chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

[svn r15738] Fix security issue on Windows

Browse Source
skala
Yannick Warnier 17 years ago
parent c62c74e73d
commit 7680a36b87
1 changed files with 1 additions and 1 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      user_portal.php

2
user_portal.php
Unescape View File

@ -767,7 +767,7 @@ $announcement = isset($_GET['announcement']) ? $_GET['announcement'] : -1;
$visibility = api_is_allowed_to_create_course() ? VISIBLE_TEACHER : VISIBLE_STUDENT;
SystemAnnouncementManager :: display_announcements($visibility, $announcement);
if (!empty ($_GET['include']) && !strstr($_GET['include'], '/') && strstr($_GET['include'], '.html'))
if (!empty ($_GET['include']) && preg_match('/^[a-zA-Z0-9_-]*\.html$/'))
{
include ('./home/'.$_GET['include']);
$pageIncluded = true;

Write Preview
Loading…
Cancel
Save