chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

[svn r15748] Improving filtering of included HTML files

Browse Source
skala
Yannick Warnier 18 years ago
parent d7f907cc0c
commit 3534b6f944
1 changed files with 3 additions and 3 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 6
      index.php

6
index.php
Unescape View File

@ -16,11 +16,11 @@
B-1030 Brussels - Belgium B-1030 Brussels - Belgium
Contact: info@dokeos.com Contact: info@dokeos.com
*/ */
/** /**
* @package dokeos.main * @package dokeos.main
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University, Refactoring * @author Patrick Cool <patrick.cool@UGent.be>, Ghent University, Refactoring
* @version $Id: index.php 15173 2008-04-29 17:29:11Z yannoo $ * @version $Id: index.php 15748 2008-07-08 21:10:31Z yannoo $
* @todo check the different @todos in this page and really do them * @todo check the different @todos in this page and really do them
* @todo check if the news management works as expected * @todo check if the news management works as expected
*/ */
@ -177,7 +177,7 @@ else
// Including the page for the news // Including the page for the news
$page_included = false; $page_included = false;
if (!empty ($_GET['include']) && !strstr($_GET['include'], '/') && !strstr($_GET['include'], '\\') && strstr($_GET['include'], '.html')) if (!empty ($_GET['include']) && preg_match('/^[a-zA-Z0-9_-]*\.html$/',$_GET['include']))
{ {
include ('./home/'.$_GET['include']); include ('./home/'.$_GET['include']);
$page_included = true; $page_included = true;

Write Preview
Loading…
Cancel
Save