security patches for PHP files that display results from postgreSQL database

2013-08-15
2013-08-15
  • We are going to use this nice piece of software on our pfSense routers to monitor bandwidth consumption by IP address. As our pfSense boxes have to less memory we decided to use the possibility to put the data on a external postgreSQL database.

    But I found the php files for showing the graphs to be quite insecure as the $_GET variables were not sanitized. So I've added some fixes and published them on GitHub

    If somebody has write access to this project please feel free to reintegrate my changes to the main project.

    There are also a lot of fixes that caused PHP Warnings. e.g. division by zero