.")); + }?> +
+ + +
@@ -321,8 +325,7 @@ function show_phase2(id, buttonid) { $i = 0; foreach ($pconfig['phase1'] as $ph1ent) : ?> - + @@ -391,25 +394,24 @@ if (!empty($ph1ent['encryption-algorithm']['keylen'])) {   + @@ -516,26 +517,25 @@ if (!empty($ph2ent['hash-algorithm-option']) && is_array($ph2ent['hash-algorithm ?> @@ -585,23 +584,23 @@ endforeach; // $a_phase1 as $ph1ent
- " data-toggle="tooltip"> + title="" data-toggle="tooltip" data-placement="left">
- " data-toggle="tooltip"> + title="" data-toggle="tooltip" data-placement="left">
-
@@ -457,8 +459,7 @@ foreach ($pconfig['phase2'] as $ph2index => $ph2ent) : } ?> -
- " data-toggle="tooltip" + title="" data-toggle="tooltip" data-placement="left" alt="edit" class="btn btn-default btn-xs"> - " data-toggle="tooltip" + title="" data-toggle="tooltip" data-placement="left" alt="add" class="btn btn-default btn-xs"> @@ -551,24 +551,23 @@ endforeach; 0) : ?> - 0) : ?> - " class="btn btn-default btn-xs" - title="" data-toggle="tooltip"> + title="" data-toggle="tooltip" data-placement="left">
- + - " data-toggle="tooltip" + " data-toggle="tooltip" data-placement="left" alt="add" class="btn btn-default btn-xs"> @@ -615,16 +614,17 @@ endforeach; // $a_phase1 as $ph1ent
- " /> + " />
-
-
+ +
-
- + + +